diff options
Diffstat (limited to 'thread.php')
| -rw-r--r-- | thread.php | 139 |
1 files changed, 48 insertions, 91 deletions
@@ -2,109 +2,66 @@ <?php include_once 'includes/db_inc.php'; +include_once 'includes/functions_display.php'; -function add_quote($dbc, $thread_id, $matches) { - foreach ($matches as $match) { - $id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT) - 1; - $sql = "SELECT post_content, post_author, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . $thread_id . " LIMIT 1 OFFSET " . $id; - $result = mysqli_query($dbc, $sql); - - if (!$result) { - return '<blockquote></blockquote>'; - } - - $reply = mysqli_fetch_assoc($result); - - if (empty($reply)) { - return '<blockquote>Invalid quote!</blockquote>'; - } - - $id = $id + 1; +if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) { + echo '<section>Unknown category.</section>'; +} else { + $sql = "SELECT thread_id, thread_subject, thread_date, user_id, user_name FROM threads LEFT JOIN users ON thread_author = user_id WHERE thread_id = " . mysqli_real_escape_string($dbc, $_GET['id']); + $result = mysqli_query($dbc, $sql); - return '<blockquote><a href="#' . $id .'">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>'; + if (!$result) { + die('Error trying to display thread page: ' . mysqli_error($dbc)); } -} - -$sql = "SELECT thread_id, thread_subject, thread_date, user_id, user_name FROM threads LEFT JOIN users ON thread_author = user_id WHERE thread_id = " . mysqli_real_escape_string($dbc, $_GET['id']); -$result = mysqli_query($dbc, $sql); - -if (!$result) { - die('Error trying to display thread page: ' . mysqli_error($dbc)); -} -if (mysqli_num_rows($result) == 0) { - echo 'This thread does not exist'; -} else { - while ($row = mysqli_fetch_assoc($result)) { - echo '<section><h1>' . $row['thread_subject'] . '</h1>'; - echo 'Created by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>'; - $thread_id = $row['thread_id']; + if (mysqli_num_rows($result) == 0) { + echo 'This thread does not exist'; + } else { + while ($row = mysqli_fetch_assoc($result)) { + echo '<section><h1>' . $row['thread_subject'] . '</h1>'; + echo 'Created by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a> on ' . date('M d, Y', strtotime($row['thread_date'])) . '</section>'; + $thread_id = $row['thread_id']; + } } -} -echo '</section>'; + echo '</section>'; -mysqli_free_result($result); + mysqli_free_result($result); -$sql = "SELECT post_id, post_content, post_date, post_author, user_id, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . mysqli_real_escape_string($dbc, $_GET['id']); -$result = mysqli_query($dbc, $sql); + $sql = "SELECT post_id, post_content, post_date, post_author, user_id, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . mysqli_real_escape_string($dbc, $_GET['id']); + $result = mysqli_query($dbc, $sql); -if (!$result) { - die('Error trying to display posts: ' . mysqli_error($dbc)); -} - -if (mysqli_num_rows($result) == 0) { - echo '<section>This thread has no posts</section>'; -} else { - echo '<table>'; - $post_index = 1; - $thread_id = $_GET['id']; - - while ($row = mysqli_fetch_assoc($result)) { - echo '<tr><th></th><th>' . $post_index . '</th></tr>'; - echo '<tr class="post" id=' . $post_index . '><td>Posted by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>'; - - $post_content = $row['post_content']; - - $post_content = preg_replace_callback('/>#\d+/', function($matches) use($thread_id, $dbc) { - return add_quote($dbc, $thread_id, $matches); - }, $post_content); - - $post_content = preg_replace( - "/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i", - '<br><iframe class="youtube-embed" src="//www.youtube.com/embed/$2" allowfullscreen></iframe>', $post_content); - - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+(?:\.jpg|\.png|\.gif))(?![^<]*?(?:</\w+>|/?>))@i', '<img class="image-embed" src="http$2://$3" alt="http$2://$3" />', $post_content); - //$post_content = preg_replace('/^>/', '<span class="greentext">garb</span>', $post_content); - $post_content = preg_replace('@\b(http(s)?://)([^\s]*?(?:\.[a-z\d?=/_-]+)+)(?![^<]*?(?:</\w+>|/?>))@i', '<a href="http$2://$3">$0</a>', $post_content); - - echo '<td class="post-content">' . $post_content . '</td></tr>'; - - $post_index++; + if (!$result) { + die('Error trying to display posts: ' . mysqli_error($dbc)); } - echo '</table>'; -} -mysqli_free_result($result); + if (mysqli_num_rows($result) == 0) { + echo '<section>This thread has no posts</section>'; + } else { + display_posts($dbc, $result); + } -if (isset($_SESSION['signed_in'])) { - echo ' - <section> - <form action="includes/reply_inc.php?reply_to=' . $thread_id .'" method="post"> - <h2>Reply to this thread</h2> - <i>Quote a post with ># and the number above the post (example: >#7)</i> - <textarea name="reply_content"></textarea> - <br> - <input type="submit" name="submit"> - </form> - </section> - '; -} else { - echo ' - <section> - <a href="signin.php">Sign in</a> to reply to this thread</a> - </section> - '; + mysqli_free_result($result); + + if (isset($_SESSION['signed_in'])) { + echo ' + <section> + <form action="includes/reply_inc.php?reply_to=' . $thread_id .'" method="post"> + <h2>Reply to this thread</h2> + <i>Quote a post with ># and the number above the post (example: >#7)</i> + <textarea name="reply_content"></textarea> + <br> + <input type="submit" name="submit"> + </form> + </section> + '; + } else { + echo ' + <section> + <a href="signin.php">Sign in</a> to reply to this thread</a> + </section> + '; + } } include_once 'footer.php'; |