Едитване на този скрипт

A

anival

Registered
Здравейте ето този скрипт за лични съобщения ми трябва да се промени там където е за изпращане на съобщение до потребител да не го взима от другия файл members.php а да се пише ръчно ето го скрипта той е от 1 система тук в tourista.

Код: 
<?php 
session_start(); 
ob_start(); 
if($_SESSION['name']) 
{ 
echo '<center><div align="center"><b><a href="?page=inbox">Inbox </a><a href="?page=write">New Message</a></b></div> 
<a href="members.php">Members</a><br> 
<a href="changepassword.php">EditProfile </a><a href="logout.php">Logout</a><br></center>'; 
$pmsesusername = $_SESSION['name']; 
include "connect.php"; 
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword") 
or die("unable to connect to the database"); 
mysql_select_db("$db", $db_conn) or die("unable to select the database"); 
switch($_GET[page]) 
{ 
default: 
break; 
case 'write': 
if (!$_POST[send]) 
{ 
echo ("<center><form method='POST' style='margin: 0px;'>To:*<br> 
<select name='to'> 
"); 
$getusers = mysql_query("SELECT * FROM users ORDER BY 'name' ASC"); 
while ($users = MySQL_Fetch_Array($getusers)) { 
echo ("<center><option value='$users[name]'>$users[name]</option>"); 
} 
echo ("<center> 
</select> 
<br>Message Subject:* 
<br><input type='text' name='subject' size='20'> 
<br>Message:* 
<br><textarea rows='7' name='message' cols='35'></textarea> 
<br><input type='submit' value='Submit' name='send'> 
</form> 
"); 
} 
if ($_POST[to]) 
{ 
$subject = htmlspecialchars(addslashes("$_POST[subject]")); 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$to = htmlspecialchars(addslashes("$_POST[to]")); 
$send = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , 
`touser` , `from` , `unread` , 
`date` ) VALUES ('$subject', '$message', '$to', 
'$pmsesusername', 'unread', NOW())"); 
echo ("<center>Your message has been sent."); 
} 
break; 
case 'delete': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Sorry, but this is an invalid message!"); 
} 
else 
{ 
$getmsg = mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] != $pmsesusername) 
{ 
echo ("<center>This message was not sent to you!"); 
} 
else 
{ 
$delete = mysql_query("delete from pmessages where id = '$_GET[msgid]'"); 
echo ("<center>Message Deleted"); 
} 
} 
break; 
case 'inbox': 
$get = mysql_query("SELECT * from pmessages where touser = '$pmsesusername' order by id desc"); 
echo (" 
<table bgcolor='#dddddd' border='0' width='100%' cellspacing='0'> 
<tr> 
<td align='center'>Subject</td> 
<td align='center' width='125'>From</td> 
<td align='center' width='97'>Date</td> 
<td width='25'>Delete</td> 
</tr> 
</table> 
"); 
$nummessages = mysql_num_rows($get); 
if ($nummessages == 0) 
{ 
echo ("<center>You have 0 messages!"); 
} 
else 
{ 
echo("<table border='0' width='100%' cellspacing='1'>"); 
while ($messages = mysql_fetch_array($get)) 
{ 
echo ("<center> 
<tr> 
<td><a href='?page=view&msgid=$messages[id]'>"); 
if ($messages[reply] == yes) 
{ 
echo ("<center>Reply to: "); 
} 
echo ("<center>$messages[title]</a></td> 
<td width='125'>$messages[from]</td> 
<td width='97'>$messages[date]</td> 
<td width='25'><a href='?page=delete&msgid=$messages[id]'>Delete</a></td> 
</tr>"); 
} 
echo ("<center></table>"); 
} 
break; 
case 'view': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Invalid message!"); 
} 
else 
{ 
$getmsg= mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] == $pmsesusername) 
{ 
if (!$_POST[message]) 
{ 
$markread = mysql_query("Update pmessages set unread = 'read' where id = '$_GET[msgid]'"); 
$msg[message] = nl2br(stripslashes("$msg[message]")); 
echo ("<center> 
<form method='POST' style='margin: 0px;'> 
<b>From: $msg[from]</b><br><b>Subject: $msg[title]</b> 
<b><br>Message:<br><u>$msg[message]</u></br></b> 
<b>Reply:<br></b> 
<center><textarea rows='6' name='message' cols='45'></textarea></center> 
<input type='submit' value='Submit' name='send'> 
</form>"); 
} 
if ($_POST[message]) 
{ 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$do = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , `touser` , `from` , `unread` , 
`date`, `reply`) VALUES 
('$msg[title]', '$message', '$msg[from]', '$pmsesusername', 
'unread', NOW(), 'yes')"); 
echo ("<center>Your message has been sent"); 
} 
} 
} 
break; 
} 
} 
else 
{ 
echo "Access Denied Please <a href='login.html'>Login</a>"; 
} 
?>
 
Като оная просто съм я е едитнал...

login.html

<html>
<head>
<title>Login</title>
<script type="text/javascript">
function validate(){
if ((document.login.name.value=="")||
(document.login.password.value=="")){
alert ("Please Enter Username And password!")
return false
}
else
return true
}
</script>
</head>
<body>
<form action="login.php" name="login" method="post" onsubmit="return validate()">
<input name="login" type="hidden" value="1">
<table width="200" border="0">
<tr>
<td>Потребител</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td>Парола</td>
<td><input type="password" name="password"></td>
</tr>
<tr align="center">
<td colspan="2"><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

login.php

<?php
ob_start();
include "connect.php";
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword")
or die("unable to connect to the database");
mysql_select_db("$db", $db_conn) or die("unable to select the database");
$name=$_POST['name'];
$password=$_POST['password'];
$sql="SELECT * FROM users WHERE name='$name' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1)
{
session_register("name");
session_register("password");
header("location:pro.php");
}
else
{
echo "Username Or Password Is Inccorect";
}
ob_end_flush();
?>

pro.php

<?php
session_start();
if($_SESSION['name'])
{
include "connect.php";
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword")
or die("unable to connect to the database");
mysql_select_db("$db", $db_conn) or die("unable to select the database");
echo '<center><a href="messages.php">Private Message </a><a href="members.php">Members</a><br>
<a href="changepassword.php">EditProfile </a><a href="logout.php">Logout</a><br></center>';
}
else
{
echo "Access Denied Please <a href='login.html'>Login</a>";
}
?>
 
Код: 
<?php 
session_start(); 
ob_start(); 
if($_SESSION['name']) 
{ 
echo '<center><div align="center"><b><a href="?page=inbox">Inbox </a><a href="?page=write">New Message</a></b></div> 
<a href="members.php">Members</a><br> 
<a href="changepassword.php">EditProfile </a><a href="logout.php">Logout</a><br></center>'; 
$pmsesusername = $_SESSION['name']; 
include "connect.php"; 
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword") 
or die("unable to connect to the database"); 
mysql_select_db("$db", $db_conn) or die("unable to select the database"); 
switch($_GET[page]) 
{ 
default: 
break; 
case 'write': 
if (!$_POST[send]) 
{ 
echo ("<center><form method='POST' style='margin: 0px;'> "); 
} 
echo ("<center> 
To:*<br> 
<input type='text' name='to' size='20'>
<br>Message Subject:* 
<br><input type='text' name='subject' size='20'> 
<br>Message:* 
<br><textarea rows='7' name='message' cols='35'></textarea> 
<br><input type='submit' value='Submit' name='send'> 
</form> 
"); 
} 
if ($_POST[to]) 
{ 
$subject = htmlspecialchars(addslashes("$_POST[subject]")); 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$to = htmlspecialchars(addslashes("$_POST[to]")); 
$send = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , 
`touser` , `from` , `unread` , 
`date` ) VALUES ('$subject', '$message', '$to', 
'$pmsesusername', 'unread', NOW())"); 
echo ("<center>Your message has been sent."); 
} 
break; 
case 'delete': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Sorry, but this is an invalid message!"); 
} 
else 
{ 
$getmsg = mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] != $pmsesusername) 
{ 
echo ("<center>This message was not sent to you!"); 
} 
else 
{ 
$delete = mysql_query("delete from pmessages where id = '$_GET[msgid]'"); 
echo ("<center>Message Deleted"); 
} 
} 
break; 
case 'inbox': 
$get = mysql_query("SELECT * from pmessages where touser = '$pmsesusername' order by id desc"); 
echo (" 
<table bgcolor='#dddddd' border='0' width='100%' cellspacing='0'> 
<tr> 
<td align='center'>Subject</td> 
<td align='center' width='125'>From</td> 
<td align='center' width='97'>Date</td> 
<td width='25'>Delete</td> 
</tr> 
</table> 
"); 
$nummessages = mysql_num_rows($get); 
if ($nummessages == 0) 
{ 
echo ("<center>You have 0 messages!"); 
} 
else 
{ 
echo("<table border='0' width='100%' cellspacing='1'>"); 
while ($messages = mysql_fetch_array($get)) 
{ 
echo ("<center> 
<tr> 
<td><a href='?page=view&msgid=$messages[id]'>"); 
if ($messages[reply] == yes) 
{ 
echo ("<center>Reply to: "); 
} 
echo ("<center>$messages[title]</a></td> 
<td width='125'>$messages[from]</td> 
<td width='97'>$messages[date]</td> 
<td width='25'><a href='?page=delete&msgid=$messages[id]'>Delete</a></td> 
</tr>"); 
} 
echo ("<center></table>"); 
} 
break; 
case 'view': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Invalid message!"); 
} 
else 
{ 
$getmsg= mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] == $pmsesusername) 
{ 
if (!$_POST[message]) 
{ 
$markread = mysql_query("Update pmessages set unread = 'read' where id = '$_GET[msgid]'"); 
$msg[message] = nl2br(stripslashes("$msg[message]")); 
echo ("<center> 
<form method='POST' style='margin: 0px;'> 
<b>From: $msg[from]</b><br><b>Subject: $msg[title]</b> 
<b><br>Message:<br><u>$msg[message]</u></br></b> 
<b>Reply:<br></b> 
<center><textarea rows='6' name='message' cols='45'></textarea></center> 
<input type='submit' value='Submit' name='send'> 
</form>"); 
} 
if ($_POST[message]) 
{ 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$do = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , `touser` , `from` , `unread` , 
`date`, `reply`) VALUES 
('$msg[title]', '$message', '$msg[from]', '$pmsesusername', 
'unread', NOW(), 'yes')"); 
echo ("<center>Your message has been sent"); 
} 
} 
} 
break; 
} 
} 
else 
{ 
echo "Access Denied Please <a href='login.html'>Login</a>"; 
} 
?>
така?
 
<?php
session_start();
ob_start();
if($_SESSION['name'])
{
echo '<center><div align="center"><b><a href="?page=inbox">Inbox </a><a href="?page=write">New Message</a></b></div>
<a href="members.php">Members</a><br>
<a href="changepassword.php">EditProfile </a><a href="logout.php">Logout</a><br></center>';
$pmsesusername = $_SESSION['name'];
include "connect.php";
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword")
or die("unable to connect to the database");
mysql_select_db("$db", $db_conn) or die("unable to select the database");
switch($_GET[page])
{
default:
break;
case 'write':
if (!$_POST[send])
{
echo ("<center><form method='POST' style='margin: 0px;'>To:*<br>
<input type='text' name='to' size='20'>");
}
echo ("<center>
<br>Message Subject:*
<br><input type='text' name='subject' size='20'>
<br>Message:*
<br><textarea rows='7' name='message' cols='35'></textarea>
<br><input type='submit' value='Submit' name='send'>
</form>
");
}
if ($_POST[to])
{
$subject = htmlspecialchars(addslashes("$_POST[subject]"));
$message = htmlspecialchars(addslashes("$_POST[message]"));
$to = htmlspecialchars(addslashes("$_POST[to]"));
$send = mysql_query("INSERT INTO `pmessages` ( `title` , `message` ,
`touser` , `from` , `unread` ,
`date` ) VALUES ('$subject', '$message', '$to',
'$pmsesusername', 'unread', NOW())");
echo ("<center>Your message has been sent.");
}
break;
case 'delete':
if (!$_GET[msgid])
{
echo ("<center>Sorry, but this is an invalid message!");
}
else
{
$getmsg = mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'");
$msg = mysql_fetch_array($getmsg);
if ($msg[touser] != $pmsesusername)
{
echo ("<center>This message was not sent to you!");
}
else
{
$delete = mysql_query("delete from pmessages where id = '$_GET[msgid]'");
echo ("<center>Message Deleted");
}
}
break;
case 'inbox':
$get = mysql_query("SELECT * from pmessages where touser = '$pmsesusername' order by id desc");
echo ("
<table bgcolor='#dddddd' border='0' width='100%' cellspacing='0'>
<tr>
<td align='center'>Subject</td>
<td align='center' width='125'>From</td>
<td align='center' width='97'>Date</td>
<td width='25'>Delete</td>
</tr>
</table>
");
$nummessages = mysql_num_rows($get);
if ($nummessages == 0)
{
echo ("<center>You have 0 messages!");
}
else
{
echo("<table border='0' width='100%' cellspacing='1'>");
while ($messages = mysql_fetch_array($get))
{
echo ("<center>
<tr>
<td><a href='?page=view&msgid=$messages[id]'>");
if ($messages[reply] == yes)
{
echo ("<center>Reply to: ");
}
echo ("<center>$messages[title]</a></td>
<td width='125'>$messages[from]</td>
<td width='97'>$messages[date]</td>
<td width='25'><a href='?page=delete&msgid=$messages[id]'>Delete</a></td>
</tr>");
}
echo ("<center></table>");
}
break;
case 'view':
if (!$_GET[msgid])
{
echo ("<center>Invalid message!");
}
else
{
$getmsg= mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'");
$msg = mysql_fetch_array($getmsg);
if ($msg[touser] == $pmsesusername)
{
if (!$_POST[message])
{
$markread = mysql_query("Update pmessages set unread = 'read' where id = '$_GET[msgid]'");
$msg[message] = nl2br(stripslashes("$msg[message]"));
echo ("<center>
<form method='POST' style='margin: 0px;'>
<b>From: $msg[from]</b><br><b>Subject: $msg[title]</b>
<b><br>Message:<br><u>$msg[message]</u></br></b>
<b>Reply:<br></b>
<center><textarea rows='6' name='message' cols='45'></textarea></center>
<input type='submit' value='Submit' name='send'>
</form>");
}
if ($_POST[message])
{
$message = htmlspecialchars(addslashes("$_POST[message]"));
$do = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , `touser` , `from` , `unread` ,
`date`, `reply`) VALUES
('$msg[title]', '$message', '$msg[from]', '$pmsesusername',
'unread', NOW(), 'yes')");
echo ("<center>Your message has been sent");
}
}
}
break;
}
}
else
{
echo "Access Denied Please <a href='login.html'>Login</a>";
}
?>

??
 
Код: 
<?php 
session_start(); 
ob_start(); 
if($_SESSION['name']) 
{ 
echo '<center><div align="center"><b><a href="?page=inbox">Inbox </a><a href="?page=write">New Message</a></b></div> 
<a href="members.php">Members</a><br> 
<a href="changepassword.php">EditProfile </a><a href="logout.php">Logout</a><br></center>'; 
$pmsesusername = $_SESSION['name']; 
include "connect.php"; 
$db_conn = mysql_connect("$host", "$dbusername", "$dbpassword") 
or die("unable to connect to the database"); 
mysql_select_db("$db", $db_conn) or die("unable to select the database"); 
switch($_GET[page]) 
{ 
default: 
break; 
case 'write': 
if (!$_POST[send]) 
{ 
echo ("<center><form method='POST' style='margin: 0px;'>To:*<br> 
<input type='text' name='to' size='20'>"); 
echo ("<center> 
<br>Message Subject:* 
<br><input type='text' name='subject' size='20'> 
<br>Message:* 
<br><textarea rows='7' name='message' cols='35'></textarea> 
<br><input type='submit' value='Submit' name='send'> 
</form> 
"); 
} 
if ($_POST[to]) 
{ 
$subject = htmlspecialchars(addslashes("$_POST[subject]")); 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$to = htmlspecialchars(addslashes("$_POST[to]")); 
$send = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , 
`touser` , `from` , `unread` , 
`date` ) VALUES ('$subject', '$message', '$to', 
'$pmsesusername', 'unread', NOW())"); 
echo ("<center>Your message has been sent."); 
} 
break; 
case 'delete': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Sorry, but this is an invalid message!"); 
} 
else 
{ 
$getmsg = mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] != $pmsesusername) 
{ 
echo ("<center>This message was not sent to you!"); 
} 
else 
{ 
$delete = mysql_query("delete from pmessages where id = '$_GET[msgid]'"); 
echo ("<center>Message Deleted"); 
} 
} 
break; 
case 'inbox': 
$get = mysql_query("SELECT * from pmessages where touser = '$pmsesusername' order by id desc"); 
echo (" 
<table bgcolor='#dddddd' border='0' width='100%' cellspacing='0'> 
<tr> 
<td align='center'>Subject</td> 
<td align='center' width='125'>From</td> 
<td align='center' width='97'>Date</td> 
<td width='25'>Delete</td> 
</tr> 
</table> 
"); 
$nummessages = mysql_num_rows($get); 
if ($nummessages == 0) 
{ 
echo ("<center>You have 0 messages!"); 
} 
else 
{ 
echo("<table border='0' width='100%' cellspacing='1'>"); 
while ($messages = mysql_fetch_array($get)) 
{ 
echo ("<center> 
<tr> 
<td><a href='?page=view&msgid=$messages[id]'>"); 
if ($messages[reply] == yes) 
{ 
echo ("<center>Reply to: "); 
} 
echo ("<center>$messages[title]</a></td> 
<td width='125'>$messages[from]</td> 
<td width='97'>$messages[date]</td> 
<td width='25'><a href='?page=delete&msgid=$messages[id]'>Delete</a></td> 
</tr>"); 
} 
echo ("<center></table>"); 
} 
break; 
case 'view': 
if (!$_GET[msgid]) 
{ 
echo ("<center>Invalid message!"); 
} 
else 
{ 
$getmsg= mysql_query("SELECT * from pmessages where id = '$_GET[msgid]'"); 
$msg = mysql_fetch_array($getmsg); 
if ($msg[touser] == $pmsesusername) 
{ 
if (!$_POST[message]) 
{ 
$markread = mysql_query("Update pmessages set unread = 'read' where id = '$_GET[msgid]'"); 
$msg[message] = nl2br(stripslashes("$msg[message]")); 
echo ("<center> 
<form method='POST' style='margin: 0px;'> 
<b>From: $msg[from]</b><br><b>Subject: $msg[title]</b> 
<b><br>Message:<br><u>$msg[message]</u></br></b> 
<b>Reply:<br></b> 
<center><textarea rows='6' name='message' cols='45'></textarea></center> 
<input type='submit' value='Submit' name='send'> 
</form>"); 
} 
if ($_POST[message]) 
{ 
$message = htmlspecialchars(addslashes("$_POST[message]")); 
$do = mysql_query("INSERT INTO `pmessages` ( `title` , `message` , `touser` , `from` , `unread` , 
`date`, `reply`) VALUES 
('$msg[title]', '$message', '$msg[from]', '$pmsesusername', 
'unread', NOW(), 'yes')"); 
echo ("<center>Your message has been sent"); 
} 
} 
} 
break; 
} 
} 
else 
{ 
echo "Access Denied Please <a href='login.html'>Login</a>"; 
} 
?>


Ако и така не стане , незнам как ще стане :idea:
 
Трябва да си влезнал или регистриран, за да отговориш тук.

Back
Горе