Up until now, I've succeed to follow the tutorial until the new conversation part where when i try to post to unknown or non-existing user, the message "The following user could not be found" won't appear. There are many errors message I've got.Now I'm really stuck and could you or anyone help me? I really appreciate your help =) Here I include my code
index.php
<?php
include('core/init.inc.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html versions:-//w3c//DTD XHTML 1.1//EN" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="ext/css/main.css" />
<title>private Message</title>
</head>
<body>
<div id="wrap">
<?php
include($include_file);
?>
</div>
</body>
</html>
new_conversation.page.inc.php<?php
if (isset($_POST['to'], $_POST['subject'], $_POST['body'])){
$errors = array();
echo mysql_error();
if(empty($_POST['to'])){
$errors[] = 'you must enter at least one name.';
} else if (preg_match('%^[a-z, ]+$%i', $_POST['to']) === 0){
$errors[] = 'the list of names you gave does not look valid.';
}else{
$user_names = explode(',', $_POST['to']);
foreach ($user_name as &$name){
$name = trim($name);
}
$user_ids = fetch_user_ids($user_names);
if (count($user_ids) !== count($user_names)){
$errors[] = 'the following user could not be found: '. implode(', ', array_diff($user_names, array_keys($user_ids)));
}
}
if(empty($_POST['subject'])){
$errors[] = 'you must enter subject.';
}
if(empty($_POST['body'])){
$errors[] = 'you must enter body.';
}
if(empty($errors)){
//
}
}
if (isset($errors)){
if (empty($errors)){
echo '<div class="msg success">Your message has been sent
<a href="index.php?page=inbox"> Return to your inbox </a></div>';
} else {
foreach ($errors as $error){
echo '<div class="msg error">', $error, '</div>';
}
}
}
?>
<form action="" method="post">
<div>
<label for="to">To</label>
<input type="text" name="to" id="to" value="<?php if (isset($_POST['to'])) echo htmlentities($_POST['to']); ?>"/>
</div>
<div>
<label for="subject">Subject</label>
<input type="text" name="subject" id="subject" value="<?php if (isset($_POST['subject'])) echo htmlentities($_POST['subject']); ?>" />
</div>
<div>
<textarea name="body" rows="20" cols="110"><?php if (isset($_POST['body'])) echo htmlentities($_POST['body']); ?></textarea>
</div>
<div>
<input type="submit" value="Send" />
</div>
</form>
user.inc.php<?php
//check username and password combination
function validate_credentials($user_name, $user_password){
$user_name = mysql_real_escape_string($user_name);
$user_password = sha1($user_password);
$result = mysql_query("SELECT user_id FROM users WHERE user_name = '$user_name' AND user_password = '$user_password' ");
echo mysql_error();
if (mysql_num_rows($result) != 1){
return false;
}
return mysql_result($result, 0);
}
function fetch_user_ids($user_names){
foreach ($user_names as &$name){
$name = mysql_real_escape_string($name);
}
$result = mysql_query("SELECT user_id, user_name FROM user WHERE user_name IN ('" . implode("','", $user_names) . "')");
$names = array();
while (($row = mysql_fetch_assoc($result)) !== false){
$name[$row['user_name']] = $row['user_id'];
}
return $names;
}
?>
inbox.page.inc.php
<div class="actions">
<p> Welcome..</p>
<a href="index.php?page=new_conversation">New conversation</a>
<a href="index.php?page=logout">Logout</a>
</div>
init.inc.php<?php
$core_path = dirname(__FILE__);
if (empty($_GET['page']) || in_array("{$_GET['page']}.page.inc.php",scandir("{$core_path}/pages")) == false){
header('HTTP/1.1 404 Not Found');
header('Location: index.php?page=inbox');
die();
}
session_start();
mysql_connect("localhost","root","") or die ("Couldn't connect!");
mysql_select_db("private_message_system") or die ("Couldn't find db!");
include("{$core_path}/inc/user.inc.php");
if (isset($_POST['user_name'], $_POST['user_password'])){
if (($user_id = validate_credentials($_POST['user_name'], $_POST['user_password'])) !== false){
$_SESSION['user_id'] = $user_id;
header('Location: index.php?page=inbox');
die();
}
}
if (empty($_SESSION['user_id']) && $_GET['page'] !== 'login'){
header('HTTP/1.1 403 forbidden');
header('Location: index.php?page=login');
die();
}
$include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php";
echo $include_file;
?>
login.page.inc.php<h1>Login</h1>
<?php
if (isset($_POST['user_name'], $_POST['user_password'])){
echo 'Login Failed';
}
?>
<form action="index.php?page=login" method="post">
<div>
<label for="user_name">Name</label>
<input type="text" name="user_name" id="user_name" />
</div>
<div>
<label for="user_password">Password</label>
<input type="password" name="user_password" id="user_password" />
</div>
<div>
<input type="submit" value="login"/>
</div>
</form>
logout.page.inc.php<?php session_destroy(); ?> <div class="msg success"> You have logout.</div>
If not, please share the solution.