Verzeichnisstruktur phpBB-2.0.0
- Veröffentlicht
- 03.04.2002
So funktioniert es
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
privmsg.php
0001 <?php
0002 /***************************************************************************
0003 * privmsgs.php
0004 * -------------------
0005 * begin : Saturday, Jun 9, 2001
0006 * copyright : (C) 2001 The phpBB Group
0007 * email : support@phpbb.com
0008 *
0009 * $Id$
0010 *
0011 *
0012 ***************************************************************************/
0013
0014 /***************************************************************************
0015 *
0016 * This program is free software; you can redistribute it and/or modify
0017 * it under the terms of the GNU General Public License as published by
0018 * the Free Software Foundation; either version 2 of the License, or
0019 * (at your option) any later version.
0020 *
0021 ***************************************************************************/
0022
0023 define('IN_PHPBB', true);
0024 $phpbb_root_path = './';
0025 include($phpbb_root_path . 'extension.inc');
0026 include($phpbb_root_path . 'common.'.$phpEx);
0027 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
0028 include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
0029
0030 //
0031 // Is PM disabled?
0032 //
0033 if ( !empty($board_config['privmsg_disable']) )
0034 {
0035 message_die(GENERAL_MESSAGE, 'PM_disabled');
0036 }
0037
0038 $html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
0039 $html_entities_replace = array('&', '<', '>', '"');
0040
0041 //
0042 // Parameters
0043 //
0044 $submit = ( isset($HTTP_POST_VARS['post']) ) ? TRUE : 0;
0045 $submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0;
0046 $submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0;
0047 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
0048 $preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0;
0049 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
0050 $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;
0051 $delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;
0052 $save = ( isset($HTTP_POST_VARS['save']) ) ? TRUE : 0;
0053 $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
0054
0055 $refresh = $preview || $submit_search;
0056
0057 $mark_list = ( !empty($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : 0;
0058
0059 if ( isset($HTTP_POST_VARS['folder']) || isset($HTTP_GET_VARS['folder']) )
0060 {
0061 $folder = ( isset($HTTP_POST_VARS['folder']) ) ? $HTTP_POST_VARS['folder'] : $HTTP_GET_VARS['folder'];
0062 $folder = htmlspecialchars($folder);
0063
0064 if ( $folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox' )
0065 {
0066 $folder = 'inbox';
0067 }
0068 }
0069 else
0070 {
0071 $folder = 'inbox';
0072 }
0073
0074 //
0075 // Start session management
0076 //
0077 $userdata = session_pagestart($user_ip, PAGE_PRIVMSGS);
0078 init_userprefs($userdata);
0079 //
0080 // End session management
0081 //
0082
0083 //
0084 // Cancel
0085 //
0086 if ( $cancel )
0087 {
0088 redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
0089 }
0090
0091 //
0092 // Var definitions
0093 //
0094 if ( !empty($HTTP_POST_VARS['mode']) || !empty($HTTP_GET_VARS['mode']) )
0095 {
0096 $mode = ( !empty($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
0097 $mode = htmlspecialchars($mode);
0098 }
0099 else
0100 {
0101 $mode = '';
0102 }
0103
0104 $start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
0105 $start = ($start < 0) ? 0 : $start;
0106
0107 if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) )
0108 {
0109 $privmsg_id = ( isset($HTTP_POST_VARS[POST_POST_URL]) ) ? intval($HTTP_POST_VARS[POST_POST_URL]) : intval($HTTP_GET_VARS[POST_POST_URL]);
0110 }
0111 else
0112 {
0113 $privmsg_id = '';
0114 }
0115
0116 $error = FALSE;
0117
0118 //
0119 // Define the box image links
0120 //
0121 $inbox_img = ( $folder != 'inbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '"><img src="' . $images['pm_inbox'] . '" border="0" alt="' . $lang['Inbox'] . '" /></a>' : '<img src="' . $images['pm_inbox'] . '" border="0" alt="' . $lang['Inbox'] . '" />';
0122 $inbox_url = ( $folder != 'inbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '">' . $lang['Inbox'] . '</a>' : $lang['Inbox'];
0123
0124 $outbox_img = ( $folder != 'outbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=outbox") . '"><img src="' . $images['pm_outbox'] . '" border="0" alt="' . $lang['Outbox'] . '" /></a>' : '<img src="' . $images['pm_outbox'] . '" border="0" alt="' . $lang['Outbox'] . '" />';
0125 $outbox_url = ( $folder != 'outbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=outbox") . '">' . $lang['Outbox'] . '</a>' : $lang['Outbox'];
0126
0127 $sentbox_img = ( $folder != 'sentbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=sentbox") . '"><img src="' . $images['pm_sentbox'] . '" border="0" alt="' . $lang['Sentbox'] . '" /></a>' : '<img src="' . $images['pm_sentbox'] . '" border="0" alt="' . $lang['Sentbox'] . '" />';
0128 $sentbox_url = ( $folder != 'sentbox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=sentbox") . '">' . $lang['Sentbox'] . '</a>' : $lang['Sentbox'];
0129
0130 $savebox_img = ( $folder != 'savebox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=savebox") . '"><img src="' . $images['pm_savebox'] . '" border="0" alt="' . $lang['Savebox'] . '" /></a>' : '<img src="' . $images['pm_savebox'] . '" border="0" alt="' . $lang['Savebox'] . '" />';
0131 $savebox_url = ( $folder != 'savebox' || $mode != '' ) ? '<a href="' . append_sid("privmsg.$phpEx?folder=savebox") . '">' . $lang['Savebox'] . '</a>' : $lang['Savebox'];
0132
0133 // ----------
0134 // Start main
0135 //
0136 if ( $mode == 'newpm' )
0137 {
0138 $gen_simple_header = TRUE;
0139
0140 $page_title = $lang['Private_Messaging'];
0141 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
0142
0143 $template->set_filenames(array(
0144 'body' => 'privmsgs_popup.tpl')
0145 );
0146
0147 if ( $userdata['session_logged_in'] )
0148 {
0149 if ( $userdata['user_new_privmsg'] )
0150 {
0151 $l_new_message = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['You_new_pm'] : $lang['You_new_pms'];
0152 }
0153 else
0154 {
0155 $l_new_message = $lang['You_no_new_pm'];
0156 }
0157
0158 $l_new_message .= '<br /><br />' . sprintf($lang['Click_view_privmsg'], '<a href="' . append_sid("privmsg.".$phpEx."?folder=inbox") . '" onclick="jump_to_inbox();return false;" target="_new">', '</a>');
0159 }
0160 else
0161 {
0162 $l_new_message = $lang['Login_check_pm'];
0163 }
0164
0165 $template->assign_vars(array(
0166 'L_CLOSE_WINDOW' => $lang['Close_window'],
0167 'L_MESSAGE' => $l_new_message)
0168 );
0169
0170 $template->pparse('body');
0171
0172 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
0173
0174 }
0175 else if ( $mode == 'read' )
0176 {
0177 if ( !empty($HTTP_GET_VARS[POST_POST_URL]) )
0178 {
0179 $privmsgs_id = intval($HTTP_GET_VARS[POST_POST_URL]);
0180 }
0181 else
0182 {
0183 message_die(GENERAL_ERROR, $lang['No_post_id']);
0184 }
0185
0186 if ( !$userdata['session_logged_in'] )
0187 {
0188 redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true));
0189 }
0190
0191 //
0192 // SQL to pull appropriate message, prevents nosey people
0193 // reading other peoples messages ... hopefully!
0194 //
0195 switch( $folder )
0196 {
0197 case 'inbox':
0198 $l_box_name = $lang['Inbox'];
0199 $pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
0200 AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
0201 OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
0202 OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
0203 break;
0204 case 'outbox':
0205 $l_box_name = $lang['Outbox'];
0206 $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
0207 AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
0208 OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
0209 break;
0210 case 'sentbox':
0211 $l_box_name = $lang['Sentbox'];
0212 $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
0213 AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
0214 break;
0215 case 'savebox':
0216 $l_box_name = $lang['Savebox'];
0217 $pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
0218 AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
0219 OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
0220 AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
0221 )";
0222 break;
0223 default:
0224 message_die(GENERAL_ERROR, $lang['No_such_folder']);
0225 break;
0226 }
0227
0228 //
0229 // Major query obtains the message ...
0230 //
0231 $sql = "SELECT u.username AS username_1, u.user_id AS user_id_1, u2.username AS username_2, u2.user_id AS user_id_2, u.user_sig_bbcode_uid, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text
0232 FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u, " . USERS_TABLE . " u2
0233 WHERE pm.privmsgs_id = $privmsgs_id
0234 AND pmt.privmsgs_text_id = pm.privmsgs_id
0235 $pm_sql_user
0236 AND u.user_id = pm.privmsgs_from_userid
0237 AND u2.user_id = pm.privmsgs_to_userid";
0238 if ( !($result = $db->sql_query($sql)) )
0239 {
0240 message_die(GENERAL_ERROR, 'Could not query private message post information', '', __LINE__, __FILE__, $sql);
0241 }
0242
0243 //
0244 // Did the query return any data?
0245 //
0246 if ( !($privmsg = $db->sql_fetchrow($result)) )
0247 {
0248 redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
0249 }
0250
0251 $privmsg_id = $privmsg['privmsgs_id'];
0252
0253 //
0254 // Is this a new message in the inbox? If it is then save
0255 // a copy in the posters sent box
0256 //
0257 if (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL) && $folder == 'inbox')
0258 {
0259 // Update appropriate counter
0260 switch ($privmsg['privmsgs_type'])
0261 {
0262 case PRIVMSGS_NEW_MAIL:
0263 $sql = "user_new_privmsg = user_new_privmsg - 1";
0264 break;
0265 case PRIVMSGS_UNREAD_MAIL:
0266 $sql = "user_unread_privmsg = user_unread_privmsg - 1";
0267 break;
0268 }
0269
0270 $sql = "UPDATE " . USERS_TABLE . "
0271 SET $sql
0272 WHERE user_id = " . $userdata['user_id'];
0273 if ( !$db->sql_query($sql) )
0274 {
0275 message_die(GENERAL_ERROR, 'Could not update private message read status for user', '', __LINE__, __FILE__, $sql);
0276 }
0277
0278 $sql = "UPDATE " . PRIVMSGS_TABLE . "
0279 SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
0280 WHERE privmsgs_id = " . $privmsg['privmsgs_id'];
0281 if ( !$db->sql_query($sql) )
0282 {
0283 message_die(GENERAL_ERROR, 'Could not update private message read status', '', __LINE__, __FILE__, $sql);
0284 }
0285
0286 // Check to see if the poster has a 'full' sent box
0287 $sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time
0288 FROM " . PRIVMSGS_TABLE . "
0289 WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
0290 AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
0291 if ( !($result = $db->sql_query($sql)) )
0292 {
0293 message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
0294 }
0295
0296 $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
0297
0298 if ( $sent_info = $db->sql_fetchrow($result) )
0299 {
0300 if ($board_config['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'])
0301 {
0302 $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
0303 WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
0304 AND privmsgs_date = " . $sent_info['oldest_post_time'] . "
0305 AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
0306 if ( !$result = $db->sql_query($sql) )
0307 {
0308 message_die(GENERAL_ERROR, 'Could not find oldest privmsgs', '', __LINE__, __FILE__, $sql);
0309 }
0310 $old_privmsgs_id = $db->sql_fetchrow($result);
0311 $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
0312
0313 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "
0314 WHERE privmsgs_id = $old_privmsgs_id";
0315 if ( !$db->sql_query($sql) )
0316 {
0317 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (sent)', '', __LINE__, __FILE__, $sql);
0318 }
0319
0320 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TEXT_TABLE . "
0321 WHERE privmsgs_text_id = $old_privmsgs_id";
0322 if ( !$db->sql_query($sql) )
0323 {
0324 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (sent)', '', __LINE__, __FILE__, $sql);
0325 }
0326 }
0327 }
0328
0329 //
0330 // This makes a copy of the post and stores it as a SENT message from the sendee. Perhaps
0331 // not the most DB friendly way but a lot easier to manage, besides the admin will be able to
0332 // set limits on numbers of storable posts for users ... hopefully!
0333 //
0334 $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)
0335 VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_subject'])) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " . $privmsg['privmsgs_attach_sig'] . ")";
0336 if ( !$db->sql_query($sql) )
0337 {
0338 message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql);
0339 }
0340
0341 $privmsg_sent_id = $db->sql_nextid();
0342
0343 $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)
0344 VALUES ($privmsg_sent_id, '" . $privmsg['privmsgs_bbcode_uid'] . "', '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_text'])) . "')";
0345 if ( !$db->sql_query($sql) )
0346 {
0347 message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql);
0348 }
0349 }
0350
0351 //
0352 // Pick a folder, any folder, so long as it's one below ...
0353 //
0354 $post_urls = array(
0355 'post' => append_sid("privmsg.$phpEx?mode=post"),
0356 'reply' => append_sid("privmsg.$phpEx?mode=reply&" . POST_POST_URL . "=$privmsg_id"),
0357 'quote' => append_sid("privmsg.$phpEx?mode=quote&" . POST_POST_URL . "=$privmsg_id"),
0358 'edit' => append_sid("privmsg.$phpEx?mode=edit&" . POST_POST_URL . "=$privmsg_id")
0359 );
0360 $post_icons = array(
0361 'post_img' => '<a href="' . $post_urls['post'] . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" border="0" /></a>',
0362 'post' => '<a href="' . $post_urls['post'] . '">' . $lang['Post_new_pm'] . '</a>',
0363 'reply_img' => '<a href="' . $post_urls['reply'] . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" border="0" /></a>',
0364 'reply' => '<a href="' . $post_urls['reply'] . '">' . $lang['Post_reply_pm'] . '</a>',
0365 'quote_img' => '<a href="' . $post_urls['quote'] . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0" /></a>',
0366 'quote' => '<a href="' . $post_urls['quote'] . '">' . $lang['Post_quote_pm'] . '</a>',
0367 'edit_img' => '<a href="' . $post_urls['edit'] . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['Edit_pm'] . '" border="0" /></a>',
0368 'edit' => '<a href="' . $post_urls['edit'] . '">' . $lang['Edit_pm'] . '</a>'
0369 );
0370
0371 if ( $folder == 'inbox' )
0372 {
0373 $post_img = $post_icons['post_img'];
0374 $reply_img = $post_icons['reply_img'];
0375 $quote_img = $post_icons['quote_img'];
0376 $edit_img = '';
0377 $post = $post_icons['post'];
0378 $reply = $post_icons['reply'];
0379 $quote = $post_icons['quote'];
0380 $edit = '';
0381 $l_box_name = $lang['Inbox'];
0382 }
0383 else if ( $folder == 'outbox' )
0384 {
0385 $post_img = $post_icons['post_img'];
0386 $reply_img = '';
0387 $quote_img = '';
0388 $edit_img = $post_icons['edit_img'];
0389 $post = $post_icons['post'];
0390 $reply = '';
0391 $quote = '';
0392 $edit = $post_icons['edit'];
0393 $l_box_name = $lang['Outbox'];
0394 }
0395 else if ( $folder == 'savebox' )
0396 {
0397 if ( $privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL )
0398 {
0399 $post_img = $post_icons['post_img'];
0400 $reply_img = $post_icons['reply_img'];
0401 $quote_img = $post_icons['quote_img'];
0402 $edit_img = '';
0403 $post = $post_icons['post'];
0404 $reply = $post_icons['reply'];
0405 $quote = $post_icons['quote'];
0406 $edit = '';
0407 }
0408 else
0409 {
0410 $post_img = $post_icons['post_img'];
0411 $reply_img = '';
0412 $quote_img = '';
0413 $edit_img = '';
0414 $post = $post_icons['post'];
0415 $reply = '';
0416 $quote = '';
0417 $edit = '';
0418 }
0419 $l_box_name = $lang['Saved'];
0420 }
0421 else if ( $folder == 'sentbox' )
0422 {
0423 $post_img = $post_icons['post_img'];
0424 $reply_img = '';
0425 $quote_img = '';
0426 $edit_img = '';
0427 $post = $post_icons['post'];
0428 $reply = '';
0429 $quote = '';
0430 $edit = '';
0431 $l_box_name = $lang['Sent'];
0432 }
0433
0434 $s_hidden_fields = '<input type="hidden" name="mark[]" value="' . $privmsgs_id . '" />';
0435
0436 $page_title = $lang['Read_pm'];
0437 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
0438
0439 //
0440 // Load templates
0441 //
0442 $template->set_filenames(array(
0443 'body' => 'privmsgs_read_body.tpl')
0444 );
0445 make_jumpbox('viewforum.'.$phpEx);
0446
0447 $template->assign_vars(array(
0448 'INBOX_IMG' => $inbox_img,
0449 'SENTBOX_IMG' => $sentbox_img,
0450 'OUTBOX_IMG' => $outbox_img,
0451 'SAVEBOX_IMG' => $savebox_img,
0452 'INBOX' => $inbox_url,
0453
0454 'POST_PM_IMG' => $post_img,
0455 'REPLY_PM_IMG' => $reply_img,
0456 'EDIT_PM_IMG' => $edit_img,
0457 'QUOTE_PM_IMG' => $quote_img,
0458 'POST_PM' => $post,
0459 'REPLY_PM' => $reply,
0460 'EDIT_PM' => $edit,
0461 'QUOTE_PM' => $quote,
0462
0463 'SENTBOX' => $sentbox_url,
0464 'OUTBOX' => $outbox_url,
0465 'SAVEBOX' => $savebox_url,
0466
0467 'BOX_NAME' => $l_box_name,
0468
0469 'L_MESSAGE' => $lang['Message'],
0470 'L_INBOX' => $lang['Inbox'],
0471 'L_OUTBOX' => $lang['Outbox'],
0472 'L_SENTBOX' => $lang['Sent'],
0473 'L_SAVEBOX' => $lang['Saved'],
0474 'L_FLAG' => $lang['Flag'],
0475 'L_SUBJECT' => $lang['Subject'],
0476 'L_POSTED' => $lang['Posted'],
0477 'L_DATE' => $lang['Date'],
0478 'L_FROM' => $lang['From'],
0479 'L_TO' => $lang['To'],
0480 'L_SAVE_MSG' => $lang['Save_message'],
0481 'L_DELETE_MSG' => $lang['Delete_message'],
0482
0483 'S_PRIVMSGS_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"),
0484 'S_HIDDEN_FIELDS' => $s_hidden_fields)
0485 );
0486
0487 $username_from = $privmsg['username_1'];
0488 $user_id_from = $privmsg['user_id_1'];
0489 $username_to = $privmsg['username_2'];
0490 $user_id_to = $privmsg['user_id_2'];
0491
0492 $post_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']);
0493
0494 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . '=' . $user_id_from);
0495 $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
0496 $profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
0497
0498 $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$user_id_from");
0499 $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
0500 $pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
0501
0502 if ( !empty($privmsg['user_viewemail']) || $userdata['user_level'] == ADMIN )
0503 {
0504 $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL .'=' . $user_id_from) : 'mailto:' . $privmsg['user_email'];
0505
0506 $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
0507 $email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
0508 }
0509 else
0510 {
0511 $email_img = '';
0512 $email = '';
0513 }
0514
0515 $www_img = ( $privmsg['user_website'] ) ? '<a href="' . $privmsg['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '';
0516 $www = ( $privmsg['user_website'] ) ? '<a href="' . $privmsg['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
0517
0518 if ( !empty($privmsg['user_icq']) )
0519 {
0520 $icq_status_img = '<a href="http://wwp.icq.com/' . $privmsg['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $privmsg['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
0521 $icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $privmsg['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
0522 $icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $privmsg['user_icq'] . '">' . $lang['ICQ'] . '</a>';
0523 }
0524 else
0525 {
0526 $icq_status_img = '';
0527 $icq_img = '';
0528 $icq = '';
0529 }
0530
0531 $aim_img = ( $privmsg['user_aim'] ) ? '<a href="aim:goim?screenname=' . $privmsg['user_aim'] . '&message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
0532 $aim = ( $privmsg['user_aim'] ) ? '<a href="aim:goim?screenname=' . $privmsg['user_aim'] . '&message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
0533
0534 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$user_id_from");
0535 $msn_img = ( $privmsg['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
0536 $msn = ( $privmsg['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
0537
0538 $yim_img = ( $privmsg['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $privmsg['user_yim'] . '&.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
0539 $yim = ( $privmsg['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $privmsg['user_yim'] . '&.src=pg">' . $lang['YIM'] . '</a>' : '';
0540
0541 $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&showresults=posts");
0542 $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username_from) . '" title="' . sprintf($lang['Search_user_posts'], $username_from) . '" border="0" /></a>';
0543 $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username_from) . '</a>';
0544
0545 //
0546 // Processing of post
0547 //
0548 $post_subject = $privmsg['privmsgs_subject'];
0549
0550 $private_message = $privmsg['privmsgs_text'];
0551 $bbcode_uid = $privmsg['privmsgs_bbcode_uid'];
0552
0553 if ( $board_config['allow_sig'] )
0554 {
0555 $user_sig = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig'] : $privmsg['user_sig'];
0556 }
0557 else
0558 {
0559 $user_sig = '';
0560 }
0561
0562 $user_sig_bbcode_uid = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig_bbcode_uid'] : $privmsg['user_sig_bbcode_uid'];
0563
0564 //
0565 // If the board has HTML off but the post has HTML
0566 // on then we process it, else leave it alone
0567 //
0568 if ( !$board_config['allow_html'] || !$userdata['user_allowhtml'])
0569 {
0570 if ( $user_sig != '')
0571 {
0572 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
0573 }
0574
0575 if ( $privmsg['privmsgs_enable_html'] )
0576 {
0577 $private_message = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $private_message);
0578 }
0579 }
0580
0581 if ( $user_sig != '' && $privmsg['privmsgs_attach_sig'] && $user_sig_bbcode_uid != '' )
0582 {
0583 $user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig);
0584 }
0585
0586 if ( $bbcode_uid != '' )
0587 {
0588 $private_message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($private_message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $private_message);
0589 }
0590
0591 $private_message = make_clickable($private_message);
0592
0593 if ( $privmsg['privmsgs_attach_sig'] && $user_sig != '' )
0594 {
0595 $private_message .= '<br /><br />_________________<br />' . make_clickable($user_sig);
0596 }
0597
0598 $orig_word = array();
0599 $replacement_word = array();
0600 obtain_word_list($orig_word, $replacement_word);
0601
0602 if ( count($orig_word) )
0603 {
0604 $post_subject = preg_replace($orig_word, $replacement_word, $post_subject);
0605 $private_message = preg_replace($orig_word, $replacement_word, $private_message);
0606 }
0607
0608 if ( $board_config['allow_smilies'] && $privmsg['privmsgs_enable_smilies'] )
0609 {
0610 $private_message = smilies_pass($private_message);
0611 }
0612
0613 $private_message = str_replace("\n", '<br />', $private_message);
0614
0615 //
0616 // Dump it to the templating engine
0617 //
0618 $template->assign_vars(array(
0619 'MESSAGE_TO' => $username_to,
0620 'MESSAGE_FROM' => $username_from,
0621 'RANK_IMAGE' => $rank_image,
0622 'POSTER_JOINED' => $poster_joined,
0623 'POSTER_POSTS' => $poster_posts,
0624 'POSTER_FROM' => $poster_from,
0625 'POSTER_AVATAR' => $poster_avatar,
0626 'POST_SUBJECT' => $post_subject,
0627 'POST_DATE' => $post_date,
0628 'MESSAGE' => $private_message,
0629
0630 'PROFILE_IMG' => $profile_img,
0631 'PROFILE' => $profile,
0632 'SEARCH_IMG' => $search_img,
0633 'SEARCH' => $search,
0634 'EMAIL_IMG' => $email_img,
0635 'EMAIL' => $email,
0636 'WWW_IMG' => $www_img,
0637 'WWW' => $www,
0638 'ICQ_STATUS_IMG' => $icq_status_img,
0639 'ICQ_IMG' => $icq_img,
0640 'ICQ' => $icq,
0641 'AIM_IMG' => $aim_img,
0642 'AIM' => $aim,
0643 'MSN_IMG' => $msn_img,
0644 'MSN' => $msn,
0645 'YIM_IMG' => $yim_img,
0646 'YIM' => $yim)
0647 );
0648
0649 $template->pparse('body');
0650
0651 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
0652
0653 }
0654 else if ( ( $delete && $mark_list ) || $delete_all )
0655 {
0656 if ( !$userdata['session_logged_in'] )
0657 {
0658 redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
0659 }
0660
0661 if ( isset($mark_list) && !is_array($mark_list) )
0662 {
0663 // Set to empty array instead of '0' if nothing is selected.
0664 $mark_list = array();
0665 }
0666
0667 if ( !$confirm )
0668 {
0669 $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
0670 $s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
0671 $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
0672
0673 for($i = 0; $i < count($mark_list); $i++)
0674 {
0675 $s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . intval($mark_list[$i]) . '" />';
0676 }
0677
0678 //
0679 // Output confirmation page
0680 //
0681 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
0682
0683 $template->set_filenames(array(
0684 'confirm_body' => 'confirm_body.tpl')
0685 );
0686 $template->assign_vars(array(
0687 'MESSAGE_TITLE' => $lang['Information'],
0688 'MESSAGE_TEXT' => ( count($mark_list) == 1 ) ? $lang['Confirm_delete_pm'] : $lang['Confirm_delete_pms'],
0689
0690 'L_YES' => $lang['Yes'],
0691 'L_NO' => $lang['No'],
0692
0693 'S_CONFIRM_ACTION' => append_sid("privmsg.$phpEx?folder=$folder"),
0694 'S_HIDDEN_FIELDS' => $s_hidden_fields)
0695 );
0696
0697 $template->pparse('confirm_body');
0698
0699 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
0700
0701 }
0702 else if ($confirm && $sid === $userdata['session_id'])
0703 {
0704 $delete_sql_id = '';
0705
0706 if (!$delete_all)
0707 {
0708 for ($i = 0; $i < count($mark_list); $i++)
0709 {
0710 $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
0711 }
0712 $delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
0713 }
0714
0715 switch($folder)
0716 {
0717 case 'inbox':
0718 $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
0719 privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
0720 break;
0721
0722 case 'outbox':
0723 $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
0724 break;
0725
0726 case 'sentbox':
0727 $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
0728 break;
0729
0730 case 'savebox':
0731 $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
0732 AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
0733 OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
0734 AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
0735 break;
0736 }
0737
0738 $sql = "SELECT privmsgs_id
0739 FROM " . PRIVMSGS_TABLE . "
0740 WHERE $delete_type $delete_sql_id";
0741
0742 if ( !($result = $db->sql_query($sql)) )
0743 {
0744 message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
0745 }
0746
0747 $mark_list = array();
0748 while ( $row = $db->sql_fetchrow($result) )
0749 {
0750 $mark_list[] = $row['privmsgs_id'];
0751 }
0752
0753 unset($delete_type);
0754
0755 if ( count($mark_list) )
0756 {
0757 $delete_sql_id = '';
0758 for ($i = 0; $i < sizeof($mark_list); $i++)
0759 {
0760 $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
0761 }
0762
0763 if ($folder == 'inbox' || $folder == 'outbox')
0764 {
0765 switch ($folder)
0766 {
0767 case 'inbox':
0768 $sql = "privmsgs_to_userid = " . $userdata['user_id'];
0769 break;
0770 case 'outbox':
0771 $sql = "privmsgs_from_userid = " . $userdata['user_id'];
0772 break;
0773 }
0774
0775 // Get information relevant to new or unread mail
0776 // so we can adjust users counters appropriately
0777 $sql = "SELECT privmsgs_to_userid, privmsgs_type
0778 FROM " . PRIVMSGS_TABLE . "
0779 WHERE privmsgs_id IN ($delete_sql_id)
0780 AND $sql
0781 AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
0782 if ( !($result = $db->sql_query($sql)) )
0783 {
0784 message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
0785 }
0786
0787 if ( $row = $db->sql_fetchrow($result))
0788 {
0789 $update_users = $update_list = array();
0790
0791 do
0792 {
0793 switch ($row['privmsgs_type'])
0794 {
0795 case PRIVMSGS_NEW_MAIL:
0796 $update_users['new'][$row['privmsgs_to_userid']]++;
0797 break;
0798
0799 case PRIVMSGS_UNREAD_MAIL:
0800 $update_users['unread'][$row['privmsgs_to_userid']]++;
0801 break;
0802 }
0803 }
0804 while ($row = $db->sql_fetchrow($result));
0805
0806 if (sizeof($update_users))
0807 {
0808 while (list($type, $users) = each($update_users))
0809 {
0810 while (list($user_id, $dec) = each($users))
0811 {
0812 $update_list[$type][$dec][] = $user_id;
0813 }
0814 }
0815 unset($update_users);
0816
0817 while (list($type, $dec_ary) = each($update_list))
0818 {
0819 switch ($type)
0820 {
0821 case 'new':
0822 $type = "user_new_privmsg";
0823 break;
0824
0825 case 'unread':
0826 $type = "user_unread_privmsg";
0827 break;
0828 }
0829
0830 while (list($dec, $user_ary) = each($dec_ary))
0831 {
0832 $user_ids = implode(', ', $user_ary);
0833
0834 $sql = "UPDATE " . USERS_TABLE . "
0835 SET $type = $type - $dec
0836 WHERE user_id IN ($user_ids)";
0837 if ( !$db->sql_query($sql) )
0838 {
0839 message_die(GENERAL_ERROR, 'Could not update user pm counters', '', __LINE__, __FILE__, $sql);
0840 }
0841 }
0842 }
0843 unset($update_list);
0844 }
0845 }
0846 $db->sql_freeresult($result);
0847 }
0848
0849 // Delete the messages
0850 $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
0851 WHERE privmsgs_text_id IN ($delete_sql_id)";
0852 $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
0853 WHERE privmsgs_id IN ($delete_sql_id)
0854 AND ";
0855
0856 switch( $folder )
0857 {
0858 case 'inbox':
0859 $delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
0860 privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
0861 break;
0862
0863 case 'outbox':
0864 $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND (
0865 privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
0866 break;
0867
0868 case 'sentbox':
0869 $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
0870 break;
0871
0872 case 'savebox':
0873 $delete_sql .= "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
0874 AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
0875 OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
0876 AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
0877 break;
0878 }
0879
0880 if ( !$db->sql_query($delete_sql, BEGIN_TRANSACTION) )
0881 {
0882 message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
0883 }
0884
0885 if ( !$db->sql_query($delete_text_sql, END_TRANSACTION) )
0886 {
0887 message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
0888 }
0889 }
0890 }
0891 }
0892 else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
0893 {
0894 if ( !$userdata['session_logged_in'] )
0895 {
0896 redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
0897 }
0898
0899 if (sizeof($mark_list))
0900 {
0901 // See if recipient is at their savebox limit
0902 $sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time
0903 FROM " . PRIVMSGS_TABLE . "
0904 WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
0905 AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
0906 OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
0907 AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
0908 if ( !($result = $db->sql_query($sql)) )
0909 {
0910 message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
0911 }
0912
0913 $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
0914
0915 if ( $saved_info = $db->sql_fetchrow($result) )
0916 {
0917 if ($board_config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )
0918 {
0919 $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
0920 WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
0921 AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
0922 OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
0923 AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )
0924 AND privmsgs_date = " . $saved_info['oldest_post_time'];
0925 if ( !$result = $db->sql_query($sql) )
0926 {
0927 message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (save)', '', __LINE__, __FILE__, $sql);
0928 }
0929 $old_privmsgs_id = $db->sql_fetchrow($result);
0930 $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
0931
0932 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "
0933 WHERE privmsgs_id = $old_privmsgs_id";
0934 if ( !$db->sql_query($sql) )
0935 {
0936 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (save)', '', __LINE__, __FILE__, $sql);
0937 }
0938
0939 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TEXT_TABLE . "
0940 WHERE privmsgs_text_id = $old_privmsgs_id";
0941 if ( !$db->sql_query($sql) )
0942 {
0943 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (save)', '', __LINE__, __FILE__, $sql);
0944 }
0945 }
0946 }
0947
0948 $saved_sql_id = '';
0949 for ($i = 0; $i < sizeof($mark_list); $i++)
0950 {
0951 $saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
0952 }
0953
0954 // Process request
0955 $saved_sql = "UPDATE " . PRIVMSGS_TABLE;
0956
0957 // Decrement read/new counters if appropriate
0958 if ($folder == 'inbox' || $folder == 'outbox')
0959 {
0960 switch ($folder)
0961 {
0962 case 'inbox':
0963 $sql = "privmsgs_to_userid = " . $userdata['user_id'];
0964 break;
0965 case 'outbox':
0966 $sql = "privmsgs_from_userid = " . $userdata['user_id'];
0967 break;
0968 }
0969
0970 // Get information relevant to new or unread mail
0971 // so we can adjust users counters appropriately
0972 $sql = "SELECT privmsgs_to_userid, privmsgs_type
0973 FROM " . PRIVMSGS_TABLE . "
0974 WHERE privmsgs_id IN ($saved_sql_id)
0975 AND $sql
0976 AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
0977 if ( !($result = $db->sql_query($sql)) )
0978 {
0979 message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
0980 }
0981
0982 if ( $row = $db->sql_fetchrow($result))
0983 {
0984 $update_users = $update_list = array();
0985
0986 do
0987 {
0988 switch ($row['privmsgs_type'])
0989 {
0990 case PRIVMSGS_NEW_MAIL:
0991 $update_users['new'][$row['privmsgs_to_userid']]++;
0992 break;
0993
0994 case PRIVMSGS_UNREAD_MAIL:
0995 $update_users['unread'][$row['privmsgs_to_userid']]++;
0996 break;
0997 }
0998 }
0999 while ($row = $db->sql_fetchrow($result));
1000
1001 if (sizeof($update_users))
1002 {
1003 while (list($type, $users) = each($update_users))
1004 {
1005 while (list($user_id, $dec) = each($users))
1006 {
1007 $update_list[$type][$dec][] = $user_id;
1008 }
1009 }
1010 unset($update_users);
1011
1012 while (list($type, $dec_ary) = each($update_list))
1013 {
1014 switch ($type)
1015 {
1016 case 'new':
1017 $type = "user_new_privmsg";
1018 break;
1019
1020 case 'unread':
1021 $type = "user_unread_privmsg";
1022 break;
1023 }
1024
1025 while (list($dec, $user_ary) = each($dec_ary))
1026 {
1027 $user_ids = implode(', ', $user_ary);
1028
1029 $sql = "UPDATE " . USERS_TABLE . "
1030 SET $type = $type - $dec
1031 WHERE user_id IN ($user_ids)";
1032 if ( !$db->sql_query($sql) )
1033 {
1034 message_die(GENERAL_ERROR, 'Could not update user pm counters', '', __LINE__, __FILE__, $sql);
1035 }
1036 }
1037 }
1038 unset($update_list);
1039 }
1040 }
1041 $db->sql_freeresult($result);
1042 }
1043
1044 switch ($folder)
1045 {
1046 case 'inbox':
1047 $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "
1048 WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
1049 AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . "
1050 OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
1051 OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
1052 break;
1053
1054 case 'outbox':
1055 $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
1056 WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
1057 AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
1058 OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
1059 break;
1060
1061 case 'sentbox':
1062 $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
1063 WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
1064 AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
1065 break;
1066 }
1067
1068 $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";
1069
1070 if ( !$db->sql_query($saved_sql) )
1071 {
1072 message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql);
1073 }
1074
1075 redirect(append_sid("privmsg.$phpEx?folder=savebox", true));
1076 }
1077 }
1078 else if ( $submit || $refresh || $mode != '' )
1079 {
1080 if ( !$userdata['session_logged_in'] )
1081 {
1082 $user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? '&' . POST_USERS_URL . '=' . intval($HTTP_GET_VARS[POST_USERS_URL]) : '';
1083 redirect(append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true));
1084 }
1085
1086 //
1087 // Toggles
1088 //
1089 if ( !$board_config['allow_html'] )
1090 {
1091 $html_on = 0;
1092 }
1093 else
1094 {
1095 $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml'];
1096 }
1097
1098 if ( !$board_config['allow_bbcode'] )
1099 {
1100 $bbcode_on = 0;
1101 }
1102 else
1103 {
1104 $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode'];
1105 }
1106
1107 if ( !$board_config['allow_smilies'] )
1108 {
1109 $smilies_on = 0;
1110 }
1111 else
1112 {
1113 $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile'];
1114 }
1115
1116 $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];
1117 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : "";
1118
1119 if ( $submit && $mode != 'edit' )
1120 {
1121 //
1122 // Flood control
1123 //
1124 $sql = "SELECT MAX(privmsgs_date) AS last_post_time
1125 FROM " . PRIVMSGS_TABLE . "
1126 WHERE privmsgs_from_userid = " . $userdata['user_id'];
1127 if ( $result = $db->sql_query($sql) )
1128 {
1129 $db_row = $db->sql_fetchrow($result);
1130
1131 $last_post_time = $db_row['last_post_time'];
1132 $current_time = time();
1133
1134 if ( ( $current_time - $last_post_time ) < $board_config['flood_interval'])
1135 {
1136 message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
1137 }
1138 }
1139 //
1140 // End Flood control
1141 //
1142 }
1143
1144 if ($submit && $mode == 'edit')
1145 {
1146 $sql = 'SELECT privmsgs_from_userid
1147 FROM ' . PRIVMSGS_TABLE . '
1148 WHERE privmsgs_id = ' . (int) $privmsg_id . '
1149 AND privmsgs_from_userid = ' . $userdata['user_id'];
1150
1151 if (!($result = $db->sql_query($sql)))
1152 {
1153 message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql);
1154 }
1155
1156 if (!($row = $db->sql_fetchrow($result)))
1157 {
1158 message_die(GENERAL_MESSAGE, $lang['No_such_post']);
1159 }
1160 $db->sql_freeresult($result);
1161
1162 unset($row);
1163 }
1164
1165 if ( $submit )
1166 {
1167 // session id check
1168 if ($sid == '' || $sid != $userdata['session_id'])
1169 {
1170 $error = true;
1171 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
1172 }
1173
1174 if ( !empty($HTTP_POST_VARS['username']) )
1175 {
1176 $to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
1177
1178 $sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
1179 FROM " . USERS_TABLE . "
1180 WHERE username = '" . str_replace("\'", "''", $to_username) . "'
1181 AND user_id <> " . ANONYMOUS;
1182 if ( !($result = $db->sql_query($sql)) )
1183 {
1184 $error = TRUE;
1185 $error_msg = $lang['No_such_user'];
1186 }
1187
1188 if (!($to_userdata = $db->sql_fetchrow($result)))
1189 {
1190 $error = TRUE;
1191 $error_msg = $lang['No_such_user'];
1192 }
1193 }
1194 else
1195 {
1196 $error = TRUE;
1197 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['No_to_user'];
1198 }
1199
1200 $privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
1201 if ( empty($privmsg_subject) )
1202 {
1203 $error = TRUE;
1204 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_subject'];
1205 }
1206
1207 if ( !empty($HTTP_POST_VARS['message']) )
1208 {
1209 if ( !$error )
1210 {
1211 if ( $bbcode_on )
1212 {
1213 $bbcode_uid = make_bbcode_uid();
1214 }
1215
1216 $privmsg_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
1217
1218 }
1219 }
1220 else
1221 {
1222 $error = TRUE;
1223 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_message'];
1224 }
1225 }
1226
1227 if ( $submit && !$error )
1228 {
1229 //
1230 // Has admin prevented user from sending PM's?
1231 //
1232 if ( !$userdata['user_allow_pm'] )
1233 {
1234 $message = $lang['Cannot_send_privmsg'];
1235 message_die(GENERAL_MESSAGE, $message);
1236 }
1237
1238 $msg_time = time();
1239
1240 if ( $mode != 'edit' )
1241 {
1242 //
1243 // See if recipient is at their inbox limit
1244 //
1245 $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
1246 FROM " . PRIVMSGS_TABLE . "
1247 WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
1248 OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
1249 OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
1250 AND privmsgs_to_userid = " . $to_userdata['user_id'];
1251 if ( !($result = $db->sql_query($sql)) )
1252 {
1253 message_die(GENERAL_MESSAGE, $lang['No_such_user']);
1254 }
1255
1256 $sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
1257
1258 if ( $inbox_info = $db->sql_fetchrow($result) )
1259 {
1260 if ($board_config['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'])
1261 {
1262 $sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
1263 WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
1264 OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
1265 OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
1266 AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
1267 AND privmsgs_to_userid = " . $to_userdata['user_id'];
1268 if ( !$result = $db->sql_query($sql) )
1269 {
1270 message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (inbox)', '', __LINE__, __FILE__, $sql);
1271 }
1272 $old_privmsgs_id = $db->sql_fetchrow($result);
1273 $old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
1274
1275 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "
1276 WHERE privmsgs_id = $old_privmsgs_id";
1277 if ( !$db->sql_query($sql) )
1278 {
1279 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (inbox)'.$sql, '', __LINE__, __FILE__, $sql);
1280 }
1281
1282 $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TEXT_TABLE . "
1283 WHERE privmsgs_text_id = $old_privmsgs_id";
1284 if ( !$db->sql_query($sql) )
1285 {
1286 message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (inbox)', '', __LINE__, __FILE__, $sql);
1287 }
1288 }
1289 }
1290
1291 $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)
1292 VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\'", "''", $privmsg_subject) . "', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '$user_ip', $html_on, $bbcode_on, $smilies_on, $attach_sig)";
1293 }
1294 else
1295 {
1296 $sql_info = "UPDATE " . PRIVMSGS_TABLE . "
1297 SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '" . str_replace("\'", "''", $privmsg_subject) . "', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '$user_ip', privmsgs_enable_html = $html_on, privmsgs_enable_bbcode = $bbcode_on, privmsgs_enable_smilies = $smilies_on, privmsgs_attach_sig = $attach_sig
1298 WHERE privmsgs_id = $privmsg_id";
1299 }
1300
1301 if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) )
1302 {
1303 message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);
1304 }
1305
1306 if ( $mode != 'edit' )
1307 {
1308 $privmsg_sent_id = $db->sql_nextid();
1309
1310 $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)
1311 VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '" . str_replace("\'", "''", $privmsg_message) . "')";
1312 }
1313 else
1314 {
1315 $sql = "UPDATE " . PRIVMSGS_TEXT_TABLE . "
1316 SET privmsgs_text = '" . str_replace("\'", "''", $privmsg_message) . "', privmsgs_bbcode_uid = '$bbcode_uid'
1317 WHERE privmsgs_text_id = $privmsg_id";
1318 }
1319
1320 if ( !$db->sql_query($sql, END_TRANSACTION) )
1321 {
1322 message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql);
1323 }
1324
1325 if ( $mode != 'edit' )
1326 {
1327 //
1328 // Add to the users new pm counter
1329 //
1330 $sql = "UPDATE " . USERS_TABLE . "
1331 SET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . "
1332 WHERE user_id = " . $to_userdata['user_id'];
1333 if ( !$status = $db->sql_query($sql) )
1334 {
1335 message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql);
1336 }
1337
1338 if ( $to_userdata['user_notify_pm'] && !empty($to_userdata['user_email']) && $to_userdata['user_active'] )
1339 {
1340 $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
1341 $script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx;
1342 $server_name = trim($board_config['server_name']);
1343 $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
1344 $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
1345
1346 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
1347 $emailer = new emailer($board_config['smtp_delivery']);
1348
1349 $emailer->from($board_config['board_email']);
1350 $emailer->replyto($board_config['board_email']);
1351
1352 $emailer->use_template('privmsg_notify', $to_userdata['user_lang']);
1353 $emailer->email_address($to_userdata['user_email']);
1354 $emailer->set_subject($lang['Notification_subject']);
1355
1356 $emailer->assign_vars(array(
1357 'USERNAME' => stripslashes($to_username),
1358 'SITENAME' => $board_config['sitename'],
1359 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
1360
1361 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox')
1362 );
1363
1364 $emailer->send();
1365 $emailer->reset();
1366 }
1367 }
1368
1369 $template->assign_vars(array(
1370 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("privmsg.$phpEx?folder=inbox") . '">')
1371 );
1372
1373 $msg = $lang['Message_sent'] . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '">', '</a> ') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
1374
1375 message_die(GENERAL_MESSAGE, $msg);
1376 }
1377 else if ( $preview || $refresh || $error )
1378 {
1379
1380 //
1381 // If we're previewing or refreshing then obtain the data
1382 // passed to the script, process it a little, do some checks
1383 // where neccessary, etc.
1384 //
1385 $to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
1386
1387 $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
1388 $privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
1389 // $privmsg_message = preg_replace('#<textarea>#si', '<textarea>', $privmsg_message);
1390 if ( !$preview )
1391 {
1392 $privmsg_message = stripslashes($privmsg_message);
1393 }
1394
1395 //
1396 // Do mode specific things
1397 //
1398 if ( $mode == 'post' )
1399 {
1400 $page_title = $lang['Post_new_pm'];
1401
1402 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
1403
1404 }
1405 else if ( $mode == 'reply' )
1406 {
1407 $page_title = $lang['Post_reply_pm'];
1408
1409 $user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
1410
1411 }
1412 else if ( $mode == 'edit' )
1413 {
1414 $page_title = $lang['Edit_pm'];
1415
1416 $sql = "SELECT u.user_id, u.user_sig
1417 FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u
1418 WHERE pm.privmsgs_id = $privmsg_id
1419 AND u.user_id = pm.privmsgs_from_userid";
1420 if ( !($result = $db->sql_query($sql)) )
1421 {
1422 message_die(GENERAL_ERROR, "Could not obtain post and post text", "", __LINE__, __FILE__, $sql);
1423 }
1424
1425 if ( $postrow = $db->sql_fetchrow($result) )
1426 {
1427 if ( $userdata['user_id'] != $postrow['user_id'] )
1428 {
1429 message_die(GENERAL_MESSAGE, $lang['Edit_own_posts']);
1430 }
1431
1432 $user_sig = ( $postrow['user_sig'] != '' && $board_config['allow_sig'] ) ? $postrow['user_sig'] : '';
1433 }
1434 }
1435 }
1436 else
1437 {
1438 if ( !$privmsg_id && ( $mode == 'reply' || $mode == 'edit' || $mode == 'quote' ) )
1439 {
1440 message_die(GENERAL_ERROR, $lang['No_post_id']);
1441 }
1442
1443 if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) )
1444 {
1445 $user_id = intval($HTTP_GET_VARS[POST_USERS_URL]);
1446
1447 $sql = "SELECT username
1448 FROM " . USERS_TABLE . "
1449 WHERE user_id = $user_id
1450 AND user_id <> " . ANONYMOUS;
1451 if ( !($result = $db->sql_query($sql)) )
1452 {
1453 $error = TRUE;
1454 $error_msg = $lang['No_such_user'];
1455 }
1456
1457 if ( $row = $db->sql_fetchrow($result) )
1458 {
1459 $to_username = $row['username'];
1460 }
1461 }
1462 else if ( $mode == 'edit' )
1463 {
1464 $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig
1465 FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u
1466 WHERE pm.privmsgs_id = $privmsg_id
1467 AND pmt.privmsgs_text_id = pm.privmsgs_id
1468 AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
1469 AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
1470 OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
1471 AND u.user_id = pm.privmsgs_to_userid";
1472 if ( !($result = $db->sql_query($sql)) )
1473 {
1474 message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
1475 }
1476
1477 if ( !($privmsg = $db->sql_fetchrow($result)) )
1478 {
1479 redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
1480 }
1481
1482 $privmsg_subject = $privmsg['privmsgs_subject'];
1483 $privmsg_message = $privmsg['privmsgs_text'];
1484 $privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid'];
1485 $privmsg_bbcode_enabled = ($privmsg['privmsgs_enable_bbcode'] == 1);
1486
1487 if ( $privmsg_bbcode_enabled )
1488 {
1489 $privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
1490 }
1491
1492 $privmsg_message = str_replace('<br />', "\n", $privmsg_message);
1493 // $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message);
1494
1495 $user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
1496
1497 $to_username = $privmsg['username'];
1498 $to_userid = $privmsg['user_id'];
1499
1500 }
1501 else if ( $mode == 'reply' || $mode == 'quote' )
1502 {
1503
1504 $sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id
1505 FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u
1506 WHERE pm.privmsgs_id = $privmsg_id
1507 AND pmt.privmsgs_text_id = pm.privmsgs_id
1508 AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
1509 AND u.user_id = pm.privmsgs_from_userid";
1510 if ( !($result = $db->sql_query($sql)) )
1511 {
1512 message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
1513 }
1514
1515 if ( !($privmsg = $db->sql_fetchrow($result)) )
1516 {
1517 redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
1518 }
1519
1520 $orig_word = $replacement_word = array();
1521 obtain_word_list($orig_word, $replacement_word);
1522
1523 $privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
1524 $privmsg_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
1525
1526 $to_username = $privmsg['username'];
1527 $to_userid = $privmsg['user_id'];
1528
1529 if ( $mode == 'quote' )
1530 {
1531 $privmsg_message = $privmsg['privmsgs_text'];
1532 $privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid'];
1533
1534 $privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
1535 $privmsg_message = str_replace('<br />', "\n", $privmsg_message);
1536 // $privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message);
1537 $privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
1538
1539 $msg_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']);
1540
1541 $privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]';
1542
1543 $mode = 'reply';
1544 }
1545 }
1546 else
1547 {
1548 $privmsg_subject = $privmsg_message = $to_username = '';
1549 }
1550 }
1551
1552 //
1553 // Has admin prevented user from sending PM's?
1554 //
1555 if ( !$userdata['user_allow_pm'] && $mode != 'edit' )
1556 {
1557 $message = $lang['Cannot_send_privmsg'];
1558 message_die(GENERAL_MESSAGE, $message);
1559 }
1560
1561 //
1562 // Start output, first preview, then errors then post form
1563 //
1564 $page_title = $lang['Send_private_message'];
1565 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
1566
1567 if ( $preview && !$error )
1568 {
1569 $orig_word = array();
1570 $replacement_word = array();
1571 obtain_word_list($orig_word, $replacement_word);
1572
1573 if ( $bbcode_on )
1574 {
1575 $bbcode_uid = make_bbcode_uid();
1576 }
1577
1578 $preview_message = stripslashes(prepare_message($privmsg_message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
1579 $privmsg_message = stripslashes(preg_replace($html_entities_match, $html_entities_replace, $privmsg_message));
1580
1581 //
1582 // Finalise processing as per viewtopic
1583 //
1584 if ( !$html_on || !$board_config['allow_html'] || !$userdata['user_allowhtml'] )
1585 {
1586 if ( $user_sig != '' )
1587 {
1588 $user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
1589 }
1590 }
1591
1592 if ( $attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid'] )
1593 {
1594 $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
1595 }
1596
1597 if ( $bbcode_on )
1598 {
1599 $preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
1600 }
1601
1602 if ( $attach_sig && $user_sig != '' )
1603 {
1604 $preview_message = $preview_message . '<br /><br />_________________<br />' . $user_sig;
1605 }
1606
1607 if ( count($orig_word) )
1608 {
1609 $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
1610 $preview_message = preg_replace($orig_word, $replacement_word, $preview_message);
1611 }
1612 else
1613 {
1614 $preview_subject = $privmsg_subject;
1615 }
1616
1617 if ( $smilies_on )
1618 {
1619 $preview_message = smilies_pass($preview_message);
1620 }
1621
1622 $preview_message = make_clickable($preview_message);
1623 $preview_message = str_replace("\n", '<br />', $preview_message);
1624
1625 $s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
1626 $s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
1627
1628 if ( isset($privmsg_id) )
1629 {
1630 $s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
1631 }
1632
1633 $template->set_filenames(array(
1634 "preview" => 'privmsgs_preview.tpl')
1635 );
1636
1637 $template->assign_vars(array(
1638 'TOPIC_TITLE' => $preview_subject,
1639 'POST_SUBJECT' => $preview_subject,
1640 'MESSAGE_TO' => $to_username,
1641 'MESSAGE_FROM' => $userdata['username'],
1642 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),
1643 'MESSAGE' => $preview_message,
1644
1645 'S_HIDDEN_FIELDS' => $s_hidden_fields,
1646
1647 'L_SUBJECT' => $lang['Subject'],
1648 'L_DATE' => $lang['Date'],
1649 'L_FROM' => $lang['From'],
1650 'L_TO' => $lang['To'],
1651 'L_PREVIEW' => $lang['Preview'],
1652 'L_POSTED' => $lang['Posted'])
1653 );
1654
1655 $template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview');
1656 }
1657
1658 //
1659 // Start error handling
1660 //
1661 if ($error)
1662 {
1663 $privmsg_message = htmlspecialchars($privmsg_message);
1664 $template->set_filenames(array(
1665 'reg_header' => 'error_body.tpl')
1666 );
1667 $template->assign_vars(array(
1668 'ERROR_MESSAGE' => $error_msg)
1669 );
1670 $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
1671 }
1672
1673 //
1674 // Load templates
1675 //
1676 $template->set_filenames(array(
1677 'body' => 'posting_body.tpl')
1678 );
1679 make_jumpbox('viewforum.'.$phpEx);
1680
1681 //
1682 // Enable extensions in posting_body
1683 //
1684 $template->assign_block_vars('switch_privmsg', array());
1685
1686 //
1687 // HTML toggle selection
1688 //
1689 if ( $board_config['allow_html'] )
1690 &nbs