Today, I am going to teach you how to make a Private Message (PM) script in PHP.
Before we start, I want to tell you what you should know, and what files we will create.
Then we will continue with the codes, and descriptions. I would like if you learned something from this tutorial.
If you find any errors (Even if I spell something wrong), I would like you to post it in this thread.
What you should know:
You should know HTML. Just a bit (forms, and maybe a little design if you would like that).
You should know much about PHP and Mysql.
You should know how to create a login-script, because you will need it for this tutorial.
if you don't know how to create one, you can check a very simple login-script tutorial that I made some time ago:
How to create a login-script
Now.. Lets start with the Mysql table, or? Thanks to Vujsa I could make this one
messages.SQL
CODE
CREATE TABLE `messages` (
`message_id` int(11) NOT NULL auto_increment,
`from_user` varchar(65) character set latin1 collate latin1_general_ci NOT NULL,
`to_user` varchar(65) character set latin1 collate latin1_general_ci NOT NULL,
`message_title` varchar(65) NOT NULL,
`message_contents` longtext NOT NULL,
`message_read` int(11) NOT NULL default '0',
PRIMARY KEY (`message_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=21;
`message_id` int(11) NOT NULL auto_increment,
`from_user` varchar(65) character set latin1 collate latin1_general_ci NOT NULL,
`to_user` varchar(65) character set latin1 collate latin1_general_ci NOT NULL,
`message_title` varchar(65) NOT NULL,
`message_contents` longtext NOT NULL,
`message_read` int(11) NOT NULL default '0',
PRIMARY KEY (`message_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=21;
The things we have done here is:
We have created a table named 'messages'.
then we have created some columns:
message_id : This is the column where the ID of the message will be stored. we will need this when we will get the messages from the table.
from_user : This is the column where the name of user that sent the message will be stored.
to_user : This is the column where the name of the user that the message was sent to is stored.
message_title : This is where the title of the message will be stored.
message_contents: This is where the content of the message will be stored.
message_read : This will check if the message id read or not.
Save this in a file and call it "messages.SQL" or something.
Now after you have created the table (if you don't know how to import SQL files, you should go and learn
)You should start with the inbox file.
inbox.php
CODE
<?php
session_start();
require "database.php";
$userfinal=$_SESSION['session_name'];
// get the messages from the table.
$get_messages = mysql_query("SELECT message_id FROM messages WHERE to_user='$userfinal' ORDER BY message_id DESC") or die(mysql_error());
$get_messages2 = mysql_query("SELECT * FROM messages WHERE to_user='$userfinal' ORDER BY message_id DESC") or die(mysql_error());
$num_messages = mysql_num_rows($get_messages);
// display each message title, with a link to their content
echo '<ul>';
for($count = 1; $count <= $num_messages; $count++)
{
$row = mysql_fetch_array($get_messages2);
//if the message is not read, show "(new)" after the title, else, just show the title.
if($row['message_read'] == 0)
{
echo '<a href="read_message.php?messageid=' . $row['message_id'] . '">' . $row['message_title'] . '</a>(New)<br>';
}else{
echo '<a href="read_message.php?messageid=' . $row['message_id'] . '">' . $row['message_title'] . '</a><br>';
}}
echo '</ul>';
echo '<form name="newmsgfrm" method="post" action="new_message.php">';
echo '<input type="submit" value="Send a New Message">';
echo '</form>';
echo '<form name="backfrm" method="post" action="index.php">';
echo '<input type="submit" value="Back to Home">';
echo '</form>';
?>
session_start();
require "database.php";
$userfinal=$_SESSION['session_name'];
// get the messages from the table.
$get_messages = mysql_query("SELECT message_id FROM messages WHERE to_user='$userfinal' ORDER BY message_id DESC") or die(mysql_error());
$get_messages2 = mysql_query("SELECT * FROM messages WHERE to_user='$userfinal' ORDER BY message_id DESC") or die(mysql_error());
$num_messages = mysql_num_rows($get_messages);
// display each message title, with a link to their content
echo '<ul>';
for($count = 1; $count <= $num_messages; $count++)
{
$row = mysql_fetch_array($get_messages2);
//if the message is not read, show "(new)" after the title, else, just show the title.
if($row['message_read'] == 0)
{
echo '<a href="read_message.php?messageid=' . $row['message_id'] . '">' . $row['message_title'] . '</a>(New)<br>';
}else{
echo '<a href="read_message.php?messageid=' . $row['message_id'] . '">' . $row['message_title'] . '</a><br>';
}}
echo '</ul>';
echo '<form name="newmsgfrm" method="post" action="new_message.php">';
echo '<input type="submit" value="Send a New Message">';
echo '</form>';
echo '<form name="backfrm" method="post" action="index.php">';
echo '<input type="submit" value="Back to Home">';
echo '</form>';
?>
simple isn't it?
The first things we do are very simple.
We start the session.
We require the database.php file (the database.php is the file where the mysql connections and stuff is stored. you should know how to created such a file. if you don't know, i'll create one in the end of this tutorial, only for you
)then we create a variable for the set session, to make it easier to write.
Then we create some variables.
the $get_messages is the variable where the message id is stored.
the $get_messages2 is the variable where all the messageinfo is stored.
Then we create a simple for-loop that will show all the messages that is sent to the user that is logged in(check w3schools or google or whatever, if you don't know what that is.).
the first thing we do here is:
Check if the message is read.
If it isn't, the loop will add "(new)" after the message title. else, it will just show the message title.
The last thing we do is:
Add 2 buttons. One to send a new message, and one to go back to the home-page.
Now lets begin with the new message file.
new_message.php
CODE
<?php
session_start();
require "database.php";
$userfinal=$_SESSION['session_name'];
$user=$userfinal;
?>
<form name="message" action="messageck.php"
method="post">
<input type="text" name="message_title"> Title: <br>
<input type="text" name="message_to"> To: <br>
Message: <br>
<textarea rows="20" cols="50" name="message_content">
</textarea>
<?php
echo '<input type="hidden" name="message_from" value="'.$user.'"><br>';
?>
<input type="submit" value="Submit">
</form>
session_start();
require "database.php";
$userfinal=$_SESSION['session_name'];
$user=$userfinal;
?>
<form name="message" action="messageck.php"
method="post">
<input type="text" name="message_title"> Title: <br>
<input type="text" name="message_to"> To: <br>
Message: <br>
<textarea rows="20" cols="50" name="message_content">
</textarea>
<?php
echo '<input type="hidden" name="message_from" value="'.$user.'"><br>';
?>
<input type="submit" value="Submit">
</form>
The things we do here, are also very simple.
The first things we do is:
Start the session.
require the database.php file.
create a variable for the set session.
then we create the forms.
a textbox for the message title.
a textbox where you write to who you want to send the message.
a textbox for the message content.
and then, you see this line:
<input type="hidden" name="message_from" value="'.$user.'">
This is a hidden line, and the user will not see it.
this invisible textbox, includes the name of the user that is writing the message.
remember that we created a variable named $user that includes the session name?
the session name, includes the username. and where the "value" is "$user", the username is inserted by the code.
then we create a normal submit box, that will send the message, and we are done with this file.
Now we should create a file, that checks if the sent message is ok to send.
messageck.php
CODE
<?php
session_start();
require "database.php";
$title=$_POST['message_title'];
$to=$_POST['message_to'];
$content=$_POST['message_content'];
$from=$_POST['message_from'];
$time=$_POST['message_date'];
$ck_reciever = "SELECT username FROM user WHERE username = '".$to."'";
if( mysql_num_rows( mysql_query( $ck_reciever ) ) == 0 ){
die("The user you are trying to contact don't excist. Please go back and try again.<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($content) < 1){
die("Your can't send an empty message!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($title) < 1){
die("You must have a Title!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}else{
mysql_query("INSERT INTO messages (from_user, to_user, message_title, message_contents, message_date) VALUES ('$from','$to','$title','$content','$time')") OR die("Could not send the message: <br>".mysql_error());
echo "The Message Was Successfully Sent!";
?>
<form name="back" action="inbox.php"
method="post">
<input type="submit" value="Back to The Inbox">
</form>
<?php
}
?>
session_start();
require "database.php";
$title=$_POST['message_title'];
$to=$_POST['message_to'];
$content=$_POST['message_content'];
$from=$_POST['message_from'];
$time=$_POST['message_date'];
$ck_reciever = "SELECT username FROM user WHERE username = '".$to."'";
if( mysql_num_rows( mysql_query( $ck_reciever ) ) == 0 ){
die("The user you are trying to contact don't excist. Please go back and try again.<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($content) < 1){
die("Your can't send an empty message!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}
elseif(strlen($title) < 1){
die("You must have a Title!<br>
<form name=\"back\" action=\"new_message.php\"
method=\"post\">
<input type=\"submit\" value=\"Try Again\">
</form>
");
}else{
mysql_query("INSERT INTO messages (from_user, to_user, message_title, message_contents, message_date) VALUES ('$from','$to','$title','$content','$time')") OR die("Could not send the message: <br>".mysql_error());
echo "The Message Was Successfully Sent!";
?>
<form name="back" action="inbox.php"
method="post">
<input type="submit" value="Back to The Inbox">
</form>
<?php
}
?>
now you guys should know the first things we do (starting a session and including the database file.).
Now the second thing we do in this script is creating a variable for every single form in the last script.
We create a variable for the message title, content, "to-user" and so on.
We do also create a variable that selects the username that was set in the "to-user" form.
Then we create a if-statement that checks if the user excists. If not, the code will write an error message, and show you a back-button.
Then it will check if there is any content and title. If not, an error message will be written, and a back-button will be shown.
Else if everything worked as it should work, the message will be inserted in the database table that we created earlier.
Now we should create a file that will let the user read the message, or
?read_message.php
CODE
<?php
session_start();
$userfinal=$_SESSION['session_name'];
require "database.php";
$messageid = $_GET['message'];
$message = mysql_query("SELECT * FROM messages WHERE message_id = '$message_id' AND to_user = '$userfinal'");
$message=mysql_fetch_assoc($message);
echo "<h1>Title: ".$message['message_title']."</h1><br><br>";
echo "<h3>From: ".$message['from_user']."<br><br></h3>";
echo "<h3>Message: <br>".$message['message_contents']."<br></h3>";
echo '<form name="backfrm" method="post" action="inbox.php">';
echo '<input type="submit" value="Back to Inbox">';
echo '</form>';
?>
session_start();
$userfinal=$_SESSION['session_name'];
require "database.php";
$messageid = $_GET['message'];
$message = mysql_query("SELECT * FROM messages WHERE message_id = '$message_id' AND to_user = '$userfinal'");
$message=mysql_fetch_assoc($message);
echo "<h1>Title: ".$message['message_title']."</h1><br><br>";
echo "<h3>From: ".$message['from_user']."<br><br></h3>";
echo "<h3>Message: <br>".$message['message_contents']."<br></h3>";
echo '<form name="backfrm" method="post" action="inbox.php">';
echo '<input type="submit" value="Back to Inbox">';
echo '</form>';
?>
you know the first things we do here.
the second things I do is creating a variable that includes the value from the"<a href="read_message.php?messageid=' . $row['message_id'] . '">" in the inbox file.
then I create a variable that will include all the info about the message with that id (and check if the post is sent to the user or not [If it isn't, the post will be empty, else, the contents will be shown]).
then I create three echos.
The first one will write the title of the message.
the second one will write the name of the user that sent the message.
the last one will write the content of the message.
then I just add a back-button. simple isn't it?
now for those of you who don't know how to make a database.php file, here it is, but I won't comment it.
database.php
CODE
<?php
mysql_connect ("localhost", "mysql_username", "mysql_password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("db_name");
?>
mysql_connect ("localhost", "mysql_username", "mysql_password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("db_name");
?>
Remember!
If you find any errors, post them here, and I will try to fix them as soon as possible.
I have tryed this PM system, and it works!
Thanks for reading! //Feelay
I've been trying to do that security thing, but an error about the letter (small and big letter) occur. I'll change that as soon as I've tryed it 
But I have found another solution.. I'll will change to this when I really know how to use it.
