desidj Posted July 13, 2008 Share Posted July 13, 2008 I found this Script on the internet. Now I am trying it out and some thing seems to be broken. Can some tell me what is wrong here. I think the redirection is not working properly. The Reply message and forward message doesn't seem to work. Which is action(2) and action(3) new and delete functions work great. here are 3 files that are related. Actions and Processing. I am very sure there is problem here. mail_process.php <? /******* Some general include files *********/ session_cache_limiter('nocache'); session_start(); db_connect(_DBHOSTNAME_,_DBUSERNAME_,_DBPASSWORD_,_DBNAME_,_PCONN_); $topass=array(); $mailbox='inbox'; if ($_SERVER['REQUEST_METHOD']=='GET') { if (isset($_GET['action']) && !empty($_GET['action'])) { $error=0; $action=addslashes_mq($_GET['action']); $mailbox=isset($_GET['mailbox']) ? addslashes_mq($_GET['mailbox']) : ''; if ($action==2) { // reply to the message check_login_member($access_matrix['mail_reply'][0]); if (isset($_GET['mail_id']) && !empty($_GET['mail_id'])) { $mail_id=addslashes_mq($_GET['mail_id']); $topass['mail_id']=$mail_id; $topass['action']='reply'; $topass['mailbox']=$mailbox; redirect2page("mail_send.php",$topass); } } elseif ($action==3) { // forward message check_login_member($access_matrix['mail_forward'][0]); if (isset($_GET['mail_id']) && !empty($_GET['mail_id'])) { $mail_id=addslashes_mq($_GET['mail_id']); $topass['mail_id']=$mail_id; $topass['action']='forward'; $topass['mailbox']=$mailbox; redirect2page("mail_send.php",$topass); } } elseif ($action==1) { // delete message check_login_member(min($access_matrix['inbox'][0],$access_matrix['outbox'][0],$access_matrix['sendbox'][0])); if (isset($_GET['mail_id']) && !empty($_GET['mail_id'])) { $mail_id=array(addslashes_mq($_GET['mail_id'])); delete_messages($_SESSION['user_id'],$mail_id,$mailbox); $topass['message']=$_messages['core'][73]; } } elseif ($action==4) { // delete selected messages check_login_member(min($access_matrix['inbox'][0],$access_matrix['outbox'][0],$access_matrix['savedbox'][0])); if (isset($_GET['del']) && !empty($_GET['del']) && is_array($_GET['del'])) { $del=addslashes_mq($_GET['del']); delete_messages($_SESSION['user_id'],$del,$mailbox); $topass['message']=$_messages['core'][74]; } } elseif ($action==5) { // block user check_login_member($access_matrix['block_members'][0]); if (isset($_GET['user_id']) && !empty($_GET['user_id'])) { $blocked_id=addslashes_mq($_GET['user_id']); if (!is_userblocked($_SESSION['user_id'],$blocked_id)) { $query="INSERT INTO user_blocks SET user_id='".$_SESSION['user_id']."',blocked_id='$blocked_id'"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} $topass['message']=$_messages['core'][75]; } else { $topass['message']=$_messages['core'][76]; } } } elseif ($action==6) { // unblock user check_login_member($access_matrix['block_members'][0]); if (isset($_GET['user_id']) && !empty($_GET['user_id'])) { $blocked_id=addslashes_mq($_GET['user_id']); if (is_userblocked($_SESSION['user_id'],$blocked_id)) { $query="DELETE FROM user_blocks WHERE blocked_id='$blocked_id' and user_id='".$_SESSION['user_id']."'"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} $topass['message']=$_messages['core'][77]; redirect2page("blocked_list.php",$topass); } else { $topass['message']=$_messages['core'][78]; } } } elseif ($action==7) { // new message // check_login_member($access_matrix['mail_send'][0]); // don't check now, we'll check on mail_send page. redirect2page("mail_send.php"); } elseif ($action== { // save to savedbox check_login_member($access_matrix['savedbox'][0]); if (isset($_GET['del']) && !empty($_GET['del']) && is_array($_GET['del'])) { $del=addslashes_mq($_GET['del']); $from='mail_inbox'; if ($mailbox=='inbox') { $from='mail_inbox'; } elseif ($mailbox=='outbox') { $from='mail_outbox'; } elseif ($mailbox=='savedbox') { $from='mail_savedbox'; } $mails2move=join("','",array_values($del)); $query="INSERT INTO mail_savedbox (read_status,user_id,from_id,from_name,subject,body,link,date_sent,message_type) SELECT read_status,user_id,from_id,from_name,subject,body,link,date_sent,message_type FROM $from WHERE mail_id IN ('$mails2move') AND user_id='".$_SESSION['user_id']."'"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} $query="DELETE FROM $from WHERE mail_id IN ('$mails2move') AND user_id='".$_SESSION['user_id']."'"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} $topass['message']=$_messages['core'][115]; } } } } redirect2page("mailbox.php",$topass,"mailbox=$mailbox"); ?> Here is the mail_send.php the file that is running together with the template page. <? /* File location: processors/mail_send.php */ session_cache_limiter('nocache'); session_start(); require_once("../includes/functions.inc.php"); require_once("../includes/templates.inc.php"); require_once("../includes/apt_functions.inc.php"); require_once("../includes/vars.inc.php"); $access_level=$access_matrix['mail_send'][0]; db_connect(_DBHOSTNAME_,_DBUSERNAME_,_DBPASSWORD_,_DBNAME_,_PCONN_); $topass=array(); if ($_SERVER['REQUEST_METHOD']=='POST') { $error=false; if (isset($_POST['to']) && !empty($_POST['to'])) { if ((strpos($_POST['to'],"\r")!==false) || (strpos($_POST['to'],"\n")!==false)) { // dont send the email and show an error message $error=true; $topass['message']="There appears to be a problem in the \"to\" field of the form. We cannot process the message at this time"; } $to_id=get_userid_by_name(addslashes_mq($_POST['to'])); if (empty($to_id)) { $error=true; $topass['message']=$_messages['core'][67]; } if (is_userblocked($to_id,$_SESSION['user_id'])) { $error=true; $topass['message']=$_messages['core'][68]; } } else { $error=true; $topass['message']=$_messages['core'][66]; } $subject=""; $body=""; if (isset($_POST['subject']) && !empty($_POST['subject'])) { if ((strpos($_POST['subject'],"\r")!==false) || (strpos($_POST['subject'],"\n")!==false)) { // dont send the email and show an error message $error=true; $topass['message']="There appears to be a problem in the \"subject\" field of the form. We cannot process the message at this time"; } $subject=addslashes_mq($_POST['subject'],true); if (empty($subject)) { $error=true; $topass['message']=$_messages['core'][69]; } } else { $subject=$_messages['core'][116]; } if (isset($_POST['writehere']) && !empty($_POST['writehere'])) { $body=addslashes_mq($_POST['writehere'],true); if (empty($body)) { $error=true; $topass['message']=$_messages['core'][70]; } } else { $error=true; $topass['message']=$_messages['core'][70]; } if (isset($_SESSION['topass']) && !empty($_SESSION['topass'])) { $oldtopass=$_SESSION['topass']; $_SESSION['topass']=""; if (isset($oldtopass['action'])) { if ($oldtopass['action']=='reply') { $access_level=$access_matrix['mail_reply'][0]; if ($oldtopass['to']!=addslashes_mq($_POST['to'])) { $access_level=$access_matrix['mail_send'][0]; // attempting to trick us? } } elseif ($oldtopass['action']=='forward') { $access_level=$access_matrix['mail_forward'][0]; } } unset($oldtopass); } $max_messages=get_site_option('max_messages'); if ((get_messages_sent_today()>=$max_messages) && !empty($max_messages)) { $error=true; $topass['message']=$_messages['core'][71]; } if (!$error) { check_login_member($access_level); $senderlevel=$_SESSION['membership']; $receiverlevel=get_ownerlevel($to_id); $paidlevel=_PAIDLEVEL_; if(($receiverlevel < $paidlevel) || ($senderlevel < $paidlevel)){ if (get_site_option('filter_emails')) { $body=remove_text_emails($body); $subject=remove_text_emails($subject); } if (get_site_option('filter_urls')) { $body=remove_text_urls($body); $subject=remove_text_urls($subject); } if (get_site_option('filter_words')) { $body=remove_text_words($body); $subject=remove_text_words($subject); } } $query="INSERT INTO mail_inbox SET message_type=1,user_id='$to_id',from_id='".$_SESSION['user_id']."',from_name='".$_SESSION['name']."',subject='$subject',body='$body',date_sent=now()"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} if (is_send_newmessage_alerts($to_id)) { send_newmessage_alert($_SESSION['user_id'],$to_id); } $query="INSERT INTO mail_outbox SET message_type=1,user_id='".$_SESSION['user_id']."',from_id='$to_id',from_name='".addslashes_mq($_POST['to'])."',subject='$subject',body='$body',date_sent=now()"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} if (isset($_POST['save']) && !empty($_POST['save'])) { $query="INSERT INTO mail_savedbox SET message_type=1,user_id='".$_SESSION['user_id']."',from_id='$to_id',from_name='".addslashes_mq($_POST['to'])."',subject='$subject',body='$body',date_sent=now()"; if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);} } $topass['message']=$_messages['core'][72]; redirect2page("mailbox.php",$topass,"mailbox=inbox"); } else { $topass['to']=$_POST['to']; $topass['subject']=$_POST['subject']; $topass['body']=$_POST['writehere']; } } redirect2page("mail_send.php",$topass); ?> Here is the Template page that is calling the functions. <script type="text/javascript"> function set_action(newval) { document.myform.action.value=newval; } </script> <form name="myform" id="myform" action="processors/mail_process.php" method="get"> <input type="hidden" name="mail_id" value="{mail_id}" /> <input type="hidden" name="mailbox" value="{mailbox}" /> <input type="hidden" name="action" /> <table cellspacing="1" cellpadding="2" width="100%" border="0"> <tr> <td colspan="2"> <table cellspacing="0" cellpadding="0" width="100%" border="0"> <tr> <td> <input class="button" type="submit" value="Delete" onclick="set_action(1)" /> <input class="button" type="submit" value="Reply" onclick="set_action(2)" /> <input class="button" type="submit" value="Forward" onclick="set_action(3)" /> </td> <td><a href="mailbox.php?mailbox=inbox">Back to inbox</a></td> <td> <table><tr><td valign="middle"><a href="mail_read.php?mailbox={mailbox}&mail_id={mail_id}&move=1"><img src="{relative_path}images/uparrow2.gif" border="0" title="Previous" /></a></td><td valign="middle"> | </td><td valign="middle"> <a href="mail_read.php?mailbox={mailbox}&mail_id={mail_id}&move=-1"><img src="{relative_path}images/downarrow2.gif" border="0" title="Next" /></a></td></tr></table> </td> </tr> </table> </td> </tr> <tr> <td class="statusmenu" width="1%"><b>From: </b></td> <td class="whiterows"> {from} | <a href="processors/mail_process.php?action=5&mailbox={mailbox}&user_id={from_id}">Block this user</a> | <a href="profile_view.php?user_id={from_id}">View profile</a></td> </tr> <tr> <td class="statusmenu" width="1%"><b>Date: </b></td> <td class="whiterows"> {date_sent}</td> </tr> <tr> <td class="statusmenu" width="1%"><b>Subject: </b></td> <td class="whiterows"> {subject}</td> </tr> <tr> <td colspan="2" width="100%"> <table width="100%" cellpadding="5" cellspacing="0" border="0" height="300"> <tr> <td valign="top" class="mailbody"> <br> {body}<br><center>{link}</center> </td> </tr> </table> </td> </tr> <tr> <td colspan="2" align="center"><a href="mailbox.php?mailbox=inbox">Inbox</a> | <a href="mailbox.php?mailbox=outbox">Outbox</a> | <a href="mailbox.php?mailbox=savedbox">Savedbox</a></td> </tr> </table> </form> Link to comment https://forums.phpfreaks.com/topic/114551-forum-using-actions/ Share on other sites More sharing options...
desidj Posted July 14, 2008 Author Share Posted July 14, 2008 any one ??? Link to comment https://forums.phpfreaks.com/topic/114551-forum-using-actions/#findComment-589158 Share on other sites More sharing options...
MasterACE14 Posted July 14, 2008 Share Posted July 14, 2008 change the <? to <?php so it highlights the code in the forum. much easier on the eyes. Link to comment https://forums.phpfreaks.com/topic/114551-forum-using-actions/#findComment-589187 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.