<?php 
function send_reply($reply_content, $topic_id, $reply_by)
{
    $root = realpath($_SERVER["DOCUMENT_ROOT"]);
    require "$root/database/credentials.php";
    // Connect the database
    try{
        $db = new PDO("mysql:host=$host;dbname=$database;charset=utf8", 
            $user, 
            $password, 
            array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
            ));
    }catch (Exception $e){
        die("Error : ".$e->getMessage());
    }
    $req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
    $req->execute(array(
        "username"=>$reply_by
    ));
    if ($data=$req->fetch())
    {
        $user_id = $data['id'];
    }
    $req = $db->prepare('INSERT INTO `replies` (reply_content, reply_date, reply_topic, reply_by) VALUES (:reply_content, now(), :reply_topic, :reply_by)');
    $req->execute(array(
        "reply_content"=>$reply_content,
        "reply_topic"=>$topic_id,
        "reply_by"=>$user_id
    ));
}

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();

$_SESSION['error_msg'] = "";
if (isset($_POST['submit']))
{
    if (isset($_SESSION['username'])) {
        if (isset($_POST['topic_id']))
        {
            $topic_id = $_POST['topic_id'];
        } else
        {
            $_SESSION['error_msg'] .= _("You did not enter your reply.") .'\n';
        }
        if (isset($_POST['reply']) and $_POST['reply'] != "")
        {
            $reply_content = $_POST['reply'];
        } else
        {
            $_SESSION['error_msg'] .= _("You did not enter your reply.") .'\n';
        }
    } else {
        $_SESSION['error_msg'] .= _("You did not log in.") .'\n';
        header('Location: '."/auth/login/");
    }
} else  
{
    $_SESSION['error_msg'] .= _("You did not sumit the reply form.") .'\n';
}

if ($_SESSION['error_msg'] == "")
{
    send_reply($reply_content, $topic_id, $_SESSION['username']);
}
header('Location: '."/forum/topics/?topic=$topic_id");
?>