[Resolved] PMS &amp; MySQL

[Resolved] PMS & MySQL

sys4dm1n

Okay, here is the problem:

When i go to send a private message, it works fine, but upon trying to recieve it, i dont get it. Any help?

Here is all the code plus my sql.

pm.php

<?php
session_start();
//Include the needed files to check login etc
include('login_check.php');

include('config.php');

//What page do we display?
if( !isset($_POST['action']) )
{
	//User has not chosen an action
	if( !isset($_GET['view']) )
	{
		//User wants to look at his inbox.
		$status = "0";
		//First lets print out some HTML to make the page look cool and sexy
		?>
		<html>
		<head>
		<title>Private Messages</title>
		Listed below are all your private messages.
		<br><br>
		<b>The staff will never contact you via Private Message regarding passwords.</b>.
		<br><br>
		<center>
		<a href="new.php"><b>Create message</b></a>
		&nbsp;|&nbsp;
		<a href="pm.php"><b>Inbox</b></a>
		&nbsp;|&nbsp;
		<a href="pm.php?view=savebox"><b>Save box</b></a></center>
		<br><br>
		<center>
		<form action="<?php $_SERVER['PHP_SELF'];?>" method="post">
		<table border="1" cellspacing="0" cellpadding="2" width="100%" class="general">
			<tr>
				<td width="15" class="headercell">&nbsp;</td>
				<td width="100" align="center" class="headercell"><b>From</b></td>
				<td align="center" class="headercell"><b>Subject</b></td>
				<td width="150" align="center" class="headercell"><b>Date sent</b></td>
			</tr>
			<?php
			//Here where displaying all the private messages that a user has. First we do a simple query to mysql...
			$result = mysql_query("SELECT * FROM users WHERE username='{$_SESSION['valid_user']}' AND status='0' ORDER BY sortdate DESC,opened ASC");
			$number = "0";

		//then check that there are some private messages for this user
		if ( mysql_num_rows($result) > 0 )
		{  
			//If there is some PMS, lets print out the details into table rows like thus
			while ($dbdata = mysql_fetch_assoc($result)) {
				//if the private message has not been read, lets highlight the table row to show this
				if( $dbdata['opened'] == "0" )
				{
					?>
					<tr>
						<td width="15" class="headercell"><input type="checkbox" name="<?php echo "del['".$number."']";?>" value="<?php echo $dbdata['mid'];?>"></td>
						<td width="100" class="headercell"><b><?php echo $dbdata['userfrom'];?></b></td>
						<td class="headercell"><b><a href="read.php?mid=<?php echo $dbdata['mid'];?>"><?php echo $dbdata['subject'];?></a></b></td>
						<td width="150" class="headercell"><b><?php echo $dbdata['date'];?></b></td>
					</tr>
					<?php
				}
				else
				//if the private message has been read, lets show it normally without highlights 
				{
					?>
					<tr>
						<td width="15"><input type="checkbox" name="<?php echo "del['".$number."']";?>" value="<?php echo $dbdata['mid'];?>"></td>
						<td width="100"><?php echo $dbdata['userfrom'];?></td>
						<td><a href="read.php?mid=<?php echo $dbdata['mid'];?>"><?php echo $dbdata['subject'];?></a></td>
						<td width="150"><?php echo $dbdata['date'];?></td>
					</tr>
					<?php
				}

				$number++;
			} 
			mysql_free_result($result); 
		}
		else
		{
		echo "<tr><td colspan=\"4\" align=\"center\"><b>You have no new private messages</b></td></tr>";
		}
		?>
		<tr>
			<td class="headercell" colspan="4"><img src="images/node.gif">With selected <select name="action"><option value="save">Save</option><option value="delete">Delete</option></select>&nbsp;<input type="submit" value="Go"></td>
		</tr>					
	</table>
	</form>
	</center>
	<?php
//foot
	}
	else if( $_GET['view'] == "savebox" )
	//OK now the user wants to look at his saved items. This works in the same way as the inbox, but the sql query returns all messages that are flagged as save
	{

	?>
	<html>
	<head>
	<title>Private Messages</title>
	<?php //nav include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.php');?>
	All of your saved messages are shown below.
	<br><br>
	<b>BFCC Staff will _NEVER_ request your password via private messages</b>.
	<br><br>
	<center>
	<a href="new.php"><b>Create message</b></a>
	&nbsp;|&nbsp;
	<a href="pm.php"><b>Inbox</b></a>
	&nbsp;|&nbsp;
	<a href="pm.php?view=savebox"><b>Save box</b></a></center>
	<br><br>
	<form action="<?php $_SERVER['PHP_SELF'];?>" method="post">
	<table border="1" cellspacing="0" cellpadding="2" width="100%" class="general">
		<tr>
			<td width="15" class="headercell">&nbsp;</td>
			<td width="100" align="center" class="headercell"><b>From</b></td>
			<td align="center" class="headercell"><b>Subject</b></td>
			<td width="150" align="center" class="headercell"><b>Date sent</b></td>
		</tr>
		<?php
		$result = mysql_query("SELECT * FROM users WHERE username='{$_SESSION['valid_user']}' AND status='1' ORDER BY sortdate DESC,opened ASC");
		$number = "0";

		if ( mysql_num_rows($result) > 0 )
		{  
			while ($dbdata = mysql_fetch_assoc($result)) {
				if( $dbdata['opened'] == "0" )
				{
					?>
					<tr>
						<td width="15" class="headercell"><input type="checkbox" name="<?php echo "del['".$number."']";?>" value="<?php echo $dbdata['mid'];?>"></td>
						<td width="100" class="headercell"><b><?php echo $dbdata['userfrom'];?></b></td>
						<td class="headercell"><b><a href="read.php?mid=<?php echo $dbdata['mid'];?>"><?php echo $dbdata['subject'];?></a></b></td>
						<td width="150" class="headercell"><b><?php echo $dbdata['date'];?></b></td>
					</tr>
					<?php
				}
				else
				{
					?>
					<tr>
						<td width="15"><input type="checkbox" name="<?php echo "del['".$number."']";?>" value="<?php echo $dbdata['mid'];?>"></td>
						<td width="100"><?php echo $dbdata['userfrom'];?></td>
						<td><a href="read.php?mid=<?php echo $dbdata['mid'];?>"><?php echo $dbdata['subject'];?></a></td>
						<td width="150"><?php echo $dbdata['date'];?></td>
					</tr>
					<?php
				}

				$number++;
			} 
			mysql_free_result($result); 
		}
		else
		{
		echo "<tr><td colspan=\"4\" align=\"center\"><b>You have no saved messages.</b></td></tr>";
		}
		?>
		<tr>
			<td class="headercell" colspan="4"><img src="images/node.gif">With selected: <select name="action"><option value="save">Save</option><option value="delete">Delete</option></select>&nbsp;<input type="submit" value="Go"></td>
		</tr>					
	</table>
	</form>
	</center>
	<?php
//foot
	}
}
else if( $_POST['action'] == "save" )
//So the user wants to save checked messages, lets load the checked messages into a array
{
	if ( is_array($_POST['del']) ) 
	{ 
		//now, while the array contains a message, update the mysql DB by setting status as 1, for saved
		foreach ( $_POST['del'] as $d ) 
		{ 
			if ($d)
			{
				mysql_query("UPDATE users SET status='1' WHERE mid='$d'");

		} 
	}
	?>
	<html>
	<head>
	<title>Private Messages</title>
	<?php //nav include($_SERVER['DOCUMENT_ROOT'].'/nav.php');?>
	<center>
	<a href="new.php"><b>Create message</b></a>
	&nbsp;|&nbsp;
	<a href="pm.php"><b>Inbox</b></a>
	&nbsp;|&nbsp;
	<a href="pm.php?view=savebox"><b>Save box</b></a>
	<br><br>
	Your message(s) have successfully been moved to your save box.
	</center>
	<?php //foot include($_SERVER['DOCUMENT_ROOT'].'/footer.php');
}
}
else if( $_POST['action'] == "delete" )
//Here we delete messages, works in same way as saving items, just deletes them instead
{
	if ( is_array($_POST['del']) ) 
	{ 
		foreach ( $_POST['del'] as $d ) 
		{ 
			if ($d)
			{
				mysql_query("DELETE FROM users WHERE mid='$d'");
			} 
		}
		?>
		<html>
		<head>
		<title>Private Messages</title>
		<?php //nav include($_SERVER['DOCUMENT_ROOT'].'/nav.php');?>
		<center>
		<a href="new.php"><b>Create message</b></a>
		&nbsp;|&nbsp;
		<a href="pm.php"><b>Inbox</b></a>
		&nbsp;|&nbsp;
		<a href="pm.php?view=savebox"><b>Save box</b></a>
		<br><br>
		Your message(s) have successfully been deleted.
		</center>
		<?php //foot include($_SERVER['DOCUMENT_ROOT'].'/footer.php');
	}
}
?>

continued on next post

sys4dm1n

new.php

<?php
session_start();
//Include all my database and login functions
include('login_check.php');

include('config.php');

//toolbar include($_SERVER['DOCUMENT_ROOT'].'/includes/toolbar.php');


if( !isset($_POST['submit']) )
{
	//Show the PM form.
	?>
	<html>
	<head>
	<title>New message</title>
	<script src="addtext.js" language="JavaScript"></script>
	<?php //nav include($_SERVER['DOCUMENT_ROOT'].'/nav.php');?>
	<center>
	<a href="new.php"><b>Create message</b></a>
	&nbsp;|&nbsp;
	<a href="index.php"><b>Inbox</b></a>
	&nbsp;|&nbsp;
	<a href="index.php?view=savebox"><b>Save box</b></a>
	</center>
	<br><br>
	<center>
	<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post" name="pm">
	<table border="1" cellspacing="0" cellpadding="2" class="general">
		<tr>
			<td valign="top" class="headercell"><b>To:</b></td>
			<td><input type="test" name="to" size="20" maxlength="20" value="<?php echo $_GET['to'];?>"></td>
		</tr>
		<tr>
			<td valign="top" class="headercell"><b>Subject:</b></td>
			<td><input type="test" name="subject" size="32" maxlength="32" value="<?php echo $_GET['subject'];?>"></td>
		</tr>
		<tr>
			<td colspan="2" class="headercell" align="center"><?php //echo toolbar(true,true);?></td>
		</tr>
		<tr>
			<td valign="top" class="headercell"><b>Message:</b></td>
			<td><textarea name="message" cols="50" rows="10"></textarea></td>
		</tr>
		<tr>
			<td colspan="2" align="center"><input type="submit" name="submit" value="Send"></td>
		</tr>
	</table>
	</form>
	</center>
	<?php //foot
}
else if( isset($_POST['submit']) )
{
	//OK lets process! Is a recipient entered?
	if( !empty($_POST['to']) )
	{
		//Have they set a subject?
		if( !empty($_POST['subject']) )
		{
			//OK Is there a message there?
			if( !empty($_POST['message']) )
			{
				//Good, lets check to see the entered recpient exists
				if( mysql_num_rows(mysql_query("SELECT * FROM users WHERE username='".$_POST['to']."'")) == "0" )
				{
					echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
					echo "<center>Nobody with the username ".$_POST['to']." exists, please make sure you spelt it right.<br><a href=\"#\" onclick=\"javascript:history.go(-1)\">Back to your message</a></center>";
//foot
					exit();
				}
				else
				{
					//Set a few variables
					$date = date('d/m/Y');
					$time = date('H:i');
					$sortdate = date('YmdHi');

				//Lets add the new PM to the database
				if( mysql_query("INSERT INTO users SET userto='".strtolower($_POST['to'])."',userfrom='{$_SESSION['valid_user']}',subject='".$_POST['subject']."',message='".$_POST['message']."',date='$date',time='$time',sortdate='$sortdate',opened='0',status='0'") )
				{
					echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
						echo "<center>Your message has been successfully sent to ".$_POST['to'].".<br><br><a href=\"pm.php\">Back to private messages.</a>";
//foot
						exit();
					}
					else
					{
					//OOPS theres a mysql error, inform the user!
						echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
						echo "<center><b>A MySQL error was encountered while processing this script. Please report this error to an admin.";
//foot
						exit();					
					}	
				}
	//Print errors out now for all the things we checked above!
			}
			else
			{
				echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
				echo "<center>No message was entered.<br><a href=\"#\" onclick=\"javascript:history.go(-1)\">Back to your message</a></center>";
//foot
				exit();
			}
		}
		else
		{
			echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
			echo "<center>No subject was entered.<br><a href=\"#\" onclick=\"javascript:history.go(-1)\">Back to your message</a></center>";
//foot
			exit();
		}
	}
	else
	{
		echo "<html>\n<head>\n<title>Send new message</title>\n";
//nav
		echo "<center>No user was entered.<br><a href=\"#\" onclick=\"javascript:history.go(-1)\">Back to your message</a></center>";
//foot
		exit();
	}
}
?>

read.php

<?php
session_start();
//Include the database and login stuff
include('login_check.php');

include('config.php');

//bbcode include($_SERVER['DOCUMENT_ROOT'].'/includes/bbcode.php');

if( !isset($_POST['action']) )
{
	//Here we have the option to delete a message, dont know why i did it this way...
	if( isset($_GET['action']) && $_GET['action'] == "delete" )
	{
		mysql_query("DELETE FROM users WHERE mid='{$_GET['id']}'");
		?>
		<html>
		<head>
		<title>Private Messages</title>
		<?php //nav include($_SERVER['DOCUMENT_ROOT'].'/nav.php');?>
		<center>
		Your message has successfully been deleted.<br>
		<a href="pm.php">Back to your inbox.</a>
		</center>
		<?php //foot include($_SERVER['DOCUMENT_ROOT'].'/footer.php');
		exit;
	}

//Get MySQL database details and slap them in a handy array!
$result = mysql_query("SELECT * FROM users WHERE mid='".$_GET['mid']."'");
$row = mysql_fetch_array($result);

//Does this PM belong to the logged in user?
if( $row['userto'] == strtolower($_SESSION['valid_user']) )
{
	//OK now flag the message as read and then show it
	mysql_query("UPDATE users SET opened='1' WHERE mid='".$_GET['mid']."'")
	?>
	<html>
	<head>
	<title>View your messages</title>
	<?php //nav include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.php');?>

	<table border="0" cellspacing="0" cellpadding="2" width="100%">
		<tr>
			<td width="100"><b>From</b></td>
			<td><?php echo $row['userfrom'];?></td>
		</tr>
		<tr>
			<td width="100"><b>Time & Date</b></td>
			<td><?php echo $row['time'] . ", " . $row['date'];?></td>
		</tr>
		<tr>
			<td width="100"><b>Subject</b></td>
			<td><?php echo $row['subject'];?></td>
		</tr>
		<tr>
			<td colspan="2"><hr>
			<?php echo replace($row['message']);?>
			<hr>
			<center>
			<a href="new.php?to=<?php echo $row['userfrom'];?>&subject=RE:<?php echo $row['subject'];?>">Reply</a>&nbsp;-&nbsp;<a href="read.php?action=delete&id=<?php echo $row['mid'];?>">Delete</a>
			</center>
			</td>
		</tr>
	</table>
	<?php //foot include($_SERVER["DOCUMENT_ROOT"].'/'.'footer.php');
}
else
{
	//Wrong message, Uh OH!
	?>
	<html>
	<head>
	<title>Restricted</title>
	<?php //nav include($_SERVER["DOCUMENT_ROOT"].'/'.'nav.php');?>
	This is not your message!
	<?php //foot include($_SERVER["DOCUMENT_ROOT"].'/'.'footer.php');
}
}
?>

config.php

<?

$DB_username = "removed"; //username for database here

$DB_password = "removed"; //password for database here
$DB_name =  "removed"; //name of database here

$mysql_link = mysql_pconnect( "localhost", "$DB_username", "$DB_password")
               or die( "Failed to connect to MySQL server");
mysql_select_db( "$DB_name") or die( "Connected to the MySQL server, but unable to select a database");



$admin_address = "";



$iplockout = "0";

$usernamelockout = "0";


$signuppage = "0";

$signupnotified = "0";


?>

login_check.php

<?
login_script.php
session_start();
$sid = session_id();

if (session_is_registered("valid_user")) {
	session_save_path("$sid.txt");
	}
else { header ("Location: login.php"); }
?>

here is the .sql file i am using.

CREATE TABLE `users` (
  `username` varchar(50) NOT NULL default '0',
  `password` varchar(32) default NULL,
  `fname` varchar(24) default NULL,
  `lname` varchar(32) default NULL,
  `address1` varchar(48) default NULL,
  `address2` varchar(48) default NULL,
  `city` varchar(32) default NULL,
  `state` varchar(32) default NULL,
  `zip` varchar(12) default NULL,
  `country` varchar(48) default NULL,
  `securitylevel` tinyint(1) default '0',
  `email` varchar(50) NOT NULL default '',
  `id` int(4) NOT NULL auto_increment,
  `logincount` tinyint(4) default '0',
  `mid` varchar(50) default NULL,
  `userto` varchar(50) default NULL,
  `userfrom` varchar(50) default NULL,
  `subject` varchar(40) default NULL,
  `message` BLOB default NULL,
  `date` varchar(10) default NULL,
  `time` varchar(10) default NULL,
  `sortdate` varchar(10) default NULL,
  `opened` varchar(10) default NULL,
  `status` varchar(10) default NULL,

  PRIMARY KEY  (`id`),
  UNIQUE KEY `id` (`id`),
  UNIQUE KEY `username` (`username`)
) TYPE=MyISAM AUTO_INCREMENT=17 ;

If someone could please help me out here, that would be great. I am like pulling my hair out here...thanks.

kburger

I think the reason you haven't received a reply until now is that you've got an awful lot of irrelevant code here. Nobody really wants to wade through all that. You would probably get a better response if you posted only a small bit of code that's giving you trouble, or a code snippet that isn't working the way you expect.

planetsim

Maybe asking a mod to change the thread title to. PMS doesnt seem to me to be a language although it is a problem some women do experience.

Also yes there is lots of code which to us seems useless. Also maybe being more specific with the problem. How is the system working. What specific code is used where the problem is occuring.

sys4dm1n

PMS = Private Messaging System

Okay, anyways, what is happening is when I send a private message, it doesnt go anywhere- it says its been sent, but i never get anything in the inbox i sent it to.

I think it has to do with new.php and pm.php, also the database..thats why I posted it because I have no idea what went wrong and were.