<?php $pdo = new PDO('mysql:host=%DB_SERVER%;dbname=%DB_NAME%', '%DB_USERNAME%', '%DB_PASSWORD%'); $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc"); $statement->execute(array("bid"=>$id)); foreach($statement->fetchAll() as $ROW) { $statement = $pdo->prepare("SELECT * FROM users WHERE id=:uid"); $statement->execute(array("uid"=>$ROW[user_id])); $post_creator = $statement->fetch(); $post_title = htmlspecialchars($ROW['title']); $post_creator_name = htmlspecialchars($post_creator['name']); $post_time = htmlspecialchars($ROW['post_time']); $post_content = htmlspecialchars($ROW['content']); // add line breaks to post content, to be replaced with proper makrdown support in the future (see #44) $newlines = array("\r\n", "\n\r", "\r", "\n"); // two-character newlines first to prevent placing two line breaks instead of one $post_content = str_replace($newlines, "<br />", $post_content); echo "<section> <h1>$post_title</h1> <article> <header> <div> <p class='beige'> $post_creator_name <time datetime='$post_time'>$post_time</time></p> </div> </header> <div class='postcontent'> <p>$post_content</p> </div> </article> </section>"; } ?>