1 <?php
include "config.php";
2 function getlevel($username)
4 $sql = "SELECT * FROM users WHERE username='$username'";
5 $result = mysql_query($sql);
6 $myrow = mysql_fetch_array($result);
7 return $myrow["level"];
9 function auth($userid, $password)
11 $sql = "SELECT username FROM users WHERE username='$userid' AND userpass='$password'";
12 $result = mysql_query($sql);
13 if (!mysql_num_rows($result))
17 $query_data = mysql_fetch_row($result);
18 return $query_data[0];
21 function getuserid($username)
23 $sql = "SELECT * FROM users WHERE username='$username'";
24 $result = mysql_query($sql);
25 $myrow = mysql_fetch_array($result);
26 return $myrow["userid"];
28 $username = auth($uname, $pword);
31 echo "You are not <a href=login.php>logged in</a>.";
34 $userlevel = getlevel($uname);
37 echo "You cannot be here.";
42 echo "Invalid userID.";
48 <form method
=post action
=sendsys
.php?user
=<?
= $user ?
>>
49 <textarea cols
=60 rows
=6 name
=body
></textarea
><br
>
50 <br
><input type
=submit name
=submit value
="Send"> <input type
=reset
>
58 echo "You must have a message to send to this user.<br><br>
59 <form method=post action=sendsys.php?user=$user>
60 <textarea cols=60 rows=6 name=body></textarea><br>
61 <br><input type=submit name=submit value=\"Send\"> <input type=reset>
65 $datethe = date("n/j/y h:i:s A");
73 $userlevel = getuserid($uname);
74 $body = addslashes($body);
75 $body = ereg_replace("\n", "<br>", $body);
77 "INSERT INTO systemnot (sysbod,sentat,sendto,sentfrom,active,userid) VALUES ('$body','$datethe','$user','$from','1','$userlevel')";
78 $result = mysql_query($sql);
80 $sql = "UPDATE users SET notify='1' WHERE userid='$user'";
81 $result = mysql_query($sql);
82 echo "Notification sent. Return to the user <a href=whois.php?user="
84 .">page</a>. | <a href=topiclist.php?board=1>CE</a>";
