Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 2 of 2 FirstFirst 12
Results 16 to 29 of 29
  1. #16
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    sky_message

    CREATE TABLE `sky_message` (
    `msg_id` int(5) NOT NULL auto_increment,
    `to_id` int(5) NOT NULL,
    `from_id` int(5) NOT NULL,
    `read_status` int(1) NOT NULL,
    `send_date` date NOT NULL,
    `subject` varchar(255) NOT NULL,
    `message` text NOT NULL,
    PRIMARY KEY (`msg_id`),
    KEY `to_id` (`to_id`),
    KEY `from_id` (`from_id`),
    CONSTRAINT `sky_message_ibfk_1` FOREIGN KEY (`to_id`) REFERENCES `sky_member` (`member_id`),
    CONSTRAINT `sky_message_ibfk_2` FOREIGN KEY (`from_id`) REFERENCES `sky_member` (`member_id`)
    ) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8

  2. #17
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    sorry firs table is sky_message not sky_members DOH!

  3. #18
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    I would definitely kill off your sky_admin table.

    And then just add one simple field to your sky_members table, thus:
    Code:
    CREATE TABLE `sky_member` (
    `screen_name` varchar(25) NOT NULL,
    `country_id` int(5) NOT NULL,
    `location` varchar(15) NOT NULL,
    `password` varchar(15) NOT NULL,
    `email` varchar(45) NOT NULL,
    `date_of_birth` date NOT NULL,
    `date_of_reg` date NOT NULL,
    `subcribe_plan` varchar(25) NOT NULL,
    `member_id` int(5) NOT NULL auto_increment,
    `start_subscription` date NOT NULL,
    `end_subscription` date NOT NULL,
    `last_login` varchar(35) NOT NULL,
    `sess_random` varchar(35) NOT NULL,
    `adminLevel INT NOT NULL DEFAULT 0,
    PRIMARY KEY (`member_id`)
    ) ENGINE=InnoDB
    And now you don't need a separate admin login, either. Everyone logs in via the same page and <form>, and in the PHP code where you check the login, you also check the value of adminLevel. A zero means the user has no admin privileges.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  4. #19
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    Why do you have two *IDENTICAL* functions?

    post_message and post_send_message are *IDENTICAL*!!

    And why do you have NO validation and SQL injection protection?

    Assuming you are using mysqli and assuming the $this is a reference to your mysqli connection, then:
    Code:
    function post_message($to_id,$from_id,$subject,$content)
    {
        if ( ! isnumeric($to_id) || ! isnumeric($from_id) )
        {
            echo "In post_message: to_id and from_id MUST be valid numbers!";
            die();
        }
        $to_id = (int) $to_id;
        $from_id = (int) $from_id; // cast both of them to INT for super safety
        $subject = $this->real_escape_string($subject);
        $content = $this->real_escape_string($content);
        
        $sql = "insert into sky_message (to_id,from_id,subject,message,send_date) "
             .  "values($to_id.,$from_id,'$subject','$content',now())";
         /*echo $sql;
           exit;*/
        $this->query($sql) or die( $this->error() );
    }
    And notice: NO MORE APOSTROPHES around the values for to_id and from_id!!
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  5. Users who have thanked Old Pedant for this post:

    andrewjamesb (08-22-2013)

  6. #20
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    And this line is your culprit:
    Code:
    $obj_post_send->post_send_message($member_id,'',$subject,$content);
    See? You are *NOT* passing a from_id value!!!!

    If you use my revised code for post_send_message, though, you will get an error message and die because of the lack of number there, thank goodness.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  7. Users who have thanked Old Pedant for this post:

    andrewjamesb (08-22-2013)

  8. #21
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Thank you the continued education. I must buy you a crate of beer or something at the end of this :-0

    I am now getting;

    Fatal error: Call to undefined function isnumeric() in html\class\admin_class.php on line 230

    How would I define / call this?

    if ( ! isnumeric($to_id) || ! isnumeric($from_id) )

  9. #22
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    Sorry! My typo! is_numeric() is the proper name. An underline between "is" and "numeric".
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  10. #23
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    Problem is, I don't use PHP, so I have to keep looking up all this stuff.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  11. #24
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    I put if (!is_numeric($from_id)) in as below into email_to_member.php


    // ------- Sending Email off admin

    $obj_post->member_detail_id($member_id);
    $obj_post->next_record();
    if($obj_post->num_rows()>0)
    {
    if (!is_numeric($from_id))
    {
    echo 'is not numeric';
    }

    $obj_send->post_message($member_id,$from_id,$subject,$content);
    $obj_post_send->post_send_message($member_id,$from_id,$subject,$content);
    $receiver_email=$obj_post->f('email');
    $receiver_name=$obj_post->f('screen_name');


    result the same

    is not numeric
    Fatal error: Call to undefined function isnumeric() in \html\class\admin_class.php on line 230

  12. #25
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    Why in the world would you decide to put that code *THERE* instead of where I showed you???

    And why didn't you look at \html\class\admin_class.php on line 230? Where it says the error is?

    Are you just throwing code at the wall and hoping it would stick??

    ONE MORE TIME:
    Code:
    function post_message($to_id,$from_id,$subject,$content)
    {
        if ( ! is_numeric($to_id) || ! is_numeric($from_id) )
        {
            echo "In post_message: to_id and from_id MUST be valid numbers!";
            die();
        }
        $to_id = (int) $to_id;
        $from_id = (int) $from_id; // cast both of them to INT for super safety
        $subject = $this->real_escape_string($subject);
        $content = $this->real_escape_string($content);
        
        $sql = "insert into sky_message (to_id,from_id,subject,message,send_date) "
             .  "values($to_id.,$from_id,'$subject','$content',now())";
         /*echo $sql;
           exit;*/
        $this->query($sql) or die( $this->error() );
    }
    Anyway, you are now 100% in the world of PHP, and (as I said) I don't use PHP.

    Ask me about mySQL and/or SQL queries in general.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  13. Users who have thanked Old Pedant for this post:

    andrewjamesb (08-22-2013)

  14. #26
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    The error refers to if ( ! is_numeric($to_id) || ! is_numeric($from_id) ) within the function post_message. Yes I did throw code at the wall in hope it would work. Desperation.

    Cant understand why it is complaining not numeric, what values other than int which you explicitly cast int he function could be getting sent over? empty space or something? Strange as we took out the "" and replaced with from_id

    Oh well. You certainly are the code master. Years of experience probably. Thank you for all your help. You have been excellent.

    Only other thing I thought of asking. Would an inner join or something similar work? Join admin table with member table.

    Thanks again for all your efforts

  15. #27
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    The error message you showed me is this:
    Call to undefined function isnumeric() in \html\class\admin_class.php on line 230
    That error is *clearly* saying the PHP can't find the function isnumeric (WITHOUT the underline).

    Now you seem to be telling me that you are getting a different error message, but you haven't told me what it is.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  16. #28
    New Coder
    Join Date
    Aug 2013
    Posts
    15
    Thanks
    3
    Thanked 0 Times in 0 Posts
    The error message still remains;

    In post_message: to_id and from_id MUST be valid numbers!

    The funny thing is I fixed email to all.php script, but cant get email to a specific member to work because of the above error

    function post_send_message($to_id,$from_id,$subject,$content)
    {
    if ( ! is_numeric($to_id) || ! is_numeric($from_id) )
    {
    echo "In post_message: to_id and from_id MUST be valid numbers!";
    die();
    }
    $to_id = (int) $to_id;
    $from_id = (int) $from_id; // cast both of them to INT for super safety
    $subject = $this->real_escape_string($subject);
    $content = $this->real_escape_string($content);

    $sql = "insert into sky_message (to_id,from_id,subject,message,send_date) "
    . "values($to_id,$from_id,'$subject','$content',now())";
    /*echo $sql;
    exit;*/
    $this->query($sql) or die( $this->error() );
    }


    member_detail_id function below

    function member_detail_id($member_id)
    {
    $sql="select * from sky_member where member_id=".$member_id;
    /*echo $sql;
    exit;*/
    $this->query($sql);
    }


    php file to send to individual member

    // ------- Sending Email off admin news-------------
    $obj_post->member_detail_id($member_id);
    $obj_post->next_record();
    if($obj_post->num_rows()>0)
    {
    $obj_send->post_message($member_id,$from_id,$subject,$content);

    $receiver_email=$obj_post->f('email');
    $receiver_name=$obj_post->f('screen_name');


    Function that send to all members that works

    function send_weekly_news()
    {
    $sql="select * from sky_member where news_letter_status='0' and approve_status='1'";
    $this->query($sql);
    }


    php file behind send to all

    // ------- Sending Email of weekly news-------------
    $obj_post->send_weekly_news();
    while($obj_post->next_record())
    {
    $receiver_email=$obj_post->f('email');
    $receiver_name=$obj_post->f('screen_name');


    I am just wondering if I could use something similar for send to specific member. But then I would have to declare the member to_id explicitly to that member. I have the from_id as 99999 for example for the admin user. Not good idea to keep changing to_id everytime though. Thats the key?

  17. #29
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,021
    Thanks
    75
    Thanked 4,323 Times in 4,289 Posts
    But that is *NOT* an error!!!

    That is MY MESSAGE TO YOU telling you that you are calling that function with ILLEGAL VALUES.

    So you have an error in your code where you are *CALLING* post_send_message.

    And in the just above post, you have NOT shown any place where you are indeed calling that function. You show a call to post_message, but no calls to post_send_message.

    LOOK: if you do NOT WANT to supply BOTH from_id AND to_id for *EVERY* message, then you need to change your DB design. Get rid of the FOREIGN KEY constraint. And then you could, for example, just use zero to indicate "no particular member".
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


 
Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •