+my $board;
+if(param('b')){
+ my $query = $DBH->prepare(q{SELECT fb.fbid AS id,fb.board, bool_or(fa.post) AS post
+FROM forum_boards fb NATURAL JOIN forum_access fa
+WHERE fb.fbid = $1 AND (gid = -1 OR gid IN (SELECT gid FROM groupmembers
+ WHERE uid = $2))
+GROUP BY fb.fbid,fb.board});
+ $board = $DBH->selectrow_hashref($query,undef,param('b'),$ND::UID) or $ERROR .= p($DBH->errstr);
+}
+
+my $thread;
+my $findThread = $DBH->prepare(q{SELECT ft.ftid AS id,ft.subject, bool_or(fa.post) AS post
+FROM forum_boards fb NATURAL JOIN forum_access fa NATURAL JOIN forum_threads ft
+WHERE ft.ftid = $1 AND (gid = -1 OR gid IN (SELECT gid FROM groupmembers
+ WHERE uid = $2))
+GROUP BY ft.ftid,ft.subject});
+if(param('t')){
+ $thread = $DBH->selectrow_hashref($findThread,undef,param('t'),$ND::UID) or $ERROR .= p($DBH->errstr);
+}
+
+if (defined param('cmd') && param('cmd') eq 'submit'){
+ $DBH->begin_work;
+ if ($board && $board->{post}){
+ my $insert = $DBH->prepare(q{INSERT INTO forum_threads (fbid,subject) VALUES($1,$2)});
+ if ($insert->execute($board->{id},param('subject'))){
+ $thread = $DBH->selectrow_hashref($findThread,undef,
+ $DBH->last_insert_id(undef,undef,undef,undef,"forum_threads_ftid_seq"),$ND::UID)
+ or $ERROR .= p($DBH->errstr);
+ }else{
+ $ERROR .= p($DBH->errstr);
+ }
+ }
+ if ($thread && $thread->{post}){
+ my $insert = $DBH->prepare(q{INSERT INTO forum_posts (ftid,message,uid) VALUES($1,$2,$3)});
+ $insert->execute($thread->{id},escapeHTML(param('message')),$ND::UID) or $ERROR .= p($DBH->errstr);
+ }
+ $DBH->commit or $ERROR .= p($DBH->errstr);
+}