From edc0e3a052540933d5becb918cf71dc8352ca667 Mon Sep 17 00:00:00 2001
From: Cflip <36554078+cflip@users.noreply.github.com>
Date: Wed, 27 Jan 2021 23:43:27 -0700
Subject: Add simple quoting system

---
 styles/style.css | 18 ++++++++++++++++++
 thread.php       | 38 ++++++++++++++++++++++++++++++++++----
 2 files changed, 52 insertions(+), 4 deletions(-)
diff --git a/styles/style.css b/styles/style.css
index 8177684..b3f39a6 100644
--- a/styles/style.css
+++ b/styles/style.css
@@ -26,6 +26,17 @@ footer {
 	width: 100%;
 }
 
+blockquote {
+	border-color: #b6dcd5;
+	background-color: rgba(199,229,223,.4);
+	margin: 18px 5px;
+    padding: 12px;
+    border: 1px solid #79a;
+    overflow: hidden;
+    text-overflow: ellipsis;
+    border-radius: 5px;
+}
+
 table {
 	border-collapse: collapse;
 	width: 100%;
@@ -38,6 +49,7 @@ th {
 	color: white;
 	border: 1px solid black;
 	padding: 0.25em;
+	text-align: left;
 }
 
 form {
@@ -107,6 +119,12 @@ th a:hover {
 	width: 30%;
 }
 
+.post-content {
+	width: 70%;
+	white-space: pre-line;
+	padding: 12px;
+}
+
 h1, h4 {
 	margin-top: 2px;
 	margin-bottom: 10px;
diff --git a/thread.php b/thread.php
index ce39d2f..0ba4906 100644
--- a/thread.php
+++ b/thread.php
@@ -3,12 +3,28 @@
 <?php
 include_once 'includes/db_inc.php';
 
+function add_quote($dbc, $thread_id, $matches) {
+	foreach ($matches as $match) {
+		$id = (int) filter_var($match, FILTER_SANITIZE_NUMBER_INT);
+		$sql = "SELECT post_content, post_author, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . $thread_id . " LIMIT 1 OFFSET " . $id - 1;
+		$result = mysqli_query($dbc, $sql);
+
+		if (!$result) {
+			return '<blockquote></blockquote>';
+		}
+
+		$reply = mysqli_fetch_assoc($result);
+
+		return '<blockquote><a href="#' . $id .'">Quote from ' . $reply['user_name'] . '</a><br>' . $reply['post_content'] . '</blockquote>';
+	}
+}
+
 $sql = "SELECT thread_id, thread_subject, thread_date, user_id, user_name FROM threads LEFT JOIN users ON thread_author = user_id WHERE thread_id = " . mysqli_real_escape_string($dbc, $_GET['id']);
 $result = mysqli_query($dbc, $sql);
 
 if (!$result) {
 	die('Error trying to display thread page: ' . mysqli_error($dbc));
-} 
+}
 
 if (mysqli_num_rows($result) == 0) {
 	echo 'This thread does not exist';
@@ -24,7 +40,7 @@ echo '</section>';
 
 mysqli_free_result($result);
 
-$sql = "SELECT post_content, post_date, post_author, user_id, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . mysqli_real_escape_string($dbc, $_GET['id']);
+$sql = "SELECT post_id, post_content, post_date, post_author, user_id, user_name FROM posts LEFT JOIN users ON post_author = user_id WHERE post_thread = " . mysqli_real_escape_string($dbc, $_GET['id']);
 $result = mysqli_query($dbc, $sql);
 
 if (!$result) {
@@ -35,9 +51,22 @@ if (mysqli_num_rows($result) == 0) {
 	echo '<section>This thread has no posts</section>';
 } else {
 	echo '<table>';
+	$post_index = 1;
+	$thread_id = $_GET['id'];
+
 	while ($row = mysqli_fetch_assoc($result)) {
-		echo '<tr class="post"><td class="right">Posted by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>';
-		echo '<td class="left">' . $row['post_content'] . '</td></tr>';
+		echo '<tr><th></th><th>' . $post_index . '</th></tr>';
+		echo '<tr class="post" id=' . $post_index . '><td>Posted by <a href="user.php?id='. $row['user_id'] .'">' . $row['user_name'] . '</a><br><small>' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '</small></td>';
+
+		$post_content = $row['post_content'];
+
+		$post_content = preg_replace_callback('/>#\d+/', function($matches) use($thread_id, $dbc) {
+			return add_quote($dbc, $thread_id, $matches);
+		}, $post_content);
+
+		echo '<td class="post-content">' . $post_content . '</td></tr>';
+
+		$post_index++;
 	}
 	echo '</table>';
 }
@@ -49,6 +78,7 @@ if (isset($_SESSION['signed_in'])) {
 	<section>
 		<form action="includes/reply_inc.php?reply_to=' . $thread_id .'" method="post">
 			<h2>Reply to this thread</h2>
+			<i>Quote a post with ># and the number above the post (example: >#7)</i>
 			<textarea name="reply_content"></textarea>
 			<br>
 			<input type="submit" name="submit">
-- 
cgit v1.2.3


	' . $post_index . '
Posted by ' . $row['user_name'] . ' ' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '	' . $row['post_content'] . '
Posted by ' . $row['user_name'] . ' ' . date('m/d/Y g:ia', strtotime($row['post_date'])) . '	' . $post_content . '