Location: PHPKode > projects > MegaBB > newthread.php
<?php
require("dbconnect.php");

$time = time();
$title = $_POST[title];
$msg = $_POST[message];
$author = $_COOKIE['cookname'];

$msgminlength = 3;

// XSS Killer

$msg = str_replace("<style","&lt;style",$msg);
$msg = str_replace("</style>>","&gt;/style&gt;",$msg);

$msg = str_replace("<script","&lt;script",$msg);
$msg = str_replace("</script>","&lt;/script&gt;",$msg);

$msg = str_replace("'","&#39;",$msg);

$title = str_replace("<","&lt;",$title);
$title = str_replace(">","&gt;",$title);
$title = str_replace("'","&#39;",$title);

// BBCode!

$msg = str_replace("[b]","<b>",$msg);
$msg = str_replace("[/b]","</b>;",$msg);

$msg = str_replace("[u]","<u>",$msg);
$msg = str_replace("[/u]","</u>",$msg);

$msg = str_replace("[i]","<i>",$msg);
$msg = str_replace("[/i]","</i>",$msg);

if(isset($_COOKIE['cookname'])){
if(strlen($msg)>$msgminlength){
mysql_query("INSERT INTO threads VALUES(NULL,'$title','$msg','$author','0','$time')");
echo "Thread Posted.<br><a href='index.php'>Return</a>";
}
else{
echo "Message must be longer than ".$msgminlength." characters.";
}
}else{
echo "You must login to send threads!";
}
?>
<?php
echo "<meta http-equiv='refresh' content='3;url=index.php'>"
?>
Return current item: MegaBB