diff options
Diffstat (limited to 'viewthread.php')
| -rw-r--r-- | viewthread.php | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/viewthread.php b/viewthread.php new file mode 100644 index 0000000..f784e40 --- /dev/null +++ b/viewthread.php @@ -0,0 +1,70 @@ +<?php +include_once 'includes/db_inc.php'; +include_once 'model/Thread.php'; + +session_start(); + +$current = new Thread(); + +if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) { + http_response_code(404); + include_once 'templates/404.php'; + die(); +} else { + $result = $current->get_from_database($_GET['id'], $dbc); + if ($result == 0) { + http_response_code(404); + include_once 'templates/404.php'; + die(); + } +} +?> +<!DOCTYPE html> +<html> +<head> + <title><?php echo $current->subject; ?> - cflip.net forum</title> +</head> +<body> + <?php include_once 'templates/header.php';?> + <h1><?php echo $current->subject; ?></h1> + created by <b><?php echo $current->author->name; ?></b> + in <b><?php echo $current->category->name; ?></b> + <abbr title="<?php echo date('M d, Y g:ia', strtotime($current->date_created));?>">3 days ago</abbr> + <hr> + <?php + $posts = $current->get_posts($dbc); + + foreach ($posts as $post) { + $post->display_content(); + } + ?> + <hr> + <h2>Reply to this thread</h2> + <form method="post"> + <textarea name="post_content" rows="10" cols="50"></textarea> + <br> + <input type="submit" name="submit"> + </form> +</body> +</html> +<?php +include_once 'includes/db_inc.php'; +include_once 'includes/functions_insert.php'; + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if (!isset($_SESSION['signed_in'])) { + echo 'You must be <a href="signin.php">signed in</a> to reply to this thread.'; + return; + } + + $post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING); + $user_id = filter_var($_SESSION['user_id'], FILTER_SANITIZE_NUMBER_INT); + + if (empty($post_content) or !$post_content) { + echo 'Thread subject cannot be empty'; + } else { + insert_post($dbc, $post_content, $current->id, $user_id, $current->category->id); + } +} + +?>
\ No newline at end of file |