Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('config.php');
- include('functions.php');
- session_start();
- menu();
- if (isset($_SESSION['user'])) {
- if (isset($_POST['sendpm'])) {
- /*if (empty($_POST['touser'])) {
- echo 'Please fill in the user!';
- exit();
- }
- if (empty($_POST['subject'])) {
- echo 'Please fill in the subject!';
- exit();
- }
- if (empty($_POST['message'])) {
- echo 'Please fill in the boxes!';
- exit();
- }*/
- $clean['touser'] = clean($_POST['touser']);
- $clean['subject'] = clean($_POST['subject']);
- $clean['message'] = clean($_POST['message']);
- //insertPM($clean['touser'], $clean['subject'], $clean['message']);
- $touser = $clean['touser'];
- $subject = $clean['subject'];
- $message = $clean['message'];
- $fromuser = $_SESSION['username'];
- $time = time();
- $sql = "INSERT INTO `pms` (`id`,`touser`,`fromuser`,`subject`,`message`,`read`,`deleted`,`datesent`) VALUES (NULL, '$touser',
- '$fromuser', '$subject', '$message', '0', '0','$time')";
- mysql_query($sql) or die(mysql_error());
- echo "PM Sent!";
- }else {
- $form = '<form method="POST" action="'.$_SERVER['PHP_SELF'].'" name="sendpm">';
- $form .= '<table><tr><td>';
- $form .= 'To Username';
- $form .= '</td><td>';
- $form .= '<input type="text" name="touser" id="touser" />';
- $form .= '</td></tr><tr><td>';
- $form .= 'Subject';
- $form .= '</td><td>';
- $form .= '<input type="text" name="subject" id="subject" />';
- $form .= '</td></tr><tr><td>';
- $form .= 'Message';
- $form .= '</td><td>';
- $form .= '<textarea name="message" cols="60" rows="10" id="message"></textarea>';
- $form .= '</td></tr><tr>';
- $form .= '<td colspan="2">';
- $form .= '<input type="submit" value="Send PM" />';
- $form .= '</td></tr></table></form>';
- echo $form;
- }
- } else {
- echo "You are not logged in!";
- }
- copyright();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement