Vergleich inc/datahandlers/pm.php - 1.8.4 - 1.8.17

Zeile 50	Zeile 50
/** * PM ID currently being manipulated by the datahandlers.	/** * PM ID currently being manipulated by the datahandlers.
	* * @var int
*/ public $pmid = 0;	*/ public $pmid = 0;
Zeile 62	Zeile 64
/** * Verifies a private message subject.	/** * Verifies a private message subject.
*	*
* @return boolean True when valid, false when invalid. */ function verify_subject() { $subject = &$this->data['subject'];	* @return boolean True when valid, false when invalid. */ function verify_subject() { $subject = &$this->data['subject'];

// Subject is over 85 characters, too long. if(my_strlen($subject) > 85) { $this->set_error("too_long_subject");	// Subject is over 85 characters, too long. if(my_strlen($subject) > 85) { $this->set_error("too_long_subject");
return false; }	return false; }
// No subject, apply the default [no subject] if(!trim_blank_chrs($subject)) { $this->set_error("missing_subject");	// No subject, apply the default [no subject] if(!trim_blank_chrs($subject)) { $this->set_error("missing_subject");
return false; }	return false; }
return true; }	return true; }
Zeile 92	Zeile 94
function verify_message() { $message = &$this->data['message'];	function verify_message() { $message = &$this->data['message'];

// No message, return an error. if(trim_blank_chrs($message) == '')	// No message, return an error. if(trim_blank_chrs($message) == '')
{	{
$this->set_error("missing_message"); return false; }	$this->set_error("missing_message"); return false; }
	// If the length of message is beyond SQL limitation for 'text' field else if(strlen($message) > 65535) { $this->set_error("message_too_long", array('65535', strlen($message))); return false; }
return true; }	return true; }
Zeile 128	Zeile 138
// Check if the sender is over their quota or not - if they are, disable draft sending if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft'])) {	// Check if the sender is over their quota or not - if they are, disable draft sending if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft'])) {
if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)	if($sender_permissions['pmquota'] != 0 && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)
{ $pm['options']['savecopy'] = 0; }	{ $pm['options']['savecopy'] = 0; }
Zeile 269	Zeile 279
// If we have one or more invalid recipients and we're not saving a draft, error if(count($invalid_recipients) > 0) {	// If we have one or more invalid recipients and we're not saving a draft, error if(count($invalid_recipients) > 0) {
$invalid_recipients = implode(", ", array_map("htmlspecialchars_uni", $invalid_recipients));	$invalid_recipients = implode($lang->comma, array_map("htmlspecialchars_uni", $invalid_recipients));
$this->set_error("invalid_recipients", array($invalid_recipients)); return false; }	$this->set_error("invalid_recipients", array($invalid_recipients)); return false; }
Zeile 291	Zeile 301
// See if the sender is on the recipients ignore list and that either // - admin_override is set or // - sender is an administrator	// See if the sender is on the recipients ignore list and that either // - admin_override is set or // - sender is an administrator
if(($this->admin_override != true && $sender_permissions['cancp'] != 1) && $sender_permissions['canoverridepm'] != 1)	if($this->admin_override != true && $sender_permissions['canoverridepm'] != 1)
{	{
$ignorelist = explode(",", $user['ignorelist']); if(!empty($ignorelist) && in_array($pm['fromid'], $ignorelist))	if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{	{
$this->set_error("recipient_is_ignoring", array($user['username']));	$this->set_error("recipient_is_ignoring", array(htmlspecialchars_uni($user['username'])));
} // Is the recipient only allowing private messages from their buddy list?	} // Is the recipient only allowing private messages from their buddy list?
if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)	if(empty($pm['saveasdraft']) && $mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1 && !empty($user['buddylist']) && strpos(','.$user['buddylist'].',', ','.$pm['fromid'].',') === false)
{	{
$buddylist = explode(",", $user['buddylist']); if(!empty($buddylist) && !in_array($pm['fromid'], $buddylist)) { $this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username']))); }	$this->set_error('recipient_has_buddy_only', array(htmlspecialchars_uni($user['username'])));
} // Can the recipient actually receive private messages based on their permissions or user setting? if(($user['receivepms'] == 0 \|\| $recipient_permissions['canusepms'] == 0) && empty($pm['saveasdraft'])) {	} // Can the recipient actually receive private messages based on their permissions or user setting? if(($user['receivepms'] == 0 \|\| $recipient_permissions['canusepms'] == 0) && empty($pm['saveasdraft'])) {
$this->set_error("recipient_pms_disabled", array($user['username']));	$this->set_error("recipient_pms_disabled", array(htmlspecialchars_uni($user['username'])));
return false; } } // Check to see if the user has reached their private message quota - if they have, email them.	return false; } } // Check to see if the user has reached their private message quota - if they have, email them.
if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)	if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)
{ if(trim($user['language']) != '' && $lang->language_exists($user['language'])) {	{ if(trim($user['language']) != '' && $lang->language_exists($user['language'])) {
Zeile 362	Zeile 367
if($this->admin_override != true) {	if($this->admin_override != true) {
$this->set_error("recipient_reached_quota", array($user['username']));	$this->set_error("recipient_reached_quota", array(htmlspecialchars_uni($user['username'])));
} }	} }
Zeile 389	Zeile 394
/** * Verify that the user is not flooding the system. *	/** * Verify that the user is not flooding the system. *
* @return boolean True	* @return boolean
*/ function verify_pm_flooding() { global $mybb, $db;	*/ function verify_pm_flooding() { global $mybb, $db;
$pm = &$this->data;	$pm = &$this->data;
// Check if post flooding is enabled within MyBB or if the admin override option is specified.	// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)	if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))
{ // Fetch the senders profile data. $sender = get_user($pm['fromid']);	{ // Fetch the senders profile data. $sender = get_user($pm['fromid']);
Zeile 408	Zeile 413
$sender['lastpm'] = $db->fetch_field($query, "dateline"); // A little bit of calculation magic and moderator status checking.	$sender['lastpm'] = $db->fetch_field($query, "dateline"); // A little bit of calculation magic and moderator status checking.
if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'] && !is_moderator("", "", $pm['fromid']))	if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'])
{ // Oops, user has been flooding - throw back error message. $time_to_wait = ($mybb->settings['pmfloodsecs'] - (TIME_NOW-$sender['lastpm'])) + 1;	{ // Oops, user has been flooding - throw back error message. $time_to_wait = ($mybb->settings['pmfloodsecs'] - (TIME_NOW-$sender['lastpm'])) + 1;
Zeile 429	Zeile 434
/** * Verifies if the various 'options' for sending PMs are valid.	/** * Verifies if the various 'options' for sending PMs are valid.
* * @return boolean True when valid, false when invalid.	* * @return boolean True when valid, false when invalid.
*/ function verify_options() {	*/ function verify_options() {
Zeile 451	Zeile 456
} return true; }	} return true; }

/** * Validate an entire private message. *	/** * Validate an entire private message. *
Zeile 473	Zeile 478
$this->verify_sender();	$this->verify_sender();
$this->verify_recipient();	$this->verify_recipient();
$this->verify_message();	$this->verify_message();

$this->verify_options(); $plugins->run_hooks("datahandler_pm_validate", $this); // Choose the appropriate folder to save in.	$this->verify_options(); $plugins->run_hooks("datahandler_pm_validate", $this); // Choose the appropriate folder to save in.
if(!empty($pm['saveasdraft']))	if(!empty($pm['saveasdraft']))
{ $pm['folder'] = 3; }	{ $pm['folder'] = 3; }
Zeile 605	Zeile 610
} $plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);	} $plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);
$db->insert_query("privatemessages", $this->pm_insert_data);	$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data); $plugins->run_hooks("datahandler_pm_insert_updatedraft_commit", $this);
// If this is a draft, end it here - below deals with complete messages return array(	// If this is a draft, end it here - below deals with complete messages return array(
Zeile 626	Zeile 634
if($recipient['language'] != "" && $lang->language_exists($recipient['language'])) { $uselang = $recipient['language'];	if($recipient['language'] != "" && $lang->language_exists($recipient['language'])) { $uselang = $recipient['language'];
}	}
elseif($mybb->settings['bblanguage'])	elseif($mybb->settings['bblanguage'])
{	{
$uselang = $mybb->settings['bblanguage'];	$uselang = $mybb->settings['bblanguage'];
} else {	} else {
$uselang = "english"; } if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm))	$uselang = "english"; } if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm))
Zeile 648	Zeile 656
$userlang->load("messages"); $emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm;	$userlang->load("messages"); $emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm;
}	}
if(!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; }	if(!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; }

require_once MYBB_ROOT.'inc/class_parser.php'; $parser = new Postparser;	require_once MYBB_ROOT.'inc/class_parser.php'; $parser = new Postparser;
$pm['message'] = $parser->text_parse_message($pm['message'], array('me_username' => $pm['sender']['username'], 'filter_badwords' => 1, 'safe_html' => 1));	$parser_options = array( 'me_username' => $pm['sender']['username'], 'filter_badwords' => 1 ); $pm['message'] = $parser->text_parse_message($pm['message'], $parser_options);
$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);	$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);
Zeile 678	Zeile 692
$this->pm_insert_data['toid'] = $recipient['uid']; $plugins->run_hooks("datahandler_pm_insert", $this);	$this->pm_insert_data['toid'] = $recipient['uid']; $plugins->run_hooks("datahandler_pm_insert", $this);

$this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data);	$this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data);
	$plugins->run_hooks("datahandler_pm_insert_commit", $this);
// If PM noices/alerts are on, show! if($recipient['pmnotice'] == 1)	// If PM noices/alerts are on, show! if($recipient['pmnotice'] == 1)
Zeile 701	Zeile 718
{ $sql_array = array( 'status' => 3,	{ $sql_array = array( 'status' => 3,
'statustime' => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");	'statustime' => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
} elseif($pm['do'] == "forward") {	} elseif($pm['do'] == "forward") {
Zeile 712	Zeile 729
'statustime' => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");	'statustime' => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
}	}
} // If we're saving a copy	} // If we're saving a copy
Zeile 732	Zeile 749
$this->pm_insert_data['receipt'] = 0; $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);	$this->pm_insert_data['receipt'] = 0; $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);

$db->insert_query("privatemessages", $this->pm_insert_data);	$db->insert_query("privatemessages", $this->pm_insert_data);
	$plugins->run_hooks("datahandler_pm_insert_savedcopy_commit", $this);
// Because the sender saved a copy, update their total pm count require_once MYBB_ROOT."/inc/functions_user.php";	// Because the sender saved a copy, update their total pm count require_once MYBB_ROOT."/inc/functions_user.php";