CodingForums.com

CodingForums.com (http://www.codingforums.com/index.php)
-   Post a PHP snippet (http://www.codingforums.com/forumdisplay.php?f=41)
-   -   Private Message system (http://www.codingforums.com/showthread.php?t=152811)

Dane 11-22-2008 08:51 AM
Private Message system
 
Hey.

I just figured I'd submit this tutorial.
It's not the most secure way but hey, it works, it's good, and it's fun :D

I guess I can explain it while I go xD

Anyways,

First we need to create our table.

I named mine privatemsg.
Here is the SQL:
Code:
CREATE TABLE IF NOT EXISTS `privatemsg` (
  `id` int(11) NOT NULL auto_increment,
  `uidto` varchar(90) NOT NULL,
  `uidsent` varchar(90) NOT NULL,
  `prefix` varchar(300) NOT NULL default '<b>',
  `subject` varchar(90) NOT NULL,
  `suffix` varchar(300) NOT NULL default '</b>',
  `message` longtext NOT NULL,
  `date` date NOT NULL,
  PRIMARY KEY  (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;
Alright. Here is private.php:


PHP Code:
<?php //Include our config 
include("includes/menu.php"); ?>
<table width="959" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td width="195" rowspan="3" valign="top">&nbsp;</td>
    <td width="557" height="56" valign="top">&nbsp;</td>
    <td width="207" rowspan="2" valign="top">&nbsp;</td>
  </tr>
  <tr>
    <td height="281" valign="top"><table width="100%" border="1" cellpadding="0" cellspacing="0">

     <tr>
<td height="38" colspan="3" valign="top"><?php //Echoing the session username
echo $_SESSION['username']; ?>'s Private Messages&nbsp;<br>        
<a href="compose.php"><img src="images/compose.png" width="65" height="25" border="0"></a><?php echo"<a href=\"sentbox.php\">
<img src=\"images/sent.png\" width=\"65\" border=\"0\" height=\"25\" /></a>"?><br></td>
</tr>
<tr>
<td width="86" height="30" valign="top"><?php 
//This is the private message query.
$pmsgs=mysql_query("SELECT * FROM privatemsg WHERE uidto='{$_SESSION['username']}'");
//This is the members query. We need the members query to select from members WHERE member id equals the private message uidto.
$members=mysql_query("SELECT * FROM members WHERE username='{$pmsgs['uidto']}'");
//Since it's only geeting one member, we do not need a while loop. Plus if you have a while loop with this the whole script goes funky :P
$member=mysql_fetch_array($members);
//We need to have the while loop on the privatemsg query because, it is getting more then one private message.
while($privatemsg=mysql_fetch_array($pmsgs)){
        //Echoing the values
        echo " <tr>
        <td width=\"271\" height=\"21\" valign=\"top\"><a href=\"viewmsg.php?id={$privatemsg['id']}\">{$privatemsg['prefix']}{$privatemsg['subject']}{$privatemsg['suffix']}</td>

        <td width=\"280\" valign=\"top\">From: {$grou['gprefix']}{$privatemsg['uidsent']}{$grou['gsuffix']}</td>

      </tr>"; } 
      //You probably notice how I have the prefix part. Well, this lets you know if youve read the PM yet. When you send a PM it inserts the PM into the databse and the prefix is <b> and the suffix is </b>. and when you view the Private Message it updates the prefix and suffix to NULL.
      ?>
      
      &nbsp;</td>
    </table></td>
  </tr>
  <tr>
    <td height="126" colspan="2" valign="top">&nbsp;</td>
  </tr>
</table>
Here is viewmsg.php

PHP Code:
<?php //Including our config again
include("includes/menu.php"); ?>
<table width="959"  border="0" cellpadding="0" cellspacing="0">

<?php 
//Update the Private Message so it isn't bold anymore.
$id=$_GET['id'];
$result mysql_query("UPDATE privatemsg SET prefix='' WHERE id='$id'"
or die(mysql_error());  
$result mysql_query("SELECT * FROM privatemsg WHERE id='$id'");
?>
<tr>
<td width="195" rowspan="3" valign="top">&nbsp;</td>
<td width="557" height="56" valign="top">&nbsp;</td>
<td width="207" rowspan="2" valign="top">&nbsp;</td>
</tr>
<tr>
<td height="281" valign="top"><table width="100%" border="1" cellpadding="0" cellspacing="0">
<tr>
<td height="38" colspan="3" valign="top"><?php echo $_SESSION['username']; ?>'s Private Messages&nbsp;<br>       
<?php $id=$_GET['id'];
echo "<a href=\"replymsg.php?id={$id}\"><img src=\"images/reply.png\" border=\"0\" width=\"65\" height=\"25\"></a>"
echo"<a href=\"sentbox.php\"><img src=\"images/sent.png\" width=\"65\" height=\"25\" /></a>"?>
<br></td>
</tr>
<tr>
<td width="86" height="30" valign="top"><?php 
$pmsgs=mysql_query("SELECT * FROM privatemsg WHERE id='$id'");
$members=mysql_query("SELECT * FROM members WHERE username='{$privatemsg['uidto']}'");
$member=mysql_fetch_array($members);
while($privatemsg=mysql_fetch_array($pmsgs)){
echo "Private Message by {$privatemsg['uidsent']}";
echo "- Private Message to {$privatemsg['uidto']}";
echo " <tr>
<td width=\"271\" height=\"190\" bgcolor=\"#FFFFFF\" valign=\"top\"><span style=\"color: #000000;\">";
if($_SESSION['username'] =="{$privatemsg['uidto']}" )    include("includes/bbcodepms.php");
else echo "Private Message not found.";echo"</td>
</tr>"; } ?>&nbsp;</td>

  </table></td>
  </tr>
  <tr>
    <td height="126" colspan="2" valign="top">&nbsp;</td>
  </tr>
</table>
compose.php

PHP Code:
<?php include("includes/menu.php"); ?><table width="959" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td width="195" height="56">&nbsp;</td>
    <td width="557">&nbsp;</td>
    <td width="207">&nbsp;</td>
  </tr>
  <tr>
    <td height="281">&nbsp;</td>
    <td valign="top"><table width="100%" border="1" cellpadding="0" cellspacing="0">
      <tr>
        <td height="38" colspan="2" valign="top"><label>
          <form name="form1" method="post" action="sendmsg.php"><input name="uidto" type="text" id="uidto" value="Please type one username per message." size="90">
        </label></td>
        </tr>
      <tr>
        <td height="27" colspan="2" valign="top">
          <label>
            <input name="subject" type="text" id="subject" size="90">
            </label>       </td>
      <tr>
        <td height="184" colspan="2" valign="top"><label>
          <textarea name="message" id="message" cols="89" rows="10"></textarea>
        </label></td>
      <tr>
        <td width="261" height="48" valign="top"><label>
          <input name="uidsent" type="hidden" value="<?php echo $_SESSION['username']; ?>" id="uidsent" size="1">
          <input type="submit" name="button" id="button" value="Submit"></form> 
        </label></td>
        <td width="290">&nbsp;</td>
    </table></td>
    <td>&nbsp;</td>
  </tr>
  <tr>
    <td height="126">&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
</table>
sendmsg.php

PHP Code:
<?php include("includes/menu.php"); 
//Posting all the fields that are appropriate
$uidto   $_POST['uidto'];
$uidsent $_POST['uidsent'];
$subject $_POST['subject'];
$message $_POST['message'];
//Inserting the fields into the DB.
mysql_query("INSERT INTO privatemsg(uidto,uidsent,subject,message)VALUES('$uidto','$uidsent','$subject','$message')");
mysql_query("INSERT INTO sent(uidto,uidsent,subject,message)VALUES('$uidto','$uidsent','$subject','$message')");
//Update the Private Message so it is bold when reached to the member.
$result mysql_query("UPDATE privatemsg SET prefix='<b>' WHERE id='$id'");
$result mysql_query("UPDATE privatemsg SET suffix='</b>' WHERE id='$id'");
$result mysql_query("SELECT * FROM privatemsg WHERE id='$id'");
?>
Now, I am darn sure that I had something in there that made it where when you typed the username in the compose.php, Then in sendmsg.php, it would change that username to an id. Weird..

Anyways, If any of you notice how my code isn't really lined up and it's ugly, I still am trying to make it cleaner.

Anyways,
I hope this tutorial helps soome people. :)

Thanks.

jack22 04-09-2009 09:09 AM
page
 
Hi i think you forgot to add the page sentbox.php

sea4me 04-18-2009 04:10 AM
I think you should make a .zip and host it somewhere so people that are lazy :p can get it easily....
(no offense) :D

jamesk 05-30-2009 09:16 PM
I agree with the .zip file thing. Is it for a Forum or just a website?

Also, what is: includes/menu.php

Is that included? I'm confused :-\.

Sorry, i'm new to all this :P

azpilot2211 08-01-2009 06:44 PM
Hi Dane, thanks for the code. I have a few questions about getting it to work.

PHP Code:
$members=mysql_query("SELECT * FROM members WHERE username='{$pmsgs['uidto']}'"); 
The members table. did you leave this out or is this our current members database?

I think thats the only Q i have on private.php code.......

more Q's to follow?

Zangeel 08-01-2009 09:09 PM
PHP Code:
$id=$_GET['id']; 
$result mysql_query("UPDATE privatemsg SET prefix='' WHERE id='$id'"
Suppose someone alters the URL like ...id?=' AND DROP TABLE `users`");# or whatever.

You can use

PHP Code:
$id = (int) $_GET['id']; //if it's numerical or if it's not mysql_real_escape_string 

larry1 08-17-2009 04:13 PM
Thanks for the code.

codymbecker 09-14-2009 07:10 AM
! MISSING !

include("include/bbcodepms.php");

codymbecker 09-14-2009 07:15 AM
Help!
 
Ok brother can you please help me out, i need this to work. Your are missing:
  • Sentbox.php
  • reply.php
  • the pictures for those
  • include("include/bbcodepms.php");

I really need these asap. Please eMail me or anybody that has the code.

codymbecker@gmail.com

pavsid 10-14-2009 07:05 PM
Just a question, what are the prefix and suffix columns for in the db? and why are they 300 characters large?

deadlyalive22 01-10-2010 11:22 AM
help plss =)
 
i need an example for the session checker, i have already made a login, but i dont have any idea on how to check the session to proceed with the other pages...


All times are GMT +1. The time now is 10:53 AM.

Powered by vBulletin®
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.