第1行

时间:2015-05-07 16:29:44

标签: php sql phpbb

大家好,我有一个发布到同一页面的表单。它链接到论坛提供者phpBB,这就是我没有使用$ _POST等的原因。我对这段脚本有一些问题:

 //We check if the form has been sent
    if(isset($getmessage) and ($getmessage)!='')
    {
            $message = $getmessage;
            //We remove slashes depending on the configuration
            if(get_magic_quotes_gpc())
            {
                    $message = stripslashes($message);
            }
            //We protect the variables
            $message = mysql_real_escape_string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
            //We send the message and we change the status of the discussion to unread for the recipient
            if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"'))
            {
    ?>
    <div class="message">Your message has successfully been sent.<br />
    <a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
    <?php
            }
            else
            {
    ?>
    <div class="message">An error occurred while sending the message.<br />
    <a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
    <?php
            }
    }
    else
    {
    //We display the messages
    ?>

一切正常,但是如果没有收到“发送邮件时发生错误”错误消息,我似乎无法发送邮件。我认为这是因为变量$ getmessage是直接设置的,因为我使用了var_dump(isset)。整个PHP页面如下所示。

<?php
include('config.php');

define('IN_PHPBB', true);
$phpbb_root_path = './phpBB/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('ucp');


$_SESSION['userid'] = $user->data['user_id'];
$_SESSION['username'] = $user->data['username'];

$getid      = request_var('id', '0');
$getmessage     = request_var('message', '');
print_r($getmessage);

var_dump(isset($getmessage));  


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
        <title>Read a PM</title>
    </head>
    <body>
        <div class="header">
                <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
            </div>
<?php
//We check if the user is logged
if(isset($_SESSION['username']))
{
//We check if the ID of the discussion is defined
if(isset($getid))
{
$id = intval($getid);
//We get the title and the narators of the discussion
$req1 = mysql_query('select title, user1, user2 from pm where id="'.$id.'" and id2="1"');
$dn1 = mysql_fetch_array($req1);
//We check if the discussion exists
if(mysql_num_rows($req1)==1)
{
//We check if the user have the right to read this discussion
if($dn1['user1']==$_SESSION['userid'] or $dn1['user2']==$_SESSION['userid'])
{
//The discussion will be placed in read messages
if($dn1['user1']==$_SESSION['userid'])
{
        mysql_query('update pm set user1read="yes" where id="'.$id.'" and id2="1"');
        $user_partic = 2;
}
else
{
        mysql_query('update pm set user2read="yes" where id="'.$id.'" and id2="1"');
        $user_partic = 1;
}
//We get the list of the messages
$req2 = mysql_query('SELECT t1.timestamp, t1.message, t2.user_id as userid, t2.username, t2.user_avatar FROM pm t1, phpbb_users t2 WHERE t1.id="'.$id.'" AND t2.user_id=t1.user1 ORDER BY t1.id2');

//We check if the form has been sent
if(isset($getmessage) and ($getmessage)!='')
{
        $message = $getmessage;
        //We remove slashes depending on the configuration
        if(get_magic_quotes_gpc())
        {
                $message = stripslashes($message);
        }
        //We protect the variables
        $message = mysql_real_escape_string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
        //We send the message and we change the status of the discussion to unread for the recipient
        if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"'))
        {
?>
<div class="message">Your message has successfully been sent.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
        }
        else
        {
?>
<div class="message">An error occurred while sending the message.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
        }
}
else
{
//We display the messages
?>
<div class="content">
<h1><?php echo $dn1['title']; ?></h1>
<table class="messages_table">
        <tr>
        <th class="author">User</th>
        <th>Message</th>
    </tr>
<?php
while($dn2 = mysql_fetch_array($req2))
{
?>
        <tr>
        <td class="author center"><?php
if($dn2['avatar']!='')
{
        echo '<img src="'.htmlentities($dn2['avatar']).'" alt="Image Perso" style="max-width:100px;max-height:100px;" />';
}
?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['username']; ?></a></td>
        <td class="left"><div class="date">Sent: <?php echo date('m/d/Y H:i:s' ,$dn2['timestamp']); ?></div>
        <?php echo $dn2['message']; ?></td>
    </tr>
<?php
}
//We display the reply form
?>
</table><br />
<h2>Reply</h2>
<div class="center">
    <form action="read_pm.php?id=<?php echo $id; ?>" method="post">
        <label for="message" class="center">Message</label><br />
        <textarea cols="40" rows="5" name="message" id="message"></textarea><br />
        <input type="submit" value="Send" />
    </form>
</div>
</div>
<?php
}
}
else
{
        echo '<div class="message">You dont have the rights to access this page.</div>';
}
}
else
{
        echo '<div class="message">This discussion does not exists.</div>';
}
}
else
{
        echo '<div class="message">The discussion ID is not defined.</div>';
}
}
else
{
        echo '<div class="message">You must be logged to access this page.</div>';
}
?>
                <div class="foot"><a href="list_pm.php">Go to my Personal messages</a> - <a href="http://www.webestools.com/">Webestools</a></div>
        </body>
</html>

任何帮助表示感谢。

0 个答案:

没有答案