Reputation: 39
My read message page shows multiple messages instead of one PHP
I have made a private message system in PHP. It kinda works, the write, send, read and reply works.
But there is one problem. If i press on a specific message that i want to read in my Inbox or Outbox, (dosent matter which), my page which should show just the specific message i press on, shows all messages in that inbox/outbox. It looks like this on my page ->
From:[email protected]:hello Message:Testing this.. From:[email protected] Subject:hello Message: test From:[email protected]:hej Message: skicka :Reply
As you all can se, its all messages in a row. Edit: It messages that belongs to the right user. So its not messages that belongs to a diffrent user.
The sql for my messages are
id int(11) AI PK
from_user varchar(45)
to_user varchar(45)
subject varchar(400)
message text
date date
read tinyint(4)
I am fairly sure that my error should be somewhere here in
read.inc.php
<?php
$user = $_SESSION['username'];
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";
$stmt = $dbh->prepare($sql);
$stmt->execute();
?>
<?php
if ($stmt->rowCount() > 0){
echo "<table";
echo "<tr>";
while ($rows = $stmt->fetch(PDO::FETCH_ASSOC)){
$id = $rows['id'];
$to_user = $rows['to_user'];
echo "<td>";
?>
<?php
echo "<td>From:";
echo "</td>";
echo "<td>";
echo "".$from = $rows['from_user']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Subject:";
echo "<td>";
echo "<td>";
echo "".$subject = $rows['subject']."";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td>";
echo "Message:";
echo "<td>";
echo "".$message = $rows['message']."";
echo "</td>";
echo "</tr>";
}
echo "<tr>";
echo "<td colspan='2'><a href='messages.php?
id=compose&mid=$id&subject=RE:$subject&to=$from'>Reply Message</a>
</td>";
echo "</tr>";
echo "</table>";
if ($to_user==$user) {
$stmt = $dbh->prepare("UPDATE `private_messages` SET `read`=1 WHERE
`id`=id");
$a = 1;
$stmt->bindParam(':1',$a);
$stmt->bindParam(':id',$id);
}
} else {
echo "You cant see the conversation..";
}
?>
I will also paste inbox and outbox if somone feels to look there to.
This is outbox.inc.php
<?php
$user = $_SESSION[ 'username' ];
$sql = "SELECT * FROM private_messages WHERE from_user = '$user'";
$stmt = $dbh->prepare( $sql );
$stmt->execute();
?>
<?php
if ( $stmt->rowCount() > 0 ) {
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
echo "<table>";
echo "<tr>";
echo "<td> ";
echo "</td>";
echo "<td>to: </td>";
echo "<td>subject: </td>";
echo "<td>Date: </td>";
echo "</tr>";
while ( $rows = $stmt->fetch( PDO::FETCH_ASSOC ) ) {
$id = $rows[ 'id' ];
?>
<?php
echo "<tr>";
echo "<td> </td>";
echo "<td>" . $from = $rows[ 'to_user' ] . "</td>";
echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject = $rows[
'subject' ] . "</a></td>";
echo "<td>" . $date = $rows[ 'date' ] . "</td>";
echo "<tr>";
}
}
else {
echo "<table> <tr align='left'> <td> </td> <td>to_user: </td><td>
Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not send a
message </th></tr></table>";
}
echo "</table>";
?>
</body>
</html>
And last my
inbox.inc.php
<?php
$user = $_SESSION[ 'username' ];
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";
$stmt = $dbh->prepare( $sql );
$stmt->bindValue( ':to_user', $_SESSION[ 'username' ], PDO::PARAM_INT );
$stmt->execute();
?>
<?php
if ( $stmt->rowCount() > 0 ) {
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<?php
echo "<table>";
echo "<tr>";
echo "<td> ";
echo "</td>";
echo "<td>from_user: </td>";
echo "<td>subject: </td>";
echo "<td>Date: </td>";
echo "</tr>";
// om stmt är större än noll då finns de poster gör då detta
// skriv ut posterna med en while loop
while ( $rows = $stmt->fetch(PDO::FETCH_ASSOC)) {
$id = $rows['id'];
echo "<tr>";
echo "<td> </td>";
echo "<td>" . $from = $rows[ 'from_user' ] . "</td>";
echo "<td><a href='messages.php?id=read&mid=$id'>" . $subject =
$rows[ 'subject'] . "</a></td>";
echo "<td>" . $date = $rows[ 'date' ] . "</td>";
echo "<tr>";
}
} else {
echo "<table> <tr align='left'> <td> </td> <td>from_user: </td>
<td> Subject: </td><td>Date: </td></tr><tr><th colspan='4'> You did not
recive a message </th></tr></table>";
}
echo "</table>";
?>
</body>
</html>
Lots of code here, sorry for that.
/best regards Robert
Upvotes: 1
Views: 226
Answers (1)
Reputation: 553
You have the following in your read.inc.php, which fetches all messages for a given user:
$sql = "SELECT * FROM private_messages WHERE to_user = '$user'";`
To only get the message that you clicked on in your inbox you should use a query like this:
$sql = "SELECT * FROM private_messages WHERE to_user = '$user' AND id = $mid LIMIT 1";
(where $mid is the variable you get from $_GET['mid'] in your query string).
You won't need the loop then, since you only fetch one row.
Please be aware that using variables in the query like this (especially when transmitted via query string) is VERY BAD and can/will lead to SQL injection attacks. Use bound variables (either with bindParam/bindVariable or in execute) like you did in inbox.inc.php!
Upvotes: 1
Related Questions
- Can`t send multiple messages to Chatbase from PHP code
- Chat communication
- An extra Sql record is being added everytime
- PHP messaging system wont display the first message
- While in Mysql Only Pulls the last result?
- Why is only the last message entered being displayed
- only displays a message in the conversation
- Unread chat messages in mysql and php
- It only displays one message rather choosing correct message to display
- Prevent AJAX chat from showing duplicate messages (Javascript, PHP, MySQL)