Location: PHPKode > projects > DarkCodex Forum System > darkcodex/sendmess.php
<?php
include ("config.inc");
include ("forum.inc");

$dbh = db_connect();

# ------------------
# Get the form input
$FORM = get_input();

# --------------
# Get the cookie
$cookie = get_cookie();

# --------------------
# Assign the variables
$Sender   = $FORM[Sender];
$Username = $FORM[Username];
$Password = $cookie[Password];
$Subject  = $FORM[Subject];
$Message  = $FORM[Message];

# -----------------------
# Connect to the database
$dbh = db_connect();
$query = '';
$sth   = '';

# --------------------
# Authenticate the user
$user = authenticate($Sender,$Password);
if (empty($user[Username]) ) {
    not_right ("We could not authenticate your Username/Passord.");
}

# -----------------------------------------------
# Check to see if the username is in our database
$Username_q = db_quote($Username);
$query = "SELECT Username FROM Users WHERE Username = $Username_q";

$sth = mysql_query ($query, $dbh) or die ("Query syntax error: " . mysql_error() . ". Query: $query");
$rows = mysql_num_rows($sth);

# ----------------------------------------------
# We didn't find that Username, so let them know
if ($rows < 1){
    mysql_free_result($sth);
    not_right("We have no record for the Username '$Username' that you are trying to send this message to.");
}

# -----------
# Get the time
$date = get_date();

# -------------------------------------------------------
# Insert the message into the database marked as N - New
$Username_q = db_quote($Username);
$Status_q   = db_quote("N");  
$Subject_q  = db_quote($Subject);
$Sender_q   = db_quote($Sender);
$Message_q  = db_quote($Message);
 
  $query = <<<END_SQL
    INSERT INTO Messages
    (Username,Status,Subject,Sender,Message,Sent)
    VALUES ($Username_q, $Status_q, $Subject_q, $Sender_q, $Message_q, $date)
END_SQL;
mysql_query($query, $dbh) or die ("Can't execute query: $query. Reason: " . mysql_error() . "");

# --------------------------------------------------------------
# Now lets grab this users email address so we can let them know
# they got a private message, if they chose to be notified
  $query = <<<END_SQL
    SELECT Email,Notify
    FROM Users
    WHERE Username = $Username_q
END_SQL;
$sth = mysql_query ($query, $dbh) or die ("Query syntax error: " . mysql_error() . ". Query: $query");
list($Email,$Notify) = mysql_fetch_array($sth);

if ($Notify == "On"){
    $from    = $config[emailaddy];
    $subject = "You have new messages";
    $msg     = "You have received a private message from '$Sender' on the forums at $config[title].  You can go to $config[cgiurl]/wwwthreads.pl to view it.";

    mail ($Email, $subject, $msg, "From: $from" ) or die ("Can't mail message: $php_errormsg");
}

# ------------------------------------------------
# Send them to their start page with a confirmation
mysql_free_result($sth);
start_page($dbh,"$Sender","$Password",1,"Your message has been sent to $Username");
Web-based Email Marketing Software for sending email newsletters
Return current item: DarkCodex Forum System