dyr
-
Posts
67 -
Joined
-
Last visited
Never
Posts posted by dyr
-
-
forgot to list the grab function:
function memberGrab($value, $mid) { $mid = protect($mid, 1, 1); $value = protect($value, 0, 0); $result = mysql_query("SELECT `$value` FROM `users` WHERE `id`='$mid'") or die ('cannot return member information' . mysql_error()); $row = mysql_fetch_array($result); return stripslashes($row[$value]); }I tried putting your preg replace in the grab as well as protect function (like below) but it is still giving me rn's. :/
return preg_replace("/\r|\n/", "", $row[$value]); -
Tried testing again in various ways (taking out mysql real escape string, putting it back in, switching orders) but the same thing happens.
-
How can I get rid of the rn's? I tried nl2br and it doesn't seem to work?
I use the function protect, which I defined here:
//SQL PROTECTION function protect($value,$detect_numeric) { if (get_magic_quotes_gpc()) { if(ini_get('magic_quotes_sybase')) { $value = str_replace("''", "'", $value); } else { $value = stripslashes($value); } } // Quote if $value is a string and detection enabled. if ($detect_numeric) { if (!is_numeric($value)) { return ""; } } return mysql_real_escape_string($value)); }Here's the entire code, mainly I'm looking at the reply areas.
<?php $title = "Compose New Message"; include $_SERVER['DOCUMENT_ROOT']."/inc/header.php"; if (isset($_GET['to'])) $to = protect($_GET['to'], 1); else $to = ""; if (isset($_GET['reply'])) $reply = protect($_GET['reply'], 1); else $reply = ""; if ($reply) { $grab = mysql_fetch_array(mysql_query("SELECT `from_mid`, `subject`, `message` FROM inbox WHERE id='$reply' AND to_mid='$mid' LIMIT 1")); $to = $grab['from_mid']; if ($grab['subject']) $replysubject = "Re: ".stripslashes($grab['subject']); if ($grab['message']) $replymessage = "----------------------------------------------- ".stripslashes($grab['message']); } function sendMsg($to, $subject, $message, $reply, $mid) { $to = protect($to, 1); $subject = protect($subject, 0); $subject = htmlentities($subject); $message = protect($message, 0); $message = htmlentities($message); $reply = protect($reply, 1); $mid = protect($mid, 1); if (!$to) return error("You must enter a user to send a message to."); $countblocks = mysql_num_rows(mysql_query("SELECT `id` FROM blocks WHERE `mid`='$to' AND `user`='$mid' LIMIT 1")); $countblocks2 = mysql_num_rows(mysql_query("SELECT `id` FROM blocks WHERE `mid`='$mid' AND `user`='$to' LIMIT 1")); if ($countblocks) return error("This user has blocked you."); if ($countblocks2) return error("You have blocked this user."); //if ($to == $mid) //return error("You can't message yourself."); if (!$subject) $subject = "No Subject"; if (!$message) return error("You must enter a message to send."); $check = mysql_fetch_array(mysql_query("SELECT COUNT(id) AS numrows FROM inbox WHERE `to_mid`='$to' AND `from_mid`='$mid' AND `subject`='$subject' AND `message`='$message'")); if ($check['numrows']) return error("You have already sent this message."); if ($reply) { //MARK AS REPLIED mysql_query("UPDATE inbox SET status='2' WHERE id='$reply' LIMIT 1"); } mysql_query("INSERT INTO inbox (`to_mid`, `from_mid`, `message`, `subject`, `datesent`) VALUES ('$to', '$mid', '$message', '$subject', NOW())"); echo success("You have sent this message successfully."); echo "<br /><center><a href='/inbox.php'>Return?</a></center>"; include $_SERVER['DOCUMENT_ROOT']."/footer.php"; exit; } if (isset($_POST['sendmsg'])) $error = sendMsg($_POST['tomid'], $_POST['subject'], $_POST['message'], $reply, $mid); ?> <center> <?php if ($error) echo $error."<br /><br />"; ?> <form method="post"> <table width="500" cellpadding="3" cellspacing="3"> <tr> <td align="right"><b>To:</b> <td align="left">#<input type="text" name="tomid" value="<?php echo $to; ?>" size="5" /></td> </tr> <tr> <td align="right"><b>Subject:</b> <td align="left"><input type="text" name="subject" value="<?php if ($reply) echo $replysubject; ?>" /></td> </tr> <tr> <td align="right" valign="top"><b>Message:</b> <td align="left"><textarea name="message" rows="10" cols="50"> <?php if ($reply) echo " $replymessage"; ?></textarea></td> </tr> <tr> <td align="center" colspan="2"><input type="submit" name="sendmsg" value="Send Message!" /></td> </tr> </table> </form> </center> <?php //FOOTER includes include $_SERVER['DOCUMENT_ROOT']."/footer.php"; ?> -
$_SESSION['id'] contains the user's ID# in their session, which is the same number as to_mid.
Tried array, to no avail. :/
-
$inbox = mysql_query("SELECT `status` FROM `inbox` WHERE to_mid = '".$_SESSION['id']."'"); $inbox = mysql_fetch_assoc($inbox); { if($inbox['status'] == 0){ echo 'NEW<br />'; } else{ echo 'Old<br />'; }}I'm trying to update my sidebar to tell users when they have new, unread messages or not. New, unread messages are classified in the inbox table as a status of 0. How come this code isn't working? On the actual page the config.php page which connects to the DB is included.
-
To get the date of birth I usually make the simple function:
function getAge( $p_strDate ) { list($Y,$m,$d) = explode("-",$p_strDate); return( date("md") < $m.$d ? date("Y")-$Y-1 : date("Y")-$Y ); } -
Ok, one last question- I want to notify users the status of the users (if they are an admin or mod). How would I be able to do this? Since if($admin) shows the information only to admins, not the rest of the public users.
I want it where, on the profile page if the user is an admin to show a public message to everyone on the site, "This user is an admin."
Any thoughts about this? Would I use a $_GET function?
-
Thanks, this works like a charm!
-
Dunno but your logic seems a bit flawed.
1. "SELECT `level` FROM users WHERE `level` = 1" does not make sense. That will give you a bunch of 1's.
2. If you only pick those users with admin privileges, then why do you need "if ($admin)" in the first place?
Well I'd want to define in my headers what the admin variable is, so then I can just use that variable always in other scripts/pages.
you should be selecting the level by user name or id or whatever you have that uniquely identifies the user.
..where user_name='$username'
..where user_id='$userid'
or however you have it setup.
Alright, thanks, I'll try and incorporate PFMaBiSmAd's suggestions instead then. I guess I misread the purpose of the WHERE clause.
-
Or perhaps there could be a way where users could still modify their post until someone else makes a reply?
-
The difficulty is... I totally forgot about the where clause, haha.
So would this work?:
$grab = mysql_query("SELECT `level` FROM users WHERE `level` = 1") or die(mysql_error()); $grab = mysql_fetch_array($grab); $admin = $grab['level']; // whenever I make admin function use below if($admin) { codes }Or would I not need a mysql array since it's only one variable?
-
I recently hired someone to code a fair amount of my site, the more experienced scripts that I just didn't have time for. However it's extremely buggy, especially the admin options, and they didn't pay attention to how I represented an administrator in my other codes. Naturally I'm a bit peeved, but hopefully you guys could help me out?
In my users table I have a field called 'level'. Most users, upon signing up, are at level 0. The basic members. However I'd like to make it so that people who are level 1 have admin powers, level 2 have basic moderator powers, etc. How would I go about implementing that via code? I'd like it so I could just use the variable $admin in my codes, so like if ($admin) { and show the edit features here }.
But how would I go about identifying if a user is an admin (by checking what level they are in the database)? I tried this in my headers but I'm pretty sure it's wrong as it's not working:
$grab = mysql_query("SELECT `level` FROM users WHERE id='$userfinal' LIMIT 1") or die(mysql_error()); $grab = mysql_fetch_array($grab); $grab['level']; if ($grab['level'] == 1) { $grab['level'] = $admin; } -
that did the trick, thanks.
-
okay, I believe I was having this problem before I included the forgot pass function so here's the full edit profile code:
<?php include('config.php'); include('header.php'); if($_SESSION['id']=="") { header("Location: YouMustLogInNotice.html"); } if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = md5(mysql_escape_string($_POST['password'])); $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php?id=$userfinal'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $user = $userfinal; echo "<td align=center> <div style='10px' id=box> <table width='100%'> <tr> <td><h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' class=button /> </form></div></td> </tr> </table> </td></tr> </table>"; ?> <?php include('footer.php'); ?> -
Gotcha, here's a portion of the edit profile code in which they could change the password:
if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = md5(mysql_escape_string($_POST['password'])); $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php?id=$userfinal'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $user = $userfinal; echo "<td align=center> <div style='10px' id=box> <table width='100%'> <tr> <td><h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' class=button /> </form></div></td> </tr> </table> </td></tr> </table>";and here's a portion of the forgot password code (in which it generates a new password for the user):
if (isset($_POST['submit'])) { if ($_POST['forgotpassword']=='') { error('Please Fill in Email.'); } if(get_magic_quotes_gpc()) { $forgotpassword = htmlspecialchars(stripslashes($_POST['forgotpassword'])); } else { $forgotpassword = htmlspecialchars($_POST['forgotpassword']); } //Make sure it's a valid email address, last thing we want is some sort of exploit! if (!check_email_address($_POST['forgotpassword'])) { error('Email Not Valid - Must be in format of name@domain.tld'); } // Lets see if the email exists $sql = "SELECT COUNT(*) FROM users WHERE email = '$forgotpassword'"; $result = mysql_query($sql)or die('Could not find member: ' . mysql_error()); if (!mysql_result($result,0,0)>0) { error('Email Not Found!'); } //Generate a RANDOM MD5 Hash for a password $random_password=md5(uniqid(rand())); //Take the first 8 digits and use them as the password we intend to email the user $emailpassword=substr($random_password, 0, ; //Encrypt $emailpassword in MD5 format for the database $newpassword = md5($emailpassword); // Make a safe query $query = sprintf("UPDATE `users` SET `password` = '%s' WHERE `email` = '$forgotpassword'", mysql_real_escape_string($newpassword)); mysql_query($query)or die('Could not update members: ' . mysql_error()); //Email out the infromation $subject = "Your New Password"; $message = "You have forgotten your password. Your new password is as follows: ---------------------------- Password: $emailpassword ---------------------------- Upon logging in, you can click on the Home button and change your password. Please note all information is encrypted in our database! This email was automatically generated, please do not respond."; if(!mail($forgotpassword, $subject, $message, "FROM: $site_name <$site_email>")){ die ("Sending Email Failed, Please Contact Site Admin! ($site_email)"); }else{ error('Success! A new password has been sent to your email!'); } } else { ?> <form name="forgotpasswordform" action="" method="post"> <table border="0" cellspacing="0" cellpadding="3" width="20%"> <caption> <div>Password Reset Page</div> </caption> <tr> <td>Email Address: <input name="forgotpassword" type="text" placeholder="email" id="forgotpassword" /></td> </tr> <tr> <td colspan="2" class="footer"><input type="submit" name="submit" value="Submit" class="mainoption" /></td> </tr> </table> -
If possible I'd like to keep it to just using sessions, but thank you!
-
Hi all, I've stumbled over a bug which I'm not sure how to fix. For some reason, my login code is messed up? If I enter the username and password correctly, nothing happens and I log in. Yet if I enter a wrong password, it tells me my password is wrong (like it should) yet changes the database password to something random? So neither what I just typed nor the actual password is correct... any help with this?
here's the basic login code, without anything sanitized and whatnot:
<?php if($loggedin == '0') { if(isset($_POST['submit'])) { // Make sure all forms were filled out. if((!isset($_POST['username'])) || (!isset($_POST['pass'])) || ($_POST['username'] == '') || ($_POST['pass'] == '')) die("Please fill out the form completely. <br><br> <a href=index.php>Continue</a>"); // Get user's record from database $player = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."' AND active IS NULL"); $player = mysql_fetch_assoc($player); mysql_real_escape_string($username); mysql_real_escape_string($password); if($player['id'] == false) die("Sorry, that user is not in our database or your account isn't activated.<br><br> <a href=index.php>Back</a>"); else if($player['password'] != md5($_POST['pass'])) die("Wrong password!<br><br> <a href=index.php>Back</a>"); $_SESSION['id'] = $player['id']; $_SESSION['username'] = $player['username']; $_SESSION['password'] = $player['password']; $_SESSION['callname'] = $player['callname']; $_SESSION['email'] = $player['email']; $date = date("m/d/y"); $update = @mysql_query("UPDATE users SET lastlogin = '$date' WHERE id = '".$_SESSION['id']."'"); echo '<META HTTP-EQUIV="Refresh" Content="0; URL=news.php">'; } else { echo '<form action=index.php method=post><div style="padding-top:5px;" id=box><table> <tr align=center> <td width=200px> <i><b>Sign in</b></i></td></tr> <tr><td valign=middle> <table><tr><td><input type=text name=username placeholder=Username size=25></td></tr></table> </td></tr> <tr> <td valign=middle> <table><tr><td><input type=password placeholder=Password name=pass size=25></td></tr></table> </td> </tr> <tr><td align=right width=200px><input type=submit name=submit value=Login class=button><br /><br /><a href=#>Register!</a> or <a href=forgotpass.php>Forgot password?</a> </form><br /><br /></td><tr><td align=left><iframe src="chat.php" width="100%" height="410px" align="left" frameborder="0" style="overflow:visible;"></iframe></tr></td></div> </tr></table></div></center>'; } } else { $player_q = mysql_query("SELECT `callname` FROM `users` WHERE id = '".$_SESSION['id']."'"); $player_r = mysql_fetch_assoc($player_q); $player = $player_r['callname']; echo '<div style="padding-top:5px;" id=box><table align="left"> <i><b>Welcome Back!</b></i><br />Hey again, '.$player.'! <br /><br /><b>Gold:</b> 0<br /><b>Inbox Status:</b> <a href=inbox.php>Old</a><br /> <b>Recent Posts:</b> Old<br /><br /><center>2 users online<br /><br /></center><iframe src="chat.php" width="100%" height="410px" align="left" frameborder="0" allowtransparency="true"></iframe><br /><a href=logout.php>Logout?</a><br /><br /></center>'; echo '</div> </table>'; } ?> -
Thank you very much for assisting me! So you recommend combining my chat_hist.php with the chat.php, and removing the ajax I currently have? And then writing new Ajax to automatically add a new message in to the div (on another page where I include('chat.php'))?
-
Hi, I recently commissioned a chatbox script and then recoded it using ajax to try and make the chat seem instant. I'm trying to get it to work like a cbox, like the one here: http://cbox.ws/ (right hand column, except i'd like new messages to appear at the top)
However my script refreshes the messages instead of adding new ones. It's distracting because it refreshes the old chat history and makes it hard to read, which leads me to think I coded it the wrong way.
chat.php
<?php include('config.php'); if(isset($_POST['form'])) { $message = mysql_real_escape_string($_POST['message']); $time = time(); if(isset($_SESSION['id'])) { $userID = (int) $_SESSION['id']; } else { $userID = 0; } mysql_query("INSERT INTO `chat` (`userID`, `time`, `message`) VALUES ('$userID', '$time', '$message')") or die(mysql_error()); } echo<<<JS <script type="text/javascript"> function Ajax(){ var xmlHttp; try{ xmlHttp=new XMLHttpRequest();// Firefox, Opera 8.0+, Safari }catch (e){ try{ xmlHttp=new ActiveXObject("Msxml2.XMLHTTP"); // Internet Explorer }catch (e){ try{ xmlHttp=new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ alert("No AJAX!?"); return false; } } } xmlHttp.onreadystatechange=function(){ document.getElementById('ReloadThis').innerHTML=xmlHttp.responseText; setTimeout('Ajax()',30000); } xmlHttp.open("GET","chat_hist.php",true); xmlHttp.send(null); } window.onload=function(){ setTimeout('Ajax()',5000); } </script> JS; echo '<div id="ReloadThis">Loading...</div>'; ?>chat_hist.php
<?php include('config.php'); $query = mysql_query("SELECT * FROM `chat` ORDER BY `id` DESC LIMIT 20"); while($row = mysql_fetch_assoc($query)) { if($row['userID'] == 0) { $player = 'Guest'; } else { $player_q = mysql_query("SELECT * FROM `users` WHERE `id`='" . $_SESSION['id'] . "'"); $player_r = mysql_fetch_assoc($player_q); $player = $player_r['callname']; } echo '<div style="border-bottom: 1px dashed black;">' . $player . ': ' . $row['message'] . '</div> <div style="border-bottom: 1px solid black;">' . date('m-d h:i:s', $row['time']) . '</div>'; } ?> -
Thanks guys, for some reason the md5($_POST['password'])); wasn't working earlier. I guess I typo'd.
Speaking of passwords, I have a forgot password tool. But I've encrypted all passwords in md5 so there's no way to unencrypt them and send the user an email with the regular password. So I was thinking of emailing the user a link that expires after x amount of time, and when they click on that from their email they can change their password. I so far have the form/emailing portion down fine (form in forgot.php, clicking that runs it through a check on forgotpass.php and message shows up 'it's been sent' or a form of an error message).
However, I'm not sure how I would generate a random link that expires (showing them the reset password form) and updating the mySQL table. Any help with this? I'd really appreciate it.
forgotpass.php
<?php include('config.php'); echo "<form action=forgotpass.php method=post><input type=text placeholder=Email name=email size=17><br /><input type=submit name=submit value=submit class=button></form>"; $email=$_POST['email']; $email=mysql_real_escape_string($email); $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email,"@") OR !stristr($email,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT email,id,password FROM users WHERE email = '$email'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->email; if ($recs == 0) { // let us show the error message echo "<center><font face='Verdana' size='2' color=red><b>No Password</b><br> Sorry Your address is not there in our database . You can signup and login to use our site. <BR><BR><a href='signup.php'> Sign UP </a> </center>"; exit;} $headers4="admin@virtus.com"; $headers.="Reply-to: $headers4\n"; $headers .= "From: $headers4\n"; $headers .= "Errors-to: $headers4\n"; //$headers = "Content-Type: text/html; charset=iso-8859-1\n".$headers; if(mail("$em","Your Request for login details","This is in response to your request for login detailst at site_name \n \nLogin ID: $row->userid \n Password: $row->password \n\n Thank You \n \n siteadmin","$headers")){echo "<center><font face='Verdana' size='2' ><b>THANK YOU</b> <br>Your password is posted to your emil address . Please check your mail after some time. </center>";} else{ echo " <center><font face='Verdana' size='2' color=red >There is some system problem in sending login details to your address. Please contact site-admin. <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } else {// Validation failed so show the error message echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} ?> -
Hi folks! Upon registering, my register script runs an md5 hash on the password. My problem is when the user wants to change passwords. currently I have a very simple profile, and when they edit it, it doesn't rehash the password- it simply replaces the entire hashed old password with the plain, new password. Any way I could get the script to rehash the password?
editprofile.php
<?php include('config.php'); include('header.php'); if($_SESSION['id']=="") { header("Location: YouMustLogInNotice.html"); } if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = $_POST['password']; $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php?id=$userfinal'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $user = $userfinal; echo "<td align=center> <div id=box> <table width='100%'> <tr> <td><h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' class=button /> </form></div></td> </tr> </table> </td></tr> </table>"; ?> <?php include('footer.php'); ?> -
Still doesn't seem to be working, that didn't effect it.
Here's some .css coding that relates to the ul, but that's the only portion I have (besides the actual image menu):
ul#topnav { position:relative; top:235px; right:5px; width:963px; list-style:none; height:36px; } ul#topnav li { display:inline; } -
http://i1093.photobucket.com/albums/i433/dyruse/Screenshot2012-04-22at112815AM.png
I'm using a text-menu list to display over my header image. When there is no menu list, the container (the 1 px black border) is fine. However when I insert in the menu list, the container and the banner have around a 10 px space in between each other, as shown above. Below is my code, how can I get it set up with no 10 px space and still use the menu links?
<div id="container"> <div id="header" style="background: url('/images/test.png') no-repeat; height: 286px;"><ul id="topnav"> <li id="topnav-1"><a href="home.php" title="Home">Home</a></li> <li id="topnav-2"><a href="index.php" title="City">City</a></li> <li id="topnav-3"><a href="about-us.html" title="About Us">About Us</a></li> <li id="topnav-4"><a href="contact-us.html" title="Contact Us">Contact Us</a></li> <li id="topnav-5"><a href="contact-us.html" title="Contact Us">Contact Us</a></li> <li id="topnav-6"><a href="contact-us.html" title="Contact Us">Contact Us</a></li> <li id="topnav-7"><a href="contact-us.html" title="Contact Us">Contact Us</a></li> </ul> </div></div> -
Many thanks! I got my code working fine now. I have questions on how I can incorporate this in to my messaging system (ie having a users name linked to their profile) but I suppose I should start a new thread for that rather than posting here, yes? I've tried meddling with it, will do so for a couple days now before asking for help.
rn's never die!
in PHP Coding Help
Posted
code I'm inserting in to database with:
function sendMsg($to, $subject, $message, $reply, $mid) { $to = protect($to, 1); $subject = protect($subject, 0); $subject = htmlentities($subject); $message = protect($message, 0); $message = htmlentities($message); $reply = protect($reply, 1); $mid = protect($mid, 1); if (!$to) return error("You must enter a user to send a message to."); if (!$subject) $subject = "No Subject"; if (!$message) return error("You must enter a message to send."); $check = mysql_fetch_array(mysql_query("SELECT COUNT(id) AS numrows FROM inbox WHERE `to_mid`='$to' AND `from_mid`='$mid' AND `subject`='$subject' AND `message`='$message'")); if ($check['numrows']) return error("You have already sent this message."); mysql_query("INSERT INTO inbox (`to_mid`, `from_mid`, `message`, `subject`, `datesent`) VALUES ('$to', '$mid', '$message', '$subject', NOW())");data in:
hi
-------------------------------
data in database:
\r\n hi \r\n \r\n \r\n-------------------------
data out:
rnhi rn rn rn rn----------------------