function store_new_post($post) { //validate clean and store a new post $conn = db_connect(); //check no fields are blank if (!filled_out($post)) { return false; } $post = clean_all($post); //check parent exists if ($post['parent'] != 0) { $query = "select postid from header where postid = '" . $post['parent'] . "'"; $result = $conn->query($query); if ($result->num_rows != 1) { return false; } } //check not duplicate $query = "select header.postid from header, body where\n\t\t\t\theader.postid = body.postid and\n\t\t\t\theader.parent = " . $post['parent'] . " and\n\t\t\t\theader.post = '" . $post['poster'] . "' and\n\t\t\t\theader.title = '" . $post['title'] . "' and\n\t\t\t\theader.area = " . $post['area'] . " and\n\t\t\t\tbody.message = '" . $post['message'] . "'"; $result = $conn->query($query); if (!$result) { return false; } if ($result->num_rows > 0) { $this_row = $result->fetch_array(); return $this_row[0]; } $query = "insert into header values\n\t\t\t\t\t('" . $postid['parent'] . "',\n\t\t\t\t\t'" . $postid['poster'] . "',\n\t\t\t\t\t'" . $postid['title'] . "',\n\t\t\t\t\t0,\n\t\t\t\t\t'" . $postid['area'] . "',\n\t\t\t\t\tnow(),\n\t\t\t\t\tnull\n\t\t\t\t\t)'"; $result = $conn->query($query); if (!$result) { return false; } }
function store_new_post($post) { // validate clean and store a new post $conn = db_connect(); // check no fields are blank if (!filled_out($post)) { return false; } $post = clean_all($post); //check parent exists if ($post['parent'] != 0) { $query = "select postid from t_chforum_header where postid = '" . $post['parent'] . "'"; $result = $conn->query($query); if ($result->num_rows != 1) { return false; } } // check not a duplicate $query = "select t_chforum_header.postid from t_chforum_header, t_chforum_body where\n t_chforum_header.postid = t_chforum_body.postid and\n t_chforum_header.chapterid = " . $post['chapterid'] . " and\n t_chforum_header.parent = " . $post['parent'] . " and\n t_chforum_header.poster = '" . $post['poster'] . "' and\n t_chforum_header.title = '" . $post['title'] . "' and\n t_chforum_header.area = " . $post['area'] . " and\n t_chforum_body.message = '" . $post['message'] . "'"; $result = $conn->query($query); if (!$result) { return false; } if ($result->num_rows > 0) { $this_row = $result->fetch_array(); return $this_row[0]; } $query = "insert into t_chforum_header values\n ( null,\n '" . $post['chapterid'] . "',\n '" . $post['parent'] . "',\n '" . $post['poster'] . "',\n '" . $post['title'] . "',\n 0,\n '" . $post['area'] . "',\n now()\n )"; $result = $conn->query($query); if (!$result) { return false; } // note that our parent now has a child $query = "update t_chforum_header set children = 1 where postid = '" . $post['parent'] . "'"; $result = $conn->query($query); if (!$result) { return false; } // find our post id, note that there could be multiple headers // that are the same except for id and probably posted time $query = "select t_chforum_header.postid from t_chforum_header left join t_chforum_body on t_chforum_header.postid = t_chforum_body.postid\n where parent = '" . $post['parent'] . "'\n and chapterid = '" . $post['chapterid'] . "'\n and poster = '" . $post['poster'] . "'\n and title = '" . $post['title'] . "'\n and t_chforum_body.postid is NULL"; $result = $conn->query($query); if (!$result) { return false; } if ($result->num_rows > 0) { $this_row = $result->fetch_array(); $id = $this_row[0]; } if ($id) { $query = "insert into t_chforum_body values ({$id}, '" . $post['message'] . "')"; $result = $conn->query($query); if (!$result) { return false; } return $id; } }
function store_new_post($post) { // validate clean and store a new post $conn = db_connect(); // check no fields are blank if (!filled_out($post)) { return false; } $post = clean_all($post); //check parent exists if ($post['parent'] != 0) { $query = "select postid from header where postid = '" . $post['parent'] . "'"; $result = mysql_query($query); if (mysql_numrows($result) != 1) { return false; } } // check not a duplicate $query = "select header.postid from header, body where\n header.postid = body.postid and \n header.parent = " . $post['parent'] . " and\n header.poster = '" . $post['poster'] . "' and\n header.title = '" . $post['title'] . "' and\n header.area = " . $post['area'] . " and \n body.message = '" . $post['message'] . "'"; $result = mysql_query($query); if (!$result) { return false; } if (mysql_numrows($result) > 0) { return mysql_result($result, 0, 0); } $query = "insert into header values\n ('" . $post['parent'] . "', \n '" . $post['poster'] . "', \n '" . $post['title'] . "', \n 0,\n '" . $post['area'] . "',\n now(),\n NULL \n )"; $result = mysql_query($query); if (!$result) { return false; } // note that our parent now has a child $query = 'update header set children = 1 where postid = ' . $post['parent']; $result = mysql_query($query); if (!$result) { return false; } // find our post id, note that there could be multiple headers // that are the same except for id and probably posted time $query = "select header.postid from header left join body on header.postid = body.postid \n where parent = '" . $post['parent'] . "' \n and poster = '" . $post['poster'] . "'\n and title = '" . $post['title'] . "'\n and body.postid is NULL"; $result = mysql_query($query); if (!$result) { return false; } if (mysql_numrows($result) > 0) { $id = mysql_result($result, 0, 0); } if ($id) { $query = "insert into body values ({$id}, '" . $post['message'] . "')"; $result = mysql_query($query); if (!$result) { return false; } return $id; } }