php/send_thread.php - edu/fisi-pastanagapp - Gitiles

 <?php
   require '../credentials.php';
   require 'utils.php';
 	require_once("security.php");

 	// Yup, this is a f*ature, not a b*g. Please be responsible when exploit*ng this :) Have fun with it, but please don't cross the line!
   $victimid = (int)$_POST["victim-id"];
   $killerid = (int)$_POST["killer-id"];
   $msgcontent = mysqli_real_escape_string($conn, $_POST["msg-content"]);

   $template = "INSERT INTO `missatges` (`id`, `sender_id`, `receiver_id`, `timestamp`, `content`) VALUES (NULL, $killerid, $victimid, CURRENT_TIMESTAMP, '$msgcontent')";
   if (!query($template)) die("An error ocurred." . $template);

   header("Location: /main.php");
 ?>
	<?php
	require '../credentials.php';
	require 'utils.php';
	require_once("security.php");

	// Yup, this is a fature, not a bg. Please be responsible when exploit*ng this :) Have fun with it, but please don't cross the line!
	$victimid = (int)$_POST["victim-id"];
	$killerid = (int)$_POST["killer-id"];
	$msgcontent = mysqli_real_escape_string($conn, $_POST["msg-content"]);

	$template = "INSERT INTO `missatges` (`id`, `sender_id`, `receiver_id`, `timestamp`, `content`) VALUES (NULL, $killerid, $victimid, CURRENT_TIMESTAMP, '$msgcontent')";
	if (!query($template)) die("An error ocurred." . $template);

	header("Location: /main.php");
	?>