i'm adding personal messaging system site. have 2 tables: 1 users , 1 messages. have 3 php files, 1 see list of messages, 1 make new 1 , 1 read file.
the databases working well, list not show (0 messages). can see error? guess should in 1 of queries. thanks
first file list_pm.php:
<?php //we check if user logged if(isset($_session['id'])) { //we list messages in table //two queries executes, 1 unread messages , read messages $req1 = mysqli_query($link,'select m1.id, m1.title, m1.timestamp, count(m2.id) reps, users.id userid, users.email pm m1, pm m2,users ((m1.user1="'.$_session['userid'].'" , m1.user1read="no" , users.id=m1.user2 ) or (m1.user2="'.$_session['userid'].'" , m1.user2read="no" , users.id=m1.user1)) , m1.id2="1" , m2.id=m1.id group m1.id order m1.id desc'); $req2 = mysqli_query($link,'select m1.id, m1.title, m1.timestamp, count(m2.id) reps, users.id userid, users.email pm m1, pm m2,users ((m1.user1="'.$_session['userid'].'" , m1.user1read="yes" , users.id=m1.user2) or (m1.user2="'.$_session['userid'].'" , m1.user2read="yes" , users.id=m1.user1)) , m1.id2="1" , m2.id=m1.id group m1.id order m1.id desc'); ?> list of messages:<br /> <a href="new_pm.php" class="link_new_pm">new pm</a><br /> <h3>unread messages(<?php echo intval(mysqli_num_rows($req1)); ?>):</h3> <table> <tr> <th class="title_cell">title</th> <th>nb. replies</th> <th>participant</th> <th>date of creation</th> </tr> <?php //we display list of unread messages while($dn1 = mysqli_fetch_array($req1)) { ?> <tr> <td class="left"><a href="read_pm.php?id=<?php echo $dn1['id']; ?>"><?php echo htmlentities($dn1['title'], ent_quotes, 'utf-8'); ?></a></td> <td><?php echo $dn1['reps']-1; ?></td> <td><a href="profile.php?id=<?php echo $dn1['userid']; ?>"><?php echo htmlentities($dn1['email'], ent_quotes, 'utf-8'); ?></a></td> <td><?php echo date('y/m/d h:i:s' ,$dn1['timestamp']); ?></td> </tr> <?php } //if there no unread message notice if(intval(mysqli_num_rows($req1))==0) { ?> <tr> <td colspan="4" class="center">you have no unread message.</td> </tr> <?php } ?> </table> <br /> <h3>read messages(<?php echo intval(mysqli_num_rows($req2)); ?>):</h3> <table> <tr> <th class="title_cell">title</th> <th>nb. replies</th> <th>participant</th> <th>date or creation</th> </tr> <?php //we display list of read messages while($dn2 = mysqli_fetch_array($req2)) { ?> <tr> <td class="left"><a href="read_pm.php?id=<?php echo $dn2['id']; ?>"><?php echo htmlentities($dn2['title'], ent_quotes, 'utf-8'); ?></a></td> <td><?php echo $dn2['reps']-1; ?></td> <td><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo htmlentities($dn2['email'], ent_quotes, 'utf-8'); ?></a></td> <td><?php echo date('y/m/d h:i:s' ,$dn2['timestamp']); ?></td> </tr> <?php } //if there no read message notice if(intval(mysqli_num_rows($req2))==0) { ?> <tr> <td colspan="4" class="center">you have no read message.</td> </tr> <?php } ?> </table> <?php } else { echo 'you must logged access page.'; } ?>
//second file make new pm : new_pm.php
<?php //we check if user logged if(isset($_session['id'])) { $form = true; $otitle = ''; $orecip = ''; $omessage = ''; //we check if form has been sent if(isset($_post['title'], $_post['recip'], $_post['message'])) { $otitle = $_post['title']; $orecip = $_post['recip']; $omessage = $_post['message']; //we remove slashes depending on configuration if(get_magic_quotes_gpc()) { //$otitle = stripslashes($otitle); //$orecip = stripslashes($orecip); //$omessage = stripslashes($omessage); } //we check if fields filled if($_post['title']!='' , $_post['recip']!='' , $_post['message']!='') { //we protect variables // $title = mysqli_real_escape_string($otitle); //$recip = mysqli_real_escape_string($orecip); // $message = mysqli_real_escape_string(nl2br(htmlentities($omessage, ent_quotes, 'utf-8'))); //we check if recipient exists $dn1 = mysqli_fetch_array(mysqli_query($link,'select count(id) recip, id recipid , (select count(*) pm) npm users email ="'.$orecip.'"')); if($dn1['recip']==1) { //we check if recipient not actual user if($dn1['recipid']!=$_session['id']) { $id = $dn1['npm']+1; //we send message if(mysqli_query($link,'insert pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "1", "'.$otitle.'", "'.$_session['id'].'", "'.$dn1['recipid'].'", "'.$omessage.'", "'.time().'", "yes", "no")')) { ?> <div class="message">the message has been sent.<br /> <a href="list_pm.php">list of personal messages</a></div> <?php $form = false; } else { //otherwise, error occured $error = 'an error occurred while sending message'; } } else { //otherwise, user cannot send message himself $error = 'you cannot send message yourself.'; } } else { //otherwise, recipient not exists $error = 'the recipient not exists.'; } } else { //otherwise, field empty $error = 'a field empty. please fill of fields.'; } } elseif(isset($_get['recip'])) { //we username recipient if available $orecip = $_get['recip']; } if($form) { //we display message if necessary if(isset($error)) { echo '<div class="message">'.$error.'</div>'; } //we display form ?> <div class="content"> <h1>new personal message</h1> <form action="new_pm.php" method="post"> please fill following form send personal message.<br /> <label for="title">title</label><input type="text" value="<?php echo htmlentities($otitle, ent_quotes, 'utf-8'); ?>" id="title" name="title" /><br /> <label for="recip">recipient<span class="small">(useremail)</span></label><input type="text" value="<?php echo htmlentities($orecip, ent_quotes, 'utf-8'); ?>" id="recip" name="recip" /><br /> <label for="message">message</label><textarea cols="40" rows="5" id="message" name="message"><?php echo htmlentities($omessage, ent_quotes, 'utf-8'); ?></textarea><br /> <input type="submit" value="send" /> </form> </div> <?php } } else { echo '<div class="message">you must logged access page.</div>'; } ?>
and last 1 read message read_pm.php:
<?php //we check if user logged if(isset($_session['id'])) { //we check if id of discussion defined if(isset($_get['id'])) { $id = intval($_get['id']); //we title , narators of discussion $req1 = mysqli_query($link,'select title, user1, user2 pm id="'.$id.'" , id2="1"'); $dn1 = mysqli_fetch_array($req1); //we check if discussion exists if(mysqli_num_rows($req1)==1) { //we check if user have right read discussion if($dn1['user1']==$_session['id'] or $dn1['user2']==$_session['id']) { //the discussion placed in read messages if($dn1['user1']==$_session['id']) { mysqli_query($link,'update pm set user1read="yes" id="'.$id.'" , id2="1"'); $user_partic = 2; } else { mysqli_query($link,'update pm set user2read="yes" id="'.$id.'" , id2="1"'); $user_partic = 1; } //we list of messages $req2 = mysqli_query($link,'select pm.timestamp, pm.message, users.id userid, users.username, users.avatar pm, users pm.id="'.$id.'" , users.id=pm.user1 order pm.id2'); //we check if form has been sent if(isset($_post['message']) , $_post['message']!='') { $message = $_post['message']; //we remove slashes depending on configuration if(get_magic_quotes_gpc()) { $message = stripslashes($message); } //we protect variables $message = mysqli_real_escape_string(nl2br(htmlentities($message, ent_quotes, 'utf-8'))); //we send message , change status of discussion unread recipient if(mysqli_query($link,'insert pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysqli_num_rows($req2))+1).'", "", "'.$_session['userid'].'", "", "'.$message.'", "'.time().'", "", "")') , mysqli_query($link,'update pm set user'.$user_partic.'read="yes" id="'.$id.'" , id2="1"')) { ?> <div class="message">your message has been sent.<br /> <a href="read_pm.php?id=<?php echo $id; ?>">go discussion</a></div> <?php } else { ?> <div class="message">an error occurred while sending message.<br /> <a href="read_pm.php?id=<?php echo $id; ?>">go discussion</a></div> <?php } } else { //we display messages ?> <div class="content"> <h1><?php echo $dn1['title']; ?></h1> <table class="messages_table"> <tr> <th class="author">user</th> <th>message</th> </tr> <?php while($dn2 = mysql_fetch_array($req2)) { ?> <tr> <td class="author center"><?php if($dn2['avatar']!='') { echo '<img src="'.htmlentities($dn2['avatar']).'" alt="image perso" style="max-width:100px;max-height:100px;" />'; } ?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['email']; ?></a></td> <td class="left"><div class="date">sent: <?php echo date('m/d/y h:i:s' ,$dn2['timestamp']); ?></div> <?php echo $dn2['message']; ?></td> </tr> <?php } //we display reply form ?> </table><br /> <h2>reply</h2> <div class="center"> <form action="read_pm.php?id=<?php echo $id; ?>" method="post"> <label for="message" class="center">message</label><br /> <textarea cols="40" rows="5" name="message" id="message"></textarea><br /> <input type="submit" value="send" /> </form> </div> </div> <?php } } else { echo '<div class="message">you dont have rights access page.</div>'; } } else { echo '<div class="message">this discussion not exists.</div>'; } } else { echo '<div class="message">the discussion id not defined.</div>'; } } else { echo '<div class="message">you must logged access page.</div>'; } ?>
the table structure:
create table `pm` ( `id` bigint(20) not null, `id2` int(11) not null, `title` varchar(256) not null, `user1` bigint(20) not null, `user2` bigint(20) not null, `message` text not null, `timestamp` int(10) not null, `user1read` varchar(3) not null, `user2read` varchar(3) not null ) engine=myisam default charset=utf8
really appreciate guys
Comments
Post a Comment