104 lines
3.2 KiB
PHP
104 lines
3.2 KiB
PHP
<?php
|
|
//topic.php
|
|
include 'connect.php';
|
|
include 'header.php';
|
|
|
|
$topic = $_GET['id'];
|
|
|
|
$sql = "SELECT topicNo, topicSubject
|
|
FROM topics
|
|
WHERE topics.topicNo = ?";
|
|
|
|
$stmt = $conn->prepare($sql);
|
|
$stmt->bind_param('i', $topic);
|
|
$stmt->execute();
|
|
|
|
if(!$result = $stmt->get_result())
|
|
{
|
|
echo 'The topic could not be displayed, please try again later.';
|
|
}
|
|
else
|
|
{
|
|
if($result->num_rows == 0)
|
|
{
|
|
echo 'This topic doesn′t exist.';
|
|
}
|
|
else
|
|
{
|
|
while($row = $result->fetch_assoc())
|
|
{
|
|
//display post data
|
|
echo '<table class="topic" border="1">
|
|
<tr>
|
|
<th colspan="2">' . htmlentities($row['topicSubject'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</th>
|
|
</tr>';
|
|
|
|
//fetch the posts from the database
|
|
$posts_sql = "SELECT posts.postNo, posts.postTopic, posts.postContent, posts.postDate, posts.postBy, users.userNo, users.userName
|
|
FROM posts LEFT JOIN users
|
|
ON posts.postBy = users.userNo
|
|
WHERE posts.postTopic = ?
|
|
ORDER BY posts.postDate";
|
|
|
|
$stmt = $conn->prepare($posts_sql);
|
|
$stmt->bind_param('i', $topic);
|
|
$stmt->execute();
|
|
$posts_result = $stmt->get_result();
|
|
|
|
if(!$posts_result)
|
|
{
|
|
echo '<tr><td>The posts could not be displayed, please try again later.</tr></td></table>';
|
|
}
|
|
else
|
|
{
|
|
while($posts_row = $posts_result->fetch_assoc())
|
|
{
|
|
|
|
$name = htmlentities($posts_row['userName'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
|
|
$date = htmlentities(date_format(date_create($posts_row['postDate']), 'd/m/Y H:i:s'), ENT_QUOTES | ENT_HTML5, 'UTF-8');
|
|
$content = htmlentities(stripslashes($posts_row['postContent']), ENT_QUOTES | ENT_HTML5, 'UTF-8');
|
|
$poster = htmlentities($posts_row['postBy'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
|
|
$post = htmlentities($posts_row['postNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
|
|
|
|
echo '<tr class="topic-post">';
|
|
if($_SESSION['userNo'] != $poster)
|
|
{
|
|
echo '<td class="leftpart">' . $content . '</td>';
|
|
}
|
|
else
|
|
{
|
|
echo '<td class="leftpart">' . $content .
|
|
'<span style="float:right;"><a href="edit_post.php?post=' . $post . '&topic=' . $topic . '">[edit]</a> ' .
|
|
'<a href="delete_post.php?post=' . $post . '&topic=' . $topic . '">[delete]</a></span></td>';
|
|
}
|
|
|
|
echo '<td class="rightpart">' . $name . '<br/>' . $date . '</td>';
|
|
echo '</tr>';
|
|
}
|
|
|
|
}
|
|
if(!$_SESSION['signedIn'])
|
|
{
|
|
echo '<tr><td colspan=2>You must be <a href="signin.php">signed in</a> to reply. You can also <a href="signup.php">sign up</a> for an account.';
|
|
//finish the table
|
|
echo '</table>';
|
|
}
|
|
else
|
|
{
|
|
//finish the table
|
|
echo '</table>';
|
|
//show reply box
|
|
echo ' <br />
|
|
<form method="post" action="reply.php?id=' . htmlentities($row['topicNo'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">
|
|
<label for="replyContent">Reply: </label><br />
|
|
<textarea name="replyContent"></textarea><br /><br />
|
|
<input type="submit" value="Submit reply" />
|
|
</form>';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
include 'footer.php';
|
|
?>
|