diff options
Diffstat (limited to 'create_topic.php')
| -rw-r--r-- | create_topic.php | 102 |
1 files changed, 28 insertions, 74 deletions
diff --git a/create_topic.php b/create_topic.php index 9eab942..2953646 100644 --- a/create_topic.php +++ b/create_topic.php @@ -1,90 +1,44 @@ <?php -include 'header.php'; -include_once 'connect.php'; +include_once 'header.php'; echo '<section><h2>Create a new topic</h2>'; if (!isset($_SESSION['signed_in'])) { - echo 'You must be <a href="signin.php">signed in</a> to create a topic.'; -} else { - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $sql = "SELECT cat_id, cat_name, cat_description FROM categories"; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'Error while selecting from database. Please try again later.'; - } else { - if (mysqli_num_rows($result) == 0) { - echo 'There are currently no categories to post to.'; - } else { - echo ' - <form action="" method="post"> - <label for="topic_subject">Subject: </label><br> - <input type="text" name="topic_subject"><br> - <label for="topic_cat">Category: </label><br> - <select name="topic_cat">'; + die('You must be <a href="signin.php">signed in</a> to create a topic.'); +} +?> + +<form action="includes/topic_inc.php" method="post"> + <label for="topic_subject">Subject: </label><br> + <input type="text" name="topic_subject"><br> + <label for="topic_cat">Category: </label><br> + <select name="topic_cat">'; + <?php + include_once 'includes/db_inc.php'; - while ($row = mysqli_fetch_assoc($result)) { - echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>'; - } - - echo ' - </select><br> - <label for="post_content">Write your post: </label><br> - <textarea name="post_content"></textarea><br> - <input type="submit" name="submit"> - </form> - '; - } - } - } else { - $sql = "BEGIN WORK;"; + $sql = "SELECT cat_id, cat_name, cat_description FROM categories"; $result = mysqli_query($dbc, $sql); if (!$result) { - echo 'An error occurred creating your topic. Try again later'; - } else { - $sql = "INSERT INTO topics(topic_subject, topic_date, topic_cat, topic_author) VALUES( - '" . mysqli_real_escape_string($dbc, $_POST['topic_subject']) . "', - NOW(), - " . mysqli_real_escape_string($dbc, $_POST['topic_cat']) . ", - " . $_SESSION['user_id'] .")"; + die('Error trying to fetch category list: ' . mysqli_error($dbc)); + } - $result = mysqli_query($dbc, $sql); + if (mysqli_num_rows($result) == 0) { + die('There are currently no categories to post to.'); + } - if (!$result) { - echo 'An error occured while creating your post. Please try again later.' . mysql_error(); - $sql = "ROLLBACK;"; - mysqli_query($dbc, $sql); - } else { - $topic_id = mysqli_insert_id($dbc); - - $sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES( - '" . mysqli_real_escape_string($dbc, $_POST['post_content']) . "', - NOW(), - " . $topic_id . ", - " . $_SESSION['user_id'] . ")"; - - $result = mysqli_query($dbc, $sql); - - if (!$result) { - echo 'An error occured while creating your post. Please try again later.' . mysqli_error($dbc); - $sql = "ROLLBACK;"; - mysqli_query($dbc, $sql); - } else { - $sql = "COMMIT;"; - $result = mysqli_query($dbc, $sql); - - echo 'You have successfully created <a href="topic.php?id='. $topic_id . '">your new topic</a>.'; - } - } + while ($row = mysqli_fetch_assoc($result)) { + echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>'; } - } -} - -echo '</section>'; + ?> + </select><br> + <label for="post_content">Write your post: </label><br> + <textarea name="post_content"></textarea><br> + <input type="submit" name="submit"> +</form> +</section> +<?php include 'footer.php'; - ?>
\ No newline at end of file |