Code: Select all
} else if ($action=='msgc') {
if (is_null($suser)) {
echo "You are not logged in.";
} else {
echo "<a href="index.php?action=msgcs">Send PM</a><P><a href="index.php?action=msgcr">Read PM's</a>";
}
} else if ($action='msgcs') {
if (is_null($suser)) {
echo "You are not logged in.";
} else {
?>
<center>
<form method="POST" action="index.php?action=msgcsf">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="70%" id="AutoNumber1">
<tr>
<td width="50%" align="right">To (username):</td>
<td width="50%"><input type="text" name="to" size="15" maxlength="15"></td>
</tr>
<tr>
<td width="50%" align="right">Message:</td>
<td width="50%">
<textarea rows="3" name="message" cols="50" maxlength="255"></textarea>
<p>
</td>
</tr>
</table>
<input type="submit" value="Submit" name="submit">
</form></center>
<?php
}
} else if ($action=='msgcsf') {
if (is_null($suser)) {
echo "You are not logged in.";
} else {
$to=$_POST['to'];
$message=$_POST['message'];
$date=date("F j Y");
$link = mysql_connect("localhost", "root", "")
or die("Could not connect");
mysql_select_db("stormst_sspp")
or exit("Could not select database");
$result=mysql_query("select user from sspp WHERE user='$user'");
if (mysql_num_rows($result)==0) {
$query="INSERT INTO pm
(id, toid,fromid,date,message)
VALUES
('','$to','$suser','$date','$message') ";
$result=mysql_query($query) or die(mysql_error());
echo "Private Message sent.";
}