diff --git a/src/index.js b/src/index.js
index 19a2c5d..e26cf2d 100644
--- a/src/index.js
+++ b/src/index.js
@@ -20,6 +20,10 @@ const db = new Client({
     port: 5432
 });
 
+const errorHandler = (err) => {
+    if (err) console.log(err);
+}
+
 db.connect((error) => {
     if (error) console.log(error);
     else console.log("Database connected");
@@ -33,9 +37,7 @@ const init = async () => {
     
     console.log("No tables found, assuming first run, creating database scheme");
 
-    db.query(initSQL, (err, res) => {
-        if (err) console.log(err);
-    });
+    db.query(initSQL, errorHandler);
 
     let adminPassword = Math.random().toString(36).slice(-8);
     let passwordHash = await bcrypt.hash(adminPassword, 8);
@@ -76,9 +78,14 @@ app.post('/api/post', async (req, res) => {
 });
 
 app.post('/api/createThread', async (req, res) => {
-    let login, token
-    const { boardId, threadName, isLocked, isPinned, content, options} = req.body;
+    let login, token, isLocked, isPinned
+    const { boardId, threadTitle, content, options} = req.body;
 
+    isLocked = isLocked? isLocked : false;
+    isPinned = isPinned? isPinned : false;
+
+    console.log(`Board id: ${boardId}\nThread name: ${threadTitle}\nIs locked: ${isLocked}\nIs pinned: ${isPinned}\nContent: ${content}\nOptions: ${options}`);
+    
     try {
         let currentSession = req.session;
         token = currentSession.token;
@@ -87,9 +94,21 @@ app.post('/api/createThread', async (req, res) => {
         console.log(err);
     }
 
-    if (token != tokens[login]) return res.status(403).send("Невалидный токен");
-    // if ()
 
+    if (login && token && token != tokens[login]) return res.status(403).send("Невалидный токен");
+    let isAdmin = token? true : false;
+
+    const boardOptions = (await db.query('SELECT * FROM boards WHERE board_id = $1', [boardId])).rows[0].options
+    let postId = (await db.query('SELECT nextval(pg_get_serial_sequence(\'posts\', \'post_id\'))')).rows[0].nextval;
+
+    let validateResults = validateThread(threadTitle, isLocked, 
+                         isPinned, content, options, 
+                         boardOptions, isAdmin);
+    if (validateResults != "ok") return res.status(400).send(validateResults);
+
+    await db.query('INSERT INTO posts (post_id, content, is_root, timestamp, user_ip) VALUES($1, $2, $3, NOW(), $4)', [postId, content, true, req.socket.remoteAddress]);
+    await db.query('INSERT INTO threads (thread_name, posts_ids, is_locked, is_pinned, options) VALUES ($1, $2, $3, $4, $5)', [threadTitle, [postId], isLocked, isPinned, options]);
+    res.redirect(`/${boardId}/${postId}`);    
 });
 
 app.get('/api/getBoards', async (req, res) => {
@@ -152,4 +171,12 @@ app.post('/api/createBoard', async (req, res) => {
 
 app.listen(process.env.APP_PORT, () => {
     console.log("App started");
-});
\ No newline at end of file
+});
+
+const validateThread = (threadName, isLocked, isPinned, content, options, boardOptions, isAdmin) => {
+    if ((isPinned || isLocked) && !isAdmin) return "Нет прав на выставление админских флагов";
+    if (!content) return "Нельзя создать тред без текста";
+
+    //TODO: check if image is required
+    return 'ok'
+}
\ No newline at end of file