<?php
if($_GET['PHPSESSID'])
{
session_id($_GET['PHPSESSID']);
}
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1">
<meta name="generator" content="Adobe GoLive 6">
<title>Send Message</title>
<?php
//require "constants.php";
$lisega_light_blue="#0099FF";
$lisega_medium_blue="#0000FD";
$lisega_dark_blue="#18189C";
$lisega_white="#BBC9FB";
$real_white="#CCCCFF";
$bg = $lisega_dark_blue;
$menu = $lisega_dark_blue;
$blocks = $lisega_light_blue;
$top = $lisega_medium_blue;
$box = $lisega_medium_blue;
$content = $real_white;
//define(_DEFAULT_THEME,"rman2");
//define(_DEFAULT_LANGUAGE,"EN");
//define(_URL,"http://flores-morones.net/webchess/");
# the next one will probably change
# i know i can get this information
# from PHP
//define(_BASEPATH,"/home/roflo1/public_html/webchess");
if (!isset($_CONFIG))
require 'config.php';
require "connectdb.php";
//$theme=isset($_SESSION['uiTheme'])?$_SESSION['uiTheme']:_DEFAULT_THEME;
$id=$_SESSION['playerID'];
if($_POST['newMessage'])
{
echo("<PRE>");
print_r($_POST);
echo("</PRE>");
$fromPerson=($_POST['from'])?$_POST['from']:"NULL";
$toPerson=($_POST['to'])?$_POST['to']:"NULL";
echo("From $fromPerson, To $toPerson<br>");
$OKForMessage=true;;
if (($fromPerson==NULL)||($toPerson==NULL))
{
$OKForMessage=false;
//MUST BE AN ADMIN TO SEND MESSAGE EITHER
// FROM ADMINS
// OR
// TO ALL
if ($_SESSION['isAdmin'])
$OKForMessage=true;
}
if($OKForMessage){
$mGame=($_POST['forGame'])?$_POST['from']:"NULL";
$msgtitle=$_POST['txtTitle'];
$msgtext=$_POST['txtMessage'];
if($_POST['msgType']=="Article")
$msgtype="0";
else
$msgtype="0"; // Always 0... yet..
$sql = "INSERT INTO " . $CFG_TABLE[communication] . " (gameID,fromID,toID,title,text,postDate,expireDate,ack,commType) ";
$sql .= "VALUES ( $mGame , $fromPerson , $toPerson, '$msgtitle', '$msgtext', NOW( ) , NULL , '0', '$msgtype' );";
mysql_query($sql) or die("can't do query: $sql");;
?>
Message Sent!
<script language="javascript">
window.close()
</script>
<?php
die();
}
}
?>
<!--<link REL="StyleSheet" HREF="themes/<?php echo $theme; ?>/style/style.css" TYPE="text/css">-->
<!--<link REL="StyleSheet" HREF="style.css" TYPE="text/css">-->
</head>
<body bgcolor="#808080">
<div align="center">
<form action="" method="post" name="FormName">
Message Recipient:<br>
<input type="hidden" name="from" value="<?php echo $id; ?>">
<select name="to" size="1">
<?php
$tmpQuery="SELECT playerID, nick FROM " . $CFG_TABLE[players] . " WHERE playerID <> ".$id." ORDER BY nick ASC";
$tmpPlayers = mysql_query($tmpQuery) or die("Sorry: $tmpQuery");
while($tmpPlayer = mysql_fetch_array($tmpPlayers, MYSQL_ASSOC))
{
if ($tmpPlayer['nick']){
if($tmpPlayer['playerID']==$_GET['to'])
echo("<option value='".$tmpPlayer['playerID']."' selected> ".$tmpPlayer['nick']."</option>\n");
else
echo("<option value='".$tmpPlayer['playerID']."'> ".$tmpPlayer['nick']."</option>\n");
}
}
?>
</select><br>
<br>
Message Subject:<br>
<input type="text" name="txtTitle" size="54" border="0"><br>
<br>
Message Text:<br>
<textarea name="txtMessage" rows="10" cols="52" tabindex="1"></textarea><br><br>
<input type="submit" name="newMessage" value="Send Message" border="0">
<input type="button" name="btnCancel" value="Cancel" border="0" onClick="javascript:window.close();"><br>
</form>
</div>
</body>
</html>