Location: PHPKode > scripts > WH Board > wh_board/create_pm.php
<?php require('style/layout/header.php'); ?>

    <div class="content_left">
        <ul id="breadcrumbs">
            <li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
            <li><a href="myprofile.php"><?php echo $lang['user_area']; ?></a></li>
            <li><a href="inbox.php"><?php echo $lang['inbox']; ?></a></li>
            <li><a href="create_pm.php" class="actual"><?php echo $lang['new_pm']; ?></a></li>
        </ul>
    </div>
    <div class="content_right"><form method="post" id="search" action="search.php?search">
        <input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
        <input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
        </form>
    </div>

    <div class="clear"></div>

    <div id="headline">&nbsp;</div>

    <?php

        if(!isset($_SESSION['signed_in'])) {

		echo '<p class="false">' . $lang['only_for_registered'] . '</p>
        <p>' . $lang['you_have_to'] . ' <a href="signin.php">' . $lang['small_signin'] . '</a>. ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{

		echo '<h1>' . $lang['crate_pm'] . '</h1>';

		$form = TRUE; $msg_title = ''; $msg_reciver = ''; $msg_content = '';

		if(isset($_POST['msg_title'], $_POST['msg_reciver'], $_POST['msg_content'])) {

			$msg_title = $_POST['msg_title'];
			$msg_reciver = $_POST['msg_reciver'];
			$msg_content = $_POST['msg_content'];

		if($_POST['msg_title']!='' AND $_POST['msg_reciver']!='' AND $_POST['msg_content']!='') {

            $msg_title = mysql_real_escape_string($msg_title);
			$recip = mysql_real_escape_string($msg_reciver);
			$msg_content = mysql_real_escape_string($msg_content);

		$sql = mysql_fetch_assoc(mysql_query("SELECT count(user_id) AS msg_reciver, user_id AS recipid, (select count(*) FROM messages) AS npm FROM users WHERE user_name='" . $msg_reciver . "'"));

		if($sql['msg_reciver'] == 1) {

		if($sql['recipid']!=(int)$_SESSION['user_id']) {

		$id = $sql['npm']+1;

		if(mysql_query("INSERT INTO messages (msg_id, msg_id2, msg_title, msg_user1, msg_user2, msg_content, msg_date, msg_user1read, msg_user2read)VALUES('" . $id . "', '1', '" . $msg_title . "', '" . (int)$_SESSION['user_id'] . "', '" . $sql['recipid'] . "', '" . $msg_content . "', NOW(), 'yes', 'no')")) {

		echo '<p class="success">' . $lang['pm_sending_success'] . '!</p>
		<p><a href="inbox.php">' . $lang['inbox'] . '</a> - <a href="outbox.php">' . $lang['outbox']. '</a></p>';

		$form = FALSE;

		}else{
		$error = $lang['error_occured'];
		}

		}else{
		$error = $lang['not_send_self'];
		}

		}else{
		$error = $lang['user_not_exists'];
		}

		}else{
		$error = $lang['not_filled_all'];
		}

			}elseif(is_numeric($_GET['msg_reciver'])) {

			$msg_reciver = intval($_GET['msg_reciver']);
			}

		if($form) {
		if(isset($error)) {

		echo '<p class="false">' . $error . '</p>';
		}

		echo '<form action="create_pm.php" method="post" name="pm">
        <p><input type="text" id="msg_title" name="msg_title" size="40" class="textfields"> ' . $lang['subject'] . '</p>
        <p><input type="text" id="msg_reciver" name="msg_reciver" size="40" class="textfields"> ' . $lang['receiver'] . ' <small>(User Name)</small></p>
        <textarea cols="45" rows="8" name="msg_content" id="msg_content" class="textareas">' . htmlentities($msg_content, ENT_QUOTES) . '</textarea>
        <p><input type="submit" name="submit" value="' . $lang['send'] . '" alt="' . $lang['send'] . '" class="buttons"></p>
        </form>';
        }
		}

	?>

<?php require('style/layout/footer.php'); ?>
Return current item: WH Board