contactuser1.php

通达OA部分源代码

<?
include_once("logincheck.php");
include_once("myconnect.php");
include_once "check_msg_function.php";

function main()
{
if (!isset($_SESSION["sbbleads_userid"]) )
{
?> 
<table width="530" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td>&nbsp;</td>
  </tr>
</table>
<strong><font color="#FF0000" size="2" face="Arial, Helvetica, sans-serif">You 
must be logged in to send a message to the user. Click <a href="index.php" >here</a> 
to login.</font></strong> 
<?
}
else
{
$errcnt=0;
$showform="";
$cannot_post="";

$subject="";
$message="";
$tid=$_REQUEST["tid"];

if ( count($_POST)<>0 )
{
$subject=$_REQUEST["subject"];
$message=$_REQUEST["message"];

if ( !isset( $_REQUEST["subject"] ) || $_REQUEST["subject"]=="" )
{
	$errs[$errcnt]="Subject must be provided";
    $errcnt++;
}

if ( !isset( $_REQUEST["message"] ) || $_REQUEST["message"]=="" )
{
	$errs[$errcnt]="Message must be provided";
    $errcnt++;
}

	if ( isset( $_REQUEST["message"] ) && strlen($_REQUEST["message"])>1000 )
	{
		$errs[$errcnt]="Message must be less than 1000 characters long";
		$errcnt++;
	}
}  //If form was submitted


$sbquery="Select * from sbbleads_members  where sb_id=$tid";
echo $sbquery;
$rs0_query=mysql_query($sbquery);

$rs0=mysql_fetch_array($rs0_query);

$rs1=mysql_query("Select * from sbbleads_blocked  where sb_uid =$tid and sb_blocked_id=" . $_SESSION["sbbleads_userid"] );
	   if ($rs1=mysql_fetch_array($rs1))
	   {
		$cannot_post="Yes";
		$msg1="Sorry, You cannot post a message for <font color=red>" .  $rs0["username"] . "</font> because <font color=red>" .   $rs0["username"]  . "</font> has put you on Block List"	;
	   }
	   
if ($cannot_post=="Yes" )
{
?>
<table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr> 
    <td><div align="center"><strong><font size="2" face="Arial, Helvetica, sans-serif" color="#666666"><?php echo $msg1;?></font></strong></div></td>
  </tr>
</table>
<?
}
else
{
?>

<?
if  (count($_POST)<>0)
{
if ( $errcnt==0 )
{
if(!get_magic_quotes_gpc())
{
	$sb_fid=str_replace('$','\$',addslashes($_REQUEST["fid"]));
	$sb_tid=str_replace('$','\$',addslashes($_REQUEST["tid"]));
	$sb_message=str_replace('$','\$',addslashes($_REQUEST["message"]));
	$sb_subject=str_replace('$','\$',addslashes($_REQUEST["subject"]));
}
else
{
	$sb_fid=str_replace('$','\$',$_REQUEST["fid"]);
	$sb_tid=str_replace('$','\$',$_REQUEST["tid"]);
	$sb_message=str_replace('$','\$',$_REQUEST["message"]);
	$sb_subject=str_replace('$','\$',$_REQUEST["subject"]);
}

	$sb_message=check_msg($sb_message,1);
	$sb_subject=check_msg($sb_subject,1);

$insert_str="Insert into `sbbleads_messages` ( sb_fid , sb_tid , sb_message , sb_subject , sb_msg_read,sb_f_del,sb_t_del,  sb_onstamp ) VALUES ( $sb_fid, $sb_tid, '$sb_message', '$sb_subject', 'No', 'No', 'No', ". date("YmdHis",time()).")";
//die($insert_str);
mysql_query($insert_str);


//	$sql="Update b2b_stats set messages=messages+1"  ;
//	mysql_query($sql);


///////////////////////////////////////////////////////////////////////
///////////////////////////// SEND EMAIL //////////////////////////////
$sql = "SELECT * FROM sbbleads_members WHERE sb_id = $tid" ;
$rs_query=mysql_query($sql);
/*$rs=mysql_fetch_array($rs_query) ;

$link="";
$sql = "SELECT * FROM sbbleads_mails where id=5" ;
$rs_query1=mysql_query($sql);

if ( $rs1=mysql_fetch_array($rs_query1)  )
  {
			 $from =$rs1["fromid"];

			 $to = $rs["email"];

			 $subject =$rs1["subject"];

		     $header="From:" . $from . "\r\n" ."Reply-To:". $from  ;

		 	 $body=str_replace("<link>", $link,str_replace("<email>", $rs["email"],str_replace("<password>",  $rs["password"],str_replace("<lname>", $rs["lastname"],str_replace("<fname>", $rs["firstname"],str_replace("<username>", $rs["username"], $rs1["mail"]) ))))); 
			 mail($to,$subject,$body,$header);


}

//////////////////////////////// CONFIRMATION SENT//////////////////////////////////
*/
?>
          <br>
          <br><strong><font color="#FF0000" size="2" face="Arial, Helvetica, sans-serif">Your 
message has been posted.

 Click <a href="view_offer.php?id=<?php echo $_REQUEST["id"]; ?>">here</a> 
to go back to the catalog. 

</font></strong>
<?

$showform="No";
}
else
{
?></p>
<table width="558" border="0" align="center" cellpadding="0" cellspacing="0">
          <tr> 
            <td colspan="2">&nbsp;</td>
          </tr>
          <tr> 
            
          <td colspan="2"><font color="#FF0000" size="2" face="Arial, Helvetica, sans-serif"><strong>Your message cannot be posted due to the following reasons</strong></font></td>
          </tr>
          <?

for ($i=0;$i<$errcnt;$i++)
{
?>
          <tr> 
            <td width="6%"><strong><font color="#FF0000"><?php echo $i+1; ?></font></strong></td>
            <td width="94%"><font color="#FF0000" size="2" face="Arial, Helvetica, sans-serif"><?php echo  $errs[$i]; ?> 
              </font></td>
          </tr>
          <?
}//end for
?>
        </table>
        
      <?

}

}

if ($showform<>"No")
{
?>
<table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr> 
    <td><div align="center"><font size="2" face="Arial, Helvetica, sans-serif">To 
        send your message please fill in the following Form<br>
        <strong><font color="#FF0000">*</font></strong> means required</font></div></td>
  </tr>
</table>
<table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr> 
    <td><br> <font size="2" face="Arial, Helvetica, sans-serif">Your message will 
      be sent to: <font color="#FF0000"><strong><?php echo $rs0["sb_username"] ?></strong></font></font></td>
  </tr>
  <tr> 
    <td><div align="center"><br>
        <br>
      </div></td>
  </tr>
</table>
<form name="form1" method="post" action="contactuser.php">
  <table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr> 
      <td valign="top"><font size="2" face="Arial, Helvetica, sans-serif"><font color="#FF0000"><strong>*</strong></font> 
        Subject:</font></td>
      <td valign="top">&nbsp;</td>
      <td valign="top"><font size="2" face="Arial, Helvetica, sans-serif"> 
        <input name="subject" type="text" size="65" <?
		if (isset($_REQUEST["subject"]) && $_REQUEST["subject"]!="")
		{
		echo "value='" . urldecode($_REQUEST["subject"]) . "'";
		}
		?>>
        </font></td>
    </tr>
    <tr> 
      <td valign="top">&nbsp;</td>
      <td valign="top">&nbsp;</td>
      <td  valign="top"><input name="fid" type="hidden" value="<?php echo $_SESSION["sbbleads_userid"] ?>">
        <input name="tid" type="hidden" value="<?php echo $tid; ?>">
        <strong><font color="#FF0000" size="2" face="Arial, Helvetica, sans-serif"> 
        <input name="sb_type" type="hidden" id="sb_type" value="<?php echo $sb_type; ?>">
        </font></strong></td>
    </tr>
    <tr> 
      <td width="129" valign="top"><font size="2" face="Arial, Helvetica, sans-serif"><font color="#FF0000"><strong>*</strong></font> 
        Your message: </font> </td>
      <td width="18" valign="top">&nbsp;</td>
      <td  valign="top"> <div align="left"><font size="2" face="Arial, Helvetica, sans-serif"> 
          </font> 
          <textarea name="message" cols="60" rows="10"></textarea>
        </div></td>
    </tr>
  </table>
  <table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr> 
      <td>&nbsp;</td>
    </tr>
  </table>
  <table width="609" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr> 
      <td><div align="center"> 
          <input type="submit" name="Submit" value="Post Message">
        </div></td>
    </tr>
  </table>
</form>
<?
}
?>
<p>&nbsp;</p>
<p align="center">&nbsp;</p>
        <?
		
		}
		}//End session check
 }
include_once("template.php");
 
  ?>