<?php
/**
 * ProjectPress forum reply
 *
 * @package ProjectPress
 * @since 2.0
 */

// Starts the session.
session_start();

define('access',true);

include(dirname(dirname(__FILE__)) . '/config.inc.php');
include(PM_DIR . 'pm-includes/global.inc.php');

// Checks if user is logged in; if not redirect to login page.
if($current_user->hasPermission('access_site') != true) { pm_redirect(PM_URI . '/index.php'); }

// Enable for error checking and troubleshooting.
# display_errors();

// Get value of id that sent from hidden field 
$id = pmdb::connect()->escape($_POST['id']);

// Find highest answer number. 
$sql = "SELECT MAX(a_id) AS Maxa_id FROM ". DB ."forum_answer WHERE question_id='$id'";
$result = pmdb::connect()->query($sql);
$rows = $result->fetch_object();

// add + 1 to highest answer number and keep it in variable name "$Max_id". if there no answer yet set it = 1 
if ($rows) {
$Max_id = $rows->Maxa_id+1;
} else {
$Max_id = 1;
}

// get values that sent from form 
$username=$_SESSION['username'];
$a_answer=$_POST['a_answer']; 
$datetime=date("m/d/y H:i:s"); // create date and time 

// Insert answer
if ($a_answer == "") { // Checks for blanks.
		exit("There was a field missing, please correct the form.");
	} else { 
$sql2 = "INSERT INTO ". DB ."forum_answer(question_id, a_user, a_answer, a_datetime)VALUES('$id', '$username', '$a_answer', '$datetime')";
$result2 = pmdb::connect()->query($sql2);
}

if($result2){
header('Location: view_topic.php?id='.$id.'');

// If added new answer, add value +1 in reply column 
if ($a_answer == "") { // Checks for blanks.
		exit("There was a field missing, please correct the form.");
	} else {
$sql3 = "UPDATE ". DB ."forum_question SET reply='$Max_id' WHERE id='$id'";
$result3 = pmdb::connect()->query($sql3);
	}
} else {
echo "ERROR";
}