munchbunch00 Posted November 30, 2013 Share Posted November 30, 2013 (edited) Okay so here's the standard mailbox.php [v2] I'd like it to send as ID instead of username, please can you help me with this. ?? <?php include "globals.php"; if($ir['mailban']) { die("<font color=red><h3>! ERROR</h3> You have been mail banned for {$ir['mailban']} days.<br /> <br /> <b>Reason: {$ir['mb_reason']}</font></b>"); } $_GET['ID'] = abs((int) $_GET['ID']); print "<table width=85% class='table' cellspacing='1'><tr><td><a href='mailbox.php?action=inbox'>Inbox</a></td> <td><a href='mailbox.php?action=outbox'>Sent Messages</a></td> <td><a href='mailbox.php?action=compose'>Compose Message</a></td> <td><a href='mailbox.php?action=delall'>Delete All Messages</a></td> <td><a href='mailbox.php?action=archive'>Archive Messages</a></td><td><a href='contactlist.php'>My Contacts</a></td></tr> </table><br />"; switch($_GET['action']) { case 'inbox': mail_inbox(); break; case 'outbox': mail_outbox(); break; case 'compose': mail_compose(); break; case 'delete': mail_delete(); break; case 'send': mail_send(); break; case 'delall': mail_delall(); break; case 'delall2': mail_delall2(); break; case 'archive': mail_archive(); break; default: mail_inbox(); break; } function mail_inbox() { global $db,$ir,$c,$userid,$h; print <<<OUT Only the last 25 messages sent to you are visible.<br /> <table width=75% class="table" border="0" cellspacing="1"> <tr> <td class="h" width="30%">From</td> <td class="h" width="70%">Subject/Message</td> </tr> OUT; $q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC LIMIT 25"); while($r=$db->fetch_row($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); print "<tr><td>"; if($r['userid']) { print "<a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]"; } else { print "SYSTEM"; } $fm=urlencode($r['mail_text']); print <<<EOF </td> <td>{$r['mail_subject']}</td> </tr> <tr> <td>Sent at: {$sent}<br /><a href='mailbox.php?action=compose&ID={$r['userid']}'>Reply</a> <br /> <a href='mailbox.php?action=delete&ID={$r['mail_id']}'>Delete</a> <br /> <a href='preport.php?ID={$r['userid']}&report=Fradulent mail: {$fm}'>Report</a> </td> <td>{$r['mail_text']}</td> </tr> EOF; } if($ir['new_mail'] > 0) { $db->query("UPDATE mail SET mail_read=1 WHERE mail_to=$userid"); $db->query("UPDATE users SET new_mail=0 WHERE userid=$userid"); } echo '</table>'; } function mail_outbox() { global $db,$ir,$c,$userid,$h; print "Only the last 25 messages you have sent are visible.<br /> <table width=75% cellspacing=1 class='table'><tr style='background:gray'><th>To</th><th>Subject/Message</th></tr>"; $q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC LIMIT 25"); while($r=$db->fetch_row($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); print "<tr><td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td><td>{$r['mail_subject']}</td></tr><tr><td>Sent at: $sent<br /></td><td>{$r['mail_text']}</td></tr>"; } } function mail_compose() { global $db,$ir,$c,$userid,$h; print "<form action='mailbox.php?action=send' method='post'> <table width=75% cellspacing=1 class='table'> <tr> <td>Contact to send to:</td> <td>"; $q=$db->query("SELECT c.*, u.username FROM contactlist c LEFT JOIN users u ON c.cl_ADDED=u.userid WHERE c.cl_ADDER={$userid} ORDER BY u.username ASC"); if($db->num_rows($q) == 0) { print "You have no contacts!"; } else { print "<select name='user1' type='dropdown'><option value=''><select a contact...></option>"; while($r=$db->fetch_row($q)) { print "<option value='{$r['username']}'>{$r['username']}</option>"; } print "</select>"; } if($_GET['ID']) { $user=$db->fetch_single($db->query("SELECT username FROM users WHERE userid={$_GET['ID']}")); } print "</td></tr><tr> <td><b>OR</b> Enter a username to send to:</td><td><input type='text' name='user2' value='{$user}' /></td></tr><tr> <td>Subject:</td> <td><input type='text' name='subject' /></td></tr><tr> <td>Message:</td> <td><textarea rows=5 cols=40 name='message'></textarea></td></tr><tr> <td colspan=2><input type='submit' value='Send' /></td></tr></table></form>"; if($_GET['ID']) { print "<br /><table width=75% border=2><tr><td colspan=2><b>Your last 5 mails to/from this person:</b></td></tr>"; $q=$db->query("SELECT m.*,u1.username as sender from mail m left join users u1 on m.mail_from=u1.userid WHERE (m.mail_from=$userid AND m.mail_to={$_GET['ID']}) OR (m.mail_to=$userid AND m.mail_from={$_GET['ID']}) ORDER BY m.mail_time DESC LIMIT 5"); while($r=$db->fetch_row($q)) { $sent=date('F j, Y, g:i:s a',$r['mail_time']); print "<tr><td>$sent</td> <td><b>{$r['sender']} wrote:</b> {$r['mail_text']}</td></tr>"; } print "</table>"; } } function mail_send() { global $db,$ir,$c,$userid,$h; $subj=str_replace(array("\n"),array("<br />"),strip_tags($_POST['subject'])); $msg=str_replace(array("\n"),array("<br />"),strip_tags($_POST['message'])); if($_POST['user1'] && $_POST['user2']) { die("Please do not select a contact AND enter a username, only do one.<br /> <a href='mailbox.php'>> Back</a>"); } if(!$_POST['user1'] && !$_POST['user2']) { die("You must select a contact or enter a username.<br /> <a href='mailbox.php'>> Back</a>"); } $sendto=($_POST['user1']) ? $_POST['user1'] : $_POST['user2']; $q=$db->query("SELECT userid FROM users WHERE username='{$sendto}'"); if($db->num_rows($q)==0) { die("You cannot send mail to nonexistant users.<br /> <a href='mailbox.php'>> Back</a>"); } $to=$db->fetch_single($q); $db->query("INSERT INTO mail VALUES ('',0,$userid,$to,unix_timestamp(),'$subj','$msg')"); $db->query("UPDATE users SET new_mail=new_mail+1 WHERE userid={$to}"); print "Message sent.<br /> <a href='mailbox.php'>> Back</a>"; } function mail_delete() { global $db,$ir,$c,$userid,$h; $db->query("DELETE FROM mail WHERE mail_id={$_GET['ID']} AND mail_to=$userid"); print "Message deleted.<br /> <a href='mailbox.php'>> Back</a>"; } function mail_delall() { global $ir,$c,$userid,$h; print "This will delete all the messages in your inbox.<br /> There is <b>NO</b> undo, so be sure.<br /> <a href='mailbox.php?action=delall2'>> Yes, delete all messages</a><br /> <a href='mailbox.php'>> No, go back</a>"; } function mail_delall2() { global $db,$ir,$c,$userid,$h; $db->query("DELETE FROM mail WHERE mail_to=$userid"); print "All ".$db->affected_rows()." mails in your inbox were deleted.<br /> <a href='mailbox.php'>> Back</a>"; } function mail_archive() { global $ir,$c,$userid,$h; print "This tool will download an archive of all your messages.<br /> <a href='dlarchive.php?a=inbox'>> Download Inbox</a><br /> <a href='dlarchive.php?a=outbox'>> Download Outbox</a>"; } $h->endpage(); ?> Edited November 30, 2013 by KyleMassacre added code tags Quote Link to comment Share on other sites More sharing options...
Hedge Posted November 30, 2013 Share Posted November 30, 2013 just change all of the instances where it references the username to userid i.e. change this- $q=$db->query("SELECT userid FROM users WHERE username='{$sendto}'"); to- $q=$db->query("SELECT userid FROM users WHERE userid='{$sendto}'"); note: you'll have to check that the part userid is referencing, is actually a id # and not a username Quote Link to comment Share on other sites More sharing options...
munchbunch00 Posted December 6, 2013 Author Share Posted December 6, 2013 The Whole code would help if you could :/ Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted December 13, 2013 Share Posted December 13, 2013 <?php include(__DIR__ . '/globals.php'); ?><link rel="stylesheet" href="http://yui.yahooapis.com/pure/0.3.0/pure-min.css"> <style scoped> .pure-button-reset { color: white; border-radius: 4px; text-shadow: 0 1px 1px rgba(0, 0, 0, 0.2); background: rgb(223, 117, 20); </style> <style type='text/css'> .info,.success,.warning,.error { border: 1px solid; margin: 10px 0; padding: 15px 10px 15px 50px; background-repeat: no-repeat; background-position: 10px center; -moz-border-radius: .5em; -webkit-border-radius: .5em; border-radius: .5em; } .success { color: #4F8A10; background-color: #DFF2BF; background-image: url(http://magictallguy.tk/images/success.png); } .error { color: #D8000C; background-color: #FFBABA; background-image: url(http://magictallguy.tk/images/error.png); } </style> <?php class mtg_func { protected static $instance; public static function getInstance() { if(!isset(self::$instance)) self::$instance = new static(); return self::$instance; } public function format($str, $dec = 0) { if(is_numeric($str)) return number_format($str, $dec); else return $dec ? nl2br(stripslashes(htmlspecialchars($str))) : stripslashes(htmlspecialchars($str)); } public function username($id, $show = false, $escape = false) { global $db; $ret = ''; if(!$id) return 'SYSTEM'; $select = $db->query("SELECT `username` FROM `users` WHERE `userid` = ".$id); if(!$db->num_rows($select)) return 'UNKNOWN'; $ret .= $escape == false ? "<a href='viewuser.php?u=".$id."'>".$this->format($db->fetch_single($select))."</a>" : $db->escape("<a href='viewuser.php?u=".$id."'>".$this->format($db->fetch_single($select))."</a>"); $ret .= $show == true ? " [".$id."]" : ''; return $ret; } public function error($msg, $end = true) { global $h; echo "<div class='error'><strong>ERROR!</strong><br />".$msg."</div>"; if($end == true) exit($h->endpage()); } public function success($msg, $end = false) { global $h; echo "<div class='success'><strong>SUCCESS!</strong><br />".$msg."</div>"; if($end == true) exit($h->endpage()); } } $mtg = mtg_func::getInstance(); if($ir['mailban']) $mtg->error("You have been mail banned for ".$ir['mailban']." day".(($ir['mailban'] == 1) ? '' : 's')."Reason: ".$mtg->format($ir['mb_reason'])); $_GET['ID'] = isset($_GET['ID']) && ctype_digit($_GET['ID']) ? abs(@intval($_GET['ID'])) : null; ?><table class='pure-table pure-table-horizontal' width='95%' cellspacing='1'> <tr> <td><a href='mailbox.php?action=inbox'>Inbox</a></td> <td><a href='mailbox.php?action=outbox'>Sent Messages</a></td> <td><a href='mailbox.php?action=compose'>Compose Message</a></td> <td><a href='mailbox.php?action=delall'>Delete All Messages</a></td> <td><a href='mailbox.php?action=archive'>Archive Messages</a></td> <td><a href='contactlist.php'>My Contacts</a></td> </tr> </table><?php switch($_GET['action']) { case 'inbox': mail_inbox(); break; case 'outbox': mail_outbox(); break; case 'compose': mail_compose(); break; case 'delete': mail_delete(); break; case 'delall': mail_delall(); break; case 'archive': mail_archive(); break; default: mail_inbox(); break; } function mail_inbox() { global $db, $ir, $mtg; ?>Only the last 25 messages sent to you are visible. <table class='pure-table pure-table-horizontal' width='95%' border='0' cellspacing='1'> <tr> <th width='20%'>From</th> <th width='70%'>Subject/Message</th> </tr><?php $q = $db->query("SELECT * FROM `mail` WHERE `mail_to` = ".$ir['userid']." ORDER BY mail_time DESC LIMIT 25"); if(!$db->num_rows($q)) echo "<tr><td colspan='2' class='center'>You have no messages</td></tr>"; else while($row = $db->fetch_row($q)) { ?><tr> <td><?php echo $mtg->username($row['mail_from'], true); ?><br /> Sent at: <?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?><br /> <a href='mailbox.php?action=compose&ID=<?php echo $row['mail_from']; ?>'>Reply</a><br /> <a href='mailbox.php?action=delete&ID=<?php echo $row['mail_id']; ?>'>Delete</a><br /> <a href='preport.php?ID=<?php echo $row['mail_from']; ?>&report=Fraudulent mail: <?php echo urlencode($row['mail_text']); ?>'>Report</a></td> <td><strong>Subject: <?php echo $row['mail_subject'] ? $mtg->format($row['mail_subject'], false) : 'None'; ?></strong><br /> <?php echo $mtg->format($row['mail_text']); ?></td> </tr><?php } ?></table><?php if($ir['new_mail'] > 0) { $db->query("UPDATE `mail` SET `mail_read` = 1 WHERE `mail_to` = ".$ir['userid']); $db->query("UPDATE `users` SET `new_mail` = 0 WHERE `userid` = ".$ir['userid']); } } function mail_outbox() { global $db, $ir, $mtg; ?>Only the last 25 messages you have sent are visible. <table class='pure-table pure-table-horizontal' width='75%' cellspacing='1'> <tr> <th width='30%'>To</th> <th width='70%'>Subject/Message</th> </tr><?php $q = $db->query("SELECT * FROM `mail` WHERE `mail_from` = ".$ir['userid']." ORDER BY `mail_time` DESC LIMIT 25"); if(!$db->num_rows($q)) echo "<tr><td colspan='2' class='center'>You haven't sent any messages</td></tr>"; else while($row = $db->fetch_row($q)) { ?><tr> <td><?php echo $mtg->username($row['mail_to']); ?></td> <td><?php echo $mtg->format($row['mail_subject'], false); ?></td> </tr> <tr> <td>Sent at: <?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?></td> <td><?php echo $mtg->format($row['mail_text']); ?></td> </tr><?php } ?></table><?php } function mail_compose() { global $db, $ir, $mtg; if(!isset($_POST['submit']) || empty($_POST['message'])) { ?><form action='mailbox.php?action=compose' method='post' class='pure-form pure-form-stacked'> <table class='pure-table pure-table-horizontal' width='75%' cellspacing='1'> <tr> <td>Contact to send to:</td> <td><?php $q = $db->query("SELECT `cl_ADDED` FROM `contactlist` WHERE `cl_ADDER` = ".$ir['userid']." ORDER BY `cl_ADDED` ASC"); if(!$db->num_rows($q)) echo "You have no contacts!"; else { ?><select name='user1' type='dropdown'> <option value=''><Select a contact...></option><?php while($row = $db->fetch_row($q)) printf("<option value='%u'>%s</option>", $row['cl_ADDED'], $mtg->format($row['cl_ADDED'], false)); ?></select><?php } ?></td> </tr> <tr> <td><strong>OR</strong> Enter a player's ID:</td> <td><input type='text' name='user2' value='<?php echo $_GET['ID']; ?>' /></td> </tr> <tr> <td>Subject:</td> <td><input type='text' name='subject' /></td> </tr> <tr> <td>Message:</td> <td><textarea rows='10' cols='60' name='message' placeholder='Write your message here. Please keep it clean' required></textarea></td> </tr> <tr> <td colspan='2' class='center'><input type='submit' name='submit' value='Send' class='pure-button pure-button-primary' /> <input type='reset' value='Reset' class='pure-button pure-button-reset' /></td> </tr> </table> </form><?php if(!empty($_GET['ID'])) { ?><table class='pure-table pure-table-horizontal' width='75%'> <tr> <td colspan='2'><strong>Your last 5 mails to/from this person:</strong></td> </tr><?php $q = $db->query(sprintf("SELECT `mail_time`, `mail_from`, `mail_to`, `mail_text` FROM `mail` " . "WHERE (`mail_from` = %1\$u AND `mail_to` = %2\$u) OR " . "(`mail_to` = $1\$u AND `mail_from` = %2\$u) " . "ORDER BY `mail_time` DESC LIMIT 5", $ir['userid'], $_GET['ID'])); if(!$db->num_rows($q)) echo "<tr><td colspan='2' class='center'>No messages between yourself and ".$mtg->username($_GET['ID'])." could be found</td></tr>"; else while($row = $db->fetch_row($q)) { ?><tr> <td><?php echo date('F j, Y, g:i:s a', $row['mail_time']); ?></td> <td><strong><?php echo $mtg->username($row['mail_from']); ?> wrote:</strong> <?php echo $mtg->format($row['mail_text']); ?></td> </tr><?php } ?></table><?php } } else { $_POST['user1'] = isset($_POST['user1']) && ctype_digit($_POST['user1']) ? abs(@intval($_POST['user1'])) : null; $_POST['user2'] = isset($_POST['user2']) && ctype_digit($_POST['user2']) ? abs(@intval($_POST['user2'])) : null; if(empty($_POST['user1']) && empty($_POST['user2'])) $mtg->error("You must either select a contact or enter a player's ID"); if(!empty($_POST['user1']) && !empty($_POST['user2'])) $mtg->error("You must either select a contact or enter a player's ID, not both"); $sendto = !empty($_POST['user1']) ? $_POST['user1'] : $_POST['user2']; if(in_array($mtg->username($sendto), array('SYSTEM', 'UNKNOWN'))) $mtg->error("That player doesn't exist"); $db->query("INSERT INTO `mail` VALUES ('', 0, ".$ir['userid'].", ".$sendto.", ".time().", '".$db->escape($_POST['subject'])."', '".$db->escape($_POST['message'])."')"); $db->query("UPDATE `users` SET `new_mail` = `new_mail` + 1 WHERE `userid` = ".$sendto); $mtg->success("Your message to ".$mtg->username($sendto)." has been sent"); mail_inbox(); } } function mail_delete() { global $db, $ir, $mtg; if(empty($_GET['ID'])) $mtg->error("You didn't select a valid message to delete"); $select = $db->query("SELECT `mail_to`, `mail_read` FROM `mail` WHERE `mail_id` = ".$_GET['ID']); if(!$db->num_rows($select)) $mtg->error("That message doesn't exist"); $row = $db->fetch_row($select); if($row['mail_to'] != $ir['userid']) $mtg->error("That message is not yours to delete"); if(!$row['mail_read']) $db->query("UPDATE `users` SET `new_mail` = `new_mail` - 1 WHERE `userid` = ".$ir['userid']); $db->query("DELETE FROM `mail` WHERE `mail_id` = ".$_GET['ID']); $mtg->success("Message deleted"); mail_inbox(); } function mail_delall() { global $db, $ir, $mtg; $select = $db->query("SELECT COUNT(`mail_id`) FROM `mail` WHERE `mail_to` = ".$ir['userid']); if(!$db->fetch_single($select)) $mtg->error("You have no messages to delete"); if(!isset($_GET['ans'])) { ?>This will delete all the messages in your inbox. There is <strong>NO</strong> undo, so be sure. <a href='mailbox.php?action=delall&ans=yes'>> Yes, delete all messages</a> <a href='mailbox.php'>> No, go back</a><?php } else { $db->query("DELETE FROM `mail` WHERE `mail_to` = ".$ir['userid']); $mtg->success($db->affected_rows()." message". ($db->affected_rows() == 1 ? " has " : "s have ")." been deleted"); } } function mail_archive() { ?>This tool will download an archive of all your messages. <a href='dlarchive.php?a=inbox'>> Download Inbox</a> <a href='dlarchive.php?a=outbox'>> Download Outbox</a><?php } $h->endpage(); Tested and working. Enjoy Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.