devs
/
FestivAlgo
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
FestivAlgo/read_pm.php

175 lines
5.7 KiB
PHP
Raw Blame History

<?php
//Cette page permet de lire un message prive
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<link rel="stylesheet" type="text/css" href="stylesheet.css" />
<script src="jquery.js"></script>
<script src="menus.js"></script>
<link rel="shortcut icon" type="image/x-icon" href="Images/favicon_ie.ico">
<title>Festiv'Algo - Lecture d'un MP</title>
</head>
<body>
<div id="content" style="height = 500px">
<?php include("menu.php"); ?>
<?php
if(isset($_SESSION['username']))
{
if(isset($_GET['id']))
{
$id = intval($_GET['id']);
$req1 = mysql_query('select title, user1, user2 from pm where id="'.$id.'" and id2="1"');
$dn1 = mysql_fetch_array($req1);
if(mysql_num_rows($req1)==1)
{
if($dn1['user1']==$_SESSION['userid'] or $dn1['user2']==$_SESSION['userid'])
{
if($dn1['user1']==$_SESSION['userid'])
{
mysql_query('update pm set user1read="yes" where id="'.$id.'" and id2="1"');
$user_partic = 2;
}
else
{
mysql_query('update pm set user2read="yes" where id="'.$id.'" and id2="1"');
$user_partic = 1;
}
$req2 = mysql_query('select pm.timestamp, pm.message, users.id as userid, users.username, users.avatar from pm, users where pm.id="'.$id.'" and users.id=pm.user1 order by pm.id2');
if(isset($_POST['message']) and $_POST['message']!='')
{
$message = $_POST['message'];
//On enleve lechappement si get_magic_quotes_gpc est active
if(get_magic_quotes_gpc())
{
$message = stripslashes($message);
}
//On echape le message pour pouvoir le mettre dans une requette SQL
$message = mysql_real_escape_string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
//On envoi la reponse et le statut de la discution passe a non-lu pour lautre utilisateur
if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"'))
{
?>
<div class="message">Votre message a bien &eacute;t&eacute; envoy&eacute;.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Retour &agrave; la discussion</a></div>
<?php
}
else
{
?>
<div class="message">Une erreur c'est produite lors de l'envoi du message.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Retour &agrave; la discussion</a></div>
<?php
}
}
else
{
//On affiche la liste des messages
?>
<div class="content">
<?php
if(isset($_SESSION['username']))
{
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
$nb_new_pm = $nb_new_pm['nb_new_pm'];
?>
<div class="box">
<div class="box_left">
<a href="<?php echo $url_home; ?>">Index du forum</a> &gt; <a href="list_pm.php">Messages Personnels</a> &gt; Lecture
</div>
<div class="box_right">
<a href="list_pm.php">Vos messages (<?php echo $nb_new_pm; ?>)</a> - <a href="login.php">Déconnexion</a>
</div>
<div class="clean"></div>
</div>
<?php
}
else
{
?>
<div class="box">
<div class="box_left">
<a href="<?php echo $url_home; ?>">Index du forum</a> &gt; <a href="list_pm.php">Messages Personnels</a> &gt; Lecture
</div>
<div class="box_right">
<a href="signup.php">Inscription</a> - <a href="login.php">Connexion</a>
</div>
<div class="clean"></div>
</div>
<?php
}
?>
<h1><?php echo $dn1['title']; ?></h1>
<table class="messages_table">
<tr>
<th class="author">Utilisateur</th>
<th>Message</th>
</tr>
<?php
while($dn2 = mysql_fetch_array($req2))
{
?>
<tr>
<td class="author center"><?php
if($dn2['avatar']!='')
{
echo '<img src="'.htmlentities($dn2['avatar']).'" alt="Image Perso" style="max-width:100px;max-height:100px;" />';
}
?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['username']; ?></a></td>
<td class="left"><div class="date"><?php echo date('d/m/Y H:i:s' ,$dn2['timestamp']); ?></div>
<?php echo $dn2['message']; ?></td>
</tr>
<?php
}
?>
</table><br />
<h2>R&eacute;pondre</h2>
<div class="center">
<form action="read_pm.php?id=<?php echo $id; ?>" method="post">
<textarea cols="80" rows="6" name="message" id="message" style="resize: none;"></textarea><br />
<input type="submit" value="Envoyer" />
</form>
</div>
</div>
<?php
}
}
else
{
echo '<div class="message">Vous n\'avez pas le droit d\'acc&eacute;der &agrave; cette page.</div>';
}
}
else
{
echo '<div class="message">Ce message n\'existe pas.</div>';
}
}
else
{
echo '<div class="message">L\'identifiant du message n\'est pas d&eacute;fini.</div>';
}
}
else
{
?>
<div class="message">Vous devez &ecirc;tre connect&eacute; pour acc&eacute;der &agrave; cette page:</div>
<div class="box_login">
<form action="login.php" method="post">
<label for="username">Nom d'utilisateur</label><input type="text" name="username" id="username" /><br />
<label for="password">Mot de passe</label><input type="password" name="password" id="password" /><br />
<label for="memorize">Se souvenir</label><input type="checkbox" name="memorize" id="memorize" value="yes" />
<div class="center">
<input type="submit" value="Login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="S'inscrire" />
</div>
</form>
</div>
<?php
}
?>
</div>
</body>
<?php include("bas_de_page.php"); ?>
</html>
Reference in New Issue View Git Blame Copy Permalink