Jump to content
MakeWebGames

Mailbox Help


munchbunch00

Recommended Posts

Okay so here's the standard mailbox.php [v2]

I'd like it to send as ID instead of username, please can you help me with this. ??

 

<?php
include "globals.php";
if($ir['mailban'])
{
die("<font color=red><h3>! ERROR</h3>
You have been mail banned for {$ir['mailban']} days.<br />
<br />
<b>Reason: {$ir['mb_reason']}</font></b>");
}
$_GET['ID'] = abs((int) $_GET['ID']);
print "<table width=85% class='table' cellspacing='1'><tr><td><a href='mailbox.php?action=inbox'>Inbox</a></td> <td><a href='mailbox.php?action=outbox'>Sent Messages</a></td> <td><a href='mailbox.php?action=compose'>Compose Message</a></td> <td><a href='mailbox.php?action=delall'>Delete All Messages</a></td> <td><a href='mailbox.php?action=archive'>Archive Messages</a></td><td><a href='contactlist.php'>My Contacts</a></td></tr> </table><br />";
switch($_GET['action'])
{
case 'inbox':
mail_inbox();
break;

case 'outbox':
mail_outbox();
break;

case 'compose':
mail_compose();
break;

case 'delete':
mail_delete();
break;

case 'send':
mail_send();
break;

case 'delall':
mail_delall();
break;

case 'delall2':
mail_delall2();
break;

case 'archive':
mail_archive();
break;

default:
mail_inbox();
break;
}
function mail_inbox()
{
global $db,$ir,$c,$userid,$h;
print <<<OUT
Only the last 25 messages sent to you are visible.<br />
<table width=75% class="table" border="0" cellspacing="1">
<tr>
<td class="h" width="30%">From</td>
<td class="h" width="70%">Subject/Message</td>
</tr>
OUT;
$q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC LIMIT 25");
while($r=$db->fetch_row($q))
{
$sent=date('F j, Y, g:i:s a',$r['mail_time']);
print "<tr><td>";
if($r['userid'])
{
print "<a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]";
}
else
{
print "SYSTEM";
}
$fm=urlencode($r['mail_text']);
print <<<EOF
</td>
<td>{$r['mail_subject']}</td>
</tr>
<tr>
<td>Sent at: {$sent}<br /><a href='mailbox.php?action=compose&ID={$r['userid']}'>Reply</a>
<br />
<a href='mailbox.php?action=delete&ID={$r['mail_id']}'>Delete</a>
<br />
<a href='preport.php?ID={$r['userid']}&report=Fradulent mail: {$fm}'>Report</a>
</td>
<td>{$r['mail_text']}</td>
</tr>
EOF;
}
if($ir['new_mail'] > 0)
{
$db->query("UPDATE mail SET mail_read=1 WHERE mail_to=$userid");
$db->query("UPDATE users SET new_mail=0 WHERE userid=$userid");
}
echo '</table>';
}
function mail_outbox()
{
global $db,$ir,$c,$userid,$h;
print "Only the last 25 messages you have sent are visible.<br />
<table width=75% cellspacing=1 class='table'><tr style='background:gray'><th>To</th><th>Subject/Message</th></tr>";
$q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC LIMIT 25");
while($r=$db->fetch_row($q))
{
$sent=date('F j, Y, g:i:s a',$r['mail_time']);
print "<tr><td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td><td>{$r['mail_subject']}</td></tr><tr><td>Sent at: $sent<br /></td><td>{$r['mail_text']}</td></tr>";
}

}
function mail_compose()
{
global $db,$ir,$c,$userid,$h;
print "<form action='mailbox.php?action=send' method='post'>
<table width=75% cellspacing=1 class='table'> <tr>
<td>Contact to send to:</td> <td>";
$q=$db->query("SELECT c.*, u.username FROM contactlist c LEFT JOIN users u ON c.cl_ADDED=u.userid WHERE c.cl_ADDER={$userid} ORDER BY u.username ASC");
if($db->num_rows($q) == 0)
{
 print "You have no contacts!";
}
else
{
 print "<select name='user1' type='dropdown'><option value=''><select a contact...></option>";
 while($r=$db->fetch_row($q))
 {
   print "<option value='{$r['username']}'>{$r['username']}</option>";
 }
 print "</select>";
}
if($_GET['ID'])
{
 $user=$db->fetch_single($db->query("SELECT username FROM users WHERE userid={$_GET['ID']}"));
}  
print "</td></tr><tr>
<td><b>OR</b> Enter a username to send to:</td><td><input type='text' name='user2' value='{$user}' /></td></tr><tr>
<td>Subject:</td> <td><input type='text' name='subject' /></td></tr><tr>
<td>Message:</td>
<td><textarea rows=5 cols=40 name='message'></textarea></td></tr><tr> <td colspan=2><input type='submit' value='Send' /></td></tr></table></form>";
if($_GET['ID'])
{
print "<br /><table width=75% border=2><tr><td colspan=2><b>Your last 5 mails to/from this person:</b></td></tr>";
$q=$db->query("SELECT m.*,u1.username as sender from mail m left join users u1 on m.mail_from=u1.userid WHERE (m.mail_from=$userid AND m.mail_to={$_GET['ID']}) OR (m.mail_to=$userid AND m.mail_from={$_GET['ID']}) ORDER BY m.mail_time DESC LIMIT 5");
while($r=$db->fetch_row($q))
{
$sent=date('F j, Y, g:i:s a',$r['mail_time']);
print "<tr><td>$sent</td> <td><b>{$r['sender']} wrote:</b> {$r['mail_text']}</td></tr>";
}
print "</table>";
}
}
function mail_send()
{
global $db,$ir,$c,$userid,$h;
$subj=str_replace(array("\n"),array("<br />"),strip_tags($_POST['subject']));
$msg=str_replace(array("\n"),array("<br />"),strip_tags($_POST['message']));
if($_POST['user1'] && $_POST['user2'])
{
 die("Please do not select a contact AND enter a username, only do one.<br />
<a href='mailbox.php'>> Back</a>");
}
if(!$_POST['user1'] && !$_POST['user2'])
{
 die("You must select a contact or enter a username.<br />
<a href='mailbox.php'>> Back</a>");
}
$sendto=($_POST['user1']) ? $_POST['user1'] : $_POST['user2'];
$q=$db->query("SELECT userid FROM users WHERE username='{$sendto}'");
if($db->num_rows($q)==0)
{
 die("You cannot send mail to nonexistant users.<br />
<a href='mailbox.php'>> Back</a>");
}
$to=$db->fetch_single($q);
$db->query("INSERT INTO mail VALUES ('',0,$userid,$to,unix_timestamp(),'$subj','$msg')");
$db->query("UPDATE users SET new_mail=new_mail+1 WHERE userid={$to}");
print "Message sent.<br />
<a href='mailbox.php'>> Back</a>";
}
function mail_delete()
{
global $db,$ir,$c,$userid,$h;
$db->query("DELETE FROM mail WHERE mail_id={$_GET['ID']} AND mail_to=$userid");
print "Message deleted.<br />
<a href='mailbox.php'>> Back</a>";
}
function mail_delall()
{
global $ir,$c,$userid,$h;
print "This will delete all the messages in your inbox.<br />
There is <b>NO</b> undo, so be sure.<br />
<a href='mailbox.php?action=delall2'>> Yes, delete all messages</a><br />
<a href='mailbox.php'>> No, go back</a>";
}
function mail_delall2()
{
global $db,$ir,$c,$userid,$h;
$db->query("DELETE FROM mail WHERE mail_to=$userid");
print "All ".$db->affected_rows()." mails in your inbox were deleted.<br />
<a href='mailbox.php'>> Back</a>";
}
function mail_archive()
{
global $ir,$c,$userid,$h;
print "This tool will download an archive of all your messages.<br />
<a href='dlarchive.php?a=inbox'>> Download Inbox</a><br />
<a href='dlarchive.php?a=outbox'>> Download Outbox</a>";
}
$h->endpage();
?>
Edited by KyleMassacre
added code tags
Link to comment
Share on other sites

just change all of the instances where it references the username to userid

i.e.

change this-

$q=$db->query("SELECT userid FROM users WHERE username='{$sendto}'");

 

to-

$q=$db->query("SELECT userid FROM users WHERE userid='{$sendto}'");

 

note: you'll have to check that the part userid is referencing, is actually a id # and not a username

Link to comment
Share on other sites

<?php
include(__DIR__ . '/globals.php');
?><link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.3.0/pure-min.css">
<style scoped>
.pure-button-reset {
	color: white;
	border-radius: 4px;
	text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2);
	background: rgb(223, 117, 20);
</style>
<style type='text/css'>
.info,.success,.warning,.error {
border: 1px solid;
margin: 10px 0;
padding: 15px 10px 15px 50px;
background-repeat: no-repeat;
background-position: 10px center;
-moz-border-radius: .5em;
-webkit-border-radius: .5em;
border-radius: .5em;
}

.success {
color: #4F8A10;
background-color: #DFF2BF;
background-image: url(http://magictallguy.tk/images/success.png);
}

.error {
color: #D8000C;
background-color: #FFBABA;
background-image: url(http://magictallguy.tk/images/error.png);
}

</style>
<?php
class mtg_func {
protected static $instance;
public static function getInstance() {
	if(!isset(self::$instance)) 
		self::$instance = new static();
	return self::$instance;
}

public function format($str, $dec = 0) {
	if(is_numeric($str))
		return number_format($str, $dec);
	else
		return $dec ? 
		nl2br(stripslashes(htmlspecialchars($str))) : 
		stripslashes(htmlspecialchars($str));
}

public function username($id, $show = false, $escape = false) {
	global $db;
	$ret = '';
	if(!$id)
		return 'SYSTEM';
	$select = $db->query("SELECT `username` FROM `users` WHERE `userid` = ".$id);
	if(!$db->num_rows($select))
		return 'UNKNOWN';
	$ret .= $escape == false ? "<a href='viewuser.php?u=".$id."'>".$this->format($db->fetch_single($select))."</a>" : $db->escape("<a href='viewuser.php?u=".$id."'>".$this->format($db->fetch_single($select))."</a>");
	$ret .= $show == true ? " [".$id."]" : '';
	return $ret;
}

public function error($msg, $end = true) {
	global $h;
	echo "<div class='error'><strong>ERROR!</strong><br />".$msg."</div>";
	if($end == true)
		exit($h->endpage());
}

public function success($msg, $end = false) {
	global $h;
	echo "<div class='success'><strong>SUCCESS!</strong><br />".$msg."</div>";
	if($end == true)
		exit($h->endpage());
}
}
$mtg = mtg_func::getInstance();

if($ir['mailban'])
$mtg->error("You have been mail banned for ".$ir['mailban']." day".(($ir['mailban'] == 1) ? '' : 's')."Reason: ".$mtg->format($ir['mb_reason']));
$_GET['ID'] = isset($_GET['ID']) && ctype_digit($_GET['ID']) ? abs(@intval($_GET['ID'])) : null;
?><table class='pure-table pure-table-horizontal' width='95%' cellspacing='1'>
<tr>
	<td><a href='mailbox.php?action=inbox'>Inbox</a></td>
	<td><a href='mailbox.php?action=outbox'>Sent Messages</a></td>
	<td><a href='mailbox.php?action=compose'>Compose Message</a></td>
	<td><a href='mailbox.php?action=delall'>Delete All Messages</a></td>
	<td><a href='mailbox.php?action=archive'>Archive Messages</a></td>
	<td><a href='contactlist.php'>My Contacts</a></td>
</tr>
</table><?php
switch($_GET['action']) {
case 'inbox':
	mail_inbox();
	break;
case 'outbox':
	mail_outbox();
	break;
case 'compose':
	mail_compose();
	break;
case 'delete':
	mail_delete();
	break;
case 'delall':
	mail_delall();
	break;
case 'archive':
	mail_archive();
	break;
default:
	mail_inbox();
	break;
}

function mail_inbox() {
global $db, $ir, $mtg;
?>Only the last 25 messages sent to you are visible.
<table class='pure-table pure-table-horizontal' width='95%' border='0' cellspacing='1'>
	<tr>
		<th width='20%'>From</th>
		<th width='70%'>Subject/Message</th>
	</tr><?php
$q = $db->query("SELECT * FROM `mail` WHERE `mail_to` = ".$ir['userid']." ORDER BY mail_time DESC LIMIT 25");
if(!$db->num_rows($q))
	echo "<tr><td colspan='2' class='center'>You have no messages</td></tr>";
else
	while($row = $db->fetch_row($q)) {
		?><tr>
			<td><?php echo $mtg->username($row['mail_from'], true); ?><br />
				Sent at: <?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?><br />
				<a href='mailbox.php?action=compose&ID=<?php echo $row['mail_from']; ?>'>Reply</a><br />
				<a href='mailbox.php?action=delete&ID=<?php echo $row['mail_id']; ?>'>Delete</a><br />
			<a href='preport.php?ID=<?php echo $row['mail_from']; ?>&report=Fraudulent mail: <?php echo urlencode($row['mail_text']); ?>'>Report</a></td>
			<td><strong>Subject: <?php echo $row['mail_subject'] ? $mtg->format($row['mail_subject'], false) : 'None'; ?></strong><br />
			<?php echo $mtg->format($row['mail_text']); ?></td>
		</tr><?php
	}
?></table><?php
if($ir['new_mail'] > 0) {
	$db->query("UPDATE `mail` SET `mail_read` = 1 WHERE `mail_to` = ".$ir['userid']);
	$db->query("UPDATE `users` SET `new_mail` = 0 WHERE `userid` = ".$ir['userid']);
}
}

function mail_outbox() {
global $db, $ir, $mtg;
?>Only the last 25 messages you have sent are visible.
<table class='pure-table pure-table-horizontal' width='75%' cellspacing='1'>
	<tr>
		<th width='30%'>To</th>
		<th width='70%'>Subject/Message</th>
	</tr><?php
$q = $db->query("SELECT * FROM `mail` WHERE `mail_from` = ".$ir['userid']." ORDER BY `mail_time` DESC LIMIT 25");
if(!$db->num_rows($q))
	echo "<tr><td colspan='2' class='center'>You haven't sent any messages</td></tr>";
else
	while($row = $db->fetch_row($q)) {
		?><tr>
			<td><?php echo $mtg->username($row['mail_to']); ?></td>
			<td><?php echo $mtg->format($row['mail_subject'], false); ?></td>
		</tr>
		<tr>
			<td>Sent at: <?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?></td>
			<td><?php echo $mtg->format($row['mail_text']); ?></td>
		</tr><?php
	}
?></table><?php
}

function mail_compose() {
global $db, $ir, $mtg;
if(!isset($_POST['submit']) || empty($_POST['message'])) {
	?><form action='mailbox.php?action=compose' method='post' class='pure-form pure-form-stacked'>
	<table class='pure-table pure-table-horizontal' width='75%' cellspacing='1'>
		<tr>
			<td>Contact to send to:</td>
			<td><?php
			$q = $db->query("SELECT `cl_ADDED` FROM `contactlist` WHERE `cl_ADDER` = ".$ir['userid']." ORDER BY `cl_ADDED` ASC");
			if(!$db->num_rows($q))
				echo "You have no contacts!";
			else {
				?><select name='user1' type='dropdown'>
				<option value=''><Select a contact...></option><?php
				while($row = $db->fetch_row($q))
					printf("<option value='%u'>%s</option>", $row['cl_ADDED'], $mtg->format($row['cl_ADDED'], false));
				?></select><?php
			}
			?></td>
		</tr>
		<tr>
			<td><strong>OR</strong> Enter a player's ID:</td>
			<td><input type='text' name='user2' value='<?php echo $_GET['ID']; ?>' /></td>
		</tr>
		<tr>
			<td>Subject:</td>
			<td><input type='text' name='subject' /></td>
		</tr>
		<tr>
			<td>Message:</td>
			<td><textarea rows='10' cols='60' name='message' placeholder='Write your message here. Please keep it clean' required></textarea></td>
		</tr>
		<tr>
			<td colspan='2' class='center'><input type='submit' name='submit' value='Send' class='pure-button pure-button-primary' /> <input type='reset' value='Reset' class='pure-button pure-button-reset' /></td>
		</tr>
	</table>
	</form><?php
	if(!empty($_GET['ID'])) {
		?><table class='pure-table pure-table-horizontal' width='75%'>
			<tr>
				<td colspan='2'><strong>Your last 5 mails to/from this person:</strong></td>
			</tr><?php
		$q = $db->query(sprintf("SELECT `mail_time`, `mail_from`, `mail_to`, `mail_text` FROM `mail` " .
								"WHERE (`mail_from` = %1\$u AND `mail_to` = %2\$u) OR " .
								"(`mail_to` = $1\$u AND `mail_from` = %2\$u) " .
								"ORDER BY `mail_time` DESC LIMIT 5", $ir['userid'], $_GET['ID']));
		if(!$db->num_rows($q))
			echo "<tr><td colspan='2' class='center'>No messages between yourself and ".$mtg->username($_GET['ID'])." could be found</td></tr>";
		else
			while($row = $db->fetch_row($q)) {
				?><tr>
					<td><?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?></td>
					<td><strong><?php echo $mtg->username($row['mail_from']); ?> wrote:</strong> <?php echo $mtg->format($row['mail_text']); ?></td>
				</tr><?php
			}
		?></table><?php
	}
} else {
	$_POST['user1'] = isset($_POST['user1']) && ctype_digit($_POST['user1']) ? abs(@intval($_POST['user1'])) : null;
	$_POST['user2'] = isset($_POST['user2']) && ctype_digit($_POST['user2']) ? abs(@intval($_POST['user2'])) : null;
	if(empty($_POST['user1']) && empty($_POST['user2']))
		$mtg->error("You must either select a contact or enter a player's ID");
	if(!empty($_POST['user1']) && !empty($_POST['user2']))
		$mtg->error("You must either select a contact or enter a player's ID, not both");
	$sendto = !empty($_POST['user1']) ? $_POST['user1'] : $_POST['user2'];
	if(in_array($mtg->username($sendto), array('SYSTEM', 'UNKNOWN')))
		$mtg->error("That player doesn't exist");
	$db->query("INSERT INTO `mail` VALUES ('', 0, ".$ir['userid'].", ".$sendto.", ".time().", '".$db->escape($_POST['subject'])."', '".$db->escape($_POST['message'])."')");
	$db->query("UPDATE `users` SET `new_mail` = `new_mail` + 1 WHERE `userid` = ".$sendto);
	$mtg->success("Your message to ".$mtg->username($sendto)." has been sent");
	mail_inbox();
}
}

function mail_delete() {
global $db, $ir, $mtg;
if(empty($_GET['ID']))
	$mtg->error("You didn't select a valid message to delete");
$select = $db->query("SELECT `mail_to`, `mail_read` FROM `mail` WHERE `mail_id` = ".$_GET['ID']);
if(!$db->num_rows($select))
	$mtg->error("That message doesn't exist");
$row = $db->fetch_row($select);
if($row['mail_to'] != $ir['userid'])
	$mtg->error("That message is not yours to delete");
if(!$row['mail_read'])
	$db->query("UPDATE `users` SET `new_mail` = `new_mail` - 1 WHERE `userid` = ".$ir['userid']);
$db->query("DELETE FROM `mail` WHERE `mail_id` = ".$_GET['ID']);
$mtg->success("Message deleted");
mail_inbox();
}

function mail_delall() {
global $db, $ir, $mtg;
$select = $db->query("SELECT COUNT(`mail_id`) FROM `mail` WHERE `mail_to` = ".$ir['userid']);
if(!$db->fetch_single($select))
	$mtg->error("You have no messages to delete");
if(!isset($_GET['ans'])) {
	?>This will delete all the messages in your inbox.
	There is <strong>NO</strong> undo, so be sure.
	<a href='mailbox.php?action=delall&ans=yes'>> Yes, delete all messages</a>
	<a href='mailbox.php'>> No, go back</a><?php
} else {
	$db->query("DELETE FROM `mail` WHERE `mail_to` = ".$ir['userid']);
	$mtg->success($db->affected_rows()." message". ($db->affected_rows() == 1 ? " has " : "s have ")." been deleted");
}
}

function mail_archive() {
?>This tool will download an archive of all your messages.
<a href='dlarchive.php?a=inbox'>> Download Inbox</a>
<a href='dlarchive.php?a=outbox'>> Download Outbox</a><?php
}

$h->endpage();

 

Tested and working.

Enjoy

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...