function database_addThread($subject, $content, $author, $forum) { $forumData = mysqli_fetch_assoc(database_getForum($forum)); if (!things_checkLevel($forumData["forum_post_level"])) { return database_SQL_ERROR; } $subject = htmlspecialchars($subject); if ($forumData["forum_escape_html"]) { $content = htmlspecialchars($content); } $sql = "INSERT INTO threads(thread_subject,thread_date,thread_author,thread_forum)\n\t\t\tVALUES('" . mysqli_real_escape_string($GLOBALS["con"], $subject) . "',\n\t\t\t\t NOW(),\n\t\t\t\t " . $author . ",\n\t\t\t\t\t" . $forum . ")"; $result = mysqli_query($GLOBALS["con"], $sql); if (!$result) { return database_SQL_ERROR; } $sql = "SELECT * FROM threads ORDER BY thread_id DESC LIMIT 1"; $result = mysqli_query($GLOBALS["con"], $sql); $threadData = mysqli_fetch_assoc($result); database_addPost($content, $author, $threadData["thread_id"]); if ($result) { return database_SUCCESS; } else { return database_SQL_ERROR; } }
<?php include_once "connect.php"; include_once "structure.php"; include_once "database.php"; include_once "things.php"; $thread = database_getThread($_GET["thread_id"]); $row = mysqli_fetch_assoc($thread); structure_insertHeader($row["thread_subject"], true); $forum = mysqli_fetch_assoc(database_getForum($row["thread_forum"])); if (!things_checkLevel($forum["forum_view_level"], true)) { die("you must be at least level " . $row["forum_view_level"] . " to be allowed here :)"); } ?> <div> <?php echo "<a href='viewForum.php?forum_id=" . $row["thread_forum"] . "'>Return to forum overview</a>"; ?> <table> <?php $posts = database_getPosts($_GET["thread_id"]); while ($row = mysqli_fetch_assoc($posts)) { echo "<tr><td class='avatar'>"; echo "<a href='viewUser.php?user_id=" . $row["post_author"] . "'>" . database_getUsername($row["post_author"]) . "</a>"; echo "<br />" . $row["post_date"]; echo "</td><td>"; echo "<p>" . $row["post_content"] . "</p>"; echo "</td></tr>";
<?php include_once "connect.php"; include_once "structure.php"; include_once "database.php"; include_once "things.php"; $forum = database_getForum($_GET["forum_id"]); $row = mysqli_fetch_assoc($forum); if (!things_checkLevel($row["forum_view_level"], true)) { die("you must be at least level " . $row["forum_view_level"] . " to be allowed here :)"); } structure_insertHeader($row["forum_name"], true); ?> <div> <p> <a href="index.php">Return to Index</a> </p> <?php echo $row["forum_description"]; echo "<p><small>you must be at least level " . $row["forum_post_level"] . " to post threads here</small></p>"; echo "<p><small>you must be at least level " . $row["forum_reply_level"] . " to reply to threads here</small></p>"; echo "<p><small>you must be at least level " . $row["forum_view_level"] . " to view threads here</small></p>"; if (things_checkLevel($row["forum_post_level"])) { echo "<a href='addThread.php?forum_id=" . $_GET["forum_id"] . "'>add a thread</a>"; } echo "<h2>Threads</h2>"; $threads = database_getThreads($_GET["forum_id"]); while ($row = mysqli_fetch_assoc($threads)) { echo "<a href='viewThread.php?thread_id=" . $row["thread_id"] . "'><h2>" . $row["thread_subject"] . "</h2></a>";