Vergleich private.php - 1.4.4 - 1.4.14

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 1Zeile 1
<?php
/**
* MyBB 1.4

<?php
/**
* MyBB 1.4

 * Copyright � 2008 MyBB Group, All Rights Reserved

 * Copyright © 2008 MyBB Group, All Rights Reserved

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 *
* Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: private.php 4267 2008-11-10 21:28:36Z Tikitiki $

 * $Id: private.php 4864 2010-04-10 09:13:19Z RyanGordon $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 47Zeile 47
}

// On a random occassion, recount the users pm's just to make sure everything is in sync.

}

// On a random occassion, recount the users pm's just to make sure everything is in sync.

$rand = rand(0, 9);

$rand = my_rand(0, 9);

if($rand == 5)
{
update_pm_count();

if($rand == 5)
{
update_pm_count();

Zeile 367Zeile 367
				}	
}


				}	
}


			$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))

			if(!empty($recipientids))


			{

			{

				if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))


				$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))

				{

				{

					$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';




					if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';
}

				}
}
}

				}
}
}

Zeile 386Zeile 389
			$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$pm['message'] = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $pm['message']);

			$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);


if($mybb->input['do'] == 'forward')


if($mybb->input['do'] == 'forward')

			{

			{

				$subject = "Fw: $subject";
}
elseif($mybb->input['do'] == 'reply')

				$subject = "Fw: $subject";
}
elseif($mybb->input['do'] == 'reply')

Zeile 413Zeile 416

// Get list of recipients
$recipients = unserialize($pm['recipients']);


// Get list of recipients
$recipients = unserialize($pm['recipients']);

 
				$recipientids = $pm['fromid'];

				if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

				if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

Zeile 452Zeile 456
	{
$to = htmlspecialchars_uni($mybb->input['to']);
$bcc = htmlspecialchars_uni($mybb->input['bcc']);

	{
$to = htmlspecialchars_uni($mybb->input['to']);
$bcc = htmlspecialchars_uni($mybb->input['bcc']);

	}

	}


// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");

$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];


// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");

$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];

	if($do != "forward" && $do != "reply")

	if($do != "forward" && $do != "reply" && $do != "replyall")

	{
$do = '';
}

	{
$do = '';
}

Zeile 498Zeile 502
	{
header("Location: private.php?action=send&pmid={$pm['pmid']}");
exit;

	{
header("Location: private.php?action=send&pmid={$pm['pmid']}");
exit;

	}


	}


	if(!$pm['pmid'])

	if(!$pm['pmid'])

	{

	{

		error($lang->error_invalidpm);
}


		error($lang->error_invalidpm);
}


Zeile 514Zeile 518
		else
{
$receiptadd = 2;

		else
{
$receiptadd = 2;

		}
}

		}
}


if($pm['status'] == 0)
{


if($pm['status'] == 0)
{

Zeile 546Zeile 550
	}
// Replied PM?
else if($pm['status'] == 3 && $pm['statustime'])

	}
// Replied PM?
else if($pm['status'] == 3 && $pm['statustime'])

	{

	{

		$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

		$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

		

		

		if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		{
$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);

		{
$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);

			$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);

			$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);

		}

		}

		else
{
$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied_on, $reply_date);

		else
{
$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied_on, $reply_date);

		}

eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}

		}

eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}

	else if($pm['status'] == 4 && $pm['statustime'])
{
$forward_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

	else if($pm['status'] == 4 && $pm['statustime'])
{
$forward_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

Zeile 623Zeile 627
		else if(in_array($recipient['uid'], $pm['recipients']['to']))
{
$to_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

		else if(in_array($recipient['uid'], $pm['recipients']['to']))
{
$to_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

		}
}


		}
}


	if(count($bcc_recipients) > 0)

	if(count($bcc_recipients) > 0)

	{

	{

		$bcc_recipients = implode(', ', $bcc_recipients);
eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");
}

		$bcc_recipients = implode(', ', $bcc_recipients);
eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");
}

Zeile 639Zeile 643
	}

if(count($to_recipients) > 0)

	}

if(count($to_recipients) > 0)

	{

	{

		$to_recipients = implode(", ", $to_recipients);

		$to_recipients = implode(", ", $to_recipients);

	}

	}

	else
{
$to_recipients = $lang->nobody;

	else
{
$to_recipients = $lang->nobody;

Zeile 654Zeile 658
	eval("\$read = \"".$templates->get("private_read")."\";");
$plugins->run_hooks("private_read_end");
output_page($read);

	eval("\$read = \"".$templates->get("private_read")."\";");
$plugins->run_hooks("private_read_end");
output_page($read);

}

}


if($mybb->input['action'] == "tracking")
{


if($mybb->input['action'] == "tracking")
{

Zeile 670Zeile 674
		ORDER BY pm.readtime DESC
");
while($readmessage = $db->fetch_array($query))

		ORDER BY pm.readtime DESC
");
while($readmessage = $db->fetch_array($query))

	{

	{

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));
$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));
$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);

Zeile 747Zeile 751
		redirect("private.php", $lang->redirect_pmstrackingstopped);
}
elseif($mybb->input['cancel'])

		redirect("private.php", $lang->redirect_pmstrackingstopped);
}
elseif($mybb->input['cancel'])

	{

	{

		if(is_array($mybb->input['unreadcheck']))
{
foreach($mybb->input['unreadcheck'] as $pmid => $val)

		if(is_array($mybb->input['unreadcheck']))
{
foreach($mybb->input['unreadcheck'] as $pmid => $val)

Zeile 1065Zeile 1069

$plugins->run_hooks("private_delete_start");



$plugins->run_hooks("private_delete_start");


	$sql_array = array(
"folder" => 4,
"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'");









	$query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)
{
$db->delete_query("privatemessages", "pmid='".intval($mybb->input['pmid'])."'");
}
else
{
$sql_array = array(
"folder" => 4,
"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'");
}


// Update PM count
update_pm_count();


// Update PM count
update_pm_count();

Zeile 1081Zeile 1093
if($mybb->input['action'] == "export")
{
$plugins->run_hooks("private_export_start");

if($mybb->input['action'] == "export")
{
$plugins->run_hooks("private_export_start");

	

	

	$folderlist = "<select name=\"exportfolders[]\" multiple=\"multiple\">\n";
$folderlist .= "<option value=\"all\" selected=\"selected\">$lang->all_folders</option>";

	$folderlist = "<select name=\"exportfolders[]\" multiple=\"multiple\">\n";
$folderlist .= "<option value=\"all\" selected=\"selected\">$lang->all_folders</option>";

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);

		$folderlist .= "<option value=\"$folderinfo[0]\">$folderinfo[1]</option>\n";
}
$folderlist .= "</select>\n";
eval("\$archive = \"".$templates->get("private_archive")."\";");

		$folderlist .= "<option value=\"$folderinfo[0]\">$folderinfo[1]</option>\n";
}
$folderlist .= "</select>\n";
eval("\$archive = \"".$templates->get("private_archive")."\";");

	
$plugins->run_hooks("private_export_end");


	
$plugins->run_hooks("private_export_end");


	output_page($archive);
}


	output_page($archive);
}


Zeile 1121Zeile 1133
	if($mybb->input['pmid'])
{
$wsql = "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'";

	if($mybb->input['pmid'])
{
$wsql = "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'";

	}
else
{

	}
else
{

		if($mybb->input['daycut'] && ($mybb->input['dayway'] != "disregard"))
{
$datecut = TIME_NOW-($mybb->input['daycut'] * 86400);
$wsql = "pm.dateline";
if($mybb->input['dayway'] == "older")

		if($mybb->input['daycut'] && ($mybb->input['dayway'] != "disregard"))
{
$datecut = TIME_NOW-($mybb->input['daycut'] * 86400);
$wsql = "pm.dateline";
if($mybb->input['dayway'] == "older")

			{

			{

				$wsql .= "<=";

				$wsql .= "<=";

			}

			}

			else
{
$wsql .= ">=";
}
$wsql .= "'$datecut'";

			else
{
$wsql .= ">=";
}
$wsql .= "'$datecut'";

		}
else
{

		}
else
{

			$wsql = "1=1";
}


			$wsql = "1=1";
}


Zeile 1154Zeile 1166
				{
$folderlst = '';
break;

				{
$folderlst = '';
break;

				}

				}

				else
{
if(!$folderlst)

				else
{
if(!$folderlst)

					{

					{

						$folderlst = " AND pm.folder IN ('$val'";

						$folderlst = " AND pm.folder IN ('$val'";

					}

					}

					else
{
$folderlst .= ",'$val'";

					else
{
$folderlst .= ",'$val'";

Zeile 1170Zeile 1182
			if($folderlst)
{
$folderlst .= ")";

			if($folderlst)
{
$folderlst .= ")";

			}

			}

			$wsql .= "$folderlst";
}
else

			$wsql .= "$folderlst";
}
else

Zeile 1247Zeile 1259
		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		}

		}


$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")


$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")

Zeile 1327Zeile 1339
	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

		$db->delete_query("privatemessages", "pmid IN (''$ids)");

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");

		// Update PM count
update_pm_count();
}

		// Update PM count
update_pm_count();
}

Zeile 1341Zeile 1353
	{
$filename = "pm-archive.csv";
$contenttype = "application/octet-stream";

	{
$filename = "pm-archive.csv";
$contenttype = "application/octet-stream";

	}

	}

	else

	else

	{

	{

		$filename = "pm-archive.txt";
$contenttype = "text/plain";
}

		$filename = "pm-archive.txt";
$contenttype = "text/plain";
}

	

	

	$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");
header("Content-type: ".$contenttype);

	$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");
header("Content-type: ".$contenttype);

	

	

	$plugins->run_hooks("private_do_export_end");

if($mybb->input['exporttype'] == "html")
{
output_page($archived);

	$plugins->run_hooks("private_do_export_end");

if($mybb->input['exporttype'] == "html")
{
output_page($archived);

	}

	}

	else

	else

	{

	{

		echo $archived;

		echo $archived;

	}

	}

}

if(!$mybb->input['action'])
{
$plugins->run_hooks("private_start");

}

if(!$mybb->input['action'])
{
$plugins->run_hooks("private_start");

	

	

	if(!$mybb->input['fid'])
{
$mybb->input['fid'] = 1;
}

	if(!$mybb->input['fid'])
{
$mybb->input['fid'] = 1;
}




	
$folder = '';

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

Zeile 1434Zeile 1447
	{		
// Get all recipients into an array
$cached_users = $get_users = array();

	{		
// Get all recipients into an array
$cached_users = $get_users = array();

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage));

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

Zeile 1562Zeile 1575
			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" valign=\"middle\" align=\"center\" />&nbsp;";

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

			}
else
{

			}
else
{

				$icon = '';

				$icon = '&nbsp;';

			}

if(!trim($message['subject']))

			}

if(!trim($message['subject']))