Zeile 6 | Zeile 6 |
---|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* $Id: pm.php 5625 2011-10-02 19:16:35Z ralgith $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
Zeile 34 | Zeile 34 |
---|
* @var string */ public $language_prefix = 'pmdata';
|
* @var string */ public $language_prefix = 'pmdata';
|
|
|
/** * Array of data inserted in to a private message. * * @var array */ public $pm_insert_data = array();
|
/** * Array of data inserted in to a private message. * * @var array */ public $pm_insert_data = array();
|
/**
| /**
|
* Array of data used to update a private message. * * @var array */ public $pm_update_data = array();
|
* Array of data used to update a private message. * * @var array */ public $pm_update_data = array();
|
/**
| /**
|
* PM ID currently being manipulated by the datahandlers.
|
* PM ID currently being manipulated by the datahandlers.
|
*/ public $pmid = 0;
| */ public $pmid = 0;
|
/** * Verifies a private message subject.
|
/** * Verifies a private message subject.
|
* * @return boolean True when valid, false when invalid. */
| * * @return boolean True when valid, false when invalid. */
|
function verify_subject() { $subject = &$this->data['subject'];
| function verify_subject() { $subject = &$this->data['subject'];
|
Zeile 73 | Zeile 73 |
---|
if(!trim_blank_chrs($subject)) { $this->set_error("missing_subject");
|
if(!trim_blank_chrs($subject)) { $this->set_error("missing_subject");
|
return false; }
| return false; }
|
return true; }
/** * Verifies if a message for a PM is valid.
|
return true; }
/** * Verifies if a message for a PM is valid.
|
* * @return boolean True when valid, false when invalid. */
| * * @return boolean True when valid, false when invalid. */
|
function verify_message() { $message = &$this->data['message'];
| function verify_message() { $message = &$this->data['message'];
|
Zeile 98 | Zeile 98 |
---|
/** * Verifies if the specified sender is valid or not.
|
/** * Verifies if the specified sender is valid or not.
|
* * @return boolean True when valid, false when invalid. */
| * * @return boolean True when valid, false when invalid. */
|
function verify_sender() { global $db, $mybb, $lang;
| function verify_sender() { global $db, $mybb, $lang;
|
Zeile 122 | Zeile 122 |
---|
if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true) { $pm['options']['savecopy'] = 0;
|
if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true) { $pm['options']['savecopy'] = 0;
|
} }
| } }
|
// Assign the sender information to the data. $pm['sender'] = array( "uid" => $sender['uid'],
| // Assign the sender information to the data. $pm['sender'] = array( "uid" => $sender['uid'],
|
Zeile 141 | Zeile 141 |
---|
*/ function verify_recipient() {
|
*/ function verify_recipient() {
|
global $db, $mybb, $lang;
| global $cache, $db, $mybb, $lang;
|
$pm = &$this->data;
| $pm = &$this->data;
|
Zeile 151 | Zeile 151 |
---|
// We have our recipient usernames but need to fetch user IDs if(array_key_exists("to", $pm)) {
|
// We have our recipient usernames but need to fetch user IDs if(array_key_exists("to", $pm)) {
|
if((count($pm['to']) <= 0 || trim(implode("", $pm['to'])) == "") && !$pm['saveasdraft'])
| foreach(array("to", "bcc") as $recipient_type)
|
{
|
{
|
$this->set_error("no_recipients"); return false; }
| if(!isset($pm[$recipient_type])) { $pm[$recipient_type] = array(); } if(!is_array($pm[$recipient_type])) { $pm[$recipient_type] = array($pm[$recipient_type]); }
$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]); $pm[$recipient_type] = array_filter($pm[$recipient_type]);
// No recipients? Skip query if(empty($pm[$recipient_type])) { if($recipient_type == 'to' && !$pm['saveasdraft']) { $this->set_error("no_recipients"); return false; } continue; }
$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]); $recipientUsernames = "'".implode("','", $recipientUsernames)."'";
$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');
$validUsernames = array();
while($user = $db->fetch_array($query)) { if($recipient_type == "bcc") { $user['bcc'] = 1; }
$recipients[] = $user; $validUsernames[] = $user['username']; }
|
|
|
foreach(array("to", "bcc") as $recipient_type)
| foreach($pm[$recipient_type] as $username) { if(!in_array($username, $validUsernames)) { $invalid_recipients[] = $username; } } } } // We have recipient IDs else { foreach(array("toid", "bccid") as $recipient_type)
|
{
|
{
|
| if(!isset($pm[$recipient_type])) { $pm[$recipient_type] = array(); }
|
if(!is_array($pm[$recipient_type]))
|
if(!is_array($pm[$recipient_type]))
|
{
| {
|
$pm[$recipient_type] = array($pm[$recipient_type]); }
|
$pm[$recipient_type] = array($pm[$recipient_type]); }
|
foreach($pm[$recipient_type] as $username) { $username = trim($username); if(empty($username)) { continue; } // Check that this recipient actually exists $query = $db->simple_select("users", "*", "username='".$db->escape_string($username)."'"); $user = $db->fetch_array($query); if($recipient_type == "bcc") { $user['bcc'] = 1; } if($user['uid']) { $recipients[] = $user; } else { $invalid_recipients[] = $username; } } } } // We have recipient IDs else { foreach(array("toid", "bccid") as $recipient_type) { if(count($pm['toid']) <= 0) { $this->set_error("no_recipients"); return false; } if(is_array($pm[$recipient_type]))
| $pm[$recipient_type] = array_map('intval', $pm[$recipient_type]); $pm[$recipient_type] = array_filter($pm[$recipient_type]);
// No recipients? Skip query if(empty($pm[$recipient_type])) { if($recipient_type == 'toid' && !$pm['saveasdraft']) { $this->set_error("no_recipients"); return false; } continue; }
$recipientUids = "'".implode("','", $pm[$recipient_type])."'";
$query = $db->simple_select('users', '*', 'uid IN('.$recipientUids.')');
$validUids = array();
while($user = $db->fetch_array($query)) { if($recipient_type == "bccid") { $user['bcc'] = 1; }
$recipients[] = $user; $validUids[] = $user['uid']; }
foreach($pm[$recipient_type] as $uid)
|
{
|
{
|
foreach($pm[$recipient_type] as $uid)
| if(!in_array($uid, $validUids))
|
{
|
{
|
// Check that this recipient actually exists $query = $db->simple_select("users", "*", "uid='".intval($uid)."'"); $user = $db->fetch_array($query); if($recipient_type == "bccid") { $user['bcc'] = 1; } if($user['uid']) { $recipients[] = $user; } else { $invalid_recipients[] = $uid; }
| $invalid_recipients[] = $uid;
|
} } }
| } } }
|
Zeile 243 | Zeile 278 |
---|
{ // Collect group permissions for this recipient. $recipient_permissions = user_permissions($user['uid']);
|
{ // Collect group permissions for this recipient. $recipient_permissions = user_permissions($user['uid']);
|
|
|
// See if the sender is on the recipients ignore list and that either // - admin_override is set or // - sender is an administrator
| // See if the sender is on the recipients ignore list and that either // - admin_override is set or // - sender is an administrator
|
Zeile 254 | Zeile 289 |
---|
{ $this->set_error("recipient_is_ignoring", array($user['username'])); }
|
{ $this->set_error("recipient_is_ignoring", array($user['username'])); }
|
|
|
// Is the recipient only allowing private messages from their buddy list? if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1) {
| // Is the recipient only allowing private messages from their buddy list? if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1) {
|
Zeile 264 | Zeile 299 |
---|
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username']))); } }
|
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username']))); } }
|
|
|
// Can the recipient actually receive private messages based on their permissions or user setting? if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft']) {
| // Can the recipient actually receive private messages based on their permissions or user setting? if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft']) {
|
Zeile 272 | Zeile 307 |
---|
return false; } }
|
return false; } }
|
|
|
// Check to see if the user has reached their private message quota - if they have, email them. if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override) {
| // Check to see if the user has reached their private message quota - if they have, email them. if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override) {
|
Zeile 304 | Zeile 339 |
---|
} $emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
} $emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
my_mail($user['email'], $emailsubject, $emailmessage);
| $new_email = array( "mailto" => $db->escape_string($user['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => '' );
$db->insert_query("mailqueue", $new_email); $cache->update_mailqueue();
|
if($this->admin_override != true) { $this->set_error("recipient_reached_quota", array($user['username'])); } }
|
if($this->admin_override != true) { $this->set_error("recipient_reached_quota", array($user['username'])); } }
|
|
|
// Everything looks good, assign some specifics about the recipient $pm['recipients'][$user['uid']] = array( "uid" => $user['uid'],
| // Everything looks good, assign some specifics about the recipient $pm['recipients'][$user['uid']] = array( "uid" => $user['uid'],
|
Zeile 322 | Zeile 367 |
---|
"pmnotify" => $user['pmnotify'], "language" => $user['language'] );
|
"pmnotify" => $user['pmnotify'], "language" => $user['language'] );
|
|
|
// If this recipient is defined as a BCC recipient, save it if($user['bcc'] == 1) { $pm['recipients'][$user['uid']]['bcc'] = 1;
|
// If this recipient is defined as a BCC recipient, save it if($user['bcc'] == 1) { $pm['recipients'][$user['uid']]['bcc'] = 1;
|
} } return true;
| } } return true;
|
}
|
}
|
|
|
/** * Verify that the user is not flooding the system. * * @return boolean True */ function verify_pm_flooding()
|
/** * Verify that the user is not flooding the system. * * @return boolean True */ function verify_pm_flooding()
|
{
| {
|
global $mybb, $db;
|
global $mybb, $db;
|
|
|
$pm = &$this->data;
|
$pm = &$this->data;
|
|
|
// Check if post flooding is enabled within MyBB or if the admin override option is specified. if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false) { // Fetch the senders profile data. $sender = get_user($pm['fromid']);
|
// Check if post flooding is enabled within MyBB or if the admin override option is specified. if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false) { // Fetch the senders profile data. $sender = get_user($pm['fromid']);
|
|
|
// Calculate last post $query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1)); $sender['lastpm'] = $db->fetch_field($query, "dateline");
| // Calculate last post $query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1)); $sender['lastpm'] = $db->fetch_field($query, "dateline");
|
Zeile 372 | Zeile 417 |
---|
// All is well that ends well - return true. return true; }
|
// All is well that ends well - return true. return true; }
|
|
|
/** * Verifies if the various 'options' for sending PMs are valid. *
| /** * Verifies if the various 'options' for sending PMs are valid. *
|
Zeile 388 | Zeile 433 |
---|
// Requesting a read receipt? if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
|
// Requesting a read receipt? if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
|
{
| {
|
$options['readreceipt'] = 1;
|
$options['readreceipt'] = 1;
|
}
| }
|
else { $options['readreceipt'] = 0; } return true;
|
else { $options['readreceipt'] = 0; } return true;
|
}
| }
|
/** * Validate an entire private message.
| /** * Validate an entire private message.
|
Zeile 404 | Zeile 449 |
---|
* @return boolean True when valid, false when invalid. */ function validate_pm()
|
* @return boolean True when valid, false when invalid. */ function validate_pm()
|
{
| {
|
global $plugins;
|
global $plugins;
|
|
|
$pm = &$this->data;
|
$pm = &$this->data;
|
|
|
if(!$pm['savedraft']) { $this->verify_pm_flooding();
|
if(!$pm['savedraft']) { $this->verify_pm_flooding();
|
}
| }
|
// Verify all PM assets. $this->verify_subject();
|
// Verify all PM assets. $this->verify_subject();
|
|
|
$this->verify_sender();
|
$this->verify_sender();
|
|
|
$this->verify_recipient();
|
$this->verify_recipient();
|
$this->verify_message();
| $this->verify_message();
|
$this->verify_options();
|
$this->verify_options();
|
$plugins->run_hooks_by_ref("datahandler_pm_validate", $this);
| $plugins->run_hooks("datahandler_pm_validate", $this);
|
// Choose the appropriate folder to save in. if($pm['saveasdraft']) { $pm['folder'] = 3;
|
// Choose the appropriate folder to save in. if($pm['saveasdraft']) { $pm['folder'] = 3;
|
}
| }
|
else { $pm['folder'] = 1;
| else { $pm['folder'] = 1;
|
Zeile 439 | Zeile 484 |
---|
// We are done validating, return. $this->set_validated(true);
|
// We are done validating, return. $this->set_validated(true);
|
if(count($this->get_errors()) > 0)
| if(count($this->get_errors()) > 0)
|
{ return false; }
| { return false; }
|
Zeile 456 | Zeile 501 |
---|
*/ function insert_pm() {
|
*/ function insert_pm() {
|
global $db, $mybb, $plugins, $lang;
| global $cache, $db, $mybb, $plugins, $lang;
|
// Yes, validating is required. if(!$this->get_validated())
| // Yes, validating is required. if(!$this->get_validated())
|
Zeile 464 | Zeile 509 |
---|
die("The PM needs to be validated before inserting it into the DB."); } if(count($this->get_errors()) > 0)
|
die("The PM needs to be validated before inserting it into the DB."); } if(count($this->get_errors()) > 0)
|
{
| {
|
die("The PM is not valid."); }
| die("The PM is not valid."); }
|
Zeile 476 | Zeile 521 |
---|
if(!$pm['icon'] || $pm['icon'] < 0) { $pm['icon'] = 0;
|
if(!$pm['icon'] || $pm['icon'] < 0) { $pm['icon'] = 0;
|
}
$uid = 0;
| }
$uid = 0;
|
if(!is_array($pm['recipients'])) { $recipient_list = array();
| if(!is_array($pm['recipients'])) { $recipient_list = array();
|
Zeile 500 | Zeile 545 |
---|
} } }
|
} } }
|
$recipient_list = serialize($recipient_list);
| |
$this->pm_insert_data = array( 'fromid' => intval($pm['sender']['uid']),
| $this->pm_insert_data = array( 'fromid' => intval($pm['sender']['uid']),
|
Zeile 514 | Zeile 558 |
---|
'smilieoff' => $pm['options']['disablesmilies'], 'receipt' => intval($pm['options']['readreceipt']), 'readtime' => 0,
|
'smilieoff' => $pm['options']['disablesmilies'], 'receipt' => intval($pm['options']['readreceipt']), 'readtime' => 0,
|
'recipients' => $db->escape_string($recipient_list)
| 'recipients' => $db->escape_string(serialize($recipient_list))
|
);
// Check if we're updating a draft or not.
| );
// Check if we're updating a draft or not.
|
Zeile 529 | Zeile 573 |
---|
// This draft was a reply to a PM $pm['pmid'] = $draftcheck['deletetime']; $pm['do'] = "reply";
|
// This draft was a reply to a PM $pm['pmid'] = $draftcheck['deletetime']; $pm['do'] = "reply";
|
}
| }
|
// Delete the old draft as we no longer need it $db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'"); }
| // Delete the old draft as we no longer need it $db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'"); }
|
Zeile 546 | Zeile 590 |
---|
$this->pm_insert_data['deletetime'] = $pm['pmid']; }
|
$this->pm_insert_data['deletetime'] = $pm['pmid']; }
|
$plugins->run_hooks_by_ref("datahandler_pm_insert_updatedraft", $this);
| $plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);
|
$db->insert_query("privatemessages", $this->pm_insert_data);
// If this is a draft, end it here - below deals with complete messages
| $db->insert_query("privatemessages", $this->pm_insert_data);
// If this is a draft, end it here - below deals with complete messages
|
Zeile 570 | Zeile 614 |
---|
elseif($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage'];
|
elseif($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage'];
|
} else {
| } else {
|
$uselang = "english"; } if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm)) { $emailsubject = $lang->emailsubject_newpm; $emailmessage = $lang->email_newpm;
|
$uselang = "english"; } if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm)) { $emailsubject = $lang->emailsubject_newpm; $emailmessage = $lang->email_newpm;
|
}
| }
|
else { $userlang = new MyLanguage;
| else { $userlang = new MyLanguage;
|
Zeile 589 | Zeile 633 |
---|
$emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm; }
|
$emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm; }
|
|
|
if(!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; }
|
if(!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; }
|
|
|
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);
|
my_mail($recipient['email'], $emailsubject, $emailmessage);
| $new_email = array( "mailto" => $db->escape_string($recipient['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => '' );
$db->insert_query("mailqueue", $new_email); $cache->update_mailqueue();
|
}
$this->pm_insert_data['uid'] = $recipient['uid']; $this->pm_insert_data['toid'] = $recipient['uid'];
|
}
$this->pm_insert_data['uid'] = $recipient['uid']; $this->pm_insert_data['toid'] = $recipient['uid'];
|
$plugins->run_hooks_by_ref("datahandler_pm_insert", $this);
| $plugins->run_hooks("datahandler_pm_insert", $this);
|
$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);
// If PM noices/alerts are on, show!
| $this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);
// If PM noices/alerts are on, show!
|
Zeile 644 | Zeile 698 |
---|
// If we're saving a copy if($pm['options']['savecopy'] != 0) {
|
// If we're saving a copy if($pm['options']['savecopy'] != 0) {
|
if(count($recipient_list['to']) == 1)
| if(isset($recipient_list['to']) && count($recipient_list['to']) == 1)
|
{ $this->pm_insert_data['toid'] = $uid; }
| { $this->pm_insert_data['toid'] = $uid; }
|
Zeile 657 | Zeile 711 |
---|
$this->pm_insert_data['status'] = 1; $this->pm_insert_data['receipt'] = 0;
|
$this->pm_insert_data['status'] = 1; $this->pm_insert_data['receipt'] = 0;
|
$plugins->run_hooks_by_ref("datahandler_pm_insert_savedcopy", $this);
| $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);
|
$db->insert_query("privatemessages", $this->pm_insert_data);
// Because the sender saved a copy, update their total pm count
| $db->insert_query("privatemessages", $this->pm_insert_data);
// Because the sender saved a copy, update their total pm count
|