Page 1 of 1
stuck with PM's
Posted: Sat Jan 17, 2009 10:47 pm
by gaijin
Hi guys and girls,
I am new here.. Mike is the name/
I am working on my site and all works nicely.. BUT.. I have a message system inherited in my script and try to make a warning message when new messages come on, and I cant work it out at all.
Can someone tell me how to do this perhaps?
This picture is of my table for the messages, I think that the trick to display when there are messages marked as unread..

Re: stuck with PM's
Posted: Sat Jan 17, 2009 11:01 pm
by Christopher
Have you tried a query for msg_read='No' to see if that is what you want?
Re: stuck with PM's
Posted: Sat Jan 17, 2009 11:02 pm
by it2051229
you want to display if there is a new message? yup, set the msg_read field as unread when inserting a new message into the database.
Re: stuck with PM's
Posted: Sat Jan 17, 2009 11:34 pm
by gaijin
i did that,
But I have no idea how to grab the info and display it.
I do graphics mostly... I can manage the script fine and all, but adding this PM notification seems beyond me.
Re: stuck with PM's
Posted: Sun Jan 18, 2009 12:59 am
by gaijin
Where I go wrong is this,
I know the table to use and all , but there are lots of users...
How can I make sure that user id 3 gets a warning on the screen saying he has 3 messages ...
Sorry all, I feel thick..
Re: stuck with PM's
Posted: Sun Jan 18, 2009 1:41 am
by RobertGonzalez
Select all PMs where the userid is that of the currently logged in user AND the message read flag is set to No.
Re: stuck with PM's
Posted: Sun Jan 18, 2009 2:00 am
by gaijin
Could you show me an example?
Re: stuck with PM's
Posted: Sun Jan 18, 2009 3:39 am
by it2051229
let me guess.. you don't know SQL statements?
Re: stuck with PM's
Posted: Sun Jan 18, 2009 1:57 pm
by Burrito
gaijin wrote:Could you show me an example?
Code: Select all
$query = "SELECT * FROM `pmTable` WHERE `userIdField` = '".$_SESSION['uid']."' AND `msg_read` = 'no'";
Re: stuck with PM's
Posted: Sun Jan 18, 2009 2:53 pm
by jaoudestudios
Burrito wrote:gaijin wrote:Could you show me an example?
Code: Select all
$query = "SELECT * FROM `pmTable` WHERE `userIdField` = '".$_SESSION['uid']."' AND `msg_read` = 'no'";
Burrito has kindly shown you an example, but dont stop there, do some research and read around the subject as the above query is not protected against sql injection
Re: stuck with PM's
Posted: Sun Jan 18, 2009 5:36 pm
by RobertGonzalez
Can you show an example of how you would inject anything into a session variable in the case of that query? I am interested in seeing how that particular query is susceptible to injection attack.
Re: stuck with PM's
Posted: Mon Jan 19, 2009 1:42 pm
by jaoudestudios
Everah wrote:Can you show an example of how you would inject anything into a session variable in the case of that query? I am interested in seeing how that particular query is susceptible to injection attack.
hahaha
