bustya
11-05-2007, 09:59 AM
I'm modifying a private messaging system. The original script has a file called compose.php. This is a generic form where it collects the logged in user's name from $_SESSION and then has 3 form fields, one for the receiver, subject, and message. I'm trying to modify it to collect the receiver's name from $GET so the user doesn't have to enter the name of the receiver. I've successfully passed the receiver's name to the file compose.php from the receiver's profile. I'm able to echo the receiver's name on compose.php but so far I'm unable to insert it into the form field for the receiver which is $_POST. Once I'm able to get it to work I want to either remove the field all together or make it hidden.
This gets a little confusing so I'm going to use names in my example to simplify the situation.
Fred = Message sender who wants to contact John.
John = Message receiver.
Fred is looking at John's profile and sees a link to contact him. This is the code for that:
/* Requested Username error checking */
$req_user = trim($_GET['user']);
if(!$req_user || strlen($req_user) == 0 ||
!eregi("^([0-9a-z])+$", $req_user) ||
!$database->usernameTaken($req_user)){
die("Username not registered");
}
/* Display requested user information */
$req_user_info = $database->getUserInfo($req_user);
$receiver = $req_user_info['username'];
/* If viewer is not the profile owner but another member show this link */
if(strcmp($session->username,$req_user) == 1){
echo "<br><a href=\"pms/compose.php?user=$receiver\">Send Message to $receiver</a>";
}
So Fred clicks the link and is directed to "compose.php?user=John"
I'm able to echo John's name on this page, so I know it's being collected. Here I'm telling Fred that he's messaging John:
/* $user is the logged in member send this message */
$user = $_SESSION['username'];
/* Getting the receiver's info */
$req_user = trim($_GET['user']);
/* this is for the receiver's name */
$req_user_info = $database->getUserInfo($req_user);
$receiver = $req_user_info['username'];
//Is the sender a logged in user?
if(!$user)
{
echo "<br><p>You need to log in before you can send a message to $reci.</p><br>";
}
else
{
//Get your private message count
$sql = mysql_query ("SELECT pm_count FROM users WHERE username='$user'");
$row = mysql_fetch_array ($sql);
$pm_count = $row['pm_count'];
$percent = $pm_count/'50';
$percent = $percent * '100';
echo "Welcome <b>$session->username</b>, you are logged in and sending a message to $receiver. <br><br>"
."[<a href=\"../userinfo.php?user=$session->username\">My Account</a>]";
Now, sparing you all the error checking, this is where the original script defines the form fields, note that this also uses $receiver, I've made several attempts to get this to collect the $_GET info but can't figure out the syntax.
$receiver = $_POST['username'];
$subject = $_POST['subject'];
$message = $_POST['message'];
Here's the query code to insert the message in the database:
mysql_query("INSERT INTO messages (receiver, sender, subject, message) VALUES('$receiver', '$user', '$subject', '$message')") or die (mysql_error());
And finally here's the HTML for the form itself:
<form name="send" method="post" action="compose.php">
<table width="80%">
<tr>
<td width="150px" align="left" valign="top"><p>Username</p></td>
<td width="" align="left" valign="top"><input name="username" type="text" id="username" value="<? echo "$receiver"; ?>"></td>
</tr>
<tr>
<td width="150px" align="left" valign="top"><p>Subject</p></td>
<td width="" align="left" valign="top"><input name="subject" type="text" id="subject" value="<? echo "$subject"; ?>"></td>
</tr>
<tr>
<td width="150px" align="left" valign="top"><p>Message Body</p></td>
<td width="" align="left" valign="top"><textarea name="message" type="text" id="message" value="" cols="50" rows="10"></textarea></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="Submit" value="Send Message"></td>
</tr>
</table>
</center>
</form>
One of my attempts to modify this I was able to send the info to the database except for the receiver's name by replacing this line:
$receiver = $_POST['username'];
With this one:
$receiver = $req_user_info['username'];
Any ideas?
This gets a little confusing so I'm going to use names in my example to simplify the situation.
Fred = Message sender who wants to contact John.
John = Message receiver.
Fred is looking at John's profile and sees a link to contact him. This is the code for that:
/* Requested Username error checking */
$req_user = trim($_GET['user']);
if(!$req_user || strlen($req_user) == 0 ||
!eregi("^([0-9a-z])+$", $req_user) ||
!$database->usernameTaken($req_user)){
die("Username not registered");
}
/* Display requested user information */
$req_user_info = $database->getUserInfo($req_user);
$receiver = $req_user_info['username'];
/* If viewer is not the profile owner but another member show this link */
if(strcmp($session->username,$req_user) == 1){
echo "<br><a href=\"pms/compose.php?user=$receiver\">Send Message to $receiver</a>";
}
So Fred clicks the link and is directed to "compose.php?user=John"
I'm able to echo John's name on this page, so I know it's being collected. Here I'm telling Fred that he's messaging John:
/* $user is the logged in member send this message */
$user = $_SESSION['username'];
/* Getting the receiver's info */
$req_user = trim($_GET['user']);
/* this is for the receiver's name */
$req_user_info = $database->getUserInfo($req_user);
$receiver = $req_user_info['username'];
//Is the sender a logged in user?
if(!$user)
{
echo "<br><p>You need to log in before you can send a message to $reci.</p><br>";
}
else
{
//Get your private message count
$sql = mysql_query ("SELECT pm_count FROM users WHERE username='$user'");
$row = mysql_fetch_array ($sql);
$pm_count = $row['pm_count'];
$percent = $pm_count/'50';
$percent = $percent * '100';
echo "Welcome <b>$session->username</b>, you are logged in and sending a message to $receiver. <br><br>"
."[<a href=\"../userinfo.php?user=$session->username\">My Account</a>]";
Now, sparing you all the error checking, this is where the original script defines the form fields, note that this also uses $receiver, I've made several attempts to get this to collect the $_GET info but can't figure out the syntax.
$receiver = $_POST['username'];
$subject = $_POST['subject'];
$message = $_POST['message'];
Here's the query code to insert the message in the database:
mysql_query("INSERT INTO messages (receiver, sender, subject, message) VALUES('$receiver', '$user', '$subject', '$message')") or die (mysql_error());
And finally here's the HTML for the form itself:
<form name="send" method="post" action="compose.php">
<table width="80%">
<tr>
<td width="150px" align="left" valign="top"><p>Username</p></td>
<td width="" align="left" valign="top"><input name="username" type="text" id="username" value="<? echo "$receiver"; ?>"></td>
</tr>
<tr>
<td width="150px" align="left" valign="top"><p>Subject</p></td>
<td width="" align="left" valign="top"><input name="subject" type="text" id="subject" value="<? echo "$subject"; ?>"></td>
</tr>
<tr>
<td width="150px" align="left" valign="top"><p>Message Body</p></td>
<td width="" align="left" valign="top"><textarea name="message" type="text" id="message" value="" cols="50" rows="10"></textarea></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="Submit" value="Send Message"></td>
</tr>
</table>
</center>
</form>
One of my attempts to modify this I was able to send the info to the database except for the receiver's name by replacing this line:
$receiver = $_POST['username'];
With this one:
$receiver = $req_user_info['username'];
Any ideas?