-
Notifications
You must be signed in to change notification settings - Fork 0
/
read_message.php
120 lines (116 loc) · 5.45 KB
/
read_message.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<?php
session_start();
include 'DBCommunication.php';
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Read message</title>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache">
<meta HTTP-EQUIV="Expires" CONTENT="-1">
<link rel="stylesheet" type="text/css" href="style.css"/>
</head>
<body>
<div id="container">
<div id="header">
<img src="images/logo.png" alt="logo"/>
<div id="form">
<h2>Search our database:</h2>
<form action="search.php" method="get">
<label for="search">Enter your search term</label>
<input type="text" name="search" id="search" value="<?php
if (isset($_GET['search'])) echo $_GET['search']; ?>">
<input type="submit" name="Search" value="Search">
</form>
</div>
<a id='post' href='post.php'><img src="images/post.png" alt="post" title='post'/></a>
</div>
<div id="menu">
<a href='#'>Advanced Search</a>
<a href='#'>Contact Us</a>
<?php
if(isset($_SESSION['username']))
{
$username = $_SESSION['username'];
echo "You are logged in as " . $username . " ";
echo "<a href='logout.php'>Log Out</a>";
}
else
{
echo "<a href='register.php'>Sign Up</a> ";
echo "<a href='login.php'>Log In</a>";
}
?>
</div>
<div id="content">
<?php
// Check if the user is logged in
if(!isset($_SESSION['user_id']))
{
echo "You need to log in first!";
header( "refresh:3;url=login.php" );
}
else
{
// Check who is logged in
$user_id = $_SESSION['user_id'];
// Get the message id that the user wishes to open
$message_id = $_GET['message_id'];
try {
// Establishing a connection to the database
$conn = new DBCommunication();
// Query to get a message
$query = "SELECT * FROM whwp_Message WHERE :user_id = message_recipient ";
$conn->prepQuery($query);
$conn->bind('user_id',$user_id);
$message = $conn->single();
//$sender_id = $message -> receiver_id;
// Check if the specified message belongs to the logged in user
//if($user_id == $sender_id)
//{
$sender_id = $message->message_sender;
// Query to get the sender's username.
$query = "SELECT user_firstname FROM whwp_User WHERE user_id = :user";
$conn->prepQuery($query);
$conn->bind('user',$sender_id);
$resultset = $conn->single();
// Get and output all the details.
$sender = $resultset->user_firstname;
$title = $message->message_subject;
$message_text = $message->message_content;
$date = $message->message_date;
//$sent = $message -> seen;
echo "From: " . $sender . "        ";
echo "Time sent: " . $date . "<br/>";
echo $title . "<br/>";
echo $message_text;
// Mark the message as seen
// $query3 = "UPDATE message SET seen = 'y' WHERE message_id = :message_id";
// $prepared_statement3 = $conn -> prepare($query3);
// $prepared_statement3 -> bindValue(':message_id', $message_id);
// $prepared_statement3 -> execute();
// // If no such message (invalid ID) then redirect the user
// $count = $prepared_statement -> rowCount();
// if($count == 0)
// {
// header('Location: messages.php');
// }
//}
// If message belongs to another user (not logged in), redirect the user.
// else
// {
// header('Location: messages.php');
// }
}
catch (PDOException $e){
echo 'Something went wrong.';
}
}
?>
</div>
<div id="footer">
</div>
</div>
</body>
</html>