44 lines
1.4 KiB
PHP
44 lines
1.4 KiB
PHP
<?php
|
|
session_start();
|
|
|
|
$id=$_SESSION['id'];
|
|
$galaxy=$_SESSION['galaxy'];
|
|
$ss=$_SESSION['ss'];
|
|
$pos=$_SESSION['pos'];
|
|
require_once '../securite.php';
|
|
|
|
require('../connectBDD.php');
|
|
|
|
$x = mysql_query("SELECT * FROM user WHERE id='$id'");
|
|
$donnees = mysql_fetch_array($x);
|
|
|
|
$race = $donnees['race'];
|
|
$pseudodes = $donnees['pseudo'];
|
|
$temps = time();
|
|
|
|
if (isset($_POST['message_destinataire']) && $_POST['message_destinataire'] != '') {
|
|
$resultat = mysql_query("SELECT pseudo FROM user WHERE pseudo='".mysql_real_escape_string($_POST['message_destinataire'])."'"); // on vérifie l'existance
|
|
if(mysql_num_rows($resultat)>=1) { // si c'est bon on passe a la suite
|
|
if (isset($_POST['sujet_message']) && $_POST['sujet_message'] !='' ) {
|
|
$message_destinataire = mysql_real_escape_string(htmlspecialchars($_POST['message_destinataire']));
|
|
$sujet_message = mysql_real_escape_string(htmlspecialchars($_POST['sujet_message']));
|
|
$message = mysql_real_escape_string(htmlspecialchars($_POST['message']));
|
|
mysql_query("INSERT INTO mail VALUES('', '1', '$message_destinataire', '$pseudodes', '$sujet_message', '$message', '$temps')") or die ("erreur sql ".mysql_error());
|
|
}
|
|
else {
|
|
header("Location: envoyer_message.php?err=3");
|
|
exit;
|
|
}
|
|
}
|
|
else {
|
|
header("Location: envoyer_message.php?err=2");
|
|
exit;
|
|
}
|
|
}
|
|
else {
|
|
header("Location: envoyer_message.php?err=4");
|
|
exit;
|
|
}
|
|
mysql_close();
|
|
@header("Location: envoyer_message.php?ok=1");
|
|
?>
|