PX : code

membersysteem by luard vriemert
Download this code


(C) The Prince Of Revolution 2004 

-- connect.php -- 

<?php 
@session_start(); 
include 
'functions.php'

$rDatabaseConnection        =        @mysql_connect('localhost''root'''); 

// Ja, we rammen we er een @ voor, want de foutafhandeling is goed genoeg (vind ik) 

if(!$rDatabaseConnection

    
myErrorHandler('mysql_connect()'mysql_error($rDatabaseConnection)); 


$rDatabaseSelection            =        @mysql_select_db('profiel'); 

if(!
$rDatabaseSelection

    
myErrorHandler('mysql_select_db()'mysql_error($rDatabaseConnection), FALSE); 


////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\///////////// Configuratie: \\/////\\\\\\\\\/////////\\\\\\\\\////////// 

$iMaxFileSize                                    =                100000
$sUploadDir                                        =                'avatars'
$aExtensions                                    =                array( '/jpg''/gif''/png''/bmp' ); 

//////////\\\\\\\\\\////////////////////\\\\\\\\\\\\\\\////////////////\\\\\\\\\\\\\\///////////\\\\\\\///////\\\\ 

if(!file_exists('pm/connect.php')) 

    
copy('connect.php','pm/connect.php'); 


if(!
file_exists('pm/functions.php')) 

    
copy('functions.php','pm/functions.php'); 


?> 

-- functions.php -- 

<?php 

/* 
Functies uit nieuwere PHPversies 
(C) The Prince Of Chaos 

bool file_put_contents( string file, string str, [int limit] ) 

string file_get_contents( string file ) 

string substr( string str, int startpointer, [int endpointer] ) 

array array_rand( array input, [int length]) 

bool array_key_exists( array haystack, string needle ) 
*/ 

if(!function_exists('file_put_contents')) 

    function 
file_put_contents$sFileName$sContents 
    { 
        if(!
file_exists$sFileName )) 
        {                                                                                         
//    File does not exists 
            
trigger_error'file_put_contents(): file does not exists'E_USER_WARNING);          //    Return an error 
            
return FALSE;                                                                         //    And a FALSE boolean 
        

        else 
        { 
            
$rOpenFile        =        fopen$sFileName'r+' );                                 //    Open the file 
             
            
if(func_get_arg(2) != ''
            { 
                                    
fputs$rOpenFilesubstr($sContents 1, (int) func_get_arg(2))); //    Put the contents 
            

            else 
            { 
                                    
fputs$rOpenFile$sContents ); 
            } 
                                    
fclose$rOpenFile );                                         //    Close the file 
            
return TRUE;                                                                          //    Return a TRUE boolean 
        

    } 


if(!
function_exists('file_get_contents')) 

    function 
file_get_contents$sFile 
    { 
        if(! 
is_readable$sFile ) ) 
        { 
              
trigger_error'file_get_contents(): file is not readable'E_USER_WARNING ); 
              return 
false
        } 
        else 
        { 
              if(! 
$rOpenFile fopen$sFile'r' ) ) 
              { 
                    
trigger_error'file_get_contents(): Could\'nt read file'E_USER_WARNING ); 
                    return 
false
              } 
              else 
              { 
                if(! 
$sReadContentOfFile    =    fread$rOpenFilefilesize$sFile ) ) ) 
                { 
                    
trigger_error'file_get_contents(): Could\'nt read file'E_USER_WARNING ); 
                } 
                else 
                { 
                    return 
$sReadContentOfFile
                } 
                
fclose$rOpenFile ); 
             }     
         }                 
     } 
}                 


if(!
function_exists('substr')) 

    function 
substr$sString$iStartpoint 
    { 
        
$sString            =        (string)    $sString
         
        if(
func_get_arg(2) == ''
        { 
            return 
$sString{( intval$iStartpoint ) )}; 
        } 
         
        for(
$i = ( intval$iStartpoint ) ); $i <= (intvalfunc_get_arg) ) ); $i++) 
        { 
            return 
$sString $i }; 
        } 
    } 


if(!
function_exists('array_rand')) 

    function 
array_rand$aArray 
    { 
        if(!
is_array$aArray )) 
        { 
            
trigger_error'array_rand(): Supplied argument must be an array'E_USER_WARNING ); 
            return 
false
        } 
        else 
        { 
         
            if(
func_get_arg(1) != ''
            { 
                for(
$i 0$i <= (int) func_get_arg(1); $i ++) 
                { 
                    
$aReturn[$i] = $aArray[rand0count$aArray ) )]; 
                } 
            } 
            else 
            { 
                
$aReturn[0] = $aArray[rand0count$aArray ) )]; 
            } 
        } 
    } 


if(!
function_exists('array_key_exists')) 

    function 
array_key_exists$aHaystack$sNeedle 
    { 
        if(!
is_array$aHaystack )) 
        { 
            
trigger_error'array_key_exists(): first argument must be an array'E_USER_WARNING ); 
            return 
false
        } 
        else 
        { 
            return isset( 
$aHaystack[$sNeedle] ); 
        } 
    } 


////////////////////////////////////////////// 

if(!function_exists('myErrorHandler')) 

    function 
myErrorHandler($sFunction$sOorzaak$bPrint TRUE$sFile __FILE__
    { 
        
file_put_contents('errors.php','Er is een fout met '.$sFunction.' in '.$sFile.' en de oorzaak is: '.$sOorzaak); 
     
        if(
$bPrint
        { 
            echo 
'Er is een fout met onze database<br>'
        } 
    } 


if(!
function_exists('myAddSlashes')) 

    function 
myAddSlashes($sString
    { 
        return (
get_magic_quotes_gpc()) ? $sString addslashes($sString); 
    } 

?>  

-- home.php -- 

<h3>Welkom op deze website!</h3> 
Op deze website kan je gratis je eigen profiel aanmaken.<br> 

-- index.php -- 
<?php 

error_reporting
(E_ALL); 
include 
'connect.php'

if(!isset(
$_GET['page']))  

    
$_GET['page']        =        'home'


if(
$_GET['page']    ==         'index'

    
$_GET['page']        =        'home'


if(!
file_exists($_GET['page'].'.php')) 

    
$_GET['page']        =        '404'


?> 

<html> 
<head> 
    <title>Profielen systeem</title> 
    <link href='style.css' rel='stylesheet' type='text/css'> 
    <LINK REL='SHORTCUT ICON' HREF='favicon.ico'> 
</head> 
<body> 
<table border='0'> 
<tr><td></td><td></td><td><a href='?pagina=home' title='Ga naar de index'><img src='header.jpg' border='0'></a></td></tr> 
<tr><td><?php include 'menu.php' ?></td><td></td><td class='window'><?php include $_GET['page'].'.php' ?></td></tr> 
</table> 
</body> 
</html> 

-- menu.php -- 

<div id='box' class='window_title'>Menu</div> 
<?php 

if(!isset( $_SESSION['gebruiker'] )) 

     
?> 

    <ul class='window'> 
    <li><a href='?page=home'>Home</a> 
    <li><a href='?page=login'>Inloggen</a> 
    <li><a href='?page=aanmelden'>Aanmelden</a> 
    <li><a href='?page=members'>Members</a> 
    </ul> 
     
<?php 


else 

    
$sMySQLQuery        =        "SELECT profiel_id, profiel_name FROM profiel 
                                WHERE profiel_name = '"
.$_SESSION['gebruiker']."'"
                                 
    
$rMySQLQuery        =        @mysql_query$sMySQLQuery$rDatabaseConnection ); 
     
    if(!
$rMySQLQuery
    { 
        
myErrorHandler('mysql_query()'mysql_error($rDatabaseConnection)); 
    } 
    else 
    { 
        
$aFetch                =        @mysql_fetch_assoc$rMySQLQuery ); 
?> 

        <ul class='window'> 
        <li><a href='?page=home'>Home</a> 
        <li><a href='?page=bekijk&id=<?php echo $aFetch['profiel_id'?>'>Bekijk profiel</a> 
        <li><a href='?page=bewerk&id=<?php echo $aFetch['profiel_id'?>'>Bewerk profiel</a> 
<?php 
        $sMySQLQuery        
=        "SELECT pm_gelezen,pm_to FROM pm WHERE pm_to = '".$_SESSION['gebruiker']."' AND pm_gelezen = 0"
        
$rMySQLQuery        =        @mysql_query$sMySQLQuery$rDatabaseConnection ); 
         
        if(!
$rMySQLQuery
        { 
            
myErrorHandler('mysql_query()'mysql_error()); 
        } 
        else 
        { 
            if(
mysql_num_rows$rMySQLQuery ) != 0
            { 
?> 
                <li><a href='?page=pm/index&id=<?php echo $aFetch['profiel_id'?>'><strong>Prive Berichten</strong>( <?php echo mysql_num_rows$rMySQLQuery ); ?> )</a> 
<?php 
            

            else 
            { 
?> 
                <li><a href='?page=pm/index&id=<?php echo $aFetch['profiel_id'?>'>Prive Berichten</a> 
<?php 
            

        } 
?> 
         
         
        <li><a href='?page=members'>Members</a> 
        <li><a href='?page=logout'>Uitloggen</a> 
        </ul> 
     
<?php 
    



?> 

-- aanmelden.php -- 

<h3>Aanmelden</h3> 
<?php 

if( $_SERVER['REQUEST_METHOD']                    ==                'POST' 

    
$sError                                        =                ''
     
    if(
$_POST['profiel_name']                    ==                '' 
    { 
        
$sError                                    .=                '- Je naam is niet ingevuld!\n'
    } 
     
    if(
$_POST['profiel_password']                ==                '' 
    { 
        
$sError                                    .=                '- Je wachtwoord is niet ingevuld!\n'
    } 
     
    if(
$sError                                    !=                ''
    { 
?> 
        <script language='javascript'> 
        alert("Je hebt het formulier niet juist ingevuld:\n\n<?php echo $sError ?>"); 
        location = '?page=aanmelden'; 
        </script> 
<?php 
        
exit; 
    }  

    if( 
$_FILES['profiel_avatar']                !=                '' 
    { 
        if(! 
in_arraystristr$_FILES['profiel_avatar']['type'], '/' ) , $aExtensions ) ) 
        { 
            echo 
'Je avatar is niet geupload, want je hebt een verkeerde extensie voor je avatar gekozen.<br>'
        } 
        else 
        { 
            if( 
$_FILES['profiel_avatar']['size']    >                $iMaxFileSize 
            { 
                echo     
'Je avatar is niet geupload, want het maximale aantal bytes is '$iMaxFileSize .'.'
            } 
            else 
            { 
                
move_uploaded_file$_FILES['profiel_avatar']['tmp_name'], $sUploadDir.'/'.$_POST['profiel_name'].'.jpg' ); 
            } 
        } 
    } 
     
    
$sMySQLQuery                                =                "INSERT INTO profiel 
                                                                (profiel_id,profiel_name,profiel_password, 
                                                                profiel_woonplaats,profiel_email,profiel_homepage, 
                                                                profiel_handtekening) 
                                                                VALUES( 
                                                                '', 
                                                                '"
.myaddslashes($_POST['profiel_name'])."', 
                                                                '"
.myaddslashes(md5($_POST['profiel_password']))."', 
                                                                '"
.myaddslashes($_POST['profiel_woonplaats'])."', 
                                                                '"
.myaddslashes($_POST['profiel_email'])."', 
                                                                '"
.myaddslashes($_POST['profiel_homepage'])."', 
                                                                '"
.myaddslashes($_POST['profiel_handtekening'])."' 
                                                                ); 
                                                                "

     
    
$rMySQLQuery                                =                @mysql_query$sMySQLQuery$rDatabaseConnection ); 
     
    if(!
$rMySQLQuery && mysql_errno() == 1062
    { 
        echo 
'De gebruikersnaam die je hebt ingevuld is al in gebruik!'
    } 
    elseif(!
$rMySQLQuery
    { 
        
myErrorHandler'mysql_query()'mysql_error($rDatabaseConnection), TRUE ); 
    } 
    else 
    { 
        echo 
'Je bent succesvol aangemeld met de nickname \''.htmlspecialchars($_POST['profiel_name']).'\'.<br> 
                Veel geluk met je profiel!'

    } 

else 

?> 
    <form method='post' action='?page=aanmelden' enctype='multipart/form-data'> 
    <table border='0'> 
    <tr><td>Je gebruikersnaam:</td>    <td><input type='text' name='profiel_name' size='40' maxlength='50'></td></tr> 
    <tr><td>Je wachtwoord:</td>        <td><input type='password' name='profiel_password' size='40' maxlength='50'></td></tr> 
    <tr><td>Je woonplaats:</td>        <td><input type='text' name='profiel_woonplaats' size='40' maxlength='50'></td></tr> 
    <tr><td>Je email-adres:</td>    <td><input type='text' name='profiel_email' size='40' maxlength='60'></td></tr> 
    <tr><td>Je homepage:</td>        <td><input type='text' name='profiel_homepage' size='40' maxlength='60'></td></tr> 
    <tr><td>Je handtekening:</td>    <td><textarea rows='6' cols='50' name='profiel_handtekening'></textarea></td></tr> 
    <tr><td>Je avatar:</td>            <td><input type='file' name='profiel_avatar'></td></tr> 
    <tr><td><input type='submit' value='Aanmelden'></td></tr> 
    </table> 
    </form> 
<?php 

?> 

-- errors.php -- 

leeg laten 

-- login.php -- 

<h3>Inloggen</h3> 
<?php 

if(isset($_SESSION['gebruiker'])) 

    print 
'<meta http-equiv="Refresh" content="0; url=?page=home">'


if(
$_SERVER['REQUEST_METHOD']            ==                    'POST'

    
$sError                        =                            ''

    if(
$_POST['profiel_name']            ==                    ''
    { 
        
$sError                    .=                            'Gebruikersnaam is niet ingevuld\n'
    } 
     
    if(
$_POST['profiel_password']        ==                    ''
    { 
        
$sError                    .=                            'Wachtwoord is niet ingevuld\n'
    } 
     
    if(
$sError                            !=                    ''
    { 
?> 
        <script language='javascript'> 
         
        alert("Je hebt het formulier niet helemaal juist ingevuld:\n\n<?php echo $sError ?>"); 
         
        location                =                            '?page=login'; 
         
        </script> 
<?php 
        
exit; 
    } 

    
$sMySQLQuery                =                            "SELECT profiel_name,profiel_password 
                                                            FROM profiel WHERE 
                                                            profiel_name = 
                                                            '"
.myaddslashes($_POST['profiel_name'])."' 
                                                            AND 
                                                            profiel_password = 
                                                            '"
.myaddslashes(md5($_POST['profiel_password']))."' 
                                                            "

     
    
$rMySQLQuery                =                            @mysql_query$sMySQLQuery$rDatabaseConnection ); 
     
    if(! 
$rMySQLQuery 
    { 
        
myErrorHandler'mysql_query()'mysql_error($rDatabaseConnection)); 
    } 
     
    if(    @
mysql_num_rows$rMySQLQuery )        ==                0
    { 
        echo 
'Verkeerde gebruikersnaam/wachtwoord ingevuld.'
    } 
    else 
    { 
        
$_SESSION['gebruiker']        =                            myaddslashes($_POST['profiel_name']); 
     
        echo 
'Je bent succesvol ingelogd als \''.$_SESSION['gebruiker'].'\'!'
         
        echo 
'<meta http-equiv="Refresh" content="2; url=?page=home">'
    } 

else 

?> 
    <form method='post' action='?page=login' enctype='multipart/form-data'> 
    <table border='0'> 
    <tr><td>Je gebruikersnaam:</td>    <td><input type='text' name='profiel_name' size='40' maxlength='50'></td></tr> 
    <tr><td>Je wachtwoord:</td>        <td><input type='password' name='profiel_password' size='40' maxlength='50'></td></tr> 
    <tr><td><input type='submit' value='Inloggen'></td></tr> 
    </table> 
    </form> 
<?php 

?> 

-- logout.php -- 

<h3>Uitloggen</h3> 
<?php 

if(isset($_SESSION['gebruiker'])) 

    unset(
$_SESSION['gebruiker']); 
    print 
'<meta http-equiv="Refresh" content="0; url=?page=home">'

else 

    print 
'<meta http-equiv="Refresh" content="0; url=?page=login">'


?> 

-- members.php -- 

<h3>Members</h3> 
<?php 

$sMySQLQuery            
=            'SELECT profiel_name,profiel_id FROM profiel'
$rMySQLQuery            =            @mysql_query$sMySQLQuery$rDatabaseConnection ); 

if(! 
$rMySQLQuery 

    
myErrorHandler'mysql_query()'mysql_error($rDatabaseConnection)); 

else 

    print 
'<table border="0">'
     
    while(
$aFetch            =            mysql_fetch_assoc$rMySQLQuery )) 
    { 
?> 
        <tr><td><strong><a href='?page=bekijk&id=<?php echo $aFetch['profiel_id'?>'><?php echo $aFetch['profiel_name'?></a></strong></td></tr> 
    <?php 
    


    echo 
'</table>'

?> 

-- bekijk.php -- 

<h3>Bekijk profiel</h3> 
<?php 

if(!isset($_GET['id'])) 

    echo 
'Het commando \'id\' ontbreekt!'

else 

    if(!
is_numeric($_GET['id'])) 
    { 
        echo 
'Het commando \'id\' moet een nummer zijn!'
    } 
    else 
    { 
        
$sMySQLQuery            =        'SELECT * FROM profiel WHERE profiel_id = \''.$_GET['id'].'\''
        
$rMySQLQuery            =        @mysql_query$sMySQLQuery$rDatabaseConnection ); 
         
        if(! 
$rMySQLQuery 
        { 
            
myErrorHandler'mysql_query()'mysql_error($rDatabaseConnection)); 
        } 
        else 
        { 
            if( @
mysql_num_rows$rMySQLQuery )        ==        
            { 
                echo 
'Er is niemand gevonden met het id \''.$_GET['id'].'\''
            } 
            else 
            { 
                print 
'<table border="0">'
                 
                while(
$aFetch    =        mysql_fetch_assoc$rMySQLQuery )) 
                { 
?> 
                    <tr><td><img src='<?php echo $sUploadDir.'/'.$aFetch['profiel_name'].'.jpg' ?>' alt='Avatar'></td></tr> 
                    <tr><td>Je bekijkt het profiel van <?php echo htmlspecialchars(stripslashes($aFetch['profiel_name'])) ?></td></tr> 
                    <tr><td> 
<?php 
                    
if(!strstr(stripslashes($aFetch['profiel_email']),'@')) 
                    { 
                        echo 
htmlspecialchars(stripslashes($aFetch['profiel_name'])).' heeft een anoniem/geen email-adres.'
                    } 
                    else 
                    { 
                        echo     
'<a href="mailto:'.stripslashes($aFetch['profiel_email']).'">'
                                
'Stuur '.htmlspecialchars(stripslashes($aFetch['profiel_name'])). 
                                
' een e-mail</a>'
                    } 
?> 
                    </td></tr> 
                     
                     
                    <tr><td><a target='_blank' href='<?php echo (stristr($aFetch['profiel_homepage'],'http://')) ? stripslashes(htmlspecialchars($aFetch['profiel_homepage'])) : 'http://'.stripslashes(htmlspecialchars($aFetch['profiel_homepage'])); ?>/'> 
                    Ga naar <?php echo stripslashes(htmlspecialchars($aFetch['profiel_name'])) ?>'s homepage</a></td></tr> 
                     
                    <tr><td>De woonplaats van <?php echo stripslashes(htmlspecialchars($aFetch['profiel_name'])) ?> is 
                    <?php echo stripslashes(htmlspecialchars($aFetch['profiel_woonplaats'])) ?><hr></td></tr> 

                    <tr><td> 
                    <?php echo stripslashes(htmlspecialchars($aFetch['profiel_handtekening'])) ?></td></tr> 

<?php 
                

            } 
        } 
    } 

?> 

-- bewerk.php -- 

<h3>Bewerk profiel</h3> 
<?php 
error_reporting
(E_ALL); 
if(!isset(
$_SESSION['gebruiker'])) 

    print 
'<meta http-equiv="Refresh" content="0; url=?page=home">'


if(!isset(
$_GET['id'])) 

    echo 
'Het commando \'id\' ontbreekt!'

else 

    if(!
is_numeric($_GET['id'])) 
    { 
        echo 
'Het commando \'id\' moet een nummer zijn!'
    } 
    else 
    { 
        
$sMySQLQuery                            =                "SELECT * FROM profiel WHERE profiel_id = '".$_GET['id']."'"
         
        
$rMySQLQuery                            =                @mysql_query$sMySQLQuery$rDatabaseConnection ); 
         
        if(!
$rMySQLQuery
        { 
            
myErrorHandler('mysql_query()'mysql_error($rDatabaseConnection)); 
        } 
        else 
        { 
            
$aFetch                                =                mysql_fetch_assoc$rMySQLQuery ); 
             
            if(
$_SESSION['gebruiker']            !=                $aFetch['profiel_name']) 
            { 
                echo 
'Je hebt geen rechten dit profiel te bewerken.'
            } 
            else 
            { 
                if(
$_SERVER['REQUEST_METHOD']    !=                'POST'
                { 
?> 
                    <form method='post' action='?page=bewerk&id=<?php echo $_GET['id'?>' enctype='multipart/form-data'> 
                    <table border='0'> 
                    <tr><td>Profiel gebruikersnaam:</td><td><input type='text' name='profiel_name' size='40' maxlength='50' readonly value='<?php echo $aFetch['profiel_name'?>'></td></tr> 
                    <tr><td>Profiel wachtwoord:</td><td><input type='password' name='profiel_password' size='40' maxlength='50' readonly></td></tr> 
                    <tr><td>Profiel woonplaats:</td><td><input type='text' name='profiel_woonplaats' size='40' maxlength='50' value='<?php echo $aFetch['profiel_woonplaats'?>'></td></tr> 
                    <tr><td>Profiel email adres:</td><td><input type='text' name='profiel_email' size='40' maxlength='60' value='<?php echo $aFetch['profiel_email'?>'></td></tr> 
                    <tr><td>Profiel homepage:</td><td><input type='text' name='profiel_homepage' size='40' maxlength='60' value='<?php echo $aFetch['profiel_homepage'?>'></td></tr> 
                    <tr><td>Profiel handtekening:</td><td><textarea rows='6' cols='50' name='profiel_handtekening'><?php echo $aFetch['profiel_handtekening'?></textarea></td></tr> 
                    <tr><td>Profiel avatar:</td><td><input type='file' name='profiel_avatar'></td></tr> 
                    <tr><td><input type='submit' value='Bewerken!'></td></tr> 
                    </table> 
                    </form> 
<?php 
                

                else 
                { 
                    if(!empty(
$_FILES['profiel_avatar'])) 
                    { 
                        if(
file_exists($sUploadDir.'/'.$_POST['profiel_name'].'.jpg'))  
                            
unlink($sUploadDir.'/'.$_POST['profiel_name'].'.jpg'); 
                             
                        if(! 
in_arraystristr$_FILES['profiel_avatar']['type'], '/' ) , $aExtensions ) ) 
                        { 
                            echo 
'Je avatar is niet geupload/bijgewerkt (dus de oude staat er nog) , want je hebt een verkeerde extensie voor je avatar gekozen.<br>'
                        } 
                        else 
                        { 
                            if( 
$_FILES['profiel_avatar']['size']    >                $iMaxFileSize 
                            { 
                                echo     
'Je avatar is niet geupload, want het maximale aantal bytes is '$iMaxFileSize .'.'
                            } 
                            else 
                            { 
                                
move_uploaded_file$_FILES['profiel_avatar']['tmp_name'], $sUploadDir.'/'.$_POST['profiel_name'].'.jpg' ); 
                            } 
                        } 
                    } 
                     
                    
$sMySQLQuery                =                "UPDATE profiel SET 
                                                                profiel_woonplaats = '"
.myaddslashes($_POST['profiel_woonplaats'])."', 
                                                                profiel_email = '"
.myaddslashes($_POST['profiel_email'])."', 
                                                                profiel_homepage = '"
.myaddslashes($_POST['profiel_homepage'])."', 
                                                                profiel_handtekening = '"
.myaddslashes($_POST['profiel_handtekening'])."' 
                                                                WHERE profiel_id = '"
.$_GET['id']."' 
                                                                "

                                                                 
                    
$rMySQLQuery                =                @mysql_query$sMySQLQuery$rDatabaseConnection ); 
                     
                    if(!
$rMySQLQuery
                    { 
                        
myErrorHandler('mysql_query()'mysql_error($rDatabaseConnection)); 
                    } 
                    else 
                    { 
                        echo 
'Je profiel is bijgewerkt!'
                    } 
                } 
            } 
        } 
    } 

?> 

-- style.css -- 

BODY 

    background-color:            #FFFF99; 
    link:                        #0010AD; 
    vlink:                        #0010AD; 
    alink:                        #0010AD; 
    font-family:                Verdana; 
    font-size:                    15px; 
    cursor:                        url(cursors/cursor2.cur); 




    color:                        #0010AD; 
    text-decoration:            none; 


a:hover 

    color:                        maroon; 
    text-decoration:            underline; 
    cursor:                        url(cursors/cursor2.cur); 


INPUT 

    color:                        #000000; 
    background-color:            #FFFFFF; 
    font-size:                    10pt; 


.window 

    border-color:                 black; 
    border-style:                 solid; 
    border-width:                 1px; 


.window_title 

    background-color:            #FFFF66; 
    border-color:                black; 
    border-style:                solid; 
    border-width:                1px; 


-- cursors/ -- 

Maak hier een directory 'cursors' aan 
-- cursors/cursor1.cur -- 



-- cursors/cursor2.cur -- 



-- cursors/cursor3.cur -- 



-- avatars/ -- 

Maak nu hier een directory 'avatars' aan 

-- pm/ -- 

Maak nu hier een directory 'pm' aan 

-- pm/index.php --         

<h3>Bekijk berichten</h3> 
<?php 
include 'connect.php'

if(!isset(
$_SESSION['gebruiker'])) 

    echo 
'<meta http-equiv="Refresh" content="2; url=?page=home">'

else 

    if(!isset(
$_GET['id'])) 
    { 
        echo 
'Het commando \'id\' ontbreekt!'
    } 
    else 
    { 
        if(!
is_numeric($_GET['id'])) 
        { 
            echo 
'Het commando \'id\' moet een nummer zijn!'
        } 
        else 
        { 
            
$sMySQLQuery                =                "SELECT profiel_name,profiel_id 
                                                        FROM profiel WHERE profiel_id = '"
.$_GET['id']."'";     
                                                                     
            
$rMySQLQuery                =                @mysql_query$sMySQLQuery$rDatabaseConnection ); 
             
            if(!
$rMySQLQuery
            { 
                
myErrorHandler'mysql_query()'mysql_error() ); 
            } 
             
            
$aFetch                        =                mysql_fetch_assoc$rMySQLQuery ); 
             
            if(
$aFetch['profiel_name']    !=                $_SESSION['gebruiker']) 
            { 
                echo 
'Je hebt geen rechten om deze berichten te bekijken.'
            } 
            else 
            { 
                echo 
'<a href="?page=pm/new">Nieuw bericht</a><p>'
                 
                
$sMySQLQuery                =                "SELECT * FROM pm 
                                                            WHERE pm_to = '"
.$_SESSION['gebruiker']."'"
                                                             
                
$rMySQLQuery                =                mysql_query$sMySQLQuery$rDatabaseConnection ); 
                 
                if(
mysql_num_rows$rMySQLQuery ) == 0
                { 
                    echo 
'Je hebt nog geen prive berichten'
                } 
                else 
                { 
?> 
                    <table border='0'> 
                    <tr><td>Titel:</td><td>Van:</td><td>Gelezen:</td></tr> 
<?php 
                    
while($aFetch                =                mysql_fetch_assoc$rMySQLQuery )) 
                    { 
?> 
                        <tr><td><a href="?page=pm/bekijk&id=<?php echo $aFetch['pm_id'?>"> 
                        <?php echo $aFetch['pm_titel'?></td> 
                        <td><strong><?php echo $aFetch['pm_from'?></strong></td> 
                        <td><?php echo ''.($aFetch['pm_gelezen'] == 0) ? 'Nee' 'Ja' .'</td></tr>'
                    } 
                } 
            } 
        } 
    } 

?>             

-- pm/bekijk.php -- 

<h3>Bekijk bericht</h3> 
<?php 
error_reporting
(E_ALL); 
include 
'connect.php'

if(!isset(
$_SESSION['gebruiker'])) 

    echo 
'<meta http-equiv="Refresh" content="2; url=?page=home">'

else 

    if(!isset(
$_GET['id'])) 
    { 
        echo 
'Het commando \'id\' ontbreekt!'
    } 
    else 
    { 
        if(!
is_numeric($_GET['id'])) 
        { 
            echo 
'Het commando \'id\' moet een nummer zijn!'
        } 
        else 
        { 
            
$sMySQLQuery                =                "SELECT pm_to,pm_id FROM pm WHERE pm_id = '".$_GET['id']."'"
            
$rMySQLQuery                =                @mysql_query$sMySQLQuery$rDatabaseConnection );  
            
$aFetch                        =                mysql_fetch_assoc$rMySQLQuery ); 
             
            if(
$aFetch['pm_to']            !=                $_SESSION['gebruiker']) 
            { 
                echo 
'Je hebt geen rechten om dit bericht te bekijken.'
            } 
            else 
            { 
                         
                
$sMySQLQuery                =                "SELECT * FROM pm 
                                                            WHERE pm_id = '"
.$_GET['id']."'"
                                                             
                
$rMySQLQuery                =                mysql_query$sMySQLQuery$rDatabaseConnection ); 
                 
                if(
mysql_num_rows$rMySQLQuery ) == 0
                { 
                    echo 
'Dit prive bericht is niet gevonden'
                } 
                else 
                { 
?> 
<?php 
                    
while($aFetch                =                @mysql_fetch_assoc$rMySQLQuery )) 
                    { 
?> 
                        <table border='0'> 
                        <tr><td>Titel:</td><td><?php echo $aFetch['pm_titel'?></td></tr> 
                        <tr><td>Verzonden door:</td><td><?php echo $aFetch['pm_from'?></td></tr> 
                        <tr><td>Bericht:</td><td><?php echo $aFetch['pm_bericht'?></td></tr> 
                        </table> 
                        <p> 
                        <a href='?page=pm/new'>Nieuw bericht</a> 
<?php 
                        $sMySQLQuery                    
=                "UPDATE pm SET pm_gelezen = 1 WHERE pm_id = '".$_GET['id']."'"
                        
$rMySQLQuery                    =                @mysql_query$sMySQLQuery$rDatabaseConnection ); 
                 
                        if(!
$rMySQLQuery
                        { 
                            
myErrorHandler('mysql_query()'mysql_error()); 
                        } 
                    } 
                } 
            } 
        } 
    } 

?>             

-- pm/new.php -- 

<h3>Nieuw bericht</h3> 
<?php 
include 'connect.php'

if(!isset(
$_SESSION['gebruiker'])) 

    echo 
'<meta http-equiv="Refresh" content="2; url=?page=home">'

else 

    if(
$_SERVER['REQUEST_METHOD']        ==        'POST'
    { 
        
$sErrorMsg                        =        ''
         
        if(
$_POST['pm_to']                ==        ''
        { 
            
$sErrorMsg                    .=        ' -Je hebt de ontvanger niet ingevuld\n '
        } 
         
        if(
$_POST['pm_titel']            ==        ''
        { 
            
$sErrorMsg                    .=        ' -Je hebt de titel niet ingevuld\n '
        } 
         
        if(
$_POST['pm_bericht']            ==        ''
        { 
            
$sErrorMsg                    .=        ' -Je hebt het bericht niet ingevuld\n '
        } 
         
        if(
$sErrorMsg                    !=        ''
        { 
?> 
            <script language='javascript'> 
            <!-- 
                alert("Je hebt het formulier niet helemaal juist ingevuld:\n\n<?php echo $sErrorMsg ?>"); 
            //--> 
            </script> 
<?php 
        

        else 
        { 
            
$sMySQLQuery                =        "INSERT INTO pm 
                                                (pm_id,pm_from,pm_to,pm_titel,pm_bericht,pm_gelezen) 
                                                VALUES('','"
.myaddslashes($_SESSION['gebruiker'])."', 
                                                '"
.myaddslashes($_POST['pm_to'])."', 
                                                '"
.myaddslashes($_POST['pm_titel'])."', 
                                                '"
.myaddslashes($_POST['pm_bericht'])."', 
                                                '0' 
                                                ); 
                                                "

                                                 
            
$rMySQLQuery                =        @mysql_query$sMySQLQuery$rDatabaseConnection ); 
             
            if(!
$rMySQLQuery
            { 
                
myErrorHandler('mysql_query()'mysql_error()); 
            } 
            else 
            { 
                echo 
'Je prive bericht is verzonden!'
            } 
        } 
    } 
    else 
    { 
        function 
showDropDownList() 
        { 
            
$sMySQLQuery            =            'SELECT profiel_name FROM profiel'
            
$rMySQLQuery            =            @mysql_query$sMySQLQuery ); 

            if(! 
$rMySQLQuery 
            { 
                
myErrorHandler'mysql_query()'mysql_error()); 
            } 
            else 
            { 
                print 
'<select name="pm_to">'
     
                while(
$aFetch            =            mysql_fetch_assoc$rMySQLQuery )) 
                { 
                    echo 
'<option value="'.$aFetch['profiel_name'].'">'.$aFetch['profiel_name']; 
                } 
             
                print 
'</select>'
            } 
        } 
?> 
        <form method='post' action='?page=pm/new'> 
        <table border='0'>     
        <tr><td>Naar wie wil je een bericht verzenden?</td><td><?php showDropDownList(); ?></td></tr> 
        <tr><td>De titel van je bericht:</td><td><input type='text' name='pm_titel' size='40' maxlength='50'></td></tr> 
        <tr><td>Je bericht:</td><td><textarea rows='6' cols='50' name='pm_bericht'></textarea></td></tr> 
        <tr><td><input type='submit' value='Stuur prive bericht'></td></tr> 
        </table> 
        </form> 
<?php 
    


?> 

Comments or questions?
PX is running PHP 5.2.17
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.