$messages=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE recipientid='".$userrow["id"]."' ORDER BY postdate DESC","messages"),"id");
$messages=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE senderid='".$userrow["id"]."' ORDER BY postdate DESC","messages"),"id");
if(!is_numeric($_GET["id"])){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
$message=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE id='".$_GET["id"]."' LIMIT 1","messages"));
if($message==false){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if($message["recipientid"]!=$userrow["id"]){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
// Handle money transfers.
$message["moneytransfer"]="";
if($message["gold"]!=0){
$userrow["gold"]+=$message["gold"];
$message["moneytransfer"]="<span class=\"blue\">You have received ".$message["gold"]." Gold with this message.</span><br />";
updateuserrow();
}
// Reset status to old, and gold to zero, so they can't keep reading the message to get more money.
if($message["status"]==0){
$statusquery=doquery("UPDATE {{table}} SET status='1', gold='0' WHERE id='".$_GET["id"]."' LIMIT 1","messages");
}
// Pull the sender's userrow so we can show avatars.
$sender=dorow(doquery("SELECT * FROM {{table}} WHERE id='".$message["senderid"]."' LIMIT 1","users"));
if(!is_numeric($_GET["id"])){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
$message=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE id='".$_GET["id"]."' LIMIT 1","messages"));
if($message==false){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if($message["senderid"]!=$userrow["id"]){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if($userrow["gold"]<5){$errors++;$errorlist.="You do not have enough gold to cover the postage fee.<br />";}
$checkuser=dorow(doquery("SELECT * FROM {{table}} WHERE charname='$recipient' LIMIT 1","users"));
if($checkuser==false){$errors++;$errorlist.="There is no player with that Character Name.<br />";}
if(trim($gold)!=""){
if(!is_numeric($gold)){$errors++;$errorlist.="The Send Gold field must be a number.<br />";}
if($gold<1){$errors++;$errorlist.="Money Transfer amount must be greater than 0.<br />";}
if($userrow["gold"]<$gold+5){$errors++;$errorlist.="You don't have that much gold to send.<br />";}
if($userrow["account"]==$checkuser["account"]&&$gold>=($userrow["gold"]/10)){$errors++;$errorlist.="You are only allowed to send up to 10% of your gold to another character on your account.<br />";}
}
if($recipient==$userrow["charname"]){$errors++;$errorlist.="You cannot send a message to yourself. That would be a waste of 5 gold, dummy!";}
if(trim($title)==""){$errors++;$errorlist.="You must enter a Subject.<br />";}
if($errors==0){
// Subtract gold.
$userrow["gold"]-=5;
if(trim($gold)!=""){$userrow["gold"]-=$gold;}
updateuserrow();
// And send the message.
$send=doquery("INSERT INTO {{table}} SET id='', postdate=NOW(), senderid='".$userrow["id"]."', sendername='".$userrow["charname"]."', recipientid='".$checkuser["id"]."', recipientname='$recipient', status='0', title='$title', message='$message', gold='$gold'","messages");
err("The following error(s) occurred when trying to send your letter:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"index.php\">go back</a> and try again.");
if(!is_numeric($_GET["id"])){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
$origmessage=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE id='".$_GET["id"]."' LIMIT 1","messages"));
if($origmessage==false){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if($origmessage["recipientid"]!=$userrow["id"]){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if(isset($_POST["submit"])){
// Check for errors.
extract($_POST);
$errors=0;$errorlist="";
if($userrow["gold"]<5){$errors++;$errorlist.="You do not have enough gold to cover the postage fee.<br />";}
$checkuser=dorow(doquery("SELECT * FROM {{table}} WHERE charname='".$origmessage["sendername"]."' LIMIT 1","users"));
if($checkuser==false){$errors++;$errorlist.="There is no player with that Character Name.<br />";}
if(trim($gold)!=""){
if(!is_numeric($gold)){$errors++;$errorlist.="The Send Gold field must be a number.<br />";}
if($gold<1){$errors++;$errorlist.="Money Transfer amount must be greater than 0.<br />";}
if($userrow["gold"]<$gold+5){$errors++;$errorlist.="You don't have that much gold to send.<br />";}
if($userrow["account"]==$checkuser["account"]&&$gold>=($userrow["gold"]/10)){$errors++;$errorlist.="You are only allowed to send up to 10% of your gold to another character on your account.<br />";}
}
if(trim($title)==""){$errors++;$errorlist.="You must enter a Subject.<br />";}
if($errors==0){
// Subtract gold.
$userrow["gold"]-=5;
if(trim($gold)!=""){$userrow["gold"]-=$gold;}
updateuserrow();
// And send the message.
$send=doquery("INSERT INTO {{table}} SET id='', postdate=NOW(), senderid='".$userrow["id"]."', sendername='".$userrow["charname"]."', recipientid='".$origmessage["senderid"]."', recipientname='".$origmessage["sendername"]."', status='0', title='$title', message='$message', gold='$gold'","messages");
err("The following error(s) occurred when trying to send your letter:<br /><span style=\"color:red;\">$errorlist</span><br />Please <a href=\"index.php\">go back</a> and try again.");
if(!is_numeric($_GET["id"])){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
$message=dorow(doquery("SELECT *, DATE_FORMAT(postdate, '%m.%d.%Y ~ %H:%i') AS fpostdate FROM {{table}} WHERE id='".$_GET["id"]."' LIMIT 1","messages"));
if($message==false){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
if($message["recipientid"]!=$userrow["id"]){err("Invalid action. Please <a href=\"index.php\">go back</a> and try again.");}
$delete=doquery("DELETE FROM {{table}} WHERE id='".$_GET["id"]."'","messages");
