blob: fa1c81b2943229a6e7297c42628d504c606d0dd7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
<?php
include_once 'includes/model/Thread.php';
session_start();
$current = new Thread();
if (!isset($_GET['id']) || !filter_var($_GET['id'], FILTER_VALIDATE_INT)) {
http_response_code(404);
include('includes/templates/404.php');
die();
} else {
$result = $current->get_from_database($_GET['id']);
if (!$result) {
http_response_code(404);
include('includes/templates/404.php');
die();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?= $current->subject; ?> - cflip.net forum</title>
<link rel="stylesheet" href="styles/style.css">
</head>
<body>
<?php include('includes/templates/header.php'); ?>
<h1><?= $current->subject; ?></h1>
created by <b><?= $current->author->name; ?></b>
in <b><?= $current->category->name; ?></b>
<abbr title="<?= date('M d, Y g:ia', strtotime($current->date_created)); ?>">3 days ago</abbr>
<?php
include_once('includes/model/User.php');
if (Session::get()->is_signed_in()) {
$user = Session::get()->get_current_user();
if ($user->level == USER_LEVEL_MODERATOR) {
echo '
<form action="moderate.php" method="post">
<p>
<b>Moderator Options</b>
<input type="hidden" name="id" value="' . $current->id . '">
<input type="checkbox" id="delete" name="delete">
<label for="delete">Delete thread</label>
<input type="checkbox" id="lock" name="lock">
<label for="lock">Locked</label>
<input type="checkbox" id="pin" name="pin">
<label for="pin">Pinned</label>
<input type="submit" value="Update thread">
</p>
</form>
';
}
}
?>
<hr>
<?php
include './includes/functions_post.php';
$posts = $current->get_posts();
foreach ($posts as $post) {
echo get_post_content($post);
}
?>
<hr>
<h2>Reply to this thread</h2>
<?php
include_once 'includes/functions_post.php';
include_once 'includes/error.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!Session::get()->is_signed_in()) {
trigger_error('You must be <a href="signin.php">signed in</a> to reply to this thread.', E_USER_NOTICE);
return;
}
$post_content = filter_input(INPUT_POST, 'post_content', FILTER_SANITIZE_STRING);
if (empty($post_content) or !$post_content) {
trigger_error('Reply cannot be empty');
} else {
create_post($post_content, $current->id, $current->category->id);
header('Location: ' . $_SERVER['PHP_SELF'] . '?id=' . $current->id);
}
}
?>
<form method="post">
<textarea name="post_content" rows="10" cols="50"></textarea>
<br>
<input type="submit" name="submit">
</form>
</body>
</html>
|
