-
Notifications
You must be signed in to change notification settings - Fork 0
/
msg_reply.php
65 lines (59 loc) · 2.15 KB
/
msg_reply.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php
include ("include/header.php");
if (isset($_GET['u'])) {
$username1 = mysql_real_escape_string($_GET['u']);
if (ctype_alnum($username)) {
//check user exists
$check = mysql_query("SELECT username FROM users WHERE username='$username1'");
if (mysql_num_rows($check)===1) {
$get = mysql_fetch_assoc($check);
$username1 = $get['username'];
//Check user isn't sending themself a private message
if ($username1 != $username) {
if (isset($_POST['submit'])) {
$msg_title = strip_tags(@$_POST['msg_title']);
$msg_body = strip_tags(@$_POST['msg_body']);
$date = date("Y-m-d");
$opened = "no";
$deleted = "no";
if ($msg_title == "Enter the message title here ...") {
echo "Please give your message a title.";
}
else
if (strlen($msg_title) < 3) {
echo "Your message title cannot be less than 3 characters in length!";
}
else
if ($msg_body == "Enter the message you wish to send ...") {
echo "Please write a message.";
}
else
if (strlen($msg_body) < 3) {
echo "Your message cannot be less than 3 characters in length!";
}
else
{
$send_msg = mysql_query("INSERT INTO pvt_messages VALUES ('','$username','$username1','$msg_title','$msg_body','$date','$opened','$deleted')");
echo "Your message has been sent!";
}
}
echo "
<form action='send_msg.php?u=$username1' method='POST'>
<h2>Compose a Message to: ($username1)</h2>
<input type='text' name='msg_title' size='30' onClick=\"value=''\" value='Enter the message title here ...'><p />
<textarea cols='50' rows='12' name='msg_body'>Enter the message you wish to send ...</textarea><p />
<input type='submit' name='submit' value='Send Message'>
</form>
";
}
else
{
header("Location:profile.php?u=$username");
}
}
}
}
?>
<?php
include ("include/footer.php");
?>