chiro-canto/public/forum/createtopic.php

84 lines
2.5 KiB
PHP

<?php
function create_topic($topic_subject, $topic_cat, $topic_by)
{
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
require "$root/database/credentials.php";
// Connect the database
try{
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
$user,
$password,
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
}catch (Exception $e){
die("Error : ".$e->getMessage());
}
$req = $db->prepare('INSERT INTO `topics` (topic_subject, topic_date, topic_cat, topic_by) VALUES (:topic_subject, now(), :topic_cat, :topic_by)');
$req->execute(array(
"topic_subject"=>$topic_subject,
"topic_cat"=>$topic_cat,
"topic_by"=>$topic_by
));
}
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();
$_SESSION['error_msg'] = "";
if (isset($_POST['submit']))
{
if (isset($_SESSION['username'])) {
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
require "$root/database/credentials.php";
// Connect the database
try{
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
$user,
$password,
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
));
}catch (Exception $e){
die("Error : ".$e->getMessage());
}
$req = $db->prepare('SELECT id FROM authors WHERE username=:username');
$req->execute(array(
"username"=>$_SESSION['username']
));
if ($data = $req->fetch())
{
$user_id = $data['id'];
}
if (isset($_POST['topic_subject']))
{
$topic_subject = $_POST['topic_subject'];
} else
{
$_SESSION['error_msg'] .= "You did not enter a proper topic subject. \n";
}
if (isset($_POST['category']))
{
$id_cat = $_POST['category'];
} else
{
$_SESSION['error_msg'] .= "You did not enter a proper topic category. \n";
}
} else {
$_SESSION['error_msg'] .= "You did not log in.\n";
header('Location: '."/auth/login/");
}
} else
{
$_SESSION['error_msg'] .= "You did not sumit the category creation form.\n";
}
if ($_SESSION['error_msg'] == "")
{
create_topic($topic_subject, $id_cat, $user_id);
header('Location: '."/forum");
} else {
header('Location: '."/auth/login/");
}
?>