Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)

Reply
 
Thread Tools Display Modes
  #1  
Old 02-18-2005, 05:21 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Need some help auto-PMing a user

I had this posted in another thread, but it was off topic from the original post...

All I need to know is what exactly is going on in these SQL queries belowso that I can pass the right stuff to the variables to get the PM to go through.

Thanks for any help.

Quote:
Originally Posted by flypaper
And I was talking in the Ucash/Ushop forum yesterday and someone mentioned PMing a member after they were 'theifed'. I liked the idea and tried to poke around and see if there was a function to send PMs like creating threads, but couldn't find one.
Hmmm. Looks like there isn't a function to do it, but these DB queries do:

PHP Code:
$DB_site->query("INSERT INTO " TABLE_PREFIX "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t($bbuserinfo[userid], '" addslashes($bbuserinfo['username']) . "', '$title', '$message', '" addslashes(serialize($tostring)) . "', $iconid, " TIMENOW ", $signature$disablesmilies)"); 
PHP Code:
$DB_site->query("INSERT INTO " TABLE_PREFIX "pm (pmtextid, userid, folderid, messageread) VALUES ($pmtextid$bbuserinfo[userid], -1, 1)"); 
PHP Code:
$DB_site->shutdown_query("UPDATE " TABLE_PREFIX "user SET pmtotal=pmtotal+1 WHERE userid=$bbuserinfo[userid]"); 
Can anyone explain how I pass whatever is needed in these queries and/or what the queries are exactly doing?
Reply With Quote
  #2  
Old 02-21-2005, 12:43 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

bump? anyone?
Reply With Quote
  #3  
Old 02-21-2005, 02:24 PM
Colin F's Avatar
Colin F Colin F is offline
 
Join Date: Jul 2004
Location: Switzerland
Posts: 1,551
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

well the queries are pretty much self explanatory. The first one ads the PM to the database. The text, sender, reciever, title, icon, whatever is saved here.
The middle one enters a database row with a little less data. This is probably used when displaying the pm folders overview, as the database query gets a lot less intensive.
The last one ads a pm to the users pm count.
Reply With Quote
  #4  
Old 02-21-2005, 02:50 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Could someone fill in the values for me for a fake PM? I guess the part I really don't understand is the addslashes and serialze stuff in the first query. Yeah I suck at PHP.

LOL
Reply With Quote
  #5  
Old 02-21-2005, 04:05 PM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

addslashes()
Should be used around all character data when inserting into the datebase to avoid exploits.

serialize
Used to store and array (or any other var) into a single field keeping the type an attribures. This means that you can later unserialize this single field again into the origianl var.
Reply With Quote
  #6  
Old 02-22-2005, 02:47 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

$DB_site->query("INSERT INTO " . TABLE_PREFIX . "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t(1, '" . addslashes(fly) . "', 'test', 'this is a test', '" . addslashes(serialize(1)) . "', 0, " . TIMENOW . ", 0, 1)");

So would that be a valid query for the first one?

edit: I guess not.
Quote:
Fatal error: Call to a member function on a non-object in /home/prozac/public_html/useless/test2.php on line 12
I suck at this.
Reply With Quote
  #7  
Old 02-22-2005, 02:50 PM
Deaths Deaths is offline
 
Join Date: Oct 2004
Location: Europe, Belgium
Posts: 679
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I believe it would, yes.
Reply With Quote
  #8  
Old 02-22-2005, 03:08 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by flypaper
$DB_site->query("INSERT INTO " . TABLE_PREFIX . "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t(1, '" . addslashes(fly) . "', 'test', 'this is a test', '" . addslashes(serialize(1)) . "', 0, " . TIMENOW . ", 0, 1)");

So would that be a valid query for the first one?

edit: I guess not.


I suck at this.
Oops. I forgot I needed all the REQUIRE stuff at the top. HAHAHAHAHA

Now I don't get an error, but cant see the message inserted. =(
Reply With Quote
  #9  
Old 02-22-2005, 03:17 PM
UK Jimbo's Avatar
UK Jimbo UK Jimbo is offline
 
Join Date: Sep 2002
Posts: 249
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

'fraid I don't think that's right. There's a load of logic missing.

The below code is untested but I think shoudl work. There's nothing in the way of email notification or read receipts in there.

James

PHP Code:

$from_userid
=1;
$from_username='adam';

$to_userid=2;
$to_username='eve';

$title 'This is the subject';
$message 'This is the message body';
$iconid 0;
$signature=1// 1 to show sig, 0 to hide it
$disablesmilies=1// 1 to hide smilies, 0 to show them


// shouldn't need to edit below here


// build touserarray
$tostring=array($to_userid => $to_username);

// store the message
$DB_site->query("INSERT INTO " TABLE_PREFIX "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t($from_userid, '" mysql_escape_string($from_username) . "', '"mysql_escape_string($title) ."', '"mysql_escape_string($message) ."', '" addslashes(mysql_escape_string($tostring)) . "', $iconid, " TIMENOW ", $signature$disablesmilies)"); 

// get the inserted private message id
$pmtextid $DB_site->insert_id();

// save in outbox
$DB_site->query("INSERT INTO " TABLE_PREFIX "pm (pmtextid, userid, folderid, messageread) VALUES ($pmtextid$from_id, -1, 1)"); 

// send in receiving user's inbox
$DB_site->query("INSERT INTO " TABLE_PREFIX "pm (pmtextid, userid) VALUES ($pmtextid$to_userid)");

// add to PM sending user's total
$DB_site->shutdown_query("UPDATE " TABLE_PREFIX "user SET pmtotal=pmtotal+1 WHERE userid=$from_userid"); 
// add to PM receiving user's total
$DB_site->shutdown_query("UPDATE " TABLE_PREFIX "user SET pmtotal=pmtotal+1 WHERE userid=$to_userid"); 
Reply With Quote
  #10  
Old 02-22-2005, 05:32 PM
fly fly is offline
 
Join Date: Oct 2003
Posts: 1,215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Sweet! That was it. Initally I hadn't listed the other queries because I wanted to get the first one right. I really need to figure out how arrays work. LOL

Here was my final code. The only thing you missed was adding to the recipients unread totals, and I wanted a pmpopup...

PHP Code:
$from_userid=1;
$from_username='fly';

$to_userid=1;
$to_username='fly';

$title 'This is the subject1';
$message 'This is the message body1';
$iconid 0;
$signature=1// 1 to show sig, 0 to hide it
$disablesmilies=1// 1 to hide smilies, 0 to show them


// shouldn't need to edit below here


// build touserarray
$tostring=array($to_userid => $to_username);

// store the message
$DB_site->query("INSERT INTO " TABLE_PREFIX "pmtext\n\t(fromuserid, fromusername, title, message, touserarray, iconid, dateline, showsignature, allowsmilie)\nVALUES\n\t($from_userid, '" mysql_escape_string($from_username) . "', '"mysql_escape_string($title) ."', '"mysql_escape_string($message) ."', '" addslashes(mysql_escape_string($tostring)) . "', $iconid, " TIMENOW ", $signature$disablesmilies)");

// get the inserted private message id
$pmtextid $DB_site->insert_id();

// save in outbox
// $DB_site->query("INSERT INTO " . TABLE_PREFIX . "pm (pmtextid, userid, folderid, messageread) VALUES ($pmtextid, $from_id, -1, 1)");

// send in receiving user's inbox
$DB_site->query("INSERT INTO " TABLE_PREFIX "pm (pmtextid, userid) VALUES ($pmtextid$to_userid)");

// update recipient pm totals (with pm-popup)
// $DB_site->shutdown_query("UPDATE " . TABLE_PREFIX . "user SET pmtotal=pmtotal+1, pmunread=pmunread+1, pmpopup=2 WHERE userid IN(" . implode(', ', $pmpopupSql) . ")");

// add to PM sending user's total
$DB_site->shutdown_query("UPDATE " TABLE_PREFIX "user SET pmtotal=pmtotal+1 WHERE userid=$from_userid");

// add to PM receiving user's total (with pm-popup)
$DB_site->shutdown_query("UPDATE " TABLE_PREFIX "user SET pmtotal=pmtotal+1, pmunread=pmunread+1, pmpopup=2 WHERE userid=$to_userid"); 
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:50 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04599 seconds
  • Memory Usage 2,295KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_php
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete