MadTechie

if the reply is working yo can remove the following lines echo "debug:Type="; var_dump($_POST['type']); whats the problem with the unread read thing ? ??

i assume thats not all the code but try this <?phpmysql_query("update tribes set land=land-$land1 where id=$mytribe[id]"); mysql_query("update tribes set credits=credits-$amm1 where id=$mytribe[id]"); mysql_query("update tribes set Wall=Wall+$aunit1 where id=$mytribe[id]"); mysql_query("insert into tlog (owner,log) values($mytribe[id],'<span style=color:#993399>$stat[user] has bought $aunit1 Walls for $amm1 Credits. </span>')"); ?> to $mytribeid = (int)$mytribe['id']; $aunit1= (int)$aunit1; $amm1=(int)$amm1; $land1=(int)$land1; mysql_query("update tribes set land=land-$land1 where id=$mytribeid"); mysql_query("update tribes set credits=credits-$amm1 where id=$mytribeid"); mysql_query("update tribes set Wall=Wall+$aunit1 where id=$mytribeid"); mysql_query("insert into tlog (owner,log) values($mytribeid,'<span style=color:#993399>$stat[user] has bought $aunit1 Walls for $amm1 Credits. </span>')");

try this should atleast give a debug message.. its a shame i will be writing my own PM system for a project in about 15-30 days.. <?php include("header.php"); include("members.php"); $a = $_GET['action']; $u = $_COOKIE['ELv2']; $id = $_GET['id']; ?> <h2>Message Center</h2> <input type='button' value='Send a New Message!' onClick='parent.location="/mail.php?action=newmsg"' class='text_box' style='width: 200px' alt='Send a message!' title='Send a message!'> <input type='button' value='Inbox!' onClick='parent.location="/mail.php?action=inbox"' class='text_box' style='width: 200px' alt='View your recieved mail!' title='View your recieved mail!'> <input type='button' value='Outbox!' onClick='parent.location="/mail.php?action=outbox"' class='text_box' style='width: 200px' alt='View mail you have sent!' title='View mail you have sent!'> <?php switch($a) { case "inbox": print "<br><h1>Inbox</h1><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">From</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `to` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">" . $subject . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $from . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $date . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $status . "</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=sview&id=" . $id . "\">Read - <a href=\"mail.php?action=delete&id=" . $id . "\">Delete</td> </tr>"; } print "</table>"; break; case "outbox": print "<br><h1>Outbox</h2><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">To</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `from` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">$subject</td> <td bgcolor=\"#ffffff\" class=\"other\">$to</td> <td bgcolor=\"#ffffff\" class=\"other\">$date</td> <td bgcolor=\"#ffffff\" class=\"other\">$status</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=view&id=$id\">Read - <a href=\"mail.php?action=delete&id=$id\">Delete</td> </tr>"; } print "</table>"; break; case "delete": $del = mysql_query("DELETE FROM `messages` WHERE `id` = '$id' AND `site` = '$Z'"); if($del) { Header("Location: mail.php?action=inbox"); } else { print mysql_error(); } break; case "view": $update = mysql_query("UPDATE `messages` SET `status`='read' WHERE `id`='$id' AND `site`=$Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to<br> From: $from<br> Date: $date<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\"> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> $body </textarea><p>"; } break; case "sendmsg": echo "debug:Type="; var_dump($_POST['type']); if($_POST['type'] == "1") { $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n"; $headers .= "To: ".trim($_POST['to'])."\r\n"; $headers .= "From: ".trim($_POST['from'])."\r\n"; $headers .= "Reply-To: ".trim($email)."\r\nnew;reply-to: ".trim($email)."\r\n"; @mail(trim($_POST['to']), trim($_POST['subject']), $_POST['message'], $headers); echo("Mail sent to ".trim($_POST['to']) ); }elseif ($_POST['type'] == "2") { $subject = $_POST['subject']; $message = $_POST['message']; $date = date("m/d/y"); $status = "unread"; $to = $_POST['to']; if($subject && $to && $message) { $insert = mysql_query("INSERT INTO `messages` (`site`, `subject`, `body`, `status`, `date`, `to`, `from`) VALUES('$Z', '$subject', '$message', '$status', '$date', '$to', '$u')"); if($insert) { print "<h2>Message Sent</h2><p> Your message has been sent!<P> <a href=\"mail.php?action=inbox\">Back to Inbox"; }else { print mysql_error(); } } else { print "Subject, To User, and Message are required!"; } } break; case "sview": $update = mysql_query("UPDATE `messages` SET status = 'read' WHERE `id`='$id' AND `site`= $Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to <br>From: $from <br>Date: $date<p> $body<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> Reply:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> <p><p>Original Message --------------------------- To: $to From: $from Date: $date Message: $body</textarea><p> <input type=\"submit\" value=\" Send Reply \" class=\"text_box\"></form>"; } break; default: $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '$u' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} messages"; echo "<h1>Send Message</h1><p> <form action=\"mail.php?action=sendmsg\" method=\"post\">"; echo "<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\" alt=\"Click here if you are sending your message outside this site via email\" title=\"Click here if you are sending your message outside this site via email\"> Email <input type=\"radio\" name=\"type\" value=\"2\" checked class=\"text_box\" alt=\"Click here if you are sending a message within this site and NOT via email!\" title=\"Click here if you are sending a message within this site and NOT via email!\"> Private Message <br> To: <br> <input type=\"text\" name=\"to\" class=\"text_box\" alt=\"Who do you want to send your message to?\" title=\"Who do you want to send your message to?\"><p> From:<br> <select name=\"from\" size=\"1\" class=\"text_box\" alt=\"Please choose where your sending from!\" title=\"Please choose where you are sending from!\">"; $sql = mysql_query("SELECT * FROM `members` WHERE `username`='$u'"); while($row = mysql_fetch_array($sql)) { $us = $row["username"]; print "<option value=\"$us\">$us</option> <option value=\"$us@eaglelegend.com\">$us@eaglelegend.com</option>"; } print "</select><p> Subject:<br> <input type=\"text\" name=\"subject\" size=\"30\" class=\"text_box\" alt=\"What is the title/subject of your message?\" title=\"What is the title/subject of your message?\"><p> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\" alt=\"Please enter your message!\" title=\"Please enter your message!\"></textarea><p> <input type=\"submit\" value=\" Send Message \" class=\"text_box\" alt=\"Click here to send your message!\" title=\"Click here to send your message!\"></form>"; #$query = "SELECT `email` FROM `members` WHERE `username`='".mysql_escape_string($username)."' LIMIT 1"; break; } include("footer.php"); ?>

i think this should be in the freelance section,

maybe something like this <?php $q[1] = "What says meow!"; $a[1][1] = array("Cat",true); $a[1][2] = array("Dog",false); $a[1][3] = array("Snake",false); foreach($q as $k => $qs) { echo $qs; shuffle($a[$k]); foreach($a[$k] as $L) { echo $L[0]; if($L[1]) echo "Correct"; echo "<br>"; } } ?> EDIT: this is untested

Sighs No no no <?php session_start();//At the start! ?> <head> <title>Welcome To UltimateRavers.Net, Your Ultimate Online Raving Destiny!</title> <style type="text/css"> @import "stylesheet.css"; </style> <div align="center"> <body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table id="Table_01" width="851" height="736" border="0" cellpadding="0" cellspacing="0"> <tr> <td colspan="11" background="images/Index_01.gif" width="850" height="6" alt=""></td> <td background="images/spacer.gif" width="1" height="6" alt=""></td> </tr> <tr> <td colspan="7" rowspan="2" background="images/Index_02.gif" width="672" height="28" alt=""></td> <td background="images/Untitled-1_03.gif" width="140" height="14" alt=""> <?php if(!empty($_SESSION["valid_user"])) { echo "<p>Welcome, " . $_SESSION["valid_user"]; } ?> </td> <td colspan="3" rowspan="2" background="images/Index_04.gif" width="38" height="28" alt=""></td> <td background="images/spacer.gif" width="1" height="14" alt=""></td> </tr> <tr> <td background="images/Index_05.gif" width="140" height="14" alt=""></td> <td background="images/spacer.gif" width="1" height="14" alt=""></td> </tr> <tr> <td colspan="2" rowspan="2" background="images/Index_06.gif" width="20" height="106" alt=""></td> <td colspan="7" background="images/Index_07.gif" width="807" height="99" alt=""></td> <td colspan="2" rowspan="2" background="images/Index_08.gif" width="23" height="106" alt=""></td> <td background="images/spacer.gif" width="1" height="99" alt=""></td> </tr> <tr> <td colspan="7" background="images/Index_09.gif" width="807" height="7" alt=""></td> <td> <img src="images/spacer.gif" width="1" height="7" alt=""></td> </tr> <tr> <td rowspan="7" background="images/Index_10.gif" width="16" height="595" alt=""></td> <td colspan="9" background="images/Untitled-1_11.gif" width="817" height="30" alt=""></td> <td rowspan="7" background="images/Index_12.gif" width="17" height="595" alt=""></td> <td background="images/spacer.gif" width="1" height="30" alt=""></td> </tr> <tr> <td colspan="9" background="images/Index_13.gif" width="817" height="14" alt=""></td> <td background="images/spacer.gif" width="1" height="14" alt=""></td> </tr> <tr> <td colspan="2" rowspan="5"> <img src="images/Index_14.gif" width="6" height="551" alt=""></td> <td colspan="2" background="images/Untitled-1_15.gif" width="141" height="186" alt=""> <a href="home.php"target="ur">Home</a> <br> <a href="tester.php" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Home</a> <br> <a href="home.html" target="ur">Contact</a> <br> <a href="logout.php" target="ur">Logout</a> <br> </td> <td rowspan="5" background="images/Index_16.gif" width="28" height="551" alt=""></td> <td colspan="3" rowspan="4" background="images/Untitled-1_17.gif" width="636" height="515" alt=""> <iframe name="ur" width="636" height="515" src="home.php" frameborder="0" scrolling="yes" > </iframe> </td> <td rowspan="5" background="images/Index_18.gif" width="6" height="551" alt=""></td> <td background="images/spacer.gif" width="1" height="186" alt=""></td> </tr> <tr> <td colspan="2" background="images/Index_19.gif" width="141" height="58" alt=""></td> <td background="images/spacer.gif" width="1" height="58" alt=""></td> </tr> <tr> <td background="images/Untitled-1_18.gif" width="139" height="269" alt=""> Shoutbox Is Currently Being Created! </td> <td rowspan="3" background="images/Index_21.gif" width="2" height="307" alt=""></td> <td background="images/spacer.gif" width="1" height="269" alt=""></td> </tr> <tr> <td rowspan="2" background="images/Index_22.gif" width="139" height="38" alt=""></td> <td background="images/spacer.gif" width="1" height="2" alt=""></td> </tr> <tr> <td colspan="3" background="images/Index_23.gif" width="636" height="36" alt=""></td> <td background="images/spacer.gif" width="1" height="36" alt=""></td> </tr> <tr> <td background="images/spacer.gif" width="16" height="1" alt=""></td> <td background="images/spacer.gif" width="4" height="1" alt=""></td> <td background="images/spacer.gif" width="2" height="1" alt=""></td> <td background="images/spacer.gif" width="139" height="1" alt=""></td> <td background="images/spacer.gif" width="2" height="1" alt=""></td> <td background="images/spacer.gif" width="28" height="1" alt=""></td> <td background="images/spacer.gif" width="481" height="1" alt=""></td> <td background="images/spacer.gif" width="140" height="1" alt=""></td> <td background="images/spacer.gif" width="15" height="1" alt=""></td> <td background="images/spacer.gif" width="6" height="1" alt=""></td> <td background="images/spacer.gif" width="17" height="1" alt=""></td> <td></td> </tr> </table> </body> </html>

Huh! you lost me, what are you trying to do ?

for eregi try this (for numbers ONLY) <?php #$data = "1233"; //works $data = "123A"; //fails if (!eregi('^[[:digit:]]+$', $data)) { echo "Number ONLY Required"; } ?> But Rohan Shenoy is correct, don't use a regex if you can do it another way if(is_numeric($string)) is quicker

its not a problem but you may get lost when pointing to the correct file.. what i tend to do (depending on the project) is create sets like:~ class/ ....../msg ....../topics templates ....../msg ....../topics javascript ....../msg ....../topics css ....../msg ....../topics then in my config.php i have contants for each set define("pathclass", "class"); define("pathcss", "css"); define("msg", "msg"); define("topics", "topics"); echo pathclass.topics; // for class/topics

yes, its not a path it's a prefix, like a regex "^/dir/inc"

Sorry I Totally missed the point of your post! okay the directive open_basedir, is used as a restriction,

if you don't want to refresh the whole page then your need to look at ajax/javascript or frames, but for starters get it working with pure php, the basics are create a form with a drop down list, then make that dropdown dynamic (build from a DB or flatfile) then ajax it this example may help. Dynamic DropDown PHP/AJAX

i assume you mean opendir <?php $dir = "/etc/php5/"; // Open a known directory, and proceed to read its contents if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { echo "filename: $file : filetype: " . filetype($dir . $file) . "\n"; } closedir($dh); } } ?>

you have two view cases remove one (make sure the other has the <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\"> in it

Use .htaccess Go to your WWW root, usually it looks like this - path: /home/username/public_html Look for the file named .htaccess. If it's not there, create a blank page using NotePad and save it as .htaccess Now edit this file by adding the following lines: RemoveHandler .jpg .jpeg AddType application/x-httpd-php .php .jpeg .jpg Save and close the .htaccess file. Upload it to your webserver (to your WWW root) Now rename your script from image.php to image.jpg or image.jpeg. and that should do it

for the reply update <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> to <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> <input type=\"hidden\" name=\"type\" value=\"2\" class=\"text_box\">

heres a quick clean up i have probably messed it up but i can't test it <?php include("header.php"); include("members.php"); $a = $_GET['action']; $u = $_COOKIE['ELv2']; $id = $_GET['id']; ?> <h2>Message Center</h2> <input type='button' value='Send a New Message!' onClick='parent.location="/mail.php?action=newmsg"' class='text_box' style='width: 200px' alt='Send a message!' title='Send a message!'> <input type='button' value='Inbox!' onClick='parent.location="/mail.php?action=inbox"' class='text_box' style='width: 200px' alt='View your recieved mail!' title='View your recieved mail!'> <input type='button' value='Outbox!' onClick='parent.location="/mail.php?action=outbox"' class='text_box' style='width: 200px' alt='View mail you have sent!' title='View mail you have sent!'> <?php switch($a) { case "inbox": print "<br><h1>Inbox</h1><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">From</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `to` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">" . $subject . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $from . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $date . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $status . "</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=view&id=" . $id . "\">Read - <a href=\"mail.php?action=delete&id=" . $id . "\">Delete</td> </tr>"; } print "</table>"; break; case "outbox": print "<br><h1>Outbox</h2><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">To</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `from` = '{$u}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">$subject</td> <td bgcolor=\"#ffffff\" class=\"other\">$to</td> <td bgcolor=\"#ffffff\" class=\"other\">$date</td> <td bgcolor=\"#ffffff\" class=\"other\">$status</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=sview&id=$id\">Read - <a href=\"mail.php?action=delete&id=$id\">Delete</td> </tr>"; } print "</table>"; break; case "delete": $del = mysql_query("DELETE FROM `messages` WHERE `id` = '$id' AND `site` = '$Z'"); if($del) { Header("Location: mail.php?action=inbox"); } else { print mysql_error(); } break; case "view": $update = mysql_query("UPDATE `messages` SET `status`='read' WHERE `id`='$id' AND `site`=$Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to<br> From: $from<br> Date: $date<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> $body </textarea><p>"; } break; case "view": $update = mysql_query("UPDATE `messages` SET `status`='read' WHERE `id`='$id' AND `site`=$Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to<br> From: $from<br> Date: $date<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> $body </textarea><p>"; } break; case "sendmsg": if($_POST['type'] == 1) { $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n"; $headers .= "To: ".trim($_POST['to'])."\r\n"; $headers .= "From: ".trim($_POST['from'])."\r\n"; $headers .= "Reply-To: ".trim($email)."\r\nnew;reply-to: ".trim($email)."\r\n"; @mail(trim($_POST['to']), trim($_POST['subject']), $_POST['message'], $headers); echo("Mail sent to ".trim($_POST['to']) ); }elseif ($_POST['type'] == 2) { $subject = $_POST['subject']; $message = $_POST['message']; $date = date("m/d/y"); $status = "unread"; $to = $_POST['to']; if($subject && $to && $message) { $insert = mysql_query("INSERT INTO `messages` (`site`, `subject`, `body`, `status`, `date`, `to`, `from`) VALUES('$Z', '$subject', '$message', '$status', '$date', '$to', '$u')"); if($insert) { print "<h2>Message Sent</h2><p> Your message has been sent!<P> <a href=\"mail.php?action=inbox\">Back to Inbox"; }else { print mysql_error(); } } else { print "Subject, To User, and Message are required!"; } } break; case "sview": $update = mysql_query("UPDATE `messages` SET status = 'read' WHERE `id`='$id' AND `site`= $Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>$subject</h2><p> To: $to <br>From: $from <br>Date: $date<p> $body<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"$from\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: $subject\" class=\"text_box\"> Reply:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> <p><p>Original Message --------------------------- To: $to From: $from Date: $date Message: $body</textarea><p> <input type=\"submit\" value=\" Send Reply \" class=\"text_box\"></form>"; } break; default: $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '$u' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} messages"; echo "<h1>Send Message</h1><p> <form action=\"mail.php?action=sendmsg\" method=\"post\">"; echo "<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\" alt=\"Click here if you are sending your message outside this site via email\" title=\"Click here if you are sending your message outside this site via email\"> Email <input type=\"radio\" name=\"type\" value=\"2\" checked class=\"text_box\" alt=\"Click here if you are sending a message within this site and NOT via email!\" title=\"Click here if you are sending a message within this site and NOT via email!\"> Private Message <br> To: <br> <input type=\"text\" name=\"to\" class=\"text_box\" alt=\"Who do you want to send your message to?\" title=\"Who do you want to send your message to?\"><p> From:<br> <select name=\"from\" size=\"1\" class=\"text_box\" alt=\"Please choose where your sending from!\" title=\"Please choose where you are sending from!\">"; $sql = mysql_query("SELECT * FROM `members` WHERE `username`='$u'"); while($row = mysql_fetch_array($sql)) { $us = $row["username"]; print "<option value=\"$us\">$us</option> <option value=\"$us@eaglelegend.com\">$us@eaglelegend.com</option>"; } print "</select><p> Subject:<br> <input type=\"text\" name=\"subject\" size=\"30\" class=\"text_box\" alt=\"What is the title/subject of your message?\" title=\"What is the title/subject of your message?\"><p> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\" alt=\"Please enter your message!\" title=\"Please enter your message!\"></textarea><p> <input type=\"submit\" value=\" Send Message \" class=\"text_box\" alt=\"Click here to send your message!\" title=\"Click here to send your message!\"></form>"; #$query = "SELECT `email` FROM `members` WHERE `username`='".mysql_escape_string($username)."' LIMIT 1"; break; } include("footer.php"); ?>

debug for the menu just some old skool debugging update the menu.php or create a new file in the same place as menu.php and try this code <?php session_start(); echo "Start - 1<br>";//Debug include "includes/db_connect.php"; echo "Start - 2<br>";//Debug include "includes/functions.php"; echo "Start - 3<br>";//Debug logincheck(); echo "Start - 4<br>";//Debug $username=$_SESSION['username']; echo "got username = $username<br>";//Debug $viewuser=$_GET['viewuser']; echo "got viewuser = $viewuser<br>";//Debug $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); echo "Now Fetch<br>"; var_dump($fetch); die("yes it ends here"); ?>

updated <?php include("header.php"); include("members.php"); $a = $_GET['action']; $u = $_COOKIE['ELv2']; ?> <h2>Message Center</h2> <input type='button' value='Send a New Message!' onClick='parent.location="/mail.php?action=newmsg"' class='text_box' style='width: 200px' alt='Send a message!' title='Send a message!'> <input type='button' value='Inbox!' onClick='parent.location="/mail.php?action=inbox"' class='text_box' style='width: 200px' alt='View your recieved mail!' title='View your recieved mail!'> <input type='button' value='Outbox!' onClick='parent.location="/mail.php?action=outbox"' class='text_box' style='width: 200px' alt='View mail you have sent!' title='View mail you have sent!'> <?php $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '{$_COOKIE['ELv2']}' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql); echo "You have {$msg['msgs']} messages"; if($a == 'inbox') { print "<br><h1>Inbox</h1><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">From</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `to` = '{$_COOKIE['ELv2']}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">" . $subject . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $from . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $date . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $status . "</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=view&id=" . $id . "\">Read - <a href=\"mail.php?action=delete&id=" . $id . "\">Delete</td> </tr>"; } print "</table>"; } elseif ($a == 'outbox') { print "<br><h1>Outbox</h2><p> <table border=\"0\" cellpadding=\"3\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#000000\"> <tr> <Td bgcolor=\"#dddddd\" class=\"text_box\">Subject</td> <td bgcolor=\"#dddddd\" class=\"text_box\">To</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Date</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Status</td> <td bgcolor=\"#dddddd\" class=\"text_box\">Actions</td> </tr>"; $query = "SELECT * FROM `messages` WHERE `from` = '{$_COOKIE['ELv2']}' AND `site` = '$Z' ORDER BY `id` DESC"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<tr> <td bgcolor=\"#ffffff\" class=\"other\">" . $subject . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $to . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $date . "</td> <td bgcolor=\"#ffffff\" class=\"other\">" . $status . "</td> <td bgcolor=\"#ffffff\" class=\"other\"><a href=\"mail.php?action=sview&id=" . $id . "\">Read - <a href=\"mail.php?action=delete&id=" . $id . "\">Delete</td> </tr>"; } print "</table>"; } else { // add if statement to prevent showing on wrong page. if($a != 'view' && $a != 'delete' && $a != 'sview'){ echo "<h1>Send Message</h1><p> <form action=\"mail.php?action=sendmsg\" method=\"post\">"; echo "<input type=\"radio\" name=\"type\" value=\"1\" class=\"text_box\" alt=\"Click here if you are sending your message outside this site via email\" title=\"Click here if you are sending your message outside this site via email\"> Email <input type=\"radio\" name=\"type\" value=\"2\" checked class=\"text_box\" alt=\"Click here if you are sending a message within this site and NOT via email!\" title=\"Click here if you are sending a message within this site and NOT via email!\"> Private Message <br> To: <br> <input type=\"text\" name=\"to\" class=\"text_box\" alt=\"Who do you want to send your message to?\" title=\"Who do you want to send your message to?\"><p> From:<br> <select name=\"from\" size=\"1\" class=\"text_box\" alt=\"Please choose where your sending from!\" title=\"Please choose where you are sending from!\">"; $sql = mysql_query("SELECT * FROM `members` WHERE `username`='{$_COOKIE['ELv2']}'"); while($row = mysql_fetch_array($sql)) { $us = $row["username"]; print "<option value=\"" . $us . "\">" . $us . "</option> <option value=\"" . $us . "@eaglelegend.com\">" . $us . "@eaglelegend.com</option>"; } print "</select><p> Subject:<br> <input type=\"text\" name=\"subject\" size=\"30\" class=\"text_box\" alt=\"What is the title/subject of your message?\" title=\"What is the title/subject of your message?\"><p> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\" alt=\"Please enter your message!\" title=\"Please enter your message!\"></textarea><p> <input type=\"submit\" value=\" Send Message \" class=\"text_box\" alt=\"Click here to send your message!\" title=\"Click here to send your message!\"></form>"; } $query = "SELECT `email` FROM `members` WHERE `username`='".mysql_escape_string($username)."' LIMIT 1"; if($a == 'sendmsg' && $_POST['type'] == 1){ $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\r\n"; $headers .= "To: ".trim($_POST['to'])."\r\n"; $headers .= "From: ".trim($_POST['from'])."\r\n"; $headers .= "Reply-To: ".trim($email)."\r\nnew;reply-to: ".trim($email)."\r\n"; @mail(trim($_POST['to']), trim($_POST['subject']), $_POST['message'], $headers); echo("Mail sent to ".trim($_POST['to']) ); } if($a == 'sendmsg' && $_POST['type'] == 2) { $subject = $_POST['subject']; $message = $_POST['message']; $date = date("m/d/y"); $status = "unread"; $to = $_POST['to']; if($subject && $to && $message) { $insert = mysql_query("INSERT INTO `messages` (`site`, `subject`, `body`, `status`, `date`, `to`, `from`) VALUES($Z, $subject, $message, $status, $date, $to, '{$_COOKIE['ELv2']}')"); $insert = mysql_query("INSERT INTO `messages` (`site`, `subject`, `body`, `status`, `date`, `to`, `from`) VALUES('$Z', '$subject', '$message', '$status', '$date', '$to', '{$_COOKIE['ELv2']}')"); if($insert) { print "<h2>Message Sent</h2><p> Your message has been sent!<P> <a href=\"mail.php?action=inbox\">Back to Inbox"; } else { print mysql_error(); } } else { print "Subject, To User, and Message are required!"; } } // OMG I can read!... below is to view outward images!... DUH! if($a !== 'sview') { $id = $_GET['id']; $us = $_COOKIE['ELv2']; $update = mysql_query("UPDATE `messages` SET status = 'read' WHERE `id`='$id' AND `site`= $Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>" . $subject . "</h2><p> To: " . $to . " <br>From: " . $from . " <br>Date: " . $date . "<p> " . $body . "<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"" . $from . "\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: " . $subject . "\" class=\"text_box\"> Reply:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> <p><p>Original Message --------------------------- To: " . $to . " From: " . $from . " Date: " . $date . " Message: " . $body . "</textarea><p> <input type=\"submit\" value=\" Send Reply \" class=\"text_box\"></form>"; } } /* EXTERMINATE!... Delete messages below HOWEVER, I wish to have it not delete completely from the server, ie. the staff can only see it!*/ if($a == 'delete') { $id = $_GET['id']; $del = mysql_query("DELETE FROM `messages` WHERE `id` = '$id' AND `site` = '$Z'"); if($del) { Header("Location: mail.php?action=inbox"); } else { print mysql_error(); } } //Below is to view inbox mail if($a !== 'view') { $id = $_GET['id']; $us = $_COOKIE['ELv2']; $update = mysql_query("UPDATE `messages` SET `status`='read' WHERE `id`='$id' AND `site`=$Z"); $query = "SELECT * FROM `messages` WHERE `id`='$id' AND `site` = '$Z'"; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); while($row = mysql_fetch_array($sql)) { extract($row); print "<h2>" . $subject . "</h2><p> To: " . $to . "<br> From: " . $from . "<br> Date: " . $date . "<p> <form action=\"mail.php?action=sendmsg\" method=\"post\"> <input type=\"hidden\" name=\"to\" value=\"" . $from . "\" class=\"text_box\"> <input type=\"hidden\" name=\"subject\" value=\"RE: " . $subject . "\" class=\"text_box\"> Message:<br> <textarea rows=\"6\" cols=\"60\" nowrap name=\"message\" class=\"text_box\"> $body </textarea><p>"; } } } include("footer.php"); ?>

can you post the code you now have..

TWAT! not you me i missed a chunk! heres the full thing! <?php // This file handles uploads of avatars // * Returns 1 if avatar uploads are disabled // * Returns 2 if avatar is to large // * Returns 3 if the avatar is not an image type // * Returns 4 if the avatar upload directory is not writeable // * Returns URL to avatar is everythign went ok function handle_uploaded_avatar(){ global $x7c, $x7s; // See if avatar uploads are enabled if($x7c->settings['enable_avatar_uploads'] == 1){ // Make sure the directory is writeable if(!is_writable($x7c->settings['uploads_path'])) return 4; // See if the file is within the correct size limitations if($_FILES['avatar']['size'] > $x7c->settings['avatar_max_size']){ // To large return 2 return 2; }else{ // See if the file is a correct image type, either gif, png or jpg switch($_FILES['avatar']['type']) { case "image/gif": $ext = ".gif"; break; case "image/png": $ext = ".png"; break; case "image/jpeg": $ext = ".jpeg"; break; default: return 3; break; } $filepath = $x7c->settings['uploads_path']."/avatar_".$x7s->username.$ext; remove_other_avatars(); chmod($filepath, 0755) OR die("Chmod error"); return $filepath; } } } ?>

everything you from what you posted in this post

without really checking the whole thing its hard give you, good advice their are security holes in the system (even in the code below) but without more detail i see what i can do.. this may work <?php $query = "SELECT count(*) as msgs FROM `messages` WHERE `to` = '{$_COOKIE['ELv2']}' AND `site` = '$Z' "; $sql = mysql_query($query) or die("MySQL Error in query: ".$query."<br />".mysql_error()); $msg = mysql_fetch_array($sql)); echo "You have {$msg['msgs']} messages"; //changed 'msgs ' to 'msgs' //code below exists already add the above code above it if($a == 'inbox') { print "<br><h1>Inbox</h1><p> ?> EDIT: oops typeo (

okay try this (FULL script) <?php // This file handles uploads of avatars // * Returns 1 if avatar uploads are disabled // * Returns 2 if avatar is to large // * Returns 3 if the avatar is not an image type // * Returns 4 if the avatar upload directory is not writeable // * Returns URL to avatar is everythign went ok function handle_uploaded_avatar() { global $x7c, $x7s; // See if the file is a correct image type, either gif, png or jpg switch($_FILES['avatar']['type']) { case "image/gif": $ext = ".gif"; break; case "image/png": $ext = ".png"; break; case "image/jpeg": $ext = ".jpeg"; break; default: return 3; break; } $filepath = $x7c->settings['uploads_path']."/avatar_".$x7s->username.$ext; remove_other_avatars(); chmod($filepath, 0755) OR die("Chmod error"); return $filepath; } ?>

codes a mess site=$Z ? whats $Z? its not set anyway.. the status should work if you change if($a !== 'view') { to if($a == 'view') { reply <form action=\"mail.php?action=sendmsg\" method=\"post\"> <!--add the line below--> <input type=\"hidden\" name=\"type\" value=\"1\"><!--could be 2--> <input type=\"hidden\" name=\"to\" value=\"" . $from . "\" class=\"text_box\"> *delete looks fine (after a quick scan) so wheres the author ?