I have made a private message system in PHP. It kinda works, the write, send, read and reply works.
But there is one problem. If i press on a specific message that i want to read in my Inbox or Outbox, (dosent matter which), my page which should show just the specific message i press on, shows all messages in that inbox/outbox. It looks like this on my page ->
From:testing@l.seSubject:hello Message:Testing this.. From:testing@l.se Subject:hello Message: test From:testing@l.seSubject:hej Message: skicka :Reply
As you all can se, its all messages in a row. Edit: It messages that belongs to the right user. So its not messages that belongs to a diffrent user.
The sql for my messages are
id int(11) AI PK
from_user varchar(45)
to_user varchar(45)
subject varchar(400)
message text
date date
read tinyint(4)
I am fairly sure that my error should be somewhere here in
read.inc.php
<?php
$user = $_SESSION['username'];
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";
$stmt = $dbh->prepare($sql);
$stmt->execute();
?>
<?php
if ($stmt->rowCount() > 0){
echo "<table";
echo "<tr>";
while ($rows = $stmt->fetch(PDO::FETCH_ASSOC)){
$id = $rows['id'];
$to_user = $rows['to_user'];
echo "<td>";
?>
<?php
echo "<td>From:";
echo "</td>";
echo "<td>";
echo "".$from = $rows['from_user']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Subject:";
echo "<td>";
echo "<td>";
echo "".$subject = $rows['subject']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Message:";
echo "<td>";
echo "".$message = $rows['message']."";
echo "</td>";
echo "</tr>";
}
echo "<tr>";
echo "<td colspan='2'><a href='messages.php?
id=compose&mid=$id&subject=RE:$subject&to=$from'>Reply Message</a>
</td>";
echo "</tr>";
echo "</table>";
if ($to_user==$user) {
$stmt = $dbh->prepare("UPDATE `private_messages` SET `read`=1 WHERE
`id`=id");
$a = 1;
$stmt->bindParam(':1',$a);
$stmt->bindParam(':id',$id);
}
} else {
echo "You cant see the conversation..";
}
?>
I will also paste inbox and outbox if somone feels to look there to.
This is outbox.inc.php
<?php
$user = $_SESSION[ 'username' ];
$sql = "SELECT * FROM private_messages WHERE from_user = '$user'";
$stmt = $dbh->prepare( $sql );
$stmt->execute();
?>
<?php
if ( $stmt->rowCount() > 0 ) {
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
echo "<table>";
echo "<tr>";
echo "<td> ";
echo "</td>";
echo "<td>to: </td>";
echo "<td>subject: </td>";
echo "<td>Date: </td>";
echo "</tr>";
while ( $rows = $stmt->fetch( PDO::FETCH_ASSOC ) ) {
$id = $rows[ 'id' ];
?>
<?php
echo "<tr>";
echo "<td> </td>";
echo "<td>" . $from = $rows[ 'to_user' ] . "</td>";
echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject = $rows[
'subject' ] . "</a></td>";
echo "<td>" . $date = $rows[ 'date' ] . "</td>";
echo "<tr>";
}
}
else {
echo "<table> <tr align='left'> <td> </td> <td>to_user: </td><td>
Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not send a
message </th></tr></table>";
}
echo "</table>";
?>
</body>
</html>
And last my
inbox.inc.php
<?php
$user = $_SESSION[ 'username' ];
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";
$stmt = $dbh->prepare( $sql );
$stmt->bindValue( ':to_user', $_SESSION[ 'username' ], PDO::PARAM_INT );
$stmt->execute();
?>
<?php
if ( $stmt->rowCount() > 0 ) {
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
echo "<table>";
echo "<tr>";
echo "<td> ";
echo "</td>";
echo "<td>from_user: </td>";
echo "<td>subject: </td>";
echo "<td>Date: </td>";
echo "</tr>";
// om stmt är större än noll då finns de poster gör då detta
// skriv ut posterna med en while loop
while ( $rows = $stmt->fetch(PDO::FETCH_ASSOC)) {
$id = $rows['id'];
echo "<tr>";
echo "<td> </td>";
echo "<td>" . $from = $rows[ 'from_user' ] . "</td>";
echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject =
$rows[ 'subject'] . "</a></td>";
echo "<td>" . $date = $rows[ 'date' ] . "</td>";
echo "<tr>";
}
} else {
echo "<table> <tr align='left'> <td> </td> <td>from_user: </td>
<td> Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not
recive a message </th></tr></table>";
}
echo "</table>";
?>
</body>
</html>
Lots of code here, sorry for that.
/best regards Robert