Topps
21-04-2007, 02:16 PM
Ok, I have this post.php for my forum add-on but, where would I include the MySQL query for me to use the code $logged[username] in the name field and how would I make it so the default is their username? Here is the post.php file:
<?
include "config.php";
# include config.php
switch ($_GET['act']){
# switch the action of the post page, it'll deal with new trheads and new replys
case "thread";
# if the value of 'act' is 'thread'
$id = addslashes($_GET['id']);
# get the id, and addslashes to it (for security reasons)
if (empty($id) | !is_numeric($id)){
exit ("Invalid ID given.");
}
# if the id is empty or isn't numeric, exit the page
if ($_POST['Submit']){
# if the thread has been submitted
$title = clean($_POST['title']);
$post = clean($_POST['post']);
$author = clean($_POST['name']);
# get all the submitted information, cleaning it with the clean function
if (empty($title) | empty($post) | empty($author)){
exit("You left a field blank. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# if any of the submitted information is empty, exit the page
mysql_query("INSERT INTO `post` ( `id` , `post` ) VALUES ('', '$post')") or die(mysql_error());
# inisert the post to a seperate table
$pid = mysql_fetch_array(mysql_query("SELECT * FROM `post` ORDER BY `id` DESC LIMIT 1")) or die(mysql_error());
$pid = $pid['id'];
# get the post ID to store in the thread table
$time = time();
# set the time for post bumping
$date = date("d/m/Y");
# set the date
$sql = mysql_query("INSERT INTO `thread` ( `id` , `title` , `postid` , `view` , `author` , `time` , `date` , `fid` ) VALUES ('', '$title', '$pid', '0', '$author', '$time', '$date', '$id')") or die(mysql_error());
# store the information in the thread table
if ( !$sql ){
# if the sql failes, exit the page
exit("Error - thread not added. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# if the page isn't exited by now, everything was fine, offer a link back to the forum.
echo "Thread added. <a href='vforum.php?id=".$id."'>Go to forum</a>.";
}
# close 'if for submitted submit'
else {
# else if the form isn't submitted, offer the form
echo '
<form method="post">
Title: <input name="title" type="text"><br>
Your Name: <input name="name" type="text"><br>
Post:<br>
<textarea name="post" cols="25" rows="5"></textarea><br>
<input type="submit" name="Submit" value="Submit">
</form>
';
}
# close else
break;
# end the thread case
case "reply";
# open the reply case
$tid = addslashes($_GET['tid']);
# deal with the ID, instead the variable is tid (topic ID)
if (empty($tid) | !is_numeric($tid)){
exit ("Invalid ID given.");
}
if ($_POST['Submit']){
# if a reply is submitted
$post = clean($_POST['post']);
$author = clean($_POST['name']);
# clean information submitted
if (empty($post) | empty($author)){
exit("You left a field blank. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# again, if any information is empty, exit the page
mysql_query("INSERT INTO `post` ( `id` , `post` ) VALUES ('', '$post')") or die(mysql_error());
# store the new post in a seperate table
$pid = mysql_fetch_array(mysql_query("SELECT * FROM `post` ORDER BY `id` DESC LIMIT 1")) or die(mysql_error());
$pid = $pid['id'];
# get the reply post id
$time = time();
# set a new time
mysql_query("UPDATE `thread` SET time = '$time' WHERE id =$tid");
# update the value of time in the thread table, this bumps the thread
$date = date("d/m/Y");
# set the date of the reply
$sql = mysql_query("INSERT INTO `reply` ( `id` , `postid` , `topicid` , `author` , `date` , `fid` ) VALUES ('', '$pid', '$tid', '$author', '$date', '$fid')") or die(mysql_error());
# store the reply
if ( !$sql ){
# if the query fails
exit("Error - thread not added. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
# exit the page
}
# if the page isn't exited, show a link to the thread
echo "Reply added. <a href='vthread.php?id=".$tid."'>Go to thread</a>.";
}
else {
# if the form isn't submitted
$title = mysql_fetch_array(mysql_query("SELECT * FROM `thread` WHERE id =$tid"));
$title = stripslashes($title['title']);
# get the title of the thread to show on the page
if ($_GET['q']){
# if we get a post id to quote
$value = mysql_fetch_array(mysql_query("SELECT * FROM `post` WHERE id =$q"));
$value = stripslashes($value['post']);
# get the post from the table
$value = str_replace("
","", $value);
$value = str_replace("","", $value);
$value = "
".$value."";
# set the post as value, we'll have this in the textarea already
}
# echo the form
echo '
<form method="post">
Post Reply To: "'.$title.'"<br>
Your Name: <input name="name" type="text"><br>
Post:<br>
<textarea name="post" cols="25" rows="5">'.$value.'</textarea><br>
<input type="submit" name="Submit" value="Submit">
</form>
';
}
break;
# finish the reply case
default;
# default is if there is no action
exit("Not action to follow.");
# exit the page
break;
}
?>
Please help me I would really appreciate it. :)
<?
include "config.php";
# include config.php
switch ($_GET['act']){
# switch the action of the post page, it'll deal with new trheads and new replys
case "thread";
# if the value of 'act' is 'thread'
$id = addslashes($_GET['id']);
# get the id, and addslashes to it (for security reasons)
if (empty($id) | !is_numeric($id)){
exit ("Invalid ID given.");
}
# if the id is empty or isn't numeric, exit the page
if ($_POST['Submit']){
# if the thread has been submitted
$title = clean($_POST['title']);
$post = clean($_POST['post']);
$author = clean($_POST['name']);
# get all the submitted information, cleaning it with the clean function
if (empty($title) | empty($post) | empty($author)){
exit("You left a field blank. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# if any of the submitted information is empty, exit the page
mysql_query("INSERT INTO `post` ( `id` , `post` ) VALUES ('', '$post')") or die(mysql_error());
# inisert the post to a seperate table
$pid = mysql_fetch_array(mysql_query("SELECT * FROM `post` ORDER BY `id` DESC LIMIT 1")) or die(mysql_error());
$pid = $pid['id'];
# get the post ID to store in the thread table
$time = time();
# set the time for post bumping
$date = date("d/m/Y");
# set the date
$sql = mysql_query("INSERT INTO `thread` ( `id` , `title` , `postid` , `view` , `author` , `time` , `date` , `fid` ) VALUES ('', '$title', '$pid', '0', '$author', '$time', '$date', '$id')") or die(mysql_error());
# store the information in the thread table
if ( !$sql ){
# if the sql failes, exit the page
exit("Error - thread not added. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# if the page isn't exited by now, everything was fine, offer a link back to the forum.
echo "Thread added. <a href='vforum.php?id=".$id."'>Go to forum</a>.";
}
# close 'if for submitted submit'
else {
# else if the form isn't submitted, offer the form
echo '
<form method="post">
Title: <input name="title" type="text"><br>
Your Name: <input name="name" type="text"><br>
Post:<br>
<textarea name="post" cols="25" rows="5"></textarea><br>
<input type="submit" name="Submit" value="Submit">
</form>
';
}
# close else
break;
# end the thread case
case "reply";
# open the reply case
$tid = addslashes($_GET['tid']);
# deal with the ID, instead the variable is tid (topic ID)
if (empty($tid) | !is_numeric($tid)){
exit ("Invalid ID given.");
}
if ($_POST['Submit']){
# if a reply is submitted
$post = clean($_POST['post']);
$author = clean($_POST['name']);
# clean information submitted
if (empty($post) | empty($author)){
exit("You left a field blank. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
}
# again, if any information is empty, exit the page
mysql_query("INSERT INTO `post` ( `id` , `post` ) VALUES ('', '$post')") or die(mysql_error());
# store the new post in a seperate table
$pid = mysql_fetch_array(mysql_query("SELECT * FROM `post` ORDER BY `id` DESC LIMIT 1")) or die(mysql_error());
$pid = $pid['id'];
# get the reply post id
$time = time();
# set a new time
mysql_query("UPDATE `thread` SET time = '$time' WHERE id =$tid");
# update the value of time in the thread table, this bumps the thread
$date = date("d/m/Y");
# set the date of the reply
$sql = mysql_query("INSERT INTO `reply` ( `id` , `postid` , `topicid` , `author` , `date` , `fid` ) VALUES ('', '$pid', '$tid', '$author', '$date', '$fid')") or die(mysql_error());
# store the reply
if ( !$sql ){
# if the query fails
exit("Error - thread not added. <a href='".$_SERVER['REQUEST_URI']."'>Back?</a>");
# exit the page
}
# if the page isn't exited, show a link to the thread
echo "Reply added. <a href='vthread.php?id=".$tid."'>Go to thread</a>.";
}
else {
# if the form isn't submitted
$title = mysql_fetch_array(mysql_query("SELECT * FROM `thread` WHERE id =$tid"));
$title = stripslashes($title['title']);
# get the title of the thread to show on the page
if ($_GET['q']){
# if we get a post id to quote
$value = mysql_fetch_array(mysql_query("SELECT * FROM `post` WHERE id =$q"));
$value = stripslashes($value['post']);
# get the post from the table
$value = str_replace("
","", $value);
$value = str_replace("","", $value);
$value = "
".$value."";
# set the post as value, we'll have this in the textarea already
}
# echo the form
echo '
<form method="post">
Post Reply To: "'.$title.'"<br>
Your Name: <input name="name" type="text"><br>
Post:<br>
<textarea name="post" cols="25" rows="5">'.$value.'</textarea><br>
<input type="submit" name="Submit" value="Submit">
</form>
';
}
break;
# finish the reply case
default;
# default is if there is no action
exit("Not action to follow.");
# exit the page
break;
}
?>
Please help me I would really appreciate it. :)