diff options
| author | Cflip <36554078+cflip@users.noreply.github.com> | 2021-01-22 20:45:43 -0700 |
|---|---|---|
| committer | Cflip <36554078+cflip@users.noreply.github.com> | 2021-01-22 20:45:43 -0700 |
| commit | df49a36e140acc211fdc31480d40281404110310 (patch) | |
| tree | 3a25af561ed3703ad5df8cf90d9f56d8824f7a4f /create_topic.php | |
Inital commit with existing code
Diffstat (limited to 'create_topic.php')
| -rw-r--r-- | create_topic.php | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/create_topic.php b/create_topic.php new file mode 100644 index 0000000..9eab942 --- /dev/null +++ b/create_topic.php @@ -0,0 +1,90 @@ +<?php + +include 'header.php'; +include_once 'connect.php'; + +echo '<section><h2>Create a new topic</h2>'; + +if (!isset($_SESSION['signed_in'])) { + echo 'You must be <a href="signin.php">signed in</a> to create a topic.'; +} else { + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $sql = "SELECT cat_id, cat_name, cat_description FROM categories"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'Error while selecting from database. Please try again later.'; + } else { + if (mysqli_num_rows($result) == 0) { + echo 'There are currently no categories to post to.'; + } else { + echo ' + <form action="" method="post"> + <label for="topic_subject">Subject: </label><br> + <input type="text" name="topic_subject"><br> + <label for="topic_cat">Category: </label><br> + <select name="topic_cat">'; + + while ($row = mysqli_fetch_assoc($result)) { + echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>'; + } + + echo ' + </select><br> + <label for="post_content">Write your post: </label><br> + <textarea name="post_content"></textarea><br> + <input type="submit" name="submit"> + </form> + '; + } + } + } else { + $sql = "BEGIN WORK;"; + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'An error occurred creating your topic. Try again later'; + } else { + $sql = "INSERT INTO topics(topic_subject, topic_date, topic_cat, topic_author) VALUES( + '" . mysqli_real_escape_string($dbc, $_POST['topic_subject']) . "', + NOW(), + " . mysqli_real_escape_string($dbc, $_POST['topic_cat']) . ", + " . $_SESSION['user_id'] .")"; + + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'An error occured while creating your post. Please try again later.' . mysql_error(); + $sql = "ROLLBACK;"; + mysqli_query($dbc, $sql); + } else { + $topic_id = mysqli_insert_id($dbc); + + $sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES( + '" . mysqli_real_escape_string($dbc, $_POST['post_content']) . "', + NOW(), + " . $topic_id . ", + " . $_SESSION['user_id'] . ")"; + + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'An error occured while creating your post. Please try again later.' . mysqli_error($dbc); + $sql = "ROLLBACK;"; + mysqli_query($dbc, $sql); + } else { + $sql = "COMMIT;"; + $result = mysqli_query($dbc, $sql); + + echo 'You have successfully created <a href="topic.php?id='. $topic_id . '">your new topic</a>.'; + } + } + } + } +} + +echo '</section>'; + +include 'footer.php'; + +?>
\ No newline at end of file |