Location: PHPKode > projects > top serious project > bco/messages.php
<?php

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

include("include.php");

if (!$logged_in) {
    header("Location: $GLOBALS[base_url]" . "login.php?back=messages.php");
    exit;
}

if (!bco_authorize_user($user_array['username'],$user_array['password'])) {
    bco_error("Fuck you.");
//    header("Location: http://www.heavensfantasy.com/cool/");
    exit;
}

switch ($_GET['order']) {
case "asc":
    $order = "asc";
    break;

case "desc":
    $order = "desc";
    break;

default:
    $order = "desc";
    break;
}

if ((isset($_GET[start])) && (is_numeric($_GET[start]))) {
    $start = $_GET[start];
} else {
    $start = 0;
}

// This gets the amount of messages we need to display so the pagenumbers function works correctly with the amount of messages returned.
$private_message_amount_query = "select config_value from bco_config where config_name='private_message_amount'";
$private_message_amount = pg_fetch_result(pg_query($private_message_amount_query), 0);

$query  = "select id from users where lower(username)=lower('" . pg_escape_string($user_array['username']) . "')";
$query .= " and password='" . md5($user_array['password']) . "'";
                                                                                                                     
if (!$result = pg_query($query)) {
    bco_error("In " . __FILE__ . " at line: " . __LINE__ . "<br />SQL Error: " . pg_last_error());
}
                                                                                                                     
$row = pg_fetch_assoc($result);
$user_id = $row['id'];

// This helps us pick which "folder" we're getting the messages from.. sent, or received.
switch ($_GET['folder']) {
case "inbox":
    $type = "1";
    $delivery       = "received";
    $column_header  = "from";
	$folder			= "inbox";
    $select_messages_query  = "select id, to_userid, to_username, from_userid, from_username, extract(epoch from date) as date,";
    $select_messages_query .= " subject, viewed from private_messages";
    $select_messages_query .= " where owner=$user_id"; 
    $select_messages_query .= " and type=1 order by viewed asc, date $order limit $private_message_amount offset $start";
    break;

case "outbox":
    $type = "2";
    $delivery       = "sent";
    $column_header  = "to";
    $folder         = "outbox";
    $select_messages_query  = "select id, to_userid, to_username, from_userid, from_username, extract(epoch from date) as date,";
    $select_messages_query .= " subject, viewed from private_messages";
    $select_messages_query .= " where owner=$user_id and type=2 order by viewed asc, date $order limit $private_message_amount offset $start";
    break;

default:
    $type = "1";
    $delivery       = "received";
    $column_header  = "from";
    // Since this is where they come from after a delete let's set $folder to default to inbox
    $folder         = "inbox";
    $select_messages_query  = "select id, to_userid, to_username, from_userid, from_username, extract(epoch from date) as date,";
    $select_messages_query .= " subject, viewed from private_messages";
    $select_messages_query .= " where owner=$user_id and type=1 order by viewed asc, date $order limit $private_message_amount offset $start";
    break;
}

if (!$result = pg_query($select_messages_query)) {
    bco_error("MySQL said:: " . pg_last_error() . "<br />$select_messages_query");
}

// Let's count the messages.. 
$total_messages_query = "select id from private_messages where to_userid=$user_id and type=$type";
if (!$total_messages_result = pg_query($total_messages_query)) {
    bco_error("Could not count total number of messages.<br />MySQL said: " . pg_last_error());
}

$number_of_msgs = pg_num_rows($total_messages_result);

if ($number_of_msgs > $private_message_amount) {
    $page_numbers = bco_makepagenumbers("messages.php?folder=$_GET[folder]", $number_of_msgs, $private_message_amount, $start, $order);
} else {
    $page_numbers = "";
}

bco_html_header("Private messages");

bco_index_menu("Private messages for $user_array[username] - $number_of_msgs messages $delivery.");

/* If there are no messages, let's tell the user nicely */
if (pg_num_rows($result) == 0) {
    echo "\n<br />";
    echo "\n<table width=\"100%\" cellpadding=\"2\" cellspacing=\"0\" class=\"replytable\">";
    echo "\n    <tr>";
    echo "\n        <td align=\"left\" colspan=\"4\" class=\"tr1\">";
    echo "<div align=\"center\"><h3>Sorry, you have no $delivery messages.</h3></div></td>";
    echo "\n    </tr>";
    echo "\n</table>";
    bco_html_footer();
    exit;
}

echo <<< END
\n<br />
<table width="100%" cellpadding="2" cellspacing="0" class="replytbl">
    <tr>
        <td align="left" class="header" nowrap="nowrap">$column_header</td>
        <td align="left" width="70%" class="header" nowrap="nowrap">message subject</td>
        <td align="left" class="header" nowrap="nowrap">date</td>
    </tr>
END;

// Outputting data begins here!
while (($row = pg_fetch_assoc($result)) && ($count++ < pg_num_rows($result))) {
    $id             = $row[id];
    $to_userid      = $row[to_userid];
    $from_userid    = $row[from_userid];
    $to_username    = $row['to_username'];
    $from_username  = $row['from_username'];
    $date           = date("h:i A m-d-y", $row['date']);
    $subject        = stripslashes($row['subject']);
    $viewed         = $row['viewed'];

    if ($viewed == "0") {
        $row_class  = " class=\"mypost\"";
        $link_class = "mypost";
    } elseif ($count%2 == 0) {
        $row_class  = " class=\"tr2\"";
        $link_class = "tr2";
    } else {
        $row_class  = " class=\"tr1\"";
        $link_class = "tr1";
    }

    if ($viewed == "0") {
        $subject = "<strong><a href=\"view_pmsg.php?folder=$folder&amp;id=$id\" class=\"$link_class\">$subject</a></strong>";
    } else {
        $subject = "<a href=\"view_pmsg.php?folder=$folder&amp;id=$id\" class=\"$link_class\">$subject</a>";
    }

    if ($type == 1) {
        $userid     = $from_userid;
        $username   = $from_username; 
    } else {
        $userid     = $to_userid;
        $username   = $to_username;
    }

    echo "\n    <tr>";
    echo "\n        <td align=\"left\"$row_class><a href=\"view_profile.php?id=$userid\" class=\"$link_class\">$username</a></td>";
    echo "\n        <td width=\"70%\" align=\"left\"$row_class>$subject</td>";
    echo "\n        <td align=\"left\" nowrap=\"nowrap\"$row_class>$date</td>";
    echo "\n    </tr>";
}

echo <<< END
</table>
$page_numbers
END;

bco_html_footer();

?>
Return current item: top serious project