grlayouts Posted September 9, 2006 Share Posted September 9, 2006 ok i have a game www.pimpdominion.co.uk and im trying to set up the mail feature which write the message to the database (mysql) then relates it to the player. however when i send a message everyone gets it? can some one look at the code and see anything wrong?[code]<?php $title = "Mailbox"; include("header.php")?><br><br><?phpif (!$_GET[view] && !$_GET[step] && !$_GET[read]) {print "<table width=500 border=0 cellspacing=1 cellpadding=2 bgcolor=#676767> <tr bgcolor=#676767>";print "<td width=120 height=25><b>From:</b></td>";print "<td width=100><b><center>ID:</b></td>";print "<td width=300><b>Subject:</b></td>";print "<td width=60><b><center>Options</center></b></td></tr> ";$msel = mysql_query("select * from mail where owner=$stat[id] order by id desc");while ($mail = mysql_fetch_array($msel)) {print " <tr onMouseOver=\"style.backgroundColor='#333333';\" onMouseOut=\"style.backgroundColor='white';\" bgcolor=white>";print "<td width=120><a href=view.php?view=$mail[senderid]>$mail[sender]</a></td>";print "<td width=100><center>$mail[senderid]</a></td>";print "<td width=300><a href=mail.php?read=$mail[id]>$mail[subject]</a></td>";print "<td align=center width=60><a href=mail.php?step=selectclear&id=$mail[id]>Trash</a></td></tr>";}print "</table><br><table width=500 bgcolor=#676767 cellpadding=1 cellspacing=2><tr height=20 bgcolor=white><td align=center width=50%><a href=mail.php?step=clear>Trash All</a> </tD><td width=50%> <a href=mail.php?view=write><center>Compose</a></td></tr>";print "</table></center>";} if ($_GET[step] == clear) { print "<br>Mail cleared. (<a href=mail.php>refresh</a>)"; mysql_query("delete from mail where owner=$stat[id]"); } if ($_GET[step] == selectclear) { print "<br>Mail cleared. (<a href=mail.php>refresh</a>)"; mysql_query("delete from mail where owner=$stat[id] and id=$_GET[id]"); }if ($_GET[view] == write) { print "[<a href=mail.php>Inbox</a>]<br><br>"; print "<table>"; print "<form method=post action=mail.php?view=write&re=$_GET[re]&to=$_GET[to]&step=send>"; print "<tr><td>To (ID Number):</td><td><input type=text name=to maxsize=10 size=25 value=$_GET[to]></td></tr>"; print "<tr><td>Subject:</td><td><input type=text name=subject size=25 value=$_GET[re]></td></tr>"; print "<tr><td valign=top>Body:</td><td><textarea name=body rows=10 cols=50>$_POST[body]</textarea></td></tr>"; print "<tr><td colspan=2 align=center><input type=submit value=Send></td></tr>"; print "</form></table>"; if ($_GET[step] == send) { $_POST[to] = strip_tags($_POST[to]); $_POST[subject] = strip_tags($_POST[subject]); $_POST[body] = str_replace($remove,"", $_POST[body]); $_POST[subject] = str_replace($remove,"", $_POST[subject]); $_POST[body] = nl2br(strip_tags($_POST[body])); if (empty ($_POST[to]) || empty ($_POST[body]) || empty ($_POST[subject])) { print "Please fill out all fields."; include("footer.php");exit; }$values=explode(" ", $_POST[body]);$longest=0;foreach($values as $value) {if (strlen($value)>$longest) {$longest = strlen($value);}}if ($longest > 100) { print "Your largest word is too long, it's $longest characters, it can't be more than 100 characters."; include("footer.php"); exit; }$size=strlen($_POST[body]);if ($size > 2000) { print "Your message is too long, it can't be larger than 2000 characters, yours is $size characters"; include("footer.php"); exit; }$size=strlen($_POST[subject]);if ($size > 100) { print "Your subject is too long, it can't be larger than 100 characters, yours is $size"; include("footer.php"); exit; } $rec = mysql_fetch_array(mysql_query("select * from players where id=$_POST[to]")); if (empty ($rec[id])) { print "No such player."; include("footer.php");exit; } print "You sent mail to $rec[id]."; } $get = mysql_query("select * from players"); mysql_query("insert into mail (sender,owner,subject,body) values('$to','$list[id]','$subject','$body')") or die("Could not send mail."); }if ($_GET[read]) { $mail = mysql_fetch_array(mysql_query("select * from mail where id=$_GET[read]")); if (empty ($mail[id])) { print "No such mail."; include("footer.php");exit; } if ($mail[owner] != $stat[id]) { print "That's not your mail."; include("footer.php");exit; } mysql_query("update mail set unread='F' where id=$mail[id]"); print "<table width=99% bgcolor=#676767 cellpadding=2 cellspacing=1><tr height=30><td bgcolor=white><b>$mail[sender]</b> says... $mail[subject]</td></tr><tR bgcolor=white height=100 valign=top><td>$mail[body]<br><br></tD></tR></table><bR><table bgcolor=#676767 cellpadding=2 cellspacing=1 width=99%><tr bgcolor=white align=center><td width=33%><center><a href=mail.php>Inbox</a></td><td width=34%><Center><a href=mail.php?view=write>Compose</a></tD><td height=25 width=33%><a href=mail.php?view=write&to=$mail[senderid]&re=RE:$mail[subject]>Reply</a></td></tR>";}?><?php include("footer.php"); ?>[/code] Link to comment https://forums.phpfreaks.com/topic/20225-mailing/ Share on other sites More sharing options...
grlayouts Posted September 9, 2006 Author Share Posted September 9, 2006 anyone? Link to comment https://forums.phpfreaks.com/topic/20225-mailing/#findComment-88965 Share on other sites More sharing options...
jefkin Posted September 9, 2006 Share Posted September 9, 2006 Something comes to mind after a glance at the code.Your code to prevent looking at other people's mail could be wrong:You check against $stat[id], but I don't see a place where you set $stat[id]. If you haven't set it, then PHP treats it like ''. Your security compares $mail[owner] against $stat[id] (or '') That could be the problem.However, since you use that variable all through the code, you may have other bugs waiting to happen. Link to comment https://forums.phpfreaks.com/topic/20225-mailing/#findComment-89030 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.