This script will lets you create a Personal Message System easily.
The Personal Message System that we are going to build uses the Members Area:
Members Area in php mysql

Our Personal Message System have 3 pages.

  • List of all messages
  • Reading a message
  • Sending a message

Let start by the data base, we are going to create two tables “users” and “pm”


— Table structure for table users

CREATE TABLE users (
id bigint(20) NOT NULL,
username varchar(255) NOT NULL,
password varchar(255) NOT NULL,
email varchar(255) NOT NULL,
avatar text NOT NULL,
signup_date int(10) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8;


— Table structure for table pm

CREATE TABLE pm (
id bigint(20) NOT NULL,
id2 int(11) NOT NULL,
title varchar(256) NOT NULL,
user1 bigint(20) NOT NULL,
user2 bigint(20) NOT NULL,
message text NOT NULL,
timestamp int(10) NOT NULL,
user1read varchar(3) NOT NULL,
user2read varchar(3) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

List of all messages

In this page, the user will have the list of his messages. His messages will be classified in two categories, one pour read messages and one for unread messages.
list_pm.php

<?php
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<title>Personal Messages</title>
</head>
<body>
<div class="header">
<a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
</div>
<div class="content">
<?php
//We check if the user is logged
if(isset($_SESSION['username']))
{
//We list his messages in a table
//Two queries are executes, one for the unread messages and another for read messages
$req1 = mysql_query('select m1.id, m1.title, m1.timestamp, count(m2.id) as reps, users.id as userid, users.username from pm as m1, pm as m2,users where ((m1.user1="'.$_SESSION['userid'].'" and m1.user1read="no" and users.id=m1.user2) or (m1.user2="'.$_SESSION['userid'].'" and m1.user2read="no" and users.id=m1.user1)) and m1.id2="1" and m2.id=m1.id group by m1.id order by m1.id desc');
$req2 = mysql_query('select m1.id, m1.title, m1.timestamp, count(m2.id) as reps, users.id as userid, users.username from pm as m1, pm as m2,users where ((m1.user1="'.$_SESSION['userid'].'" and m1.user1read="yes" and users.id=m1.user2) or (m1.user2="'.$_SESSION['userid'].'" and m1.user2read="yes" and users.id=m1.user1)) and m1.id2="1" and m2.id=m1.id group by m1.id order by m1.id desc');
?>
This is the list of your messages:<br />
<a href="new_pm.php" class="link_new_pm">New PM</a><br />
<h3>Unread Messages(<?php echo intval(mysql_num_rows($req1)); ?>):</h3>
<table>
<tr>
<th class="title_cell">Title</th>
<th>Nb. Replies</th>
<th>Participant</th>
<th>Date of creation</th>
</tr>
<?php
//We display the list of unread messages
while($dn1 = mysql_fetch_array($req1))
{
?>
<tr>
<td class="left"><a href="read_pm.php?id=<?php echo $dn1['id']; ?>"><?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo $dn1['reps']-1; ?></td>
<td><a href="profile.php?id=<?php echo $dn1['userid']; ?>"><?php echo htmlentities($dn1['username'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo date('Y/m/d H:i:s' ,$dn1['timestamp']); ?></td>
</tr>
<?php
}
//If there is no unread message we notice it
if(intval(mysql_num_rows($req1))==0)
{
?>
<tr>
<td colspan="4" class="center">You have no unread message.</td>
</tr>
<?php
}
?>
</table>
<br />
<h3>Read Messages(<?php echo intval(mysql_num_rows($req2)); ?>):</h3>
<table>
<tr>
<th class="title_cell">Title</th>
<th>Nb. Replies</th>
<th>Participant</th>
<th>Date or creation</th>
</tr>
<?php
//We display the list of read messages
while($dn2 = mysql_fetch_array($req2))
{
?>
<tr>
<td class="left"><a href="read_pm.php?id=<?php echo $dn2['id']; ?>"><?php echo htmlentities($dn2['title'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo $dn2['reps']-1; ?></td>
<td><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo htmlentities($dn2['username'], ENT_QUOTES, 'UTF-8'); ?></a></td>
<td><?php echo date('Y/m/d H:i:s' ,$dn2['timestamp']); ?></td>
</tr>
<?php
}
//If there is no read message we notice it
if(intval(mysql_num_rows($req2))==0)
{
?>
<tr>
<td colspan="4" class="center">You have no read message.</td>
</tr>
<?php
}
?>
</table>
<?php
}
else
{
echo 'You must be logged to access this page.';
}
?>
</div>
<div class="foot"><a href="<?php echo $url_home; ?>">Go Home</a> - <a href="http://www.webestools.com/">Webestools</a></div>
</body>
</html>

Reading a message

This page let the user read a message. The user can also reply at the bottom of the page.
read_pm.php

<?php
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<title>Read a PM</title>
</head>
<body>
<div class="header">
<a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
</div>
<?php
//We check if the user is logged
if(isset($_SESSION['username']))
{
//We check if the ID of the discussion is defined
if(isset($_GET['id']))
{
$id = intval($_GET['id']);
//We get the title and the narators of the discussion
$req1 = mysql_query('select title, user1, user2 from pm where id="'.$id.'" and id2="1"');
$dn1 = mysql_fetch_array($req1);
//We check if the discussion exists
if(mysql_num_rows($req1)==1)
{
//We check if the user have the right to read this discussion
if($dn1['user1']==$_SESSION['userid'] or $dn1['user2']==$_SESSION['userid'])
{
//The discussion will be placed in read messages
if($dn1['user1']==$_SESSION['userid'])
{
mysql_query('update pm set user1read="yes" where id="'.$id.'" and id2="1"');
$user_partic = 2;
}
else
{
mysql_query('update pm set user2read="yes" where id="'.$id.'" and id2="1"');
$user_partic = 1;
}
//We get the list of the messages
$req2 = mysql_query('select pm.timestamp, pm.message, users.id as userid, users.username, users.avatar from pm, users where pm.id="'.$id.'" and users.id=pm.user1 order by pm.id2');
//We check if the form has been sent
if(isset($_POST['message']) and $_POST['message']!='')
{
$message = $_POST['message'];
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$message = stripslashes($message);
}
//We protect the variables
$message = mysql_real_escape_string(nl2br(htmlentities($message, ENT_QUOTES, 'UTF-8')));
//We send the message and we change the status of the discussion to unread for the recipient
if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "'.(intval(mysql_num_rows($req2))+1).'", "", "'.$_SESSION['userid'].'", "", "'.$message.'", "'.time().'", "", "")') and mysql_query('update pm set user'.$user_partic.'read="yes" where id="'.$id.'" and id2="1"'))
{
?>
<div class="message">Your message has successfully been sent.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
}
else
{
?>
<div class="message">An error occurred while sending the message.<br />
<a href="read_pm.php?id=<?php echo $id; ?>">Go to the discussion</a></div>
<?php
}
}
else
{
//We display the messages
?>
<div class="content">
<h1><?php echo $dn1['title']; ?></h1>
<table class="messages_table">
<tr>
<th class="author">User</th>
<th>Message</th>
</tr>
<?php
while($dn2 = mysql_fetch_array($req2))
{
?>
<tr>
<td class="author center"><?php
if($dn2['avatar']!='')
{
echo '<img src="'.htmlentities($dn2['avatar']).'" alt="Image Perso" style="max-width:100px;max-height:100px;" />';
}
?><br /><a href="profile.php?id=<?php echo $dn2['userid']; ?>"><?php echo $dn2['username']; ?></a></td>
<td class="left"><div class="date">Sent: <?php echo date('m/d/Y H:i:s' ,$dn2['timestamp']); ?></div>
<?php echo $dn2['message']; ?></td>
</tr>
<?php
}
//We display the reply form
?>
</table><br />
<h2>Reply</h2>
<div class="center">
<form action="read_pm.php?id=<?php echo $id; ?>" method="post">
<label for="message" class="center">Message</label><br />
<textarea cols="40" rows="5" name="message" id="message"></textarea><br />
<input type="submit" value="Send" />
</form>
</div>
</div>
<?php
}
}
else
{
echo '<div class="message">You dont have the rights to access this page.</div>';
}
}
else
{
echo '<div class="message">This discussion does not exists.</div>';
}
}
else
{
echo '<div class="message">The discussion ID is not defined.</div>';
}
}
else
{
echo '<div class="message">You must be logged to access this page.</div>';
}
?>
<div class="foot"><a href="list_pm.php">Go to my Personal messages</a> - <a href="http://www.webestools.com/">Webestools</a></div>
</body>
</html>

Sending a message

This page let the user send a new message(not a reply). The user will enter the username of the recipient.
new_pm.php

<?php
include('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<title>New PM</title>
</head>
<body>
<div class="header">
<a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Members Area" /></a>
</div>
<?php
//We check if the user is logged
if(isset($_SESSION['username']))
{
$form = true;
$otitle = '';
$orecip = '';
$omessage = '';
//We check if the form has been sent
if(isset($_POST['title'], $_POST['recip'], $_POST['message']))
{
$otitle = $_POST['title'];
$orecip = $_POST['recip'];
$omessage = $_POST['message'];
//We remove slashes depending on the configuration
if(get_magic_quotes_gpc())
{
$otitle = stripslashes($otitle);
$orecip = stripslashes($orecip);
$omessage = stripslashes($omessage);
}
//We check if all the fields are filled
if($_POST['title']!='' and $_POST['recip']!='' and $_POST['message']!='')
{
//We protect the variables
$title = mysql_real_escape_string($otitle);
$recip = mysql_real_escape_string($orecip);
$message = mysql_real_escape_string(nl2br(htmlentities($omessage, ENT_QUOTES, 'UTF-8')));
//We check if the recipient exists
$dn1 = mysql_fetch_array(mysql_query('select count(id) as recip, id as recipid, (select count(*) from pm) as npm from users where username="'.$recip.'"'));
if($dn1['recip']==1)
{
//We check if the recipient is not the actual user
if($dn1['recipid']!=$_SESSION['userid'])
{
$id = $dn1['npm']+1;
//We send the message
if(mysql_query('insert into pm (id, id2, title, user1, user2, message, timestamp, user1read, user2read)values("'.$id.'", "1", "'.$title.'", "'.$_SESSION['userid'].'", "'.$dn1['recipid'].'", "'.$message.'", "'.time().'", "yes", "no")'))
{
?>
<div class="message">The message has successfully been sent.<br />
<a href="list_pm.php">List of my Personal messages</a></div>
<?php
$form = false;
}
else
{
//Otherwise, we say that an error occured
$error = 'An error occurred while sending the message';
}
}
else
{
//Otherwise, we say the user cannot send a message to himself
$error = 'You cannot send a message to yourself.';
}
}
else
{
//Otherwise, we say the recipient does not exists
$error = 'The recipient does not exists.';
}
}
else
{
//Otherwise, we say a field is empty
$error = 'A field is empty. Please fill of the fields.';
}
}
elseif(isset($_GET['recip']))
{
//We get the username for the recipient if available
$orecip = $_GET['recip'];
}
if($form)
{
//We display a message if necessary
if(isset($error))
{
echo '<div class="message">'.$error.'</div>';
}
//We display the form
?>
<div class="content">
<h1>New Personal Message</h1>
<form action="new_pm.php" method="post">
Please fill the following form to send a Personal message.<br />
<label for="title">Title</label><input type="text" value="<?php echo htmlentities($otitle, ENT_QUOTES, 'UTF-8'); ?>" id="title" name="title" /><br />
<label for="recip">Recipient<span class="small">(Username)</span></label><input type="text" value="<?php echo htmlentities($orecip, ENT_QUOTES, 'UTF-8'); ?>" id="recip" name="recip" /><br />
<label for="message">Message</label><textarea cols="40" rows="5" id="message" name="message"><?php echo htmlentities($omessage, ENT_QUOTES, 'UTF-8'); ?></textarea><br />
<input type="submit" value="Send" />
</form>
</div>
<?php
}
}
else
{
echo '<div class="message">You must be logged to access this page.</div>';
}
?>
<div class="foot"><a href="list_pm.php">Go to my Personal messages</a> - <a href="http://www.webestools.com/">Webestools</a></div>
</body>
</html>

You also have to edit the MYSQL IDs in the config.php file.
config.php

<?php
//We start sessions
session_start();

/******************************************************
------------------Required Configuration---------------
Please edit the following variables so the members area
can work correctly.
******************************************************/

//We log to the DataBase
mysql_connect('hote', 'username', 'password');
mysql_select_db('database');

//Webmaster Email
$mail_webmaster = 'example@example.com';

//Top site root URL
$url_root = 'http://www.example.com';

/******************************************************
-----------------Optional Configuration----------------
******************************************************/

//Home page file name
$url_home = 'index.php';

//Design Name
$design = 'default';
?>

All files of the tutorial are provided in the attachment below:
pm.rar