#!/usr/bin/perl -Tw
############################################################
## Written and copyright 2002 by
## Jacqueline D. Hamilton (kira@cgi101.com)
##
## This code is excerpted from "CGI Programming 201"
## (http://www.cgi101.com/advanced)
##
## You may use this code on your own website, however
## you may not publish or sell any copy or derivative work
## without permission of the author.
#############################################################
use strict;
use lib '.';
use MyBoard;
my ($msgid, $sth, $rv, $count, $msg, $resp);
# untaint the query string
if ($ENV{QUERY_STRING} =~ /^(\d+)$/) {
$msgid = $1;
} else {
&dienice("$ENV{QUERY_STRING} isn't a valid message number.");
}
$sth = $dbh->prepare("select messages.*, date_format(date,'%c/%e/%Y %r') as
nicedate, forums.name from messages, forums where messages.forum = forums.id and (messages.id=? or thread_id=?) order by thread_id, date") or &dbdie;
$rv = $sth->execute($msgid, $msgid);
if ($rv < 1) {
&dienice("Message $msgid does not exist.");
}
$msg = $sth->fetchrow_hashref;
&do_header("Message #$msgid: $msg->{subject}");
print qq($msg->{name} Topic:
$msg->{subject}
\n);
&showpost($msg);
print qq(
\n);
if ($msg->{thread_id} == 0) {
$resp = 0;
while ($msg = $sth->fetchrow_hashref) {
if ($resp == 0) {
print "Responses:
\n";
$resp = 1;
}
&showpost($msg);
}
} else {
print qq(This is a followup to another thread. Click here to view the entire
thread.
\n);
}
print "
\n";
&do_footer;
sub showpost {
my($hdr);
my($msg) = @_;
# change all carriage returns to the HTML-ized "break" tag
$msg->{message} =~ s/\n/
\n/g;
print <
Article #$msg->{id}
Subject: $msg->{subject}
Author: $msg->{author}
Posted: $msg->{nicedate}
$msg->{message}
Reply to this post
EndHTML
}