<?php
include_once '../../../includes/user.php';
include_once '../../../includes/topic.php';
include_once '../../../includes/thread.php';
include_once '../../../includes/post.php';
include_once '../../../includes/parsedown.php';
include_once '../../../includes/permissions.php';
session_start();
if (isset($_SESSION['user'])) {
if (has_permission($_SESSION['user'], 'CREATE_TOPIC')) {
if (isset($_POST['create-topic'])) {
if (isset($_GET['id'])) {
$topic_id = create_topic($_POST['title'], get_topic_by_id($_GET['id']));
header("HTTP/1.1 303 See Other");
header("Location: /forum/topic/?id=" . $topic_id);
} else {
$topic_id = create_topic($_POST['title']);
header("HTTP/1.1 303 See Other");
header("Location: /forum/topic/?id=" . $topic_id);
}
} else {
header("HTTP/1.1 400 Bad Request");
}
} else {
header("HTTP/1.1 403 Forbidden");
}
} else {
header("HTTP/1.1 403 Forbidden");
}
public function get_topic()
{
return get_topic_by_id($this->topic);
}
public function get_parent()
{
return get_topic_by_id($this->parent);
}
<?php
include_once '../../../includes/user.php';
include_once '../../../includes/topic.php';
include_once '../../../includes/thread.php';
include_once '../../../includes/post.php';
include_once '../../../includes/parsedown.php';
include_once '../../../includes/htmlpurifier/HTMLPurifier.auto.php';
session_start();
if (isset($_SESSION['user'])) {
if (isset($_POST['create-thread'])) {
if (isset($_GET['id'])) {
$thread = get_thread_by_id(create_thread($_POST['title'], get_topic_by_id($_GET['id'])));
$parsedown = new Parsedown();
$htmlpurifierconfig = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($htmlpurifierconfig);
create_post($thread, $_SESSION['user'], $purifier->purify($parsedown->text($_POST['text'])));
header("HTTP/1.1 303 See Other");
header("Location: /forum/thread/?id=" . $thread->get_id());
} else {
$thread = get_thread_by_id(create_thread($_POST['title']));
$htmlpurifierconfig = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($htmlpurifierconfig);
create_post($thread, $_SESSION['user'], $purifier->purify($parsedown->text($_POST['text'])));
header("HTTP/1.1 303 See Other");
header("Location: /forum/thread/?id=" . $thread->get_id());
}
} else {
header("HTTP/1.1 400 Bad Request");
}
} else {
if (isset($_SESSION['user'])) {
include '../../includes/navigation.php';
} else {
include '../../includes/navigation_beforelogin.php';
}
$id = NULL;
if (isset($_GET['id'])) {
$id = $_GET['id'];
}
$mysqli = new mysqli(get_db_host(), get_db_user(), get_db_password(), get_db_database());
$stmt = NULL;
if (is_null($id)) {
$stmt = $mysqli->prepare("SELECT id, title FROM topic WHERE parent IS NULL");
} else {
echo '<div class="path">' . "\n";
get_topic_by_id($id)->print_path();
echo '</div>';
$stmt = $mysqli->prepare("SELECT id, title FROM topic WHERE parent = ?");
$stmt->bind_param("i", $id);
}
$stmt->execute();
$res = $stmt->get_result();
echo '<h1>Topics</h1>';
if (isset($_SESSION['user'])) {
if (!is_null($id)) {
if (has_permission($_SESSION['user'], 'CREATE_TOPIC')) {
echo '<h4><a href="/forum/topic/create/?id=' . $id . '">Create Topic</a></h4>';
}
} else {
if (has_permission($_SESSION['user'], 'CREATE_TOPIC')) {
echo '<h4><a href="/forum/topic/create">Create Topic</a></h4>';
