Feelay

How To Make A Private Message System.

Recommended Posts

h the from_user is empty as well as the date (i added this field manually because it wasn't in the .sql file.

Where is this .sql file coming from? Did you get it from the feelay starter topic text ?

Share this post


Link to post
Share on other sites
Maybe use isset?How To Make A Private Message System.

hey Feelay,

I was just wondering... I'm pretty new with this MySQL and PHP stuff, but wouldit be possible for the read_message.Php to have code that checks if isset($message) and then echoes the message and message information, like who sent it and when, if that variable is set (and that would be based on the checking whether the user logged in is the same as the to_user and if the session is valid). Else, it could echo an error saying something like, "You are not allowed to view this message because: 1. You are not logged in, or 2. You are trying to view someone else's message!"

This is just a thought. I'm not sure it would work in practice, so let me know if they can use this successfully! Thanks

-reply by newPHP-er

 

Share this post


Link to post
Share on other sites

Hai,Thanks for the tutorial. It's very helpful. But there is one thing that I would like to know. How to display that you got a new message on page? I know it is something related with the "message_read" variable of that table but you didn't mention how it works..

Share this post


Link to post
Share on other sites
Very nice, thanks.How To Make A Private Message System.

I understand that your example code is an extremely bare version, but anyone would doesn't know how to properly handle user input could get thmeselves into a ton of problems from SQL Injection attacks for one.

When handling user input, no matter what it is, always check it and sanitise it. Here's a quick example of my sanitisetxt() function:

function sanitisetxt($txt_string, $maxlength=0, $addslashes=true) {  // Handy function for all non-html user-provided strings  $returntext = trim(strip_tags($txt_string));  if ($addslashes) $returntext = addslashes($returntext);  if ($maxlength) $returntext = substr($returntext,0,$maxlength);  return $returntext;}

I'm sure you can do plenty more in this function, but this is a basic version, you could add in preg_replace() etc. To call the function is simple:

$title=sanitisetxt(@$_POST['message_title'], 50, true);$to=sanitisetxt(@$_POST['message_to'], 50);$content=sanitisetxt(@$_POST['message_content']);$from=sanitisetxt(@$_POST['message_from'], 50);

The @ symbols stop PHP from adding an error to your logs ifthe variable hasn't been provided.

 Anyway, thanks for the example, I will be basing my new PMing system on it (albeit more featureful).

-reply by ahdkaw

Share this post


Link to post
Share on other sites
i get this errorHow To Make A Private Message System.

I get this errorCould not send the message: Unknown column 'message_date' in 'field list'

-reply by jacob

Share this post


Link to post
Share on other sites

in read_message.php edit:$messageid = $_GET['messageid'];$message = mysql_query("SELECT * FROM messages WHERE message_id = '$messageid' AND to_user = '$userfinal'");$message=mysql_fetch_assoc($message);and at the end of the file edit$q="UPDATE messages SET message_read='1' WHERE message_id = '$messageid' AND to_user = '$userfinal'";mysql_query($q);?>(this is to check if the message was read)this system must be edited right to work well

Edited by pippo

Share this post


Link to post
Share on other sites

Ok, I have installed and created the pages based on the instructions.  I get this error.

 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/school/public_html/messageck.Php on line 13Any Help would be appreciated.

Thank you

-reply by Ruby

 

Share this post


Link to post
Share on other sites
Syntax errorHow To Make A Private Message System.

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'to='1' ORDER BY id DESC' at line 1

"to" is what I called "to_user"1 is the id of the user, me
I really can't see a problem with it...-

question by Yasuo

 

Share this post


Link to post
Share on other sites

how do we make this script use an attachment?

 

How To Make A Private Message System.

 

Hi feelay

is it possible that we send the messages with attachment through this PMSystem?

I would really like it to be able to attach different types of attachments. Any assistance will be highly p. The script is helpful. I av just seen it, I just wanna go through and use it.
 

-reply by Rita

Share this post


Link to post
Share on other sites

@Rita: It's possible, but I'm afraid I don't have time to do that right now, :/@spawN-eD: Could you please paste the code for your read_message.php? (If you have any passwords or anything like that provided in the file, don't remember to replace them with ### or *** or something like that so that no one sees them, :PRegards/Feelay.

Share this post


Link to post
Share on other sites

my read_message.php code looks like this

<?phpsession_start();$userfinal=$_SESSION['session_name'];require "database.php";$messageid = $_GET['message'];$message = mysql_query("SELECT * FROM messages WHERE message_id = '$message_id' AND to_user = '$userfinal'");$message=mysql_fetch_assoc($message);echo "<h1>Title: ".$message['message_title']."</h1>";echo "<h3>From: ".$message['from_user']."</h3>";echo "<h3>Message: ".$message['message_contents']."</h3>";echo '<form name="backfrm" method="post" action="inbox.php">';echo '<input type="submit" value="Back to Inbox">';echo '</form>';?>

Share this post


Link to post
Share on other sites

If you look closer at this one here:

$messageid = $_GET['message'];	$message = mysql_query("SELECT * FROM messages WHERE message_id = '$message_id' AND to_user = '$userfinal'");

You can see the the variable "$messageid" is used as "$message_id" in the SQL-query.
If you try to change it to "$messageid" in your query, so that it looks like this:

WHERE message_id = '$messageid'

It should work. The final code should look like this:

$messageid = $_GET['message'];	$message = mysql_query("SELECT * FROM messages WHERE message_id = '$messageid' AND to_user = '$userfinal'");

Regards,
/Feelay

:P

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now