messages.php
The last of the main modules is Example 21-11,
messages.php. The program starts by
checking whether a message has been posted in the POST variable 'text'. If so, it is inserted into the messages table. At the same time, the value of
'pm' is also stored. This indicates
whether a message is private or public: a 0 represents a public message and 1 is private.
Next, the user’s profile and a form for entering a message are displayed, along with radio buttons to choose between sending a private or public message. After this, all the messages are shown: if they are public, all users can see them, but private messages are visible only to the sender and recipient. This is all handled by a couple of queries to the MySQL database. Additionally, when a message is private, it is introduced by the word “whispered” and shown in italic.
Finally, the program displays a couple of links to refresh the
messages (in case another user has posted one in the meantime) and to view
the user’s friends. The trick using the variables $name1 and $name2 is again used so that when a user views
his own profile the word Your is displayed instead of
the username.
You can see the result of viewing this program with a browser in Figure 21-7. Note how users viewing their own messages are provided with links to erase any they don’t want to preserve.
<?php // messages.php
include_once 'header.php';
if (!$loggedin) die();
if (isset($_GET['view'])) $view = sanitizeString($_GET['view']);
else $view = $user;
if (isset($_POST['text']))
{
$text = sanitizeString($_POST['text']);
if ($text != "")
{
$pm = substr(sanitizeString($_POST['pm']),0,1);
$time = time();
queryMysql("INSERT INTO messages VALUES(NULL, '$user',
'$view', '$pm', $time, '$text')");
}
}
if ($view != "")
{
if ($view == $user) $name1 = $name2 = "Your";
else
{
$name1 = "<a href='members.php?view=$view'>$view</a>'s";
$name2 = "$view's";
}
echo "<div class='main'><h3>$name1 Messages</h3>";
showProfile($view);
echo <<<_END
<form method='post' action='messages.php?view=$view'>
Type here to leave a message:<br />
<textarea name='text' cols='40' rows='3'></textarea><br />
Public<input type='radio' name='pm' value='0' checked='checked' />
Private<input type='radio' name='pm' value='1' />
<input type='submit' value='Post Message' /></form><br />
_END;
if (isset($_GET['erase']))
{
$erase = sanitizeString($_GET['erase']);
queryMysql("DELETE FROM messages WHERE id=$erase AND recip='$user'");
}
$query = "SELECT * FROM messages WHERE recip='$view' ORDER BY time DESC";
$result = queryMysql($query);
$num = mysql_num_rows($result);
for ($j = 0 ; $j < $num ; ++$j)
{
$row = mysql_fetch_row($result);
if ($row[3] == 0 || $row[1] == $user || $row[2] == $user)
{
echo date('M jS \'y g:ia:', $row[4]);
echo " <a href='messages.php?view=$row[1]'>$row[1]</a> ";
if ($row[3] == 0)
echo "wrote: "$row[5]" ";
else echo "whispered: <span class='whisper'>" .
""$row[5]"</span> ";
if ($row[2] == $user)
echo "[<a href='messages.php?view=$view" .
"&erase=$row[0]'>erase</a>]";
echo "<br />";
}
}
}
if (!$num) echo "<br /><span class='info'>No messages yet</span><br /><br />";
echo "<br /><a class='button' href='messages.php?view=$view'>Refresh messages</a>".
"<a class='button' href='friends.php?view=$view'>View $name2 friends</a>";?>
</div><br /></body></html>