Tsar_Lyagushka/HB
1
0
Fork 0
forked from halo-battle/game
Code Issues Pull requests Projects Releases Wiki Activity

Version 0.7

Browse source
This commit is contained in:
nemunaire 2007-11-20 12:00:00 +01:00
commit c117da6d77
148 changed files with 1914 additions and 801 deletions
Download patch file Download diff file Expand all files Collapse all files

28
pages/message.php
View file

@ -5,8 +5,9 @@ $id=$_SESSION['id'];
$galaxy=$_SESSION['galaxy'];
$ss=$_SESSION['ss'];
$pos=$_SESSION['pos'];
require_once '../securite.php';
require_once('../connectBDD.php');
require('../connectBDD.php');
$x = mysql_query("SELECT * FROM user WHERE id='$id'");
$donnees = mysql_fetch_array($x);
@ -15,20 +16,29 @@ $race = $donnees['race'];
$pseudodes = $donnees['pseudo'];
$temps = time();
if (isset($_POST['message_destinataire']) && $_POST['message_destinataire'] !='') {
$resultat = mysql_query("SELECT pseudo FROM user WHERE pseudo='".$_POST['message_destinataire']."'"); // on vérifie l'existance
if (isset($_POST['message_destinataire']) && $_POST['message_destinataire'] != '') {
$resultat = mysql_query("SELECT pseudo FROM user WHERE pseudo='".mysql_real_escape_string($_POST['message_destinataire'])."'"); // on vérifie l'existance
if(mysql_num_rows($resultat)>=1) { // si c'est bon on passe a la suite
if (isset($_POST['sujet_message']) && $_POST['sujet_message'] !='' ) {
$message_destinataire = htmlspecialchars($_POST['message_destinataire']);
$sujet_message = htmlspecialchars($_POST['sujet_message']);
$message = htmlspecialchars($_POST['message']);
$message_destinataire = mysql_real_escape_string(htmlspecialchars($_POST['message_destinataire']));
$sujet_message = mysql_real_escape_string(htmlspecialchars($_POST['sujet_message']));
$message = mysql_real_escape_string(htmlspecialchars($_POST['message']));
mysql_query("INSERT INTO mail VALUES('', '1', '$message_destinataire', '$pseudodes', '$sujet_message', '$message', '$temps')") or die ("erreur sql ".mysql_error());
}
else echo "Précisez le nom du sujet";
else {
header("Location: envoyer_message.php?err=3");
exit;
}
}
else {
header("Location: envoyer_message.php?err=2");
exit;
}
else echo "Ce joueur n'existe pas";
}
else "Précisez le nom du destinataire";
else {
header("Location: envoyer_message.php?err=4");
exit;
}
mysql_close();
@header("Location: envoyer_message.php?ok=1");
?>