prepare($sql); $stmt->bind_param('i', $topic); $stmt->execute(); if(!$result = $stmt->get_result()) { echo 'The topic could not be displayed, please try again later.'; } else { if($result->num_rows == 0) { echo 'This topic doesn′t exist.'; } else { while($row = $result->fetch_assoc()) { //display post data echo ''; //fetch the posts from the database $posts_sql = "SELECT posts.postNo, posts.postTopic, posts.postContent, posts.postDate, posts.postBy, users.userNo, users.userName FROM posts LEFT JOIN users ON posts.postBy = users.userNo WHERE posts.postTopic = ? ORDER BY posts.postDate"; $stmt = $conn->prepare($posts_sql); $stmt->bind_param('i', $topic); $stmt->execute(); $posts_result = $stmt->get_result(); if(!$posts_result) { echo '

' . htmlentities($row['topicSubject'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '
The posts could not be displayed, please try again later.

'; } else { while($posts_row = $posts_result->fetch_assoc()) { $name = htmlentities($posts_row['userName'], ENT_QUOTES | ENT_HTML5, 'UTF-8'); $date = htmlentities(date_format(date_create($posts_row['postDate']), 'd/m/Y H:i:s'), ENT_QUOTES | ENT_HTML5, 'UTF-8'); $content = htmlentities(stripslashes($posts_row['postContent']), ENT_QUOTES | ENT_HTML5, 'UTF-8'); $poster = htmlentities($posts_row['postBy'], ENT_QUOTES | ENT_HTML5, 'UTF-8'); $post = htmlentities($posts_row['postNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8'); echo ''; if($_SESSION['userNo'] != $poster) { echo '' . $content . ''; } else { echo '' . $content . '[edit] ' . '[delete]'; } echo '' . $name . '
' . $date . ''; echo ''; } } if(!$_SESSION['signedIn']) { echo 'You must be signed in to reply. You can also sign up for an account.'; //finish the table echo ''; } else { //finish the table echo ''; //show reply box echo '

Reply:

'; } } } } include 'footer.php'; ?>