diff options
Diffstat (limited to 'thread.php')
| -rw-r--r-- | thread.php | 30 |
1 files changed, 29 insertions, 1 deletions
@@ -30,5 +30,33 @@ if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) { $post->display_content(); } ?> + <hr> + <h2>Reply to this thread</h2> + <form method="post"> + <textarea name="post_content" rows="10" cols="50"></textarea> + <br> + <input type="submit" name="submit"> + </form> </body> -</html>
\ No newline at end of file +</html> +<?php +include_once 'includes/db_inc.php'; +include_once 'includes/functions_insert.php'; + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if (!isset($_SESSION['signed_in'])) { + echo 'You must be <a href="signin.php">signed in</a> to reply to this thread.'; + return; + } + + $post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING); + $user_id = filter_var($_SESSION['user_id'], FILTER_SANITIZE_NUMBER_INT); + + if (empty($post_content) or !$post_content) { + echo 'Thread subject cannot be empty'; + } else { + insert_post($dbc, $post_content, $current->id, $user_id, $current->category->id); + } +} + +?>
\ No newline at end of file |