Location: PHPKode > projects > PhpAlumni > phpAlumni/members/forum_messages.php
<?php

/*
############################################################################
phpAlumni - A web-based, MySQL-backed alumni management program written in PHP4.
Copyright (C) 2002-2004 Ralf Hetzer

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more members_details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
############################################################################
*/


// displays all messages in a thread

session_start();

include("../template.inc.php");
include("../config.inc.php");
include("../functions.inc.php");



// validates if user is logged-in

require_once("verify_login.php");




// clean up the users' input

$title = clean_input($_POST['title']);
$message = clean_input($_POST['message']);
$thread_id = clean_input($_GET['thread_id']);




// stuff to connect correctly to the DB

$db = mysql_connect($dbhost,$dbuser,$dbpass)
	or die("Could not connect to DB!");

mysql_select_db($dbname,$db)
	or die ("Could not select DB!");
	
	

// inserts a new thread into the DB

if($_POST['title'] && $_POST['message'] && $_GET['thread_id']) {
	$sql = "INSERT INTO forum_messages (thread_id, title, message, author) VALUES ('".$thread_id."', '".$title."', '".$message."', '".$_SESSION['IDtag'][0]."')";
	$result = mysql_query($sql)
		or die("INSERT of new message did not work!");
}



// defines the template variables

$t = new Template("../templates/members", "remove");

$t->set_file(array("PAGE" => "forum_messages.tpl",
			"HEADER" => "header.tpl",
			"SPONSORS" => "sponsors.tpl",
			"NAVIGATION" => "navigation.tpl",
			"FOOTER" => "footer.tpl"));

$t->set_block("PAGE", "TPL_ROW", "OUTPUT_ROW");



// get the name of the section

$sql = "SELECT forum_sections.title, forum_sections.section_id FROM forum_sections LEFT JOIN forum_threads ON forum_sections.section_id=forum_threads.section_id WHERE forum_threads.thread_id=".$thread_id;
$result = mysql_query($sql)
	or die ("Could not retrieve data from DB! (name of section)");

$row = mysql_fetch_array($result);

$t->set_var("SECTION", "<a href=forum_threads.php?section_id=".$row[section_id]." class=content_link>".$row[title]."</a>");




// get the starting message of this thread

$sql = "SELECT thread_id, title, message, author, timestamp FROM forum_threads WHERE thread_id=".$thread_id;
$result = mysql_query($sql)
	or die ("Could not retrieve data from DB! (starting message)");
$row = mysql_fetch_array($result);

// get the name of the author
if ($row[author] == "0") {
	$author = "<span class=content_link><font color=#FFFFFF>Administrator</font></span>";
} else {
	$sql = "SELECT first_name, last_name FROM members WHERE id=".$row[author];
	$sub_result = mysql_query($sql)
		or die ("Could not get author name!");
	$author = mysql_fetch_array($sub_result);
	$author = "<a href=members_details.php?member=".$row[author]." class=content_link><font color=#FFFFFF>".$author[first_name]." ".$author[last_name]."</font></a>";
}

// push the first line out
$t->set_var(array("TITLE" => $row[title],
			"AUTHOR" => $author,
			"MESSAGE" => str_replace("\n", "<br>", $row[message]),
			"POST_ACTION" => "forum_messages.php?thread_id=".$thread_id,
			"DATE" => timestamp_to_form($row[timestamp], $date_format)));
$t->parse("OUTPUT_ROW", "TPL_ROW", true);




// get all messages in thread

$sql = "SELECT message_id, title, message, author, timestamp FROM forum_messages WHERE thread_id=".$thread_id." ORDER BY timestamp";
$result = mysql_query($sql)
	or die ("Could not retrieve data from DB! (get all messages)");




// constructs the table with the help of the "block" function of PHPLib

while ($row = mysql_fetch_array($result)) {

	// get the name of the author
	if ($row[author] == "0") {
		$author = "<span  class=content_link><font color=#FFFFFF>Administrator</font></span>";
	} else {
		$sql = "SELECT first_name, last_name FROM members WHERE id=".$row[author];
		$sub_result = mysql_query($sql)
			or die ("Could not get author name!");
		$author = mysql_fetch_array($sub_result);
		$author = "<a href=members_details.php?member=".$row[author]." class=content_link><font color=#FFFFFF>".$author[first_name]." ".$author[last_name]."</font></a>";
	}

	$t->set_var(array("TITLE" => $row[title],
				"AUTHOR" => $author,
				"MESSAGE" => str_replace("\n", "<br>", $row[message]),
				"DATE" => timestamp_to_form($row[timestamp], $date_format)));
	$t->parse("OUTPUT_ROW", "TPL_ROW", true);
	
	// preserver title for preloading below
	$form_title = $row[title];
}




// preload the title field for replies

if (!$form_title) {
	// do nothing

} elseif (substr($form_title, 0, 3) == "Re:") {
	$t->set_var("FORM_TITLE", $form_title);

} else {
	$t->set_var("FORM_TITLE", "Re: ".$form_title);
}



// parses the templates

$t->set_var(array("FIRST_NAME_HEADER" => $_SESSION['IDtag'][1],
			"LAST_NAME_HEADER" => $_SESSION['IDtag'][2],
			"HTML_HEADER" => $html_header));


$t->parse("HEADER", "HEADER");
$t->parse("SPONSORS", "SPONSORS");
$t->parse("NAVIGATION", "NAVIGATION");
$t->pparse("OUT", array("FOOTER", "PAGE"));
?>
Return current item: PhpAlumni