Location: PHPKode > scripts > WH Board > wh_board/create_topic.php
<?php require('style/layout/header.php'); ?>

    <div class="content_left">
        <ul id="breadcrumbs">
            <li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
            <li><a href="create_topic.php" class="actual"><?php echo $lang['create_topic']; ?></a></li>
        </ul>
    </div>
    <div class="content_right"><form method="post" id="search" action="search.php?search">
        <input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
        <input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
        </form>
    </div>

    <div class="clear"></div>

    <div id="headline">&nbsp;</div>

    <?php

        if(!isset($_SESSION['signed_in'])) {

		echo '<p class="false">' . $lang['only_for_registered'] . '</p>
        <p>' . $lang['you_have_to'] . ' <a href="signin.php">' . $lang['small_signin'] . '</a>. ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{

		echo '<h1>' . $lang['create_a_topic'] . '</h1>';

		if($_SERVER['REQUEST_METHOD'] != 'POST') {

		$sql = "SELECT
					cat_id,
					cat_name,
					cat_description
				FROM
					categories";

		$result = mysql_query($sql) OR die(mysql_error());

		if(!$result) {

		echo '<p class="false">' . $lang['maynot_topic_cat'] . '</p>' . mysql_error();

    		}else{

    		if(intval(mysql_num_rows($result)) == 0) {

    		if($_SESSION['user_level'] == 1) {

    		echo '<p class="false">' . $lang['maynot_topic_cat'] . '</p>';

    			}else{

    			echo '<p class="false">' . $lang['first_create_cats'] . '</p>';
    			}

		}else{

		include_once('functions/flood.php');

        echo '<form method="post" name="create" action="">
        <p><input type="text" class="textfields" size="40" maxlength="40" name="topic_subject"> ' . $lang['title'] . '</p>
        <p><select name="topic_cat" class="textfields">';

		while($row = mysql_fetch_assoc($result)) {

    		echo '<option value="' . (int)$row['cat_id'] . '">' . htmlentities($row['cat_name'], ENT_QUOTES) . '</option>';
    		}

    		echo '</select> ' . $lang['one_category'] . '</p>
    		<textarea cols="45" rows="8" name="post_content" id="post_content" class="textareas"></textarea>
        	<p><small>' . $lang['spam_protection'] . '*</small><br>
            <strong>' . $lang['the_sum_of'] . ' ' . $random1 . ' + ' . $code . ' =</strong> <input size="5" name="zip" id="Spamschutz" type="text" class="protection"><input type="hidden" name="zip2" value=' . $rand_result . '></p>
            <p><input type="submit" name="submit" value="' . $lang['create_topic'] . '" alt="' . $lang['create_topic'] . '" class="buttons"></p>
            <input type="hidden" name="submitted" value="TRUE">
            </form>';
    		}
		}

		}else{

		$query  = "BEGIN WORK;";
		$result = mysql_query($query) OR die(mysql_error());

		if(!$result) {

        echo '<p class="false">' . $lang['error_occured'] . '</p>' . mysql_error();

            }else{

			if(sha1($_POST["zip"]) != $_POST["zip2"]) {

			echo '<p class="false">' . $lang['spam_failed'] . '!</p>
			<p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';

		}else{

		$errors = array();

		if(isset($_POST['topic_subject'])) {
		if(trim($_POST['topic_subject']) == "") {
		$errors[] = $lang['enter_a_title'];
		}

			}else{
			$errors[] = $lang['enter_a_title'];
			}

		if(isset($_POST['post_content'])) {
		if(trim($_POST['post_content']) == "") {
		$errors[] = $lang['enter_a_text'];
		}

			}else{
			$errors[] = $lang['enter_a_text'];
			}

		if(!empty($errors)) {

		echo '<p class="false">' . $lang['not_filled_all'] . '</p>
		<p><a href="javascript:history.back();">' . $lang['back'] . '</a></p>';
		echo '<ul>';

		foreach($errors as $key => $value) {
		echo '<li>&#8226; ' . $value . '</li>'; 
		}
		echo '</ul>';

			}else{

			$sql = "INSERT INTO 
						topics(topic_subject,
						topic_date,
						topic_cat,
						topic_by)
					VALUES ('" . mysql_real_escape_string($_POST['topic_subject']) . "',
						NOW(),
						'" . mysql_real_escape_string($_POST['topic_cat']) . "',
						'" . (int)$_SESSION['user_id'] . "'
						)";

			$result = mysql_query($sql) OR die(mysql_error());

		if(!$result) {

		echo '<p class="false">' . $lang['error_occured'] . '</p>';

        $sql = "ROLLBACK;";
		$result = mysql_query($sql) OR die(mysql_error());

			}else{

			if(sha1($_POST["zip"]) != $_POST["zip2"]) {

			echo '<p class="false">' . $lang['spam_failed'] . '!</p>
			<p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';

		}else{

		$topicid = mysql_insert_id();

		$sql = "INSERT INTO
					posts(post_content,
					post_date,
					post_topic,
					post_by)
				VALUES ('" . mysql_real_escape_string($_POST['post_content']) . "',
					NOW(),
					'" . $topicid . "',
					'" . (int)$_SESSION['user_id'] . "'
					)";

		$result = mysql_query($sql) OR die(mysql_error());

		if(!$result) {

		echo '<p class="false">' . $lang['topic_creation_failed'] . '</p>';

		$sql = "ROLLBACK;";
		$result = mysql_query($sql) OR die(mysql_error());

			}else{

			$sql = "COMMIT;";
			$result = mysql_query($sql) OR die(mysql_error());

			$autoforward = 3;

			echo '<p class="success">' . $lang['topic_creation_success'] . '!</p>
			<p><meta http-equiv="refresh" content="' . $autoforward . '; URL=topic.php?id='. $topicid . '"></p>';
			}
        }

        }}}}}}

	?>

<?php require('style/layout/footer.php'); ?>
Return current item: WH Board