PageRenderTime 43ms CodeModel.GetById 21ms RepoModel.GetById 1ms app.codeStats 0ms

/mybookbag/contact.php

https://bitbucket.org/s2223902/mybookbag
PHP | 178 lines | 176 code | 2 blank | 0 comment | 1 complexity | 30441cd7078a4cf438d0f790b9a94640 MD5 | raw file
    

  1. <?php
    2. 

  2. session_start();
    3. 

  3. include('db_connection.php');
    4. 

  4. include('functions.php');
    5. 

  5. 

  6. 

  7. ?>
    8. 

  8. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    9. 

  9. <html xmlns="http://www.w3.org/1999/xhtml">
    10. 

  10.     <head>
    11. 

  11.         <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    12. 

  12. 		<link href="css/toolbar.css" rel="stylesheet" type="text/css" />
    13. 

  13. 		<link href='http://fonts.googleapis.com/css?family=Varela+Round' rel='stylesheet' type='text/css'>
    14. 

  14. 		<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
    15. 

  15. 		<link rel="stylesheet" href="css/formstyles.css" type="text/css" />
    16. 

  16. 		<script type="text/javascript" src="js/Placeholders.js"></script>
    17. 

  17. 		<script type="text/javascript">
    18. 

  18. 			Placeholders.init({
    19. 

  19. 			live: true,
    20. 

  20. 			hideOnFocus: true});
    21. 

  21. 		</script>
    22. 

  22.         <title><?php echo $_SESSION['username'];?>'s Admin Contact</title>
    23. 

  23.     </head>
    24. 

  24.     <body>
    25. 

  25.         
    26. 

  26. <div id="carbonForm2">
    27. 

  27. <div id="logo2">
    28. 

  28. 		<img src="img/logo.png" />
    29. 

  29. 		<p>Welcome <b><?php echo $_SESSION['username'];?></b></p>
    30. 

  30. 	</div>
    31. 

  31. 	<ul id="nav">
    32. 

  32. 	<li><a href="page.php">Home</a></li>
    33. 

  33. 	<li><a href="mybooks.php">MyBookBag</a>
    34. 

  34. 		<ul>
    35. 

  35. 			<li><a href="mybooks.php">My Books</a></li>
    36. 

  36. 			<li><a href="myebooks.php">My eBooks</a></li>
    37. 

  37. 			<li><a href="myjournals.php">My journals</a></li>
    38. 

  38. 			<li><a href="adddoc.php">Add Books</a></li>
    39. 

  39. 		</ul>
    40. 

  40. 	</li>
    41. 

  41. 	<li><a href="friends.php">My Friends</a>
    42. 

  42. 		<ul>
    43. 

  43. 			<li><a href="friends.php">My Friends</a></li>
    44. 

  44. 			<li><a href="messages.php">Messages (<?php echo checkMessages();?>)</a></li>
    45. 

  45. 			<li><a href="addfriend.php">Add friends</a></li>
    46. 

  46. 			<li><a href="requests.php">Friend Requests</a></li>
    47. 

  47. 		</ul>
    48. 

  48. 	</li>
    49. 

  49. 	
    50. 

  50. 	<li><a href="settings.php">Settings</a>
    51. 

  51. 		<ul>
    52. 

  52. 		<li><a href="passreset.php">Change Password</a></li>
    53. 

  53. 		</ul>
    54. 

  54. 		</li>
    55. 

  55. 	<li class="current"><a href="contact.php">Contact</a></li>
    56. 

  56. 	<li><a href="logout.php">Log Out</a></li>
    57. 

  57. 	</ul>
    58. 

  58. 	<div class="fieldContainer">
    59. 

  59. <?php
    60. 

  60. 

  61. //We check if the user is logged
    62. 

  62. if(isset($_SESSION['username']))
    63. 

  63. {
    64. 

  64. $form = true;
    65. 

  65. $otitle = '';
    66. 

  66. $omessage = '';
    67. 

  67. 

  68. if(isset($_POST['title'], $_POST['message']))
    69. 

  69. {
    70. 

  70.         $otitle = $_POST['title'];
    71. 

  71.         $omessage = $_POST['message'];
    72. 

  72.         //We remove slashes depending on the configuration
    73. 

  73.         if(get_magic_quotes_gpc())
    74. 

  74.         {
    75. 

  75.                 $otitle = stripslashes($otitle);
    76. 

  76.                 
    77. 

  77.                 $omessage = stripslashes($omessage);
    78. 

  78.         }
    79. 

  79.         //We check if all the fields are filled
    80. 

  80.         if($_POST['title']!='' and $_POST['message']!='')
    81. 

  81.         {
    82. 

  82.                 //We protect the variables
    83. 

  83.                 $title = mysql_real_escape_string($otitle);
    84. 

  84. 				$message = mysql_real_escape_string(nl2br(htmlentities($omessage, ENT_QUOTES, 'UTF-8')));
    85. 

  85.                 //We check if Admin exists
    86. 

  86. 				$query = mysql_query('select count(id) as recip, id as recipid, (select count(*) from pm) as npm from users where username="Admin"') or die ("fetch".mysql_error());
    87. 

  87.                
    88. 

  88. 			   $dn1 = mysql_fetch_array($query) or die("fetch".mysql_error());
    89. 

  89.                 if($dn1['recip']==1)
    90. 

  90.                 {
    91. 

  91.                         //We check if the Admin is not the actual user
    92. 

  92.                         if($dn1['recipid']!=$_SESSION['id'])
    93. 

  93.                         {
    94. 

  94.                                 $id = $dn1['npm']+1;
    95. 

  95.                                 //We send the message
    96. 

  96.                                 if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['id'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no")')or die ("insertdata".mysql_error()))
    97. 

  97.                                 {
    98. 

  98. ?>
    99. 

  99. 

  100. 

  101. 

  102. 	<div class="message">The message has successfully been sent.<br />
    103. 

  103. 	<a href="messages.php">List of my Personal messages</a></div>
    104. 

  104. <?php
    105. 

  105.                                         $form = false;
    106. 

  106.                                 }
    107. 

  107.                                 else
    108. 

  108.                                 {
    109. 

  109.                                         //Otherwise, we say that an error occured
    110. 

  110.                                         $error = 'An error occurred while sending the message';
    111. 

  111.                                 }
    112. 

  112.                         }
    113. 

  113.                         else
    114. 

  114.                         {
    115. 

  115.                                 //Otherwise, we say the user cannot send a message to himself
    116. 

  116.                                 $error = 'You cannot send a message to yourself.';
    117. 

  117.                         }
    118. 

  118.                 }
    119. 

  119.                 else
    120. 

  120.                 {
    121. 

  121.                         //Otherwise, we say the recipient does not exists
    122. 

  122.                         $error = 'The recipient does not exist.';
    123. 

  123.                 }
    124. 

  124.         }
    125. 

  125.         else
    126. 

  126.         {
    127. 

  127.                 //Otherwise, we say a field is empty
    128. 

  128.                 $error = 'A field is empty. Please fill of the fields.';
    129. 

  129.         }
    130. 

  130. }
    131. 

  131. elseif(isset($_GET['recip']))
    132. 

  132. {
    133. 

  133.         //We get the username for the recipient if available
    134. 

  134.         $orecip = $_GET['recip'];
    135. 

  135. }
    136. 

  136. if($form)
    137. 

  137. {
    138. 

  138. //We display a message if necessary
    139. 

  139. if(isset($error))
    140. 

  140. {
    141. 

  141.         echo '<div class="message">'.$error.'</div>';
    142. 

  142. }
    143. 

  143. //We display the form
    144. 

  144. ?>
    145. 

  145. <div class="content">
    146. 

  146.         <h1>New Personal Message</h1>
    147. 

  147.     <form action="contact.php" method="post">
    148. 

  148.                 Please fill the following form to send a message to the Admin<br />
    149. 

  149. 		<div class="formRow">
    150. 

  150.         <div class="field">
    151. 

  151.         <input type="text" value="<?php echo htmlentities($otitle, ENT_QUOTES, 'UTF-8'); ?>" id="title" name="title" placeholder="Title" /><br />
    152. 

  152. 		</div>
    153. 

  153.         </div>
    154. 

  154. 		<div class="formRow">
    155. 

  155.         <div class="field">
    156. 

  156.         <textarea cols="40" rows="5" id="message" name="message" placeholder="Message"><?php echo htmlentities($omessage, ENT_QUOTES, 'UTF-8'); ?></textarea><br />
    157. 

  157. 		</div>
    158. 

  158.         </div>
    159. 

  159.         	<div class="formRow">
    160. 

  160.         <div class="field">
    161. 

  161.         <br/><input type="submit" id="submit" value="Send" />
    162. 

  162. 		</div>
    163. 

  163.         </div>
    164. 

  164.     </form>
    165. 

  165. </div>
    166. 

  166. </div>
    167. 

  167. </div>
    168. 

  168. <?php
    169. 

  169. }
    170. 

  170. }
    171. 

  171. else
    172. 

  172. {
    173. 

  173.         echo '<div class="message">You must be logged to access this page.</div>';
    174. 

  174. }
    175. 

  175. ?>
    176. 

  176.                
    177. 

  177.         </body>
    178. 

  178. </html>
    179.