我为论坛创建了一个简单的主题帖子页面。它有一个下拉菜单来选择主题所属的类别。我为子类别添加了第二个下拉菜单。页面加载时没有错误,但是当我尝试创建主题“体育”(类别)=>“足球”(子类别)时,它给了我错误“您尝试创建主题的论坛不存在!”
这是我的代码。
<?php
$id = mss($_GET['id']);
if ($id) {
$sql = "SELECT * FROM `forum_sub_cats` WHERE `id`='" . $id . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "The forum you are trying to create a topic on, does not exist!\n";
} else {
$row1 = mysql_fetch_assoc($res);
if ($row1['admin'] == 1 && $admin_user_level == 0) {
echo "You are not an administrator, therefore you cannot post on this forum!\n";
} else {
if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n";
$sql = "SELECT id, name FROM forum_cats";
$result = mysql_query($sql);
echo "<select name=\"cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
$sql = "SELECT cid, name FROM forum_sub_cats";
$result = mysql_query($sql);
echo "<select name=\"sub_cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['cid'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
echo "<tr><td><textarea name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n";
echo "<tr><td align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
echo "</form></table>\n";
} else {
$cat = mss($_POST['cat']);
$msg = mss($_POST['message']);
if ($cat && $msg) {
$sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "This forum sub category does not exist!\n";
} else {
$row = mysql_fetch_assoc($res);
if ($row['admin'] == 1 && $admin_user_level != 1) {
echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
} else {
if (strlen($msg) < 3 || strlen($msg) > 10000) {
echo "The message must be between 3 and 10,000 characters!\n";
} else {
$date = date("m-d-y") . " at " . date("h:i:s");
$time = time();
$sql2 = "INSERT INTO `forum_topics` (`cid`,`uid`,`date`,`time`,`message`) VALUES('" .
$cat . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time .
"','" . $msg . "')";
$res2 = mysql_query($sql2) or die(mysql_error());
$tid = mysql_insert_id();
topic_go($tid);
}
}
}
} else {
echo "Please supply all the fields!\n";
}
}
}
}
} else {
if (!$_POST['submit']) {
echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
echo "<form method=\"post\" action=\"./index.php?act=create&id=".$id."\">\n";
$sql = "SELECT id, name FROM forum_cats";
$result = mysql_query($sql);
echo "<select name=\"cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['id'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
$sql = "SELECT id, name FROM forum_sub_cats";
$result = mysql_query($sql);
echo "<select name=\"sub_cat\">\n";
while($row = mysql_fetch_assoc($result))
{
echo '<option value="' . $row['cid'] . '">' . $row['name'] . '</option>';
}
echo "</select></td></tr>\n";
echo "<tr><td><textarea name=\"message\" style=\"width:300px;height:100px;\"></textarea></td></tr>\n";
echo "<tr><td align=\"right\"><input type=\"submit\" name=\"submit\" value=\"Create Topic\"></td></tr>\n";
echo "</form></table>\n";
} else {
$cat = mss($_POST['cat']);
$msg = mss($_POST['message']);
if ($cat && $msg) {
$sql = "SELECT admin FROM `forum_sub_cats` WHERE `id`='" . $cat . "'";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) == 0) {
echo "This forum sub category does not exist!\n";
} else {
$row = mysql_fetch_assoc($res);
if ($row['admin'] == 1 && $admin_user_level != 1) {
echo "You are not an admin therefore you cannot post a new topic on this forum!\n";
} else {
if (strlen($msg) < 3 || strlen($msg) > 10000) {
echo "The message must be between 3 and 10,000 characters!\n";
} else {
$date = date("m-d-y") . " at " . date("h:i:s");
$time = time();
$sql2 = "INSERT INTO `forum_topics` (`cid`,`uid`,`date`,`time`,`message`) VALUES('" .
$cat . "','" . $_SESSION['uid'] . "','" . $date . "','" . $time .
"','" . $msg . "')";
$res2 = mysql_query($sql2) or die(mysql_error());
$tid = mysql_insert_id();
header("Location: index.php?act=topic&id=" . $tid . "");
}
}
}
} else {
echo "Please supply all the fields!\n";
}
}
}
?>