diff options
Diffstat (limited to 'reply.php')
| -rw-r--r-- | reply.php | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/reply.php b/reply.php new file mode 100644 index 0000000..051aaa4 --- /dev/null +++ b/reply.php @@ -0,0 +1,30 @@ +<?php + +include 'header.php'; +include_once 'connect.php'; + +if ($_SERVER['REQUEST_METHOD'] != 'POST') { + echo 'This file cannot be called directly.'; +} else { + if (!isset($_SESSION['signed_in'])) { + echo 'You must be signed in to reply to a topic.'; + } else { + $sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES( + '" . mysqli_real_escape_string($dbc, $_POST['reply_content']) . "', + NOW(), + " . mysqli_real_escape_string($dbc, $_GET['reply_to']) . ", + " . $_SESSION['user_id'] . ")"; + + $result = mysqli_query($dbc, $sql); + + if (!$result) { + echo 'An error occurred trying to reply to the post.' . mysqli_error($dbc); + } else { + echo 'Your reply has been saved, check out <a href="topic.php?id=' . $_GET['reply_to'] . '">the topic</a>.'; + } + } +} + +include 'footer.php'; + +?>
\ No newline at end of file |