mirror of
https://github.com/torrentpier/torrentpier.git
synced 2024-12-14 16:11:16 -08:00
8e3d1b0479
* Minor improvements * Update CHANGELOG.md * Update CHANGELOG.md
1444 lines
55 KiB
PHP
1444 lines
55 KiB
PHP
<?php
|
||
/**
|
||
* TorrentPier – Bull-powered BitTorrent tracker engine
|
||
*
|
||
* @copyright Copyright (c) 2005-2024 TorrentPier (https://torrentpier.com)
|
||
* @link https://github.com/torrentpier/torrentpier for the canonical source repository
|
||
* @license https://github.com/torrentpier/torrentpier/blob/master/LICENSE MIT License
|
||
*/
|
||
|
||
define('BB_SCRIPT', 'pm');
|
||
define('IN_PM', true);
|
||
|
||
require __DIR__ . '/common.php';
|
||
require INC_DIR . '/bbcode.php';
|
||
|
||
$privmsg_sent_id = $l_box_name = $to_username = $privmsg_subject = $privmsg_message = $error_msg = '';
|
||
|
||
// Page config
|
||
$page_cfg['use_tablesorter'] = true;
|
||
$page_cfg['load_tpl_vars'] = [
|
||
'pm_icons'
|
||
];
|
||
|
||
//
|
||
// Is PM disabled?
|
||
//
|
||
if ($bb_cfg['privmsg_disable']) {
|
||
bb_die('PM_DISABLED');
|
||
}
|
||
|
||
//
|
||
// Parameters
|
||
//
|
||
$submit = (bool)request_var('post', false);
|
||
$submit_search = (isset($_POST['usersubmit'])) ? true : 0;
|
||
$submit_msgdays = (isset($_POST['submit_msgdays'])) ? true : 0;
|
||
$cancel = (isset($_POST['cancel'])) ? true : 0;
|
||
$preview = (isset($_POST['preview'])) ? true : 0;
|
||
$confirmed = (isset($_POST['confirm'])) ? true : 0;
|
||
$delete = (isset($_POST['delete'])) ? true : 0;
|
||
$delete_all = (isset($_POST['deleteall'])) ? true : 0;
|
||
$save = (isset($_POST['save'])) ? true : 0;
|
||
$mode = isset($_REQUEST['mode']) ? htmlCHR($_REQUEST['mode']) : '';
|
||
|
||
$refresh = $preview || $submit_search;
|
||
|
||
$mark_list = (!empty($_POST['mark'])) ? $_POST['mark'] : 0;
|
||
|
||
if ($folder =& $_REQUEST['folder']) {
|
||
if ($folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox') {
|
||
$folder = 'inbox';
|
||
}
|
||
} else {
|
||
$folder = 'inbox';
|
||
}
|
||
|
||
// Start session management
|
||
$user->session_start(['req_login' => true]);
|
||
|
||
$template->assign_vars([
|
||
'IN_PM' => true,
|
||
'QUICK_REPLY' => $bb_cfg['show_quick_reply'] && $folder == 'inbox' && $mode == 'read',
|
||
]);
|
||
|
||
//
|
||
// Set mode for quick reply
|
||
//
|
||
if (empty($mode) && $bb_cfg['show_quick_reply'] && $folder == 'inbox' && $preview) {
|
||
$mode = 'reply';
|
||
}
|
||
|
||
//
|
||
// Cancel
|
||
//
|
||
if ($cancel) {
|
||
redirect(PM_URL . "?folder=$folder");
|
||
}
|
||
|
||
//
|
||
// Var definitions
|
||
//
|
||
$start = isset($_REQUEST['start']) ? abs((int)$_REQUEST['start']) : 0;
|
||
|
||
if (isset($_POST[POST_POST_URL]) || isset($_GET[POST_POST_URL])) {
|
||
$privmsg_id = isset($_POST[POST_POST_URL]) ? (int)$_POST[POST_POST_URL] : (int)$_GET[POST_POST_URL];
|
||
} else {
|
||
$privmsg_id = '';
|
||
}
|
||
|
||
$error = false;
|
||
|
||
//
|
||
// Define the box image links
|
||
//
|
||
$inbox_url = ($folder != 'inbox' || $mode != '') ? '<a href="' . PM_URL . "?folder=inbox" . '">' . $lang['INBOX'] . '</a>' : $lang['INBOX'];
|
||
$outbox_url = ($folder != 'outbox' || $mode != '') ? '<a href="' . PM_URL . "?folder=outbox" . '">' . $lang['OUTBOX'] . '</a>' : $lang['OUTBOX'];
|
||
$sentbox_url = ($folder != 'sentbox' || $mode != '') ? '<a href="' . PM_URL . "?folder=sentbox" . '">' . $lang['SENTBOX'] . '</a>' : $lang['SENTBOX'];
|
||
$savebox_url = ($folder != 'savebox' || $mode != '') ? '<a href="' . PM_URL . "?folder=savebox" . '">' . $lang['SAVEBOX'] . '</a>' : $lang['SAVEBOX'];
|
||
|
||
//
|
||
// Start main
|
||
//
|
||
$template->assign_var('POSTING_SUBJECT');
|
||
|
||
if ($mode == 'read') {
|
||
if (!empty($_GET[POST_POST_URL])) {
|
||
$privmsgs_id = (int)$_GET[POST_POST_URL];
|
||
} else {
|
||
bb_die($lang['NO_PM_ID']);
|
||
}
|
||
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$l_box_name = $lang['INBOX'];
|
||
$pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
case 'outbox':
|
||
$l_box_name = $lang['OUTBOX'];
|
||
$pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
|
||
break;
|
||
case 'sentbox':
|
||
$l_box_name = $lang['SENTBOX'];
|
||
$pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
break;
|
||
case 'savebox':
|
||
$l_box_name = $lang['SAVEBOX'];
|
||
$pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
|
||
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
|
||
)";
|
||
break;
|
||
default:
|
||
bb_die($lang['NO_SUCH_FOLDER']);
|
||
break;
|
||
}
|
||
|
||
//
|
||
// Major query obtains the message ...
|
||
//
|
||
$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_email, u.user_regdate, u.user_rank,
|
||
u2.username AS to_username, u2.user_id AS to_user_id, u2.user_rank as to_user_rank,
|
||
pm.*, pmt.privmsgs_text
|
||
FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u, " . BB_USERS . " u2
|
||
WHERE pm.privmsgs_id = $privmsgs_id
|
||
AND pmt.privmsgs_text_id = pm.privmsgs_id
|
||
$pm_sql_user
|
||
AND u.user_id = pm.privmsgs_from_userid
|
||
AND u2.user_id = pm.privmsgs_to_userid";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not query private message post information');
|
||
}
|
||
|
||
//
|
||
// Did the query return any data?
|
||
//
|
||
if (!($privmsg = DB()->sql_fetchrow($result))) {
|
||
redirect(PM_URL . "?folder=$folder");
|
||
}
|
||
|
||
$privmsg_id = $privmsg['privmsgs_id'];
|
||
|
||
//
|
||
// Is this a new message in the inbox? If it is then save
|
||
// a copy in the posters sent box
|
||
//
|
||
if (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL || $privmsg['privmsgs_type'] == PRIVMSGS_UNREAD_MAIL) && $folder == 'inbox') {
|
||
// Update appropriate counter
|
||
switch ($privmsg['privmsgs_type']) {
|
||
case PRIVMSGS_NEW_MAIL:
|
||
$sql = "user_new_privmsg = IF(user_new_privmsg, user_new_privmsg - 1, 0)";
|
||
break;
|
||
case PRIVMSGS_UNREAD_MAIL:
|
||
$sql = "user_unread_privmsg = IF(user_unread_privmsg, user_unread_privmsg - 1, 0)";
|
||
break;
|
||
}
|
||
|
||
$sql = "UPDATE " . BB_USERS . " SET $sql WHERE user_id = " . $userdata['user_id'];
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not update private message read status for user');
|
||
}
|
||
if (DB()->affected_rows()) {
|
||
\TorrentPier\Sessions::cache_rm_userdata($userdata);
|
||
}
|
||
|
||
$sql = "UPDATE " . BB_PRIVMSGS . "
|
||
SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
WHERE privmsgs_id = " . $privmsg['privmsgs_id'];
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not update private message read status');
|
||
}
|
||
|
||
// Check to see if the poster has a 'full' sent box
|
||
$sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time
|
||
FROM " . BB_PRIVMSGS . "
|
||
WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
|
||
AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain sent message info for sender');
|
||
}
|
||
|
||
if ($sent_info = DB()->sql_fetchrow($result)) {
|
||
if ($bb_cfg['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $bb_cfg['max_sentbox_privmsgs']) {
|
||
$sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
|
||
WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
|
||
AND privmsgs_date = " . $sent_info['oldest_post_time'] . "
|
||
AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not find oldest privmsgs');
|
||
}
|
||
$old_privmsgs_id = DB()->sql_fetchrow($result);
|
||
$old_privmsgs_id = (int)$old_privmsgs_id['privmsgs_id'];
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS . " WHERE privmsgs_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs (sent)');
|
||
}
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . " WHERE privmsgs_text_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs text (sent)');
|
||
}
|
||
}
|
||
}
|
||
|
||
//
|
||
// This makes a copy of the post and stores it as a sent message from the sender. Perhaps
|
||
// not the most DB friendly way but a lot easier to manage, besides the admin will be able to
|
||
// set limits on numbers of storable posts for users ... hopefully!
|
||
//
|
||
$sql = "INSERT INTO " . BB_PRIVMSGS . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip)
|
||
VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . DB()->escape($privmsg['privmsgs_subject']) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "')";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not insert private message sent info');
|
||
}
|
||
|
||
$privmsg_sent_id = DB()->sql_nextid();
|
||
|
||
$sql = "INSERT INTO " . BB_PRIVMSGS_TEXT . " (privmsgs_text_id, privmsgs_text)
|
||
VALUES ($privmsg_sent_id, '" . DB()->escape($privmsg['privmsgs_text']) . "')";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not insert private message sent text');
|
||
}
|
||
}
|
||
|
||
//
|
||
// Pick a folder, any folder, so long as it's one below ...
|
||
//
|
||
$post_urls = [
|
||
'post' => PM_URL . '?mode=post',
|
||
'reply' => PM_URL . '?mode=reply&' . POST_POST_URL . "=$privmsg_id",
|
||
'quote' => PM_URL . '?mode=quote&' . POST_POST_URL . "=$privmsg_id",
|
||
'edit' => PM_URL . '?mode=edit&' . POST_POST_URL . "=$privmsg_id"
|
||
];
|
||
$post_icons = [
|
||
'post_img' => '<a href="' . $post_urls['post'] . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['POST_NEW_PM'] . '" border="0" /></a>',
|
||
'post' => '<a href="' . $post_urls['post'] . '">' . $lang['POST_NEW_PM'] . '</a>',
|
||
'reply_img' => '<a href="' . $post_urls['reply'] . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['POST_REPLY_PM'] . '" border="0" /></a>',
|
||
'reply' => '<a href="' . $post_urls['reply'] . '">' . $lang['POST_REPLY_PM'] . '</a>',
|
||
'quote_img' => '<a href="' . $post_urls['quote'] . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['POST_QUOTE_PM'] . '" border="0" /></a>',
|
||
'quote' => '<a href="' . $post_urls['quote'] . '">' . $lang['POST_QUOTE_PM'] . '</a>',
|
||
'edit_img' => '<a href="' . $post_urls['edit'] . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['EDIT_PM'] . '" border="0" /></a>',
|
||
'edit' => '<a href="' . $post_urls['edit'] . '">' . $lang['EDIT_PM'] . '</a>'
|
||
];
|
||
|
||
if ($folder == 'inbox') {
|
||
$post_img = $post_icons['post_img'];
|
||
$reply_img = $post_icons['reply_img'];
|
||
$quote_img = $post_icons['quote_img'];
|
||
$edit_img = '';
|
||
$post = $post_icons['post'];
|
||
$reply = $post_icons['reply'];
|
||
$quote = $post_icons['quote'];
|
||
$edit = '';
|
||
$l_box_name = $lang['INBOX'];
|
||
} elseif ($folder == 'outbox') {
|
||
$post_img = $post_icons['post_img'];
|
||
$reply_img = '';
|
||
$quote_img = '';
|
||
$edit_img = $post_icons['edit_img'];
|
||
$post = $post_icons['post'];
|
||
$reply = '';
|
||
$quote = '';
|
||
$edit = $post_icons['edit'];
|
||
$l_box_name = $lang['OUTBOX'];
|
||
} elseif ($folder == 'savebox') {
|
||
if ($privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL) {
|
||
$post_img = $post_icons['post_img'];
|
||
$reply_img = $post_icons['reply_img'];
|
||
$quote_img = $post_icons['quote_img'];
|
||
$edit_img = '';
|
||
$post = $post_icons['post'];
|
||
$reply = $post_icons['reply'];
|
||
$quote = $post_icons['quote'];
|
||
$edit = '';
|
||
} else {
|
||
$post_img = $post_icons['post_img'];
|
||
$reply_img = '';
|
||
$quote_img = '';
|
||
$edit_img = '';
|
||
$post = $post_icons['post'];
|
||
$reply = '';
|
||
$quote = '';
|
||
$edit = '';
|
||
}
|
||
$l_box_name = $lang['SAVED'];
|
||
} elseif ($folder == 'sentbox') {
|
||
$post_img = $post_icons['post_img'];
|
||
$reply_img = '';
|
||
$quote_img = '';
|
||
$edit_img = '';
|
||
$post = $post_icons['post'];
|
||
$reply = '';
|
||
$quote = '';
|
||
$edit = '';
|
||
$l_box_name = $lang['SENT'];
|
||
}
|
||
|
||
$s_hidden_fields = '<input type="hidden" name="mark[]" value="' . $privmsgs_id . '" />';
|
||
|
||
$page_title = $lang['READ_PM'];
|
||
|
||
//
|
||
// Load templates
|
||
//
|
||
$template->set_filenames(['body' => 'privmsgs_read.tpl']);
|
||
|
||
$template->assign_vars([
|
||
'INBOX' => $inbox_url,
|
||
|
||
'POST_PM_IMG' => $post_img,
|
||
'REPLY_PM_IMG' => $reply_img,
|
||
'EDIT_PM_IMG' => $edit_img,
|
||
'QUOTE_PM_IMG' => $quote_img,
|
||
'POST_PM' => $post,
|
||
'REPLY_PM' => $reply,
|
||
'EDIT_PM' => $edit,
|
||
'QUOTE_PM' => $quote,
|
||
|
||
'SENTBOX' => $sentbox_url,
|
||
'OUTBOX' => $outbox_url,
|
||
'SAVEBOX' => $savebox_url,
|
||
'BOX_NAME' => $l_box_name,
|
||
|
||
'S_PRIVMSGS_ACTION' => PM_URL . "?folder=$folder",
|
||
'S_HIDDEN_FIELDS' => $s_hidden_fields
|
||
]);
|
||
|
||
$username_from = $privmsg['username'];
|
||
$user_id_from = $privmsg['user_id'];
|
||
$username_to = $privmsg['to_username'];
|
||
$user_id_to = $privmsg['to_user_id'];
|
||
|
||
$post_date = bb_date($privmsg['privmsgs_date']);
|
||
|
||
$temp_url = "profile.php?mode=viewprofile&" . POST_USERS_URL . '=' . $user_id_from;
|
||
$profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['READ_PROFILE'] . '" title="' . $lang['READ_PROFILE'] . '" border="0" /></a>';
|
||
$profile = '<a href="' . $temp_url . '">' . $lang['READ_PROFILE'] . '</a>';
|
||
|
||
$temp_url = PM_URL . "?mode=post&" . POST_USERS_URL . "=$user_id_from";
|
||
$pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['SEND_PRIVATE_MESSAGE'] . '" title="' . $lang['SEND_PRIVATE_MESSAGE'] . '" border="0" /></a>';
|
||
$pm = '<a href="' . $temp_url . '">' . $lang['SEND_PRIVATE_MESSAGE'] . '</a>';
|
||
|
||
$temp_url = "search.php?search_author=1&uid=$user_id_from";
|
||
$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '" title="' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '" border="0" /></a>';
|
||
$search = '<a href="' . $temp_url . '">' . sprintf($lang['SEARCH_USER_POSTS'], $username_from) . '</a>';
|
||
|
||
//
|
||
// Processing of post
|
||
//
|
||
$post_subject = htmlCHR($privmsg['privmsgs_subject']);
|
||
$private_message = $privmsg['privmsgs_text'];
|
||
$post_subject = $wordCensor->censorString($post_subject);
|
||
$private_message = $wordCensor->censorString($private_message);
|
||
$private_message = bbcode2html($private_message);
|
||
|
||
//
|
||
// Dump it to the templating engine
|
||
//
|
||
$template->assign_vars([
|
||
'TO_USER' => profile_url(['username' => $username_to, 'user_id' => $user_id_to, 'user_rank' => $privmsg['to_user_rank']]),
|
||
'FROM_USER' => profile_url($privmsg),
|
||
|
||
'QR_SUBJECT' => (!preg_match('/^Re:/', $post_subject) ? 'Re: ' : '') . $post_subject,
|
||
'MESSAGE_TO' => $username_to,
|
||
'MESSAGE_FROM' => $username_from,
|
||
'RANK_IMAGE' => (@$rank_image) ? $rank_image : '',
|
||
'POSTER_JOINED' => (@$poster_joined) ? $poster_joined : '',
|
||
'POSTER_POSTS' => (@$poster_posts) ? $poster_posts : '',
|
||
'POSTER_FROM' => (@$poster_from) ? $poster_from : '',
|
||
'POST_SUBJECT' => $post_subject,
|
||
'POST_DATE' => $post_date,
|
||
'PM_MESSAGE' => $private_message,
|
||
|
||
'PROFILE_IMG' => $profile_img,
|
||
'PROFILE' => $profile,
|
||
'SEARCH_IMG' => $search_img,
|
||
'SEARCH' => $search
|
||
]);
|
||
} elseif (($delete && $mark_list) || $delete_all) {
|
||
if (isset($mark_list) && !is_array($mark_list)) {
|
||
// Set to empty array instead of '0' if nothing is selected.
|
||
$mark_list = [];
|
||
}
|
||
|
||
if (!$confirmed) {
|
||
$delete = isset($_POST['delete']) ? 'delete' : 'deleteall';
|
||
|
||
$hidden_fields = [
|
||
'mode' => $mode,
|
||
$delete => 1
|
||
];
|
||
foreach ($mark_list as $pm_id) {
|
||
$hidden_fields['mark'][] = (int)$pm_id;
|
||
}
|
||
|
||
print_confirmation([
|
||
'QUESTION' => (count($mark_list) == 1) ? $lang['CONFIRM_DELETE_PM'] : $lang['CONFIRM_DELETE_PMS'],
|
||
'FORM_ACTION' => PM_URL . "?folder=$folder",
|
||
'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields)
|
||
]);
|
||
} elseif ($confirmed) {
|
||
$delete_sql_id = '';
|
||
|
||
if (!$delete_all) {
|
||
for ($i = 0, $iMax = count($mark_list); $i < $iMax; $i++) {
|
||
$delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . (int)$mark_list[$i];
|
||
}
|
||
$delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
|
||
}
|
||
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
|
||
privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'outbox':
|
||
$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'sentbox':
|
||
$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
break;
|
||
|
||
case 'savebox':
|
||
$delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
|
||
OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
|
||
break;
|
||
}
|
||
|
||
$sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . " WHERE $delete_type $delete_sql_id";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain id list to delete messages');
|
||
}
|
||
|
||
$mark_list = [];
|
||
while ($row = DB()->sql_fetchrow($result)) {
|
||
$mark_list[] = $row['privmsgs_id'];
|
||
}
|
||
|
||
unset($delete_type);
|
||
|
||
if (count($mark_list)) {
|
||
$delete_sql_id = '';
|
||
for ($i = 0, $iMax = count($mark_list); $i < $iMax; $i++) {
|
||
$delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . (int)$mark_list[$i];
|
||
}
|
||
|
||
if ($folder == 'inbox' || $folder == 'outbox') {
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$sql = "privmsgs_to_userid = " . $userdata['user_id'];
|
||
break;
|
||
case 'outbox':
|
||
$sql = "privmsgs_from_userid = " . $userdata['user_id'];
|
||
break;
|
||
}
|
||
|
||
// Get information relevant to new or unread mail
|
||
// so we can adjust users counters appropriately
|
||
$sql = "SELECT privmsgs_to_userid, privmsgs_type
|
||
FROM " . BB_PRIVMSGS . "
|
||
WHERE privmsgs_id IN ($delete_sql_id)
|
||
AND $sql
|
||
AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain user id list for outbox messages');
|
||
}
|
||
|
||
if ($row = DB()->sql_fetchrow($result)) {
|
||
$update_users = $update_list = [];
|
||
|
||
do {
|
||
switch ($row['privmsgs_type']) {
|
||
case PRIVMSGS_NEW_MAIL:
|
||
@$update_users['new'][$row['privmsgs_to_userid']]++;
|
||
break;
|
||
|
||
case PRIVMSGS_UNREAD_MAIL:
|
||
@$update_users['unread'][$row['privmsgs_to_userid']]++;
|
||
break;
|
||
}
|
||
} while ($row = DB()->sql_fetchrow($result));
|
||
|
||
if (count($update_users)) {
|
||
foreach ($update_users as $type => $users) {
|
||
foreach ($users as $user_id => $dec) {
|
||
$update_list[$type][$dec][] = $user_id;
|
||
}
|
||
}
|
||
unset($update_users);
|
||
|
||
foreach ($update_list as $type => $dec_ary) {
|
||
switch ($type) {
|
||
case 'new':
|
||
$type = "user_new_privmsg";
|
||
break;
|
||
|
||
case 'unread':
|
||
$type = "user_unread_privmsg";
|
||
break;
|
||
}
|
||
|
||
foreach ($dec_ary as $dec => $user_ary) {
|
||
$user_ids = implode(', ', $user_ary);
|
||
|
||
$sql = "UPDATE " . BB_USERS . "
|
||
SET $type = $type - $dec
|
||
WHERE user_id IN ($user_ids)";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not update user pm counters');
|
||
}
|
||
}
|
||
}
|
||
unset($update_list);
|
||
}
|
||
}
|
||
DB()->sql_freeresult($result);
|
||
}
|
||
|
||
// Delete the messages
|
||
$delete_text_sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . "
|
||
WHERE privmsgs_text_id IN ($delete_sql_id)";
|
||
$delete_sql = "DELETE FROM " . BB_PRIVMSGS . "
|
||
WHERE privmsgs_id IN ($delete_sql_id)
|
||
AND ";
|
||
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
|
||
privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'outbox':
|
||
$delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND (
|
||
privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'sentbox':
|
||
$delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
break;
|
||
|
||
case 'savebox':
|
||
$delete_sql .= "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
|
||
OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
|
||
break;
|
||
}
|
||
|
||
if (!DB()->sql_query($delete_sql)) {
|
||
bb_die('Could not delete private message info');
|
||
}
|
||
|
||
if (!DB()->sql_query($delete_text_sql)) {
|
||
bb_die('Could not delete private message text');
|
||
}
|
||
|
||
pm_die($lang['DELETE_POSTS_SUCCESFULLY']);
|
||
} else {
|
||
pm_die($lang['NONE_SELECTED']);
|
||
}
|
||
}
|
||
} elseif ($save && $mark_list && $folder != 'savebox' && $folder != 'outbox') {
|
||
if (count($mark_list)) {
|
||
// See if recipient is at their savebox limit
|
||
$sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time
|
||
FROM " . BB_PRIVMSGS . "
|
||
WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
|
||
OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain sent message info for sender');
|
||
}
|
||
|
||
if ($saved_info = DB()->sql_fetchrow($result)) {
|
||
if ($bb_cfg['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $bb_cfg['max_savebox_privmsgs']) {
|
||
$sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
|
||
WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
|
||
OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )
|
||
AND privmsgs_date = " . $saved_info['oldest_post_time'];
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not find oldest privmsgs (save)');
|
||
}
|
||
$old_privmsgs_id = DB()->sql_fetchrow($result);
|
||
$old_privmsgs_id = (int)$old_privmsgs_id['privmsgs_id'];
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS . " WHERE privmsgs_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs (save)');
|
||
}
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . " WHERE privmsgs_text_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs text (save)');
|
||
}
|
||
}
|
||
}
|
||
|
||
$saved_sql_id = '';
|
||
for ($i = 0, $iMax = count($mark_list); $i < $iMax; $i++) {
|
||
$saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . (int)$mark_list[$i];
|
||
}
|
||
|
||
// Process request
|
||
$saved_sql = "UPDATE " . BB_PRIVMSGS;
|
||
|
||
// Decrement read/new counters if appropriate
|
||
if ($folder == 'inbox' || $folder == 'outbox') {
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$sql = "privmsgs_to_userid = " . $userdata['user_id'];
|
||
break;
|
||
case 'outbox':
|
||
$sql = "privmsgs_from_userid = " . $userdata['user_id'];
|
||
break;
|
||
}
|
||
|
||
// Get information relevant to new or unread mail
|
||
// so we can adjust users counters appropriately
|
||
$sql = "SELECT privmsgs_to_userid, privmsgs_type
|
||
FROM " . BB_PRIVMSGS . "
|
||
WHERE privmsgs_id IN ($saved_sql_id)
|
||
AND $sql
|
||
AND privmsgs_type IN (" . PRIVMSGS_NEW_MAIL . ", " . PRIVMSGS_UNREAD_MAIL . ")";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain user id list for outbox messages');
|
||
}
|
||
|
||
if ($row = DB()->sql_fetchrow($result)) {
|
||
$update_users = $update_list = [];
|
||
|
||
do {
|
||
switch ($row['privmsgs_type']) {
|
||
case PRIVMSGS_NEW_MAIL:
|
||
($update_users['new'][$row['privmsgs_to_userid']] ??= 0) + 1;
|
||
break;
|
||
|
||
case PRIVMSGS_UNREAD_MAIL:
|
||
($update_users['unread'][$row['privmsgs_to_userid']] ??= 0) + 1;
|
||
break;
|
||
}
|
||
} while ($row = DB()->sql_fetchrow($result));
|
||
|
||
if (count($update_users)) {
|
||
foreach ($update_users as $type => $users) {
|
||
foreach ($users as $user_id => $dec) {
|
||
$update_list[$type][$dec][] = $user_id;
|
||
}
|
||
}
|
||
unset($update_users);
|
||
|
||
foreach ($update_list as $type => $dec_ary) {
|
||
switch ($type) {
|
||
case 'new':
|
||
$type = "user_new_privmsg";
|
||
break;
|
||
|
||
case 'unread':
|
||
$type = "user_unread_privmsg";
|
||
break;
|
||
}
|
||
|
||
foreach ($dec_ary as $dec => $user_ary) {
|
||
$user_ids = implode(', ', $user_ary);
|
||
|
||
$sql = "UPDATE " . BB_USERS . " SET $type = $type - $dec WHERE user_id IN ($user_ids)";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not update user pm counters');
|
||
}
|
||
}
|
||
}
|
||
unset($update_list);
|
||
}
|
||
}
|
||
DB()->sql_freeresult($result);
|
||
}
|
||
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "
|
||
WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . ")";
|
||
break;
|
||
|
||
case 'outbox':
|
||
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
|
||
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
|
||
break;
|
||
|
||
case 'sentbox':
|
||
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
|
||
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
break;
|
||
}
|
||
|
||
$saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";
|
||
|
||
if (!DB()->sql_query($saved_sql)) {
|
||
bb_die('Could not save private messages');
|
||
}
|
||
|
||
redirect(PM_URL . "?folder=savebox");
|
||
}
|
||
} elseif ($submit || $refresh || $mode != '') {
|
||
if (IS_USER && $submit && $mode != 'edit') {
|
||
// Flood control
|
||
$sql = "SELECT MAX(privmsgs_date) AS last_post_time FROM " . BB_PRIVMSGS . " WHERE privmsgs_from_userid = " . $userdata['user_id'];
|
||
if ($result = DB()->sql_query($sql)) {
|
||
$db_row = DB()->sql_fetchrow($result);
|
||
|
||
$last_post_time = $db_row['last_post_time'];
|
||
$current_time = TIMENOW;
|
||
|
||
if (($current_time - $last_post_time) < $bb_cfg['flood_interval']) {
|
||
bb_die($lang['FLOOD_ERROR']);
|
||
}
|
||
}
|
||
}
|
||
|
||
if ($submit && $mode == 'edit') {
|
||
$sql = 'SELECT privmsgs_from_userid
|
||
FROM ' . BB_PRIVMSGS . '
|
||
WHERE privmsgs_id = ' . (int)$privmsg_id . '
|
||
AND privmsgs_from_userid = ' . $userdata['user_id'];
|
||
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain message details');
|
||
}
|
||
|
||
if (!($row = DB()->sql_fetchrow($result))) {
|
||
bb_die($lang['NO_SUCH_POST']);
|
||
}
|
||
DB()->sql_freeresult($result);
|
||
|
||
unset($row);
|
||
}
|
||
|
||
if ($submit) {
|
||
if (!empty($_POST['username'])) {
|
||
$to_userdata = get_userdata($_POST['username'], true);
|
||
|
||
if (!$to_userdata || $to_userdata['user_id'] == GUEST_UID) {
|
||
$error = true;
|
||
$error_msg = $lang['NO_SUCH_USER'];
|
||
}
|
||
} else {
|
||
$error = true;
|
||
$error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['NO_TO_USER'];
|
||
}
|
||
|
||
$privmsg_subject = htmlCHR($_POST['subject']);
|
||
if (empty($privmsg_subject)) {
|
||
$error = true;
|
||
$error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['EMPTY_SUBJECT'];
|
||
}
|
||
|
||
if (!empty($_POST['message'])) {
|
||
if (!$error) {
|
||
$privmsg_message = prepare_message($_POST['message']);
|
||
}
|
||
} else {
|
||
$error = true;
|
||
$error_msg .= ((!empty($error_msg)) ? '<br />' : '') . $lang['EMPTY_MESSAGE'];
|
||
}
|
||
|
||
// Check smilies limit
|
||
if ($bb_cfg['max_smilies_pm']) {
|
||
$count_smilies = substr_count(bbcode2html($privmsg_message), '<img class="smile" src="' . $bb_cfg['smilies_path']);
|
||
if ($count_smilies > $bb_cfg['max_smilies_pm']) {
|
||
$error = true;
|
||
$error_msg .= ((!empty($error_msg)) ? '<br />' : '') . sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies_pm']);
|
||
}
|
||
}
|
||
}
|
||
|
||
if ($submit && !$error) {
|
||
//
|
||
// Has admin prevented user from sending PM's?
|
||
//
|
||
if (bf($userdata['user_opt'], 'user_opt', 'dis_pm')) {
|
||
bb_die($lang['CANNOT_SEND_PRIVMSG']);
|
||
}
|
||
|
||
$msg_time = TIMENOW;
|
||
|
||
if ($mode != 'edit') {
|
||
// See if recipient is at their inbox limit
|
||
$sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
|
||
FROM " . BB_PRIVMSGS . "
|
||
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
|
||
AND privmsgs_to_userid = " . $to_userdata['user_id'];
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die($lang['NO_SUCH_USER']);
|
||
}
|
||
|
||
if ($inbox_info = DB()->sql_fetchrow($result)) {
|
||
if ($bb_cfg['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $bb_cfg['max_inbox_privmsgs']) {
|
||
$sql = "SELECT privmsgs_id FROM " . BB_PRIVMSGS . "
|
||
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
|
||
AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
|
||
AND privmsgs_to_userid = " . $to_userdata['user_id'];
|
||
if (!$result = DB()->sql_query($sql)) {
|
||
bb_die('Could not find oldest privmsgs (inbox)');
|
||
}
|
||
$old_privmsgs_id = DB()->sql_fetchrow($result);
|
||
$old_privmsgs_id = (int)$old_privmsgs_id['privmsgs_id'];
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS . " WHERE privmsgs_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs (inbox)');
|
||
}
|
||
|
||
$sql = "DELETE FROM " . BB_PRIVMSGS_TEXT . " WHERE privmsgs_text_id = $old_privmsgs_id";
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not delete oldest privmsgs text (inbox)');
|
||
}
|
||
}
|
||
}
|
||
|
||
$sql_info = "INSERT INTO " . BB_PRIVMSGS . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip)
|
||
VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . DB()->escape($privmsg_subject) . "', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '" . USER_IP . "')";
|
||
} else {
|
||
$sql_info = "UPDATE " . BB_PRIVMSGS . "
|
||
SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '" . DB()->escape($privmsg_subject) . "', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '" . USER_IP . "'
|
||
WHERE privmsgs_id = $privmsg_id";
|
||
}
|
||
|
||
if (!($result = DB()->sql_query($sql_info))) {
|
||
bb_die('Could not insert / update private message sent info');
|
||
}
|
||
|
||
if ($mode != 'edit') {
|
||
$privmsg_sent_id = DB()->sql_nextid();
|
||
|
||
$sql = "INSERT INTO " . BB_PRIVMSGS_TEXT . " (privmsgs_text_id, privmsgs_text)
|
||
VALUES ($privmsg_sent_id, '" . DB()->escape($privmsg_message) . "')";
|
||
} else {
|
||
$sql = "UPDATE " . BB_PRIVMSGS_TEXT . "
|
||
SET privmsgs_text = '" . DB()->escape($privmsg_message) . "'
|
||
WHERE privmsgs_text_id = $privmsg_id";
|
||
}
|
||
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not insert / update private message sent text');
|
||
}
|
||
|
||
if ($mode != 'edit') {
|
||
$timenow = TIMENOW;
|
||
// Add to the users new pm counter
|
||
$sql = "UPDATE " . BB_USERS . " SET
|
||
user_new_privmsg = user_new_privmsg + 1,
|
||
user_last_privmsg = $timenow,
|
||
user_newest_pm_id = $privmsg_sent_id
|
||
WHERE user_id = {$to_userdata['user_id']}
|
||
LIMIT 1";
|
||
|
||
if (!$status = DB()->sql_query($sql)) {
|
||
bb_die('Could not update private message new / read status for user');
|
||
}
|
||
|
||
\TorrentPier\Sessions::cache_rm_user_sessions($to_userdata['user_id']);
|
||
|
||
if (bf($to_userdata['user_opt'], 'user_opt', 'user_notify_pm') && $to_userdata['user_active'] && $bb_cfg['pm_notify_enabled']) {
|
||
// Sending email
|
||
$emailer = new TorrentPier\Emailer();
|
||
|
||
$emailer->set_to($to_userdata['user_email'], $to_userdata['username']);
|
||
$emailer->set_subject($lang['EMAILER_SUBJECT']['PRIVMSG_NOTIFY']);
|
||
|
||
$emailer->set_template('privmsg_notify', $to_userdata['user_lang']);
|
||
$emailer->assign_vars([
|
||
'USERNAME' => html_entity_decode($to_username),
|
||
'NAME_FROM' => $userdata['username'],
|
||
'MSG_SUBJECT' => html_entity_decode($privmsg_subject),
|
||
'U_INBOX' => make_url(PM_URL . "?folder=inbox&mode=read&p=$privmsg_sent_id"),
|
||
]);
|
||
|
||
$emailer->send();
|
||
}
|
||
}
|
||
|
||
pm_die($lang['MESSAGE_SENT']);
|
||
} elseif ($preview || $refresh || $error) {
|
||
//
|
||
// If we're previewing or refreshing then obtain the data
|
||
// passed to the script, process it a little, do some checks
|
||
// where neccessary, etc.
|
||
//
|
||
$to_username = (isset($_POST['username'])) ? clean_username($_POST['username']) : '';
|
||
|
||
$privmsg_subject = (isset($_POST['subject'])) ? clean_title($_POST['subject']) : '';
|
||
$privmsg_message = (isset($_POST['message'])) ? prepare_message($_POST['message']) : '';
|
||
|
||
//
|
||
// Do mode specific things
|
||
//
|
||
if ($mode == 'edit') {
|
||
$page_title = $lang['EDIT_PM'];
|
||
|
||
$sql = "SELECT u.user_id
|
||
FROM " . BB_PRIVMSGS . " pm, " . BB_USERS . " u
|
||
WHERE pm.privmsgs_id = $privmsg_id
|
||
AND u.user_id = pm.privmsgs_from_userid";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain post and post text');
|
||
}
|
||
|
||
if ($postrow = DB()->sql_fetchrow($result)) {
|
||
if ($userdata['user_id'] != $postrow['user_id']) {
|
||
bb_die($lang['EDIT_OWN_POSTS']);
|
||
}
|
||
}
|
||
}
|
||
} else {
|
||
if (!$privmsg_id && ($mode == 'reply' || $mode == 'edit' || $mode == 'quote')) {
|
||
bb_die($lang['NO_POST_ID']);
|
||
}
|
||
|
||
if (!empty($_GET[POST_USERS_URL])) {
|
||
$user_id = (int)$_GET[POST_USERS_URL];
|
||
|
||
$sql = "SELECT username FROM " . BB_USERS . " WHERE user_id = $user_id AND user_id <> " . GUEST_UID;
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
$error = true;
|
||
$error_msg = $lang['NO_SUCH_USER'];
|
||
}
|
||
|
||
if ($row = DB()->sql_fetchrow($result)) {
|
||
$to_username = $row['username'];
|
||
}
|
||
} elseif ($mode == 'edit') {
|
||
$sql = "SELECT pm.*, pmt.privmsgs_text, u.username, u.user_id
|
||
FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u
|
||
WHERE pm.privmsgs_id = $privmsg_id
|
||
AND pmt.privmsgs_text_id = pm.privmsgs_id
|
||
AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
|
||
AND u.user_id = pm.privmsgs_to_userid";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain private message for editing #1');
|
||
}
|
||
|
||
if (!($privmsg = DB()->sql_fetchrow($result))) {
|
||
redirect(PM_URL . "?folder=$folder");
|
||
}
|
||
|
||
$privmsg_subject = $privmsg['privmsgs_subject'];
|
||
$privmsg_message = $privmsg['privmsgs_text'];
|
||
|
||
$to_username = $privmsg['username'];
|
||
$to_userid = $privmsg['user_id'];
|
||
} elseif ($mode == 'reply' || $mode == 'quote') {
|
||
$sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_text, u.username, u.user_id
|
||
FROM " . BB_PRIVMSGS . " pm, " . BB_PRIVMSGS_TEXT . " pmt, " . BB_USERS . " u
|
||
WHERE pm.privmsgs_id = $privmsg_id
|
||
AND pmt.privmsgs_text_id = pm.privmsgs_id
|
||
AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND u.user_id = pm.privmsgs_from_userid";
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not obtain private message for editing #2');
|
||
}
|
||
|
||
if (!($privmsg = DB()->sql_fetchrow($result))) {
|
||
redirect(PM_URL . "?folder=$folder");
|
||
}
|
||
|
||
$privmsg_subject = ((!preg_match('/^Re:/', $privmsg['privmsgs_subject'])) ? 'Re: ' : '') . $privmsg['privmsgs_subject'];
|
||
|
||
$to_username = $privmsg['username'];
|
||
$to_userid = $privmsg['user_id'];
|
||
|
||
if ($mode == 'quote') {
|
||
$privmsg_message = $privmsg['privmsgs_text'];
|
||
$msg_date = bb_date($privmsg['privmsgs_date']);
|
||
$privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]';
|
||
}
|
||
} else {
|
||
$privmsg_subject = $privmsg_message = $to_username = '';
|
||
}
|
||
}
|
||
|
||
//
|
||
// Has admin prevented user from sending PM's?
|
||
//
|
||
if (bf($userdata['user_opt'], 'user_opt', 'dis_pm') && $mode != 'edit') {
|
||
$message = ($lang['CANNOT_SEND_PRIVMSG']);
|
||
}
|
||
|
||
//
|
||
// Start output, first preview, then errors then post form
|
||
//
|
||
if ($mode == 'post') {
|
||
$page_title = $lang['POST_NEW_PM'];
|
||
} elseif ($mode == 'reply') {
|
||
$page_title = $lang['POST_REPLY_PM'];
|
||
} elseif ($mode == 'quote') {
|
||
$page_title = $lang['POST_QUOTE_PM'];
|
||
} elseif ($mode == 'edit') {
|
||
$page_title = $lang['EDIT_PM'];
|
||
}
|
||
|
||
if ($preview && !$error) {
|
||
$preview_message = bbcode2html($privmsg_message);
|
||
$preview_subject = $wordCensor->censorString($privmsg_subject);
|
||
$preview_message = $wordCensor->censorString($preview_message);
|
||
|
||
$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
|
||
$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
|
||
|
||
if (isset($privmsg_id)) {
|
||
$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
|
||
}
|
||
|
||
$template->assign_vars([
|
||
'TPL_PREVIEW_POST' => true,
|
||
'TOPIC_TITLE' => $preview_subject,
|
||
'POST_SUBJECT' => $preview_subject,
|
||
'MESSAGE_TO' => $to_username,
|
||
'MESSAGE_FROM' => $userdata['username'],
|
||
'POST_DATE' => bb_date(TIMENOW),
|
||
'PREVIEW_MSG' => $preview_message,
|
||
|
||
'S_HIDDEN_FIELDS' => $s_hidden_fields
|
||
]);
|
||
}
|
||
|
||
//
|
||
// Start error handling
|
||
//
|
||
if ($error) {
|
||
$template->assign_vars(['ERROR_MESSAGE' => $error_msg]);
|
||
}
|
||
|
||
//
|
||
// Load templates
|
||
//
|
||
$template->set_filenames(['body' => 'posting.tpl']);
|
||
|
||
//
|
||
// Enable extensions in posting_body
|
||
//
|
||
$template->assign_block_vars('switch_privmsg', []);
|
||
$template->assign_var('POSTING_USERNAME');
|
||
|
||
//
|
||
// Assign posting title & hidden fields
|
||
//
|
||
$post_a = false;
|
||
switch ($mode) {
|
||
case 'post':
|
||
$post_a = $lang['SEND_A_NEW_MESSAGE'];
|
||
break;
|
||
case 'quote':
|
||
case 'reply':
|
||
$post_a = $lang['SEND_A_REPLY'];
|
||
break;
|
||
case 'edit':
|
||
$post_a = $lang['EDIT_MESSAGE'];
|
||
break;
|
||
}
|
||
|
||
$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
|
||
$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
|
||
if ($mode == 'edit') {
|
||
$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
|
||
}
|
||
|
||
//
|
||
// Send smilies to template
|
||
//
|
||
generate_smilies('inline');
|
||
|
||
$privmsg_subject = clean_title($privmsg_subject);
|
||
|
||
$template->assign_vars([
|
||
'SUBJECT' => htmlCHR($privmsg_subject),
|
||
'USERNAME' => $to_username,
|
||
'MESSAGE' => $privmsg_message,
|
||
'FORUM_NAME' => $lang['PRIVATE_MESSAGE'],
|
||
|
||
'BOX_NAME' => $l_box_name,
|
||
'INBOX' => $inbox_url,
|
||
'SENTBOX' => $sentbox_url,
|
||
'OUTBOX' => $outbox_url,
|
||
'SAVEBOX' => $savebox_url,
|
||
|
||
'POSTING_TYPE_TITLE' => $post_a,
|
||
|
||
'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields,
|
||
'S_POST_ACTION' => PM_URL,
|
||
|
||
'U_SEARCH_USER' => 'search.php?mode=searchuser',
|
||
'U_VIEW_FORUM' => PM_URL
|
||
]);
|
||
} else {
|
||
//
|
||
// Reset PM counters
|
||
//
|
||
$userdata['user_new_privmsg'] = 0;
|
||
$userdata['user_unread_privmsg'] = $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'];
|
||
$userdata['user_last_privmsg'] = $userdata['session_start'];
|
||
|
||
//
|
||
// Update unread status
|
||
//
|
||
\TorrentPier\Sessions::db_update_userdata($userdata, [
|
||
'user_unread_privmsg' => 'user_unread_privmsg + user_new_privmsg',
|
||
'user_new_privmsg' => 0,
|
||
'user_last_privmsg' => $userdata['session_start']
|
||
]);
|
||
|
||
$sql = "UPDATE " . BB_PRIVMSGS . "
|
||
SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "
|
||
WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
AND privmsgs_to_userid = " . $userdata['user_id'];
|
||
if (!DB()->sql_query($sql)) {
|
||
bb_die('Could not update private message new / read status (2) for user');
|
||
}
|
||
|
||
//
|
||
// Generate page
|
||
//
|
||
$page_title = $lang['PRIVATE_MESSAGING'];
|
||
|
||
//
|
||
// Load templates
|
||
//
|
||
$template->set_filenames(['body' => 'privmsgs.tpl']);
|
||
|
||
//
|
||
// New message
|
||
//
|
||
$post_new_mesg_url = '<a href="' . PM_URL . '?mode=post"><img src="' . $images['post_new'] . '" alt="' . $lang['SEND_A_NEW_MESSAGE'] . '" border="0" /></a>';
|
||
|
||
//
|
||
// General SQL to obtain messages
|
||
//
|
||
$sql_tot = "SELECT COUNT(privmsgs_id) AS total
|
||
FROM " . BB_PRIVMSGS . " ";
|
||
$sql = "SELECT pm.privmsgs_type, pm.privmsgs_id, pm.privmsgs_date, pm.privmsgs_subject, u.user_id, u.username, u.user_rank
|
||
FROM " . BB_PRIVMSGS . " pm, " . BB_USERS . " u ";
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$sql_tot .= "WHERE privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
|
||
$sql .= "WHERE pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND u.user_id = pm.privmsgs_from_userid
|
||
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'outbox':
|
||
$sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
|
||
$sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND u.user_id = pm.privmsgs_to_userid
|
||
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
|
||
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
|
||
break;
|
||
|
||
case 'sentbox':
|
||
$sql_tot .= "WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
|
||
$sql .= "WHERE pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND u.user_id = pm.privmsgs_to_userid
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
|
||
break;
|
||
|
||
case 'savebox':
|
||
$sql_tot .= "WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
|
||
OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
|
||
|
||
$sql .= "WHERE u.user_id = pm.privmsgs_from_userid
|
||
AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
|
||
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
|
||
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) )";
|
||
break;
|
||
|
||
default:
|
||
bb_die($lang['NO_SUCH_FOLDER']);
|
||
break;
|
||
}
|
||
|
||
//
|
||
// Show messages over previous x days/months
|
||
//
|
||
if ($submit_msgdays && (!empty($_POST['msgdays']) || !empty($_GET['msgdays']))) {
|
||
$msg_days = (!empty($_POST['msgdays'])) ? (int)$_POST['msgdays'] : (int)$_GET['msgdays'];
|
||
$min_msg_time = TIMENOW - ($msg_days * 86400);
|
||
|
||
$limit_msg_time_total = " AND privmsgs_date > $min_msg_time";
|
||
$limit_msg_time = " AND pm.privmsgs_date > $min_msg_time ";
|
||
|
||
if (!empty($_POST['msgdays'])) {
|
||
$start = 0;
|
||
}
|
||
} else {
|
||
$limit_msg_time = $limit_msg_time_total = '';
|
||
$msg_days = 0;
|
||
}
|
||
|
||
$sql .= $limit_msg_time . " ORDER BY pm.privmsgs_date DESC LIMIT $start, " . $bb_cfg['topics_per_page'];
|
||
$sql_all_tot = $sql_tot;
|
||
$sql_tot .= $limit_msg_time_total;
|
||
|
||
//
|
||
// Get messages
|
||
//
|
||
if (!($result = DB()->sql_query($sql_tot))) {
|
||
bb_die('Could not query private message information #1');
|
||
}
|
||
|
||
$pm_total = ($row = DB()->sql_fetchrow($result)) ? $row['total'] : 0;
|
||
|
||
if (!($result = DB()->sql_query($sql_all_tot))) {
|
||
bb_die('Could not query private message information #2');
|
||
}
|
||
|
||
$pm_all_total = ($row = DB()->sql_fetchrow($result)) ? $row['total'] : 0;
|
||
|
||
//
|
||
// Build select box
|
||
//
|
||
$previous_days = [0, 1, 7, 14, 30, 90, 180, 364];
|
||
$previous_days_text = [$lang['ALL_POSTS'], $lang['1_DAY'], $lang['7_DAYS'], $lang['2_WEEKS'], $lang['1_MONTH'], $lang['3_MONTHS'], $lang['6_MONTHS'], $lang['1_YEAR']];
|
||
|
||
$select_msg_days = '';
|
||
for ($i = 0, $iMax = count($previous_days); $i < $iMax; $i++) {
|
||
$selected = ($msg_days == $previous_days[$i]) ? ' selected' : '';
|
||
$select_msg_days .= '<option value="' . $previous_days[$i] . '"' . $selected . '>' . $previous_days_text[$i] . '</option>';
|
||
}
|
||
|
||
//
|
||
// Define correct icons
|
||
//
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$l_box_name = $lang['INBOX'];
|
||
break;
|
||
case 'outbox':
|
||
$l_box_name = $lang['OUTBOX'];
|
||
break;
|
||
case 'savebox':
|
||
$l_box_name = $lang['SAVEBOX'];
|
||
break;
|
||
case 'sentbox':
|
||
$l_box_name = $lang['SENTBOX'];
|
||
break;
|
||
}
|
||
$post_pm = PM_URL . "?mode=post";
|
||
$post_pm_img = '<a href="' . $post_pm . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['POST_NEW_PM'] . '" border="0" /></a>';
|
||
$post_pm = '<a href="' . $post_pm . '">' . $lang['POST_NEW_PM'] . '</a>';
|
||
|
||
//
|
||
// Output data for inbox status
|
||
//
|
||
$box_limit_img_length = $box_limit_percent = $l_box_size_status = '';
|
||
$max_pm = ($folder != 'outbox') ? $bb_cfg["max_{$folder}_privmsgs"] : null;
|
||
|
||
if ($max_pm) {
|
||
$box_limit_percent = min(round(($pm_all_total / $max_pm) * 100), 100);
|
||
$box_limit_img_length = min(round(($pm_all_total / $max_pm) * $bb_cfg['privmsg_graphic_length']), $bb_cfg['privmsg_graphic_length']);
|
||
$box_limit_remain = max(($max_pm - $pm_all_total), 0);
|
||
|
||
$template->assign_var('PM_BOX_SIZE_INFO');
|
||
|
||
switch ($folder) {
|
||
case 'inbox':
|
||
$l_box_size_status = sprintf($lang['INBOX_SIZE'], $box_limit_percent);
|
||
break;
|
||
case 'sentbox':
|
||
$l_box_size_status = sprintf($lang['SENTBOX_SIZE'], $box_limit_percent);
|
||
break;
|
||
case 'savebox':
|
||
$l_box_size_status = sprintf($lang['SAVEBOX_SIZE'], $box_limit_percent);
|
||
break;
|
||
default:
|
||
$l_box_size_status = '';
|
||
break;
|
||
}
|
||
}
|
||
|
||
//
|
||
// Dump vars to template
|
||
//
|
||
$template->assign_vars([
|
||
'BOX_NAME' => $l_box_name,
|
||
'BOX_EXPL' => ($folder == 'outbox') ? $lang['OUTBOX_EXPL'] : '',
|
||
'INBOX' => $inbox_url,
|
||
'SENTBOX' => $sentbox_url,
|
||
'OUTBOX' => $outbox_url,
|
||
'SAVEBOX' => $savebox_url,
|
||
|
||
'POST_PM_IMG' => $post_pm_img,
|
||
'POST_PM' => $post_pm,
|
||
|
||
'INBOX_LIMIT_IMG_WIDTH' => max(4, $box_limit_img_length),
|
||
'INBOX_LIMIT_PERCENT' => $box_limit_percent,
|
||
|
||
'BOX_SIZE_STATUS' => ($l_box_size_status) ?: '',
|
||
|
||
'L_FROM_OR_TO' => ($folder == 'inbox' || $folder == 'savebox') ? $lang['FROM'] : $lang['TO'],
|
||
|
||
'S_PRIVMSGS_ACTION' => PM_URL . "?folder=$folder",
|
||
'S_HIDDEN_FIELDS' => '',
|
||
'S_POST_NEW_MSG' => $post_new_mesg_url,
|
||
'S_SELECT_MSG_DAYS' => $select_msg_days,
|
||
|
||
'U_POST_NEW_TOPIC' => PM_URL . '?mode=post'
|
||
]);
|
||
|
||
//
|
||
// Okay, let's build the correct folder
|
||
//
|
||
if (!($result = DB()->sql_query($sql))) {
|
||
bb_die('Could not query private messages');
|
||
}
|
||
|
||
if ($row = DB()->sql_fetchrow($result)) {
|
||
$i = 0;
|
||
do {
|
||
$privmsg_id = $row['privmsgs_id'];
|
||
|
||
$flag = $row['privmsgs_type'];
|
||
|
||
$icon_flag = ($flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL) ? $images['pm_unreadmsg'] : $images['pm_readmsg'];
|
||
$icon_flag_alt = ($flag == PRIVMSGS_NEW_MAIL || $flag == PRIVMSGS_UNREAD_MAIL) ? $lang['UNREAD_MESSAGE'] : $lang['READ_MESSAGE'];
|
||
|
||
$msg_userid = $row['user_id'];
|
||
$msg_user = profile_url($row);
|
||
$msg_subject = $wordCensor->censorString($row['privmsgs_subject']);
|
||
|
||
$u_subject = PM_URL . "?folder=$folder&mode=read&" . POST_POST_URL . "=$privmsg_id";
|
||
|
||
$msg_date = bb_date($row['privmsgs_date']);
|
||
|
||
if ($flag == PRIVMSGS_NEW_MAIL && $folder == 'inbox') {
|
||
$msg_subject = '<b>' . $msg_subject . '</b>';
|
||
$msg_date = '<b>' . $msg_date . '</b>';
|
||
$msg_user = '<b>' . $msg_user . '</b>';
|
||
}
|
||
|
||
$row_class = !($i & 1) ? 'row1' : 'row2';
|
||
$i++;
|
||
|
||
$template->assign_block_vars('listrow', [
|
||
'ROW_CLASS' => $row_class,
|
||
'FROM' => $msg_user,
|
||
'SUBJECT' => htmlCHR($msg_subject),
|
||
'DATE' => $msg_date,
|
||
'DATE_RAW' => $row['privmsgs_date'],
|
||
|
||
'PRIVMSG_FOLDER_IMG' => $icon_flag,
|
||
'L_PRIVMSG_FOLDER_ALT' => $icon_flag_alt,
|
||
'S_MARK_ID' => $privmsg_id,
|
||
'U_READ' => $u_subject
|
||
]);
|
||
} while ($row = DB()->sql_fetchrow($result));
|
||
|
||
generate_pagination(PM_URL . "?folder=$folder", $pm_total, $bb_cfg['topics_per_page'], $start);
|
||
} else {
|
||
$template->assign_block_vars('switch_no_messages', []);
|
||
}
|
||
}
|
||
|
||
$template->assign_vars(['PAGE_TITLE' => @$page_title]);
|
||
|
||
require(PAGE_HEADER);
|
||
|
||
$template->pparse('body');
|
||
|
||
require(PAGE_FOOTER);
|
||
|
||
//
|
||
// Functions
|
||
//
|
||
function pm_die($msg)
|
||
{
|
||
global $lang;
|
||
|
||
$msg .= '<br /><br />';
|
||
$msg .= sprintf($lang['CLICK_RETURN_INBOX'], '<a href="' . PM_URL . "?folder=inbox" . '">', '</a> ');
|
||
$msg .= sprintf($lang['CLICK_RETURN_SENTBOX'], '<a href="' . PM_URL . "?folder=sentbox" . '">', '</a> ');
|
||
$msg .= sprintf($lang['CLICK_RETURN_OUTBOX'], '<a href="' . PM_URL . "?folder=outbox" . '">', '</a> ');
|
||
$msg .= sprintf($lang['CLICK_RETURN_SAVEBOX'], '<a href="' . PM_URL . "?folder=savebox" . '">', '</a> ');
|
||
$msg .= '<br /><br />';
|
||
$msg .= sprintf($lang['CLICK_RETURN_INDEX'], '<a href="' . "index.php" . '">', '</a>');
|
||
|
||
bb_die($msg);
|
||
}
|