<?php
require_once "../db.php";
session_start();

if (!isset($_SESSION['user_id'])) {
    die("Not logged in");
}

$user_id = $_SESSION['user_id'];
$post_id = intval($_POST['post_id'] ?? 0);
$comment = trim($_POST['comment'] ?? "");

if (!$post_id || !$comment) {
    die("Missing fields");
}

$stmt = $pdo->prepare("
    INSERT INTO comments (post_id, user_id, comment)
    VALUES (?, ?, ?)
");
$stmt->execute([$post_id, $user_id, $comment]);

header("Location: ../post.php?id=" . $post_id);