my sessions are working fine; how ever i've added some more variables to them.
problem:
page one: i have the variables, from the mysql result set. i.e. message, to reply set those variables in sessions from the current page to be copied over to the next page.
second page: it pulls the variables in no problem, but the query on insert is erroring out. saying that its should not be a result it should be a resource.
page one code:
Expand|Select|Wrap|Line Numbers
- <?php
- if (!isset($_SESSION)) {
- session_start();
- }
- ?>
- <?php require_once('mail.php'); ?>
- <?php
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $currentPage = $_SERVER["PHP_SELF"];
- $Id = $_SESSION['Id'];
- $Name = $_SESSION['name'];
- $Group = $_SESSION['Group'];
- if (isset($_GET['MailId'])) {
- $Mail_Id = htmlspecialchars($_GET['MailId']) ;
- }
- $Mail_vId = $Mail_Id ;
- $maxRows_MailView = 1;
- $pageNum_MailView = 0;
- if (isset($_GET['pageNum_MailView'])) {
- $pageNum_MailView = $_GET['pageNum_MailView'];
- }
- $startRow_MailView = $pageNum_MailView * $maxRows_MailView;
- mysql_select_db($database_Mail, $Mail);
- $query_MailView = "SELECT FromUser as Name, Subject , Date, Id, Mail FROM mail where id='$id''";
- $query_limit_MailView = sprintf("%s LIMIT %d, %d", $query_MailView, $startRow_MailView, $maxRows_MailView);
- $MailView = mysql_query($query_limit_MailView, $Mail) or die(mysql_error());
- $row_MailView = mysql_fetch_assoc($MailView);
- $FromUser = mysql_result($MailView,0,'FromUser') ;
- $Subject = mysql_result($MailView,0,'Subject') ;
- $Mail = mysql_result($MailView,0,'Mail') ;
- $Id = mysql_result($MailView,0,'Id') ;
- $_SESSION['ToUser'] = $FromUser ;
- $_SESSION['Subject'] = $Subject ;
- $_SESSION['Mail'] = $Mail ;
- $_SESSION['Id'] = $Id ;
- if (isset($_GET['totalRows_MailView'])) {
- $totalRows_MailView = $_GET['totalRows_MailView'];
- } else {
- $all_MailView = mysql_query($query_MailView);
- $totalRows_MailView = mysql_num_rows($all_MailView);
- }
- $totalPages_MailView = ceil($totalRows_MailView/$maxRows_MailView)-1;
- $queryString_MailView = "";
- if (!empty($_SERVER['QUERY_STRING'])) {
- $params = explode("&", $_SERVER['QUERY_STRING']);
- $newParams = array();
- foreach ($params as $param) {
- if (stristr($param, "pageNum_MailView") == false &&
- stristr($param, "totalRows_MailView") == false) {
- array_push($newParams, $param);
- }
- }
- if (count($newParams) != 0) {
- $queryString_MailView = "&" . htmlentities(implode("&", $newParams));
- }
- }
- $queryString_MailView = sprintf("&totalRows_MailView=%d%s", $totalRows_MailView, $queryString_MailView);
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title> Mail View</title>
- <div id="container">
- <div id="header">
- <h1> </h1>
- <p> </p>
- <p> </p>
- <!-- end #header --></div>
- <div id="sidebar1">
- <h3> </h3>
- <!-- end #sidebar1 --></div>
- <div id="sidebar2">
- <h3> </h3>
- <!-- end #sidebar2 --></div>
- <div id="mainContent">
- <h1> </h1>
- <form name="form1" method="post" action="">
- <table border="1" align="center" cellpadding="1" cellspacing="1" bgcolor="#CCCCCC" width="100%" height="100%">
- <tr></tr>
- <caption align="center" valign="top">
- Mail View
- </caption>
- <?php do { ?>
- <tr>
- <td>From User: <?php echo $row_MailView['name']; ?></td>
- </tr>
- <tr>
- <td>Subject: <?php echo $row_MailView['title']; ?></td>
- </tr>
- <tr>
- <td>Date: <?php echo $row_MailView['Date']; ?></td>
- </tr>
- <tr>
- <td>Message: <br /> <?php echo $row_MailView['Mail']; ?></td>
- </tr>
- <?php } while ($row_MailView = mysql_fetch_assoc($MailView)); ?>
- </table>
- <table align="center">
- <tr>
- <td><a href="mail_reply.php"><input type="submit" name="reply" value="Reply" id="reply" /></a></td>
- </tr>
- </table>
- </form>
- <h2> </h2>
- </body>
- </html>
- <?php
- mysql_free_result($mail);
- ?>
Expand|Select|Wrap|Line Numbers
- <?php
- if (!isset($_SESSION)) {
- session_start();
- }
- ?>
- <?php require_once('Mail.php'); ?>
- <?php require_once('Friends.php'); ?>
- <?php
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $Id = $_SESSION['Id'];
- $Name = $_SESSION['name'];
- $Group = $_SESSION['Group'];
- $FromUser = $_SESSION['ToUser'] ;
- $Subject = $_SESSION['MM_Subject'] ;
- $Mail = $_SESSION['Mail'] ;
- $Id = $_SESSION['Id'] ;
- $editFormAction = $_SERVER['PHP_SELF'];
- if (isset($_SERVER['QUERY_STRING'])) {
- $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
- }
- if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
- // insert into mail table
- $insertSQL1 = sprintf("INSERT INTO mail (Id, SubjectId, ToUser, FromUser, `Date`) VALUES (null, last_insert_id(), '$ToUser', '$Id', now())")
- mysql_select_db($database_Mail, $Mail);
- $Result = mysql_query($insertSQL1, $Mail) or die(mysql_error());
- $insertGoTo = "mail.php";
- if (isset($_SERVER['QUERY_STRING'])) {
- $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
- $insertGoTo .= $_SERVER['QUERY_STRING'];
- }
- header(sprintf("Location: %s", $insertGoTo));
- }
- mysql_select_db($database_Friends, $Friends);
- $query_Friends = "SELECT Name FROM Friends WHERE id='$FromUser' ";
- $Friends = mysql_query($query_Friends, $Friends) or die(mysql_error());
- $row_Friends = mysql_fetch_assoc($Friends);
- $totalRows_Friends = mysql_num_rows($Friends);
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Messages - New</title>
- <style type="text/css">
- </head>
- <div id="container">
- <div id="header">
- <h1> </h1>
- <p> </p>
- <p> </p>
- <!-- end #header --></div>
- <div id="sidebar1">
- <h3> </h3>
- <!-- end #sidebar1 --></div>
- <div id="sidebar2">
- <h3> </h3>
- <!-- end #sidebar2 --></div>
- <div id="mainContent">
- <h1> </h1>
- <h2> </h2>
- <form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
- <table align="center" height="100" width="100">
- <tr valign="baseline">
- <td nowrap="nowrap" align="right">To:</td>
- <td><select id="ToUser" name="ToUser">
- <?php
- do {
- ?>
- <option value="<?php echo $row_Friends['Id']?>"<?php if (!(strcmp($row_Friends['Name'], $FromUser=$_SESSION['ToUser']))) {echo "selected=\"selected\"";} ?>><?php echo $row_Friends['Name']?></option>
- <?php
- } while ($row_Friends = mysql_fetch_assoc($Friends));
- $rows = mysql_num_rows($Friends);
- if($rows > 0) {
- mysql_data_seek($Friends, 0);
- $row_Friends = mysql_fetch_assoc($Friends);
- }
- ?>
- </select></td>
- </tr>
- <tr valign="baseline">
- <td nowrap="nowrap" align="right">Subject:</td>
- <td><input type="text" name="Subject" value="Re: <?php echo $Subject ; ?> " id="Subject" size="32" /></td>
- </tr>
- <tr valign="baseline">
- <td nowrap="nowrap" align="center" valign="top">Mail:</td>
- <td><textarea name="Mail" cols="80" rows="30" id="Mail"> <?php echo "\n\n\n\n\n***********************************************************************************************************\n\n"; echo $Mail ; ?> </textarea></td>
- </tr>
- <tr valign="baseline">
- <td nowrap="nowrap" align="right"> </td>
- <td><input type="submit" value="Send" name="Send" /></td>
- </tr>
- </table>
- <input type="hidden" name="MM_insert" value="form1" />
- </form>
- <p> </p>
- <p> </p>
- <!-- end #mainContent --></div>
- </html>
- <?php
- mysql_free_result($Friends);
- ?>
theo werntz ii