diff options
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/register_inc.php | 0 | ||||
| -rw-r--r-- | includes/reply_inc.php | 14 | ||||
| -rw-r--r-- | includes/topic_inc.php | 47 |
3 files changed, 51 insertions, 10 deletions
diff --git a/includes/register_inc.php b/includes/register_inc.php new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/includes/register_inc.php diff --git a/includes/reply_inc.php b/includes/reply_inc.php index 7f53fce..480c651 100644 --- a/includes/reply_inc.php +++ b/includes/reply_inc.php @@ -3,6 +3,7 @@ session_start(); include_once 'db_inc.php'; +include_once 'functions_inc.php'; if ($_SERVER['REQUEST_METHOD'] != 'POST') { die('This file cannot be called directly.'); @@ -19,15 +20,8 @@ if (!mysqli_stmt_prepare($stmt, $sql)) { die('Failed to process statement: ' . mysqli_error($dbc)); } -mysqli_stmt_bind_param($stmt, "sii", $_POST['post_content'], $_GET['reply_to'], $_SESSION['user_id']); +mysqli_stmt_bind_param($stmt, "sii", $_POST['reply_content'], $_GET['reply_to'], $_SESSION['user_id']); mysqli_stmt_execute($stmt); +mysqli_stmt_close($stmt); -$result = mysqli_stmt_get_result($stmt); - -if (!$result) { - echo 'An error occurred trying to reply to the post. ' . mysqli_error($dbc); -} else { - echo 'Your reply has been saved, check out <a href="topic.php?id=' . $_GET['reply_to'] . '">the topic</a>.'; -} - -//header("Location: ../topic.php?id=" . $_GET['reply_to']);
\ No newline at end of file +header("Location: ../topic.php?id=" . $_GET['reply_to']);
\ No newline at end of file diff --git a/includes/topic_inc.php b/includes/topic_inc.php new file mode 100644 index 0000000..c16a4e0 --- /dev/null +++ b/includes/topic_inc.php @@ -0,0 +1,47 @@ +<?php + +include_once 'db_inc.php'; + +session_start(); + +$sql = "BEGIN WORK;"; +$result = mysqli_query($dbc, $sql); + +if (!$result) { + echo 'An error occurred creating your topic. Try again later'; +} + +$sql = "INSERT INTO topics(topic_subject, topic_date, topic_cat, topic_author) VALUES( +'" . mysqli_real_escape_string($dbc, $_POST['topic_subject']) . "', +NOW(), +" . mysqli_real_escape_string($dbc, $_POST['topic_cat']) . ", +" . $_SESSION['user_id'] .")"; + +$result = mysqli_query($dbc, $sql); + +if (!$result) { + echo 'An error occured while creating your post. Please try again later.' . mysql_error(); + $sql = "ROLLBACK;"; + mysqli_query($dbc, $sql); +} else { + $topic_id = mysqli_insert_id($dbc); + + $sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES( + '" . mysqli_real_escape_string($dbc, $_POST['post_content']) . "', + NOW(), + " . $topic_id . ", + " . $_SESSION['user_id'] . ")"; + + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'An error occured while creating your post. Please try again later.' . mysqli_error($dbc); + $sql = "ROLLBACK;"; + mysqli_query($dbc, $sql); + } else { + $sql = "COMMIT;"; + $result = mysqli_query($dbc, $sql); + } +} + +header("Location: ../topic.php?id=" . $topic_id);
\ No newline at end of file |