- htmlentities: documentation ( source)
- session_start: documentation ( source)
<?php
session_start();
//db
include_once('db.php');
include_once 'time_stamp.php';
include_once 'tolink.php';
$user_email = $_SESSION['email'];
//get id by matching email address
$q4id = mysql_query("SELECT id FROM tbluser WHERE email = '$user_email'");
$row_id = mysql_fetch_assoc($q4id);
$user_id = $row_id['id']; // id of the user
//limit of group posts
$i_limit='15'; //number of posts to show on a page
if($_GET['next']){
$limit = $i_limit*$_GET['next'];
$_i = ($_GET['next']-1)*$i_limit;
} else {
$limit=$i_limit;
$_i='0';
}
if($_GET['msg']){ echo "<span style='border-radius:5px;display:block;border:2px solid red;text-align:center;background:#cfc'> ".htmlentities($_GET['msg'])." </span>"; }
if($_GET['id']){
echo "<link rel='stylesheet' type='text/css' href='groups.css' />";
$gid=$_GET['id'];
$qcheck = mysql_query("SELECT * FROM groups WHERE id = '$gid'") or die("Error! Cheating the system is not tolerated here!");
$qgroupname = mysql_query("SELECT * FROM groups WHERE id = '$gid' AND active = '1'");
$ex = mysql_num_rows($qgroupname);
if($ex==0){ echo "No such group exists!<br/>You may have clicked a wrong link or the group may have been deleted or suspended."; } else {
$row_gname = mysql_fetch_array($qgroupname);
//following are the variables to display group name and/or description. place them where u want
$gdescription = $row_gname['description'];
$gname = $row_gname['name'];
$qgroups = mysql_query("SELECT * FROM groupmembers WHERE member = '$user_id' AND id = '$gid' AND flag = '1'");
$countgroups = mysql_num_rows($qgroups);
if($countgroups == 0){
//user is not a member of group or is banned
//place $msg to show the following msg, u may edit it.
$msg="You are not a member of this group. Join this group";
//following is the link variable. u can appy css to it by editing it!
$jl='<a href="join.php?id='.$gid.'">Join</a>';
} elseif($countgroups == 1){
//user is a member
$query4admin = mysql_query("SELECT * FROM groups WHERE id = '$gid' AND admin = '$user_id'");
$admin = mysql_num_rows($query4admin);
if($admin == 1){
//user is admin so it will display admin link, msg etc. u can edit!
$msg="You are admin of this group";
$jl='<a href="admin.php?id='.$gid.'">Admin</a>';
} elseif($admin == 0){
//you can also customize these variables!
$msg="You are a member of this group.";
$jl='<a href="leave.php?id='.$gid.'">Leave</a>';
}
?>
<div style="text-align:left;background-color:#FFFFFF;padding:10px;width:550px;">
<div id="updateboxarea" style="margin-bottom:20px;">
<h4>Share something</h4>
<form method="post" action="post.php?id=<?=$gid?>" >
<textarea cols="30" rows="4" name="message" id="update" maxlength="200" ></textarea>
<br />
<input type="submit" value="Post" class="update_button"/>
</form>
</div>
<?php
$queryposts = mysql_query("SELECT * FROM groupmessages WHERE gid = '$gid' AND type = 'text' LIMIT $_i, $limit ") or die(mysql_error());
$posts = mysql_num_rows($queryposts);
while($post = mysql_fetch_array($queryposts)){
$uid=$post['author'];
$quser = mysql_query("SELECT * FROM tbluser WHERE id = '$uid'");
$row_user = mysql_fetch_assoc($quser);
$user_name = $row_user['fname']." ".$row_user['lname'];
$user_photo = $row_user['photo'];
$user_photo="http://nitofa.com/user_pics/users/$user_photo";
$msg_id=$post['msg_id'];
$message=$post['message'];
$message=tolink(htmlentities($message));
$time=$post['created'];
$q4 = mysql_query("SELECT * FROM groups WHERE id = '$gid' AND admin = '$user_id'");
$info = mysql_fetch_array($q4);
$admin = mysql_num_rows($q4);
if($admin == 1){ //if user is admin, than we will also show delete link!
$del = '<a class="stdelete" href="delete.php?id='.$msg_id.'" id="'.$msg_id.'" title="Delete post">X</a>';
} elseif($uid==$user_id){ //if the post is by the user than delete link is shown also!
$del = '<a class="stdelete" href="delete.php?id='.$msg_id.'" id="'.$msg_id.'" title="Delete post">X</a>';
}
?>
<div class="stbody" id="stbody<?php echo $msg_id;?>">
<div class="stimg">
<img src="<?php echo $user_photo;?>" class='big_face'/>
</div>
<div class="sttext">
<?php if($del) { echo $del; } ?>
<b><a href="<?php echo 'http://nitofa.com/browse-user.php?fid='.$uid;?>"><?php echo $user_name;?></a></b> <br/><?php echo $message;?>
<div class="sttime"><?php time_stamp($time);?><!-- | <a href='#commentbox<?php echo $msg_id;?>' class='commentopen' id='<?php echo $msg_id;?>' title='Comment'>Comment </a> --></div>
<div id="stexpandbox">
<div id="stexpand<?php echo $msg_id;?>"></div>
</div>
<div class="commentcontainer" id="commentload<?php echo $msg_id;?>">
<?php include('comments.php'); ?>
</div>
<div class="commentupdate" style='display:none;' id='commentbox<?php echo $msg_id;?>'>
<div class="stcommentimg">
<img src="<?php echo $user_photo;?>" class='small_face'/>
</div>
<div class="stcommenttext" >
<form method="post" action="comment.php">
<textarea name="comment" class="comment" maxlength="200" id="ctextarea<?php echo $msg_id;?>"></textarea>
<br />
<input type="submit" value=" Comment " id="<?php echo $msg_id;?>" class="comment_button"/>
</form>
</div>
</div>
<!--close sttext-->
</div>
<!--close stbody-->
</div>
<?php
}
if(!$posts < $i_limit){
if(!$_GET['next']){ $page = '2'; } else { $page = $_GET['next']+1; }
echo '<a style="text-align:center;margin:0 auto;" href="?id='.$gid.'&next='.$page.'">View More</a>';
}
echo "</div>";
}
}
} else {
//user joined groups
$qgroups = mysql_query("SELECT * FROM groupmembers WHERE member = '$id'");
$countgroups = mysql_num_rows($qgroups);
if ($countgroups == 0) { //u can make the following a variable by changing echo with $variablename= and place where u want
echo "You have not joined any group yet.";
} else {
echo "<h2 id=\"groups\">Groups you have joined:</h2>";
while($groups = mysql_fetch_array($qgroups)){
$gid=$groups['id'];
$qgroupname = mysql_query("SELECT name FROM groups WHERE id = '$gid' AND active = '1'");
$cq = mysql_num_rows($qgroupname);
if($cq==0){ //group is deleted one so continue
continue;
} else {
$row_gname = mysql_fetch_assoc($qgroupname);
$gname = $row_gname['name'];
echo "<a href='?id=".$gid."'>".$gname."</a><br/>";
}
}
echo "<hr/>";
// user created groups
$qmygroups = mysql_query("SELECT * FROM groups WHERE admin = '$user_id' AND active = '1'");
$countmygroups = mysql_num_rows($qmygroups);
echo "<h2 id=\"mygroups\">Your Groups:</h2>";
if($countmygroups==0){
echo "You have not created any group yet!";
} else {
while($mygroups = mysql_fetch_array($qmygroups)){
$gid=$mygroups['id'];
$mygname=$mygroups['name'];
echo "<a href='?id=".$gid."'>".$mygname."</a> - <a style='text-decoration:none;border-bottom:1px solid grey;font-size:small;' href='admin.php?id=".$gid."'>Admin</a><br/>";
}
}
}
}
?>