Page 1 of 1

private message system- unknown user problem

Posted: Fri May 25, 2012 4:45 pm
by wale89
Hi..

Up until now, I've succeed to follow the tutorial until the new conversation part where when i try to post to unknown or non-existing user, the message "The following user could not be found" won't appear. There are many errors message I've got.Now I'm really stuck and could you or anyone help me? I really appreciate your help =) Here I include my code

index.php
<?php
include('core/init.inc.php');
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html versions:-//w3c//DTD XHTML 1.1//EN" xmlns="http://www.w3.org/1999/xhtml"> 
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<link rel="stylesheet" type="text/css" href="ext/css/main.css" />
	<title>private Message</title>
</head>

<body>
	<div id="wrap">
    	<?php
		
		include($include_file);
		
		?>
        </div>
</body>
</html>
new_conversation.page.inc.php
<?php

if (isset($_POST['to'], $_POST['subject'], $_POST['body'])){
	$errors = array();
	
	
	echo mysql_error();
	if(empty($_POST['to'])){
		$errors[] = 'you must enter at least one name.';
	} else if (preg_match('%^[a-z, ]+$%i', $_POST['to']) === 0){
		$errors[] = 'the list of names you gave does not look valid.';
	}else{
		$user_names = explode(',', $_POST['to']);
		
		foreach ($user_name as &$name){
			$name = trim($name);
		}
		
		$user_ids = fetch_user_ids($user_names);
		
		if (count($user_ids) !== count($user_names)){
			$errors[] = 'the following user could not be found: '. implode(', ', array_diff($user_names, array_keys($user_ids)));
		}		
	}
	
	if(empty($_POST['subject'])){
		$errors[] = 'you must enter subject.';
	}

	if(empty($_POST['body'])){
		$errors[] = 'you must enter body.';
	}
	
	
	
	
	
	
	
	if(empty($errors)){
		//  
	}
}

if (isset($errors)){
	if (empty($errors)){
		echo '<div class="msg success">Your message has been sent 
		<a href="index.php?page=inbox"> Return to your inbox </a></div>';
		
	} else {
		foreach ($errors as $error){
			echo '<div class="msg error">', $error, '</div>';
		}
	}





}
?>

<form action="" method="post">

<div>
	<label for="to">To</label>
	<input type="text" name="to" id="to" value="<?php if (isset($_POST['to'])) echo htmlentities($_POST['to']); ?>"/>
</div>

<div>
	<label for="subject">Subject</label>
	<input type="text" name="subject" id="subject" value="<?php if (isset($_POST['subject'])) echo htmlentities($_POST['subject']); ?>" />

</div>

<div>
	<textarea name="body" rows="20" cols="110"><?php if (isset($_POST['body'])) echo htmlentities($_POST['body']); ?></textarea>
</div>
<div>
	<input type="submit" value="Send" />
</div>

</form>
user.inc.php
<?php
//check username and password combination
function validate_credentials($user_name, $user_password){
	$user_name = mysql_real_escape_string($user_name);
	$user_password = sha1($user_password);

	$result = mysql_query("SELECT user_id FROM users WHERE user_name = '$user_name' AND user_password = '$user_password' ");
	
	echo mysql_error();
	if (mysql_num_rows($result) != 1){
		return false;
	}
	return mysql_result($result, 0);
}

function fetch_user_ids($user_names){
	foreach ($user_names as &$name){
		$name = mysql_real_escape_string($name);
	}
	
	$result = mysql_query("SELECT user_id, user_name FROM user WHERE user_name IN ('" . implode("','", $user_names) . "')");
	
	$names = array();
	
	while (($row = mysql_fetch_assoc($result)) !== false){
		$name[$row['user_name']] = $row['user_id'];
	}
	
	return $names;
}
?>
inbox.page.inc.php
 <div class="actions">
	<p> Welcome..</p>
    <a href="index.php?page=new_conversation">New conversation</a>
    <a href="index.php?page=logout">Logout</a>
</div>
init.inc.php
<?php
$core_path = dirname(__FILE__);
if (empty($_GET['page']) || in_array("{$_GET['page']}.page.inc.php",scandir("{$core_path}/pages")) == false){
	header('HTTP/1.1 404 Not Found');
	header('Location: index.php?page=inbox');
	die();
}
session_start();
mysql_connect("localhost","root","") or die ("Couldn't connect!");
mysql_select_db("private_message_system") or  die ("Couldn't find db!");
include("{$core_path}/inc/user.inc.php");

if (isset($_POST['user_name'], $_POST['user_password'])){
	if (($user_id = validate_credentials($_POST['user_name'], $_POST['user_password'])) !== false){
		$_SESSION['user_id'] = $user_id;
	header('Location: index.php?page=inbox');	
	die();
	}   
}

if (empty($_SESSION['user_id']) && $_GET['page'] !== 'login'){
	header('HTTP/1.1 403 forbidden');
	header('Location: index.php?page=login');
	die();
}
$include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php";
echo $include_file;
?>
login.page.inc.php
<h1>Login</h1>
<?php
if (isset($_POST['user_name'], $_POST['user_password'])){
	echo 'Login Failed';
}
?>

<form action="index.php?page=login" method="post">
	<div>
    	<label for="user_name">Name</label>
    	<input type="text" name="user_name" id="user_name" />
     </div>
     <div>
     
     	<label for="user_password">Password</label>
     	<input type="password" name="user_password" id="user_password" />
     </div>
     
      <div>
     	<input type="submit" value="login"/>
     </div>
     
</form>
logout.page.inc.php
<?php
session_destroy();
?>

<div class="msg success"> You have logout.</div>

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 5:17 pm
by Temor
Try removing one of the equal signs on line 21 in new_conversation.page.inc.php.
if (count($user_ids) !== count($user_names)){

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 5:30 pm
by wale89
Yes I've tried but still not working..huhuhu..

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 5:38 pm
by Temor
try echoing mysql_error(); under the query on line 21 in user.inc.php

It could be an error with the SQL query. I see you removed all backticks, not just those around variable names.
You're still supposed to have those around the row names.

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 5:49 pm
by wale89
Yes I've got it....heee.. The coding is working. Thank you so much =D

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 6:04 pm
by Temor
was that the problem? :P If not, please share the solution.

Re: private message system- unknown user problem

Posted: Fri May 25, 2012 6:14 pm
by wale89
yes,the problem is at the sql query.. hehhe..but now there is a new problem..hahaha