OK so Im adding this mod that iv tried to make to my mailbox.php this mod should send a email to any one that gets a mail on the game. "Say I send out a mass mail every one will get a email saying they got this mail on the game" The email tells the the id of the person that sent it and what the mail said. My problem that I'm having is im getting this error here.
Message sent successfully
Warning: mail() expects parameter 1 to be string, resource given in /home/mafialor/public_html/mailbox.php on line 322
a few lines before my add on there is the $to and the $from and stuff thats from the game message that is being sent. What I did was used the $to and the $from and added it in the email so that it will show the id of both players. they work fine.
For my email part I have the $who $subject1 and so forth with all the info in for that. and then the mail() code with the matching $who bla bla. up on the first $who. if i change that to $who = "
dustyrhodes@hargray.com"; when I send my self or any one a game mail I get a email saying they got that mail. I so the email code works. what I need is for who to = this. $who = mysql_query("SELECT email FROM users WHERE userid = $to",$c); this $to is the $to in the messsage code that pulled that id for the game mail so that it knows whos email to get to send this to. but I get that error that I posted up top.
This in my whole mailbox.php file. is in around line 305 ish All the help I can get would be great. Thanks a ahead guys.
<?php
session_start();
require "global_func.php";
if($_SESSION['loggedin']==0) { header("Location: login.php");exit; }
$userid=$_SESSION['userid'];
require "header.php";
$h = new headers;
$h->startheaders();
include "mysql.php";
global $c;
$is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error());
$ir=mysql_fetch_array($is);
check_level();
$fm=number_format($ir['money']);
$cm=number_format($ir['crystals'],'');
$lv=date('F j, Y, g:i a',$ir['laston']);
$h->userdata($ir,$lv,$fm,$cm);
$h->menuarea();
mysql_query("UPDATE users SET locpage='Mail' WHERE userid= " . $ir['userid']);
echo '<center>';
echo '<style>';
echo '.table th, .table td { border: solid 1px white; }';
echo '.topTitle { background: white; color: black; }';
echo '</style>';
echo '<table width="80%" class="table" border="2" cellspacing="4">';
echo '<tr>';
echo '<th width="17%"><a href="mailbox.php?action=inbox">Inbox</a></th>';
echo '<th width="17%"><a href="mailbox.php?action=outbox">Outbox</a></th>';
echo '<th width="16%"><a href="mailbox.php?action=compose">Compose</a></th>';
echo '<th width="16%"><a href="mailbox.php?action=settings">Settings</a></th>';
echo '<th width="17%"><a href="mailbox.php?action=archive">Archive</a></th>';
echo '<th width="17%"><a href="mailbox.php?action=deleteall">Delete All</a></th>';
echo '</tr>';
echo '</table>';
echo '<br />';
switch($_GET['action'])
{
case 'inbox': mail_inbox(); break;
case 'outbox': mail_outbox(); break;
case 'compose': mail_compose(); break;
case 'delete': mail_delete(); break;
case 'send': mail_send(); break;
case 'deleteall': mail_delall(); break;
case 'archive': mail_archive(); break;
case 'archiveadd': mail_archive_add(); break;
case 'archiveremove': mail_archive_remove(); break;
case 'settings': mail_settings(); break;
case 'setlimit': mail_set_limit(); break;
case 'blockuser': mail_block_user(); break;
case 'viewblocked': mail_view_blocked(); break;
case 'recent': listRecentBans(); break;
default: mail_inbox(); break;
}
function listRecentBans($show = FALSE)
{
global $c, $ir;
if($show)
{
if(in_array($ir['userid'], array(1,2)))
{
echo 'Below are the most recent bans from the mail system';
echo '<br />';
echo '<table width="80%" class="table" border="2" cellspacing="4">';
echo '<tr>';
echo '<th>Time</th>';
echo '<th width="80%">Event</th>';
echo '</tr>';
$getAlerts = mysql_query("SELECT * FROM `admin_alerts` ORDER BY `aa_time` DESC LIMIT 5", $c);
while ($gAlerts = mysql_fetch_object($getAlerts))
{
echo '<tr>';
echo '<td style="text-align: left; vertical-align: top;">' . date('F j, Y, g:i a', $gAlerts->aa_time) . '</td>';
echo '<td style="text-align: left; vertical-align: top;">' . $gAlerts->aa_text . '</td>';
echo '</tr>';
}
echo '</table>';
echo '<br />';
echo '<a href="mailbox.php?action=recent">View More...</a>';
echo '<br /><br />';
}
}
else
{
if(in_array($ir['userid'], array(1,2)))
{
echo 'Below are the most recent bans from the mail system';
echo '<br />';
echo '<table width="80%" class="table" border="2" cellspacing="4">';
echo '<tr>';
echo '<th>Time</th>';
echo '<th width="80%">Event</th>';
echo '</tr>';
$getAlerts = mysql_query("SELECT * FROM `admin_alerts` ORDER BY `aa_time` DESC LIMIT 100", $c);
while ($gAlerts = mysql_fetch_object($getAlerts))
{
echo '<tr>';
echo '<td style="text-align: left; vertical-align: top;">' . date('F j, Y, g:i a', $gAlerts->aa_time) . '</td>';
echo '<td style="text-align: left; vertical-align: top;">' . $gAlerts->aa_text . '</td>';
echo '</tr>';
}
echo '</table>';
echo '<br /><br />';
}
}
}
function mail_inbox()
{
global $ir, $c;
listRecentBans(TRUE);
if($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 4 || $ir['user_level'] == 5)
{
echo '<a href="massmail.php?action=massmailer"><b>Mass Mail Game!</b></a><br/><br/>';
}
echo '<b>Showing the latest ' . $ir['mail_limit'] . ' received messages</b>';
echo '<br /><br />';
echo '<table width="80%" class="table" border="2" cellspacing="4">';
echo '<form action="mailbox.php?action=delete" method="post">';
$q = mysql_query("SELECT * FROM `mail` WHERE `mail_to` = '{$ir['userid']}' AND `mail_deleted` = '0' AND `mail_archived` = '0' ORDER BY `mail_time` DESC LIMIT {$ir['mail_limit']}", $c);
if(!mysql_num_rows($q))
{
echo '<b>You have no mail in your inbox</b>';
}
else
{
while($r = mysql_fetch_array($q))
{
$Date = date('F j, Y', $r['mail_time']);
$Time = date('g:i:s a', $r['mail_time']);
echo '<tr class="topTitle">';
echo '<td width="25%"><b>From:</b> ';
$userData = mysql_query("SELECT `userid`,`username`,`user_level` FROM `users` WHERE `userid` = '{$r['mail_from']}'", $c);
if(!mysql_num_rows($userData))
{
$sender = '<font color="red">SYSTEM MAIL</font>';
}
else
{
$uData = mysql_fetch_object($userData);
$sender = '<a href="viewuser.php?u=' . $uData->userid . '" style="color: black; font-weight: 600; ">' . outputSecure($uData->username) . ' [' . $uData->userid . ']</a>';
}
echo $sender;
$fm = urlencode($r['mail_text']);
echo '</td>';
echo '<td><b>Subject:</b> ' . outputSecure($r['mail_subject']) . '</td>';
echo '<td>Delete</td>';
echo '</tr>';
echo '<tr>';
echo '<td style="vertical-align: top;">';
echo '<b>received on</b> ' . $Date . '<br />';
echo '<b>At</b> ' . $Time . '<br /><br />';
echo '<b>Options</b><br />';
echo '<a href="mailbox.php?action=compose&ID=' . $r['mail_from'] . '">Reply</a> | <a href="mailbox.php?action=delete&ID=' . $r['mail_id'] . '">Delete</a> | <a href="mailbox.php?action=archiveadd&ID=' . $r['mail_id'] . '">Archive</a>';
echo '</td>';
echo '<td style="vertical-align: top;">' . mailOutputSecure($r['mail_text']) . '</td>';
echo '<td><input type="checkbox" name="ids[]" value="' . $r['mail_id'] . '"></td>';
echo '</tr>';
}
echo '</table';
echo '<br /><br />';
echo '<input type="submit" name="submit" value="Delete selected mails!">';
echo '</form>';
}
mysql_query("UPDATE `mail` SET `mail_read` = '1' WHERE `mail_to` = '{$ir['userid']}'", $c);
}
function mail_outbox()
{
global $c, $ir;
echo '<b>Showing the latest ' . $ir['mail_limit'] . ' sent messages</b>';
echo '<br /><br />';
$q = mysql_query("SELECT * FROM `mail` WHERE `mail_from` = '{$ir['userid']}' ORDER BY `mail_time` DESC LIMIT {$ir['mail_limit']}", $c);
if(!mysql_num_rows($q))
{
echo 'No messages in your outbox';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
else
{
echo '<table width="80%" class="table" border="2" cellspacing="4">';
echo '<tr>';
echo '<th width="25%">To</th>';
echo '<th>Subject/Message</th>';
echo '</tr>';
while($r = mysql_fetch_array($q))
{
$userData = mysql_query("SELECT `userid`,`username` FROM `users` WHERE `userid` = '{$r['mail_to']}'", $c);
if(mysql_num_rows($userData))
{
$uData = mysql_fetch_object($userData);
$from = '<a href="viewuser.php?u=' . $uData->userid . '" style="color: black; font-weight: 600;">' . outputSecure($uData->username) . '</a> [' . $uData->userid . ']';
}
else
{
$from = '<font color="red">SYSTEM</font>';
}
$Date = date('F j, Y', $r['mail_time']);
$Time = date('g:i:s a', $r['mail_time']);
echo '<tr class="topTitle">';
echo '<td>' . $from . '</td>';
echo '<td>' . outputSecure($r['mail_subject']) . '</td>';
echo '</tr>';
echo '<tr>';
echo '<td>';
echo '<b>Sent on:</b> ' . $Date . '<br />';
echo '<b>At:</b> ' . $Time ;
echo '</td>';
echo '<td>' . mailOutputSecure($r['mail_text']) . '</td>';
echo '</tr>';
}
echo '</table>';
}
}
function mail_compose()
{
global $c, $ir;
$_GET['ID'] = (isset($_GET['ID']) AND !ereg('[^0-9]', $_GET['ID'])) ? abs(@intval(substr($_GET['ID'], 0, 15))) : FALSE ;
if($_GET['ID'])
{
$isBlocked = mysql_query("SELECT * FROM `mail_blocks` WHERE ((`mb_blocker` = '{$ir['userid']}' AND `mb_blocked` = '{$_GET['ID']}') OR `mb_blocker` = '{$_GET['ID']}' AND `mb_blocked` = '{$ir['userid']}')", $c);
if(mysql_num_rows($isBlocked))
{
echo '<h3 style="color: red;">Either you have blocked this user or they have blocked you.<br />No mail can now be sent between the 2 of you until the block is removed.</h3>';
}
}
echo '<form action="mailbox.php?action=send" method="post">';
echo 'Enter the ID of the user to sent this mail to<br />';
echo '<input type="text" name="userid" value="' . $_GET['ID'] . '">';
echo '<br /><br />';
echo 'Mail Subject<br />';
echo '<input type="text" name="subject">';
echo '<br /><br />';
echo 'Message<br />';
echo '<textarea rows="8" cols="60" name="message"></textarea>';
echo '<br /><br />';
echo '<input type="submit" value="Send">';
echo '</form>';
if($_GET['ID'])
{
echo '<br />';
echo '<table width="80%" class="border" border="2" cellspacing="4">';
echo '<tr>';
echo '<th colspan="2">Your last 5 mails to/from this person</th>';
echo '</tr>';
$q = mysql_query("SELECT m.*,u1.username as sender from mail m left join users u1 on m.mail_from=u1.userid WHERE (m.mail_from={$ir['userid']} AND m.mail_to={$_GET['ID']}) OR (m.mail_to={$ir['userid']} AND m.mail_from={$_GET['ID']}) ORDER BY m.mail_time DESC LIMIT 5",$c);
while($r = mysql_fetch_array($q))
{
$sent=date('F j, Y, g:i:s a',$r['mail_time']);
echo '<tr>';
echo '<td width="25%">' . $sent . '</td>';
echo '<td><b>' . outputSecure($r['sender']) . ' wrote:</b> ' . mailOutputSecure($r['mail_text']) . '</td>';
echo '</tr>';
}
echo '</table>';
}
}
function mail_send()
{
global $c, $ir;
$to = (isset($_POST['userid']) AND !ereg('[^0-9]', $_POST['userid'])) ? abs(@intval(substr($_POST['userid'], 0, 15))) : FALSE ;
$isBlocked = mysql_query("SELECT * FROM `mail_blocks` WHERE ((`mb_blocker` = '{$ir['userid']}' AND `mb_blocked` = '{$to}') OR `mb_blocker` = '{$to}' AND `mb_blocked` = '{$ir['userid']}')", $c);
if(mysql_num_rows($isBlocked))
{
echo '<h3 style="color: red;">Either you have blocked this user or they have blocked you.<br />No mail can now be sent between the 2 of you until the block is removed.</h3>';
}
else
{
$subject = (isset($_POST['subject']) AND is_string($_POST['subject'])) ? mysql_real_escape_string(strip_tags(substr($_POST['subject'], 0, 200)), $c) : 'No subject given' ;
$message = (isset($_POST['message']) AND is_string($_POST['message'])) ? mysql_real_escape_string(strip_tags(substr($_POST['message'], 0, 10000)), $c) : 'No text body entered' ;
$from = abs(@intval(substr($ir['userid'], 0, 15)));
$times = time() - (60*5);
$getPrev = mysql_query("SELECT * FROM `mail` WHERE `mail_from` = '{$ir['userid']}' AND `mail_text` = '{$message}' AND `mail_time` > '{$times}'", $c);
if(mysql_num_rows($getPrev) >= 4)
{
if($ir['mailban'] <= 0)
{
$banReason = 'Abuse of the mail system! Auto spam protection!';
$banDays = '100';
$alertText = '<a href="viewuser.php?u=' . $ir['userid'] . '">' . $ir['username'] . '</a> was banned from mailing for 100 days for repeatedly sending the following text in error, if you think this punishment is unfair, ban them for 0 days from the admin function:<br /><br />' . $message;
$alertTime = time();
mysql_query("UPDATE `users` SET `mailban` = '{$banDays}', `mb_reason` = '{$banReason}' WHERE `userid` = '{$ir['userid']}'", $c) or die (mysql_error());
mysql_query("INSERT INTO `admin_alerts` (aa_id, aa_text, aa_time) VALUES ('', '{$alertText}', '{$alertTime}')", $c) or die (mysql_error());
}
}
if($message AND $to)
{
$insert = mail_insert($from, $to, $subject, $message, $c);
if($insert)
{
echo 'Message sent successfully';
//$who1 = mysql_query("SELECT email FROM users WHERE userid = $to",$c);
//$who2=mysql_fetch_array($who1);
$who1 = mysql_query("SELECT email FROM users WHERE userid = $to",$c);
$subject1 = "New Message on Mafia Lords";
$message1 = "Hi ID: $to,
ID: $from just sent you a message on Mafia Lords
ID $from wrote: $message .
To reply to this message click the link below.
www.mafai-lords.net
Thanks,
The Mafai Lords Team";
$headers1 = "From: admin@mafia-lords.net";
mail($who1, $subject1, $message1, $headers1);
}
else
{
echo 'There was an error sending your message';
}
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
else
{
echo 'You either missed out the message or the recipient\'s id';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
}
function mail_delete()
{
global $ir,$c,$userid,$h;
if(!strlen($_POST['ids']))
{
echo 'No mail selected to delete.';
echo '<br /><br />';
echo '<a href="mailbox.php">Back</a>';
}
else
{
foreach($_POST['ids'] as $id)
{
if(!eregi("[^0-9]", $id))
{
mysql_query("UPDATE `mail` SET `mail_deleted` = 1 WHERE `mail_to` = " . $ir['userid'] . " AND `mail_id` = " . $id, $c) or die ('Error processing data on line ' . __LINE__);
}
}
echo 'All selected mail has been deleted.';
echo '<br /><br />';
echo '<a href="mailbox.php">Back</a>';
}
}
function mail_delall()
{
global $c, $ir;
$do = (isset($_GET['do']) AND !ereg('[^0-9]', $_GET['do']) AND $_GET['do'] == $ir['userid']) ? TRUE : FALSE ;
if($do)
{
mysql_query("UPDATE `mail` SET `mail_deleted` = '1' WHERE `mail_to` = '{$ir['userid']}' AND `mail_deleted` = '0' AND `mail_archived` = '0'", $c);
echo 'All ' . mysql_affected_rows($c) . ' mails in your inbox were deleted.';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
else
{
echo '<h3>Are you sure you would like to delete ALL messages in your inbox?</h3>';
echo '<a href="mailbox.php?action=deleteall&do=' . $ir['userid'] . '">Yes</a> | <a href="mailbox.php">No</a>';
}
}
function mail_archive()
{
global $ir, $c;
echo '<b>Showing the latest ' . $ir['mail_limit'] . ' archived messages</b>';
echo '<br /><br />';
echo '<table width="80%" class="table" border="2" cellspacing="4">';
$q = mysql_query("SELECT * FROM `mail` WHERE `mail_to` = '{$ir['userid']}' AND `mail_deleted` = '0' AND `mail_archived` = '1' ORDER BY `mail_time` DESC LIMIT {$ir['mail_limit']}", $c);
if(!mysql_num_rows($q))
{
echo '<b>You have no mail in your archive</b>';
}
else
{
while($r = mysql_fetch_array($q))
{
$Date = date('F j, Y', $r['mail_time']);
$Time = date('g:i:s a', $r['mail_time']);
echo '<tr class="topTitle">';
echo '<td width="25%"><b>From:</b> ';
$userData = mysql_query("SELECT `userid`,`username`,`user_level` FROM `users` WHERE `userid` = '{$r['mail_from']}'", $c);
if(!mysql_num_rows($userData))
{
$sender = '<font color="red">SYSTEM MAIL</font>';
}
else
{
$uData = mysql_fetch_object($userData);
$sender = '<a href="viewuser.php?u=' . $uData->userid . '" style="color: black; font-weight: 600;">' . outputSecure($uData->username) . ' [' . $uData->userid . ']</a>';
}
echo $sender;
echo '</td>';
echo '<td><b>Subject:</b> ' . outputSecure($r['mail_subject']) . '</td>';
echo '</tr>';
echo '<tr>';
echo '<td style="vertical-align: top;">';
echo '<b>received on</b> ' . $Date . '<br />';
echo '<b>At</b> ' . $Time . '<br /><br />';
echo '<b>Options</b><br />';
echo '<a href="mailbox.php?action=compose&ID=' . $r['mail_from'] . '">Reply</a> | <a href="mailbox.php?action=delete&ID=' . $r['mail_id'] . '">Delete</a> | <a href="mailbox.php?action=archiveremove&ID=' . $r['mail_id'] . '">Inbox</a>';
echo '</td>';
echo '<td style="vertical-align: top;">' . mailOutputSecure($r['mail_text']) . '</td>';
echo '</tr>';
}
echo '</table';
}
}
function mail_archive_add()
{
global $c, $ir;
$id = (isset($_GET['ID']) AND !ereg('[^0-9]', $_GET['ID'])) ? abs(@intval(substr($_GET['ID'], 0, 15))) : FALSE ;
if($id)
{
$validMail = mysql_query("SELECT * FROM `mail` WHERE `mail_id` = '{$id}' AND `mail_to` = '{$ir['userid']}' AND `mail_deleted` = '0' AND `mail_archived` = '0'", $c);
if(mysql_num_rows($validMail))
{
mysql_query("UPDATE `mail` SET `mail_archived` = '1' WHERE `mail_id` = '{$id}' AND `mail_to` = '{$ir['userid']}' AND `mail_archived` = '0'", $c);
if(mysql_affected_rows($c))
{
echo 'The mail you selected to archive was added to your archive';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
else
{
echo 'An error occurred and the selected mail could not be archived. Please try again';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
else
{
echo 'This mail is either deleted, already archived or does not belong to you';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
else
{
echo 'No mail id given to archive';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
function mail_archive_remove()
{
global $c, $ir;
$id = (isset($_GET['ID']) AND !ereg('[^0-9]', $_GET['ID'])) ? abs(@intval(substr($_GET['ID'], 0, 15))) : FALSE ;
if($id)
{
$validMail = mysql_query("SELECT * FROM `mail` WHERE `mail_id` = '{$id}' AND `mail_to` = '{$ir['userid']}' AND `mail_deleted` = '0' AND `mail_archived` = '1'", $c);
if(mysql_num_rows($validMail))
{
mysql_query("UPDATE `mail` SET `mail_archived` = '0' WHERE `mail_id` = '{$id}' AND `mail_to` = '{$ir['userid']}' AND `mail_archived` = '1'", $c);
if(mysql_affected_rows($c))
{
echo 'The mail you selected to move to your inbox was successfully moved';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
else
{
echo 'An error occurred and the selected mail could not be moved to your inbox. Please try again';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
else
{
echo 'This mail is either deleted, already in your inbox or does not belong to you';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
else
{
echo 'No mail id given to archive';
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
function mail_settings()
{
global $c, $ir;
echo '<a href="mailbox.php?action=setlimit">Change View Limit</a><br />';
echo '<a href="mailbox.php?action=blockuser">Block User</a><br />';
echo '<a href="mailbox.php?action=viewblocked">View Blocked Users</a><br />';
}
function mail_block_user()
{
global $c, $ir;
$block = (isset($_POST['block']) AND !ereg('[^0-9]', $_POST['block'])) ? abs(@intval(substr($_POST['block'], 0, 15))) : FALSE ;
if($block)
{
$checkBlock = mysql_query("SELECT * FROM `mail_blocks` WHERE `mb_blocker` = '{$ir['userid']}' AND `mb_blocked` = '{$block}'", $c);
if(mysql_num_rows($checkBlock))
{
echo 'You have already added that user to your block list.';
}
else if($block == $ir['userid'])
{
echo 'Why would you want to block yourself?';
}
else
{
$validUser = mysql_query("SELECT `userid`,`username` FROM `users` WHERE `userid` = '{$ir['userid']}'", $c);
if(!mysql_num_rows($validUser))
{
echo 'There is no user with that id';
}
else
{
$vUser = mysql_fetch_object($validUser);
$reason = (isset($_POST['reason']) AND is_string($_POST['reason'])) ? mysql_real_escape_string(strip_tags($_POST['reason']), $c) : ' ' ;
mysql_query("INSERT INTO `mail_blocks` (mb_id, mb_blocker, mb_blocked, mb_reason) VALUES ('', '{$ir['userid']}', '{$block}', '{$reason}')", $c) or die (mysql_error());
if(mysql_affected_rows($c))
{
echo outputSecure($vUser->username) . ' was added to your blocked list.';
}
else
{
echo 'An error occurred whilst trying to process the information, please try again';
}
echo '<br /><br />';
echo '<a href="mailbox.php">Go Back</a>';
}
}
}
else
{
echo 'Enter the id of the user who you would like to block from messaging you';
echo '<br />';
echo '<form action="mailbox.php?action=' . $_GET['action'] . '" method="post">';
echo '<select name="block">';
$time = time() - (60*60*24*7);
$getInfo = mysql_query("SELECT `userid`,`username` FROM `users` WHERE `laston` > '{$time}' AND `userid` != '{$ir['userid']}' ORDER BY `username` ASC", $c);
while ($gInfo = mysql_fetch_object($getInfo))
{
echo '<option value="' . $gInfo->userid . '">' . outputSecure($gInfo->username) . '</option>';
}
echo '</select>';
echo '<br /><br />';
echo 'Enter a reason, if any';
echo '<br />';
echo '<input type="text" name="reason" value="">';
echo '<br /><br />';
echo '<input type="submit" value="Block User">';
echo '</form>';
}
}
function mail_view_blocked()
{
global $c, $ir;
$delete = (isset($_GET['delete']) AND !ereg('[^0-9]', $_GET['delete'])) ? abs(@intval(substr($_GET['delete'], 0, 15))) : FALSE ;
if($delete)
{
$isValid = mysql_query("SELECT * FROM `mail_blocks` WHERE `mb_id` = '{$delete}' AND `mb_blocker` = '{$ir['userid']}'", $c);
if(!mysql_num_rows($isValid))
{
echo 'This block either does not exist or does not belong to you.';
}
else
{
mysql_query("DELETE FROM `mail_blocks` WHERE `mb_id` = '{$delete}' AND `mb_blocker` = '{$ir['userid']}'", $c) or die (mysql_error());
echo 'Block removed';
}
echo '<br /><br />';
}
echo '<table width="50%" class="table" border="2" cellspacing="4">';
echo '<tr>';
echo '<th>Name</th>';
echo '<th>Reason</th>';
echo '<th>Options</th>';
echo '</tr>';
$getBlocked = mysql_query("SELECT * FROM `mail_blocks` WHERE `mb_blocker` = '{$ir['userid']}'", $c);
if(!mysql_num_rows($getBlocked))
{
echo '<tr>';
echo '<th colspan="3">You do not have anybody on your blocked list</th>';
echo '</tr>';
}
else
{
while ($gBlocked = mysql_fetch_object($getBlocked))
{
$getUser = mysql_query("SELECT `userid`,`username` FROM `users` WHERE `userid` = '{$gBlocked->mb_blocked}'", $c);
if(!mysql_num_rows($getUser))
{
$name = 'Invalid User';
}
else
{
$gUser = mysql_fetch_object($getUser);
$name = '<a href="viewuser.php?u=' . $gUser->userid . '">' . outputSecure($gUser->username) . '</a>';
}
echo '<tr>';
echo '<td>' . $name . '</td>';
echo '<td>' . outputSecure($gBlocked->mb_reason) .'</td>';
echo '<td><a href="mailbox.php?action=' . $_GET['action'] . '&delete=' . $gBlocked->mb_id . '">Remove</a></td>';
echo '</tr>';
}
}
echo '</table>';
}
function mail_set_limit()
{
global $c, $ir;
$set = (isset($_POST['limit']) AND !ereg('[^0-9]', $_POST['limit']) AND $_POST['limit'] >= 5 AND $_POST['limit'] <= 50) ? abs(@intval(substr($_POST['limit'], 0, 3))) : FALSE ;
if($set)
{
mysql_query("UPDATE `users` SET `mail_limit` = '{$set}' WHERE `userid` = '{$ir['userid']}'", $c);
if(mysql_affected_rows($c))
{
echo 'Your mail viewing limit was set to ' . $set . '<br /><br /><a href="mailbox.php">Go Back</a>';
}
else
{
echo 'An error occurred whilst the script tried to process the data.<br />Try again shortly<br /><br /><a href="mailbox.php">Go Back</a>';
}
}
else
{
echo 'This option allows you to set how many messages are loaded on each page of your messages.';
echo '<br />';
echo 'This is so that people with slow internet speeds, like dial up, can choose lower amounts for optimal speeds';
echo '<br /><br />';
echo 'How many would you like to load? Must be between 5 and 50';
echo '<br />';
echo '<form action="mailbox.php?action=' . $_GET['action'] . '" method="post">';
echo '<input type="text" name="limit" value="' . $ir['mail_limit'] . '">';
echo '<br /><br />';
echo '<input type="submit" value="Change Limit">';
echo '</form>';
}
}
function mail_insert($from, $to, $subject, $text, $connection)
{
global $c, $ir;
$time = time();
if($ir['mailban'] != 0)
{
mysql_query("INSERT INTO `mail` (mail_id, mail_read, mail_from, mail_to, mail_time, mail_subject, mail_text, mail_deleted, mail_archived) VALUES ('', '1', '{$from}', '{$to}', '{$time}', '{$subject}', '{$text}', '1', '0')", $connection);
}
else
{
mysql_query("INSERT INTO `mail` (mail_id, mail_read, mail_from, mail_to, mail_time, mail_subject, mail_text, mail_deleted, mail_archived) VALUES ('', '0', '{$from}', '{$to}', '{$time}', '{$subject}', '{$text}', '0', '0')", $connection);
}
if(mysql_affected_rows($connection))
{
return TRUE;
}
else
{
return FALSE ;
}
}
function outputSecure($value)
{
global $c;
return htmlspecialchars(stripslashes(strip_tags($value)), ENT_QUOTES, "UTF-8");
}
function mailOutputSecure($value)
{
global $c;
return str_replace("\n", '<br />', stripslashes($value));
}
echo '</center>';
$h->endpage();
?>
