-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprocess_reply.php
More file actions
36 lines (28 loc) · 1.09 KB
/
Copy pathprocess_reply.php
File metadata and controls
36 lines (28 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
session_start();
require "helper.php";
$db = database();
if(isset($_SESSION["id"])){
$userID = $_SESSION["id"];
$q = $db->query("SELECT email, verified, id FROM users WHERE id= $userID");
$q = $q->fetchAll();
$body = $_POST["body"];
$posterid = $q[0]["id"]; //i am aware of what i am doing
$postid = $_GET["postid"];
if(getDomain($q[0]["email"]) === "????" && $q[0]["verified"] === '1' && strlen(trim($body)) !== 0){
$body = sanitize($body);
$nReply = $db->prepare("INSERT INTO replies (postid, posterid, body) VALUES (:postid, :posterid, :body)");
$nReply->execute(array("postid" => $postid, "posterid" => $posterid, "body" => $body));
$upd = $db->query("SELECT replies FROM posts WHERE postid = $postid");
$upd = $upd->fetch();
$upd = (int)$upd[0];
$upd++;
$repl = $db->prepare("UPDATE posts SET replies = '$upd' WHERE postid = $postid");
$repl->execute();
}
else
header("location:index.php");
}
else
header("location:index.php");
header("location:discussionView.php?postid=".$postid);