Location: PHPKode > projects > MegaBB > newreply.php
<?php
require("dbconnect.php");

$time = time();
$thread = $_POST[thread];
$msg = $_POST[message];
$author = $_COOKIE['cookname'];

$msgminlength = 3;

// XSS Killer

$msg = str_replace("<style","&lt;style",$msg);
$msg = str_replace("</style>>","&gt;/style&gt;",$msg);

$msg = str_replace("<script","&lt;script",$msg);
$msg = str_replace("</script>","&gt;/script&gt;",$msg);

$msg = str_replace("'","&#39;",$msg);

// BBCode!

$msg = str_replace("[b]","<b>",$msg);
$msg = str_replace("[/b]","</b>;",$msg);

$msg = str_replace("[u]","<u>",$msg);
$msg = str_replace("[/u]","</u>",$msg);

$msg = str_replace("[i]","<i>",$msg);
$msg = str_replace("[/i]","</i>",$msg);

if(strlen($msg)>$msgminlength+1){
mysql_query("INSERT INTO replies VALUES(NULL,'$thread','$msg','$author','$time')");
mysql_query("UPDATE threads SET replies = replies + 1 WHERE id = '$thread'");
echo "Reply Posted.<br><a href='msg.php?id=$_POST[thread]'>Return</a>";
}else{
echo "Message must be longer than ".($msgminlength-1)." characters.";
}

?>

<?php
echo "<meta http-equiv='refresh' content='3;url=msg.php?id=$_POST[thread]'>"
?>
Return current item: MegaBB