| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: pm.php 5625 2011-10-02 19:16:35Z ralgith $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 34 | Zeile 34 |
|---|
* @var string
*/
public $language_prefix = 'pmdata';
|
* @var string
*/
public $language_prefix = 'pmdata';
|
|
|
/**
* Array of data inserted in to a private message.
*
* @var array
*/
public $pm_insert_data = array();
|
/**
* Array of data inserted in to a private message.
*
* @var array
*/
public $pm_insert_data = array();
|
|
|
/**
* Array of data used to update a private message.
*
* @var array
*/
public $pm_update_data = array();
|
/**
* Array of data used to update a private message.
*
* @var array
*/
public $pm_update_data = array();
|
|
|
/**
* PM ID currently being manipulated by the datahandlers.
*/
|
/**
* PM ID currently being manipulated by the datahandlers.
*/
|
public $pmid = 0;
| public $pmid = 0;
|
/**
* Verifies a private message subject.
|
/**
* Verifies a private message subject.
|
| Zeile 62 | Zeile 62 |
|---|
function verify_subject()
{
$subject = &$this->data['subject'];
|
function verify_subject()
{
$subject = &$this->data['subject'];
|
| |
$subject = utf8_handle_4byte_string($subject);
|
// Subject is over 85 characters, too long.
if(my_strlen($subject) > 85)
{
$this->set_error("too_long_subject");
|
// Subject is over 85 characters, too long.
if(my_strlen($subject) > 85)
{
$this->set_error("too_long_subject");
|
return false;
| return false;
|
}
// No subject, apply the default [no subject]
if(!trim_blank_chrs($subject))
| }
// No subject, apply the default [no subject]
if(!trim_blank_chrs($subject))
|
| Zeile 86 | Zeile 88 |
|---|
function verify_message()
{
$message = &$this->data['message'];
|
function verify_message()
{
$message = &$this->data['message'];
|
| |
$message = utf8_handle_4byte_string($message);
|
// No message, return an error.
if(trim_blank_chrs($message) == '')
|
// No message, return an error.
if(trim_blank_chrs($message) == '')
|
| Zeile 141 | Zeile 145 |
|---|
*/
function verify_recipient()
{
|
*/
function verify_recipient()
{
|
global $db, $mybb, $lang;
| global $cache, $db, $mybb, $lang;
|
$pm = &$this->data;
|
$pm = &$this->data;
|
|
|
$recipients = array();
|
$recipients = array();
|
|
|
$invalid_recipients = array();
// We have our recipient usernames but need to fetch user IDs
if(array_key_exists("to", $pm))
| $invalid_recipients = array();
// We have our recipient usernames but need to fetch user IDs
if(array_key_exists("to", $pm))
|
| Zeile 162 | Zeile 166 |
|---|
if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
|
if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
|
}
foreach($pm[$recipient_type] as $username)
{
$username = trim($username);
if(empty($username))
{
continue;
}
// Check that this recipient actually exists
$query = $db->simple_select("users", "*", "username='".$db->escape_string($username)."'");
$user = $db->fetch_array($query);
if($recipient_type == "bcc")
{
| }
$recipientUsernames = array_map('trim', $pm[$recipient_type]);
$recipientUsernames = array_filter($recipientUsernames);
$recipientUsernames = array_map(array($db, 'escape_string'), $recipientUsernames);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";
$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');
$validUsernames = array();
while ($user = $db->fetch_array($query)) {
if ($recipient_type == "bcc") {
|
$user['bcc'] = 1;
|
$user['bcc'] = 1;
|
}
if($user['uid'])
{
$recipients[] = $user;
}
else
{
$invalid_recipients[] = $username;
}
}
| }
$recipients[] = $user;
$validUsernames[] = $user['username'];
}
foreach ($pm[$recipient_type] as $username) {
if (!in_array($username, $validUsernames) AND trim($username)) {
$invalid_recipients[] = $username;
}
}
|
}
}
// We have recipient IDs
| }
}
// We have recipient IDs
|
| Zeile 200 | Zeile 205 |
|---|
}
if(is_array($pm[$recipient_type]))
{
|
}
if(is_array($pm[$recipient_type]))
{
|
foreach($pm[$recipient_type] as $uid)
{
// Check that this recipient actually exists
$query = $db->simple_select("users", "*", "uid='".intval($uid)."'");
$user = $db->fetch_array($query);
if($recipient_type == "bccid")
{
| $recipientUids = array_map('intval', $pm[$recipient_type]);
$recipientUids = array_filter($recipientUids);
$recipientUids = "'".implode("','", $recipientUids)."'";
$query = $db->simple_select('users', '*', 'uid IN('.$recipientUids.')');
$validUids = array();
while ($user = $db->fetch_array($query)) {
if ($recipient_type == "bcc") {
|
$user['bcc'] = 1;
}
|
$user['bcc'] = 1;
}
|
if($user['uid'])
{
$recipients[] = $user;
}
else
{
|
$recipients[] = $user;
$validUids[] = $user['uid'];
}
foreach ($pm[$recipient_type] as $uid) {
if (!in_array($uid, $validUids) AND trim($uid)) {
|
$invalid_recipients[] = $uid;
}
}
}
}
|
$invalid_recipients[] = $uid;
}
}
}
}
|
}
| }
|
// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
|
// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
|
| Zeile 228 | Zeile 237 |
|---|
$invalid_recipients = implode(", ", array_map("htmlspecialchars_uni", $invalid_recipients));
$this->set_error("invalid_recipients", array($invalid_recipients));
return false;
|
$invalid_recipients = implode(", ", array_map("htmlspecialchars_uni", $invalid_recipients));
$this->set_error("invalid_recipients", array($invalid_recipients));
return false;
|
}
| }
|
$sender_permissions = user_permissions($pm['fromid']);
|
$sender_permissions = user_permissions($pm['fromid']);
|
| Zeile 243 | Zeile 252 |
|---|
{
// Collect group permissions for this recipient.
$recipient_permissions = user_permissions($user['uid']);
|
{
// Collect group permissions for this recipient.
$recipient_permissions = user_permissions($user['uid']);
|
|
|
// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator
| // See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator
|
| Zeile 253 | Zeile 262 |
|---|
if(!empty($ignorelist) && in_array($pm['fromid'], $ignorelist))
{
$this->set_error("recipient_is_ignoring", array($user['username']));
|
if(!empty($ignorelist) && in_array($pm['fromid'], $ignorelist))
{
$this->set_error("recipient_is_ignoring", array($user['username']));
|
}
| }
|
// Is the recipient only allowing private messages from their buddy list?
if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)
{
| // Is the recipient only allowing private messages from their buddy list?
if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)
{
|
| Zeile 263 | Zeile 272 |
|---|
{
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}
|
{
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}
|
}
| }
|
// Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft'])
{
| // Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft'])
{
|
| Zeile 272 | Zeile 281 |
|---|
return false;
}
}
|
return false;
}
}
|
|
|
// Check to see if the user has reached their private message quota - if they have, email them.
if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override)
{
| // Check to see if the user has reached their private message quota - if they have, email them.
if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override)
{
|
| Zeile 281 | Zeile 290 |
|---|
$uselang = trim($user['language']);
}
elseif($mybb->settings['bblanguage'])
|
$uselang = trim($user['language']);
}
elseif($mybb->settings['bblanguage'])
|
{
| {
|
$uselang = $mybb->settings['bblanguage'];
|
$uselang = $mybb->settings['bblanguage'];
|
}
| }
|
else
{
$uselang = "english";
}
if($uselang == $mybb->settings['bblanguage'] || !$uselang)
|
else
{
$uselang = "english";
}
if($uselang == $mybb->settings['bblanguage'] || !$uselang)
|
{
| {
|
$emailsubject = $lang->emailsubject_reachedpmquota;
$emailmessage = $lang->email_reachedpmquota;
}
| $emailsubject = $lang->emailsubject_reachedpmquota;
$emailmessage = $lang->email_reachedpmquota;
}
|
| Zeile 304 | Zeile 313 |
|---|
}
$emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
}
$emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
my_mail($user['email'], $emailsubject, $emailmessage);
|
$new_email = array(
"mailto" => $db->escape_string($user['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''
);
$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();
|
if($this->admin_override != true)
{
$this->set_error("recipient_reached_quota", array($user['username']));
}
}
|
if($this->admin_override != true)
{
$this->set_error("recipient_reached_quota", array($user['username']));
}
}
|
|
|
// Everything looks good, assign some specifics about the recipient
$pm['recipients'][$user['uid']] = array(
"uid" => $user['uid'],
| // Everything looks good, assign some specifics about the recipient
$pm['recipients'][$user['uid']] = array(
"uid" => $user['uid'],
|
| Zeile 322 | Zeile 341 |
|---|
"pmnotify" => $user['pmnotify'],
"language" => $user['language']
);
|
"pmnotify" => $user['pmnotify'],
"language" => $user['language']
);
|
|
|
// If this recipient is defined as a BCC recipient, save it
if($user['bcc'] == 1)
|
// If this recipient is defined as a BCC recipient, save it
if($user['bcc'] == 1)
|
{
| {
|
$pm['recipients'][$user['uid']]['bcc'] = 1;
}
}
return true;
}
|
$pm['recipients'][$user['uid']]['bcc'] = 1;
}
}
return true;
}
|
|
|
/**
* Verify that the user is not flooding the system.
*
| /**
* Verify that the user is not flooding the system.
*
|
| Zeile 342 | Zeile 361 |
|---|
global $mybb, $db;
$pm = &$this->data;
|
global $mybb, $db;
$pm = &$this->data;
|
|
|
// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)
{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);
|
// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)
{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);
|
|
|
// Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");
| // Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");
|
| Zeile 408 | Zeile 427 |
|---|
global $plugins;
$pm = &$this->data;
|
global $plugins;
$pm = &$this->data;
|
|
|
if(!$pm['savedraft'])
{
$this->verify_pm_flooding();
| if(!$pm['savedraft'])
{
$this->verify_pm_flooding();
|
| Zeile 420 | Zeile 439 |
|---|
$this->verify_sender();
$this->verify_recipient();
|
$this->verify_sender();
$this->verify_recipient();
|
$this->verify_message();
|
$this->verify_message();
|
$this->verify_options();
|
$this->verify_options();
|
$plugins->run_hooks_by_ref("datahandler_pm_validate", $this);
| $plugins->run_hooks("datahandler_pm_validate", $this);
|
// Choose the appropriate folder to save in.
if($pm['saveasdraft'])
|
// Choose the appropriate folder to save in.
if($pm['saveasdraft'])
|
| Zeile 435 | Zeile 454 |
|---|
else
{
$pm['folder'] = 1;
|
else
{
$pm['folder'] = 1;
|
}
| }
|
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
|
// We are done validating, return.
$this->set_validated(true);
if(count($this->get_errors()) > 0)
{
return false;
|
}
| }
|
else
{
return true;
| else
{
return true;
|
| Zeile 456 | Zeile 475 |
|---|
*/
function insert_pm()
{
|
*/
function insert_pm()
{
|
global $db, $mybb, $plugins, $lang;
| global $cache, $db, $mybb, $plugins, $lang;
|
// Yes, validating is required.
if(!$this->get_validated())
{
die("The PM needs to be validated before inserting it into the DB.");
|
// Yes, validating is required.
if(!$this->get_validated())
{
die("The PM needs to be validated before inserting it into the DB.");
|
}
| }
|
if(count($this->get_errors()) > 0)
{
die("The PM is not valid.");
| if(count($this->get_errors()) > 0)
{
die("The PM is not valid.");
|
| Zeile 476 | Zeile 495 |
|---|
if(!$pm['icon'] || $pm['icon'] < 0)
{
$pm['icon'] = 0;
|
if(!$pm['icon'] || $pm['icon'] < 0)
{
$pm['icon'] = 0;
|
}
$uid = 0;
| }
$uid = 0;
|
if(!is_array($pm['recipients']))
{
$recipient_list = array();
| if(!is_array($pm['recipients']))
{
$recipient_list = array();
|
| Zeile 500 | Zeile 519 |
|---|
}
}
}
|
}
}
}
|
$recipient_list = serialize($recipient_list);
| |
$this->pm_insert_data = array(
'fromid' => intval($pm['sender']['uid']),
|
$this->pm_insert_data = array(
'fromid' => intval($pm['sender']['uid']),
|
| Zeile 514 | Zeile 532 |
|---|
'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => intval($pm['options']['readreceipt']),
'readtime' => 0,
|
'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => intval($pm['options']['readreceipt']),
'readtime' => 0,
|
'recipients' => $db->escape_string($recipient_list)
| 'recipients' => $db->escape_string(serialize($recipient_list))
|
);
// Check if we're updating a draft or not.
| );
// Check if we're updating a draft or not.
|
| Zeile 529 | Zeile 547 |
|---|
// This draft was a reply to a PM
$pm['pmid'] = $draftcheck['deletetime'];
$pm['do'] = "reply";
|
// This draft was a reply to a PM
$pm['pmid'] = $draftcheck['deletetime'];
$pm['do'] = "reply";
|
}
| }
|
// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");
}
// Saving this message as a draft
if($pm['saveasdraft'])
|
// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");
}
// Saving this message as a draft
if($pm['saveasdraft'])
|
{
| {
|
$this->pm_insert_data['uid'] = $pm['sender']['uid'];
// If this is a reply, then piggyback into the deletetime to let us know in the future
| $this->pm_insert_data['uid'] = $pm['sender']['uid'];
// If this is a reply, then piggyback into the deletetime to let us know in the future
|
| Zeile 545 | Zeile 563 |
|---|
{
$this->pm_insert_data['deletetime'] = $pm['pmid'];
}
|
{
$this->pm_insert_data['deletetime'] = $pm['pmid'];
}
|
$plugins->run_hooks_by_ref("datahandler_pm_insert_updatedraft", $this);
|
$plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);
|
$db->insert_query("privatemessages", $this->pm_insert_data);
// If this is a draft, end it here - below deals with complete messages
| $db->insert_query("privatemessages", $this->pm_insert_data);
// If this is a draft, end it here - below deals with complete messages
|
| Zeile 554 | Zeile 572 |
|---|
"draftsaved" => 1
);
}
|
"draftsaved" => 1
);
}
|
|
|
// Save a copy of the PM for each of our recipients
foreach($pm['recipients'] as $recipient)
{
| // Save a copy of the PM for each of our recipients
foreach($pm['recipients'] as $recipient)
{
|
| Zeile 570 | Zeile 588 |
|---|
elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];
|
elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];
|
}
| }
|
else
{
$uselang = "english";
| else
{
$uselang = "english";
|
| Zeile 589 | Zeile 607 |
|---|
$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;
}
|
$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;
}
|
|
|
if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}
|
if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}
|
|
|
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
my_mail($recipient['email'], $emailsubject, $emailmessage);
|
$new_email = array(
"mailto" => $db->escape_string($recipient['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''
);
$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();
|
}
$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];
|
}
$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];
|
$plugins->run_hooks_by_ref("datahandler_pm_insert", $this);
| $plugins->run_hooks("datahandler_pm_insert", $this);
|
$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);
// If PM noices/alerts are on, show!
| $this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);
// If PM noices/alerts are on, show!
|
| Zeile 644 | Zeile 672 |
|---|
// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{
|
// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{
|
if(count($recipient_list['to']) == 1)
| if(isset($recipient_list['to']) && count($recipient_list['to']) == 1)
|
{
$this->pm_insert_data['toid'] = $uid;
}
| {
$this->pm_insert_data['toid'] = $uid;
}
|
| Zeile 657 | Zeile 685 |
|---|
$this->pm_insert_data['status'] = 1;
$this->pm_insert_data['receipt'] = 0;
|
$this->pm_insert_data['status'] = 1;
$this->pm_insert_data['receipt'] = 0;
|
$plugins->run_hooks_by_ref("datahandler_pm_insert_savedcopy", $this);
| $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);
|
$db->insert_query("privatemessages", $this->pm_insert_data);
// Because the sender saved a copy, update their total pm count
| $db->insert_query("privatemessages", $this->pm_insert_data);
// Because the sender saved a copy, update their total pm count
|