Delete Received Private Message for Search and Match Users
- Register Group with Captcha
- View Group Profile
- Edit Group Profile
- MC (Microcommunity) Search and Match
- MC (Microcommunity) Search and Match — Security
- MC (Microcommunity) Search and Match — JavaScript
- MC (Microcommunity) Search and Match — Form
- MC (Microcommunity) Search and Match — PHP
- MC Questionnaire
- Microcommunity (MC) Registration Script — Enter Questionnaire Data in Database
- MC Search and Match Profile and Account Management
- Login to MC Search and Match Profile and Account Management
- Logout of MC Search and Match Profile and Account Management
- MC Questionnaire Login
- MC Questionnaire Info
- Delete Group Account
- Forgot User Name
- Forgot Password
- Form to Send Private Message
- Send Private Message
- Private Message Outbox
- Private Message Inbox
- Delete Private Message from Inbox
- Delete Private Message from Outbox
- Private Message Logout
- Private Message Session Monitoring
- MC (Microcommunity) Search and Match Session Monitoring
- Configure File for Database Connection
- Captcha Script for Registration and Login
This script is called message-delete-received.php
First, we use the check-id.php script to ensure that the session id variable is set, and send the user to Login to MC Search and Match Profile and Account Management if it is not. Then we put the session variable 'username' into $U—we will be checking that it is set in a second. Then we define a named constant '_NODIRECTACCESS'. We include the config.php file (in the includes folder) which uses the PHP defined() function to check on this constant. If it is not set, we are thrown out of the config.php file like yesterday's trash.
Next we check if the session variables 'groupname', 'username', and 'userid' are set. If not, we are sent to the login-to-mc.php script. We make sure $U is still equal to the session variable 'username', that it is not an empty string, and that it's at least 6 characters long or . . . you guessed it . . . the login script. We make sure the session id is set and send them away if not.
Next we have the getgroup() function. The user's id is put into $touser early on, then when the display table needs it, it is put into $us and this function is run, which uses the id to get the user's groupname, which in turn is displayed in the display table after "Messages to:".
A result set is put into $sql of a query of the MySQL privatemessages table in which all messages to this user are grabbed and the results are in descending order of the datesent field. These results have the needed data, in the needed order for displaying the user's inbox messages.
After a bit of browser sniffing and display tweaking using DHTML, we hop by the unused JavaScript textCounter() function and get to the JavaScript readit() function. It puts the value of the variable clicked into the hidden field clickedid in the undisplayed form MyForm and submits the form. Why? This is a perfect example of PHP and JavaScript worked together intimately to accomplish what neither can do alone. Check this out:
echo "<td><a href='#' onclick='clicked=".$id.",readit()'>Delete</a></td>";
There is an HTML link around the word Delete next to each Inbox record in the display table. The link runs the JavaScript function readit() as well as loading the user's id into the JavaScript variable clicked. So "clickedid" is the name of the hidden field in MyForm that gets the value of the user's id which it found in the variable clicked, which was loaded from the onclick event in the table display of the messages which did the variable loading before running readit(). When readit() submits MyForm, the page is reloaded and the value of the hidden field 'clickedid' is POSTed to the PHP variable $clickedid. This causes the privatemessages table to be updated so that the deleted field is now a '1'. Then when the results set from privatemessages is loaded from the table, messages with deleted='1' will be skipped, since the SQL statements ask only for records where deleted='0'. This way the "deleted" messages are preserved even though they are never shown—a good security precaution.
Now to the inbox displaying. Check out the display table caption:
<caption><b>Messages to: <?php $us=$touser;getgroup($us);
echo $gr; ?></b></caption>
HTML doesn't seem to mind if PHP function calls and echo statements are done right in the middle of its displaying. Then, returning to a PHP block, the mysql_fetch_array() function grabs the sorted results set we earlier stuck into $sql and gets one row/record at a time and displays the contents onscreen. The htmlentities() and stripslashes() functions make the data safe to display. We use the PHP date() function, which formats a local time/date. The function returns a string formatted according to the format string in the parameters. Our chosen format string is 'Y/m/d'.
The script below is called: message-delete-received.php
<?php
include_once"check-id.php";
$U=$_SESSION['username'];
define('_NODIRECTACCESS', TRUE);
include_once"includes/config.php";
if (!isset($_SESSION['groupname']) || !isset($_SESSION['userid']) || !isset($_SESSION['username']) || $_SESSION['username']<>$U || !isset($U) || $U=="" || strlen($U)<6 || !isset($_SESSION['sessionid'])){echo '<script language="javascript">alert("Please login."); window.location = "login-to-mc.php";</script>';}
function getgroup($us){
global $us,$gr;
$Q = mysql_query("SELECT groupname FROM mc_members WHERE id = '$us' LIMIT 1") or die(mysql_error());
$row=mysql_fetch_assoc($Q);
$gr=$row['groupname'];}
// message-delete-received.php
$touser = $_SESSION['userid'];
$clickedid = $_POST['clickedid'];
if (isset($clickedid)){$sql = mysql_query("UPDATE privatemessages SET deleted='1' WHERE id='$clickedid'");unset($clickedid);}
$sql = mysql_query("SELECT * FROM privatemessages WHERE touser = '$touser' AND deleted = '0' ORDER BY datesent DESC");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Delete a Received Private Message</TITLE>
<meta name="description" content="Delete a Received Private Message">
<meta name="keywords" content="Delete a Received Private Message,Private Messaging,Private Message,php,javascript, dhtml, DHTML">
<script language="javascript">
mactest=(navigator.userAgent.indexOf("Mac")!=-1) //My browser sniffers
Netscape=(navigator.appName.indexOf("Netscape") != -1)
msafari=(navigator.userAgent.indexOf("Safari")!= -1)
wsafari=0; if(!mactest&&msafari){wsafari=1;msafari=0}
is_opera = 0; if(window.opera){is_opera=1}
is_ie_mac = 0; is_ie=0;if(document.all){is_ie=1}
function fixwidth(){if(Netscape||is_opera){e=document.getElementById('box');e.style.width='822px';e=document.getElementById('menu');e.style.width='116px';e=document.getElementById('table1');e.style.width='820px';}}
function textCounter(field, countfield, maxlimit) {
if (field.value.length > maxlimit){field.value = field.value.substring(0, maxlimit);}
else{countfield.value = maxlimit - field.value.length;}}
var clicked=0;
function readit(){
document.MyForm.clickedid.value=clicked;
document.MyForm.submit();}
</script>
<STYLE TYPE="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-color:#ccc}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
#box {background-color:#eee;position:absolute;top:50px;left:150px;width:830px;padding:10px;
border:2px solid blue}
#table1 {width:824px;border:1px solid blue;text-align:center;table-layout:auto}
#menu {background-color:#eee;position:absolute;top:50px;left:0px;width:130px;padding:5px;
border:2px solid blue}
.ie {width:80px;word-wrap:break-word;}
.ie2 {width:150px;max-width:150px;min-width:150px;word-wrap:break-word;}
.ie4 {width:820px;max-width:820px;word-wrap:break-word;}
</STYLE>
</head>
<body onload="fixwidth()">
<h1>Delete a Received Private Message</h1>
<div id='menu'>
<a HREF="send-message-form.php">Send Message</a><BR><BR>
<a HREF="message-inbox.php">Message Inbox</a><BR><BR>
<a HREF="message-outbox.php">Message Outbox</a><BR><BR>
<a HREF="message-delete-received.php">Delete Inbox<BR>Message</a><BR><BR>
<a HREF="message-delete-sent.php">Delete Outbox<BR>Message</a><BR><BR>
<a HREF="login-to-mc.php">Login</a><BR><BR>
<a HREF="message-logout.php">Logout</a><BR><BR>
<a HREF="register-for-mc.php">Account Management</a>
</div>
<div id='box'>
<table id='table1' border='1'>
<caption><b>Messages to: <?php $us=$touser;getgroup($us);echo $gr; ?></b> — (Click Delete link to indicate you want to trash the message.)</caption>
<tr><th>From</th><th>Subject</th><th>Date</th><th>Status</th>
<th>Message</th></tr>
<?php
while($rows=mysql_fetch_array($sql)){
if($rows['readit']=="0"){$read="notread.gif";}else{$read="read.gif";}
$sent=stripslashes($rows['datesent']);
$id=$rows['id'];
$us=htmlentities(stripslashes($rows['fromuser']), ENT_QUOTES);
getgroup($us);
echo "<tr><td class='ie'>".$gr."</td>";
echo "<td class='ie2'>".htmlentities(stripslashes($rows['subject']), ENT_QUOTES)."</td>";
echo "<td>".date('Y/m/d',$sent)."</td>";
echo "<td><a href='#' onclick='clicked=".$id.",readit()'>Delete</a></td>";
echo "<td class='ie4'>".htmlentities(stripslashes($rows['message']), ENT_QUOTES)."</td></tr>";
}
mysql_close();
?>
</table>
<form name="MyForm" method="POST" action="message-delete-received.php">
<input type="hidden" name="clickedid" value=" ">
</form>
</body>
</html>