/upload/privmsg.php
PHP | 1732 lines | 1338 code | 242 blank | 152 comment | 281 complexity | 9f98dd7960c350c215c2293ba4627d24 MD5 | raw file
- <?php
- define('IN_FORUM', true);
- define('BB_SCRIPT', 'pm');
- define('IN_PM', true);
- define('BB_ROOT', './');
- require(BB_ROOT .'common.php');
- require(INC_DIR .'bbcode.php');
- require(INC_DIR .'functions_post.php');
- $privmsg_sent_id = $l_box_name = $to_username = $privmsg_subject = $privmsg_message = $error_msg = '';
- $page_cfg['use_tablesorter'] = true;
- $page_cfg['load_tpl_vars'] = array(
- 'pm_icons',
- );
- //
- // Is PM disabled?
- //
- if ($bb_cfg['privmsg_disable']) bb_die('PM_DISABLED');
- //
- // Parameters
- //
- //$submit = ( isset($_POST['post']) ) ? TRUE : 0;
- $submit = (bool) request_var('post', false); //test it!
- $submit_search = ( isset($_POST['usersubmit']) ) ? TRUE : 0;
- $submit_msgdays = ( isset($_POST['submit_msgdays']) ) ? TRUE : 0;
- $cancel = ( isset($_POST['cancel']) ) ? TRUE : 0;
- $preview = ( isset($_POST['preview']) ) ? TRUE : 0;
- $confirmed = ( isset($_POST['confirm']) ) ? TRUE : 0;
- $delete = ( isset($_POST['delete']) ) ? TRUE : 0;
- $delete_all = ( isset($_POST['deleteall']) ) ? TRUE : 0;
- $save = ( isset($_POST['save']) ) ? TRUE : 0;
- $mode = isset($_REQUEST['mode']) ? (string) $_REQUEST['mode'] : '';
- $refresh = $preview || $submit_search;
- $mark_list = ( !empty($_POST['mark']) ) ? $_POST['mark'] : 0;
- if ($folder =& $_REQUEST['folder'])
- {
- if ($folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox')
- {
- $folder = 'inbox';
- }
- }
- else
- {
- $folder = 'inbox';
- }
- // Start session management
- $user->session_start(array('req_login' => true));
- if (IS_AM)
- {
- $bb_cfg['max_inbox_privmsgs'] += 1000;
- $bb_cfg['max_sentbox_privmsgs'] += 1000;
- $bb_cfg['max_savebox_privmsgs'] += 1000;
- }
- else if (IS_GROUP_MEMBER)
- {
- $bb_cfg['max_inbox_privmsgs'] += 200;
- $bb_cfg['max_sentbox_privmsgs'] += 200;
- $bb_cfg['max_savebox_privmsgs'] += 200;
- }
- $template->assign_vars(array(
- 'IN_PM' => true,
- 'QUICK_REPLY' => ($bb_cfg['show_quick_reply'] && $folder == 'inbox' && $mode == 'read'),
- ));
- //
- // Cancel
- //
- if ( $cancel )
- {
- redirect(PM_URL . "?folder=$folder");
- }
- //
- // Var definitions
- //
- $start = isset($_REQUEST['start']) ? abs(intval($_REQUEST['start'])) : 0;
- if ( isset($_POST[POST_POST_URL]) || isset($_GET[POST_POST_URL]) )
- {
- $privmsg_id = ( isset($_POST[POST_POST_URL]) ) ? intval($_POST[POST_POST_URL]) : intval($_GET[POST_POST_URL]);
- }
- else
- {
- $privmsg_id = '';
- }
- $error = FALSE;
- //
- // Define the box image links
- //
- $inbox_url = ( $folder != 'inbox' || $mode != '' ) ? '<a href="' . PM_URL . "?folder=inbox".'">'. $lang['INBOX'] .'</a>' : $lang['INBOX'];
- $outbox_url = ( $folder != 'outbox' || $mode != '' ) ? '<a href="' . PM_URL . "?folder=outbox".'">'. $lang['OUTBOX'] .'</a>' : $lang['OUTBOX'];
- $sentbox_url = ( $folder != 'sentbox' || $mode != '' ) ? '<a href="' . PM_URL . "?folder=sentbox".'">'. $lang['SENTBOX'] .'</a>' : $lang['SENTBOX'];
- $savebox_url = ( $folder != 'savebox' || $mode != '' ) ? '<a href="' . PM_URL . "?folder=savebox".'">'. $lang['SAVEBOX'] .'</a>' : $lang['SAVEBOX'];
- // ----------
- // Start main
- //
- $template->assign_var('POSTING_SUBJECT');
- if ( $mode == 'read' )
- {
- if ( !empty($_GET[POST_POST_URL]) )
- {
- $privmsgs_id = intval($_GET[POST_POST_URL]);
- }
- else
- {
- message_die(GENERAL_ERROR, $lang['NO_PM_ID']);
- }
- //
- // SQL to pull appropriate message, prevents nosey people
- // reading other peoples messages ... hopefully!
- //
- switch( $folder )
- {
- case 'inbox':
- $l_box_name = $lang['INBOX'];
- $pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'outbox':
- $l_box_name = $lang['OUTBOX'];
- $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
- break;
- case 'sentbox':
- $l_box_name = $lang['SENTBOX'];
- $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $l_box_name = $lang['SAVEBOX'];
- $pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
- OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
- )";
- break;
- default:
- message_die(GENERAL_ERROR, $lang['NO_SUCH_FOLDER']);
- break;
- }
- //
- // Major query obtains the message ...
- //
- $sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_email, u.user_regdate, u.user_rank,
- u2.username AS to_username, u2.user_id AS to_user_id, u2.user_rank as to_user_rank,
- pm.*, pmt.privmsgs_text
- FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u, " . BB_USERS . " u2
- WHERE pm.privmsgs_id = $privmsgs_id
- AND pmt.privmsgs_text_id = pm.privmsgs_id
- $pm_sql_user
- AND u.user_id = pm.privmsgs_from_userid
- AND u2.user_id = pm.privmsgs_to_userid";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not query private message post information', '', __LINE__, __FILE__, $sql);
- }
- //
- // Did the query return any data?
- //
- if ( !($privmsg = DB()->sql_fetchrow($result)) )
- {
- redirect(PM_URL . "?folder=$folder");
- }
- $privmsg_id = $privmsg['privmsgs_id'];
- //
- // Is this a new message in the inbox? If it is then save
- // a copy in the posters sent box
- //
- if (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL) && $folder == 'inbox')
- {
- // Update appropriate counter
- switch ($privmsg['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- $sql = "user_new_privmsg = IF(user_new_privmsg, user_new_privmsg - 1, 0)";
- break;
- case PRIVMSGS_UNREAD_MAIL:
- $sql = "user_unread_privmsg = IF(user_unread_privmsg, user_unread_privmsg - 1, 0)";
- break;
- }
- $sql = "UPDATE " . BB_USERS . "
- SET $sql
- WHERE user_id = " . $userdata['user_id'];
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update private message read status for user', '', __LINE__, __FILE__, $sql);
- }
- if (DB()->affected_rows())
- {
- cache_rm_userdata($userdata);
- }
- $sql = "UPDATE " . BB_PRIVMSGS . "
- SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- WHERE privmsgs_id = " . $privmsg['privmsgs_id'];
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update private message read status', '', __LINE__, __FILE__, $sql);
- }
- // Check to see if the poster has a 'full' sent box
- $sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
- AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
- }
- if ( $sent_info = DB()->sql_fetchrow($result) )
- {
- if ($bb_cfg['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $bb_cfg['max_sentbox_privmsgs'])
- {
- $sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
- AND privmsgs_date = " . $sent_info['oldest_post_time'] . "
- AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
- if ( !$result = DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not find oldest privmsgs', '', __LINE__, __FILE__, $sql);
- }
- $old_privmsgs_id = DB()->sql_fetchrow($result);
- $old_privmsgs_id = (int) $old_privmsgs_id['privmsgs_id'];
- $sql = "DELETE FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (sent)', '', __LINE__, __FILE__, $sql);
- }
- $sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . "
- WHERE privmsgs_text_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (sent)', '', __LINE__, __FILE__, $sql);
- }
- }
- }
- //
- // This makes a copy of the post and stores it as a SENT message from the sendee. Perhaps
- // not the most DB friendly way but a lot easier to manage, besides the admin will be able to
- // set limits on numbers of storable posts for users ... hopefully!
- //
- $sql = "INSERT INTO " . BB_PRIVMSGS . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip)
- VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . DB()->escape($privmsg['privmsgs_subject']) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "')";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql);
- }
- $privmsg_sent_id = DB()->sql_nextid();
- $sql = "INSERT INTO " . BB_PRIVMSGS_TEXT . " (privmsgs_text_id, privmsgs_text)
- VALUES ($privmsg_sent_id, '" . DB()->escape($privmsg['privmsgs_text']) . "')";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql);
- }
- }
- //
- // Pick a folder, any folder, so long as it's one below ...
- //
- $post_urls = array(
- 'post' => PM_URL . "?mode=post",
- 'reply' => PM_URL . "?mode=reply&" . POST_POST_URL . "=$privmsg_id",
- 'quote' => PM_URL . "?mode=quote&" . POST_POST_URL . "=$privmsg_id",
- 'edit' => PM_URL . "?mode=edit&" . POST_POST_URL . "=$privmsg_id"
- );
- $post_icons = array(
- 'post_img' => '<a href="' . $post_urls['post'] . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['POST_NEW_PM'] . '" border="0" /></a>',
- 'post' => '<a href="' . $post_urls['post'] . '">' . $lang['POST_NEW_PM'] . '</a>',
- 'reply_img' => '<a href="' . $post_urls['reply'] . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['POST_REPLY_PM'] . '" border="0" /></a>',
- 'reply' => '<a href="' . $post_urls['reply'] . '">' . $lang['POST_REPLY_PM'] . '</a>',
- 'quote_img' => '<a href="' . $post_urls['quote'] . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['POST_QUOTE_PM'] . '" border="0" /></a>',
- 'quote' => '<a href="' . $post_urls['quote'] . '">' . $lang['POST_QUOTE_PM'] . '</a>',
- 'edit_img' => '<a href="' . $post_urls['edit'] . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['EDIT_PM'] . '" border="0" /></a>',
- 'edit' => '<a href="' . $post_urls['edit'] . '">' . $lang['EDIT_PM'] . '</a>'
- );
- if ( $folder == 'inbox' )
- {
- $post_img = $post_icons['post_img'];
- $reply_img = $post_icons['reply_img'];
- $quote_img = $post_icons['quote_img'];
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = $post_icons['reply'];
- $quote = $post_icons['quote'];
- $edit = '';
- $l_box_name = $lang['INBOX'];
- }
- else if ( $folder == 'outbox' )
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = $post_icons['edit_img'];
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = $post_icons['edit'];
- $l_box_name = $lang['OUTBOX'];
- }
- else if ( $folder == 'savebox' )
- {
- if ( $privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL )
- {
- $post_img = $post_icons['post_img'];
- $reply_img = $post_icons['reply_img'];
- $quote_img = $post_icons['quote_img'];
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = $post_icons['reply'];
- $quote = $post_icons['quote'];
- $edit = '';
- }
- else
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = '';
- }
- $l_box_name = $lang['SAVED'];
- }
- else if ( $folder == 'sentbox' )
- {
- $post_img = $post_icons['post_img'];
- $reply_img = '';
- $quote_img = '';
- $edit_img = '';
- $post = $post_icons['post'];
- $reply = '';
- $quote = '';
- $edit = '';
- $l_box_name = $lang['SENT'];
- }
- // Report
- //
- // Get report privmsg module and create report links
- //
- if ($folder == 'inbox')
- {
- include(INC_DIR ."functions_report.php");
- $report_privmsg = report_modules('name', 'report_privmsg');
- if ($report_privmsg && $report_privmsg->auth_check('auth_write'))
- {
- if ($privmsg['privmsgs_reported'])
- {
- $report_img = '<img src="' . $images['icon_reported'] . '" alt="' . $report_privmsg->lang['DUPLICATE_REPORT'] . '" title="' . $report_privmsg->lang['DUPLICATE_REPORT'] . '" border="0" />';
- $report = $report_privmsg->lang['DUPLICATE_REPORT'];
- }
- else
- {
- $temp_url = "report.php?mode=" . $report_privmsg->mode . "&id=$privmsg_id";
- $report_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_report'] . '" alt="' . $report_privmsg->lang['WRITE_REPORT'] . '" title="' . $report_privmsg->lang['WRITE_REPORT'] . '" border="0" /></a>';
- $report = '<a href="' . $temp_url . '">' . $report_privmsg->lang['WRITE_REPORT'] . '</a>';
- }
- $template->assign_vars(array(
- 'REPORT_PM_IMG' => $report_img,
- 'REPORT_PM' => $report)
- );
- }
- }
- // Report [END]
- $s_hidden_fields = '<input type="hidden" name="mark[]" value="' . $privmsgs_id . '" />';
- $page_title = $lang['READ_PM'];
- //
- // Load templates
- //
- $template->set_filenames(array(
- 'body' => 'privmsgs_read.tpl')
- );
- $template->assign_vars(array(
- 'INBOX' => $inbox_url,
- 'POST_PM_IMG' => $post_img,
- 'REPLY_PM_IMG' => $reply_img,
- 'EDIT_PM_IMG' => $edit_img,
- 'QUOTE_PM_IMG' => $quote_img,
- 'POST_PM' => $post,
- 'REPLY_PM' => $reply,
- 'EDIT_PM' => $edit,
- 'QUOTE_PM' => $quote,
- 'SENTBOX' => $sentbox_url,
- 'OUTBOX' => $outbox_url,
- 'SAVEBOX' => $savebox_url,
- 'BOX_NAME' => $l_box_name,
- 'S_PRIVMSGS_ACTION' => PM_URL . "?folder=$folder",
- 'S_HIDDEN_FIELDS' => $s_hidden_fields)
- );
- $username_from = $privmsg['username'];
- $user_id_from = $privmsg['user_id'];
- $username_to = $privmsg['to_username'];
- $user_id_to = $privmsg['to_user_id'];
- $post_date = bb_date($privmsg['privmsgs_date']);
- $temp_url = "profile.php?mode=viewprofile&" . POST_USERS_URL . '=' . $user_id_from;
- $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['READ_PROFILE'] . '" title="' . $lang['READ_PROFILE'] . '" border="0" /></a>';
- $profile = '<a href="' . $temp_url . '">' . $lang['READ_PROFILE'] . '</a>';
- $temp_url = PM_URL . "?mode=post&" . POST_USERS_URL . "=$user_id_from";
- $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['SEND_PRIVATE_MESSAGE'] . '" title="' . $lang['SEND_PRIVATE_MESSAGE'] . '" border="0" /></a>';
- $pm = '<a href="' . $temp_url . '">' . $lang['SEND_PRIVATE_MESSAGE'] . '</a>';
- $temp_url = "search.php?search_author=1&uid=$user_id_from";
- $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '" title="' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '" border="0" /></a>';
- $search = '<a href="' . $temp_url . '">' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '</a>';
- //
- // Processing of post
- //
- $post_subject = htmlCHR($privmsg['privmsgs_subject']);
- $private_message = $privmsg['privmsgs_text'];
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
- if ( count($orig_word) )
- {
- $post_subject = preg_replace($orig_word, $replacement_word, $post_subject);
- $private_message = preg_replace($orig_word, $replacement_word, $private_message);
- }
- $private_message = bbcode2html($private_message);
- //
- // Dump it to the templating engine
- //
- $template->assign_vars(array(
- 'TO_USER' => profile_url(array('username' => $username_to, 'user_id' => $user_id_to, 'user_rank' => $privmsg['to_user_rank'])),
- 'FROM_USER' => profile_url($privmsg),
- 'QR_SUBJECT' => (!preg_match('/^Re:/', $post_subject) ? 'Re: ' : '') . $post_subject,
- 'MESSAGE_TO' => $username_to,
- 'MESSAGE_FROM' => $username_from,
- 'RANK_IMAGE' => (@$rank_image) ? $rank_image : '',
- 'POSTER_JOINED' => (@$poster_joined) ? $poster_joined : '',
- 'POSTER_POSTS' => (@$poster_posts) ? $poster_posts : '',
- 'POSTER_FROM' => (@$poster_from) ? $poster_from : '',
- 'POST_SUBJECT' => $post_subject,
- 'POST_DATE' => $post_date,
- 'PM_MESSAGE' => $private_message,
- 'PROFILE_IMG' => $profile_img,
- 'PROFILE' => $profile,
- 'SEARCH_IMG' => $search_img,
- 'SEARCH' => $search,
- ));
- }
- else if ( ( $delete && $mark_list ) || $delete_all )
- {
- if ( isset($mark_list) && !is_array($mark_list) )
- {
- // Set to empty array instead of '0' if nothing is selected.
- $mark_list = array();
- }
- if (!$confirmed)
- {
- $delete = isset($_POST['delete']) ? 'delete' : 'deleteall';
- $hidden_fields = array(
- 'mode' => $mode,
- $delete => 1,
- );
- foreach ($mark_list as $pm_id)
- {
- $hidden_fields['mark'][] = (int) $pm_id;
- }
- print_confirmation(array(
- 'QUESTION' => (count($mark_list) == 1) ? $lang['CONFIRM_DELETE_PM'] : $lang['CONFIRM_DELETE_PMS'],
- 'FORM_ACTION' => PM_URL . "?folder=$folder",
- 'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields),
- ));
- }
- else if ( $confirmed )
- {
- $delete_sql_id = '';
- if (!$delete_all)
- {
- for ($i = 0; $i < count($mark_list); $i++)
- {
- $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
- }
- $delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
- }
- switch($folder)
- {
- case 'inbox':
- $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'outbox':
- $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'sentbox':
- $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
- OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
- break;
- }
- $sql = "SELECT privmsgs_id
- FROM " . BB_PRIVMSGS . "
- WHERE $delete_type $delete_sql_id";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
- }
- $mark_list = array();
- while ( $row = DB()->sql_fetchrow($result) )
- {
- $mark_list[] = $row['privmsgs_id'];
- }
- unset($delete_type);
- if ( count($mark_list) )
- {
- $delete_sql_id = '';
- for ($i = 0; $i < sizeof($mark_list); $i++)
- {
- $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
- }
- if ($folder == 'inbox' || $folder == 'outbox')
- {
- switch ($folder)
- {
- case 'inbox':
- $sql = "privmsgs_to_userid = " . $userdata['user_id'];
- break;
- case 'outbox':
- $sql = "privmsgs_from_userid = " . $userdata['user_id'];
- break;
- }
- // Get information relevant to new or unread mail
- // so we can adjust users counters appropriately
- $sql = "SELECT privmsgs_to_userid, privmsgs_type
- FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id IN ($delete_sql_id)
- AND $sql
- AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
- }
- if ( $row = DB()->sql_fetchrow($result))
- {
- $update_users = $update_list = array();
- do
- {
- switch ($row['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- @$update_users['new'][$row['privmsgs_to_userid']]++;
- break;
- case PRIVMSGS_UNREAD_MAIL:
- @$update_users['unread'][$row['privmsgs_to_userid']]++;
- break;
- }
- }
- while ($row = DB()->sql_fetchrow($result));
- if (sizeof($update_users))
- {
- while (list($type, $users) = each($update_users))
- {
- while (list($user_id, $dec) = each($users))
- {
- $update_list[$type][$dec][] = $user_id;
- }
- }
- unset($update_users);
- while (list($type, $dec_ary) = each($update_list))
- {
- switch ($type)
- {
- case 'new':
- $type = "user_new_privmsg";
- break;
- case 'unread':
- $type = "user_unread_privmsg";
- break;
- }
- while (list($dec, $user_ary) = each($dec_ary))
- {
- $user_ids = join(', ', $user_ary);
- $sql = "UPDATE " . BB_USERS . "
- SET $type = $type - $dec
- WHERE user_id IN ($user_ids)";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update user pm counters', '', __LINE__, __FILE__, $sql);
- }
- }
- }
- unset($update_list);
- }
- }
- DB()->sql_freeresult($result);
- }
- // Delete the messages
- $delete_text_sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . "
- WHERE privmsgs_text_id IN ($delete_sql_id)";
- $delete_sql = "DELETE FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id IN ($delete_sql_id)
- AND ";
- switch( $folder )
- {
- case 'inbox':
- $delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'outbox':
- $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND (
- privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'sentbox':
- $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $delete_sql .= "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
- OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
- break;
- }
- if ( !DB()->sql_query($delete_sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
- }
- if ( !DB()->sql_query($delete_text_sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
- }
- pm_message_die($lang['DELETE_POSTS_SUCCESFULLY']);
- }
- else
- {
- pm_message_die($lang['NONE_SELECTED']);
- }
- }
- }
- else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
- {
- if (sizeof($mark_list))
- {
- // See if recipient is at their savebox limit
- $sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . BB_PRIVMSGS . "
- WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
- OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
- }
- if ( $saved_info = DB()->sql_fetchrow($result) )
- {
- if ($bb_cfg['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $bb_cfg['max_savebox_privmsgs'] )
- {
- $sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
- WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
- OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )
- AND privmsgs_date = " . $saved_info['oldest_post_time'];
- if ( !$result = DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (save)', '', __LINE__, __FILE__, $sql);
- }
- $old_privmsgs_id = DB()->sql_fetchrow($result);
- $old_privmsgs_id = (int) $old_privmsgs_id['privmsgs_id'];
- $sql = "DELETE FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (save)', '', __LINE__, __FILE__, $sql);
- }
- $sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . "
- WHERE privmsgs_text_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (save)', '', __LINE__, __FILE__, $sql);
- }
- }
- }
- $saved_sql_id = '';
- for ($i = 0; $i < sizeof($mark_list); $i++)
- {
- $saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
- }
- // Process request
- $saved_sql = "UPDATE " . BB_PRIVMSGS;
- // Decrement read/new counters if appropriate
- if ($folder == 'inbox' || $folder == 'outbox')
- {
- switch ($folder)
- {
- case 'inbox':
- $sql = "privmsgs_to_userid = " . $userdata['user_id'];
- break;
- case 'outbox':
- $sql = "privmsgs_from_userid = " . $userdata['user_id'];
- break;
- }
- // Get information relevant to new or unread mail
- // so we can adjust users counters appropriately
- $sql = "SELECT privmsgs_to_userid, privmsgs_type
- FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id IN ($saved_sql_id)
- AND $sql
- AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
- }
- if ( $row = DB()->sql_fetchrow($result))
- {
- $update_users = $update_list = array();
- do
- {
- switch ($row['privmsgs_type'])
- {
- case PRIVMSGS_NEW_MAIL:
- @$update_users['new'][$row['privmsgs_to_userid']]++;
- break;
- case PRIVMSGS_UNREAD_MAIL:
- @$update_users['unread'][$row['privmsgs_to_userid']]++;
- break;
- }
- }
- while ($row = DB()->sql_fetchrow($result));
- if (sizeof($update_users))
- {
- while (list($type, $users) = each($update_users))
- {
- while (list($user_id, $dec) = each($users))
- {
- $update_list[$type][$dec][] = $user_id;
- }
- }
- unset($update_users);
- while (list($type, $dec_ary) = each($update_list))
- {
- switch ($type)
- {
- case 'new':
- $type = "user_new_privmsg";
- break;
- case 'unread':
- $type = "user_unread_privmsg";
- break;
- }
- while (list($dec, $user_ary) = each($dec_ary))
- {
- $user_ids = join(', ', $user_ary);
- $sql = "UPDATE " . BB_USERS . "
- SET $type = $type - $dec
- WHERE user_id IN ($user_ids)";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update user pm counters', '', __LINE__, __FILE__, $sql);
- }
- }
- }
- unset($update_list);
- }
- }
- DB()->sql_freeresult($result);
- }
- switch ($folder)
- {
- case 'inbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "
- WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
- AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
- break;
- case 'outbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
- WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
- AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
- break;
- case 'sentbox':
- $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
- WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- }
- $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";
- if ( !DB()->sql_query($saved_sql) )
- {
- message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql);
- }
- redirect(PM_URL . "?folder=savebox");
- }
- }
- else if ( $submit || $refresh || $mode != '' )
- {
- if (IS_USER && $submit && $mode != 'edit')
- {
- //
- // Flood control
- //
- $sql = "SELECT MAX(privmsgs_date) AS last_post_time
- FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_from_userid = " . $userdata['user_id'];
- if ( $result = DB()->sql_query($sql) )
- {
- $db_row = DB()->sql_fetchrow($result);
- $last_post_time = $db_row['last_post_time'];
- $current_time = TIMENOW;
- if ( ( $current_time - $last_post_time ) < $bb_cfg['flood_interval'])
- {
- message_die(GENERAL_MESSAGE, $lang['FLOOD_ERROR']);
- }
- }
- //
- // End Flood control
- //
- }
- if ($submit && $mode == 'edit')
- {
- $sql = 'SELECT privmsgs_from_userid
- FROM ' . BB_PRIVMSGS . '
- WHERE privmsgs_id = ' . (int) $privmsg_id . '
- AND privmsgs_from_userid = ' . $userdata['user_id'];
- if (!($result = DB()->sql_query($sql)))
- {
- message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql);
- }
- if (!($row = DB()->sql_fetchrow($result)))
- {
- message_die(GENERAL_MESSAGE, $lang['NO_SUCH_POST']);
- }
- DB()->sql_freeresult($result);
- unset($row);
- }
- if ( $submit )
- {
- if ( !empty($_POST['username']) )
- {
- $to_username = clean_username($_POST['username']);
- // DelUsrKeepPM
- $to_username_sql = DB()->escape($to_username);
- $to_userdata = get_userdata ($to_username_sql);
- if (!$to_userdata || $to_userdata['user_id'] == GUEST_UID)
- {
- $error = TRUE;
- $error_msg = $lang['NO_SUCH_USER'];
- }
- // DelUsrKeepPM end
- }
- else
- {
- $error = TRUE;
- $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['NO_TO_USER'];
- }
- $privmsg_subject = htmlCHR($_POST['subject']);
- if ( empty($privmsg_subject) )
- {
- $error = TRUE;
- $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['EMPTY_SUBJECT'];
- }
- if ( !empty($_POST['message']) )
- {
- if ( !$error )
- {
- $privmsg_message = prepare_message($_POST['message']);
- }
- }
- else
- {
- $error = TRUE;
- $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['EMPTY_MESSAGE'];
- }
- }
- if ( $submit && !$error )
- {
- //
- // Has admin prevented user from sending PM's?
- //
- if ( bf($userdata['user_opt'], 'user_opt', 'allow_pm') )
- {
- bb_die($lang['CANNOT_SEND_PRIVMSG']);
- }
- $msg_time = TIMENOW;
- if ( $mode != 'edit' )
- {
- //
- // See if recipient is at their inbox limit
- //
- $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
- FROM " . BB_PRIVMSGS . "
- WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
- AND privmsgs_to_userid = " . $to_userdata['user_id'];
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_MESSAGE, $lang['NO_SUCH_USER']);
- }
- if ( $inbox_info = DB()->sql_fetchrow($result) )
- {
- if ($bb_cfg['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $bb_cfg['max_inbox_privmsgs'])
- {
- $sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
- WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
- AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
- AND privmsgs_to_userid = " . $to_userdata['user_id'];
- if ( !$result = DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (inbox)', '', __LINE__, __FILE__, $sql);
- }
- $old_privmsgs_id = DB()->sql_fetchrow($result);
- $old_privmsgs_id = (int) $old_privmsgs_id['privmsgs_id'];
- $sql = "DELETE FROM " . BB_PRIVMSGS . "
- WHERE privmsgs_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (inbox)'.$sql, '', __LINE__, __FILE__, $sql);
- }
- $sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . "
- WHERE privmsgs_text_id = $old_privmsgs_id";
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (inbox)', '', __LINE__, __FILE__, $sql);
- }
- }
- }
- $sql_info = "INSERT INTO " . BB_PRIVMSGS . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip)
- VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . DB()->escape($privmsg_subject) . "', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '". USER_IP ."')";
- }
- else
- {
- $sql_info = "UPDATE " . BB_PRIVMSGS . "
- SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '" . DB()->escape($privmsg_subject) . "', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '". USER_IP ."'
- WHERE privmsgs_id = $privmsg_id";
- }
- if ( !($result = DB()->sql_query($sql_info)) )
- {
- message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);
- }
- if ( $mode != 'edit' )
- {
- $privmsg_sent_id = DB()->sql_nextid();
- $sql = "INSERT INTO " . BB_PRIVMSGS_TEXT . " (privmsgs_text_id, privmsgs_text)
- VALUES ($privmsg_sent_id, '" . DB()->escape($privmsg_message) . "')";
- }
- else
- {
- $sql = "UPDATE " . BB_PRIVMSGS_TEXT . "
- SET privmsgs_text = '" . DB()->escape($privmsg_message) . "'
- WHERE privmsgs_text_id = $privmsg_id";
- }
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
- }
- if ( $mode != 'edit' )
- {
- $timenow = TIMENOW;
- //
- // Add to the users new pm counter
- //
- $sql = "UPDATE ". BB_USERS ." SET
- user_new_privmsg = user_new_privmsg + 1,
- user_last_privmsg = $timenow,
- user_newest_pm_id = $privmsg_sent_id
- WHERE user_id = {$to_userdata['user_id']}
- LIMIT 1";
- if ( !$status = DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql);
- }
- cache_rm_user_sessions ($to_userdata['user_id']);
- if ( bf($to_userdata['user_opt'], 'user_opt', 'notify_pm') && !empty($to_userdata['user_email']) && $to_userdata['user_active'] && $bb_cfg['pm_notify_enabled'] )
- {
- require(INC_DIR .'emailer.class.php');
- $emailer = new emailer($bb_cfg['smtp_delivery']);
- $emailer->from($bb_cfg['sitename'] ." <{$bb_cfg['board_email']}>");
- $emailer->email_address($to_userdata['username'] ." <{$to_userdata['user_email']}>");
- $emailer->use_template('privmsg_notify', $to_userdata['user_lang']);
- $emailer->assign_vars(array(
- 'USERNAME' => html_entity_decode($to_username),
- 'NAME_FROM' => $userdata['username'],
- 'MSG_SUBJECT' => html_entity_decode($privmsg_subject),
- 'SITENAME' => $bb_cfg['sitename'],
- 'U_INBOX' => make_url(PM_URL . "?folder=inbox&mode=read&p=". $privmsg_sent_id),
- ));
- $emailer->send();
- $emailer->reset();
- }
- }
- pm_message_die($lang['MESSAGE_SENT']);
- }
- else if ( $preview || $refresh || $error )
- {
- //
- // If we're previewing or refreshing then obtain the data
- // passed to the script, process it a little, do some checks
- // where neccessary, etc.
- //
- $to_username = (isset($_POST['username']) ) ? clean_username($_POST['username']) : '';
- $privmsg_subject = ( isset($_POST['subject']) ) ? clean_title($_POST['subject']) : '';
- $privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : '';
- //
- // Do mode specific things
- //
- if ( $mode == 'post' )
- {
- $page_title = $lang['POST_NEW_PM'];
- }
- else if ( $mode == 'reply' )
- {
- $page_title = $lang['POST_REPLY_PM'];
- }
- else if ( $mode == 'edit' )
- {
- $page_title = $lang['EDIT_PM'];
- $sql = "SELECT u.user_id
- FROM " . BB_PRIVMSGS . " pm, " . BB_USERS . " u
- WHERE pm.privmsgs_id = $privmsg_id
- AND u.user_id = pm.privmsgs_from_userid";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, "Could not obtain post and post text", "", __LINE__, __FILE__, $sql);
- }
- if ( $postrow = DB()->sql_fetchrow($result) )
- {
- if ( $userdata['user_id'] != $postrow['user_id'] )
- {
- message_die(GENERAL_MESSAGE, $lang['EDIT_OWN_POSTS']);
- }
- }
- }
- }
- else
- {
- if ( !$privmsg_id && ( $mode == 'reply' || $mode == 'edit' || $mode == 'quote' ) )
- {
- message_die(GENERAL_ERROR, $lang['NO_POST_ID']);
- }
- if ( !empty($_GET[POST_USERS_URL]) )
- {
- $user_id = intval($_GET[POST_USERS_URL]);
- $sql = "SELECT username
- FROM " . BB_USERS . "
- WHERE user_id = $user_id
- AND user_id <> " . GUEST_UID;
- if ( !($result = DB()->sql_query($sql)) )
- {
- $error = TRUE;
- $error_msg = $lang['NO_SUCH_USER'];
- }
- if ( $row = DB()->sql_fetchrow($result) )
- {
- $to_username = $row['username'];
- }
- }
- else if ( $mode == 'edit' )
- {
- $sql = "SELECT pm.*, pmt.privmsgs_text, u.username, u.user_id
- FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u
- WHERE pm.privmsgs_id = $privmsg_id
- AND pmt.privmsgs_text_id = pm.privmsgs_id
- AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
- AND u.user_id = pm.privmsgs_to_userid";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
- }
- if ( !($privmsg = DB()->sql_fetchrow($result)) )
- {
- redirect(PM_URL . "?folder=$folder");
- }
- $privmsg_subject = $privmsg['privmsgs_subject'];
- $privmsg_message = $privmsg['privmsgs_text'];
- $to_username = $privmsg['username'];
- $to_userid = $privmsg['user_id'];
- }
- else if ( $mode == 'reply' || $mode == 'quote' )
- {
- $sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_text, u.username, u.user_id
- FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u
- WHERE pm.privmsgs_id = $privmsg_id
- AND pmt.privmsgs_text_id = pm.privmsgs_id
- AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- AND u.user_id = pm.privmsgs_from_userid";
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
- }
- if ( !($privmsg = DB()->sql_fetchrow($result)) )
- {
- redirect(PM_URL . "?folder=$folder");
- }
- $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
- $to_username = $privmsg['username'];
- $to_userid = $privmsg['user_id'];
- if ( $mode == 'quote' )
- {
- $privmsg_message = $privmsg['privmsgs_text'];
- $msg_date = bb_date($privmsg['privmsgs_date']);
- $privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]';
- $mode = 'reply';
- }
- }
- else
- {
- $privmsg_subject = $privmsg_message = $to_username = '';
- }
- }
- //
- // Has admin prevented user from sending PM's?
- //
- if ( bf($userdata['user_opt'], 'user_opt', 'allow_pm') && $mode != 'edit' )
- {
- $message = ($lang['CANNOT_SEND_PRIVMSG']);
- }
- //
- // Start output, first preview, then errors then post form
- //
- $page_title = $lang['SEND_PRIVATE_MESSAGE'];
- if ( $preview && !$error )
- {
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
- $preview_message = htmlCHR($privmsg_message, false, ENT_NOQUOTES);
- $preview_message = bbcode2html($privmsg_message);
- if ( count($orig_word) )
- {
- $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
- $preview_message = preg_replace($orig_word, $replacement_word, $preview_message);
- }
- else
- {
- $preview_subject = $privmsg_subject;
- }
- $s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
- $s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
- if ( isset($privmsg_id) )
- {
- $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
- }
- $template->assign_vars(array(
- 'TPL_PREVIEW_POST' => true,
- 'TOPIC_TITLE' => wbr($preview_subject),
- 'POST_SUBJECT' => $preview_subject,
- 'MESSAGE_TO' => $to_username,
- 'MESSAGE_FROM' => $userdata['username'],
- 'POST_DATE' => bb_date(TIMENOW),
- 'PREVIEW_MSG' => $preview_message,
- 'S_HIDDEN_FIELDS' => $s_hidden_fields,
- ));
- }
- //
- // Start error handling
- //
- if ($error)
- {
- $template->assign_vars(array('ERROR_MESSAGE' => $error_msg));
- }
- //
- // Load templates
- //
- $template->set_filenames(array(
- 'body' => 'posting.tpl')
- );
- //
- // Enable extensions in posting_body
- //
- $template->assign_block_vars('switch_privmsg', array());
- $template->assign_var('POSTING_USERNAME');
- $post_a = ' ';
- if ( $mode == 'post' )
- {
- $post_a = $lang['SEND_A_NEW_MESSAGE'];
- }
- else if ( $mode == 'reply' )
- {
- $post_a = $lang['SEND_A_REPLY'];
- $mode = 'post';
- }
- else if ( $mode == 'edit' )
- {
- $post_a = $lang['EDIT_MESSAGE'];
- }
- $s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
- $s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
- if ( $mode == 'edit' )
- {
- $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
- }
- //
- // Send smilies to template
- //
- generate_smilies('inline');
- $privmsg_subject = clean_title($privmsg_subject);
- $template->assign_vars(array(
- 'SUBJECT' => htmlCHR($privmsg_subject),
- 'USERNAME' => $to_username,
- 'MESSAGE' => $privmsg_message,
- 'FORUM_NAME' => $lang['PRIVATE_MESSAGE'],
- 'BOX_NAME' => $l_box_name,
- 'INBOX' => $inbox_url,
- 'SENTBOX' => $sentbox_url,
- 'OUTBOX' => $outbox_url,
- 'SAVEBOX' => $savebox_url,
- 'POSTING_TYPE_TITLE' => $post_a,
- 'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields,
- 'S_POST_ACTION' => PM_URL,
- 'U_SEARCH_USER' => "search.php?mode=searchuser",
- 'U_VIEW_FORUM' => PM_URL,
- ));
- }
- else
- {
- //
- // Reset PM counters
- //
- $userdata['user_new_privmsg'] = 0;
- $userdata['user_unread_privmsg'] = $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'];
- $userdata['user_last_privmsg'] = $userdata['session_start'];
- //
- // Update unread status
- //
- db_update_userdata($userdata, array(
- 'user_unread_privmsg' => 'user_unread_privmsg + user_new_privmsg',
- 'user_new_privmsg' => 0,
- 'user_last_privmsg' => $userdata['session_start'],
- ));
- $sql = "UPDATE " . BB_PRIVMSGS . "
- SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "
- WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- AND privmsgs_to_userid = " . $userdata['user_id'];
- if ( !DB()->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, 'Could not update private message new/read status (2) for user', '', __LINE__, __FILE__, $sql);
- }
- //
- // Generate page
- //
- $page_title = $lang['PRIVATE_MESSAGING'];
- //
- // Load templates
- //
- $template->set_filenames(array(
- 'body' => 'privmsgs.tpl')
- );
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
- //
- // New message
- //
- $post_new_mesg_url = '<a href="' . PM_URL .'?mode=post"><img src="' . $images['post_new'] . '" alt="' . $lang['SEND_A_NEW_MESSAGE'] . '" border="0" /></a>';
- //
- // General SQL to obtain messages
- //
- $sql_tot = "SELECT COUNT(privmsgs_id) AS total
- FROM " . BB_PRIVMSGS . " ";
- $sql = "SELECT pm.privmsgs_type, pm.privmsgs_id, pm.privmsgs_date, pm.privmsgs_subject, u.user_id, u.username, u.user_rank
- FROM " . BB_PRIVMSGS . " pm, " . BB_USERS . " u ";
- switch( $folder )
- {
- case 'inbox':
- $sql_tot .= "WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
- AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- $sql .= "WHERE pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- AND u.user_id = pm.privmsgs_from_userid
- AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'outbox':
- $sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
- AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- $sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND u.user_id = pm.privmsgs_to_userid
- AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
- OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
- break;
- case 'sentbox':
- $sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- $sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND u.user_id = pm.privmsgs_to_userid
- AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
- break;
- case 'savebox':
- $sql_tot .= "WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
- OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
- AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
- $sql .= "WHERE u.user_id = pm.privmsgs_from_userid
- AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
- OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
- AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )";
- break;
- default:
- message_die(GENERAL_MESSAGE, $lang['NO_SUCH_FOLDER']);
- break;
- }
- //
- // Show messages over previous x days/months
- //
- if ( $submit_msgdays && ( !empty($_POST['msgdays']) || !empty($_GET['msgdays']) ) )
- {
- $msg_days = ( !empty($_POST['msgdays']) ) ? intval($_POST['msgdays']) : intval($_GET['msgdays']);
- $min_msg_time = TIMENOW - ($msg_days * 86400);
- $limit_msg_time_total = " AND privmsgs_date > $min_msg_time";
- $limit_msg_time = " AND pm.privmsgs_date > $min_msg_time ";
- if ( !empty($_POST['msgdays']) )
- {
- $start = 0;
- }
- }
- else
- {
- $limit_msg_time = $limit_msg_time_total = '';
- $msg_days = 0;
- }
- $sql .= $limit_msg_time . " ORDER BY pm.privmsgs_date DESC LIMIT $start, " . $bb_cfg['topics_per_page'];
- $sql_all_tot = $sql_tot;
- $sql_tot .= $limit_msg_time_total;
- //
- // Get messages
- //
- if ( !($result = DB()->sql_query($sql_tot)) )
- {
- message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot);
- }
- $pm_total = ( $row = DB()->sql_fetchrow($result) ) ? $row['total'] : 0;
- if ( !($result = DB()->sql_query($sql_all_tot)) )
- {
- message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot);
- }
- $pm_all_total = ( $row = DB()->sql_fetchrow($result) ) ? $row['total'] : 0;
- //
- // Build select box
- //
- $previous_days = array(0, 1, 7, 14, 30, 90, 180, 364);
- $previous_days_text = array($lang['ALL_POSTS'], $lang['1_DAY'], $lang['7_DAYS'], $lang['2_WEEKS'], $lang['1_MONTH'], $lang['3_MONTHS'], $lang['6_MONTHS'], $lang['1_YEAR']);
- $select_msg_days = '';
- for($i = 0; $i < count($previous_days); $i++)
- {
- $selected = ( $msg_days == $previous_days[$i] ) ? ' selected="selected"' : '';
- $select_msg_days .= '<option value="' . $previous_days[$i] . '"' . $selected . '>' . $previous_days_text[$i] . '</option>';
- }
- //
- // Define correct icons
- //
- switch ( $folder )
- {
- case 'inbox':
- $l_box_name = $lang['INBOX'];
- break;
- case 'outbox':
- $l_box_name = $lang['OUTBOX'];
- break;
- case 'savebox':
- $l_box_name = $lang['SAVEBOX'];
- break;
- case 'sentbox':
- $l_box_name = $lang['SENTBOX'];
- break;
- }
- $post_pm = PM_URL . "?mode=post";
- $post_pm_img = '<a href="' . $post_pm . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['POST_NEW_PM'] . '" border="0" /></a>';
- $post_pm = '<a href="' . $post_pm . '">' . $lang['POST_NEW_PM'] . '</a>';
- //
- // Output data for inbox status
- //
- $box_limit_img_length = $box_limit_percent = $l_box_size_status = '';
- $max_pm = ($folder != 'outbox') ? $bb_cfg["max_{$folder}_privmsgs"] : null;
- if ($max_pm)
- {
- $box_limit_percent = min(round(($pm_all_total / $max_pm) * 100), 100);
- $box_limit_img_length = min(round(($pm_all_total / $max_pm) * $bb_cfg['privmsg_graphic_length']), $bb_cfg['privmsg_graphic_length']);
- $box_limit_remain = max(($max_pm - $pm_all_total), 0);
- $template->assign_var('PM_BOX_SIZE_INFO');
- switch( $folder )
- {
- case 'inbox':
- $l_box_size_status = sprintf($lang['INBOX_SIZE'], $box_limit_percent);
- break;
- case 'sentbox':
- $l_box_size_status = sprintf($lang['SENTBOX_SIZE'], $box_limit_percent);
- break;
- case 'savebox':
- $l_box_size_status = sprintf($lang['SAVEBOX_SIZE'], $box_limit_percent);
- break;
- default:
- $l_box_size_status = '';
- break;
- }
- }
- //
- // Dump vars to template
- //
- $template->assign_vars(array(
- 'BOX_NAME' => $l_box_name,
- 'BOX_EXPL' => ($folder == 'outbox') ? $lang['OUTBOX_EXPL'] : '',
- 'INBOX' => $inbox_url,
- 'SENTBOX' => $sentbox_url,
- 'OUTBOX' => $outbox_url,
- 'SAVEBOX' => $savebox_url,
- 'POST_PM_IMG' => $post_pm_img,
- 'POST_PM' => $post_pm,
- 'INBOX_LIMIT_IMG_WIDTH' => max(4, $box_limit_img_length),
- 'INBOX_LIMIT_PERCENT' => $box_limit_percent,
- 'BOX_SIZE_STATUS' => ($l_box_size_status) ? $l_box_size_status : '',
- 'L_FROM_OR_TO' => ( $folder == 'inbox' || $folder == 'savebox' ) ? $lang['FROM'] : $lang['TO'],
- 'S_PRIVMSGS_ACTION' => PM_URL . "?folder=$folder",
- 'S_HIDDEN_FIELDS' => '',
- 'S_POST_NEW_MSG' => $post_new_mesg_url,
- 'S_SELECT_MSG_DAYS' => $select_msg_days,
- 'U_POST_NEW_TOPIC' => PM_URL . "?mode=post")
- );
- //
- // Okay, let's build the correct folder
- //
- if ( !($result = DB()->sql_query($sql)) )
- {
- message_die(GENERAL_ERROR, 'Could not query private messages', '', __LINE__, __FILE__, $sql);
- }
- if ( $row = DB()->sql_fetchrow($result) )
- {
- $i = 0;
- do
- {
- $privmsg_id = $row['privmsgs_id'];
- $flag = $row['privmsgs_type'];
- $icon_flag = ( $flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? $images['pm_unreadmsg'] : $images['pm_readmsg'];
- $icon_flag_alt = ( $flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL ) ? $lang['UNREAD_MESSAGE'] : $lang['READ_MESSAGE'];
- $msg_userid = $row['user_id'];
- $msg_user = profile_url($row);
- $msg_subject = $row['privmsgs_subject'];
- if ( count($orig_word) )
- {
- $msg_subject = preg_replace($orig_word, $replacement_word, $msg_subject);
- }
- $u_subject = PM_URL . "?folder=$folder&mode=read&" . POST_POST_URL . "=$privmsg_id";
- $msg_date = bb_date($row['privmsgs_date']);
- if ( $flag == PRIVMSGS_NEW_MAIL && $folder == 'inbox' )
- {
- $msg_subject = '<b>' . $msg_subject . '</b>';
- $msg_date = '<b>' . $msg_date . '</b>';
- $msg_user = '<b>' . $msg_user . '</b>';
- }
- $row_class = !($i & 1) ? 'row1' : 'row2';
- $i++;
- $template->assign_block_vars('listrow', array(
- 'ROW_CLASS' => $row_class,
- 'FROM' => $msg_user,
- 'SUBJECT' => htmlCHR($msg_subject),
- 'DATE' => $msg_date,
- 'PRIVMSG_FOLDER_IMG' => $icon_flag,
- 'L_PRIVMSG_FOLDER_ALT' => $icon_flag_alt,
- 'S_MARK_ID' => $privmsg_id,
- 'U_READ' => $u_subject,
- ));
- }
- while( $row = DB()->sql_fetchrow($result) );
- generate_pagination(PM_URL . "?folder=$folder", $pm_total, $bb_cfg['topics_per_page'], $start);
- }
- else
- {
- $template->assign_block_vars("switch_no_messages", array() );
- }
- }
- $template->assign_vars(array('PAGE_TITLE' => @$page_title));
- require(PAGE_HEADER);
- $template->pparse('body');
- require(PAGE_FOOTER);
- //
- // Functions
- //
- function pm_message_die ($msg)
- {
- global $lang;
- $msg .= '<br /><br />';
- $msg .= sprintf($lang['CLICK_RETURN_INBOX'], '<a href="' . PM_URL . "?folder=inbox".'">', '</a> ');
- $msg .= sprintf($lang['CLICK_RETURN_SENTBOX'], '<a href="' . PM_URL . "?folder=sentbox".'">', '</a> ');
- $msg .= sprintf($lang['CLICK_RETURN_OUTBOX'], '<a href="' . PM_URL . "?folder=outbox".'">', '</a> ');
- $msg .= sprintf($lang['CLICK_RETURN_SAVEBOX'], '<a href="' . PM_URL . "?folder=savebox".'">', '</a> ');
- $msg .= '<br /><br />';
- $msg .= sprintf($lang['CLICK_RETURN_INDEX'], '<a href="'."index.php".'">', '</a>');
- message_die(GENERAL_MESSAGE, $msg);
- }