69 lines
2.0 KiB
PHP
Executable File
69 lines
2.0 KiB
PHP
Executable File
<?php
|
|
function send_reply($reply_content, $topic_id, $reply_by)
|
|
{
|
|
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
|
|
require "$root/database/credentials.php";
|
|
// Connect the database
|
|
try{
|
|
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
|
|
$user,
|
|
$password,
|
|
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
|
|
));
|
|
}catch (Exception $e){
|
|
die("Error : ".$e->getMessage());
|
|
}
|
|
$req = $db->prepare('SELECT id FROM `authors` WHERE username=:username');
|
|
$req->execute(array(
|
|
"username"=>$reply_by
|
|
));
|
|
if ($data=$req->fetch())
|
|
{
|
|
$user_id = $data['id'];
|
|
}
|
|
$req = $db->prepare('INSERT INTO `replies` (reply_content, reply_date, reply_topic, reply_by) VALUES (:reply_content, now(), :reply_topic, :reply_by)');
|
|
$req->execute(array(
|
|
"reply_content"=>$reply_content,
|
|
"reply_topic"=>$topic_id,
|
|
"reply_by"=>$user_id
|
|
));
|
|
}
|
|
|
|
ini_set('display_errors', 1);
|
|
ini_set('display_startup_errors', 1);
|
|
error_reporting(E_ALL);
|
|
session_start();
|
|
|
|
$_SESSION['error_msg'] = "";
|
|
if (isset($_POST['submit']))
|
|
{
|
|
if (isset($_SESSION['username'])) {
|
|
if (isset($_POST['topic_id']))
|
|
{
|
|
$topic_id = $_POST['topic_id'];
|
|
} else
|
|
{
|
|
$_SESSION['error_msg'] .= _("You did not enter your reply.") .'\n';
|
|
}
|
|
if (isset($_POST['reply']) and $_POST['reply'] != "")
|
|
{
|
|
$reply_content = $_POST['reply'];
|
|
} else
|
|
{
|
|
$_SESSION['error_msg'] .= _("You did not enter your reply.") .'\n';
|
|
}
|
|
} else {
|
|
$_SESSION['error_msg'] .= _("You did not log in.") .'\n';
|
|
header('Location: '."/auth/login/");
|
|
}
|
|
} else
|
|
{
|
|
$_SESSION['error_msg'] .= _("You did not sumit the reply form.") .'\n';
|
|
}
|
|
|
|
if ($_SESSION['error_msg'] == "")
|
|
{
|
|
send_reply($reply_content, $topic_id, $_SESSION['username']);
|
|
}
|
|
header('Location: '."/forum/topics/?topic=$topic_id");
|
|
?>
|