function store_new_post($post)
{
    //validate clean and store a new post
    $conn = db_connect();
    //check no fields are blank
    if (!filled_out($post)) {
        return false;
    }
    $post = clean_all($post);
    //check parent exists
    if ($post['parent'] != 0) {
        $query = "select postid from header where postid = '" . $post['parent'] . "'";
        $result = $conn->query($query);
        if ($result->num_rows != 1) {
            return false;
        }
    }
    //check not duplicate
    $query = "select header.postid from header, body where\n\t\t\t\theader.postid = body.postid and\n\t\t\t\theader.parent = " . $post['parent'] . " and\n\t\t\t\theader.post = '" . $post['poster'] . "' and\n\t\t\t\theader.title = '" . $post['title'] . "' and\n\t\t\t\theader.area = " . $post['area'] . " and\n\t\t\t\tbody.message = '" . $post['message'] . "'";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
    if ($result->num_rows > 0) {
        $this_row = $result->fetch_array();
        return $this_row[0];
    }
    $query = "insert into header values\n\t\t\t\t\t('" . $postid['parent'] . "',\n\t\t\t\t\t'" . $postid['poster'] . "',\n\t\t\t\t\t'" . $postid['title'] . "',\n\t\t\t\t\t0,\n\t\t\t\t\t'" . $postid['area'] . "',\n\t\t\t\t\tnow(),\n\t\t\t\t\tnull\n\t\t\t\t\t)'";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
}
示例#2
0
function store_new_post($post)
{
    // validate clean and store a new post
    $conn = db_connect();
    // check no fields are blank
    if (!filled_out($post)) {
        return false;
    }
    $post = clean_all($post);
    //check parent exists
    if ($post['parent'] != 0) {
        $query = "select postid from t_chforum_header where postid = '" . $post['parent'] . "'";
        $result = $conn->query($query);
        if ($result->num_rows != 1) {
            return false;
        }
    }
    // check not a duplicate
    $query = "select t_chforum_header.postid from t_chforum_header, t_chforum_body where\n            t_chforum_header.postid = t_chforum_body.postid and\n            t_chforum_header.chapterid = " . $post['chapterid'] . " and\n            t_chforum_header.parent = " . $post['parent'] . " and\n            t_chforum_header.poster = '" . $post['poster'] . "' and\n            t_chforum_header.title = '" . $post['title'] . "' and\n            t_chforum_header.area = " . $post['area'] . " and\n            t_chforum_body.message = '" . $post['message'] . "'";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
    if ($result->num_rows > 0) {
        $this_row = $result->fetch_array();
        return $this_row[0];
    }
    $query = "insert into t_chforum_header values\n            ( null,\n             '" . $post['chapterid'] . "',\n             '" . $post['parent'] . "',\n             '" . $post['poster'] . "',\n             '" . $post['title'] . "',\n             0,\n             '" . $post['area'] . "',\n             now()\n            )";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
    // note that our parent now has a child
    $query = "update t_chforum_header set children = 1 where postid = '" . $post['parent'] . "'";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
    // find our post id, note that there could be multiple headers
    // that are the same except for id and probably posted time
    $query = "select t_chforum_header.postid from t_chforum_header left join t_chforum_body on t_chforum_header.postid = t_chforum_body.postid\n                   where parent = '" . $post['parent'] . "'\n                   and chapterid = '" . $post['chapterid'] . "'\n                   and poster = '" . $post['poster'] . "'\n                   and title = '" . $post['title'] . "'\n                   and t_chforum_body.postid is NULL";
    $result = $conn->query($query);
    if (!$result) {
        return false;
    }
    if ($result->num_rows > 0) {
        $this_row = $result->fetch_array();
        $id = $this_row[0];
    }
    if ($id) {
        $query = "insert into t_chforum_body values ({$id}, '" . $post['message'] . "')";
        $result = $conn->query($query);
        if (!$result) {
            return false;
        }
        return $id;
    }
}
function store_new_post($post)
{
    // validate clean and store a new post
    $conn = db_connect();
    // check no fields are blank
    if (!filled_out($post)) {
        return false;
    }
    $post = clean_all($post);
    //check parent exists
    if ($post['parent'] != 0) {
        $query = "select postid from header where postid = '" . $post['parent'] . "'";
        $result = mysql_query($query);
        if (mysql_numrows($result) != 1) {
            return false;
        }
    }
    // check not a duplicate
    $query = "select header.postid from header, body where\n            header.postid = body.postid and \n            header.parent = " . $post['parent'] . " and\n            header.poster = '" . $post['poster'] . "' and\n            header.title = '" . $post['title'] . "' and\n            header.area = " . $post['area'] . " and \n            body.message = '" . $post['message'] . "'";
    $result = mysql_query($query);
    if (!$result) {
        return false;
    }
    if (mysql_numrows($result) > 0) {
        return mysql_result($result, 0, 0);
    }
    $query = "insert into header values\n            ('" . $post['parent'] . "', \n             '" . $post['poster'] . "', \n             '" . $post['title'] . "', \n             0,\n             '" . $post['area'] . "',\n             now(),\n             NULL \n            )";
    $result = mysql_query($query);
    if (!$result) {
        return false;
    }
    // note that our parent now has a child
    $query = 'update header set children = 1 where postid = ' . $post['parent'];
    $result = mysql_query($query);
    if (!$result) {
        return false;
    }
    // find our post id, note that there could be multiple headers
    // that are the same except for id and probably posted time
    $query = "select header.postid from header left join body on header.postid = body.postid  \n                   where parent = '" . $post['parent'] . "' \n                   and poster = '" . $post['poster'] . "'\n                   and title = '" . $post['title'] . "'\n                   and body.postid is NULL";
    $result = mysql_query($query);
    if (!$result) {
        return false;
    }
    if (mysql_numrows($result) > 0) {
        $id = mysql_result($result, 0, 0);
    }
    if ($id) {
        $query = "insert into body values ({$id}, '" . $post['message'] . "')";
        $result = mysql_query($query);
        if (!$result) {
            return false;
        }
        return $id;
    }
}