#!/usr/bin/perl -Tw
############################################################
## Written and copyright 2002 by 
## Jacqueline D. Hamilton (kira@cgi101.com)
##
## This code is excerpted from "CGI Programming 201"
## (http://www.cgi101.com/advanced)
##
## You may use this code on your own website, however
## you may not publish or sell any copy or derivative work
## without permission of the author.
#############################################################
use strict;
use lib '.';
use MyBoard;

# declare variables
my($forum_id, $sth, $rv, $f, $count);

# here we untaint the query string
if ($cgi->param('forum') =~ /^(\d+)$/) {
   $forum_id = $1;
} else {
   &dienice($cgi->param('forum') . " isn't a valid forum number.");
}

my($limit);
#untaint the limit count
if ($cgi->param('start') =~ /^(\d+)$/) {
  $limit = $1;
} else {
  $limit = 0;
}

# how many msgs to display per page
my($maxcount) = 25;

# get the name & info on this forum from the forums table	
$sth = $dbh->prepare("select * from forums where id=$forum_id") or &dbdie;
$rv = $sth->execute;
$f = $sth->fetchrow_hashref;
&do_header("$f->{name} Forum");
print qq(<h2>$f->{name} Forum</h2>\n);
print $f->{desc};
&do_nav;

# fetch the individual messages in the forum, and display the info.
$count = 0;
$sth = $dbh->prepare("select *,date_format(date, '%c/%e/%Y') as nicedate from messages where forum=$forum_id and thread_id=0 order by date desc limit $limit, $maxcount") or &dbdie;
$rv = $sth->execute;
while ($f = $sth->fetchrow_hashref) {
   my($asth) = $dbh->prepare("select count(*), date_format(max(date), '%c/%e/%Y') as nicedate from messages where thread_id=$f->{id}");
   $rv = $asth->execute;
   my($r,$m) = $asth->fetchrow_array;
   my($responses);
   if ($r == 1) {
       $responses = "- 1 response on $m";
   } elsif ($r > 1) {
       $responses = "- $r responses, last on $m";
   } else {
       $responses = "posted on $f->{nicedate}";
   }
   print qq(<b><a href="message.cgi?$f->{id}">$f->{subject}</a></b> ($f->{author}) $responses<br>\n);
   $count = $count + 1;
}

if ($count == 0) {
   print qq(No messages.<p>\n);
} else {
   my($prev);
   if ($limit > 0) {
       $prev = $limit - $maxcount;
       if ($prev < 0) {
         $prev = 0;
       }
       print qq(<p><a href="forum.cgi?forum=$forum_id&start=$prev">&lt; Previous $maxcount</a></p>\n);
    }
    if ($count == $maxcount) {
      my($next);
      $next = $limit + $maxcount;
      print qq(<p><a href="forum.cgi?forum=$forum_id&start=$next">Next $maxcount &gt;</a></p>\n);
    }

}
&do_nav;
&do_footer;

sub do_nav {
   print qq(<hr><center>\n);
   print qq(<p><a href="newmsg.cgi?$forum_id">Compose New Message</a> | );
   print qq(<a href="search.cgi?$forum_id">Search This Forum</a></p>);
   print qq(</center><hr>\n);
}