135 lines
4.8 KiB
PHP
135 lines
4.8 KiB
PHP
<?php
|
|
//Cette page permet d'envoyer un message privé
|
|
include('config.php');
|
|
?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
|
|
<link rel="stylesheet" type="text/css" href="stylesheet.css" />
|
|
<script src="jquery.js"></script>
|
|
<script src="menus.js"></script>
|
|
<link rel="shortcut icon" type="image/x-icon" href="Images/favicon_ie.ico">
|
|
<title>Festiv'Algo - Nouveau Message Personnel</title>
|
|
</head>
|
|
<body>
|
|
<div id="content" style="height = 500px">
|
|
<?php include("menu.php"); ?>
|
|
<?php
|
|
if(isset($_SESSION['username']))
|
|
{
|
|
$form = true;
|
|
$otitle = '';
|
|
$orecip = '';
|
|
$omessage = '';
|
|
if(isset($_POST['title'], $_POST['recip'], $_POST['message']))
|
|
{
|
|
$otitle = $_POST['title'];
|
|
$orecip = $_POST['recip'];
|
|
$omessage = $_POST['message'];
|
|
//On enleve lechappement si get_magic_quotes_gpc est active
|
|
if(get_magic_quotes_gpc())
|
|
{
|
|
$otitle = stripslashes($otitle);
|
|
$orecip = stripslashes($orecip);
|
|
$omessage = stripslashes($omessage);
|
|
}
|
|
if($_POST['title']!='' and $_POST['recip']!='' and $_POST['message']!='')
|
|
{
|
|
$title = mysql_real_escape_string($otitle);
|
|
$recip = mysql_real_escape_string($orecip);
|
|
$message = mysql_real_escape_string(nl2br(htmlentities($omessage, ENT_QUOTES, 'UTF-8')));
|
|
$dn1 = mysql_fetch_array(mysql_query('select count(id) as recip, id as recipid, (select count(*) from pm) as npm from users where username="'.$recip.'"'));
|
|
if($dn1['recip']==1)
|
|
{
|
|
if($dn1['recipid']!=$_SESSION['userid'])
|
|
{
|
|
$id = $dn1['npm']+1;
|
|
if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['userid'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no")'))
|
|
{
|
|
?>
|
|
<div class="message">Le message a bien été envoyé.<br />
|
|
<a href="list_pm.php">Liste de mes messages privés</a></div>
|
|
<?php
|
|
$form = false;
|
|
}
|
|
else
|
|
{
|
|
$error = 'Une erreur s\'est produite lors de l\'envoi du message.';
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$error = 'Vous ne pouvez pas envoyer un message à vous même.';
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$error = 'Le destinataire de votre message n\'existe pas.';
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$error = 'Un des champs n\'est pas rempli.';
|
|
}
|
|
}
|
|
elseif(isset($_GET['recip']))
|
|
{
|
|
$orecip = $_GET['recip'];
|
|
}
|
|
if($form)
|
|
{
|
|
if(isset($error))
|
|
{
|
|
echo '<div class="message">'.$error.'</div>';
|
|
}
|
|
?>
|
|
<div class="content">
|
|
<?php
|
|
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
|
|
$nb_new_pm = $nb_new_pm['nb_new_pm'];
|
|
?>
|
|
<div class="box">
|
|
<div class="box_left">
|
|
<a href="<?php echo $url_home; ?>">Index du forum</a> > <a href="list_pm.php">Messages Personnels</a> > Nouveau Message
|
|
</div>
|
|
<div class="box_right">
|
|
<a href="list_pm.php">Vos messages (<?php echo $nb_new_pm; ?>)</a> - <a href="login.php">Déconnexion</a>
|
|
</div>
|
|
<div class="clean"></div>
|
|
</div>
|
|
<h1>Nouveau message privé</h1><br /><br /><br />
|
|
<form action="new_pm.php" method="post" style="text-align: left; margin-left: 170px;">
|
|
<label for="title">Titre</label><input type="text" value="<?php echo htmlentities($otitle, ENT_QUOTES, 'UTF-8'); ?>" id="title" name="title" /><br />
|
|
<label for="recip">Destinataire<span class="small">(Nom d'utilisateur)</span></label><input type="text" value="<?php echo htmlentities($orecip, ENT_QUOTES, 'UTF-8'); ?>" id="recip" name="recip" /><br />
|
|
<label for="message">Message</label><textarea cols="60" rows="6" id="message" name="message"><?php echo htmlentities($omessage, ENT_QUOTES, 'UTF-8'); ?></textarea><br />
|
|
<input type="submit" value="Envoyer" style="margin-left: 170px;"/>
|
|
</form>
|
|
</div>
|
|
<?php
|
|
}
|
|
}
|
|
else
|
|
{
|
|
?>
|
|
<div class="message">Vous devez être connecté pour accéder à cette page.</div>
|
|
<div class="box_login">
|
|
<form action="login.php" method="post">
|
|
<label for="username">Nom d'utilisateur</label><input type="text" name="username" id="username" /><br />
|
|
<label for="password">Mot de passe</label><input type="password" name="password" id="password" /><br />
|
|
<label for="memorize">Se souvenir</label><input type="checkbox" name="memorize" id="memorize" value="yes" />
|
|
<div class="center">
|
|
<input type="submit" value="Login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="S'inscrire" />
|
|
</div>
|
|
</form>
|
|
</div>
|
|
<?php
|
|
}
|
|
?>
|
|
</span>
|
|
</span>
|
|
</div>
|
|
</body>
|
|
<?php include("bas_de_page.php"); ?>
|
|
</html>
|