setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
die('Connection failed');
}
require_once 'RateLimiter.php';
require_once 'AnonymousID.php';
require_once 'MarkdownParser.php';
$rateLimiter = new RateLimiter($db);
$rateLimiter->cleanup();
$ip = $_SERVER['REMOTE_ADDR'];
$anonymousID = new AnonymousID($db, $ip, $boardId);
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!$rateLimiter->isAllowed($ip)) {
$error = 'Слишком много запросов';
} else {
$message = trim($_POST['message'] ?? '');
$file = $_FILES['file'] ?? null;
$title = trim($_POST['title'] ?? '');
$description = trim($_POST['description'] ?? '');
if ($message || $title || ($file && $file['error'] === UPLOAD_ERR_OK)) {
$postId = sprintf('%06d', mt_rand(1, 999999));
$fileName = null;
$fileSize = null;
$fileType = null;
if ($file && $file['error'] === UPLOAD_ERR_OK) {
$fileExt = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
if (!in_array($fileExt, $config['allowed_types'])) {
$error = 'Неподдерживаемый тип файла';
} elseif ($file['size'] > $config['max_file_size']) {
$error = 'Файл слишком большой';
} else {
$uploadDir = $config['upload_path'];
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
$fileName = $postId . '.' . $fileExt;
$filePath = $uploadDir . $fileName;
if (move_uploaded_file($file['tmp_name'], $filePath)) {
$fileSize = $file['size'];
$fileType = $fileExt;
} else {
$error = 'Ошибка загрузки файла';
}
}
}
if (empty($error)) {
if ($threadId) {
$anonymousId = $anonymousID->getOrCreateID();
$stmt = $db->prepare('
INSERT INTO posts (post_id, thread_id, board_id, message, file_name, file_size, file_type, ip_address, anonymous_id)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
');
$stmt->execute([$postId, $threadId, $boardId, $message, $fileName, $fileSize, $fileType, $ip, $anonymousId]);
} else {
header('Location: newthread.php?board=' . $boardId);
exit;
}
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
} else {
$error = 'Введите сообщение или загрузите файл';
}
}
}
try {
$db->exec('SET NAMES utf8');
$stmt = $db->prepare('SELECT * FROM boards WHERE board_id = ?');
$stmt->execute([$boardId]);
$board = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$board) {
header('Location: index.php');
exit;
}
} catch (PDOException $e) {
die('Database error');
}
if ($threadId) {
try {
$stmt = $db->prepare('
SELECT p.*, t.title as thread_title
FROM posts p
JOIN threads t ON p.thread_id = t.thread_id
WHERE p.thread_id = ? AND p.board_id = ?
ORDER BY p.created_at ASC
');
$stmt->execute([$threadId, $boardId]);
$posts = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (empty($posts)) {
header('Location: board.php?board=' . $boardId);
exit;
}
} catch (PDOException $e) {
die('Database error');
}
} else {
try {
$stmt = $db->prepare('
SELECT t.*,
COUNT(p.id) as post_count,
MAX(p.created_at) as last_post_time
FROM threads t
LEFT JOIN posts p ON t.thread_id = p.thread_id
WHERE t.board_id = ?
GROUP BY t.id
ORDER BY t.updated_at DESC
LIMIT 20
');
$stmt->execute([$boardId]);
$threads = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
die('Database error');
}
}
function formatMessage($message) {
return MarkdownParser::parse($message);
}
?>
mkach - /<?= htmlspecialchars($boardId) ?>/
 ?>)
( KB)