Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Watersys/read_pm.php
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
174 lines (173 sloc)
5.95 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//This page display a personnal message | |
include('config.php'); | |
?> | |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
<html xmlns="http://www.w3.org/1999/xhtml"> | |
<head> | |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | |
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous"> | |
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" integrity="sha384-wfSDF2E50Y2D1uUdj0O3uMBJnjuUD4Ih7YwaYd1iqfktj0Uod8GCExl3Og8ifwB6" crossorigin="anonymous"></script> | |
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" /> | |
<title>Read a PM</title> | |
</head> | |
<body> | |
<div align="center"> | |
<div class="header" style="width: 100%; margin: auto;margin-top: 10px"> | |
<a href="<?php echo $url_home; ?>"><img width="80%" src="<?php echo $design; ?>/images/logo.png" alt="Forum" /></a> | |
</div></div> | |
<?php | |
if(isset($_SESSION['username'])) | |
{ | |
if(isset($_GET['id'])) | |
{ | |
$id = intval($_GET['id']); | |
$req1 = mysqli_query($var,'select title, user1, user2 from pm where id="'.$id.'" and id2="1"'); | |
$dn1 = mysqli_fetch_array($req1); | |
if(mysqli_num_rows($req1)==1) | |
{ | |
if($dn1['user1']==$_SESSION['userid'] or $dn1['user2']==$_SESSION['userid']) | |
{ | |
if($dn1['user1']==$_SESSION['userid']) | |
{ | |
mysqli_query($var,'update pm set user1read="yes" where id="'.$id.'" and id2="1"'); | |
$user_partic = 2; | |
} | |
else | |
{ | |
mysqli_query($var,'update pm set user2read="yes" where id="'.$id.'" and id2="1"'); | |
$user_partic = 1; | |
} | |
$req2 = mysqli_query($var,'select pm.timestamp, pm.message, users.id as userid, users.username, users.avatar from pm, users where pm.id="'.$id.'" and users.id=pm.user1 order by pm.id2'); | |
if(isset($_POST['message']) and $_POST['message']!='') | |
{ | |
$message = $_POST['message']; | |
if(get_magic_quotes_gpc()) | |
{ | |
$message = stripslashes($message); | |
} | |
$message = mysqli_real_escape_string($var,nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8'))); | |
if(mysqli_query($var,'insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysqli_num_rows($req2))+1).'", "", "'.$_SESSION['userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysqli_query($var,'update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"')) | |
{ | |
?> | |
<div class="message">Your reply has successfully been sent.<br /> | |
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the PM</a></div> | |
<?php | |
} | |
else | |
{ | |
?> | |
<div class="message">An error occurred while sending the reply.<br /> | |
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the PM</a></div> | |
<?php | |
} | |
} | |
else | |
{ | |
?> | |
<div class="contentreadpm"> | |
<?php | |
if(isset($_SESSION['username'])) | |
{ | |
$nb_new_pm = mysqli_fetch_array(mysqli_query($var,'select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"')); | |
$nb_new_pm = $nb_new_pm['nb_new_pm']; | |
?> | |
<div class="box"> | |
<div class="box_left"> | |
<a href="<?php echo $url_home; ?>">WCSF Index</a> > <a href="list_pm.php">List of your PMs</a> > Read a PM | |
</div> | |
<div class="box_right"> | |
<a href="list_pm.php">Your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_SESSION['userid']; ?>"><?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?></a> (<a href="login.php">Logout</a>) | |
</div> | |
<div class="clean"></div> | |
</div> | |
<?php | |
} | |
else | |
{ | |
?> | |
<div class="box"> | |
<div class="box_left"> | |
<a href="<?php echo $url_home; ?>">WCSF Index</a> > <a href="list_pm.php">List of your PMs</a> > Read a PM | |
</div> | |
<div class="box_right"> | |
<a href="signup.php">Sign Up</a> - <a href="login.php">Login</a> | |
</div> | |
<div class="clean"></div> | |
</div> | |
<?php | |
} | |
?> | |
<h1><?php echo $dn1['title']; ?></h1> | |
<table class="messages_table"> | |
<tr> | |
<th class="author">User</th> | |
<th>Message</th> | |
</tr> | |
<?php | |
while($dn2 = mysqli_fetch_array($req2)) | |
{ | |
?> | |
<tr> | |
<td class="author center"><?php | |
if($dn2['avatar']!='') | |
{ | |
echo '<img src="'.htmlentities($dn2['avatar']).'" alt="Image Perso" style="max-width:100px;max-height:100px;" />'; | |
} | |
?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['username']; ?></a></td> | |
<td class="left"><div class="date">Date sent: <?php echo date('Y/m/d H:i:s' ,$dn2['timestamp']); ?></div> | |
<?php echo $dn2['message']; ?></td> | |
</tr> | |
<?php | |
} | |
?> | |
</table><br /> | |
<h2>Reply</h2> | |
<div class="center"> | |
<form action="read_pm.php?id=<?php echo $id; ?>" method="post"> | |
<label for="message" class="center">Message</label><br /> | |
<textarea cols="40" rows="5" name="message" id="message"></textarea><br /><br /> | |
<input type="submit" value="Send" /> | |
</form> | |
</div> | |
</div> | |
<?php | |
} | |
} | |
else | |
{ | |
echo '<div class="message">You don\'t have the right to access this page.</div>'; | |
} | |
} | |
else | |
{ | |
echo '<div class="message">This message doesn\'t exist.</div>'; | |
} | |
} | |
else | |
{ | |
echo '<div class="message">The ID of this message is not defined.</div>'; | |
} | |
} | |
else | |
{ | |
?> | |
<div class="message">You must be login to access this page.</div> | |
<div class="box_login"> | |
<form action="login.php" method="post"> | |
<label for="username">Username</label><input type="text" name="username" id="username" /><br /> | |
<label for="password">Password</label><input type="password" name="password" id="password" /><br /> | |
<label for="memorize">Remember</label><input type="checkbox" name="memorize" id="memorize" value="yes" /> | |
<div class="center"> | |
<input type="submit" value="Login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="Sign Up" /> | |
</div> | |
</form> | |
</div> | |
<?php | |
} | |
?> | |
<!-- <div class="foot"> | |
<p><b>Water Control System and Discussion Portal for Farmers</b></p> | |
</div> --> | |
</body> | |
</html> |