| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: private.php 5476 2011-06-24 14:49:59Z Tomm $ 10 */ 11 12 define("IN_MYBB", 1); 13 define("IGNORE_CLEAN_VARS", "sid"); 14 define('THIS_SCRIPT', 'private.php'); 15 16 $templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage"; 17 $templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav_changename,usercp_nav,private_empty_folder,private_empty,posticons"; 18 $templatelist .= "usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,usercp_nav_messenger,multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,usercp_nav_editsignature,private_read_action,postbit_away,postbit_avatar,postbit_warn,postbit_rep_button"; 19 $templatelist .= ",private_messagebit,codebuttons,smilieinsert,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to, postbit_online,postbit_find,postbit_pm, postbit_email,postbit_reputation,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages"; 20 21 require_once "./global.php"; 22 require_once MYBB_ROOT."inc/functions_post.php"; 23 require_once MYBB_ROOT."inc/functions_user.php"; 24 require_once MYBB_ROOT."inc/class_parser.php"; 25 $parser = new postParser; 26 27 // Load global language phrases 28 $lang->load("private"); 29 30 if($mybb->settings['enablepms'] == 0) 31 { 32 error($lang->pms_disabled); 33 } 34 35 if($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) 36 { 37 error_no_permission(); 38 } 39 40 if(!$mybb->user['pmfolders']) 41 { 42 $mybb->user['pmfolders'] = "1**$%%$2**$%%$3**$%%$4**"; 43 44 $sql_array = array( 45 "pmfolders" => $mybb->user['pmfolders'] 46 ); 47 $db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']); 48 } 49 50 // On a random occassion, recount the users pm's just to make sure everything is in sync. 51 $rand = my_rand(0, 9); 52 if($rand == 5) 53 { 54 update_pm_count(); 55 } 56 57 $foldersearch = "<select multiple=\"multiple\" name=\"folder[]\" id=\"folder\">\n"; 58 $foldersearch .= "<option selected=\"selected\">{$lang->all_folders}</option>\n"; 59 $folderjump = "<select name=\"jumpto\">\n"; 60 $folderoplist = "<input type=\"hidden\" value=\"".intval($mybb->input['fid'])."\" name=\"fromfid\" />\n<select name=\"fid\">\n"; 61 $folderjump2 = "<select name=\"jumpto2\">\n"; 62 63 $foldernames = array(); 64 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 65 foreach($foldersexploded as $key => $folders) 66 { 67 $folderinfo = explode("**", $folders, 2); 68 if($mybb->input['fid'] == $folderinfo[0]) 69 { 70 $sel = ' selected="selected"'; 71 } 72 else 73 { 74 $sel = ''; 75 } 76 $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); 77 $foldernames[$folderinfo[0]] = $folderinfo[1]; 78 $folderjump .= "<option value=\"$folderinfo[0]\"$sel>$folderinfo[1]</option>\n"; 79 $folderjump2 .= "<option value=\"$folderinfo[0]\"$sel>$folderinfo[1]</option>\n"; 80 $folderoplist .= "<option value=\"$folderinfo[0]\"$sel>$folderinfo[1]</option>\n"; 81 $foldersearch .= "<option value=\"$folderinfo[0]\"$sel>$folderinfo[1]</option>\n"; 82 $folderlinks .= "• <a href=\"private.php?fid=$folderinfo[0]\">$folderinfo[1]</a><br />\n"; 83 } 84 $folderjump .= "</select>\n"; 85 $folderjump2 .= "</select>\n"; 86 $folderoplist .= "</select>\n"; 87 $foldersearch .= "</select>\n"; 88 89 usercp_menu(); 90 91 92 // Make navigation 93 add_breadcrumb($lang->nav_pms, "private.php"); 94 95 switch($mybb->input['action']) 96 { 97 case "send": 98 add_breadcrumb($lang->nav_send); 99 break; 100 case "tracking": 101 add_breadcrumb($lang->nav_tracking); 102 break; 103 case "folders": 104 add_breadcrumb($lang->nav_folders); 105 break; 106 case "empty": 107 add_breadcrumb($lang->nav_empty); 108 break; 109 case "export": 110 add_breadcrumb($lang->nav_export); 111 break; 112 case "advanced_search": 113 add_breadcrumb($lang->nav_search); 114 break; 115 case "results": 116 add_breadcrumb($lang->nav_results); 117 break; 118 } 119 120 if($mybb->input['preview']) 121 { 122 $mybb->input['action'] = "send"; 123 } 124 125 if(($mybb->input['action'] == "do_search" || $mybb->input['action'] == "do_stuff" && ($mybb->input['quick_search'] || !$mybb->input['hop'] && !$mybb->input['moveto'] && !$mybb->input['delete'])) && $mybb->request_method == "post") 126 { 127 $plugins->run_hooks("private_do_search_start"); 128 129 // Simulate coming from our advanced search form with some preset options 130 if($mybb->input['quick_search']) 131 { 132 $mybb->input['action'] = "do_search"; 133 $mybb->input['subject'] = 1; 134 $mybb->input['message'] = 1; 135 $mybb->input['folder'] = $mybb->input['fid']; 136 unset($mybb->input['jumpto']); 137 unset($mybb->input['fromfid']); 138 } 139 140 // Check if search flood checking is enabled and user is not admin 141 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 142 { 143 // Fetch the time this user last searched 144 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 145 $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 146 $last_search = $db->fetch_array($query); 147 // Users last search was within the flood time, show the error 148 if($last_search['sid']) 149 { 150 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 151 if($remaining_time == 1) 152 { 153 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 154 } 155 else 156 { 157 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 158 } 159 error($lang->error_searchflooding); 160 } 161 } 162 163 if($mybb->input['subject'] != 1 && $mybb->input['message'] != 1) 164 { 165 error($lang->error_nosearchresults); 166 } 167 168 if($mybb->input['message'] == 1) 169 { 170 $resulttype = "pmmessages"; 171 } 172 else 173 { 174 $resulttype = "pmsubjects"; 175 } 176 177 $search_data = array( 178 "keywords" => $mybb->input['keywords'], 179 "subject" => $mybb->input['subject'], 180 "message" => $mybb->input['message'], 181 "sender" => $mybb->input['sender'], 182 "status" => $mybb->input['status'], 183 "folder" => $mybb->input['folder'], 184 ); 185 186 if($db->can_search == true) 187 { 188 require_once MYBB_ROOT."inc/functions_search.php"; 189 190 $search_results = privatemessage_perform_search_mysql($search_data); 191 } 192 else 193 { 194 error($lang->error_no_search_support); 195 } 196 $sid = md5(uniqid(microtime(), 1)); 197 $searcharray = array( 198 "sid" => $db->escape_string($sid), 199 "uid" => $mybb->user['uid'], 200 "dateline" => TIME_NOW, 201 "ipaddress" => $db->escape_string($session->ipaddress), 202 "threads" => '', 203 "posts" => '', 204 "resulttype" => $resulttype, 205 "querycache" => $search_results['querycache'], 206 "keywords" => $db->escape_string($mybb->input['keywords']), 207 ); 208 $plugins->run_hooks("private_do_search_process"); 209 210 $db->insert_query("searchlog", $searcharray); 211 212 // Sender sort won't work yet 213 $sortby = array('subject', 'sender', 'dateline'); 214 215 if(in_array($mybb->input['sort'], $sortby)) 216 { 217 $sortby = $mybb->input['sort']; 218 } 219 else 220 { 221 $sortby = "dateline"; 222 } 223 224 if(my_strtolower($mybb->input['sortordr']) == "asc" || my_strtolower($mybb->input['sortordr']) == "desc") 225 { 226 $sortorder = $mybb->input['sortordr']; 227 } 228 else 229 { 230 $sortorder = "desc"; 231 } 232 233 $plugins->run_hooks("private_do_search_end"); 234 redirect("private.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults); 235 } 236 237 if($mybb->input['action'] == "results") 238 { 239 $sid = $db->escape_string($mybb->input['sid']); 240 $query = $db->simple_select("searchlog", "*", "sid='{$sid}' AND uid='{$mybb->user['uid']}'"); 241 $search = $db->fetch_array($query); 242 243 if(!$search['sid']) 244 { 245 error($lang->error_invalidsearch); 246 } 247 248 $plugins->run_hooks("private_results_start"); 249 250 // Decide on our sorting fields and sorting order. 251 $order = my_strtolower(htmlspecialchars($mybb->input['order'])); 252 $sortby = my_strtolower(htmlspecialchars($mybb->input['sortby'])); 253 254 $sortby_accepted = array('subject', 'username', 'dateline'); 255 256 if(in_array($sortby, $sortby_accepted)) 257 { 258 $query_sortby = $sortby; 259 260 if($query_sortby == "username") 261 { 262 $query_sortby = "fromusername"; 263 } 264 } 265 else 266 { 267 $sortby = $query_sortby = "dateline"; 268 } 269 270 if($order != "asc") 271 { 272 $order = "desc"; 273 } 274 275 if(!$mybb->settings['threadsperpage']) 276 { 277 $mybb->settings['threadsperpage'] = 20; 278 } 279 280 // Work out pagination, which page we're at, as well as the limits. 281 $perpage = $mybb->settings['threadsperpage']; 282 $page = intval($mybb->input['page']); 283 if($page > 0) 284 { 285 $start = ($page-1) * $perpage; 286 } 287 else 288 { 289 $start = 0; 290 $page = 1; 291 } 292 $end = $start + $perpage; 293 $lower = $start+1; 294 $upper = $end; 295 296 // Work out if we have terms to highlight 297 $highlight = ""; 298 if($search['keywords']) 299 { 300 $highlight = "&highlight=".urlencode($search['keywords']); 301 } 302 303 // Do Multi Pages 304 $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")"); 305 $pmscount = $db->fetch_array($query); 306 307 if($upper > $threadcount) 308 { 309 $upper = $threadcount; 310 } 311 $multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->input['sid'])."&sortby={$sortby}&order={$order}"); 312 $messagelist = ''; 313 314 $icon_cache = $cache->read("posticons"); 315 316 // Cache users in multiple recipients for sent & drafts folder 317 // Get all recipients into an array 318 $cached_users = $get_users = array(); 319 $users_query = $db->simple_select("privatemessages", "recipients", "pmid IN(".$db->escape_string($search['querycache']).")", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => $query_sortby, 'order_dir' => $order)); 320 while($row = $db->fetch_array($users_query)) 321 { 322 $recipients = unserialize($row['recipients']); 323 if(is_array($recipients['to']) && count($recipients['to'])) 324 { 325 $get_users = array_merge($get_users, $recipients['to']); 326 } 327 328 if(is_array($recipients['bcc']) && count($recipients['bcc'])) 329 { 330 $get_users = array_merge($get_users, $recipients['bcc']); 331 } 332 } 333 334 $get_users = implode(',', array_unique($get_users)); 335 336 // Grab info 337 if($get_users) 338 { 339 $users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})"); 340 while($user = $db->fetch_array($users_query)) 341 { 342 $cached_users[$user['uid']] = $user; 343 } 344 } 345 346 $query = $db->query(" 347 SELECT pm.*, fu.username AS fromusername, tu.username as tousername 348 FROM ".TABLE_PREFIX."privatemessages pm 349 LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid) 350 LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid) 351 WHERE pm.pmid IN(".$db->escape_string($search['querycache']).") AND pm.uid='{$mybb->user['uid']}' 352 ORDER BY pm.{$query_sortby} {$order} 353 LIMIT {$start}, {$perpage} 354 "); 355 while($message = $db->fetch_array($query)) 356 { 357 $msgalt = $msgsuffix = $msgprefix = ''; 358 359 // Determine Folder Icon 360 if($message['status'] == 0) 361 { 362 $msgfolder = 'new_pm.gif'; 363 $msgalt = $lang->new_pm; 364 $msgprefix = "<strong>"; 365 $msgsuffix = "</strong>"; 366 } 367 elseif($message['status'] == 1) 368 { 369 $msgfolder = 'old_pm.gif'; 370 $msgalt = $lang->old_pm; 371 } 372 elseif($message['status'] == 3) 373 { 374 $msgfolder = 're_pm.gif'; 375 $msgalt = $lang->reply_pm; 376 } 377 else if($message['status'] == 4) 378 { 379 $msgfolder = 'fw_pm.gif'; 380 $msgalt = $lang->fwd_pm; 381 } 382 383 if($folder == 2 || $folder == 3) 384 { 385 // Sent Items or Drafts Folder Check 386 $recipients = unserialize($message['recipients']); 387 $to_users = $bcc_users = ''; 388 if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && count($recipients['bcc']) > 0)) 389 { 390 foreach($recipients['to'] as $uid) 391 { 392 $profilelink = get_profile_link($uid); 393 $user = $cached_users[$uid]; 394 $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 395 eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 396 } 397 if(is_array($recipients['bcc']) && count($recipients['bcc'])) 398 { 399 eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";"); 400 foreach($recipients['bcc'] as $uid) 401 { 402 $profilelink = get_profile_link($uid); 403 $user = $cached_users[$uid]; 404 $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 405 eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 406 } 407 } 408 409 eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";"); 410 } 411 else if($message['toid']) 412 { 413 $tofromusername = $message['tousername']; 414 $tofromuid = $message['toid']; 415 } 416 else 417 { 418 $tofromusername = $lang->not_sent; 419 } 420 } 421 else 422 { 423 $tofromusername = $message['fromusername']; 424 $tofromuid = $message['fromid']; 425 if($tofromuid == 0) 426 { 427 $tofromusername = $lang->mybb_engine; 428 } 429 } 430 431 $tofromusername = build_profile_link($tofromusername, $tofromuid); 432 433 $denyreceipt = ''; 434 435 if($message['icon'] > 0 && $icon_cache[$message['icon']]) 436 { 437 $icon = $icon_cache[$message['icon']]; 438 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />"; 439 } 440 else 441 { 442 $icon = '	'; 443 } 444 445 if(!trim($message['subject'])) 446 { 447 $message['subject'] = $lang->pm_no_subject; 448 } 449 450 $message['subject'] = $parser->parse_badwords($message['subject']); 451 452 if(my_strlen($message['subject']) > 50) 453 { 454 $message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50)."..."); 455 } 456 else 457 { 458 $message['subject'] = htmlspecialchars_uni($message['subject']); 459 } 460 461 if($message['folder'] != "3") 462 { 463 $sendpmdate = my_date($mybb->settings['dateformat'], $message['dateline']); 464 $sendpmtime = my_date($mybb->settings['timeformat'], $message['dateline']); 465 $senddate = $sendpmdate.", ".$sendpmtime; 466 } 467 else 468 { 469 $senddate = $lang->not_sent; 470 } 471 472 $foldername = htmlspecialchars_uni($foldernames[$message['folder']]); 473 474 // What we do here is parse the post using our post parser, then strip the tags from it 475 $parser_options = array( 476 'allow_html' => 0, 477 'allow_mycode' => 1, 478 'allow_smilies' => 0, 479 'allow_imgcode' => 0, 480 'filter_badwords' => 1 481 ); 482 $message['message'] = strip_tags($parser->parse_message($message['message'], $parser_options)); 483 if(my_strlen($message['message']) > 200) 484 { 485 $message['message'] = my_substr($message['message'], 0, 200)."..."; 486 } 487 488 // For my sanity... 489 $message['message'] = htmlspecialchars_uni($message['message']); 490 491 eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";"); 492 } 493 494 if($db->num_rows($query) == 0) 495 { 496 eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";"); 497 } 498 499 $plugins->run_hooks("private_results_end"); 500 501 eval("\$results = \"".$templates->get("private_search_results")."\";"); 502 output_page($results); 503 } 504 505 if($mybb->input['action'] == "advanced_search") 506 { 507 $plugins->run_hooks("private_advanced_search"); 508 509 eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";"); 510 511 output_page($advanced_search); 512 } 513 514 // Dismissing a new/unread PM notice 515 if($mybb->input['action'] == "dismiss_notice") 516 { 517 if($mybb->user['pmnotice'] != 2) 518 { 519 exit; 520 } 521 522 // Verify incoming POST request 523 verify_post_check($mybb->input['my_post_key']); 524 525 $updated_user = array( 526 "pmnotice" => 1 527 ); 528 $db->update_query("users", $updated_user, "uid='{$mybb->user['uid']}'"); 529 530 if($mybb->input['ajax']) 531 { 532 echo 1; 533 exit; 534 } 535 else 536 { 537 header("Location: index.php"); 538 exit; 539 } 540 } 541 542 $send_errors = ''; 543 544 if($mybb->input['action'] == "do_send" && $mybb->request_method == "post") 545 { 546 if($mybb->usergroup['cansendpms'] == 0) 547 { 548 error_no_permission(); 549 } 550 551 // Verify incoming POST request 552 verify_post_check($mybb->input['my_post_key']); 553 554 $plugins->run_hooks("private_send_do_send"); 555 556 // Attempt to see if this PM is a duplicate or not 557 $time_cutoff = TIME_NOW - (5 * 60 * 60); 558 $query = $db->query(" 559 SELECT pm.pmid 560 FROM ".TABLE_PREFIX."privatemessages pm 561 LEFT JOIN ".TABLE_PREFIX."users u ON(u.uid=pm.toid) 562 WHERE u.username='".$db->escape_string($mybb->input['to'])."' AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->input['subject'])."' AND pm.message='".$db->escape_string($mybb->input['message'])."' AND pm.folder!='3' 563 "); 564 $duplicate_check = $db->fetch_field($query, "pmid"); 565 if($duplicate_check) 566 { 567 error($lang->error_pm_already_submitted); 568 } 569 570 require_once MYBB_ROOT."inc/datahandlers/pm.php"; 571 $pmhandler = new PMDataHandler(); 572 573 $pm = array( 574 "subject" => $mybb->input['subject'], 575 "message" => $mybb->input['message'], 576 "icon" => $mybb->input['icon'], 577 "fromid" => $mybb->user['uid'], 578 "do" => $mybb->input['do'], 579 "pmid" => $mybb->input['pmid'] 580 ); 581 582 // Split up any recipients we have 583 $pm['to'] = explode(",", $mybb->input['to']); 584 $pm['to'] = array_map("trim", $pm['to']); 585 if(!empty($mybb->input['bcc'])) 586 { 587 $pm['bcc'] = explode(",", $mybb->input['bcc']); 588 $pm['bcc'] = array_map("trim", $pm['bcc']); 589 } 590 591 $pm['options'] = array( 592 "signature" => $mybb->input['options']['signature'], 593 "disablesmilies" => $mybb->input['options']['disablesmilies'], 594 "savecopy" => $mybb->input['options']['savecopy'], 595 "readreceipt" => $mybb->input['options']['readreceipt'] 596 ); 597 598 if($mybb->input['saveasdraft']) 599 { 600 $pm['saveasdraft'] = 1; 601 } 602 $pmhandler->set_data($pm); 603 604 // Now let the pm handler do all the hard work. 605 if(!$pmhandler->validate_pm()) 606 { 607 $pm_errors = $pmhandler->get_friendly_errors(); 608 $send_errors = inline_error($pm_errors); 609 $mybb->input['action'] = "send"; 610 } 611 else 612 { 613 $pminfo = $pmhandler->insert_pm(); 614 $plugins->run_hooks("private_do_send_end"); 615 616 if(isset($pminfo['draftsaved'])) 617 { 618 redirect("private.php", $lang->redirect_pmsaved); 619 } 620 else 621 { 622 redirect("private.php", $lang->redirect_pmsent); 623 } 624 } 625 } 626 627 if($mybb->input['action'] == "send") 628 { 629 if($mybb->usergroup['cansendpms'] == 0) 630 { 631 error_no_permission(); 632 } 633 634 $plugins->run_hooks("private_send_start"); 635 636 $smilieinserter = $codebuttons = ''; 637 638 if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0) 639 { 640 $codebuttons = build_mycode_inserter(); 641 if($mybb->settings['pmsallowsmilies'] != 0) 642 { 643 $smilieinserter = build_clickable_smilies(); 644 } 645 } 646 647 $posticons = get_post_icons(); 648 $previewmessage = $mybb->input['message']; 649 $message = htmlspecialchars_uni($mybb->input['message']); 650 $subject = $previewsubject = htmlspecialchars_uni($mybb->input['subject']); 651 652 if($mybb->input['preview'] || $send_errors) 653 { 654 $options = $mybb->input['options']; 655 if($options['signature'] == 1) 656 { 657 $optionschecked['signature'] = 'checked="checked"'; 658 } 659 if($options['disablesmilies'] == 1) 660 { 661 $optionschecked['disablesmilies'] = 'checked="checked"'; 662 } 663 if($options['savecopy'] != 0) 664 { 665 $optionschecked['savecopy'] = 'checked="checked"'; 666 } 667 if($options['readreceipt'] != 0) 668 { 669 $optionschecked['readreceipt'] = 'checked="checked"'; 670 } 671 $to = htmlspecialchars_uni($mybb->input['to']); 672 $bcc = htmlspecialchars_uni($mybb->input['bcc']); 673 } 674 675 // Preview 676 if($mybb->input['preview']) 677 { 678 $options = $mybb->input['options']; 679 $query = $db->query(" 680 SELECT u.username AS userusername, u.*, f.* 681 FROM ".TABLE_PREFIX."users u 682 LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) 683 WHERE u.uid='".$mybb->user['uid']."' 684 "); 685 686 $post = $db->fetch_array($query); 687 688 $post['userusername'] = $mybb->user['username']; 689 $post['postusername'] = $mybb->user['username']; 690 $post['message'] = $previewmessage; 691 $post['subject'] = $previewsubject; 692 $post['icon'] = $mybb->input['icon']; 693 $post['smilieoff'] = $options['disablesmilies']; 694 $post['dateline'] = TIME_NOW; 695 696 if(!$options['signature']) 697 { 698 $post['includesig'] = 0; 699 } 700 else 701 { 702 $post['includesig'] = 1; 703 } 704 705 // Merge usergroup data from the cache 706 $data_key = array( 707 'title' => 'grouptitle', 708 'usertitle' => 'groupusertitle', 709 'stars' => 'groupstars', 710 'starimage' => 'groupstarimage', 711 'image' => 'groupimage', 712 'namestyle' => 'namestyle', 713 'usereputationsystem' => 'usereputationsystem' 714 ); 715 716 foreach($data_key as $field => $key) 717 { 718 $post[$key] = $groupscache[$post['usergroup']][$field]; 719 } 720 721 $postbit = build_postbit($post, 2); 722 eval("\$preview = \"".$templates->get("previewpost")."\";"); 723 } 724 else if(!$send_errors) 725 { 726 // New PM, so load default settings 727 if($mybb->user['signature'] != '') 728 { 729 $optionschecked['signature'] = 'checked="checked"'; 730 } 731 if($mybb->usergroup['cantrackpms'] == 1) 732 { 733 $optionschecked['readreceipt'] = 'checked="checked"'; 734 } 735 $optionschecked['savecopy'] = 'checked="checked"'; 736 } 737 738 // Draft, reply, forward 739 if($mybb->input['pmid'] && !$mybb->input['preview'] && !$send_errors) 740 { 741 $query = $db->query(" 742 SELECT pm.*, u.username AS quotename 743 FROM ".TABLE_PREFIX."privatemessages pm 744 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid) 745 WHERE pm.pmid='".intval($mybb->input['pmid'])."' AND pm.uid='".$mybb->user['uid']."' 746 "); 747 $pm = $db->fetch_array($query); 748 749 $message = htmlspecialchars_uni($pm['message']); 750 $subject = htmlspecialchars_uni($pm['subject']); 751 752 if($pm['folder'] == "3") 753 { // message saved in drafts 754 $mybb->input['uid'] = $pm['toid']; 755 756 if($pm['includesig'] == 1) 757 { 758 $optionschecked['signature'] = 'checked="checked"'; 759 } 760 if($pm['smilieoff'] == 1) 761 { 762 $optionschecked['disablesmilies'] = 'checked="checked"'; 763 } 764 if($pm['receipt']) 765 { 766 $optionschecked['readreceipt'] = 'checked="checked"'; 767 } 768 769 // Get list of recipients 770 $recipients = unserialize($pm['recipients']); 771 $comma = ''; 772 if(isset($recipients['to']) && is_array($recipients['to'])) 773 { 774 foreach($recipients['to'] as $recipient) 775 { 776 $recipient_list['to'][] = $recipient; 777 $recipientids .= $comma.$recipient; 778 $comma = ','; 779 } 780 } 781 782 if(isset($recipients['bcc']) && is_array($recipients['bcc'])) 783 { 784 foreach($recipients['bcc'] as $recipient) 785 { 786 $recipient_list['bcc'][] = $recipient; 787 $recipientids .= $comma.$recipient; 788 $comma = ','; 789 } 790 } 791 792 if(!empty($recipientids)) 793 { 794 $query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})"); 795 while($user = $db->fetch_array($query)) 796 { 797 if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc'])) 798 { 799 $bcc .= htmlspecialchars_uni($user['username']).', '; 800 } 801 else 802 { 803 $to .= htmlspecialchars_uni($user['username']).', '; 804 } 805 } 806 } 807 } 808 else 809 { // forward/reply 810 $subject = preg_replace("#(FW|RE):( *)#is", '', $subject); 811 $postdate = my_date($mybb->settings['dateformat'], $pm['dateline']); 812 $posttime = my_date($mybb->settings['timeformat'], $pm['dateline']); 813 $message = "[quote='{$pm['quotename']}']\n$message\n[/quote]"; 814 $message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message); 815 816 if($mybb->input['do'] == 'forward') 817 { 818 $subject = "Fw: $subject"; 819 } 820 elseif($mybb->input['do'] == 'reply') 821 { 822 $subject = "Re: $subject"; 823 $uid = $pm['fromid']; 824 if($mybb->user['uid'] == $uid) 825 { 826 $to = $mybb->user['username']; 827 } 828 else 829 { 830 $query = $db->simple_select('users', 'username', "uid='{$uid}'"); 831 $to = $db->fetch_field($query, 'username'); 832 } 833 $to = htmlspecialchars_uni($to); 834 } 835 else if($mybb->input['do'] == 'replyall') 836 { 837 $subject = "Re: $subject"; 838 839 // Get list of recipients 840 $recipients = unserialize($pm['recipients']); 841 $recipientids = $pm['fromid']; 842 if(isset($recipients['to']) && is_array($recipients['to'])) 843 { 844 foreach($recipients['to'] as $recipient) 845 { 846 if($recipient == $mybb->user['uid']) 847 { 848 continue; 849 } 850 $recipientids .= ','.$recipient; 851 } 852 } 853 $comma = ''; 854 $query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})"); 855 while($user = $db->fetch_array($query)) 856 { 857 $to .= $comma.htmlspecialchars($user['username']); 858 $comma = $lang->comma; 859 } 860 } 861 } 862 } 863 864 // New PM with recipient preset 865 if($mybb->input['uid'] && !$mybb->input['preview']) 866 { 867 $query = $db->simple_select('users', 'username', "uid='".$db->escape_string($mybb->input['uid'])."'"); 868 $to = htmlspecialchars_uni($db->fetch_field($query, 'username')).', '; 869 } 870 871 $max_recipients = ''; 872 if($mybb->usergroup['maxpmrecipients'] > 0) 873 { 874 $max_recipients = $lang->sprintf($lang->max_recipients, $mybb->usergroup['maxpmrecipients']); 875 } 876 877 if($send_errors) 878 { 879 $to = htmlspecialchars_uni($mybb->input['to']); 880 $bcc = htmlspecialchars_uni($mybb->input['bcc']); 881 } 882 883 // Load the auto complete javascript if it is enabled. 884 eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";"); 885 886 $pmid = $mybb->input['pmid']; 887 $do = $mybb->input['do']; 888 if($do != "forward" && $do != "reply" && $do != "replyall") 889 { 890 $do = ''; 891 } 892 893 // See if it's actually worth showing the buddylist icon. 894 if($mybb->user['buddylist'] != '' && $mybb->settings['use_xmlhttprequest'] == 1) 895 { 896 $buddy_select = 'to'; 897 eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";"); 898 $buddy_select = 'bcc'; 899 eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";"); 900 } 901 902 $plugins->run_hooks("private_send_end"); 903 904 eval("\$send = \"".$templates->get("private_send")."\";"); 905 output_page($send); 906 } 907 908 909 if($mybb->input['action'] == "read") 910 { 911 $plugins->run_hooks("private_read"); 912 913 $pmid = intval($mybb->input['pmid']); 914 915 $query = $db->query(" 916 SELECT pm.*, u.*, f.* 917 FROM ".TABLE_PREFIX."privatemessages pm 918 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid) 919 LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) 920 WHERE pm.pmid='".intval($mybb->input['pmid'])."' AND pm.uid='".$mybb->user['uid']."' 921 "); 922 $pm = $db->fetch_array($query); 923 if($pm['folder'] == 3) 924 { 925 header("Location: private.php?action=send&pmid={$pm['pmid']}"); 926 exit; 927 } 928 929 if(!$pm['pmid']) 930 { 931 error($lang->error_invalidpm); 932 } 933 934 // If we've gotten a PM, attach the group info 935 $data_key = array( 936 'title' => 'grouptitle', 937 'usertitle' => 'groupusertitle', 938 'stars' => 'groupstars', 939 'starimage' => 'groupstarimage', 940 'image' => 'groupimage', 941 'namestyle' => 'namestyle' 942 ); 943 944 foreach($data_key as $field => $key) 945 { 946 $pm[$key] = $groupscache[$pm['usergroup']][$field]; 947 } 948 949 if($pm['receipt'] == 1) 950 { 951 if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1) 952 { 953 $receiptadd = 0; 954 } 955 else 956 { 957 $receiptadd = 2; 958 } 959 } 960 961 if($pm['status'] == 0) 962 { 963 $time = TIME_NOW; 964 $updatearray = array( 965 'status' => 1, 966 'readtime' => $time 967 ); 968 969 if(isset($receiptadd)) 970 { 971 $updatearray['receipt'] = $receiptadd; 972 } 973 974 $db->update_query('privatemessages', $updatearray, "pmid='{$pmid}'"); 975 976 // Update the unread count - it has now changed. 977 update_pm_count($mybb->user['uid'], 6); 978 979 // Update PM notice value if this is our last unread PM 980 if($mybb->user['unreadpms']-1 <= 0 && $mybb->user['pmnotice'] == 2) 981 { 982 $updated_user = array( 983 "pmnotice" => 1 984 ); 985 $db->update_query("users", $updated_user, "uid='{$mybb->user['uid']}'"); 986 } 987 } 988 // Replied PM? 989 else if($pm['status'] == 3 && $pm['statustime']) 990 { 991 $reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']); 992 993 if($reply_date == $lang->today || $reply_date == $lang->yesterday) 994 { 995 $reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']); 996 $actioned_on = $lang->sprintf($lang->you_replied, $reply_date); 997 } 998 else 999 { 1000 $reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']); 1001 $actioned_on = $lang->sprintf($lang->you_replied_on, $reply_date); 1002 } 1003 1004 eval("\$action_time = \"".$templates->get("private_read_action")."\";"); 1005 } 1006 else if($pm['status'] == 4 && $pm['statustime']) 1007 { 1008 $forward_date = my_date($mybb->settings['dateformat'], $pm['statustime']); 1009 1010 if(strpos($forward_date, $lang->today) !== false || strpos($forward_date, $lang->yesterday) !== false) 1011 { 1012 $forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']); 1013 $actioned_on = $lang->sprintf($lang->you_forwarded, $forward_date); 1014 } 1015 else 1016 { 1017 $forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']); 1018 $actioned_on = $lang->sprintf($lang->you_forwarded_on, $forward_date); 1019 } 1020 1021 eval("\$action_time = \"".$templates->get("private_read_action")."\";"); 1022 } 1023 1024 $pm['userusername'] = $pm['username']; 1025 $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); 1026 if($pm['fromid'] == 0) 1027 { 1028 $pm['username'] = $lang->mybb_engine; 1029 } 1030 1031 if(!$pm['username']) 1032 { 1033 $pm['username'] = $lang->na; 1034 } 1035 1036 // Fetch the recipients for this message 1037 $pm['recipients'] = @unserialize($pm['recipients']); 1038 1039 if(is_array($pm['recipients']['to'])) 1040 { 1041 $uid_sql = implode(',', $pm['recipients']['to']); 1042 } 1043 else 1044 { 1045 $uid_sql = $pm['toid']; 1046 $pm['recipients']['to'] = array($pm['toid']); 1047 } 1048 1049 $show_bcc = 0; 1050 1051 // If we have any BCC recipients and this user is an Administrator, add them on to the query 1052 if(count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1) 1053 { 1054 $show_bcc = 1; 1055 $uid_sql .= ','.implode(',', $pm['recipients']['bcc']); 1056 } 1057 1058 // Fetch recipient names from the database 1059 $bcc_recipients = $to_recipients = array(); 1060 $query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})"); 1061 while($recipient = $db->fetch_array($query)) 1062 { 1063 // User is a BCC recipient 1064 if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc'])) 1065 { 1066 $bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']); 1067 } 1068 // User is a normal recipient 1069 else if(in_array($recipient['uid'], $pm['recipients']['to'])) 1070 { 1071 $to_recipients[] = build_profile_link($recipient['username'], $recipient['uid']); 1072 } 1073 } 1074 1075 if(count($bcc_recipients) > 0) 1076 { 1077 $bcc_recipients = implode(', ', $bcc_recipients); 1078 eval("\$bcc = \"".$templates->get("private_read_bcc")."\";"); 1079 } 1080 1081 $replyall = false; 1082 if(count($to_recipients) > 1) 1083 { 1084 $replyall = true; 1085 } 1086 1087 if(count($to_recipients) > 0) 1088 { 1089 $to_recipients = implode(", ", $to_recipients); 1090 } 1091 else 1092 { 1093 $to_recipients = $lang->nobody; 1094 } 1095 1096 eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";"); 1097 1098 add_breadcrumb($pm['subject']); 1099 $message = build_postbit($pm, 2); 1100 1101 $plugins->run_hooks("private_read_end"); 1102 1103 eval("\$read = \"".$templates->get("private_read")."\";"); 1104 output_page($read); 1105 } 1106 1107 if($mybb->input['action'] == "tracking") 1108 { 1109 $plugins->run_hooks("private_tracking_start"); 1110 $readmessages = ''; 1111 $unreadmessages = ''; 1112 1113 // Figure out if we need to display multiple pages. 1114 $perpage = $mybb->settings['postsperpage']; 1115 1116 $query = $db->simple_select("privatemessages", "COUNT(pmid) as readpms", "receipt='2' AND folder!='3' AND status!='0' AND fromid='".$mybb->user['uid']."'"); 1117 $postcount = $db->fetch_field($query, "readpms"); 1118 1119 $page = intval($mybb->input['read_page']); 1120 $pages = $postcount / $perpage; 1121 $pages = ceil($pages); 1122 1123 if($mybb->input['page'] == "last") 1124 { 1125 $page = $pages; 1126 } 1127 1128 if($page > $pages || $page <= 0) 1129 { 1130 $page = 1; 1131 } 1132 1133 if($page) 1134 { 1135 $start = ($page-1) * $perpage; 1136 } 1137 else 1138 { 1139 $start = 0; 1140 $page = 1; 1141 } 1142 1143 $read_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&read_page={page}"); 1144 1145 $query = $db->query(" 1146 SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername 1147 FROM ".TABLE_PREFIX."privatemessages pm 1148 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid) 1149 WHERE pm.receipt='2' AND pm.folder!='3' AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."' 1150 ORDER BY pm.readtime DESC 1151 LIMIT {$start}, {$perpage} 1152 "); 1153 while($readmessage = $db->fetch_array($query)) 1154 { 1155 $readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject'])); 1156 $readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']); 1157 $readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']); 1158 $readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']); 1159 eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";"); 1160 } 1161 1162 if(!$readmessages) 1163 { 1164 eval("\$readmessages = \"".$templates->get("private_tracking_nomessage")."\";"); 1165 } 1166 1167 $query = $db->simple_select("privatemessages", "COUNT(pmid) as unreadpms", "receipt='1' AND folder!='3' AND status='0' AND fromid='".$mybb->user['uid']."'"); 1168 $postcount = $db->fetch_field($query, "unreadpms"); 1169 1170 $page = intval($mybb->input['unread_page']); 1171 $pages = $postcount / $perpage; 1172 $pages = ceil($pages); 1173 1174 if($mybb->input['page'] == "last") 1175 { 1176 $page = $pages; 1177 } 1178 1179 if($page > $pages || $page <= 0) 1180 { 1181 $page = 1; 1182 } 1183 1184 if($page) 1185 { 1186 $start = ($page-1) * $perpage; 1187 } 1188 else 1189 { 1190 $start = 0; 1191 $page = 1; 1192 } 1193 1194 $unread_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&unread_page={page}"); 1195 1196 $query = $db->query(" 1197 SELECT pm.pmid, pm.subject, pm.toid, pm.dateline, u.username as tousername 1198 FROM ".TABLE_PREFIX."privatemessages pm 1199 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid) 1200 WHERE pm.receipt='1' AND pm.folder!='3' AND pm.status='0' AND pm.fromid='".$mybb->user['uid']."' 1201 ORDER BY pm.dateline DESC 1202 LIMIT {$start}, {$perpage} 1203 "); 1204 while($unreadmessage = $db->fetch_array($query)) 1205 { 1206 $unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject'])); 1207 $unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']); 1208 $senddate = my_date($mybb->settings['dateformat'], $unreadmessage['dateline']); 1209 $sendtime = my_date($mybb->settings['timeformat'], $unreadmessage['dateline']); 1210 eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";"); 1211 } 1212 1213 if(!$unreadmessages) 1214 { 1215 $lang->no_readmessages = $lang->no_unreadmessages; 1216 eval("\$unreadmessages = \"".$templates->get("private_tracking_nomessage")."\";"); 1217 } 1218 1219 $plugins->run_hooks("private_tracking_end"); 1220 1221 eval("\$tracking = \"".$templates->get("private_tracking")."\";"); 1222 output_page($tracking); 1223 } 1224 if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post") 1225 { 1226 // Verify incoming POST request 1227 verify_post_check($mybb->input['my_post_key']); 1228 1229 $plugins->run_hooks("private_do_tracking_start"); 1230 1231 if($mybb->input['stoptracking']) 1232 { 1233 if(is_array($mybb->input['readcheck'])) 1234 { 1235 foreach($mybb->input['readcheck'] as $key => $val) 1236 { 1237 $sql_array = array( 1238 "receipt" => 0 1239 ); 1240 $db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']); 1241 } 1242 } 1243 $plugins->run_hooks("private_do_tracking_end"); 1244 redirect("private.php", $lang->redirect_pmstrackingstopped); 1245 } 1246 elseif($mybb->input['stoptrackingunread']) 1247 { 1248 if(is_array($mybb->input['unreadcheck'])) 1249 { 1250 foreach($mybb->input['unreadcheck'] as $key => $val) 1251 { 1252 $sql_array = array( 1253 "receipt" => 0 1254 ); 1255 $db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']); 1256 } 1257 } 1258 $plugins->run_hooks("private_do_tracking_end"); 1259 redirect("private.php", $lang->redirect_pmstrackingstopped); 1260 } 1261 elseif($mybb->input['cancel']) 1262 { 1263 if(is_array($mybb->input['unreadcheck'])) 1264 { 1265 foreach($mybb->input['unreadcheck'] as $pmid => $val) 1266 { 1267 $pmids[$pmid] = intval($pmid); 1268 } 1269 1270 $pmids = implode(",", $pmids); 1271 $query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'"); 1272 while($pm = $db->fetch_array($query)) 1273 { 1274 $pmuids[$pm['uid']] = $pm['uid']; 1275 } 1276 1277 $db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'"); 1278 foreach($pmuids as $uid) 1279 { 1280 // Message is canceled, update PM count for this user 1281 update_pm_count($uid); 1282 } 1283 } 1284 $plugins->run_hooks("private_do_tracking_end"); 1285 redirect("private.php", $lang->redirect_pmstrackingcanceled); 1286 } 1287 } 1288 1289 if($mybb->input['action'] == "folders") 1290 { 1291 $plugins->run_hooks("private_folders_start"); 1292 1293 $folderlist = ''; 1294 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 1295 foreach($foldersexploded as $key => $folders) 1296 { 1297 $folderinfo = explode("**", $folders, 2); 1298 $foldername = $folderinfo[1]; 1299 $fid = $folderinfo[0]; 1300 $foldername = get_pm_folder_name($fid, $foldername); 1301 1302 if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4") 1303 { 1304 $foldername2 = get_pm_folder_name($fid); 1305 eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";"); 1306 unset($name); 1307 } 1308 else 1309 { 1310 eval("\$folderlist .= \"".$templates->get("private_folders_folder")."\";"); 1311 } 1312 } 1313 1314 $newfolders = ''; 1315 for($i = 1; $i <= 5; ++$i) 1316 { 1317 $fid = "new$i"; 1318 $foldername = ''; 1319 eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";"); 1320 } 1321 1322 $plugins->run_hooks("private_folders_end"); 1323 1324 eval("\$folders = \"".$templates->get("private_folders")."\";"); 1325 output_page($folders); 1326 } 1327 1328 if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post") 1329 { 1330 // Verify incoming POST request 1331 verify_post_check($mybb->input['my_post_key']); 1332 1333 $plugins->run_hooks("private_do_folders_start"); 1334 1335 $highestid = 2; 1336 $folders = ''; 1337 @reset($mybb->input['folder']); 1338 foreach($mybb->input['folder'] as $key => $val) 1339 { 1340 if(!$donefolders[$val]) // Probably was a check for duplicate folder names, but doesn't seem to be used now 1341 { 1342 if(my_substr($key, 0, 3) == "new") // Create a new folder 1343 { 1344 ++$highestid; 1345 $fid = intval($highestid); 1346 } 1347 else // Editing an existing folder 1348 { 1349 if($key > $highestid) 1350 { 1351 $highestid = $key; 1352 } 1353 1354 $fid = intval($key); 1355 // Use default language strings if empty or value is language string 1356 switch($fid) 1357 { 1358 case 1: 1359 if($val == $lang->folder_inbox || trim($val) == '') 1360 { 1361 $val = ''; 1362 } 1363 break; 1364 case 2: 1365 if($val == $lang->folder_sent_items || trim($val) == '') 1366 { 1367 $val = ''; 1368 } 1369 break; 1370 case 3: 1371 if($val == $lang->folder_drafts || trim($val) == '') 1372 { 1373 $val = ''; 1374 } 1375 break; 1376 case 4: 1377 if($val == $lang->folder_trash || trim($val) == '') 1378 { 1379 $val = ''; 1380 } 1381 break; 1382 } 1383 } 1384 1385 if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4)) 1386 { 1387 // If the name only contains whitespace and it's not a default folder, print an error 1388 error($lang->error_emptypmfoldername); 1389 } 1390 1391 1392 if($val != '' || ($key >= 1 && $key <= 4)) 1393 { 1394 // If there is a name or if this is a default folder, save it 1395 $foldername = $val; 1396 $foldername = $db->escape_string(htmlspecialchars_uni($foldername)); 1397 1398 if(my_strpos($foldername, "$%%$") === false) 1399 { 1400 if($folders != '') 1401 { 1402 $folders .= "$%%$"; 1403 } 1404 $folders .= "$fid**$foldername"; 1405 } 1406 else 1407 { 1408 error($lang->error_invalidpmfoldername); 1409 } 1410 } 1411 else 1412 { 1413 // Delete PMs from the folder 1414 $db->delete_query("privatemessages", "folder='$fid' AND uid='".$mybb->user['uid']."'"); 1415 } 1416 } 1417 } 1418 1419 $sql_array = array( 1420 "pmfolders" => $folders 1421 ); 1422 $db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'"); 1423 1424 // Update PM count 1425 update_pm_count(); 1426 1427 $plugins->run_hooks("private_do_folders_end"); 1428 1429 redirect("private.php", $lang->redirect_pmfoldersupdated); 1430 } 1431 1432 if($mybb->input['action'] == "empty") 1433 { 1434 $plugins->run_hooks("private_empty_start"); 1435 1436 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 1437 $folderlist = ''; 1438 foreach($foldersexploded as $key => $folders) 1439 { 1440 $folderinfo = explode("**", $folders, 2); 1441 $fid = $folderinfo[0]; 1442 $foldername = get_pm_folder_name($fid, $folderinfo[1]); 1443 $query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid' AND uid='".$mybb->user['uid']."'"); 1444 $thing = $db->fetch_array($query); 1445 $foldercount = my_number_format($thing['pmsinfolder']); 1446 eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";"); 1447 } 1448 1449 $plugins->run_hooks("private_empty_end"); 1450 1451 eval("\$folders = \"".$templates->get("private_empty")."\";"); 1452 output_page($folders); 1453 } 1454 1455 if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post") 1456 { 1457 // Verify incoming POST request 1458 verify_post_check($mybb->input['my_post_key']); 1459 1460 $plugins->run_hooks("private_do_empty_start"); 1461 1462 $emptyq = ''; 1463 if(is_array($mybb->input['empty'])) 1464 { 1465 foreach($mybb->input['empty'] as $key => $val) 1466 { 1467 if($val == 1) 1468 { 1469 $key = intval($key); 1470 if($emptyq) 1471 { 1472 $emptyq .= " OR "; 1473 } 1474 $emptyq .= "folder='$key'"; 1475 } 1476 } 1477 1478 if($emptyq != '') 1479 { 1480 if($mybb->input['keepunread'] == 1) 1481 { 1482 $keepunreadq = " AND status!='0'"; 1483 } 1484 $db->delete_query("privatemessages", "($emptyq) AND uid='".$mybb->user['uid']."' $keepunreadq"); 1485 } 1486 } 1487 1488 // Update PM count 1489 update_pm_count(); 1490 1491 $plugins->run_hooks("private_do_empty_end"); 1492 redirect("private.php", $lang->redirect_pmfoldersemptied); 1493 } 1494 1495 if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post") 1496 { 1497 // Verify incoming POST request 1498 verify_post_check($mybb->input['my_post_key']); 1499 1500 $plugins->run_hooks("private_do_stuff"); 1501 1502 if($mybb->input['hop']) 1503 { 1504 header("Location: private.php?fid=".intval($mybb->input['jumpto'])); 1505 } 1506 elseif($mybb->input['moveto']) 1507 { 1508 if(is_array($mybb->input['check'])) 1509 { 1510 foreach($mybb->input['check'] as $key => $val) 1511 { 1512 $sql_array = array( 1513 "folder" => intval($mybb->input['fid']) 1514 ); 1515 $db->update_query("privatemessages", $sql_array, "pmid='".intval($key)."' AND uid='".$mybb->user['uid']."'"); 1516 } 1517 } 1518 // Update PM count 1519 update_pm_count(); 1520 1521 if(!empty($mybb->input['fromfid'])) 1522 { 1523 redirect("private.php?fid=".intval($mybb->input['fromfid']), $lang->redirect_pmsmoved); 1524 } 1525 else 1526 { 1527 redirect("private.php", $lang->redirect_pmsmoved); 1528 } 1529 } 1530 else if($mybb->input['delete']) 1531 { 1532 if(is_array($mybb->input['check'])) 1533 { 1534 $pmssql = ''; 1535 foreach($mybb->input['check'] as $key => $val) 1536 { 1537 if($pmssql) 1538 { 1539 $pmssql .= ","; 1540 } 1541 $pmssql .= "'".intval($key)."'"; 1542 } 1543 1544 $query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); 1545 while($delpm = $db->fetch_array($query)) 1546 { 1547 $deletepms[$delpm['pmid']] = 1; 1548 } 1549 1550 reset($mybb->input['check']); 1551 foreach($mybb->input['check'] as $key => $val) 1552 { 1553 $key = intval($key); 1554 if($deletepms[$key]) 1555 { 1556 $db->delete_query("privatemessages", "pmid='$key' AND uid='".$mybb->user['uid']."'"); 1557 } 1558 else 1559 { 1560 $sql_array = array( 1561 "folder" => 4, 1562 "deletetime" => TIME_NOW 1563 ); 1564 $db->update_query("privatemessages", $sql_array, "pmid='".$key."' AND uid='".$mybb->user['uid']."'"); 1565 } 1566 } 1567 } 1568 // Update PM count 1569 update_pm_count(); 1570 1571 if(!empty($mybb->input['fromfid'])) 1572 { 1573 redirect("private.php?fid=".intval($mybb->input['fromfid']), $lang->redirect_pmsdeleted); 1574 } 1575 else 1576 { 1577 redirect("private.php", $lang->redirect_pmsdeleted); 1578 } 1579 } 1580 } 1581 1582 if($mybb->input['action'] == "delete") 1583 { 1584 // Verify incoming POST request 1585 verify_post_check($mybb->input['my_post_key']); 1586 1587 $plugins->run_hooks("private_delete_start"); 1588 1589 $query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); 1590 if($db->num_rows($query) == 1) 1591 { 1592 $db->delete_query("privatemessages", "pmid='".intval($mybb->input['pmid'])."'"); 1593 } 1594 else 1595 { 1596 $sql_array = array( 1597 "folder" => 4, 1598 "deletetime" => TIME_NOW 1599 ); 1600 $db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'"); 1601 } 1602 1603 // Update PM count 1604 update_pm_count(); 1605 1606 $plugins->run_hooks("private_delete_end"); 1607 redirect("private.php", $lang->redirect_pmsdeleted); 1608 } 1609 1610 if($mybb->input['action'] == "export") 1611 { 1612 $plugins->run_hooks("private_export_start"); 1613 1614 $folderlist = "<select name=\"exportfolders[]\" multiple=\"multiple\">\n"; 1615 $folderlist .= "<option value=\"all\" selected=\"selected\">$lang->all_folders</option>"; 1616 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 1617 foreach($foldersexploded as $key => $folders) 1618 { 1619 $folderinfo = explode("**", $folders, 2); 1620 $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); 1621 $folderlist .= "<option value=\"$folderinfo[0]\">$folderinfo[1]</option>\n"; 1622 } 1623 $folderlist .= "</select>\n"; 1624 1625 $plugins->run_hooks("private_export_end"); 1626 1627 eval("\$archive = \"".$templates->get("private_archive")."\";"); 1628 1629 output_page($archive); 1630 } 1631 1632 if($mybb->input['action'] == "do_export" && $mybb->request_method == "post") 1633 { 1634 // Verify incoming POST request 1635 verify_post_check($mybb->input['my_post_key']); 1636 1637 $plugins->run_hooks("private_do_export_start"); 1638 1639 $lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']); 1640 $exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0); 1641 $extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0); 1642 $lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime); 1643 $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); 1644 foreach($foldersexploded as $key => $folders) 1645 { 1646 $folderinfo = explode("**", $folders, 2); 1647 $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]); 1648 $foldersexploded[$key] = implode("**", $folderinfo); 1649 } 1650 1651 if($mybb->input['pmid']) 1652 { 1653 $wsql = "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'"; 1654 } 1655 else 1656 { 1657 if($mybb->input['daycut'] && ($mybb->input['dayway'] != "disregard")) 1658 { 1659 $datecut = TIME_NOW-($mybb->input['daycut'] * 86400); 1660 $wsql = "pm.dateline"; 1661 if($mybb->input['dayway'] == "older") 1662 { 1663 $wsql .= "<="; 1664 } 1665 else 1666 { 1667 $wsql .= ">="; 1668 } 1669 $wsql .= "'$datecut'"; 1670 } 1671 else 1672 { 1673 $wsql = "1=1"; 1674 } 1675 1676 if(is_array($mybb->input['exportfolders'])) 1677 { 1678 $folderlst = ''; 1679 reset($mybb->input['exportfolders']); 1680 foreach($mybb->input['exportfolders'] as $key => $val) 1681 { 1682 $val = $db->escape_string($val); 1683 if($val == "all") 1684 { 1685 $folderlst = ''; 1686 break; 1687 } 1688 else 1689 { 1690 if(!$folderlst) 1691 { 1692 $folderlst = " AND pm.folder IN ('$val'"; 1693 } 1694 else 1695 { 1696 $folderlst .= ",'$val'"; 1697 } 1698 } 1699 } 1700 if($folderlst) 1701 { 1702 $folderlst .= ")"; 1703 } 1704 $wsql .= "$folderlst"; 1705 } 1706 else 1707 { 1708 error($lang->error_pmnoarchivefolders); 1709 } 1710 1711 if($mybb->input['exportunread'] != 1) 1712 { 1713 $wsql .= " AND pm.status!='0'"; 1714 } 1715 } 1716 $query = $db->query(" 1717 SELECT pm.*, fu.username AS fromusername, tu.username AS tousername 1718 FROM ".TABLE_PREFIX."privatemessages pm 1719 LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid) 1720 LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid) 1721 WHERE $wsql AND pm.uid='".$mybb->user['uid']."' 1722 ORDER BY pm.folder ASC, pm.dateline DESC 1723 "); 1724 $numpms = $db->num_rows($query); 1725 if(!$numpms) 1726 { 1727 error($lang->error_nopmsarchive); 1728 } 1729 1730 $pmsdownload = ''; 1731 while($message = $db->fetch_array($query)) 1732 { 1733 if($message['folder'] == 2 || $message['folder'] == 3) 1734 { // Sent Items or Drafts Folder Check 1735 if($message['toid']) 1736 { 1737 $tofromuid = $message['toid']; 1738 if($mybb->input['exporttype'] == "txt") 1739 { 1740 $tofromusername = $message['tousername']; 1741 } 1742 else 1743 { 1744 $tofromusername = build_profile_link($message['tousername'], $tofromuid); 1745 } 1746 } 1747 else 1748 { 1749 $tofromusername = $lang->not_sent; 1750 } 1751 $tofrom = $lang->to; 1752 } 1753 else 1754 { 1755 $tofromuid = $message['fromid']; 1756 if($mybb->input['exporttype'] == "txt") 1757 { 1758 $tofromusername = $message['fromusername']; 1759 } 1760 else 1761 { 1762 $tofromusername = build_profile_link($message['fromusername'], $tofromuid); 1763 } 1764 1765 if($tofromuid == 0) 1766 { 1767 $tofromusername = $lang->mybb_engine; 1768 } 1769 $tofrom = $lang->from; 1770 } 1771 1772 if($tofromuid == 0) 1773 { 1774 $message['fromusername'] = $lang->mybb_engine; 1775 } 1776 1777 if(!$message['toid'] && $message['folder'] == 3) 1778 { 1779 $message['tousername'] = $lang->not_sent; 1780 } 1781 1782 $message['subject'] = $parser->parse_badwords($message['subject']); 1783 if($message['folder'] != "3") 1784 { 1785 $senddate = my_date($mybb->settings['dateformat'], $message['dateline']); 1786 $sendtime = my_date($mybb->settings['timeformat'], $message['dateline']); 1787 $senddate .= " $lang->at $sendtime"; 1788 } 1789 else 1790 { 1791 $senddate = $lang->not_sent; 1792 } 1793 1794 if($mybb->input['exporttype'] == "html") 1795 { 1796 $parser_options = array( 1797 "allow_html" => $mybb->settings['pmsallowhtml'], 1798 "allow_mycode" => $mybb->settings['pmsallowmycode'], 1799 "allow_smilies" => 0, 1800 "allow_imgcode" => $mybb->settings['pmsallowimgcode'], 1801 "allow_videocode" => $mybb->settings['pmsallowvideocode'], 1802 "me_username" => $mybb->user['username'], 1803 "filter_badwords" => 1 1804 ); 1805 1806 $message['message'] = $parser->parse_message($message['message'], $parser_options); 1807 $message['subject'] = htmlspecialchars_uni($message['subject']); 1808 } 1809 1810 if($mybb->input['exporttype'] == "txt" || $mybb->input['exporttype'] == "csv") 1811 { 1812 $message['message'] = str_replace("\r\n", "\n", $message['message']); 1813 $message['message'] = str_replace("\n", "\r\n", $message['message']); 1814 } 1815 1816 if($mybb->input['exporttype'] == "csv") 1817 { 1818 $message['message'] = addslashes($message['message']); 1819 $message['subject'] = addslashes($message['subject']); 1820 $message['tousername'] = addslashes($message['tousername']); 1821 $message['fromusername'] = addslashes($message['fromusername']); 1822 } 1823 1824 1825 if(!$donefolder[$message['folder']]) 1826 { 1827 reset($foldersexploded); 1828 foreach($foldersexploded as $key => $val) 1829 { 1830 $folderinfo = explode("**", $val, 2); 1831 if($folderinfo[0] == $message['folder']) 1832 { 1833 $foldername = $folderinfo[1]; 1834 if($mybb->input['exporttype'] != "csv") 1835 { 1836 if($mybb->input['exporttype'] != "html") 1837 { 1838 $mybb->input['exporttype'] == "txt"; 1839 } 1840 eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_folderhead", 1, 0)."\";"); 1841 } 1842 else 1843 { 1844 $foldername = addslashes($folderinfo[1]); 1845 } 1846 $donefolder[$message['folder']] = 1; 1847 } 1848 } 1849 } 1850 1851 eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";"); 1852 $ids .= ",'{$message['pmid']}'"; 1853 } 1854 1855 $query = $db->simple_select("themestylesheets", "stylesheet", "sid=1", array('limit' => 1)); 1856 $css = $db->fetch_field($query, "stylesheet"); 1857 1858 $plugins->run_hooks("private_do_export_end"); 1859 1860 eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";"); 1861 if($mybb->input['deletepms'] == 1) 1862 { // delete the archived pms 1863 $db->delete_query("privatemessages", "pmid IN ('0'$ids)"); 1864 // Update PM count 1865 update_pm_count(); 1866 } 1867 1868 if($mybb->input['exporttype'] == "html") 1869 { 1870 $filename = "pm-archive.html"; 1871 $contenttype = "text/html"; 1872 } 1873 elseif($mybb->input['exporttype'] == "csv") 1874 { 1875 $filename = "pm-archive.csv"; 1876 $contenttype = "application/octet-stream"; 1877 } 1878 else 1879 { 1880 $filename = "pm-archive.txt"; 1881 $contenttype = "text/plain"; 1882 } 1883 1884 $archived = str_replace("\\\'","'",$archived); 1885 header("Content-disposition: filename=$filename"); 1886 header("Content-type: ".$contenttype); 1887 1888 if($mybb->input['exporttype'] == "html") 1889 { 1890 output_page($archived); 1891 } 1892 else 1893 { 1894 echo $archived; 1895 } 1896 } 1897 1898 if(!$mybb->input['action']) 1899 { 1900 $plugins->run_hooks("private_start"); 1901 1902 if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames)) 1903 { 1904 $mybb->input['fid'] = 1; 1905 } 1906 1907 $folder = $mybb->input['fid']; 1908 1909 $foldername = htmlspecialchars_uni($foldernames[$folder]); 1910 1911 $lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername); 1912 if($folder == 2 || $folder == 3) 1913 { // Sent Items Folder 1914 $sender = $lang->sentto; 1915 } 1916 else 1917 { 1918 $sender = $lang->sender; 1919 } 1920 1921 // Do Multi Pages 1922 $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'"); 1923 $pmscount = $db->fetch_array($query); 1924 1925 if(!$mybb->settings['threadsperpage']) 1926 { 1927 $mybb->settings['threadsperpage'] = 20; 1928 } 1929 1930 $perpage = $mybb->settings['threadsperpage']; 1931 $page = intval($mybb->input['page']); 1932 1933 if(intval($mybb->input['page']) > 0) 1934 { 1935 $start = ($page-1) *$perpage; 1936 } 1937 else 1938 { 1939 $start = 0; 1940 $page = 1; 1941 } 1942 1943 $end = $start + $perpage; 1944 $lower = $start+1; 1945 $upper = $end; 1946 1947 if($upper > $threadcount) 1948 { 1949 $upper = $threadcount; 1950 } 1951 $multipage = multipage($pmscount['total'], $perpage, $page, "private.php?fid=$folder"); 1952 $messagelist = ''; 1953 1954 $icon_cache = $cache->read("posticons"); 1955 1956 // Cache users in multiple recipients for sent & drafts folder 1957 if($folder == 2 || $folder == 3) 1958 { 1959 // Get all recipients into an array 1960 $cached_users = $get_users = array(); 1961 $users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC')); 1962 while($row = $db->fetch_array($users_query)) 1963 { 1964 $recipients = unserialize($row['recipients']); 1965 if(is_array($recipients['to']) && count($recipients['to'])) 1966 { 1967 $get_users = array_merge($get_users, $recipients['to']); 1968 } 1969 1970 if(is_array($recipients['bcc']) && count($recipients['bcc'])) 1971 { 1972 $get_users = array_merge($get_users, $recipients['bcc']); 1973 } 1974 } 1975 1976 $get_users = implode(',', array_unique($get_users)); 1977 1978 // Grab info 1979 if($get_users) 1980 { 1981 $users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})"); 1982 while($user = $db->fetch_array($users_query)) 1983 { 1984 $cached_users[$user['uid']] = $user; 1985 } 1986 } 1987 } 1988 1989 $query = $db->query(" 1990 SELECT pm.*, fu.username AS fromusername, tu.username as tousername 1991 FROM ".TABLE_PREFIX."privatemessages pm 1992 LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid) 1993 LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid) 1994 WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."' 1995 ORDER BY pm.dateline DESC 1996 LIMIT $start, $perpage 1997 "); 1998 1999 if($db->num_rows($query) > 0) 2000 { 2001 while($message = $db->fetch_array($query)) 2002 { 2003 $msgalt = $msgsuffix = $msgprefix = ''; 2004 // Determine Folder Icon 2005 if($message['status'] == 0) 2006 { 2007 $msgfolder = 'new_pm.gif'; 2008 $msgalt = $lang->new_pm; 2009 $msgprefix = "<strong>"; 2010 $msgsuffix = "</strong>"; 2011 } 2012 elseif($message['status'] == 1) 2013 { 2014 $msgfolder = 'old_pm.gif'; 2015 $msgalt = $lang->old_pm; 2016 } 2017 elseif($message['status'] == 3) 2018 { 2019 $msgfolder = 're_pm.gif'; 2020 $msgalt = $lang->reply_pm; 2021 } 2022 elseif($message['status'] == 4) 2023 { 2024 $msgfolder = 'fw_pm.gif'; 2025 $msgalt = $lang->fwd_pm; 2026 } 2027 2028 if($folder == 2 || $folder == 3) 2029 { // Sent Items or Drafts Folder Check 2030 $recipients = unserialize($message['recipients']); 2031 $to_users = $bcc_users = ''; 2032 if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && count($recipients['bcc']) > 0)) 2033 { 2034 foreach($recipients['to'] as $uid) 2035 { 2036 $profilelink = get_profile_link($uid); 2037 $user = $cached_users[$uid]; 2038 $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 2039 if(!$user['username']) 2040 { 2041 $username = $lang->na; 2042 } 2043 eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 2044 } 2045 if(is_array($recipients['bcc']) && count($recipients['bcc'])) 2046 { 2047 eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";"); 2048 foreach($recipients['bcc'] as $uid) 2049 { 2050 $profilelink = get_profile_link($uid); 2051 $user = $cached_users[$uid]; 2052 $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); 2053 if(!$user['username']) 2054 { 2055 $username = $lang->na; 2056 } 2057 eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 2058 } 2059 } 2060 2061 eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";"); 2062 } 2063 else if($message['toid']) 2064 { 2065 $tofromusername = $message['tousername']; 2066 $tofromuid = $message['toid']; 2067 } 2068 else 2069 { 2070 $tofromusername = $lang->not_sent; 2071 } 2072 } 2073 else 2074 { 2075 $tofromusername = $message['fromusername']; 2076 $tofromuid = $message['fromid']; 2077 if($tofromuid == 0) 2078 { 2079 $tofromusername = $lang->mybb_engine; 2080 } 2081 2082 if(!$tofromusername) 2083 { 2084 $tofromuid = 0; 2085 $tofromusername = $lang->na; 2086 } 2087 } 2088 2089 $tofromusername = build_profile_link($tofromusername, $tofromuid); 2090 2091 if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $message['receipt'] == '1' && $message['folder'] != '3' && $message['folder'] != 2) 2092 { 2093 eval("\$denyreceipt = \"".$templates->get("private_messagebit_denyreceipt")."\";"); 2094 } 2095 else 2096 { 2097 $denyreceipt = ''; 2098 } 2099 2100 if($message['icon'] > 0 && $icon_cache[$message['icon']]) 2101 { 2102 $icon = $icon_cache[$message['icon']]; 2103 $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />"; 2104 } 2105 else 2106 { 2107 $icon = '	'; 2108 } 2109 2110 if(!trim($message['subject'])) 2111 { 2112 $message['subject'] = $lang->pm_no_subject; 2113 } 2114 2115 $message['subject'] = htmlspecialchars_uni($parser->parse_badwords($message['subject'])); 2116 if($message['folder'] != "3") 2117 { 2118 $sendpmdate = my_date($mybb->settings['dateformat'], $message['dateline']); 2119 $sendpmtime = my_date($mybb->settings['timeformat'], $message['dateline']); 2120 $senddate = $sendpmdate.", ".$sendpmtime; 2121 } 2122 else 2123 { 2124 $senddate = $lang->not_sent; 2125 } 2126 eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";"); 2127 } 2128 } 2129 else 2130 { 2131 eval("\$messagelist .= \"".$templates->get("private_nomessages")."\";"); 2132 } 2133 2134 if($mybb->usergroup['pmquota'] != '0' && $mybb->usergroup['cancp'] != 1) 2135 { 2136 $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'"); 2137 $pmscount = $db->fetch_array($query); 2138 if($pmscount['total'] == 0) 2139 { 2140 $spaceused = 0; 2141 } 2142 else 2143 { 2144 $spaceused = $pmscount['total'] / $mybb->usergroup['pmquota'] * 100; 2145 } 2146 $spaceused2 = 100 - $spaceused; 2147 if($spaceused <= "50") 2148 { 2149 $belowhalf = round($spaceused, 0)."%"; 2150 if(intval($belowhalf) > 100) 2151 { 2152 $belowhalf = "100%"; 2153 } 2154 } 2155 else 2156 { 2157 $overhalf = round($spaceused, 0)."%"; 2158 if(intval($overhalf) > 100) 2159 { 2160 $overhalf = "100%"; 2161 } 2162 } 2163 2164 eval("\$pmspacebar = \"".$templates->get("private_pmspace")."\";"); 2165 } 2166 2167 if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1) 2168 { 2169 eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";"); 2170 } 2171 2172 $plugins->run_hooks("private_end"); 2173 2174 eval("\$folder = \"".$templates->get("private")."\";"); 2175 output_page($folder); 2176 } 2177 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |