Vergleich private.php - 1.8.17 - 1.8.18

Zeile 278	Zeile 278
{ $mybb->settings['threadsperpage'] = 20; }	{ $mybb->settings['threadsperpage'] = 20; }
	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")"); $pmscount = $db->fetch_field($query, "total");
// Work out pagination, which page we're at, as well as the limits. $perpage = $mybb->settings['threadsperpage'];	// Work out pagination, which page we're at, as well as the limits. $perpage = $mybb->settings['threadsperpage'];
Zeile 285	Zeile 288
if($page > 0) { $start = ($page-1) * $perpage;	if($page > 0) { $start = ($page-1) * $perpage;
	$pages = ceil($pmscount / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else { $start = 0; $page = 1;	} else { $start = 0; $page = 1;
}	}
$end = $start + $perpage; $lower = $start+1; $upper = $end;	$end = $start + $perpage; $lower = $start+1; $upper = $end;
Zeile 303	Zeile 312
} // Do Multi Pages	} // Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")"); $pmscount = $db->fetch_array($query);
if($upper > $pmscount) { $upper = $pmscount;	if($upper > $pmscount) { $upper = $pmscount;
} $multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby={$sortby}&order={$order}");	} $multipage = multipage($pmscount, $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby={$sortby}&order={$order}");
$messagelist = ''; $icon_cache = $cache->read("posticons");	$messagelist = ''; $icon_cache = $cache->read("posticons");
Zeile 368	Zeile 374
{ $msgstatus = 'old_pm'; $msgalt = $lang->old_pm;	{ $msgstatus = 'old_pm'; $msgalt = $lang->old_pm;
}	}
else if($message['status'] == 3) { $msgstatus = 're_pm';	else if($message['status'] == 3) { $msgstatus = 're_pm';
Zeile 379	Zeile 385
$msgstatus = 'fw_pm'; $msgalt = $lang->fwd_pm; }	$msgstatus = 'fw_pm'; $msgalt = $lang->fwd_pm; }

$folder = $message['folder']; $tofromuid = 0;	$folder = $message['folder']; $tofromuid = 0;
Zeile 397	Zeile 403
$user['username'] = htmlspecialchars_uni($user['username']); $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");	$user['username'] = htmlspecialchars_uni($user['username']); $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}	}
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc'])) { eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");	if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc'])) { eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
Zeile 453	Zeile 459
if(!trim($message['subject'])) { $message['subject'] = $lang->pm_no_subject;	if(!trim($message['subject'])) { $message['subject'] = $lang->pm_no_subject;
} $message['subject'] = $parser->parse_badwords($message['subject']);	} $message['subject'] = $parser->parse_badwords($message['subject']);
if(my_strlen($message['subject']) > 50) {	if(my_strlen($message['subject']) > 50) {
Zeile 512	Zeile 518
eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";"); output_page($advanced_search);	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";"); output_page($advanced_search);
}	}
// Dismissing a new/unread PM notice if($mybb->input['action'] == "dismiss_notice") {	// Dismissing a new/unread PM notice if($mybb->input['action'] == "dismiss_notice") {
Zeile 558	Zeile 564
// Attempt to see if this PM is a duplicate or not $to = array_map("trim", explode(",", $mybb->get_input('to')));	// Attempt to see if this PM is a duplicate or not $to = array_map("trim", explode(",", $mybb->get_input('to')));
	$to = array_unique($to); // Filter out any duplicates
$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to))); $time_cutoff = TIME_NOW - (5 * 60 * 60); $query = $db->query("	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to))); $time_cutoff = TIME_NOW - (5 * 60 * 60); $query = $db->query("
Zeile 704	Zeile 711
{ $optionschecked['readreceipt'] = 'checked="checked"'; }	{ $optionschecked['readreceipt'] = 'checked="checked"'; }
$to = htmlspecialchars_uni($mybb->get_input('to')); $bcc = htmlspecialchars_uni($mybb->get_input('bcc'));	$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to')))))); $bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));
} $preview = '';	} $preview = '';
Zeile 924	Zeile 931
if($send_errors) {	if($send_errors) {
$to = htmlspecialchars_uni($mybb->get_input('to')); $bcc = htmlspecialchars_uni($mybb->get_input('bcc'));	$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to')))))); $bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));
} // Load the auto complete javascript if it is enabled.	} // Load the auto complete javascript if it is enabled.
Zeile 1215	Zeile 1222
eval("\$read = \"".$templates->get("private_read")."\";"); output_page($read);	eval("\$read = \"".$templates->get("private_read")."\";"); output_page($read);
}	}
if($mybb->input['action'] == "tracking") {	if($mybb->input['action'] == "tracking") {
Zeile 1271	Zeile 1278
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid) WHERE pm.receipt='2' AND pm.folder!='3' AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."' ORDER BY pm.readtime DESC	LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid) WHERE pm.receipt='2' AND pm.folder!='3' AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."' ORDER BY pm.readtime DESC
LIMIT {$start}, {$perpage} ");	LIMIT {$start}, {$perpage} ");
while($readmessage = $db->fetch_array($query)) { $readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));	while($readmessage = $db->fetch_array($query)) { $readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));
Zeile 1358	Zeile 1365
} if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")	} if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")
{	{
// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_do_tracking_start"); if(!empty($mybb->input['stoptracking'])) { $mybb->input['readcheck'] = $mybb->get_input('readcheck', MyBB::INPUT_ARRAY); if(!empty($mybb->input['readcheck']))	$plugins->run_hooks("private_do_tracking_start"); if(!empty($mybb->input['stoptracking'])) { $mybb->input['readcheck'] = $mybb->get_input('readcheck', MyBB::INPUT_ARRAY); if(!empty($mybb->input['readcheck']))
{	{
foreach($mybb->input['readcheck'] as $key => $val) { $sql_array = array(	foreach($mybb->input['readcheck'] as $key => $val) { $sql_array = array(
Zeile 1386	Zeile 1393
if(!empty($mybb->input['unreadcheck'])) { foreach($mybb->input['unreadcheck'] as $key => $val)	if(!empty($mybb->input['unreadcheck'])) { foreach($mybb->input['unreadcheck'] as $key => $val)
{	{
$sql_array = array( "receipt" => 0 );	$sql_array = array( "receipt" => 0 );
Zeile 1444	Zeile 1451
if($mybb->input['action'] == "folders") { $plugins->run_hooks("private_folders_start");	if($mybb->input['action'] == "folders") { $plugins->run_hooks("private_folders_start");
$folderlist = ''; $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {	$folderlist = ''; $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
$folderinfo = explode("**", $folders, 2); $foldername = $folderinfo[1]; $fid = $folderinfo[0];	$folderinfo = explode("**", $folders, 2); $foldername = $folderinfo[1]; $fid = $folderinfo[0];
Zeile 1472	Zeile 1479
$fid = "new$i"; $foldername = ''; eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");	$fid = "new$i"; $foldername = ''; eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");
}	}
$plugins->run_hooks("private_folders_end");	$plugins->run_hooks("private_folders_end");

eval("\$folders = \"".$templates->get("private_folders")."\";"); output_page($folders); }	eval("\$folders = \"".$templates->get("private_folders")."\";"); output_page($folders); }

if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post") { // Verify incoming POST request	if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post") { // Verify incoming POST request
Zeile 1501	Zeile 1508
$fid = (int)$highestid; } else // Editing an existing folder	$fid = (int)$highestid; } else // Editing an existing folder
{	{
if($key > $highestid) { $highestid = $key;	if($key > $highestid) { $highestid = $key;
Zeile 1588	Zeile 1595
if($mybb->user['totalpms'] == 0) { error($lang->error_nopms);	if($mybb->user['totalpms'] == 0) { error($lang->error_nopms);
} $plugins->run_hooks("private_empty_start");	} $plugins->run_hooks("private_empty_start");
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); $folderlist = '';	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); $folderlist = '';
Zeile 1612	Zeile 1619
} if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")	} if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $plugins->run_hooks("private_do_empty_start");	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); $plugins->run_hooks("private_do_empty_start");
$emptyq = ''; $mybb->input['empty'] = $mybb->get_input('empty', MyBB::INPUT_ARRAY); $keepunreadq = '';	$emptyq = ''; $mybb->input['empty'] = $mybb->get_input('empty', MyBB::INPUT_ARRAY); $keepunreadq = '';
Zeile 1675	Zeile 1682
"folder" => $mybb->input['fid'] ); $db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");	"folder" => $mybb->input['fid'] ); $db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");
} } // Update PM count update_pm_count(); if(!empty($mybb->input['fromfid'])) {	} } // Update PM count update_pm_count(); if(!empty($mybb->input['fromfid'])) {
redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsmoved); } else	redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsmoved); } else
Zeile 1738	Zeile 1745
else { redirect("private.php", $lang->redirect_pmsdeleted);	else { redirect("private.php", $lang->redirect_pmsdeleted);
} } }	} } }
if($mybb->input['action'] == "delete") {	if($mybb->input['action'] == "delete") {
Zeile 1748	Zeile 1755
verify_post_check($mybb->get_input('my_post_key')); $plugins->run_hooks("private_delete_start");	verify_post_check($mybb->get_input('my_post_key')); $plugins->run_hooks("private_delete_start");

$query = $db->simple_select("privatemessages", "*", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); if($db->num_rows($query) == 1)	$query = $db->simple_select("privatemessages", "*", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); if($db->num_rows($query) == 1)
{	{
$db->delete_query("privatemessages", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."'"); } else	$db->delete_query("privatemessages", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."'"); } else
Zeile 1762	Zeile 1769
); $db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'"); }	); $db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'"); }

// Update PM count update_pm_count(); $plugins->run_hooks("private_delete_end"); redirect("private.php", $lang->redirect_pmsdeleted);	// Update PM count update_pm_count(); $plugins->run_hooks("private_delete_end"); redirect("private.php", $lang->redirect_pmsdeleted);
}	}
if($mybb->input['action'] == "export") { if($mybb->user['totalpms'] == 0)	if($mybb->input['action'] == "export") { if($mybb->user['totalpms'] == 0)
Zeile 1827	Zeile 1834
else { if($mybb->get_input('daycut', MyBB::INPUT_INT) && ($mybb->get_input('dayway') != "disregard"))	else { if($mybb->get_input('daycut', MyBB::INPUT_INT) && ($mybb->get_input('dayway') != "disregard"))
{	{
$datecut = TIME_NOW-($mybb->get_input('daycut', MyBB::INPUT_INT) * 86400); $wsql = "pm.dateline"; if($mybb->get_input('dayway') == "older")	$datecut = TIME_NOW-($mybb->get_input('daycut', MyBB::INPUT_INT) * 86400); $wsql = "pm.dateline"; if($mybb->get_input('dayway') == "older")
{	{
$wsql .= "<="; } else	$wsql .= "<="; } else
{	{
$wsql .= ">="; } $wsql .= "'$datecut'";	$wsql .= ">="; } $wsql .= "'$datecut'";
Zeile 1856	Zeile 1863
{ $folderlst = ''; break;	{ $folderlst = ''; break;
}	}
else { if(!$folderlst)	else { if(!$folderlst)
Zeile 1914	Zeile 1921
$tofromusername = $message['tousername']; } else	$tofromusername = $message['tousername']; } else
{	{
$tofromusername = build_profile_link($message['tousername'], $tofromuid); } }	$tofromusername = build_profile_link($message['tousername'], $tofromuid); } }
Zeile 2030	Zeile 2037
// Gather global stylesheet for HTML $query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1)); $css = $db->fetch_field($query, "stylesheet");	// Gather global stylesheet for HTML $query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1)); $css = $db->fetch_field($query, "stylesheet");
}	}
$plugins->run_hooks("private_do_export_end");	$plugins->run_hooks("private_do_export_end");
Zeile 2088	Zeile 2095
if($folder == 2 \|\| $folder == 3) { // Sent Items Folder $sender = $lang->sentto;	if($folder == 2 \|\| $folder == 3) { // Sent Items Folder $sender = $lang->sentto;
}	}
else { $sender = $lang->sender;	else { $sender = $lang->sender;
Zeile 2135	Zeile 2142
// Do Multi Pages $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");	// Do Multi Pages $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");
$pmscount = $db->fetch_array($query);	$pmscount = $db->fetch_field($query, "total");
if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) {	if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1) {
Zeile 2148	Zeile 2155
if($page > 0) { $start = ($page-1) *$perpage;	if($page > 0) { $start = ($page-1) *$perpage;
	$pages = ceil($pmscount / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 2173	Zeile 2186
$page_url = "private.php?fid={$folder}"; }	$page_url = "private.php?fid={$folder}"; }
$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);	$multipage = multipage($pmscount, $perpage, $page, $page_url);
$messagelist = ''; $icon_cache = $cache->read("posticons");	$messagelist = ''; $icon_cache = $cache->read("posticons");