/privmsg.php
PHP | 2330 lines | 1917 code | 290 blank | 123 comment | 384 complexity | 683998d027a85142824677bf2203ff51 MD5 | raw file
Possible License(s): AGPL-1.0
Large files files are truncated, but you can click here to view the full file
- <?php
- /**
- *
- * @package Icy Phoenix
- * @version $Id$
- * @copyright (c) 2008 Icy Phoenix
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- *
- */
- /**
- *
- * @Icy Phoenix is based on phpBB
- * @copyright (c) 2008 phpBB Group
- *
- */
- define('IN_PM', true);
- // MG Cash MOD For IP - BEGIN
- define('IN_CASHMOD', true);
- // MG Cash MOD For IP - END
- // Added to optimize memory for attachments
- define('ATTACH_DISPLAY', true);
- define('ATTACH_PM', true);
- define('IN_ICYPHOENIX', true);
- if (!defined('IP_ROOT_PATH')) define('IP_ROOT_PATH', './');
- if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
- include(IP_ROOT_PATH . 'common.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_users.' . PHP_EXT);
- include_once(IP_ROOT_PATH . 'includes/functions_zebra.' . PHP_EXT);
- // Adding CPL_NAV only if needed
- define('PARSE_CPL_NAV', true);
- // Is PM disabled?
- if (!empty($config['privmsg_disable']))
- {
- message_die(GENERAL_MESSAGE, 'PM_disabled');
- }
- $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
- $html_entities_replace = array('&', '<', '>', '"');
- // Parameters
- $privmsg_id = request_var(POST_POST_URL, 0);
- $mode = request_var('mode', '');
- $start = request_var('start', 0);
- $start = ($start < 0) ? 0 : $start;
- $sid = request_post_var('sid', '');
- $submit = (isset($_POST['post'])) ? true : false;
- $submit_search = (isset($_POST['usersubmit'])) ? true : false;
- $submit_msgdays = (isset($_POST['submit_msgdays'])) ? true : false;
- $cancel = (isset($_POST['cancel'])) ? true : false;
- $preview = (isset($_POST['preview'])) ? true : false;
- $confirm = (isset($_POST['confirm'])) ? true : false;
- $delete = (isset($_POST['delete'])) ? true : false;
- $delete_all = (isset($_POST['deleteall'])) ? true : false;
- $download = (isset($_POST['download'])) ? true : false;
- $save = (isset($_POST['save'])) ? true : false;
- $draft = request_var('draft', '');
- $draft_mode = request_var('draft_mode', '');
- $draft_confirm = !empty($_POST['draft_confirm']) ? true : false;
- $draft = (!empty($draft) || $draft_confirm) ? true : false;
- $draft_id = request_var('d', 0);
- if (($config['allow_drafts'] == true) && ($draft_mode == 'draft_load') && ($draft_id > 0))
- {
- $sql = "SELECT d.*
- FROM " . DRAFTS_TABLE . " d
- WHERE d.draft_id = '" . $draft_id . "'
- AND d.user_id = '" . $user->data['user_id'] . "'
- LIMIT 1";
- $result = $db->sql_query($sql);
- if ($draft_row = $db->sql_fetchrow($result))
- {
- $db->sql_freeresult($result);
- $draft_subject = $draft_row['draft_subject'];
- $draft_message = htmlspecialchars_decode($draft_row['draft_message'], ENT_COMPAT);
- $preview = true;
- }
- }
- $search_type = request_var('searchvar', '');
- $search_value = request_var('searchvalue', '');
- $search_value_tmp = request_var('searchvalue2', '');
- $search_value = (!empty($search_value) && !empty($search_value_tmp)) ? $search_value_tmp : $search_value;
- $refresh = $preview || $submit_search || ($draft && !$draft_confirm);
- $mark_list = request_var('mark', array(0));
- $folders_array = array('inbox', 'outbox', 'sentbox', 'savebox');
- $folder = request_var('folder', 'inbox');
- $folder = check_var_value($folder, $folders_array);
- // Start session management
- $user->session_begin();
- $auth->acl($user->data);
- $user->setup();
- // End session management
- // Cancel
- if ($cancel)
- {
- redirect(append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder, true));
- }
- // Check search fields
- $search_list = array(
- 'author' => 'author is',
- 'subject' => 'subject contains',
- );
- if(empty($search_value) || empty($search_type) || intval($search_type) || !isset($search_list[$search_type]))
- {
- $search_type = '';
- }
- if(empty($search_type))
- {
- $search_value = '';
- }
- $template->vars['SEARCH_TYPES'] = '';
- foreach($search_list as $var => $value)
- {
- $template->vars['SEARCH_TYPES'] .= '<option value="' . $var . '"' . ($search_type === $var ? ' selected="selected"' : '') . '>' . $value . '</option>';
- }
- $template->vars['SEARCH_VALUE'] = htmlspecialchars($search_value);
- $error = false;
- // Define the box image links
- $inbox_img = ($folder != 'inbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '"><img src="' . $images['pm_inbox'] . '" alt="' . $lang['Inbox'] . '" title="' . $lang['Inbox'] . '" /></a>' : '<img src="' . $images['pm_inbox'] . '" alt="' . $lang['Inbox'] . '" title="' . $lang['Inbox'] . '" />';
- $inbox_url = ($folder != 'inbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '">' . $lang['Inbox'] . '</a>' : $lang['Inbox'];
- $outbox_img = ($folder != 'outbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=outbox') . '"><img src="' . $images['pm_outbox'] . '" alt="' . $lang['Outbox'] . '" title="' . $lang['Outbox'] . '" /></a>' : '<img src="' . $images['pm_outbox'] . '" alt="' . $lang['Outbox'] . '" title="' . $lang['Outbox'] . '" />';
- $outbox_url = ($folder != 'outbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=outbox') . '">' . $lang['Outbox'] . '</a>' : $lang['Outbox'];
- $sentbox_img = ($folder != 'sentbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=sentbox') . '"><img src="' . $images['pm_sentbox'] . '" alt="' . $lang['Sentbox'] . '" title="' . $lang['Sentbox'] . '" /></a>' : '<img src="' . $images['pm_sentbox'] . '" alt="' . $lang['Sentbox'] . '" title="' . $lang['Sentbox'] . '" />';
- $sentbox_url = ($folder != 'sentbox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=sentbox') . '">' . $lang['Sentbox'] . '</a>' : $lang['Sentbox'];
- $savebox_img = ($folder != 'savebox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=savebox') . '"><img src="' . $images['pm_savebox'] . '" alt="' . $lang['Savebox'] . '" title="' . $lang['Savebox'] . '" /></a>' : '<img src="' . $images['pm_savebox'] . '" alt="' . $lang['Savebox'] . '" title="' . $lang['Savebox'] . '" />';
- $savebox_url = ($folder != 'savebox' || $mode != '') ? '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=savebox') . '">' . $lang['Savebox'] . '</a>' : $lang['Savebox'];
- execute_privmsgs_attachment_handling($mode);
- // Start main
- if ($mode == 'newpm')
- {
- $link_name = '';
- if ($mode == 'post')
- {
- $link_name = $lang['Send_a_new_message'];
- }
- elseif ($mode == 'reply')
- {
- $link_name = $lang['Send_a_reply'];
- }
- elseif ($mode == 'edit')
- {
- $link_name = $lang['Edit_message'];
- }
- $nav_server_url = create_server_url();
- $breadcrumbs['address'] = $lang['Nav_Separator'] . '<a href="' . $nav_server_url . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '"' . (!empty($link_name) ? '' : ' class="nav-current"') . '>' . $lang['Private_Messaging'] . '</a>' . (!empty($link_name) ? ($lang['Nav_Separator'] . '<a class="nav-current" href="#">' . $link_name . '</a>') : '');
- include_once(IP_ROOT_PATH . 'includes/users_zebra_block.' . PHP_EXT);
- if ($user->data['session_logged_in'])
- {
- if ($user->data['user_new_privmsg'])
- {
- $l_new_message = ($user->data['user_new_privmsg'] == 1) ? $lang['You_new_pm'] : $lang['You_new_pms'];
- }
- else
- {
- $l_new_message = $lang['You_no_new_pm'];
- }
- $l_new_message .= '<br /><br />' . sprintf($lang['Click_view_privmsg'], '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '" onclick="jump_to_inbox();return false;" target="_new">', '</a>');
- }
- else
- {
- $l_new_message = $lang['Login_check_pm'];
- }
- $template->assign_vars(array(
- 'L_CLOSE_WINDOW' => $lang['Close_window'],
- 'L_MESSAGE' => $l_new_message
- )
- );
- $gen_simple_header = true;
- full_page_generation('privmsgs_popup.tpl', $lang['Private_Messaging'], '', '');
- }
- elseif ($mode == 'read')
- {
- if (!empty($_GET[POST_POST_URL]))
- {
- $privmsgs_id = intval($_GET[POST_POST_URL]);
- }
- else
- {
- message_die(GENERAL_ERROR, $lang['No_post_id']);
- }
- if (!$user->data['session_logged_in'])
- {
- redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=privmsg.' . PHP_EXT . '&folder=' . $folder . '&mode=' . $mode . '&' . POST_POST_URL . '=' . $privmsgs_id, true));
- }
- $ranks_array = $cache->obtain_ranks(false);
- // SQL to pull appropriate message, prevents nosey people
- // reading other peoples messages ... hopefully!
- switch($folder)
- {
- case 'inbox':
- $l_box_name = $lang['Inbox'];
- $pm_sql_user = "AND pm.privmsgs_to_userid = " . $user->data['user_id'] . "
- AND (pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'outbox':
- $l_box_name = $lang['Outbox'];
- $pm_sql_user = "AND pm.privmsgs_from_userid = " . $user->data['user_id'] . "
- AND (pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ") ";
- break;
- case 'sentbox':
- $l_box_name = $lang['Sentbox'];
- $pm_sql_user = "AND pm.privmsgs_from_userid = " . $user->data['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $l_box_name = $lang['Savebox'];
- $pm_sql_user = "AND ((pm.privmsgs_to_userid = " . $user->data['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . ")
- OR (pm.privmsgs_from_userid = " . $user->data['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ")
- )";
- break;
- default:
- message_die(GENERAL_ERROR, $lang['No_such_folder']);
- break;
- }
- // BEGIN PM Navigation MOD
- if(($_GET['view'] == 'next') || ($_GET['view'] == 'prev'))
- {
- $sql_condition = ($_GET['view'] == 'next') ? '>' : '<';
- $sql_ordering = ($_GET['view'] == 'next') ? 'ASC' : 'DESC';
- $sql_nav = "SELECT pm.privmsgs_id FROM ". PRIVMSGS_TABLE ." pm, ". PRIVMSGS_TABLE ." p2
- WHERE p2.privmsgs_id = $privmsgs_id
- $pm_sql_user
- AND pm.privmsgs_date $sql_condition p2.privmsgs_date
- ORDER BY pm.privmsgs_date $sql_ordering LIMIT 1" ;
- $result_nav = $db->sql_query($sql_nav);
- if ($row = $db->sql_fetchrow($result_nav))
- {
- $privmsgs_id = intval($row['privmsgs_id']);
- }
- else
- {
- $output_message = (($_GET['view'] == 'next') ? $lang['No_newer_pm'] : $lang['No_older_pm']) . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM) . '">', '</a>');
- message_die(GENERAL_MESSAGE, $output_message);
- }
- }
- // END PM Navigation MOD
- // Major query obtains the message ...
- $sql = "SELECT u.username AS username_1, u.user_id AS user_id_1, u.user_active AS user_active_1, u.user_color AS user_color_1, u2.username AS username_2, u2.user_id AS user_id_2, u2.user_active AS user_active_2, u2.user_color AS user_color_2, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_skype, u.user_regdate, u.user_msnm, u.user_allow_viewemail, u.user_rank, u.user_sig, u.user_avatar, u.user_avatar_type, u.user_allowavatar, u.user_allow_viewonline, u.user_session_time, u.user_from, u.user_gender, pm.*
- FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u, " . USERS_TABLE . " u2
- WHERE pm.privmsgs_id = $privmsgs_id
- $pm_sql_user
- AND u.user_id = pm.privmsgs_from_userid
- AND u2.user_id = pm.privmsgs_to_userid";
- $result = $db->sql_query($sql);
- // Did the query return any data?
- if (!($privmsg = $db->sql_fetchrow($result)))
- {
- redirect(append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder, true));
- }
- $privmsg_id = $privmsg['privmsgs_id'];
- // Is this a new message in the inbox? If it is then save a copy in the posters sent box
- if ((($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) || ($privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL)) && ($folder == 'inbox'))
- {
- // Update appropriate counter
- switch ($privmsg['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- $sql = "user_new_privmsg = user_new_privmsg - 1";
- break;
- case PRIVMSGS_UNREAD_MAIL:
- $sql = "user_unread_privmsg = user_unread_privmsg - 1";
- break;
- }
- $sql = "UPDATE " . USERS_TABLE . "
- SET $sql
- WHERE user_id = " . $user->data['user_id'];
- $result = $db->sql_query($sql);
- $sql = "UPDATE " . PRIVMSGS_TABLE . "
- SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- WHERE privmsgs_id = " . $privmsg['privmsgs_id'];
- $result = $db->sql_query($sql);
- // Check to see if the poster has a 'full' sent box
- $sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
- AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
- $result = $db->sql_query($sql);
- if ($sent_info = $db->sql_fetchrow($result))
- {
- if ($config['max_sentbox_privmsgs'] && ($sent_info['sent_items'] >= $config['max_sentbox_privmsgs']))
- {
- $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
- AND privmsgs_date = " . $sent_info['oldest_post_time'] . "
- AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
- $result = $db->sql_query($sql);
- $old_privmsgs_id = $db->sql_fetchrow($result);
- $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
- if (!empty($old_privmsgs_id))
- {
- $sql = "DELETE FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id = " . $old_privmsgs_id;
- $result = $db->sql_query($sql);
- }
- }
- }
- //
- // This makes a copy of the post and stores it as a SENT message from the sender. Perhaps
- // not the most DB friendly way but a lot easier to manage, besides the admin will be able to
- // set limits on numbers of storable posts for users... hopefully!
- //
- $sql = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_text, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_enable_autolinks_acronyms, privmsgs_attach_sig)
- VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . $db->sql_escape($privmsg['privmsgs_subject']) . "', '" . $db->sql_escape($privmsg['privmsgs_text']) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " . $privmsg['privmsgs_enable_autolinks_acronyms'] . ", " . $privmsg['privmsgs_attach_sig'] . ")";
- $result = $db->sql_query($sql);
- $privmsg_sent_id = $db->sql_nextid();
- }
- $attachment_mod['pm']->duplicate_attachment_pm($privmsg['privmsgs_attachment'], $privmsg['privmsgs_id'], $privmsg_sent_id);
- // Pick a folder, any folder, so long as it's one below ...
- $post_urls = array(
- 'post' => append_sid(CMS_PAGE_PRIVMSG . '?mode=post'),
- 'reply' => append_sid(CMS_PAGE_PRIVMSG . '?mode=reply&' . POST_POST_URL . '=' . $privmsg_id),
- 'quote' => append_sid(CMS_PAGE_PRIVMSG . '?mode=quote&' . POST_POST_URL . '=' . $privmsg_id),
- 'edit' => append_sid(CMS_PAGE_PRIVMSG . '?mode=edit&' . POST_POST_URL . '=' . $privmsg_id)
- );
- $post_icons = array(
- 'post_img' => '<a href="' . $post_urls['post'] . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" /></a>',
- 'post' => '<a href="' . $post_urls['post'] . '">' . $lang['Post_new_pm'] . '</a>',
- 'reply_img' => '<a href="' . $post_urls['reply'] . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" /></a>',
- 'reply' => '<a href="' . $post_urls['reply'] . '">' . $lang['Post_reply_pm'] . '</a>',
- 'quote_img' => '<a href="' . $post_urls['quote'] . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" /></a>',
- 'quote' => '<a href="' . $post_urls['quote'] . '">' . $lang['Post_quote_pm'] . '</a>',
- 'edit_img' => '<a href="' . $post_urls['edit'] . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['Edit_pm'] . '" /></a>',
- 'edit' => '<a href="' . $post_urls['edit'] . '">' . $lang['Edit_pm'] . '</a>'
- );
- if ($folder == 'inbox')
- {
- $post_img = $post_icons['post_img'];
- $reply_img = $post_icons['reply_img'];
- $quote_img = $post_icons['quote_img'];
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = $post_icons['reply'];
- $quote = $post_icons['quote'];
- $edit = '';
- $post_url = $post_urls['post'];
- $reply_url = $post_urls['reply'];
- $quote_url = $post_urls['quote'];
- $edit_url = '';
- $l_box_name = $lang['Inbox'];
- }
- elseif ($folder == 'outbox')
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = $post_icons['edit_img'];
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = $post_icons['edit'];
- $post_url = $post_urls['post'];
- $reply_url = '';
- $quote_url = '';
- $edit_url = $post_urls['edit'];
- $l_box_name = $lang['Outbox'];
- }
- elseif ($folder == 'savebox')
- {
- if ($privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL)
- {
- $post_img = $post_icons['post_img'];
- $reply_img = $post_icons['reply_img'];
- $quote_img = $post_icons['quote_img'];
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = $post_icons['reply'];
- $quote = $post_icons['quote'];
- $edit = '';
- $post_url = $post_urls['post'];
- $reply_url = $post_urls['reply'];
- $quote_url = $post_urls['quote'];
- $edit_url = '';
- }
- else
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = '';
- $post_url = $post_urls['post'];
- $reply_url = '';
- $quote_url = '';
- $edit_url = '';
- }
- $l_box_name = $lang['Saved'];
- }
- elseif ($folder == 'sentbox')
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = '';
- $post_url = $post_urls['post'];
- $reply_url = '';
- $quote_url = '';
- $edit_url = '';
- $l_box_name = '';
- }
- $s_hidden_fields = '<input type="hidden" name="mark[]" value="' . $privmsgs_id . '" />';
- $nav_server_url = create_server_url();
- $breadcrumbs['address'] = $lang['Nav_Separator'] . '<a href="' . $nav_server_url . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '">' . $lang['Private_Messaging'] . '</a>' . $lang['Nav_Separator'] . '<a class="nav-current" href="#">' . $privmsg['privmsgs_subject'] . '</a>';
- $breadcrumbs['bottom_right_links'] = '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder . '&mode=' . $mode . '&' . POST_POST_URL . '=' . $privmsgs_id . '&view=prev', true) . '">' . $lang['Previous_privmsg'] . '</a> • <a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder . '&mode=' . $mode . '&' . POST_POST_URL . '=' . $privmsgs_id . '&view=next', true) . '">' . $lang['Next_privmsg'] . '</a>';
- $skip_nav_cat = true;
- include_once(IP_ROOT_PATH . 'includes/users_zebra_block.' . PHP_EXT);
- make_jumpbox(CMS_PAGE_VIEWFORUM);
- $template->assign_vars(array(
- 'INBOX_IMG' => $inbox_img,
- 'SENTBOX_IMG' => $sentbox_img,
- 'OUTBOX_IMG' => $outbox_img,
- 'SAVEBOX_IMG' => $savebox_img,
- 'INBOX' => $inbox_url,
- 'SENTBOX' => $sentbox_url,
- 'OUTBOX' => $outbox_url,
- 'SAVEBOX' => $savebox_url,
- 'BOX_NAME' => $l_box_name,
- 'L_QUICK_REPLY' => $lang['Quick_Reply'],
- 'L_EDIT_PM' => $lang['Edit_pm'],
- 'L_QUOTE_PM' => $lang['Post_quote_pm'],
- 'L_POST_PM' => $lang['Post_new_pm'],
- 'L_REPLY_PM' => $lang['Post_reply_pm'],
- 'EDIT_PM_URL' => $edit_url,
- 'POST_PM_URL' => $post_url,
- 'QUOTE_PM_URL' => $quote_url,
- 'REPLY_PM_URL' => $reply_url,
- 'POST_PM_IMG' => $post_img,
- 'REPLY_PM_IMG' => $reply_img,
- 'EDIT_PM_IMG' => $edit_img,
- 'QUOTE_PM_IMG' => $quote_img,
- 'POST_PM' => $post,
- 'REPLY_PM' => $reply,
- 'EDIT_PM' => $edit,
- 'QUOTE_PM' => $quote,
- 'IMG_QUICK_QUOTE' => $images['icon_quick_quote'],
- 'IMG_OFFTOPIC' => $images['icon_offtopic'],
- 'L_MESSAGE' => $lang['Message'],
- 'L_INBOX' => $lang['Inbox'],
- 'L_OUTBOX' => $lang['Outbox'],
- 'L_SENTBOX' => $lang['Sent'],
- 'L_SAVEBOX' => $lang['Saved'],
- 'L_FLAG' => $lang['Flag'],
- 'L_SUBJECT' => $lang['Subject'],
- 'L_QUICK_QUOTE' => $lang['QuickQuote'],
- 'L_OFFTOPIC' => $lang['OffTopic'],
- 'L_POSTED' => $lang['Posted'],
- 'L_DATE' => $lang['Date'],
- 'L_FROM' => $lang['From'],
- 'L_TO' => $lang['To'],
- 'L_SAVE_MSG' => $lang['Save_message'],
- 'L_DELETE_MSG' => $lang['Delete_message'],
- 'L_PM' => $lang['Private_Message'],
- 'L_EMAIL' => $lang['Email'],
- 'L_POSTS' => $lang['Posts'],
- 'L_CONTACTS' => $lang['User_Contacts'],
- 'L_WEBSITE' => $lang['Website'],
- 'L_FROM' => $lang['Location'],
- 'L_ONLINE_STATUS' => $lang['Online_status'],
- 'L_USER_WWW' => $lang['Website'],
- 'L_USER_EMAIL' => $lang['Send_Email'],
- 'L_USER_PROFILE' => $lang['Profile'],
- // BEGIN PM Navigation MOD
- 'L_PRIVMSG_NEXT' => $lang['Next_privmsg'],
- 'L_PRIVMSG_PREVIOUS' => $lang['Previous_privmsg'],
- 'U_PRIVMSG_NEXT' => append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder . '&mode=' . $mode . '&' . POST_POST_URL . '=' . $privmsgs_id . '&view=next', true),
- 'U_PRIVMSG_PREVIOUS' => append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder . '&mode=' . $mode . '&' . POST_POST_URL . '=' . $privmsgs_id . '&view=prev', true),
- // END PM Navigation MOD
- 'S_PRIVMSGS_ACTION' => append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder),
- 'S_HIDDEN_FIELDS' => $s_hidden_fields
- )
- );
- $username_from = colorize_username($privmsg['user_id_1'], $privmsg['username_1'], $privmsg['user_color_1'], $privmsg['user_active_1']);
- $user_id_from = $privmsg['user_id_1'];
- $username_to = colorize_username($privmsg['user_id_2'], $privmsg['username_2'], $privmsg['user_color_2'], $privmsg['user_active_2']);
- $user_id_to = $privmsg['user_id_2'];
- // Needed for attachments... do not remove!
- $template_to_parse = 'privmsgs_read_body.tpl';
- $template->set_filenames(array('body' => $template_to_parse));
- init_display_pm_attachments($privmsg['privmsgs_attachment']);
- $post_date = create_date_ip($config['default_dateformat'], $privmsg['privmsgs_date'], $config['board_timezone']);
- $privmsg['user_id'] = $privmsg['user_id_1'];
- $privmsg['username'] = $privmsg['username_1'];
- $privmsg['user_color'] = $privmsg['user_color_1'];
- $privmsg['user_active'] = $privmsg['user_active_1'];
- $user_info = array();
- $user_info = generate_user_info($privmsg);
- foreach ($user_info as $k => $v)
- {
- ${$k} = $v;
- }
- $poster_avatar = $user_info['avatar'];
- $poster_posts = ($privmsg['user_id'] != ANONYMOUS) ? $lang['Posts'] . ': ' . $privmsg['user_posts'] : '';
- $poster_from = ($privmsg['user_from']) ? $lang['Location'] . ': ' . $privmsg['user_from'] : '';
- $poster_joined = ($privmsg['user_id'] != ANONYMOUS) ? $lang['Joined'] . ': ' . create_date($lang['JOINED_DATE_FORMAT'], $privmsg['user_regdate'], $config['board_timezone']) : '';
- // Mighty Gorgon - Quick Quote - BEGIN
- $look_up_array = array(
- '\"',
- '"',
- "<",
- ">",
- "\n",
- chr(13),
- );
- $replacement_array = array(
- '&q_mg;',
- '\"',
- "<_mg;",
- ">_mg;",
- "\\n",
- "",
- );
- $plain_message = $privmsg['privmsgs_text'];
- $plain_message = strtr($plain_message, array_flip(get_html_translation_table(HTML_ENTITIES)));
- $plain_message = censor_text($plain_message);
- $plain_message = str_replace($look_up_array, $replacement_array, $plain_message);
- // Mighty Gorgon - Quick Quote - END
- // Processing of post
- $post_subject = $privmsg['privmsgs_subject'];
- $private_message = $privmsg['privmsgs_text'];
- if ($config['allow_sig'])
- {
- $user_sig = ($privmsg['privmsgs_from_userid'] == $user->data['user_id']) ? $user->data['user_sig'] : $privmsg['user_sig'];
- }
- else
- {
- $user_sig = '';
- }
- // If the board has HTML off but the post has HTML on then we process it, else leave it alone
- if (!$config['allow_html'])
- {
- if ($user_sig != '' && $privmsg['privmsgs_enable_sig'] && $user->data['user_allowhtml'])
- {
- $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
- }
- if ($privmsg['privmsgs_enable_html'])
- {
- $private_message = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $private_message);
- }
- }
- if (($user_sig != '') && $privmsg['privmsgs_attach_sig'])
- {
- $bbcode->allow_html = $config['allow_html'];
- $bbcode->allow_bbcode = $config['allow_bbcode'] ? true : false;
- $bbcode->allow_smilies = $config['allow_smilies'];
- $bbcode->is_sig = true;
- $user_sig = $bbcode->parse($user_sig);
- $bbcode->is_sig = false;
- }
- $bbcode->allow_html = (($config['allow_html'] && $user->data['user_allowhtml']) || $config['allow_html_only_for_admins']) && $privmsg['privmsgs_enable_html'];
- $bbcode->allow_bbcode = $config['allow_bbcode'] ? true : false;
- $bbcode->allow_smilies = $config['allow_smilies'] && $privmsg['privmsgs_enable_smilies'];
- $private_message = $bbcode->parse($private_message);
- if ($privmsg['privmsgs_attach_sig'] && $user_sig != '')
- {
- $signature = '<br />' . $config['sig_line'] . '<br />' . $user_sig;
- }
- $post_subject = censor_text($post_subject);
- $private_message = censor_text($private_message);
- //Acronyms, AutoLinks - BEGIN
- if ($privmsg['privmsgs_enable_autolinks_acronyms'])
- {
- $private_message = $bbcode->acronym_pass($private_message);
- $private_message = $bbcode->autolink_text($private_message, '999999');
- }
- //Acronyms, AutoLinks -END
- // Mighty Gorgon - Multiple Ranks - BEGIN
- $user_ranks = generate_ranks($privmsg, $ranks_array);
- if (($user_ranks['rank_01_html'] == '') && ($user_ranks['rank_01_img_html'] == '') && ($user_ranks['rank_02_html'] == '') && ($user_ranks['rank_02_img_html'] == '') && ($user_ranks['rank_03_html'] == '') && ($user_ranks['rank_03_img_html'] == '') && ($user_ranks['rank_04_html'] == '') && ($user_ranks['rank_04_img_html'] == '') && ($user_ranks['rank_05_html'] == '') && ($user_ranks['rank_05_img_html'] == ''))
- {
- $user_ranks['rank_01_html'] = ' ';
- }
- // Mighty Gorgon - Multiple Ranks - END
- $poster_rank = $user_ranks['rank_01_html'];
- $rank_image = $user_ranks['rank_01_img_html'];
- // Dump it to the templating engine
- $template->assign_vars(array(
- 'MESSAGE_TO' => $username_to,
- 'RECIPIENT_QQ' => $privmsg['username_1'],
- 'PM_ID' => $privmsgs_id,
- 'MESSAGE_FROM' => $username_from,
- 'RANK_IMAGE' => $rank_image,
- 'POSTER_JOINED' => $poster_joined,
- 'POSTER_POSTS' => $poster_posts,
- 'POSTER_FROM' => $poster_from,
- 'POSTER_AVATAR' => $poster_avatar,
- 'POST_SUBJECT' => $post_subject,
- 'POST_DATE' => $post_date,
- 'MESSAGE' => $private_message,
- 'PLAIN_MESSAGE' => $plain_message,
- 'SIGNATURE' => $signature,
- 'POSTER_RANK' => $poster_rank,
- 'RANK_IMAGE' => $rank_image,
- 'POSTER_GENDER' => $user_info['gender'],
- 'PROFILE_URL' => $user_info['profile_url'],
- 'PROFILE_IMG' => $user_info['profile_img'],
- 'PROFILE' => $user_info['profile'],
- 'PM_URL' => $user_info['pm_url'],
- 'PM_IMG' => $user_info['pm_img'],
- 'PM' => $user_info['pm'],
- 'SEARCH_URL' => $user_info['search_url'],
- 'SEARCH_IMG' => $user_info['search_img'],
- 'SEARCH' => $user_info['search'],
- 'IP_URL' => $user_info['ip_url'],
- 'IP_IMG' => $user_info['ip_img'],
- 'IP' => $user_info['ip'],
- 'EMAIL_URL' => $user_info['email_url'],
- 'EMAIL_IMG' => $user_info['email_img'],
- 'EMAIL' => $user_info['email'],
- 'WWW_URL' => $user_info['www_url'],
- 'WWW_IMG' => $user_info['www_img'],
- 'WWW' => $user_info['www'],
- 'AIM_URL' => $user_info['aim_url'],
- 'AIM_IMG' => $user_info['aim_img'],
- 'AIM' => $user_info['aim'],
- 'ICQ_STATUS_IMG' => $user_info['icq_status_img'],
- 'ICQ_URL' => $user_info['icq_url'],
- 'ICQ_IMG' => $user_info['icq_img'],
- 'ICQ' => $user_info['icq'],
- 'MSN_URL' => $user_info['msn_url'],
- 'MSN_IMG' => $user_info['msn_img'],
- 'MSN' => $user_info['msn'],
- 'SKYPE_URL' => $user_info['skype_url'],
- 'SKYPE_IMG' => $user_info['skype_img'],
- 'SKYPE' => $user_info['skype'],
- 'YIM_URL' => $user_info['yahoo_url'],
- 'YIM_IMG' => $user_info['yahoo_img'],
- 'YIM' => $user_info['yahoo'],
- 'ONLINE_STATUS_URL' => $user_info['online_status_url'],
- 'ONLINE_STATUS_CLASS' => $user_info['online_status_class'],
- 'ONLINE_STATUS_IMG' => $user_info['online_status_img'],
- 'ONLINE_STATUS' => $user_info['online_status'],
- 'L_ONLINE_STATUS' => $user_info['online_status_lang'],
- 'L_READ_MESSAGE' => $lang['Read_pm'],
- )
- );
- if (!function_exists('generate_smilies_row'))
- {
- include_once(IP_ROOT_PATH . 'includes/functions_bbcode.' . PHP_EXT);
- }
- generate_smilies_row();
- $template->assign_vars(array(
- 'L_SMILEYS_MORE' => $lang['More_emoticons'],
- 'U_SMILEYS_MORE' => append_sid('posting.' . PHP_EXT . '?mode=smilies'),
- )
- );
- full_page_generation($template_to_parse, $lang['Read_pm'], '', '');
- }
- elseif (($delete && $mark_list) || $delete_all)
- {
- if (!$user->data['session_logged_in'])
- {
- redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=privmsg.' . PHP_EXT . '&folder=inbox', true));
- }
- if (isset($mark_list) && !is_array($mark_list))
- {
- // Set to empty array instead of '0' if nothing is selected.
- $mark_list = array();
- }
- if (!$confirm)
- {
- $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
- $s_hidden_fields .= (isset($_POST['delete'])) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
- $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $user->data['session_id'] . '" />';
- for($i = 0; $i < sizeof($mark_list); $i++)
- {
- $s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . intval($mark_list[$i]) . '" />';
- }
- // Output confirmation page
- $nav_server_url = create_server_url();
- $breadcrumbs['address'] = $lang['Nav_Separator'] . '<a href="' . $nav_server_url . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '" class="nav-current">' . $lang['Private_Messaging'] . '</a>';
- $template->assign_vars(array(
- 'MESSAGE_TITLE' => $lang['Information'],
- 'MESSAGE_TEXT' => (sizeof($mark_list) == 1) ? $lang['Confirm_delete_pm'] : $lang['Confirm_delete_pms'],
- 'L_YES' => $lang['Yes'],
- 'L_NO' => $lang['No'],
- 'S_CONFIRM_ACTION' => append_sid(CMS_PAGE_PRIVMSG . '?folder=' . $folder),
- 'S_HIDDEN_FIELDS' => $s_hidden_fields
- )
- );
- full_page_generation('confirm_body.tpl', $lang['Confirm'], '', '');
- }
- elseif ($confirm && $sid === $user->data['session_id'])
- {
- if ($delete_all)
- {
- switch($folder)
- {
- case 'inbox':
- $delete_type = "privmsgs_to_userid = " . $user->data['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'outbox':
- $delete_type = "privmsgs_from_userid = " . $user->data['user_id'] . " AND (privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'sentbox':
- $delete_type = "privmsgs_from_userid = " . $user->data['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $delete_type = "((privmsgs_from_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ")
- OR (privmsgs_to_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "))";
- break;
- }
- $sql = "SELECT privmsgs_id
- FROM " . PRIVMSGS_TABLE . "
- WHERE $delete_type";
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $mark_list[] = $row['privmsgs_id'];
- }
- unset($delete_type);
- }
- $attachment_mod['pm']->delete_all_pm_attachments($mark_list);
- if (sizeof($mark_list))
- {
- $delete_sql_id = '';
- for ($i = 0; $i < sizeof($mark_list); $i++)
- {
- $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
- }
- if ($folder == 'inbox' || $folder == 'outbox')
- {
- switch ($folder)
- {
- case 'inbox':
- $sql = "privmsgs_to_userid = " . $user->data['user_id'];
- break;
- case 'outbox':
- $sql = "privmsgs_from_userid = " . $user->data['user_id'];
- break;
- }
- // Get information relevant to new or unread mail
- // so we can adjust users counters appropriately
- $sql = "SELECT privmsgs_to_userid, privmsgs_type
- FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id IN ($delete_sql_id)
- AND $sql
- AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
- $result = $db->sql_query($sql);
- if ($row = $db->sql_fetchrow($result))
- {
- $update_users = $update_list = array();
- do
- {
- switch ($row['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- $update_users['new'][$row['privmsgs_to_userid']]++;
- break;
- case PRIVMSGS_UNREAD_MAIL:
- $update_users['unread'][$row['privmsgs_to_userid']]++;
- break;
- }
- }
- while ($row = $db->sql_fetchrow($result));
- if (sizeof($update_users))
- {
- while (list($type, $users) = each($update_users))
- {
- while (list($user_id, $dec) = each($users))
- {
- $update_list[$type][$dec][] = $user_id;
- }
- }
- unset($update_users);
- while (list($type, $dec_ary) = each($update_list))
- {
- switch ($type)
- {
- case 'new':
- $type = "user_new_privmsg";
- break;
- case 'unread':
- $type = "user_unread_privmsg";
- break;
- }
- while (list($dec, $user_ary) = each($dec_ary))
- {
- $user_ids = implode(', ', $user_ary);
- $sql = "UPDATE " . USERS_TABLE . "
- SET $type = $type - $dec
- WHERE user_id IN ($user_ids)";
- $db->sql_query($sql);
- }
- }
- unset($update_list);
- }
- }
- $db->sql_freeresult($result);
- }
- // Delete the messages
- $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id IN ($delete_sql_id)
- AND ";
- switch($folder)
- {
- case 'inbox':
- $delete_sql .= "privmsgs_to_userid = " . $user->data['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'outbox':
- $delete_sql .= "privmsgs_from_userid = " . $user->data['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'sentbox':
- $delete_sql .= "privmsgs_from_userid = " . $user->data['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $delete_sql .= "((privmsgs_from_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ")
- OR (privmsgs_to_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "))";
- break;
- }
- $db->sql_query($delete_sql);
- }
- }
- }
- elseif ($download && $mark_list)
- {
- if (!$user->data['session_logged_in'])
- {
- $header_location = (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) ? 'Refresh: 0; URL=' : 'Location: ';
- header($header_location . append_sid(CMS_PAGE_LOGIN .'?redirect=privmsg.' . PHP_EXT . '&folder=inbox', true));
- exit;
- }
- switch($folder)
- {
- case 'inbox':
- $disp_folder = $lang['Inbox'];
- break;
- case 'outbox':
- $disp_folder = $lang['Outbox'];
- break;
- case 'sentbox':
- $disp_folder = $lang['Sentbox'];
- break;
- case 'savebox':
- $disp_folder = $lang['Savebox'];
- break;
- }
- if (sizeof($mark_list))
- {
- $i = 0;
- $crlf = "\r\n";
- $pmtext = $lang['Private_Messaging'] . ' (' . $config['sitename'] . ')' . $crlf;
- $user_dateformat = ($user->data['user_dateformat']) ? $user->data['user_dateformat'] : $config['default_dateformat'];
- $pmtext .= $disp_folder . ' (' . gmdate($user_dateformat) . ')' . $crlf;
- while($mark_list[$i] != '')
- {
- $sql = "SELECT pm.privmsgs_date, pm.privmsgs_subject, pm.privmsgs_text, us.username, us.user_id
- FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " us
- WHERE pm.privmsgs_id = " . $mark_list[$i] . "
- AND us.user_id = pm.privmsgs_from_userid";
- $db->sql_return_on_error(true);
- $result = $db->sql_query($sql);
- $db->sql_return_on_error(false);
- if ($result)
- {
- $db_row = $db->sql_fetchrow($result);
- $tmpmsg = wordwrap(htmlspecialchars_decode($db_row['privmsgs_text'], ENT_COMPAT), 78, $crlf);
- $from = (($folder == 'inbox') || ($folder == 'savebox')) ? $lang['From'] : $lang['To'];
- $pmtext .= '------------------------------------------------------------------------------' . $crlf;
- $pmtext .= $lang['Mailbox'] . ': ' . $user->data['username'] . $crlf;
- $pmtext .= $from . ': ' . $db_row['username'] . $crlf;
- $pmtext .= $lang['Posted'] . ': ' . gmdate($user_dateformat, $db_row['privmsgs_date']) . $crlf;
- $pmtext .= $lang['Subject'] . ': ' . htmlspecialchars_decode($db_row['privmsgs_subject'], ENT_COMPAT) . $crlf . $crlf;
- $pmtext .= $tmpmsg . $crlf;
- }
- else
- {
- print $sql . '<p>';
- message_die(GENERAL_ERROR, 'Could not read private message info', '', __LINE__, __FILE__, $sql);
- }
- $i++;
- }
- $filename = $config['sitename'] . '_' . $disp_folder . '_' . gmdate('Ymd');
- $filename = preg_replace('/[^A-Za-z0-9]+/', '_', strtolower($filename)) . '.txt';
- header('Content-Type: text/x-delimtext; name="' . $filename . '"');
- header('Content-Disposition: attachment;filename=' . $filename);
- header('Content-Transfer-Encoding: plain/text');
- header('Content-Length: ' . strlen($pmtext));
- print $pmtext;
- exit;
- }
- }
- elseif ($save && $mark_list && ($folder != 'savebox') && ($folder != 'outbox'))
- {
- if (!$user->data['session_logged_in'])
- {
- redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=privmsg.' . PHP_EXT . '&folder=inbox', true));
- }
- if (sizeof($mark_list))
- {
- // See if recipient is at their savebox limit
- $sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . PRIVMSGS_TABLE . "
- WHERE ((privmsgs_to_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . ")
- OR (privmsgs_from_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "))";
- $result = $db->sql_query($sql);
- if ($saved_info = $db->sql_fetchrow($result))
- {
- if ($config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $config['max_savebox_privmsgs'])
- {
- $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
- WHERE ((privmsgs_to_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . ")
- OR (privmsgs_from_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "))
- AND privmsgs_date = " . $saved_info['oldest_post_time'];
- $result = $db->sql_query($sql);
- $old_privmsgs_id = $db->sql_fetchrow($result);
- $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
- $sql = "DELETE FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id = $old_privmsgs_id";
- $result = $db->sql_query($sql);
- }
- }
- $saved_sql_id = '';
- for ($i = 0; $i < sizeof($mark_list); $i++)
- {
- $saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
- }
- // Process request
- $saved_sql = "UPDATE " . PRIVMSGS_TABLE;
- // Decrement read/new counters if appropriate
- if ($folder == 'inbox' || $folder == 'outbox')
- {
- switch ($folder)
- {
- case 'inbox':
- $sql = "privmsgs_to_userid = " . $user->data['user_id'];
- break;
- case 'outbox':
- $sql = "privmsgs_from_userid = " . $user->data['user_id'];
- break;
- }
- // Get information relevant to new or unread mail
- // so we can adjust users counters appropriately
- $sql = "SELECT privmsgs_to_userid, privmsgs_type
- FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id IN ($saved_sql_id)
- AND $sql
- AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
- $result = $db->sql_query($sql);
- if ($row = $db->sql_fetchrow($result))
- {
- $update_users = $update_list = array();
- do
- {
- switch ($row['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- $update_users['new'][$row['privmsgs_to_userid']]++;
- break;
- case PRIVMSGS_UNREAD_MAIL:
- $update_users['unread'][$row['privmsgs_to_userid']]++;
- break;
- }
- }
- while ($row = $db->sql_fetchrow($result));
- if (sizeof($update_users))
- {
- while (list($type, $users) = each($update_users))
- {
- while (list($user_id, $dec) = each($users))
- {
- $update_list[$type][$dec][] = $user_id;
- }
- }
- unset($update_users);
- while (list($type, $dec_ary) = each($update_list))
- {
- switch ($type)
- {
- case 'new':
- $type = "user_new_privmsg";
- break;
- case 'unread':
- $type = "user_unread_privmsg";
- break;
- }
- while (list($dec, $user_ary) = each($dec_ary))
- {
- $user_ids = implode(', ', $user_ary);
- $sql = "UPDATE " . USERS_TABLE . "
- SET $type = $type - $dec
- WHERE user_id IN ($user_ids)";
- $result_tmp = $db->sql_query($sql);
- }
- }
- unset($update_list);
- }
- }
- $db->sql_freeresult($result);
- }
- switch ($folder)
- {
- case 'inbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "
- WHERE privmsgs_to_userid = " . $user->data['user_id'] . "
- AND (privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'outbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
- WHERE privmsgs_from_userid = " . $user->data['user_id'] . "
- AND (privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ") ";
- break;
- case 'sentbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
- WHERE privmsgs_from_userid = " . $user->data['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- }
- $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";
- $result_saved = $db->sql_query($saved_sql);
- redirect(append_sid(CMS_PAGE_PRIVMSG . '?folder=savebox', true));
- }
- }
- elseif ($submit || $refresh || ($mode != ''))
- {
- if (!$user->data['session_logged_in'])
- {
- $user_id = (isset($_GET[POST_USERS_URL])) ? '&' . POST_USERS_URL . '=' . intval($_GET[POST_USERS_URL]) : '';
- redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=privmsg.' . PHP_EXT . '&folder=' . $folder . '&mode=' . $mode . $user_id, true));
- }
- // Toggles
- if (!$config['allow_html'])
- {
- $html_on = 0;
- }
- else
- {
- $html_on = ($submit || $refresh) ? ((!empty($_POST['disable_html'])) ? 0 : 1) : $user->data['user_allowhtml'];
- }
- $acro_auto_on = ($submit || $refresh) ? ((!empty($_POST['disable_acro_auto'])) ? 0 : 1) : 1;
- if (!$config['allow_bbcode'])
- {
- $bbcode_on = 0;
- }
- else
- {
- $bbcode_on = ($submit || $refresh) ? ((!empty($_POST['disable_bbcode'])) ? 0 : 1) : $user->data['user_allowbbcode'];
- }
- if (!$config['allow_smilies'])
- {
- $smilies_on = 0;
- }
- else
- {
- $smilies_on = ($submit || $refresh) ? ((!empty($_POST['disable_smilies'])) ? 0 : 1) : $user->data['user_allowsmile'];
- }
- $attach_sig = ($submit || $refresh) ? ((!empty($_POST['attach_sig'])) ? 1 : 0) : $user->data['user_attachsig'];
- $user_sig = ($user->data['user_sig'] != '' && $config['allow_sig']) ? $user->data['user_sig'] : '';
- if (($submit) && ($mode != 'edit') && ($user->data['user_level'] != ADMIN))
- {
- // Flood control
- $sql = "SELECT MAX(privmsgs_date) AS last_post_time
- FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_from_userid = " . $user->data['user_id'];
- $db->sql_return_on_error(true);
- $result = $db->sql_query($sql);
- $db->sql_return_on_error(false);
- if ($result)
- {
- $db_row = $db->sql_fetchrow($result);
- $last_post_time = $db_row['last_post_time'];
- $current_time = time();
- if (($current_time - $last_post_time) < $config['flood_interval'])
- {
- message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
- }
- }
- // End Flood control
- }
- if ($submit && ($mode == 'edit'))
- {
- $sql = 'SELECT privmsgs_from_userid
- FROM ' . PRIVMSGS_TABLE . '
- WHERE privmsgs_id = ' . (int) $privmsg_id . '
- AND privmsgs_from_userid = ' . $user->data['user_id'];
- $result = $db->sql_query($sql);
- if (!($row = $db->sql_fetchrow($result)))
- {
- message_die(GENERAL_MESSAGE, $lang['No_such_post']);
- }
- $db->sql_freeresult($result);
- unset($row);
- }
- if ($submit || ($draft && $draft_confirm))
- {
- $username = request_var('username', '', true);
- $username = htmlspecialchars_decode($username, ENT_COMPAT);
- $subject = !empty($draft_subject) ? $draft_subject : request_post_var('subject', '', true);
- $message = !empty($draft_message) ? $draft_message : htmlspecialchars_decode(request_post_var('message', '', true), ENT_COMPAT);
- // session id check
- if (($sid == '') || ($sid != $user->data['session_id']))
- {
- $error = true;
- $error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['Session_invalid'];
- }
- if (!empty($username))
- {
- $to_username = phpbb_clean_username($username);
- $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
- FROM " . USERS_TABLE . "
- WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($to_username)) . "'
- AND user_id <> " . ANONYMOUS;
- $db->sql_return_on_error(true);
- $result = $db->sql_query($sql);
- $db->sql_return_on_error(false);
- if (!$result)
- {
- $error = true;
- $error_msg = $lang['NO_USER'];
- }
- if (!($to_userdata = $db->sql_fetchrow($result)))
- {
- $error = true;
- $error_msg = $lang['NO_USER'];
- }
- }
- else
- {
- $error = true;
- $error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['No_to_user'];
- }
- $privmsg_subject = $subject;
- if (empty($privmsg_subject))
- {
- $error = true;
- $error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['Empty_subject'];
- }
- if (!empty($message) && !$error)
- {
- $privmsg_message = prepare_message($message, $html_on, $bbcode_on, $smilies_on, '');
- }
- else
- {
- $error = true;
- $error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['Empty_message'];
- }
- }
- if (($submit || ($draft && $draft_confirm)) && !$error)
- {
- // Has admin prevented user from sending PM's?
- if (!$user->data['user_allow_pm'])
- {
- $error_message = $lang['Cannot_send_privmsg'];
- message_die(GENERAL_MESSAGE, $error_message);
- }
- // MG Drafts - BEGIN
- if (($config['allow_drafts'] == true) && $draft && $draft_confirm && $user->data['session_logged_in'])
- {
- save_draft($draft_id, $user->data['user_id'], 0, 0, $privmsg_subject, $message);
- $output_message = $lang['Drafts_Saved'];
- $output_message .= '<br /><br />' . sprintf($lang['Click_return_drafts'], '<a href="' . append_sid(CMS_PAGE_DRAFTS) . '">', '</a>');
- $output_message .= '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM) . '">', '</a>');
- $redirect_url = append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox');
- meta_refresh(3, $redirect_url);
- message_die(GENERAL_MESSAGE, $output_message);
- }
- // MG Drafts - END
- $msg_time = time();
- if ($mode != 'edit')
- {
- // See if recipient is at their inbox limit
- $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . PRIVMSGS_TABLE . "
- WHERE (privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")
- AND privmsgs_to_userid = " . $to_userdata['user_id'];
- $result = $db->sql_query($sql);
- if ($inbox_info = $db->sql_fetchrow($result))
- {
- if ($config['max_inbox_privmsgs'] && ($inbox_info['inbox_items'] >= $config['max_inbox_privmsgs']))
- {
- $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
- WHERE (privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
- AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
- AND privmsgs_to_userid = " . $to_userdata['user_id'];
- $result = $db->sql_query($sql);
- $old_privmsgs_id = $db->sql_fetchrow($result);
- $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
- $sql = "DELETE FROM " . PRIVMSGS_TABLE . "
- WHERE privmsgs_id = $old_privmsgs_id";
- $db->sql_query($sql);
- }
- }
- if ($user->data['user_level'] > 0)
- {
- $pm_send = true;
- }
- else
- {
- $u_pm_in = user_check_pm_in_allowed($to_userdata['user_id']);
- if ($u_pm_in == true)
- {
- $pm_send = true;
- }
- else
- {
- $u_pm_friend = user_check_friend_foe($to_userdata['user_id'], true);
- if ($u_pm_friend == true)
- {
- $pm_send = true;
- }
- else
- {
- $msg = $lang['Allow_PM_IN_SEND_ERROR'] . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid(CMS_PAGE_FORUM) . '">', '</a>');
- message_die(GENERAL_MESSAGE, $msg);
- }
- }
- }
- $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_text, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_enable_autolinks_acronyms, privmsgs_attach_sig)
- VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . $db->sql_escape($privmsg_subject) . "', '" . $db->sql_escape($privmsg_message) . "', " . $user->data['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '$user_ip', $html_on, $bbcode_on, $smilies_on, $acro_auto_on, $attach_sig)";
- }
- else
- {
- if ($user->data['user_level'] > 0)
- {
- $pm_send = true;
- }
- else
- {
- $u_pm_in = user_check_pm_in_al…
Large files files are truncated, but you can click here to view the full file