Location: PHPKode > scripts > WH Board > wh_board/read_pm.php
<?php require('style/layout/header.php'); ?>

    <div class="content_left">
        <ul id="breadcrumbs">
            <li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
            <li><a href="myprofile.php"><?php echo $lang['user_area']; ?></a></li>
            <li><a href="inbox.php"><?php echo $lang['inbox']; ?></a></li>
            <li><a href="read_pm.php?user_id=<?php echo (int)$_SESSION['user_id']; ?>&msg_id=<?php echo intval($_GET['msg_id']); ?>" class="actual"><?php echo $lang['read_pm']; ?></a></li>
        </ul>
    </div>
    <div class="content_right"><form method="post" id="search" action="search.php?search">
        <input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
        <input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
        </form>
    </div>

    <div class="clear"></div>

    <div id="headline">&nbsp;</div>

    <?php

        if(!isset($_SESSION['signed_in'])) {

		echo '<p class="false">' . $lang['only_for_registered'] . '</p>
        <p>' . $lang['you_have_to'] . ' <a href="signin.php">' . $lang['small_signin'] . '</a>. ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{

		echo '<h1>' . $lang['pm_discussions'] . '</h1>';

		if((isset($_GET['msg_id'])) && (is_numeric($_GET['msg_id']))) {

		$id = mysql_real_escape_string($_GET['msg_id']);
		$id = intval($_GET['msg_id']);

			}else{

			echo '<p>' . $lang['invalid_id'] . '!</p>';
			exit();
			}

        include_once('functions/bbcode.php');
		include_once('functions/badwords.php');

		$sql = mysql_query("SELECT msg_title, msg_user1, msg_user2 FROM messages WHERE msg_id = '" . $id . "' AND msg_id2 = '1'") OR die(mysql_error());
		$row = mysql_fetch_assoc($sql);

		if(intval(mysql_num_rows($sql)) == 1) {

		if($row['msg_user1'] == (int)$_SESSION['user_id'] OR $row['msg_user2'] == (int)$_SESSION['user_id']) {
		if($row['msg_user1'] == (int)$_SESSION['user_id']) {

		mysql_query("UPDATE messages SET msg_user1read = 'yes' WHERE msg_id = '" . $id . "' AND msg_id2 = '1'");
		$user_partic = 2;

    		}else{

    		mysql_query("UPDATE messages SET msg_user2read = 'yes' WHERE msg_id = '" . $id . "' AND msg_id2 = '1'");
    		$user_partic = 1;
    		}
        }

		$query = mysql_query("SELECT messages.msg_date, messages.msg_content, users.user_id AS user_id, users.user_name FROM messages, users WHERE messages.msg_id = '" . $id . "' AND users.user_id = messages.msg_user1 ORDER BY messages.msg_id2") OR die(mysql_error());

		if(isset($_POST['msg_content']) AND $_POST['msg_content']!='') {

        $msg_content = mysql_real_escape_string($_POST['msg_content']);

		if(mysql_query("INSERT INTO messages (msg_id, msg_id2, msg_title, msg_user1, msg_user2, msg_content, msg_date, msg_user1read, msg_user2read) VALUES('" . $id . "', '" . (intval(mysql_num_rows($query))+1) . "', '', '" . (int)$_SESSION['user_id'] . "', '', '" . $msg_content . "', NOW(), '', '')") AND mysql_query("UPDATE messages SET msg_user" . $user_partic . "read = 'yes' WHERE msg_id = '" . $id . "' AND msg_id2 = '1'")) {

		echo '<p class="success">' . $lang['pm_sending_success'] . '!</p>
		<p><a href="read_pm.php?user_id=' . (int)$_SESSION['user_id'] . '&msg_id=' . $id . '">' . $lang['go_to_discussion'] . '</a></p>';

			}else{

			echo '<p class="false">' . $lang['pm_sending_failed'] . '</p>
			<p><a href="read_pm.php?user_id=' . (int)$_SESSION['user_id'] . '&msg_id=' . $id . '">' . $lang['back_to_discussion'] . '</a></p>';
			}

		}else{

		echo '<table width="100%" class="tables">
        <tr>
        <td colspan="2" valign="top"><img src="style/images/grafics/write.png" alt="Nachricht">&nbsp;&nbsp;<span class="green"><u>' . htmlentities($row['msg_title'], ENT_QUOTES) . '</u></span></td>
        </tr>';

		while($pm_row = mysql_fetch_assoc($query)) {

            echo '<tr>
            <td width="15%"><strong>' . $lang['by'] . '</strong></td>
            <td width="85%"><a href="profile.php?user_id=' . (int)$pm_row['user_id'] . '">' . htmlentities($pm_row['user_name'], ENT_QUOTES) . '</a></td>
            </tr>
            <tr>
            <td width="15%"><strong>' . $lang['date'] . '</strong></td>
            <td width="85%">' . date('d.m.Y - H:i', strtotime($pm_row['msg_date'])) . '</td>
            </tr>
            <tr>
            <td width="15%" valign="top"><strong>' . $lang['message'] . '</strong></td>
            <td width="85%" valign="top">' . bbcode(badwords(stripslashes(nl2br($pm_row['msg_content'])))) . '</td>
            </tr>';
            }

		echo '</table>';

        echo '<div class="cleaning"></div>';

		echo '<h1>' . $lang['to_reply'] . '</h1>
		<form action="read_pm.php?user_id=' . (int)$_SESSION['user_id'] . '&msg_id=' . $id . '" method="post" name="msg_content">
        <textarea cols="45" rows="8" name="msg_content" id="msg_content" class="textareas"></textarea>
        <p><input type="submit" name="submit" value="' . $lang['to_reply'] . '" alt="' . $lang['to_reply'] . '" class="buttons"></p>
        </form>';
        }

			}else{

			echo '<p class="false">' . $lang['no_exists_pm'] . '</p>
			<p><a href="inbox.php">' . $lang['goto_inbox'] . '</a></p>';
			}
		}

	?>

<?php require('style/layout/footer.php'); ?>
Return current item: WH Board