From b49c2533c5a82332113d125a40712ab50adade81 Mon Sep 17 00:00:00 2001
From: Cflip <36554078+cflip@users.noreply.github.com>
Date: Fri, 22 Jan 2021 21:40:51 -0700
Subject: Fix broken pages

---
 create_topic.php          | 102 +++++++++++++---------------------------------
 includes/register_inc.php |   0
 includes/reply_inc.php    |  14 ++-----
 includes/topic_inc.php    |  47 +++++++++++++++++++++
 register.php              |  28 ++++---------
 5 files changed, 86 insertions(+), 105 deletions(-)
 create mode 100644 includes/register_inc.php
 create mode 100644 includes/topic_inc.php

diff --git a/create_topic.php b/create_topic.php
index 9eab942..2953646 100644
--- a/create_topic.php
+++ b/create_topic.php
@@ -1,90 +1,44 @@
 <?php
 
-include 'header.php';
-include_once 'connect.php';
+include_once 'header.php';
 
 echo '<section><h2>Create a new topic</h2>';
 
 if (!isset($_SESSION['signed_in'])) {
-	echo 'You must be <a href="signin.php">signed in</a> to create a topic.';
-} else {
-	if ($_SERVER['REQUEST_METHOD'] != 'POST') {
-		$sql = "SELECT cat_id, cat_name, cat_description FROM categories";
-		$result = mysqli_query($dbc, $sql);
-
-		if (!$result) {
-			echo 'Error while selecting from database. Please try again later.';
-		} else {
-			if (mysqli_num_rows($result) == 0) {
-				echo 'There are currently no categories to post to.';
-			} else {
-				echo '
-				<form action="" method="post">
-					<label for="topic_subject">Subject: </label><br>
-					<input type="text" name="topic_subject"><br>
-					<label for="topic_cat">Category: </label><br>
-					<select name="topic_cat">';
+	die('You must be <a href="signin.php">signed in</a> to create a topic.');
+} 
+?>
+
+<form action="includes/topic_inc.php" method="post">
+	<label for="topic_subject">Subject: </label><br>
+	<input type="text" name="topic_subject"><br>
+	<label for="topic_cat">Category: </label><br>
+	<select name="topic_cat">';
+		<?php
+		include_once 'includes/db_inc.php';
 
-				while ($row = mysqli_fetch_assoc($result)) {
-					echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>';
-				}
-
-				echo '
-					</select><br>
-					<label for="post_content">Write your post: </label><br>
-					<textarea name="post_content"></textarea><br>
-					<input type="submit" name="submit">
-				</form>
-				';
-			}
-		}
-	} else {
-		$sql = "BEGIN WORK;";
+		$sql = "SELECT cat_id, cat_name, cat_description FROM categories";
 		$result = mysqli_query($dbc, $sql);
 
 		if (!$result) {
-			echo 'An error occurred creating your topic. Try again later';
-		} else {
-			$sql = "INSERT INTO topics(topic_subject, topic_date, topic_cat, topic_author) VALUES(
-			'" . mysqli_real_escape_string($dbc, $_POST['topic_subject']) . "', 
-			NOW(), 
-			" . mysqli_real_escape_string($dbc, $_POST['topic_cat']) . ", 
-			" . $_SESSION['user_id'] .")";
+			die('Error trying to fetch category list: ' . mysqli_error($dbc));
+		} 
 
-			$result = mysqli_query($dbc, $sql);
+		if (mysqli_num_rows($result) == 0) {
+			die('There are currently no categories to post to.');
+		} 
 
-			if (!$result) {
-				echo 'An error occured while creating your post. Please try again later.' . mysql_error();
-				$sql = "ROLLBACK;";
-				mysqli_query($dbc, $sql);
-			} else {
-				$topic_id = mysqli_insert_id($dbc);
-
-				$sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES(
-				'" . mysqli_real_escape_string($dbc, $_POST['post_content']) . "',
-				NOW(),
-				" . $topic_id . ",
-				" . $_SESSION['user_id'] . ")";
-
-				$result = mysqli_query($dbc, $sql);
-
-				if (!$result) {
-					echo 'An error occured while creating your post. Please try again later.' . mysqli_error($dbc);
-					$sql = "ROLLBACK;";
-					mysqli_query($dbc, $sql);
-				} else {
-					$sql = "COMMIT;";
-					$result = mysqli_query($dbc, $sql);
-
-					echo 'You have successfully created <a href="topic.php?id='. $topic_id . '">your new topic</a>.';
-				}
-			}
+		while ($row = mysqli_fetch_assoc($result)) {
+			echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>';
 		}
-	}
-}
-
-echo '</section>';
+		?>
+	</select><br>
+	<label for="post_content">Write your post: </label><br>
+	<textarea name="post_content"></textarea><br>
+	<input type="submit" name="submit">
+</form>
+</section>
 
+<?php
 include 'footer.php';
-
 ?>
\ No newline at end of file
diff --git a/includes/register_inc.php b/includes/register_inc.php
new file mode 100644
index 0000000..e69de29
diff --git a/includes/reply_inc.php b/includes/reply_inc.php
index 7f53fce..480c651 100644
--- a/includes/reply_inc.php
+++ b/includes/reply_inc.php
@@ -3,6 +3,7 @@
 session_start();
 
 include_once 'db_inc.php';
+include_once 'functions_inc.php';
 
 if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 	die('This file cannot be called directly.');
@@ -19,15 +20,8 @@ if (!mysqli_stmt_prepare($stmt, $sql)) {
 	die('Failed to process statement: ' . mysqli_error($dbc));
 }
 
-mysqli_stmt_bind_param($stmt, "sii", $_POST['post_content'], $_GET['reply_to'], $_SESSION['user_id']);
+mysqli_stmt_bind_param($stmt, "sii", $_POST['reply_content'], $_GET['reply_to'], $_SESSION['user_id']);
 mysqli_stmt_execute($stmt);
+mysqli_stmt_close($stmt);
 
-$result = mysqli_stmt_get_result($stmt);
-
-if (!$result) {
-	echo 'An error occurred trying to reply to the post. ' . mysqli_error($dbc);
-} else {
-	echo 'Your reply has been saved, check out <a href="topic.php?id=' . $_GET['reply_to'] . '">the topic</a>.';
-}
-
-//header("Location: ../topic.php?id=" . $_GET['reply_to']);
\ No newline at end of file
+header("Location: ../topic.php?id=" . $_GET['reply_to']);
\ No newline at end of file
diff --git a/includes/topic_inc.php b/includes/topic_inc.php
new file mode 100644
index 0000000..c16a4e0
--- /dev/null
+++ b/includes/topic_inc.php
@@ -0,0 +1,47 @@
+<?php
+
+include_once 'db_inc.php';
+
+session_start();
+
+$sql = "BEGIN WORK;";
+$result = mysqli_query($dbc, $sql);
+
+if (!$result) {
+	echo 'An error occurred creating your topic. Try again later';
+} 
+
+$sql = "INSERT INTO topics(topic_subject, topic_date, topic_cat, topic_author) VALUES(
+'" . mysqli_real_escape_string($dbc, $_POST['topic_subject']) . "', 
+NOW(), 
+" . mysqli_real_escape_string($dbc, $_POST['topic_cat']) . ", 
+" . $_SESSION['user_id'] .")";
+
+$result = mysqli_query($dbc, $sql);
+
+if (!$result) {
+	echo 'An error occured while creating your post. Please try again later.' . mysql_error();
+	$sql = "ROLLBACK;";
+	mysqli_query($dbc, $sql);
+} else {
+	$topic_id = mysqli_insert_id($dbc);
+
+	$sql = "INSERT INTO posts(post_content, post_date, post_topic, post_author) VALUES(
+	'" . mysqli_real_escape_string($dbc, $_POST['post_content']) . "',
+	NOW(),
+	" . $topic_id . ",
+	" . $_SESSION['user_id'] . ")";
+
+	$result = mysqli_query($dbc, $sql);
+
+	if (!$result) {
+		echo 'An error occured while creating your post. Please try again later.' . mysqli_error($dbc);
+		$sql = "ROLLBACK;";
+		mysqli_query($dbc, $sql);
+	} else {
+		$sql = "COMMIT;";
+		$result = mysqli_query($dbc, $sql);
+	}
+}
+
+header("Location: ../topic.php?id=" . $topic_id);
\ No newline at end of file
diff --git a/register.php b/register.php
index 8f74aa9..f0cb3f5 100644
--- a/register.php
+++ b/register.php
@@ -1,20 +1,9 @@
-<!DOCTYPE html>
-<html>
-<head>
-	<title>cflip.net forum</title>
-	<link rel="stylesheet" href="style.css">
-	<meta name="viewport" content="width=device-width, initial-scale=1.0">
-</head>
-<body>
-<div id="wrapper">
-	<h1>Register an account</h1>
-	<nav>
-		<a href="index.php">Go back</a> Already have an account? <a href="signin.php">Sign in</a>
-	</nav>
-	<section>
 <?php
 
-include_once 'connect.php';
+include_once 'header.php';
+include_once 'includes/db_inc.php';
+
+echo '<section><h2>Register an account</h2>';
 
 if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 	echo '
@@ -73,9 +62,6 @@ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 	}
 }
 
-?>
-	</section>
-	<footer>Copyright © 2021 cflip.net</footer>
-</div>
-</body>
-</html>
\ No newline at end of file
+echo '</section>';
+
+include_once 'footer.php';
-- 
cgit v1.2.3