Hi there,

I am currently trying to implement a PHP based PM system into my website. I have found the following tutorial as to what code to use:

http://www.webestools.com/scripts_tutorials-code-source-15-personal-message-system-in-php-mysql-pm-system-private-message-discussion.html

I have downloaded the files and have edited them to the point that I can send New messages to users, and that users can read them, but if you look on the read_pm.php there is a form at the bottom where a user can reply to a message. This works fine on the example, but it gives me an error when I use it on my website, "An error occurred while sending the message."

I have attached images of my user table and also my pm table:

http://img.photobucket.com/albums/v225/Cjc1706/ScreenShot2012-02-25at170723.png

http://img.photobucket.com/albums/v225/Cjc1706/ScreenShot2012-02-25at170711.png

Also when a user logs in, it assigns a session variable called Userid, which is what is getting used in this script.

Im not too sure, but I think the error is below the part where it says "//We send the message and we change the status of the discussion to unread for the recipient "

Below is the code

<?php

//Start The PHP Session
  session_start();

//Check if the user is logged in before allowing access to the page
  require_once("checklog.php");

//Check if the user has admin status. If so, load the menu layout for the admin.
  //if not, check if user is logged in, and load menu layout for logged in user
  //otherwise, load menu layout for logged out user
  if ($_SESSION['adminstatus'] == 1) {
      include_once("home_start_logged_admin.php");
  } elseif (isset($_SESSION['logged'])) {
      include_once("home_start_logged.php");
  } else {
      include_once("home_start.php");
  }

    //Connect to the Database
  require_once("db_connect.php");
  mysql_select_db("a200332664_iwant") or die("<h1>Couldn't Locate Database</h1>");


//We check if the ID of the discussion is defined
if(isset($_GET['id']))
{
$id = intval($_GET['id']);
//We get the title and the narators of the discussion
$req1 = mysql_query('select title, user1, user2 from pm where id="'.$id.'" and id2="1"');
$dn1 = mysql_fetch_array($req1);
//We check if the discussion exists
if(mysql_num_rows($req1)==1)
{
//We check if the user have the right to read this discussion
if($dn1['user1']==$_SESSION['Userid'] or $dn1['user2']==$_SESSION['Userid'])
{
//The discussion will be placed in read messages
if($dn1['user1']==$_SESSION['Userid'])
{
	mysql_query('update pm set user1read="yes" where id="'.$id.'" and id2="1"');
	$user_partic = 2;
}
else
{
	mysql_query('update pm set user2read="yes" where id="'.$id.'" and id2="1"');
	$user_partic = 1;
}
//We get the list of the messages
$req2 = mysql_query('select pm.timestamp, pm.message, users.ID as userid, users.username from pm, users where pm.id="'.$id.'" and users.ID=pm.user1 order by pm.id2');
//We check if the form has been sent
if(isset($_POST['message']) and $_POST['message']!='')
{
	$message = $_POST['message'];
	//We remove slashes depending on the configuration
	if(get_magic_quotes_gpc())
	{
		$message = stripslashes($message);
	}
	//We protect the variables
	$message = mysql_real_escape_string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
	//We send the message and we change the status of the discussion to unread for the recipient
	if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['Userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"'))
	{
?>
<div class="message">Your message has successfully been sent.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
	}
	else
	{
?>
<div class="message">An error occurred while sending the message.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
	}
}
else
{
//We display the messages
?>
<div class="content">
<h1><?php echo $dn1['title']; ?></h1>
<table class="messages_table">
	<tr>
    	<th class="author">User</th>
        <th>Message</th>
    </tr>
<?php
while($dn2 = mysql_fetch_array($req2))
{
?>
	<tr>
    	<td class="author center"><?php
?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['username']; ?></a></td>
    	<td class="left"><div class="date">Sent: <?php echo date('m/d/Y H:i:s' ,$dn2['timestamp']); ?></div>
    	<?php echo $dn2['message']; ?></td>
    </tr>
<?php
}
//We display the reply form
?>
</table><br />
<h2>Reply</h2>
<div class="center">
    <form action="read_pm.php?id=<?php echo $id; ?>" method="post">
    	<label for="message" class="center">Message</label><br />
        <textarea cols="40" rows="5" name="message" id="message"></textarea><br />
        <input type="submit" value="Send" />
    </form>
</div>
</div>
<?php
}
}
else
{
	echo '<div class="message">You dont have the rights to access this page.</div>';
}
}
else
{
	echo '<div class="message">This discussion does not exists.</div>';
}
}
else
{
	echo '<div class="message">The discussion ID is not defined.</div>';
}

?>

I have been stressing out over this for the past few hours, and can not find any reason as to why this would not work.

Any help would be appreciated!

Thanks

    The only time that error message gets displayed is when this query fails:

    'insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['Userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"')

    So do this: Assign that query string to a variable such as $query.

    Then change the error message from this:

    An error occurred while sending the message.

    To this:

    An error occurred while sending the message. <?php echo $query; ?>

    This way, when the problem occurs, you will see the query that made it fail. I guarantee that something is blank, or doesn't have quotes around it when it should, or maybe there's too many parentheses. Whatever. If the problem is obvious, fix it. If not, then copy the $query from the error message and paste it into MySQL and run it. MySQL sometimes tells you what is wrong with the query. But it's probably something like this:

    insert into customers (name, age, gender) values ('Cjc1706',,'male');

      etully;10997692 wrote:

      Then change the error message (…) To this:

      An error occurred while sending the message. <?php echo $query; ?>

      MySQL sometimes tells you what is wrong with the query.

      MySQL always tells you what is wrong with the query. But it also tells PHP what is wrong with the query, so for debugging purposes

      <?php
echo 'An error occured while sending the message';
error_log(sprintf('(%d) %s%s%s',
	mysql_errno(),
	mysql_error(),
	PHP_EOL,
	$query
));

        No, MySQL sometimes tells you what's wrong with the query. For example:

        mysql> insert into ruckuscount (hits,) values (2);

ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that 
corresponds to your MySQL server version for the right syntax to use near ') values (2)' at line 1

        That error message simply tells you that there is a syntax error which is vague enough to a beginner to be completely useless. It doesn't say, "you have an extra comma in your field list", or "you left a field out of your field list". To you and me, yes, "syntax error" is enough info... but to a newbie who thinks they typed it right, "check your manual for the correct syntax" isn't a help... what are they going to do, read the whole 400 page manual?

        When you're answering questions in the newbies forum, you have to understand that sometimes MySQL error messages are vague enough to be useless to a newbie.

          But the mysql_error() function returns the same error message as if you executed the query via phpMyAdmin, MySQL Workbench, or the mysql command line. Which was johanafm's point. Why simply output the query, copy it, paste it somewhere else, and run it again to get the error it caused, when you can just output the error and query and skip the copying, pasting, and running it again.

            etully;10997752 wrote:

            That error message simply tells you that there is a syntax error which is vague enough to a beginner to be completely useless.

            Not at all; it not only tells you that there is a syntax error, but it even tells you exactly where it realized there was a syntax error.

            etully;10997752 wrote:

            what are they going to do, read the whole 400 page manual?

            Not a bad idea, really - why use something as sophisticated as a relational database server when you haven't even read the manual for it yet? But no, I would suspect they would start out with the single manual page that talks about INSERT queries. Or, they could instead examine the location referenced in the error message and do some deductive reasoning (and/or "use common sense") and notice that they've got a comma with nothing after it.

            etully;10997752 wrote:

            When you're answering questions in the newbies forum, you have to understand that sometimes MySQL error messages are vague enough to be useless to a newbie.

            The vagueness never changes; what does change is the level of understanding from one "newbie" to the next... which is why we're trying to expose Cjc1706 to the MySQL error message and tech him/her how to read/understand it.

            Plus, as Derkorian points out...

            Derokorian;10997755 wrote:

            But the mysql_error() function returns the same error message as if you executed the query via phpMyAdmin, MySQL Workbench, or the mysql command line.

              Write a Reply...