Yet another ShoutBox

[lewis987]

fixed helraizer

[helraizer]

I still can't post, for some reason. It just doesn't show up.. Any ideas?

[lewis987]

press the shout button rather than pressing enter... theres a problem with the onsubmit thing with the form, but it works 100% in opera...

 

ok... i guess your using firefox or IE (somehow both are affected with the same problem)... i dont know much about javascript, but it looks like theres something wrong with my code somewhere... Safari has a problem with onsubmit

 

and Opera is 100%

[lewis987]

Here is my AJAX... so if you can find a problem with it, please say

// JavaScript Document
function createRequestObject() {
var xmlHttp;
try
{
	work2 = 'Internet Explorer';
	xmlReq = new ActiveXObject("Msxml2.XMLHTTP");
	work = 1;
}
catch (e)
	{
	try
	{
		xmlReq = new ActiveXObject("Microsoft.XMLHTTP");
		work = 1;
	}
	catch (e)
	{
		try
		{
			work2 = 'Firefox, Opera 8.0+, Safari';
			xmlReq = new XMLHttpRequest();
			work = 1;
		}
		catch (e)
		{
	  		work = 2;
	  	}
	}
}
  if(work == 1){
		return xmlReq;
  }else{
	  
	   alert("Your browser does not support AJAX!");
  }
}
     
    // Set all variables here
    var http = createRequestObject();
    var http2 = createRequestObject();
var t = "";
var c = 0;
var shout = "";
var ip = "";
var uid = "";
var i = "";
   
function Load(size, rid, uid) {
	   t = setTimeout('Refresh('+rid+')',0);
	   i = setTimeout('invites('+uid+')', 0);
	   document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />';
		document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />';
		//Get the pointer to automatically goto the text box:
		document.getElementById('shout').focus();
    }

function Refresh(rid) {  
	clearTimeout(t);
	var params = 'act=refresh&rid='+rid;
	   	http.open('post', 'data.php', true); 
	   	http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
		http.setRequestHeader("Content-length", params.length);
		http.setRequestHeader("Connection", "close");
	// Open PHP script for requests   
	http.onreadystatechange = function(){
		if(http.readyState == 4 && http.status == 200){  
			var response = http.responseText;
			if(response) {  
				// UPDATE ajaxTest content  
				document.getElementById('results').innerHTML = '';  
				document.getElementById('results').innerHTML = response;  
				}

			} 
		}
	   	http.send(params);
	   	t = setTimeout('Refresh('+rid+')',1000);
    }

function Shout(shout, ip, uid, rid){
	if(shout == ""){
		alert("Error: Shout was left empty!");
	}else{
		clearTimeout(t);
		var params = 'act=shout&shout='+shout+'&ip='+ip+'&uid='+uid+'&rid='+rid;
		   
		http.open('post', 'data.php', true); 
	   	http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
		http.setRequestHeader("Content-length", params.length);
		http.setRequestHeader("Connection", "close");
		// Open PHP script for requests   
		http.onreadystatechange = function(){
			if(http.readyState == 4 && http.status == 200){  
				var response = http.responseText;
				if(response) {  
					// UPDATE ajaxTest content  
					document.getElementById('results').innerHTML = response;  
				}
			} 
		}
		http.send(params);
		document.getElementById('shout').value = '';
		t = setTimeout('Refresh('+rid+')',0);
	}
}

function MakeLarger(size){
	size = size + 50;
	size2 = size + 50;
	if(size < 500){
		if(size2 > 400){
			document.getElementById('makeLarger').innerHTML = '<input disabled="disabled" name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />';
		}else{
			document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />';
		}
	}
	document.getElementById('results').style = 'height:'+size+'px; width:750px; overflow: scroll;';
	document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />';
}

function MakeSmaller(size){
	size = size - 50;
	size2 = size - 50;
	if(size > 0){
		if(size2 > 0){
			document.getElementById('makeSmaller').innerHTML = '<input name="downSize" type="button" value="-" onclick="MakeSmaller('+size+')" />';
		}else{
			document.getElementById('makeSmaller').innerHTML = '<input name="downSize" disabled="disabled" type="button" value="-" onclick="MakeSmaller('+size+')" />';
		}
	}

	document.getElementById('results').style = 'height:'+size+'px; width:750px; overflow: scroll;';
	document.getElementById('makeLarger').innerHTML = '<input name="upSize" type="button" value="+" onclick="MakeLarger('+size+')" />';
}

function invites(uid){
	clearTimeout(i);
	var params = 'act=invites&uid='+uid;
	http2.open('post', 'data.php', true);
	http2.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
	http2.setRequestHeader("Content-length", params.length);
	http2.setRequestHeader("Connection", "close");
	// Open PHP script for requests
	http2.onreadystatechange = function(){
		if(http2.readyState == 4 && http2.status == 200){  
			var response = http2.responseText;
			if(response) {  
				// UPDATE ajaxTest content  
				document.getElementById('inv').innerHTML = '';  
				document.getElementById('inv').innerHTML = response;  
			}
		} 
	}
	http2.send(params);
	i = setTimeout('invites('+uid+')',2000);
}

 

This is my data.php page (the page that does everything):

 

<?PHP
include("config.php");
if(defined("SCRIPT")){
if(isset($_POST['act'])){

	if($_POST['act'] == "refresh"){
		if(isset($_POST['rid'])){
			$RID = $_POST['rid'];
		}else{
			$RID = 1;
		}

		$SQL = "SELECT * FROM `shouts` WHERE `room_id` = '{$RID}' ORDER BY `id` ASC";

		$Q = mysql_query($SQL);

		$Run1 = mysql_num_rows($Q);
		if($Run1 > 0){
			//Do a while loop to get all results and do a query to get the member's username:
			while($DATA = mysql_fetch_assoc($Q)){
				//Build query to run to get the username of the member that sent the info:
				$SQL = "SELECT * FROM `users` WHERE `id` = '".$DATA['user_id']."';";

				//Run Query:
				$Q2 = mysql_query($SQL);

				//Ensure that the user exists first:
				if(mysql_num_rows($Q2) === 1){

				}else{
					//Since the user doesnt exist, remove shout from database:
					mysql_query("DELETE FROM `shouts` WHERE `id` = '".$DATA['id']."' LIMIT 1;");
				}
			}
		}
		//Re-Run first query so we know that all the shouts are up-to-date but add a limit of 15:
		$Q = mysql_query("SELECT * FROM `shouts` WHERE `room_id` = '{$RID}' ORDER BY `id` DESC LIMIT 0,20");

		//Check to make sure there are still shouts in the shoutbox:
		if($Run1 > 0 && mysql_num_rows($Q) > 0){
			$OUTPUT = "<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">";

			//Make $i 1 so we start with the right color:
			$i = 1;

			//Run while loop to build up output:
			while($DATA = mysql_fetch_assoc($Q)){
				//Build query to run to get the username of the member that sent the info:
				$SQL = "SELECT * FROM `users` WHERE `id` = '".$DATA['user_id']."';";

				//Run Query:
				$Q2 = mysql_query($SQL);

				//Build Result set:
				$DATA2 = mysql_fetch_assoc($Q2);

				$USERNAME = $DATA2['username'];

				if($i == 1){
					$OUTPUT .= "<tr style=\"background-color: #faa;\">
									<td style=\"width: 50px; vertical-align:top\">".$USERNAME."</td>
									<td style=\"width: 5px; vertical-align:top\">- </td>
									<td>".$DATA['shout']."</td>
								</tr>";
					$i = 2;
				}else{
					$OUTPUT .= "<tr style=\"background-color: #aaffaa;\">
									<td style=\"width: 50px; vertical-align:top\">".$USERNAME."</td>
									<td style=\"width: 5px; vertical-align:top\">- </td>
									<td>".$DATA['shout']."</td>
								</tr>";
					$i = 1;
				}
			}
			$OUTPUT .= "</table>";
		}else{
			//Show that there isnt any shouts in the table:
			$OUTPUT = '<div align="center">
					<div style="border: #0f0 thin solid; background-color:#afa; width:250px;">
						There are no shouts yet!
					</div>
				</div>';
		}
		echo $OUTPUT;
	//Check if the act variable is for a shout:
	}elseif($_POST['act'] == "shout"){

		//Ensure that the user ID is secure and an int:
		if(is_numeric($_POST['uid']) == TRUE){

			//Secure the User ID:
			$ID = mysql_real_escape_string(htmlentities($_POST['uid']));

			//Edit the shout so that the whole shout is secure:
			$SHOUT = mysql_real_escape_string(strip_tags(htmlentities($_POST['shout'], ENT_QUOTES)));
			$SHOUT = str_replace("<", "<", $SHOUT);
			$SHOUT = str_replace(">", ">", $SHOUT);

			//Secure IP:
			$IP = mysql_real_escape_string(htmlentities(strip_tags($_POST['ip']), ENT_QUOTES));

			//Secure Room ID:
			$ROOM_ID = mysql_real_escape_string(htmlentities($_POST['rid']));

			//Add BBCode to the shout:
				//Build SQL
				$SQL = "SELECT * FROM `bbcode`;";

				//Run SQL
				$Q5 = mysql_query($SQL);

				if(mysql_num_rows($Q5) > 0){ 
					//Build result set:
					while($DATA = mysql_fetch_assoc($Q5)){

						//Edit the shout to make the bbcode to html:
						$SHOUT = preg_replace($DATA['find'], $DATA['replace'], $SHOUT);
					}
				}

			//Add smilies to the shout:
				//Build SQL
				$SQL = "SELECT * FROM `smilies`;";

				//Run SQL
				$Q7 = mysql_query($SQL);

				if(mysql_num_rows($Q7) > 0){
					//Build result set:
					while($DATA = mysql_fetch_assoc($Q7)){

						//Edit the shout to make the smiley code to html:
						$SHOUT = str_ireplace($DATA['find'], $DATA['replace'], $SHOUT);
					}
				}

			//Build SQL to check the room id:
			$SQL = "SELECT * FROM `rooms` WHERE `id` = '{$ROOM_ID}';";

			//Run Query:
			$Q = mysql_query($SQL);

			//Ensure the room exists:
			if(mysql_num_rows($Q) > 0){

				//Build SQL:
				$SQL2 = "SELECT * FROM `users` WHERE `id` = '".$ID."';";

				//Run SQL:
				$Q2 = mysql_query($SQL2);

				//Ensure that the user exists:
				if(mysql_num_rows($Q2) === 1){
					//Build result set:
					$DATA = mysql_fetch_assoc($Q2);

					//Get username:
					$USERNAME = $DATA['username'];
				}else{
					$ERROR = 1;
				}
			}else{
				$ERROR = 2;
			}
		}else{
			$ERROR = 3;
		}

		if($ERROR == 0){
			//Build SQL to insert the shout:
			$SQL3 = "INSERT INTO `shouts` (`id`, `user_id`, `shout`, `room_id`)
					VALUES
					(NULL, '{$ID}', '{$SHOUT}', '{$ROOM_ID}');";

			//Run above query:
			$Q3 = mysql_query($SQL3);
		}else{
			echo $ERROR;
		}
	}elseif($_POST['act'] == "regUsername"){
		//check that the username is unique:

		$USERNAME = mysql_real_escape_string(htmlentities($_POST['name'], ENT_QUOTES));

		if(strlen($USERNAME) > 0){
			$SQL = "SELECT * FROM `users` WHERE `username` = '{$USERNAME}';";

			$Q = mysql_query($SQL);

			if(mysql_num_rows($Q) > 0 || strlen($USERNAME) < 4){
				if(strlen($USERNAME) < 4){
					echo 4;
				}else{
					echo 3;
				}
			}else{
				echo 2;
			}
		}else{
			echo 1;
		}
	}elseif($_POST['act'] == "regPassword"){
		//Check to see if password is long enough:
		if(strlen($_POST['pwd']) == 0){
			echo 1;
		}elseif(strlen($_POST['pwd']) > 5){
			echo 2;
		}else{
			echo 3;
		}
	}elseif($_POST['act'] == "regCode"){
		if(!isset($_POST['cre'])){
			echo 1;
		}elseif($_POST['cre'] == $_POST['org']){
			echo 2;
		}else{
			echo 3;
		}
	}elseif($_POST['act'] == 'invites'){
		if(ctype_digit($_POST['uid']) === TRUE){
			$SQL = "SELECT *
					FROM `invites`
					WHERE `to` = '{$_POST['uid']}'
					AND `status` = '1';";

			$Q = mysql_query($SQL);

			if(mysql_num_rows($Q) > 0){
				$RESULT = mysql_fetch_assoc($Q);
				echo("<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\">");
					echo("<tr>");
						echo("<th width=\"33%\">From:</th> <th>Room:</th> <th width=\"33%\"></th>");
					echo("</tr>");
				for($i = 0; $i < mysql_num_rows($Q); $i++){
					//Get username:
					$SQL2 = "SELECT * 
							FROM `users`
							WHERE `id` = '{$RESULT['from']}';";

					$Q2 = mysql_query($SQL2);

					if(mysql_num_rows($Q2) === 1){
						$RESULT_SET = mysql_fetch_assoc($Q2);
						//Show layout:
						echo("<tr>");
							echo("<td align=\"center\">
									{$RESULT_SET['username']}
								</td>
								<td align=\"center\">
									{$RESULT['room_id']}
								</td>
								<td>
									<form action=\"?\" method=\"post\">
										<input name=\"accept_inv\" type=\"submit\" value=\"Accept Invite\" />
										<input name=\"decline_inv\" type=\"submit\" value=\"Decline Invite\" />
									</form>
								</td>");
						echo("</tr>");

					}else{
						//Delete Invitation:

					}
				}
				echo("</table>");
			}else{
				echo("There are no invites for you yet.");
			}
		}
	}else{
		echo ("Invalid Action!");
	}
}else{
	echo ("ERROR");
}
}else{
die("HACKING ATTEMPT!");
}
?>

[lewis987]

Fiddlesticks (dont wanna swear) but ive been using $_POST in the data.php file instead of $HTTP_RAW_POST_DATA... so damned cheesed off... haha

 

[lewis987]

aight... got it to work in IE, FF, and opera with both pressing enter AND pressing the button

 

Safari is the exception... the enter button way doesnt work... but i dont care at this present moment!

 

uploading new files now!

[unidox]

Cant enter captcha box...(0 is maxlength)

 

And in ff you still cant post...

[lewis987]

sorry unidox, forgot to edit it again..

 

and as for FF not posting... i dont know where the problem is... i can get it to post shouts when im on 127.0.0.1 (localhost)

[lewis987]

//Edit:

 

ok... i never realised that with AJAX you have to make a new var per xmlrequest thing... so now it should all work, the shouts seem to work 100% here, with enter AND with the shout button. So now everything *should* work without a problem

 

Post any errors here

*Note: I know that the "Invite user" on your own chat room doesnt work, thats my next task!

[unidox]

Works

 

Private Room doesnt allow me to post shouts though.

[lewis987]

it should... i dont see why i wont..t... what about if you press enter??

[blueman378]

i get; MySQL Error: 1054

Error description: Unknown column 'last_shout' in 'field list'

[lewis987]

yea... i uploaded the wrong copies... but they will remain until i finish making some extra features...