Vergleich private.php - 1.8.15 - 1.8.16

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
	eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
	eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");

eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");

// Make navigation
add_breadcrumb($lang->nav_pms, "private.php");

// Make navigation
add_breadcrumb($lang->nav_pms, "private.php");

{
	case "send":
		add_breadcrumb($lang->nav_send);

{
	case "send":
		add_breadcrumb($lang->nav_send);

	case "tracking":
		add_breadcrumb($lang->nav_tracking);
		break;

	case "tracking":
		add_breadcrumb($lang->nav_tracking);
		break;

	}

	if($mybb->get_input('message', MyBB::INPUT_INT) == 1)

	}

	if($mybb->get_input('message', MyBB::INPUT_INT) == 1)

		$resulttype = "pmmessages";
	}
	else

		$resulttype = "pmmessages";
	}
	else

	else
	{
		$sortby = "dateline";

	else
	{
		$sortby = "dateline";

	if(my_strtolower($mybb->get_input('sortordr')) == "asc")
	{
		$sortorder = "asc";

	if(my_strtolower($mybb->get_input('sortordr')) == "asc")
	{
		$sortorder = "asc";

	if(in_array($sortby, $sortby_accepted))
	{
		$query_sortby = $sortby;

	if(in_array($sortby, $sortby_accepted))
	{
		$query_sortby = $sortby;

		if($query_sortby == "username")
		{
			$query_sortby = "fromusername";
		}

		if($query_sortby == "username")
		{
			$query_sortby = "fromusername";
		}

	else

	else

		$sortby = $query_sortby = "dateline";

		$sortby = $query_sortby = "dateline";

	if($order != "asc")
	{

	if($order != "asc")
	{

	}

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	}

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

		$mybb->settings['threadsperpage'] = 20;
	}

		$mybb->settings['threadsperpage'] = 20;
	}

		}

		if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

		}

		if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

			$get_users = array_merge($get_users, $recipients['bcc']);
		}
	}

			$get_users = array_merge($get_users, $recipients['bcc']);
		}
	}

		{
			$msgstatus = 'new_pm';
			$msgalt = $lang->new_pm;

		{
			$msgstatus = 'new_pm';
			$msgalt = $lang->new_pm;

		else if($message['status'] == 1)
		{
			$msgstatus = 'old_pm';
			$msgalt = $lang->old_pm;

		else if($message['status'] == 1)
		{
			$msgstatus = 'old_pm';
			$msgalt = $lang->old_pm;

		else if($message['status'] == 3)

		else if($message['status'] == 3)

			$msgstatus = 're_pm';
			$msgalt = $lang->reply_pm;
		}

			$msgstatus = 're_pm';
			$msgalt = $lang->reply_pm;
		}

		{
			$msgstatus = 'fw_pm';
			$msgalt = $lang->fwd_pm;

		{
			$msgstatus = 'fw_pm';
			$msgalt = $lang->fwd_pm;

		$tofromuid = 0;
		if($folder == 2 || $folder == 3)
		{

		$tofromuid = 0;
		if($folder == 2 || $folder == 3)
		{

			{
				$tofromusername = $lang->mybb_engine;
			}

			{
				$tofromusername = $lang->mybb_engine;
			}

		$denyreceipt = '';

		$denyreceipt = '';

		if($message['icon'] > 0 && $icon_cache[$message['icon']])

		if($message['icon'] > 0 && $icon_cache[$message['icon']])

			$icon = $icon_cache[$message['icon']];
			$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);
			$icon['path'] = htmlspecialchars_uni($icon['path']);

			$icon = $icon_cache[$message['icon']];
			$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);
			$icon['path'] = htmlspecialchars_uni($icon['path']);

		}

		if(!trim($message['subject']))

		}

		if(!trim($message['subject']))

			$message['subject'] = $lang->pm_no_subject;
		}

			$message['subject'] = $lang->pm_no_subject;
		}

	eval("\$results = \"".$templates->get("private_search_results")."\";");
	output_page($results);

	eval("\$results = \"".$templates->get("private_search_results")."\";");
	output_page($results);

if($mybb->input['action'] == "advanced_search")

if($mybb->input['action'] == "advanced_search")

	$plugins->run_hooks("private_advanced_search");

	$plugins->run_hooks("private_advanced_search");

	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");

	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");

	output_page($advanced_search);
}

	output_page($advanced_search);
}

if($mybb->input['action'] == "dismiss_notice")
{
	if($mybb->user['pmnotice'] != 2)

if($mybb->input['action'] == "dismiss_notice")
{
	if($mybb->user['pmnotice'] != 2)

	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	// Verify incoming POST request
	verify_post_check($mybb->get_input('my_post_key'));

	$updated_user = array(
		"pmnotice" => 1
	);

	$updated_user = array(
		"pmnotice" => 1
	);

	if(!empty($mybb->input['ajax']))
	{
		echo 1;

	if(!empty($mybb->input['ajax']))
	{
		echo 1;

	}
	else
	{
		header("Location: index.php");
		exit;

	}
	else
	{
		header("Location: index.php");
		exit;

}

$send_errors = '';

}

$send_errors = '';

	{
		$pm['bcc'] = explode(",", $mybb->get_input('bcc'));
		$pm['bcc'] = array_map("trim", $pm['bcc']);

	{
		$pm['bcc'] = explode(",", $mybb->get_input('bcc'));
		$pm['bcc'] = array_map("trim", $pm['bcc']);

	$mybb->input['options'] = $mybb->get_input('options', MyBB::INPUT_ARRAY);

	$mybb->input['options'] = $mybb->get_input('options', MyBB::INPUT_ARRAY);

	if(!$mybb->usergroup['cantrackpms'])

	if(!$mybb->usergroup['cantrackpms'])

		$mybb->input['options']['readreceipt'] = false;

		$mybb->input['options']['readreceipt'] = false;

	$pm['options'] = array();
	if(isset($mybb->input['options']['signature']) && $mybb->input['options']['signature'] == 1)

	$pm['options'] = array();
	if(isset($mybb->input['options']['signature']) && $mybb->input['options']['signature'] == 1)

		$pm['options']['signature'] = 1;
	}
	else
	{
		$pm['options']['signature'] = 0;

		$pm['options']['signature'] = 1;
	}
	else
	{
		$pm['options']['signature'] = 0;

	if(isset($mybb->input['options']['disablesmilies']))
	{
		$pm['options']['disablesmilies'] = $mybb->input['options']['disablesmilies'];

	if(isset($mybb->input['options']['disablesmilies']))
	{
		$pm['options']['disablesmilies'] = $mybb->input['options']['disablesmilies'];

	{
		$pminfo = $pmhandler->insert_pm();
		$plugins->run_hooks("private_do_send_end");

	{
		$pminfo = $pmhandler->insert_pm();
		$plugins->run_hooks("private_do_send_end");

		if(isset($pminfo['draftsaved']))

		if(isset($pminfo['draftsaved']))

			redirect("private.php", $lang->redirect_pmsaved);

			redirect("private.php", $lang->redirect_pmsaved);

		else
		{
			redirect("private.php", $lang->redirect_pmsent);

		else
		{
			redirect("private.php", $lang->redirect_pmsent);

	if($mybb->usergroup['cansendpms'] == 0)
	{
		error_no_permission();

	if($mybb->usergroup['cansendpms'] == 0)
	{
		error_no_permission();

	$plugins->run_hooks("private_send_start");

	$smilieinserter = $codebuttons = '';

	$plugins->run_hooks("private_send_start");

	$smilieinserter = $codebuttons = '';

			$optionschecked['disablesmilies'] = 'checked="checked"';
		}
		if(isset($options['savecopy']) && $options['savecopy'] != 0)

			$optionschecked['disablesmilies'] = 'checked="checked"';
		}
		if(isset($options['savecopy']) && $options['savecopy'] != 0)

			$optionschecked['savecopy'] = 'checked="checked"';
		}
		if(isset($options['readreceipt']) && $options['readreceipt'] != 0)

			$optionschecked['savecopy'] = 'checked="checked"';
		}
		if(isset($options['readreceipt']) && $options['readreceipt'] != 0)

		}
		$post['smilieoff'] = $options['disablesmilies'];
		$post['dateline'] = TIME_NOW;

		}
		$post['smilieoff'] = $options['disablesmilies'];
		$post['dateline'] = TIME_NOW;

		if(!isset($options['signature']))
		{
			$post['includesig'] = 0;

		if(!isset($options['signature']))
		{
			$post['includesig'] = 0;

		if($mybb->user['signature'] != '')
		{
			$optionschecked['signature'] = 'checked="checked"';

		if($mybb->user['signature'] != '')
		{
			$optionschecked['signature'] = 'checked="checked"';

		if($mybb->usergroup['cantrackpms'] == 1)
		{
			$optionschecked['readreceipt'] = 'checked="checked"';

		if($mybb->usergroup['cantrackpms'] == 1)
		{
			$optionschecked['readreceipt'] = 'checked="checked"';

			LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
			WHERE pm.pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND pm.uid='{$mybb->user['uid']}'
		");

			LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
			WHERE pm.pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND pm.uid='{$mybb->user['uid']}'
		");

		$pm = $db->fetch_array($query);
		$message = htmlspecialchars_uni($parser->parse_badwords($pm['message']));
		$subject = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

		$pm = $db->fetch_array($query);
		$message = htmlspecialchars_uni($parser->parse_badwords($pm['message']));
		$subject = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

		if((TIME_NOW - $pm['statustime']) < 3600)
		{
			$forward_string = $lang->you_forwarded;

		if((TIME_NOW - $pm['statustime']) < 3600)
		{
			$forward_string = $lang->you_forwarded;

		$actioned_on = $lang->sprintf($forward_string, $forward_date);
		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
	}

		$actioned_on = $lang->sprintf($forward_string, $forward_date);
		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
	}

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
	if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
	if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)

		$show_bcc = 1;
		$uid_sql .= ','.implode(',', $pm['recipients']['bcc']);
	}

		$show_bcc = 1;
		$uid_sql .= ','.implode(',', $pm['recipients']['bcc']);
	}

	else
	{
		$bcc_form_val = '';

	else
	{
		$bcc_form_val = '';

	$replyall = false;
	if(count($to_recipients) > 1)
	{

	$replyall = false;
	if(count($to_recipients) > 1)
	{

		if($mybb->usergroup['cantrackpms'] == 1)
		{
			$optionschecked['readreceipt'] = 'checked="checked"';

		if($mybb->usergroup['cantrackpms'] == 1)
		{
			$optionschecked['readreceipt'] = 'checked="checked"';

		require_once MYBB_ROOT.'inc/functions_posting.php';

		require_once MYBB_ROOT.'inc/functions_posting.php';

			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
		}

			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
		}

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
	}

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
	}

			{ // Sent Items or Drafts Folder Check
				$recipients = my_unserialize($message['recipients']);
				$to_users = $bcc_users = '';

			{ // Sent Items or Drafts Folder Check
				$recipients = my_unserialize($message['recipients']);
				$to_users = $bcc_users = '';

				{
					foreach($recipients['to'] as $uid)
					{

				{
					foreach($recipients['to'] as $uid)
					{