PDA

View Full Version : Can some make a tut on Private Message?


Tiger
09-26-2015, 06:08 PM
Hey all, I've made my own private message inbox (for my members) but it's not secure asin, other can change the url to see others inbox lol.

So, If anyone out there could make a little secure tutorial i'd really appericate it! THANKS :)

edbr
09-26-2015, 11:15 PM
That would be an interesting project.

edbr
09-26-2015, 11:23 PM
The basic requirements are that messages need tobe stored in a database. They are then accessed by the intended member.
I quickly yahoogled for a tutorial for you and found one but it is using depreciated mysql so needs updating .
Let me see if i have time for this
http://www.webestools.com/scripts_tutorials-code-source-15-personal-message-system-in-php-mysql-pm-system-private-message-discussion.html

Tiger
09-27-2015, 06:29 PM
The basic requirements are that messages need tobe stored in a database. They are then accessed by the intended member.
I quickly yahoogled for a tutorial for you and found one but it is using depreciated mysql so needs updating .
Let me see if i have time for this
http://www.webestools.com/scripts_tutorials-code-source-15-personal-message-system-in-php-mysql-pm-system-private-message-discussion.html

Thank's im looking right now, If it work's i'll do an Tutorial ;)

Tiger
09-27-2015, 06:48 PM
It works, But still has the problem of users being able to read someone messages by changing the URL Id lol, Any suggestions?

edbr
09-28-2015, 01:36 AM
As i said in your other post refering to this, dont use $_GEt.
join a message table to the members table linked by unique ID
you can the no a select count on new message to show if that memer has new message, then retrieve in a message page , obviously restricted to that member.
on retrieval the message record will need to be updated to subtracy form the new message field and added 1 to the read message field.
the link i sent you hopefully will set you on the path
Also you didnt state if you are using PDO or mysqli

Tiger
09-28-2015, 07:43 PM
As i said in your other post refering to this, dont use $_GEt.
join a message table to the members table linked by unique ID
you can the no a select count on new message to show if that memer has new message, then retrieve in a message page , obviously restricted to that member.
on retrieval the message record will need to be updated to subtracy form the new message field and added 1 to the read message field.
the link i sent you hopefully will set you on the path
Also you didnt state if you are using PDO or mysqli

Not sure how to do that, But i've found another solution to my problem. Thanks anyway :)