示例#1
0
function database_addThread($subject, $content, $author, $forum)
{
    $forumData = mysqli_fetch_assoc(database_getForum($forum));
    if (!things_checkLevel($forumData["forum_post_level"])) {
        return database_SQL_ERROR;
    }
    $subject = htmlspecialchars($subject);
    if ($forumData["forum_escape_html"]) {
        $content = htmlspecialchars($content);
    }
    $sql = "INSERT INTO threads(thread_subject,thread_date,thread_author,thread_forum)\n\t\t\tVALUES('" . mysqli_real_escape_string($GLOBALS["con"], $subject) . "',\n\t\t\t\t    NOW(),\n\t\t\t\t    " . $author . ",\n\t\t\t\t\t" . $forum . ")";
    $result = mysqli_query($GLOBALS["con"], $sql);
    if (!$result) {
        return database_SQL_ERROR;
    }
    $sql = "SELECT * FROM threads ORDER BY thread_id DESC LIMIT 1";
    $result = mysqli_query($GLOBALS["con"], $sql);
    $threadData = mysqli_fetch_assoc($result);
    database_addPost($content, $author, $threadData["thread_id"]);
    if ($result) {
        return database_SUCCESS;
    } else {
        return database_SQL_ERROR;
    }
}
示例#2
0
<?php

include_once "connect.php";
include_once "structure.php";
include_once "database.php";
include_once "things.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    database_addPost($_POST["post_content"], $_SESSION["user_id"], $_GET["thread_id"]);
}
structure_insertHeader("post added", true);
?>


<div>
	post added.
	<p>
		<?php 
echo "<a href=viewThread.php?thread_id=" . $_GET["thread_id"] . ">return</a>";
?>
	</p>
</div>


<?php 
structure_insertFooter();