Jump to content

Private message reply not grabbing id from_id

rdkd1970

By rdkd1970
in PHP Coding Help

 Share

Recommended Posts

rdkd1970 Member

rdkd1970

Posted
Posted

This system seems to be working except the reply section I am using two users from one to another. It goes okay until I want to reply. The reply will go into the original senders inbox but it is not picking up the id of the replier so it is saying the variable is undefined. In the db it shows the person receiving the email back but not that it came from the person they sent it to. So db shows

 

$to_id $from_id

4              8

8              0

 

This is the line that is coming up as undefined in the inbox from the reply but not from when it is originally sent.

<td width="20%" valign="top"><a href="profiles.php?id=<?php echo $Sid; ?>"><?php echo $Sname; ?></a></td>

//working in conjunction with this line
$fr_id = $row['from_id'];    
    // SQL - Collect username for sender inside loop
    $ret = mysql_query("SELECT id, username FROM myMembers WHERE id='$fr_id' LIMIT 1");
    while($raw = mysql_fetch_array($ret)){ $Sid = $raw['id']; $Sname = $raw['username']; }

 

this is the script to say they got new mail

if (isset($_SESSION['SESS_ID'])) { 	
// Check if this user has any new PMs and construct which envelope to show
$sql_pm_check = mysql_query("SELECT id FROM private_messages WHERE to_id='".$_SESSION['SESS_ID']."' AND opened='0' LIMIT 1");
$num_new_pm = mysql_num_rows($sql_pm_check);

 

This is the inbox script

<?php
include "db connection";
// Mailbox Parsing for deleting inbox messages
if (isset($_POST['deleteBtn'])) {
    foreach ($_POST as $key => $value) {
        $value = urlencode(stripslashes($value));
	if ($key != "deleteBtn") {
	   $sql = mysql_query("UPDATE private_messages SET recipientDelete='1', opened='1' WHERE id='$value' AND to_id='".$_SESSION['SESS_ID']."' LIMIT 1");
	   // Check to see if sender also removed from sent box, then it is safe to remove completely from system
	}
    }
header("location: pm_inbox.php");
}
?>
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
function toggleChecks(field) {
if (document.myform.toggleAll.checked == true){
	  for (i = 0; i < field.length; i++) {
              field[i].checked = true;
	  }
} else {
	  for (i = 0; i < field.length; i++) {
              field[i].checked = false;
	  }		
}

}
$(document).ready(function() { 
$(".toggle").click(function () { 
  if ($(this).next().is(":hidden")) {
$(".hiddenDiv").hide();
    $(this).next().slideDown("fast"); 
  } else { 
    $(this).next().hide(); 
  } 
}); 
});
function markAsRead(msgID) {
$.post("scripts_for_profile/markAsRead.php",{ messageid:msgID, ownerid:<?php echo $_SESSION['SESS_ID']; ?> } ,function(data) {
	$('#subj_line_'+msgID).addClass('msgRead');
       // alert(data); // This line was just for testing returned data from the PHP file, it is not required for marking messages as read
   });
}
function toggleReplyBox(subject,sendername,senderid,recName,recID) {
$("#sendernameShow").text(sendername);
$("#subjectShow").text(subject);
$("#recipientShow").text(recName);
document.replyForm.pmSubject.value = subject;
document.replyForm.pm_sender_name.value = sendername;
//document.replyForm.pmWipit.value = replyWipit;
document.replyForm.pm_sender_id.value = senderid;
document.replyForm.pm_rec_name.value = recName;
document.replyForm.pm_rec_id.value = recID;
    document.replyForm.replyBtn.value = "Send reply to "+recName;
    if ($('#replyBox').is(":hidden")) {
	  $('#replyBox').fadeIn(1000);
    } else {
	  $('#replyBox').hide();
    }      
}
function processReply () {

  var pmSubject = $("#pmSubject");
  var pmTextArea = $("#pmTextArea");
  var sendername = $("#pm_sender_name");
  var senderid = $("#pm_sender_id");
  var recName = $("#pm_rec_name");
  var recID = $("#pm_rec_id");
 //var pm_wipit = $("#pmWipit");
  var url = "scripts_for_profile/private_msg_parse.php";
      if (pmTextArea.val() == "") {
	   $("#PMStatus").text("Please type in your message.").show().fadeOut(6000);
      } else {
	  $("#pmFormProcessGif").show();
	  $.post(url,{ subject: pmSubject.val(), message: pmTextArea.val(), senderName: sendername.val(), senderID: senderid.val(), rcpntName: recName.val(), rcpntID: recID.val() } ,  function(data) {
		   document.replyForm.pmTextArea.value = "";
		   $("#pmFormProcessGif").hide();
		   $('#replyBox').slideUp("fast");
		   $("#PMFinal").html("   "+data).show().fadeOut(8000);
           });  
  }
}
</script>
<style type="text/css"> 
.hiddenDiv{display:none}
#pmFormProcessGif{display:none}
.msgDefault {font-weight:bold;}
.msgRead {font-weight:100;color:#666;}
</style>
</head>
<body>
<?php include_once "headers_template.php"; ?>
<p> </p>
<table width="920" style="background-color:#F2F2F2;" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td width="732" valign="top">
  <h2 style="margin-left:24px;">Your Private Messages</h2>
<!-- START THE PM FORM AND DISPLAY LIST -->
<form name="myform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
        <table width="94%" border="0" align="center" cellpadding="4">
          <tr>
            <td width="3%" align="right" valign="bottom"><img src="image_header/crookedArrow.png" width="16" height="17" alt="Develop PHP Private Messages" /></td>
            <td width="97%" valign="top"><input type="submit" name="deleteBtn" id="deleteBtn" value="Delete" />
              <span id="jsbox" style="display:none"></span>
            </td>
          </tr>
      </table>
        <table width="96%" border="0" align="center" cellpadding="4" style=" background-image:url(style/headerStrip.jpg); background-repeat:repeat-x; border: #999 1px solid;">
          <tr>
            <td width="4%" valign="top">
            <input name="toggleAll" id="toggleAll" type="checkbox" onclick="toggleChecks(document.myform.cb)" />
            </td>
            <td width="20%" valign="top">From</td>
            <td width="58%" valign="top"><span class="style2">Subject</span></td>
            <td width="18%" valign="top">Date</td>
          </tr>
        </table> 
<?php
///////////End take away///////////////////////
// SQL to gather their entire PM list
//$my_id = "";
$sql = mysql_query("SELECT * FROM private_messages WHERE to_id='".$_SESSION['SESS_ID']."' AND recipientDelete='0' ORDER BY id DESC LIMIT 100");

while($row = mysql_fetch_array($sql)){ 

    $date = strftime("%b %d, %Y",strtotime($row['time_sent']));
    if($row['opened'] == "0"){
	    $textWeight = 'msgDefault';
    } else {
		$textWeight = 'msgRead';
    }
    $fr_id = $row['from_id'];    
    // SQL - Collect username for sender inside loop
    $ret = mysql_query("SELECT id, username FROM myMembers WHERE id='$fr_id' LIMIT 1");
    while($raw = mysql_fetch_array($ret)){ $Sid = $raw['id']; $Sname = $raw['username']; }

?>
        <table width="96%" border="0" align="center" cellpadding="4">
          <tr>
            <td width="4%" valign="top">
            <input type="checkbox" name="cb<?php echo $row['id']; ?>" id="cb" value="<?php echo $row['id']; ?>" />
            </td>
            <td width="20%" valign="top"><a href="profiles.php?id=<?php echo $Sid; ?>"><?php echo $Sname; ?></a></td>
            <td width="58%" valign="top">
              <span class="toggle" style="padding:3px;">
              <a class="<?php echo $textWeight; ?>" id="subj_line_<?php echo $row['id']; ?>" style="cursor:pointer;" onclick="markAsRead(<?php echo $row['id']; ?>)"><?php echo stripslashes($row['subject']); ?></a>
              </span>
              <div class="hiddenDiv"> <br />
                <?php echo stripslashes(wordwrap(nl2br($row['message']), 54, "\n", true)); ?>
                <br /><br /><a href="javascript:toggleReplyBox('<?php echo stripslashes($row['subject']); ?>','<?php echo $my_uname; ?>','<?php echo $my_id; ?>','<?php echo $Sname; ?>','<?php echo $fr_id; ?>')">REPLY</a><br />
              </div>
             
           </td>
            <td width="18%" valign="top"><span style="font-size:10px;"><?php echo $date; ?></span></td>
          </tr>
        </table>
<hr style="margin-left:20px; margin-right:20px;" />
<?php
}// Close Main while loop
?>
</form>
<!-- END THE PM FORM AND DISPLAY LIST -->
<!-- Start Hidden Container the holds the Reply Form -->            
<div id="replyBox" style="display:none; width:680px; height:264px; background-color: #005900; background-repeat:repeat; border: #333 1px solid; top:51px; position:fixed; margin:auto; z-index:50; padding:20px; color:#FFF;">
<div align="right"><a href="javascript:toggleReplyBox('close')"><font color="#00CCFF"><strong>CLOSE</strong></font></a></div>
<h2>Replying to <span style="color:#ABE3FE;" id="recipientShow"></span></h2>
Subject: <strong><span style="color:#ABE3FE;" id="subjectShow"></span></strong> <br>
<form action="javascript:processReply();" name="replyForm" id="replyForm" method="post">
<textarea id="pmTextArea" rows="8" style="width:98%;"></textarea><br />
<input type="hidden" id="pmSubject" />
<input type="hidden" id="pm_rec_id" />
<input type="hidden" id="pm_rec_name" />
<input type="hidden" id="pm_sender_id" />
<input type="hidden" id="pm_sender_name" />
<input type="hidden" id="" />
<br />
<input name="replyBtn" type="button" onclick="javascript:processReply()" />     <span id="pmFormProcessGif"><img src="images/loading.gif" width="28" height="10" alt="Loading" /></span>
<div id="PMStatus" style="color:#F00; font-size:14px; font-weight:700;"> </div>
</form>
</div>
<!-- End Hidden Container the holds the Reply Form -->     
<!-- Start PM Reply Final Message box showing user message status when needed -->    
<div id="PMFinal" style="display:none; width:652px; background-color:#005900; border:#666 1px solid; top:51px; position:fixed; margin:auto; z-index:50; padding:40px; color:#FFF; font-size:16px;"></div>
<!-- End PM Reply Final Message box showing user message status when needed --> 
</td>

 

this is the sentbox

<?php
// Mailbox Parsing for deleting inbox messages
if (isset($_POST['deleteBtn'])) {
    foreach ($_POST as $key => $value) {
        $value = urlencode(stripslashes($value));
	if ($key != "deleteBtn") {
	   $sql = mysql_query("UPDATE private_messages SET senderDelete='1' WHERE id='$value' AND from_id='".$_SESSION['SESS_ID']."' LIMIT 1");
	   // Check to see if sender also removed from sent box, then it is safe to remove completely from system
	}
    }
header("location: pm_sentbox.php");
}
?>
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
function toggleChecks(field) {
if (document.myform.toggleAll.checked == true){
	  for (i = 0; i < field.length; i++) {
              field[i].checked = true;
	  }
} else {
	  for (i = 0; i < field.length; i++) {
              field[i].checked = false;
	  }		
}

}
$(document).ready(function() { 
$(".toggle").click(function () { 
  if ($(this).next().is(":hidden")) {
$(".hiddenDiv").hide();
    $(this).next().slideDown("fast"); 
  } else { 
    $(this).next().hide(); 
  } 
}); 
});
</script>
<style type="text/css"> 
.hiddenDiv{display:none}
#pmFormProcessGif{display:none}
.msgDefault {font-weight:bold;}
.msgRead {font-weight:100;color:#666;}
</style>
</head>
<body>
<?php include_once "headers_template.php"; ?>
<p> </p>
<table width="920" style="background-color:#F2F2F2;" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td width="732" valign="top">
  <h2 style="margin-left:24px;">Messages You Sent</h2>
<!-- START THE PM FORM AND DISPLAY LIST -->
<form name="myform" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data">
        <table width="94%" border="0" align="center" cellpadding="4">
          <tr>
            <td width="3%" align="right" valign="bottom"><img src="image_header/crookedArrow.png" width="16" height="17" alt="Develop PHP Private Messages" /></td>
            <td width="97%" valign="top"><input type="submit" name="deleteBtn" id="deleteBtn" value="Delete" />
              <span id="jsbox" style="display:none"></span>
            </td>
          </tr>
      </table>
        <table width="96%" border="0" align="center" cellpadding="4" style=" background-image:url(style/headerStrip.jpg); background-repeat:repeat-x; border: #999 1px solid;">
          <tr>
            <td width="4%" valign="top">
            <input name="toggleAll" id="toggleAll" type="checkbox" onclick="toggleChecks(document.myform.cb)" />
            </td>
            <td width="20%" valign="top">To</td>
            <td width="58%" valign="top"><span class="style2">Subject</span></td>
            <td width="18%" valign="top">Date</td>
          </tr>
        </table> 
<?php
///////////End take away///////////////////////
// SQL to gather their entire PM list
$sql = mysql_query("SELECT * FROM private_messages WHERE from_id='".$_SESSION['SESS_ID']."' AND senderDelete='0' ORDER BY id DESC LIMIT 100");

while($row = mysql_fetch_array($sql)){ 

    $date = strftime("%b %d, %Y",strtotime($row['time_sent']));
    $to_id = $row['to_id'];    
    // SQL - Collect username for Recipient 
    $ret = mysql_query("SELECT id, username FROM myMembers WHERE id='$to_id' LIMIT 1");
    while($raw = mysql_fetch_array($ret)){ $Rid = $raw['id']; $Rname = $raw['username']; }

?>
        <table width="96%" border="0" align="center" cellpadding="4">
          <tr>
            <td width="4%" valign="top">
            <input type="checkbox" name="cb<?php echo $row['id']; ?>" id="cb" value="<?php echo $row['id']; ?>" />
            </td>
            <td width="20%" valign="top"><a href="profiles.php?id=<?php echo $Rid; ?>"><?php echo $Rname; ?></a></td>
            <td width="58%" valign="top">
              <span class="toggle" style="padding:3px;">
              <a class="msgDefault" id="subj_line_<?php echo $row['id']; ?>" style="cursor:pointer;"><?php echo stripslashes($row['subject']); ?></a>
              </span>
              <div class="hiddenDiv"> <br />
                <?php echo stripslashes(wordwrap(nl2br($row['message']), 54, "\n", true)); ?>
                <br />
              </div>
           </td>
            <td width="18%" valign="top"><span style="font-size:10px;"><?php echo $date; ?></span></td>
          </tr>
        </table>
<hr style="margin-left:20px; margin-right:20px;" />
<?php
}// Close Main while loop
?>
</form>

Link to comment
Share on other sites
fugix Member

fugix

Posted
Posted

I notice that you are using $_SERVER['PHP_SELF'] as your action in your forms. I do not recommend doing this as there are several risks to doing this, XSS injection etc...

 

Also, can you show the code specific to handling the replies please

Link to comment
Share on other sites
rdkd1970 Member

rdkd1970

Posted
  • Author
Posted

this is the reply form.

 

<!-- Start Hidden Container the holds the Reply Form -->            
<div id="replyBox" style="display:none; width:680px; height:264px; background-color: #005900; background-repeat:repeat; border: #333 1px solid; top:51px; position:fixed; margin:auto; z-index:50; padding:20px; color:#FFF;">
<div align="right"><a href="javascript:toggleReplyBox('close')"><font color="#00CCFF"><strong>CLOSE</strong></font></a></div>
<h2>Replying to <span style="color:#ABE3FE;" id="recipientShow"></span></h2>
Subject: <strong><span style="color:#ABE3FE;" id="subjectShow"></span></strong> <br>
<form action="javascript:processReply();" name="replyForm" id="replyForm" method="post">
<textarea id="pmTextArea" rows="8" style="width:98%;"></textarea><br />
<input type="hidden" id="pmSubject" />
<input type="hidden" id="pm_rec_id" />
<input type="hidden" id="pm_rec_name" />
<input type="hidden" id="pm_sender_id" />
<input type="hidden" id="pm_sender_name" />
<input type="hidden" id="" />
<br />
<input name="replyBtn" type="button" onclick="javascript:processReply()" />     <span id="pmFormProcessGif"><img src="images/loading.gif" width="28" height="10" alt="Loading" /></span>
<div id="PMStatus" style="color:#F00; font-size:14px; font-weight:700;"> </div>
</form>
</div>
<!-- End Hidden Container the holds the Reply Form -->     
<!-- Start PM Reply Final Message box showing user message status when needed -->    
<div id="PMFinal" style="display:none; width:652px; background-color:#005900; border:#666 1px solid; top:51px; position:fixed; margin:auto; z-index:50; padding:40px; color:#FFF; font-size:16px;"></div>
<!-- End PM Reply Final Message box showing user message status when needed -->

Link to comment
Share on other sites
rdkd1970 Member

rdkd1970

Posted
  • Author
Posted

This is the parse form that checks for id etc. I just added this <?php echo $fr_id; ?> the line that was saying undefined Sname and this below form let me know it is missing data.

 

// Process the message once it has been sent 
if (isset($_POST['message'])) { 
  // Escape and prepare our variables for insertion into the database 
  $to   = ($_POST['rcpntID']); 
  $from = ($_POST['senderID']); 
$sub = htmlspecialchars($_POST['subject']); // Convert html tags and such to html entities which are safer to store and display
  $msg = htmlspecialchars($_POST['message']); // Convert html tags and such to html entities which are safer to store and display
  $sub  = mysql_real_escape_string($sub); // Just in case anything malicious is not converted, we escape those characters here
  $msg  = mysql_real_escape_string($msg); // Just in case anything malicious is not converted, we escape those characters here
  // Handle all pm form specific error checking here 
  if (empty($to) || empty($from) || empty($sub) || empty($msg)) { 
    echo '<img src="../image_header/round_error.png" alt="Error" width="31" height="30" />    Missing Data to continue';
exit();
  } else { 
	// Delete the message residing at the tail end of their list so they cannot archive more than 100 PMs ------------------
        $sqldeleteTail = mysql_query("SELECT * FROM private_messages WHERE to_id='$to' ORDER BY time_sent DESC LIMIT 0,100"); 
        $dci = 1;
        while($row = mysql_fetch_array($sqldeleteTail)){ 
                $pm_id = $row["id"];
			if ($dci > 99) {
				$deleteTail = mysql_query("DELETE FROM private_msg WHERE id='$pm_id'"); 
			}
			$dci++;
        }
        // End delete any comments past 100 off of the tail end -------------  

    // INSERT the data into your table now
    $sql = "INSERT INTO private_messages (to_id, from_id, time_sent, subject, message) VALUES ('$to', '$from', now(), '$sub', '$msg')"; 
    if (!mysql_query($sql)) { 
    echo '<img src="../image_header/round_error.png" alt="Error" width="31" height="30" />    Could not send message! An insertion query error has occured.';
    exit();

Link to comment
Share on other sites
rdkd1970 Member

rdkd1970

Posted
  • Author
Posted

this is the javascript that handles the replies that is where the PHP_SELF plays as the reply is javascript. it is supposed to work with the form above.

 

function toggleReplyBox(subject,sendername,senderid,recName,recID) {
$("#sendernameShow").text(sendername);
$("#subjectShow").text(subject);
$("#recipientShow").text(recName);
document.replyForm.pmSubject.value = subject;
document.replyForm.pm_sender_name.value = sendername;
//document.replyForm.pmWipit.value = replyWipit;
document.replyForm.pm_sender_id.value = senderid;
document.replyForm.pm_rec_name.value = recName;
document.replyForm.pm_rec_id.value = recID;
    document.replyForm.replyBtn.value = "Send reply to "+recName;
    if ($('#replyBox').is(":hidden")) {
	  $('#replyBox').fadeIn(1000);
    } else {
	  $('#replyBox').hide();
    }      
}
function processReply () {

  var pmSubject = $("#pmSubject");
  var pmTextArea = $("#pmTextArea");
  var sendername = $("#pm_sender_name");
  var senderid = $("#pm_sender_id");
  var recName = $("#pm_rec_name");
  var recID = $("#pm_rec_id");
 //var pm_wipit = $("#pmWipit");
  var url = "scripts_for_profile/private_msg_parse.php";
      if (pmTextArea.val() == "") {
	   $("#PMStatus").text("Please type in your message.").show().fadeOut(6000);
      } else {
	  $("#pmFormProcessGif").show();
	  $.post(url,{ subject: pmSubject.val(), message: pmTextArea.val(), senderName: sendername.val(), senderID: senderid.val(), rcpntName: recName.val(), rcpntID: recID.val() } ,  function(data) {
		   document.replyForm.pmTextArea.value = "";
		   $("#pmFormProcessGif").hide();
		   $('#replyBox').slideUp("fast");
		   $("#PMFinal").html("   "+data).show().fadeOut(8000);
           });  
  }
}

Link to comment
Share on other sites
fugix Member

fugix

Posted
Posted

why are you using javascript to validate your form instead of php? javascript can be disabled.

Is your $_POST['senderID'] empty?

Try using print_r($_POST); after your reply form has been submitted to see what is happening to that value

Link to comment
Share on other sites
rdkd1970 Member

rdkd1970

Posted
  • Author
Posted

it does not go to far it gives the message from this line "missing data"

 

if (isset($_POST['message'])) { 
  // Escape and prepare our variables for insertion into the database 
  $to   = ($_POST['rcpntID']); 
  $from = ($_POST['senderID']); 
  print_r($_POST['senderID']);
  //$toName   = ($_POST['rcpntName']); 
  //$fromName = ($_POST['senderName']); 
  $sub = htmlspecialchars($_POST['subject']); 
  $msg = htmlspecialchars($_POST['message']); 
  $sub  = mysql_real_escape_string($sub); 
  $msg  = mysql_real_escape_string($msg);
  // Handle all pm form specific error checking here 
  if (empty($to) || empty($from) || empty($sub) || empty($msg)) { 
    echo '<img src="../image_header/round_error.png" alt="Error" width="31" height="30" />    Missing Data to continue';
exit();

Link to comment
Share on other sites
rdkd1970 Member

rdkd1970

Posted
  • Author
Posted

okay in the javascript it says undefined variable my_uname array subject which is this what is happening is it looks like this in the db

 

to_id  from_id

8        4

4        4

 

So now it is going back to the person replying.

 

<div class="hiddenDiv"> <br />
                <?php echo stripslashes(wordwrap(nl2br($row['message']), 54, "\n", true)); ?>
                <br /><br /><a href="javascript:toggleReplyBox('<?php echo stripslashes($row['subject']); ?>','<?php echo $my_uname; ?>','<?php echo $Sid; ?>','<?php echo $Sname; ?>','<?php echo $fr_id; ?>')">REPLY</a><br />
              </div>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.