threadr.lostcave.ddnss.de/threadr/board/board.php

<?php
%REQUIRE_LOGIN%
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$error = false;
$error_message = "";
if (!$error) {
  $statement = $pdo->prepare("SELECT * FROM posts WHERE board_id=:bid ORDER BY post_time asc");
  $statement->execute(array("bid"=>$id));
  foreach($statement->fetchAll() as $ROW) {
    $error = false;
    $error_message = "";
    if (!$error) {
      $statement = $pdo->prepare("SELECT * FROM users WHERE id=:uid");
      $statement->execute(array("uid"=>$ROW[user_id]));
      $post_user = $statement->fetch();
    }
    if (!$result) {
      $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
    }
    echo "<section>";
    echo "<h1>$ROW[title]</h1>";
    echo "<article>";
    echo "<header>";
    echo "<div>";
    echo "<p class='beige'>$post_user[name] <time datetime='$ROW[post_time]'>$ROW[post_time]</time></p>";
    echo "</div>";
    echo "</header>";
    echo "<div class='postcontent'>";
    echo "<p>$ROW[content]</p>";
    echo "</div>";
    echo "</article>";
    echo "</section>";
  }
}
if (!$result) {
  $error_message = "Error: SQL error.\n" . $statement->queryString . "\n" . $statement->errorInfo()[2];
}
?>