R
E
S
O
U
R
C
E
S
       Home      Products & Services      Contact Us      Links


WebHatchers will design & develop your site for you.
_______________________

Website Menu Heaven: menus, buttons, etc.
_______________________

Send us your questions.
_______________________

site search by freefind
_______________________

HOME
SEO, Google, Privacy
   and Anonymity
Browser Insanity
JavaScript
Popups and Tooltips
Free Website Search
HTML Form Creator
Animation
Buttons and Menus
Counters
Captchas
Image Uploading
CSS and HTML
PHP
AJAX
XPATH
Website Poll
IM and Texting
Databases—MySQL
   or Not MySQL
Personal Status Boards
Content Management
   Systems
Article Content
   Management Systems
Website Directory
   CMS Systems
Photo Gallery CMS
Forum CMS
Blog CMS
Customer Records
   Management CMS
Address Book CMS
Private Messaging CMS
Chat Room CMS
JavaScript Charts
   and Graphs




Free Personal Status Boards (PSB™)

Free Standard Free PSB

Free PSB Pro Version

Free Social PSB

Free Social PSB Plus (with Email)

Free Business PSB

Free Business PSB Plus (with Email)

PSB demo

Social PSB demo

Business PSB demo

So what's all this PSB stuff about?

Chart comparing business status boards

PSB hosting diagram

PSB Licence Agreement



Copyright © 2002 -
MCS Investments, Inc. sitemap

PSBs, social networking, social evolution, microcommunities, personal status boards
PSBs, social networking, business personal status boards
website design, ecommerce solutions
website menus, buttons, image rotators
Ez-Architect, home design software
the magic carpet and the cement wall, children's adventure book
the squirrel valley railroad, model railroad videos, model train dvds
the deep rock railroad, model railroad videos, model train dvds

Chat Room Entry Processor

The chat room script below processes users' comments submitted in the chat room where they do their chatting.

On to the PHP code. As usual, we start with config.php, since without it, the MySQL-based app would not be viable. You cannot relate to a db without knowing the magic words. Then we GET the user comment (from the PHP script that sent us to this script, namely cms-chat-room.php), put it in the variable $chatter, and run the urldecode() function on it since we escaped the data before sending it in the URL query string (which will hold over 2000 characters), and this undoes the escaping. We GET the username into $U, the timed-out flag into $gone, the name of the user who you are (if you are) in a Private chat with into $priv_name, the fact of private or public into $priv_flag, and the concluding of the private status into $go_priv. Then we search this user's MySQL db table data for the entry counter and the screen name. We increment the entry field until the counter gets to 5, which sets it back to 0. This will be used to ensure that as comments enter the table fields, they replace the field data of the one with the oldest comment. This entry flag will be updated in the db later in this script.

Next, we use the substr() function to trim the entry to 252 characters, which gets done on the home page as well. Then, we use strip_tags() to dump any tags users tried to sneak in. We allow tags, but we make them use OUR tag syntax though, for security. Tags are needed to allow users to use emoticons and give users the ability to have links, email links, bold, underline, and italics in their comments. The chat room home page has instructions on custom tag use in the left margin.

In comments, you may use single or double quotes. For italics, starting and ending tags are (i-) and (ii-). For bold, use (b-) and (bb-). Underline is (u-) and (uu-). For links, use (l-) then domain without http://, then (ll-) then link text, then (lll-). For emails, use (e-) then email address with (ee-) instead of @, then (eee-) then subject, then (eeee-) then link text, then (eeeee-).

The PHP preg_replace() function is used in conjunction with a regular expression pattern, to filter the comment, dumping illegal characters. In relating to time, we use date_default_timezone_set('UTC') to set the time zone to Coordinated Universal Time, which is UTC. When we display times in the chat window, we use the UTC convention many other chat rooms like to use, since the chatters are likely to be from many different time zones, and what sense would it make to have a 10pm comment followed by a 7pm comment followed by a 9pm comment, if we could even determine which zone they were in? Giving everyone a UTC time gives consistancy and people learn to read only minutes and seconds and ignore the hours. We use $datetime=date("Y/m/d H:i:s") to get the time, throwing out the year, month, and day with a substr() function.

When the code below relates to tags, preg_replace() and regular expression patterns are again used to filter the data, but we take the custom tags they may have entered and turn them into real HTML tags. Then we escape the data with the mysql_real_escape_string() function to make it safe to save in the MySQL table. We need not use the htmlentities() function to make it safe to display since in this script, we store comments in the db, not display them on the screen. The actual display script is in an AJAX script in the home page code. We use the PHP switch() conditional statement for storing the comments in the proper table fields.

Then we update the "changed" table with the datetime of this new comment. Next we update the chatroommembers table with the new $entry value. Then, if the timed-out flag is set we update the user's logged_in field with a 0, meaning they'll have to go log in again, using the convenient onscreen link to do so. They get 320 seconds of inactivity before they're timed out, but if they want to watch the chat window and see public conversations, there's no time limit on that. Next, if the privacy flag is set, the user's record gets its priv_who field stuffed with the name of the intended private chat partner, and the user you want to go private with will get the priv_who field stuffed with your screen name and his/her priv_if field will get a 3 signifying s/he is about to be asked about the private chat with you.

The actual code logic whereby one user asks another if s/he wants to chat in private is handled by a combination of JavaScript flags, PHP flags, and db table field flag values. Flags get sent from one PHP script to another via the URL query string, never in the AJAX xmlhttp.responseText which would be nice to pull off—but too messy.

Save this file as php.php

<?php

include_once"config.php";

$chatter=$_GET['chatter'];
$chatter=urldecode($chatter);
$U=$_GET['u'];
$gone=$_GET['gone'];
$priv_name=$_GET['priv_name'];
$priv_flag=$_GET['priv_flag'];
$go_priv=$_GET['go_priv'];

$result = mysql_query("SELECT screen_name,entry FROM chatroommembers WHERE username='$U'") or die(mysql_error());
$row = mysql_fetch_array($result);$name=$row['screen_name'];$entry=$row['entry'];
$entry=$entry+1;if($entry==5){$entry=0;}

$chatter=substr($chatter,0,252);
$chatter = strip_tags($chatter);
$pattern2 = '/[^a-zA-Z0-9\\s\\.\\,\\!\\;\\-\\_\\"\\?\\047\\:\\(\\)]/i';
$chatter=preg_replace($pattern2, "", $chatter);
date_default_timezone_set('UTC');
$datetime=date("Y/m/d H:i:s");
$t=substr($datetime,11,8);

$pattern = '/\(i-\)/i';
$replacement = '<i>'; //turn any (i-)s into a <i>s to allow italics
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(ii-\)/i';
$replacement = '</i>'; //turn any (ii-)s into a </i>s to allow italics
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(b-\)/i';
$replacement = '<b>'; //turn any (b-)s into a <b>s to allow bold
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(bb-\)/i';
$replacement = '</b>'; //turn any (bb-)s into a </b>s to allow bold
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(u-\)/i';
$replacement = '<u>'; //turn any (u-)s into a <u>s to allow underline
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(uu-\)/i';
$replacement = '</u>'; //turn any (uu-)s into a </u>s to allow underline
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(p-\)/i';
$replacement = '<IMG SRC="emoticons/'; //turn any (p-)s into start of image tag to allow emoticon image
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(pp-\)/i';
$replacement = '" BORDER=0>'; //turn any (pp-)s into end of image tag to allow emoticon image
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(l-\)/i';
$replacement = '<a href="http://'; //turn any (l-)s into <http:// to allow link protocol
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(ll-\)/i';
$replacement = '">'; //turn any (ll-)s into "> to allow url
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(lll-\)/i';
$replacement = '</a>'; //turn any (lll-)s into </a> to link text
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(e-\)/i';
$replacement = '<a href="mailto:'; //turn any (e-)s into <a href="mailto: to allow link protocol
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(ee-\)/i';
$replacement = '@'; //turn any (ee-)s into @ to allow email @ sign
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(eee-\)/i';
$replacement = '?subject='; //turn any (eee-)s into ?subject= to allow email subject
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(eeee-\)/i';
$replacement = '">'; //turn any (eeee-)s into "> to allow email address
$chatter=preg_replace($pattern, $replacement, $chatter);
$pattern = '/\(eeeee-\)/i';
$replacement = '</a>'; //turn any (eeeee-)s into </a> to allow link text
$chatter=preg_replace($pattern, $replacement, $chatter);

$chatter=mysql_real_escape_string($chatter);

$x=$entry+1;

switch ($x)
{
case 1:
mysql_query("UPDATE chatroommembers SET chat0 = '$chatter', datetime0 = '$datetime' WHERE username='$U'") or die('Error ,saving failed');
break;
case 2:
mysql_query("UPDATE chatroommembers SET chat1 = '$chatter', datetime1 = '$datetime' WHERE username='$U'") or die('Error ,saving failed');
break;
case 3:
mysql_query("UPDATE chatroommembers SET chat2 = '$chatter', datetime2 = '$datetime' WHERE username='$U'") or die('Error ,saving failed');
break;
case 4:
mysql_query("UPDATE chatroommembers SET chat3 = '$chatter', datetime3 = '$datetime' WHERE username='$U'") or die('Error ,saving failed');
break;
case 5:
mysql_query("UPDATE chatroommembers SET chat4 = '$chatter', datetime4 = '$datetime' WHERE username='$U'") or die('Error ,saving failed');
break;
}

mysql_query("UPDATE changed SET date_changed = '$datetime' WHERE id='1'") or die('Error ,saving failed');

mysql_query("UPDATE chatroommembers SET entry = '$entry' WHERE username='$U'") or die('Error ,saving failed');

if ($gone==1){mysql_query("UPDATE chatroommembers SET logged_in = 0 WHERE username='$U'") or die('Error ,saving failed');}

if ($priv_flag==1){mysql_query("UPDATE chatroommembers SET priv_who = '$priv_name' WHERE username='$U'") or die('Error ,saving failed');}

if ($priv_flag==1){mysql_query("UPDATE chatroommembers SET priv_who = '$name',priv_if = '3' WHERE screen_name='$priv_name'") or die('Error ,saving failed');}

mysql_close();

?>