75 lines
1.9 KiB
PHP
75 lines
1.9 KiB
PHP
<?php
|
|
$path = $_SERVER['DOCUMENT_ROOT'];
|
|
require_once($path . '/core/header.php');
|
|
require_once($path . '/core/footer.php');
|
|
require_once($path . '/core/database.php');
|
|
|
|
if (!isset($_GET['code'])) {
|
|
header('location: /404.php');
|
|
}
|
|
|
|
$board_code = strtolower($_GET['code']);
|
|
$board_page = (int)$_GET['page'] ?? 1;
|
|
if ($board_page == 0) $board_page = 1;
|
|
|
|
$conn = get_database_conn();
|
|
$board_sql = "SELECT id, title FROM board WHERE code = ? LIMIT 1";
|
|
$stmt = mysqli_prepare($conn, $board_sql);
|
|
mysqli_stmt_bind_param($stmt, 's', $board_code);
|
|
if (!mysqli_stmt_execute($stmt)) {
|
|
header('location: /404.php');
|
|
}
|
|
mysqli_stmt_store_result($stmt);
|
|
if (mysqli_stmt_num_rows($stmt) != 1) {
|
|
header('location: /404.php');
|
|
}
|
|
mysqli_stmt_bind_result($stmt, $board_id, $board_title);
|
|
mysqli_stmt_fetch($stmt);
|
|
|
|
display_header("~chan - /$board_code/");
|
|
?>
|
|
<div style="
|
|
margin: auto;
|
|
width: 40%;
|
|
padding-top: 50px;
|
|
">
|
|
<h1><?php echo "/$board_code/ - $board_title"; ?></h1>
|
|
<!-- TODO: Add spash text -->
|
|
<?php if (isset($_SESSION['username'])): ?>
|
|
<hr>
|
|
<form action="/post.php" method="post" class="input-form">
|
|
<table>
|
|
<tr>
|
|
<td><b>title:</b></td>
|
|
<td>
|
|
<input name="title" type="text" required>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>message:</b></td>
|
|
<td>
|
|
<textarea name="message" cols="64" rows="8" wrap="soft" tabindex="4" maxlength="1024"></textarea>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>file:</b></td>
|
|
<td>
|
|
<input name="upload" type="file" required>
|
|
</td>
|
|
</tr>
|
|
<input type="hidden" name="board_id" value="<?php echo $board_id; ?>">
|
|
<input type="hidden" name="type" value="new_thread">
|
|
</table>
|
|
<br>
|
|
<button type="submit">post</button>
|
|
</form>
|
|
<?php endif; ?>
|
|
<hr>
|
|
<b>(<a href="#">archive</a>) (<a href="#">catalog</a>)</b>
|
|
<hr>
|
|
<?php
|
|
// time to get all the threads
|
|
$thread_sql = 'SELECT thread.id, thread.title, user.username, thread.posted FROM thread LEFT JOIN user ON user.id = thread.user_id';
|
|
?>
|
|
</div>
|