Check if thread exists before posting.

inc/config.php

@@ -49,6 +49,7 @@
 	define('ERROR_NOMOVE',	'The server failed to handle your upload.', true);
 	define('ERROR_FILEEXT',	'Unsupported image format.', true);
 	define('ERROR_NOBOARD',	'Invalid board!', true);
+	define('ERROR_NONEXISTANT', 'Thread specified does not exist.', true);
 	define('ERROR_NOPOST',	'You didn\'t make a post.', true);
 	define('ERR_INVALIDIMG','Invalid image.', true);
 	define('ERR_FILESIZE',	'Maximum file size: %maxsz% bytes<br>Your file\'s size: %filesz% bytes', true);

inc/functions.php

@@ -44,13 +44,29 @@
 	
 	function openBoard($uri) {
 		global $sql;
-		$boards_res = mysql_query(sprintf("SELECT * FROM `boards` WHERE `uri` = '%s' LIMIT 1", mysql_real_escape_string($uri)), $sql) or error(mysql_error($sql));
+		$boards_res = mysql_query(sprintf(
+			"SELECT * FROM `boards` WHERE `uri` = '%s' LIMIT 1",
+				mysql_real_escape_string($uri)
+		), $sql) or error(mysql_error($sql));
+		
 		if($_board = mysql_fetch_array($boards_res)) {
 			setupBoard($_board);
 			return true;
 		} else return false;
 	}
 	
+	function threadExists($id) {
+		global $sql;
+		$thread_res = mysql_query(sprintf(
+			"SELECT 1 FROM `posts` WHERE `id` = '%d' AND `thread` IS NULL LIMIT 1",
+				$id
+		), $sql) or error(mysql_error($sql));
+		
+		if(mysql_num_rows($thread_res) > 0) {
+			return true;
+		} else return false;
+	}
+	
 	function post($post, $OP) {
 		global $sql, $board;
 		if($OP) {

post.php

@@ -83,6 +83,8 @@
 		
 		sql_open();
 		if(!openBoard($post['board'])) error(ERROR_NOBOARD);
+		if(!$OP && !threadExists($post['thread']))
+			error(ERROR_NONEXISTANT);
 		
 		$trip = generate_tripcode($post['name']);
 		$post['name'] = $trip[0];