HB/pages/envoyer_message.php

<?php
session_start();
define('DESIGN', 'descriptions/diz/base.css');
require('../header.php');

if (isset($_GET['pseudo'])) $p=$_GET['pseudo']; else $p='';
if (isset($_GET['ok'])) $_GET['ok']=1; else $_GET['ok']=0;

if (isset($_POST)) {
	if (isset($_POST['message_destinataire']) && $_POST['message_destinataire'] !='') {
		$resultat = mysql_query("SELECT pseudo FROM user WHERE pseudo='".$_POST['message_destinataire']."'"); // on v<>rifie l'existance
		if(mysql_num_rows($resultat)>=1) { // si c'est bon on passe a la suite
			if (isset($_POST['sujet_message']) && $_POST['sujet_message'] !='' ) { mysql_query("INSERT INTO mail VALUES('', '1', '".htmlspecialchars($_POST['message_destinataire'])."', '".$pseudo."', '".htmlspecialchars($_POST['sujet_message'])."', '".htmlspecialchars($_POST['message'])."', '".$temps."')"); header('Location: envoyer_message.php?ok=5'); exit; }
			else echo "Pr<EFBFBD>cisez le nom du sujet";
		}
		else echo "Pr<EFBFBD>cisez le nom du destinataire";
	}
	else "Ce joueur n'existe pas";
}
?>
<body>
<form method="post" action="message.php">
<br><br><br><br>
<TABLE align=center>
<? if ($_GET['ok'] == 1) { echo "<tr><td colspan=2><font color=lime>Message envoy<6F></font></td></tr>"; } ?>
<tr><td>Nom du destinataire</td><td><input type="text" class="zone_texte" size="44" maxlength="20" name="message_destinataire" <? echo "value=".$p;?> ></td></tr>
<tr><td>Sujet</td><td><input type="text" class="zone_texte" size="44" maxlength="20" name="sujet_message"></td></tr>
<tr><td>Texte</td><td><textarea cols="30" rows="10" name="message" class="zone_texte"></textarea></td></tr>
<tr><td colspan="2"><input type="submit" value="Envoyer" class="bouton"></td></tr>
</TABLE>
</form>
</body>
</html>