Compare commits

...

3 Commits

Author SHA1 Message Date
BodgeMaster 99790ecb21 added an error message for empty posts 2021-09-05 07:33:49 +02:00
BodgeMaster e03503cf1b prevent posting empty posts 2021-09-05 07:30:22 +02:00
BodgeMaster 3b4d80c755 made submit output more reflective of what is actually going on 2021-09-05 07:24:26 +02:00
2 changed files with 17 additions and 13 deletions

View File

@ -55,9 +55,6 @@ $id=$_GET['id'];
if($_GET['action']=='post') {
include("./post.php");
} elseif($_GET['action']=='submit') {
$user_id=$_SESSION[user_id];
$title=$_POST['title'];
$content=$_POST['content'];
include("./submit.php");
} elseif($_GET['action']=='edit') {
include("./edit.php");

View File

@ -1,15 +1,22 @@
<?php
%REQUIRE_LOGIN%
$error = false;
$error_message = "";
if (!$error) {
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
$result = $statement->execute(array('bid'=>$id, 'uid'=>$user_id, 'content'=>$content, 'title'=>$title));
}
if (!$result) {
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
$title=$_POST['title'];
$content=$_POST['content'];
if ($title==="" || $content==="") {
echo "<section><center><h1>Please fill out both the title field and content box.</h1></center></section>";
}
else {
$error = false;
$error_message = "";
if (!$error) {
$statement = $pdo->prepare("INSERT INTO posts (board_id, user_id, content, title) VALUES (:bid, :uid, :content, :title)");
$result = $statement->execute(array('bid'=>$id, 'uid'=>$_SESSION[user_id], 'content'=>$content, 'title'=>$title));
}
if (!$result) {
$error_message = "<p>Error: SQL error.</p><pre>" . $statement->queryString . "</pre><pre>" . $statement->errorInfo()[2] . "</pre>";
}
echo "<section><center><h1>Submitting your post...</h1></center></section>";
?>
echo "<section><center><h1>Post submitted.</h1></center></section>";
}
?>