Location: PHPKode > projects > WH Community > wh_community/read_pm.php
<?php require('layout/header.php'); ?>

    <script type="text/javascript">
    	function insert(was) {
    	document.pm_answer.message.value += was + " ";
    	document.pm_answer.message.focus();
    	}
    </script>
    
    <script type="text/javascript">
    	function showSuccessMessage() {
    	showNotification({
    	type : "success",
    	message: "<?php echo $lang['success_pm_sent']; ?>"
    	});    
        }                                
    
    function showErrorMessage() {
    	showNotification({
    	type : "error",
    	message: "<?php echo $lang['couldnot_sent_pm']; ?>"
    	});    
        }                                
    </script>

<div id="content_wrapper">
    <div class="content"><?php

        if(!isset($_SESSION['signed_in'])) {
        
		echo '<p class="false">' . $lang['just_for_users'] . '!</p>
              <p>' . $lang['you_need_to'] . ' <a href="signin.php">' . $lang['signin_s'] . '</a>.
              - ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{

		echo '<table align="center" class="usertable">
		<tr>
			<td align="center"><ul class="usermenu">
				<li><a href="myprofile.php">' . $lang['my_profile'] . '</a></li>
				<li><a href="guestbook.php">' . $lang['guestbook'] . '</a></li>
				<li><a href="messagebox.php">' . $lang['messagebox'] . '</a></li>
				<li><a href="password.php">' . $lang['password'] . '</a></li>
				<li><a href="inbox.php">' . $lang['inbox'] . '</a></li>
				<li><a href="outbox.php">' . $lang['outbox'] . '</a></li>
				<li><a href="create_pm.php">' . $lang['m_newpm'] . '</a></li>
				<li><a href="mypostings.php">' . $lang['my_posts'] . '</a></li>
				<li><a href="infos.php">' . $lang['informations'] . '</a></li>
				<li><a href="todo.php">' . $lang['m_todo'] . '</a></li>
				<li><a href="news.php">' . $lang['news'] . '</a></li>
			</ul></td>
		</tr>
		<tr>
			<td><h1>' . $lang['pm_discussion'] . '</h1></td>
		</tr>';
		
		echo '<tr><td>';
			
		include_once('functions/bbcode.php');
		include_once('functions/badwords.php');
		
		if((isset($_GET['pm_id'])) && (is_numeric($_GET['pm_id']))) {
		
		$id = mysql_real_escape_string($_GET['pm_id']);
		$id = intval($_GET['pm_id']);
		
			}else{
			
			echo '<p align="center" class="false">' . $lang['invalid_id'] . '!</p>';
			exit();
			}
		
		$sql = mysql_query("SELECT title, user1, user2 FROM messages WHERE pm_id = '" . $id . "' AND pm_id2 = '1'") OR die(mysql_error());
		$row = mysql_fetch_array($sql);
		
		if(intval(mysql_num_rows($sql)) == 1) {
		
		if($row['user1'] == (int)$_SESSION['user_id'] or $row['user2'] == (int)$_SESSION['user_id']) {
		if($row['user1'] == (int)$_SESSION['user_id']) {
		
		mysql_query("UPDATE messages SET user1read = 'yes' WHERE pm_id = '" . $id . "' AND pm_id2 = '1'") OR die(mysql_error());
		$user_partic = 2;
		
    		}else{
    		
    		mysql_query("UPDATE messages SET user2read = 'yes' WHERE pm_id = '" . $id . "' AND pm_id2 = '1'") OR die(mysql_error());
    		$user_partic = 1;
    		}
        }
		
		$query = mysql_query("SELECT messages.timestamp, messages.message, users.user_id AS user_id, users.user_name FROM messages, users WHERE messages.pm_id = '" . $id . "' AND users.user_id = messages.user1 ORDER BY messages.pm_id2") OR die(mysql_error());
		
		if(isset($_POST['message']) AND $_POST['message']!='') {
		
        $message = htmlentities($_POST['message']);
		
		if(mysql_query('INSERT INTO messages (pm_id, pm_id2, title, user1, user2, message, timestamp, user1read, user2read)VALUES("' . $id . '", "' . (intval(mysql_num_rows($query))+1) . '", "", "' . $_SESSION['user_id'] . '", "", "' . mysql_real_escape_string($message) . '", "' . time() . '", "", "")') AND mysql_query('UPDATE messages SET user' . $user_partic . 'read = "yes" WHERE pm_id = "' . $id . '" AND pm_id2 = "1"')) {
		
		echo '<p class="right">' . $lang['success_pm_sent'] . '</p>
		      <p>[ <a href="read_pm.php?user_id=' . (int)$_SESSION['user_id'] . '&pm_id=' . $id . '">' . $lang['go_on'] . '</a> ]</p>';
		echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
		
			}else{
			
			echo '<p class="false">' . $lang['couldnot_sent_pm'] . '</p>
			      <p>[ <a href="read_pm.php?user_id=' . (int)$_SESSION['user_id'] . '&pm_id=' . $id . '">' . $lang['back'] . '</a> ]</p>';
			echo "<script type=\"text/javascript\">showErrorMessage();</script>";
			}
		
		}else{
		
		echo '<table align="center" cellpadding="5" class="pmtable">
		      <tr>
		      <td colspan="2" valign="top"><img src="images/icons/pm.png">&nbsp;&nbsp;<span class="blue"><u>' . htmlentities($row['title'], ENT_QUOTES) . '</u></span></td>
		      </tr>';
		
		while($pm_row = mysql_fetch_array($query)) {
		
        echo '<tr>
    		  <td colspan="2"><div id="pm_line">&nbsp;</div></td>
    		  </tr>
    		  <tr>
    		  <td width="15%">&nbsp;<span class="blue">' . $lang['by_b'] . '</span></td>
    		  <td width="85%"><a href="profile.php?user_id=' . (int)$pm_row['user_id'] . '">' . htmlentities($pm_row['user_name'], ENT_QUOTES) . '</a></td>
    		  </tr>
    		  <tr>
    		  <td width="15%">&nbsp;<span class="blue">' . $lang['date'] . '</span></td>
    		  <td width="85%">';
              
              if($language == "de") {
                  echo date('d.m.Y - H:i', $pm_row['timestamp']);

              }elseif($language == "en") {
                  echo date('Y-m-d - H:i', $pm_row['timestamp']); }
              
              echo '</td>
    		  </tr>
    		  <tr>
    		  <td width="15%" valign="top">&nbsp;<span class="blue">' . $lang['message'] . '</span></td>
    		  <td width="85%"><p>' . parseBBCode2HTML(delBad(nl2br(stripslashes(strip_tags($pm_row['message']))))) . '</p></td>
    		  </tr>';
    		  }
		
		echo '</table>';
		
		echo '<br><h1>' . $lang['to_answer'] . '</h1>
		      <form action="read_pm.php?pm_id=' . $id . '" method="post" name="pm_answer">';
		
        echo "<strong>" . $lang['message'] . "</strong><br>
    		  <textarea cols=\"40\" rows=\"5\" name=\"message\" id=\"message\" class=\"fields_text\"></textarea>
    		  <p><input type=\"submit\" value=\"" . $lang['send'] . "\" class=\"button\"></p>
    		  </form>
    		  </div>
    		  </div>";
    		  }
		
			}else{
			
			echo '<p class="false">' . $lang['pm_discussion_nexist'] . '.</p>
			      <p>[ <a href="inbox.php?user_id=' . (int)$_SESSION['user_id'] . '">' . $lang['back'] . '</a> ]</p>';
			}
		}
		
		echo '</td></tr>
		      </table>';
		
		echo '<div class="spacer_div">&nbsp;</div>';

		?>
    </div>
</div>

<div id="infobox_wrapper">
    <div class="infobox">
        <?php include('layout/infobox.php'); ?>
    </div>
</div>

<?php require('layout/footer.php'); ?>
Return current item: WH Community