diff --git a/board.php b/board.php index f03bdec..d81a69d 100644 --- a/board.php +++ b/board.php @@ -14,8 +14,6 @@ $config = require 'config.php'; $boardId = $_GET['board'] ?? 'b'; $threadId = isset($_GET['thread']) ? urldecode($_GET['thread']) : null; - - try { $db = new PDO( "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", @@ -130,7 +128,7 @@ if ($threadId) { $posts = $stmt->fetchAll(PDO::FETCH_ASSOC); if (empty($posts)) { - header('Location: board.php?board=' . urlencode($boardId)); + header('Location: board.php?board=' . $boardId); exit; } } catch (PDOException $e) { diff --git a/newthread.php b/newthread.php index c08fa2f..11b47b8 100644 --- a/newthread.php +++ b/newthread.php @@ -96,13 +96,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { '); $stmt->execute([$threadId, $boardId, $title, $description, $fileName, $fileSize, $fileType, $ip, $anonymousId]); - $stmt = $db->prepare(' - INSERT INTO posts (post_id, thread_id, board_id, message, file_name, file_size, file_type, ip_address, anonymous_id) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?) - '); - $stmt->execute([$postId, $threadId, $boardId, $message, $fileName, $fileSize, $fileType, $ip, $anonymousId]); + if ($message) { + $stmt = $db->prepare(' + INSERT INTO posts (post_id, thread_id, board_id, message, ip_address, anonymous_id) + VALUES (?, ?, ?, ?, ?, ?) + '); + $stmt->execute([$postId, $threadId, $boardId, $message, $ip, $anonymousId]); + } - header('Location: board.php?board=' . urlencode($boardId) . '&thread=' . urlencode($threadId)); + header('Location: board.php?board=' . $boardId . '&thread=' . $threadId); exit; } } else {