-
Notifications
You must be signed in to change notification settings - Fork 0
/
chat_confirmation.php
69 lines (69 loc) · 2.79 KB
/
chat_confirmation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
session_start();
require 'database_open.inc.php';
if(isset($_POST['E']) && !empty($_POST['E']) && isset($_POST['M']) && !empty($_POST['M']))
{
$to_email = mysql_real_escape_string($_POST['E']);
$from_email = $_SESSION['email'];
$query = "SELECT `email` FROM `users`";
$query_run = mysql_query($query);
$flag = false;
$flag2 = false;
while($query_data = mysql_fetch_assoc($query_run))
{
if($query_data['email'] == $to_email && $to_email != $from_email)
{
$table_name = $from_email." to ".$to_email;
$table_name1 = $to_email." to ".$from_email;
$query6 = "SELECT `toUser`,`fromUser` FROM `chat_name`";
$query_run6 = mysql_query($query6);
$flag = false;
while($query_data6 = mysql_fetch_assoc($query_run6))
{
if(($query_data6['toUser'] == $to_email && $query_data6['fromUser'] == $from_email) || ($query_data6['toUser'] == $from_email && $query_data6['fromUser'] == $to_email))
{
$flag = true;
break;
}
}
if($flag == false)
{
$query2 = "INSERT INTO `chat_name` (toUser,fromUser) VALUES ('".$to_email."','".$from_email."')";
$query_run2 = mysql_query($query2);
}
$query3 = "SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'".$table_name."'";
$query_run3 = mysql_query($query3);
$query_data = mysql_fetch_assoc($query_run3);
$query31 = "SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = N'".$table_name1."'";
$query_run31 = mysql_query($query31);
$query_data31 = mysql_fetch_assoc($query_run31);
if($query_data['TABLE_NAME'] == null && $query_data31['TABLE_NAME'] == null)
{
$query5 = "CREATE TABLE `".$table_name."` (Id int(20) AUTO_INCREMENT PRIMARY KEY,fromUser varchar(2000),toUser varchar(2000),message varchar(2000))";
$query_run5 = mysql_query($query5);
}
$query156 = "SELECT `First Name` FROM `users` WHERE email='$to_email'";
$query_run156 = mysql_query($query156);
$query_data156 = mysql_fetch_assoc($query_run156);
$name1 = $query_data156['First Name'];
$query15 = "SELECT `First Name` FROM `users` WHERE email='$from_email'";
$query_run15 = mysql_query($query15);
$query_data15 = mysql_fetch_assoc($query_run15);
$name2 = $query_data15['First Name'];
$msg = $_POST['M'];
$query4 = "INSERT INTO `".$table_name."` (fromUser,toUser,message) VALUES ('".$name2."','".$name1."','".htmlspecialchars($msg)."')";
$query_run4 = mysql_query($query4);
$query9 = "INSERT INTO `".$table_name1."` (fromUser,toUser,message) VALUES ('".$name2."','".$name1."','".htmlspecialchars($msg)."')";
$query_run9 = mysql_query($query9);
$_SESSION['flag'] = "sent";
$flag2 = true;
break;
}
}
if($flag2 == false)
{
$_SESSION['flag'] = "notsent";
}
header('Location:user_home_page.php');
}
?>