Vergleich private.php - 1.4.3 - 1.4.11

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 1Zeile 1
<?php
/**
* MyBB 1.4

<?php
/**
* MyBB 1.4

 * Copyright � 2008 MyBB Group, All Rights Reserved

 * Copyright © 2008 MyBB Group, All Rights Reserved

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: private.php 4188 2008-09-14 05:05:26Z Tikitiki $

 * $Id: private.php 4463 2009-10-01 11:40:53Z Tomm $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 347Zeile 347
			// Get list of recipients
$recipients = unserialize($pm['recipients']);
$comma = '';

			// Get list of recipients
$recipients = unserialize($pm['recipients']);
$comma = '';

			$recipientids = $pm['fromid'];

 
			if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

			if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

Zeile 357Zeile 356
					$comma = ',';
}
}

					$comma = ',';
}
}



			

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			{

			{

				foreach($recipients['bcc'] as $recipient)

				foreach($recipients['bcc'] as $recipient)

				{

				{

					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';
}
}


					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';
}
}


			$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';




			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';
}

				}

				}

			}

			}

		}
else
{ // forward/reply

		}
else
{ // forward/reply

Zeile 387Zeile 389
			$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$pm['message'] = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $pm['message']);

			$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);


if($mybb->input['do'] == 'forward')
{
$subject = "Fw: $subject";
}
elseif($mybb->input['do'] == 'reply')


if($mybb->input['do'] == 'forward')
{
$subject = "Fw: $subject";
}
elseif($mybb->input['do'] == 'reply')

			{

			{

				$subject = "Re: $subject";
$uid = $pm['fromid'];
if($mybb->user['uid'] == $uid)

				$subject = "Re: $subject";
$uid = $pm['fromid'];
if($mybb->user['uid'] == $uid)

Zeile 425Zeile 427
						}
$recipientids .= ','.$recipient;
}

						}
$recipientids .= ','.$recipient;
}

				}

				}

				$comma = '';
$query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))

				$comma = '';
$query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))

Zeile 461Zeile 463

$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];


$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];

	if($do != "forward" && $do != "reply")

	if($do != "forward" && $do != "reply" && $do != "replyall")

	{
$do = '';
}

	{
$do = '';
}

Zeile 474Zeile 476
		$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");
}

		$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");
}





	eval("\$send = \"".$templates->get("private_send")."\";");
$plugins->run_hooks("private_send_end");
output_page($send);
}

	eval("\$send = \"".$templates->get("private_send")."\";");
$plugins->run_hooks("private_send_end");
output_page($send);
}







if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");

if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");





	$pmid = intval($mybb->input['pmid']);

$query = $db->query("
SELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle

	$pmid = intval($mybb->input['pmid']);

$query = $db->query("
SELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle

		FROM ".TABLE_PREFIX."privatemessages pm

		FROM ".TABLE_PREFIX."privatemessages pm

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

Zeile 497Zeile 499
	");
$pm = $db->fetch_array($query);
if($pm['folder'] == 3)

	");
$pm = $db->fetch_array($query);
if($pm['folder'] == 3)

	{

	{

		header("Location: private.php?action=send&pmid={$pm['pmid']}");
exit;
}

		header("Location: private.php?action=send&pmid={$pm['pmid']}");
exit;
}

Zeile 505Zeile 507
	if(!$pm['pmid'])
{
error($lang->error_invalidpm);

	if(!$pm['pmid'])
{
error($lang->error_invalidpm);

	}

	}


if($pm['receipt'] == 1)
{


if($pm['receipt'] == 1)
{

Zeile 552Zeile 554
		$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		{

		{

			$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);
}

			$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);
}

Zeile 600Zeile 602
	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	}

	}


$show_bcc = 0;



$show_bcc = 0;


Zeile 615Zeile 617
	$bcc_recipients = $to_recipients = array();
$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))

	$bcc_recipients = $to_recipients = array();
$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))

	{

	{

		// User is a BCC recipient
if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{

		// User is a BCC recipient
if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{

Zeile 647Zeile 649
	else
{
$to_recipients = $lang->nobody;

	else
{
$to_recipients = $lang->nobody;

	}

	}


eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");



eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");


Zeile 663Zeile 665
	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';

	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';

	

	

	$query = $db->query("
SELECT pm.*, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

	$query = $db->query("
SELECT pm.*, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

Zeile 678Zeile 680
		$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);
$readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);
$readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

	}

	}

	
if(!$readmessages)
{

	
if(!$readmessages)
{

Zeile 741Zeile 743
			{
$sql_array = array(
"receipt" => 0

			{
$sql_array = array(
"receipt" => 0

				);

				);

				$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}

				$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}

Zeile 992Zeile 994
		header("Location: private.php?fid=".intval($mybb->input['jumpto']));
}
elseif($mybb->input['moveto'])

		header("Location: private.php?fid=".intval($mybb->input['jumpto']));
}
elseif($mybb->input['moveto'])

	{
if(is_array($mybb->input['check']))

	{
if(is_array($mybb->input['check']))

		{
foreach($mybb->input['check'] as $key => $val)
{

		{
foreach($mybb->input['check'] as $key => $val)
{

Zeile 1001Zeile 1003
					"folder" => intval($mybb->input['fid'])
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($key)."' AND uid='".$mybb->user['uid']."'");

					"folder" => intval($mybb->input['fid'])
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($key)."' AND uid='".$mybb->user['uid']."'");

			}
}
// Update PM count

			}
}
// Update PM count

		update_pm_count();

if(!empty($mybb->input['fromfid']))

		update_pm_count();

if(!empty($mybb->input['fromfid']))

Zeile 1031Zeile 1033
			
$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
while($delpm = $db->fetch_array($query))

			
$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
while($delpm = $db->fetch_array($query))

			{

			{

				$deletepms[$delpm['pmid']] = 1;
}


				$deletepms[$delpm['pmid']] = 1;
}


Zeile 1040Zeile 1042
			{
$key = intval($key);
if($deletepms[$key])

			{
$key = intval($key);
if($deletepms[$key])

				{

				{

					$db->delete_query("privatemessages", "pmid='$key' AND uid='".$mybb->user['uid']."'");
}
else

					$db->delete_query("privatemessages", "pmid='$key' AND uid='".$mybb->user['uid']."'");
}
else

Zeile 1059Zeile 1061
		redirect("private.php", $lang->redirect_pmsdeleted);
}
}

		redirect("private.php", $lang->redirect_pmsdeleted);
}
}





if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);





	$plugins->run_hooks("private_delete_start");


	$plugins->run_hooks("private_delete_start");


	$sql_array = array(
"folder" => 4,
"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'");









	$query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)
{
$db->delete_query("privatemessages", "pmid='".intval($mybb->input['pmid'])."'");
}
else
{
$sql_array = array(
"folder" => 4,
"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'");
}


// Update PM count
update_pm_count();


// Update PM count
update_pm_count();

Zeile 1329Zeile 1339
	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

		$db->delete_query("privatemessages", "pmid IN (''$ids)");

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");

		// Update PM count
update_pm_count();
}

		// Update PM count
update_pm_count();
}

Zeile 1374Zeile 1384
	{
$mybb->input['fid'] = 1;
}

	{
$mybb->input['fid'] = 1;
}




	
$folder = '';

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

Zeile 1436Zeile 1447
	{		
// Get all recipients into an array
$cached_users = $get_users = array();

	{		
// Get all recipients into an array
$cached_users = $get_users = array();

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage));

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

Zeile 1564Zeile 1575
			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" valign=\"middle\" align=\"center\" />&nbsp;";

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

			}
else
{

			}
else
{

				$icon = '';

				$icon = '&nbsp;';

			}

if(!trim($message['subject']))

			}

if(!trim($message['subject']))