Im trying to insert data into two tables, whats is wrong on my codes, please help.
if(isset($_SESSION['username']))
{
$form = true;
$oreqtype = '';
$orecip = '';
$omessage = '';
if(isset($_POST['reqtype'], $_POST['recip'], $_POST['message']))
{
$oreqtype = $_POST['reqtype'];
$orecip = $_POST['recip'];
$omessage = $_POST['message'];
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$oreqtype = stripslashes($oreqtype);
$orecip = stripslashes($orecip);
$omessage = stripslashes($omessage);
}
if($_POST['reqtype']!='' and $_POST['recip']!='' and $_POST['message']!='')
{
$reqtype = mysql_real_escape_string($reqtype);
$recip = mysql_real_escape_string($orecip);
$message = mysql_real_escape_string(nl2br(htmlentities($omessage, ENT_QUOTES, 'UTF-8')));
$dn1 = mysql_fetch_array(mysql_query('select count(id) as recip, id as recipid, (select count(*) from pm) as npm from users where username="'.$recip.'"'));
if($dn1['recip']==1)
{
if($dn1['recipid']!=$_SESSION['userid'])
{
$id = $dn1['npm']+1;
if(mysql_query('insert into pm (id, id2, reqtype, user1, user2, message, timestamp, user1read, user2read, status)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['userid'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no", "Waiting for Approval")',
'insert into itrf(req_id, req_code, req_date, req_status, req_approveuser, req_noteuser, req_datenote, req_receiveuser, rec_datereceived, form_id)
VALUES("'.$id.'", "2", "'.timestamp.'","aa", "'.$dn1['recipid'].'", "", "", "Yes","", "'.$id.'")'))
{
?>
The message has successfully been sent.
$form = false;
}
else
{
$error = 'An error occurred while sending the message';
}
}
else
{
$error = 'You cannot send a message to yourself.';
}
}
else
{
$error = 'The recipient does not exists.';
}
}
else
{
$error = 'A field is empty. Please fill of the fields.';
}
}
elseif(isset($_GET['recip']))
{
$orecip = $_GET['recip'];
}
if($form)
{
if(isset($error))
{
echo '
'.$error.'
';
}
?>
Submit an article or tip