Vergleich private.php - 1.8.17 - 1.8.20

	error_no_permission();
}

	error_no_permission();
}

if(!$mybb->user['pmfolders'])
{

if(!$mybb->user['pmfolders'])
{

	$sql_array = array(
		 "pmfolders" => $mybb->user['pmfolders']
	);

	$sql_array = array(
		 "pmfolders" => $mybb->user['pmfolders']
	);

	else
	{
		$resulttype = "pmsubjects";

	else
	{
		$resulttype = "pmsubjects";

	$search_data = array(
		"keywords" => $mybb->get_input('keywords'),

	$search_data = array(
		"keywords" => $mybb->get_input('keywords'),

	else
	{
		$sortby = $query_sortby = "dateline";

	else
	{
		$sortby = $query_sortby = "dateline";

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;
	}

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{
		$mybb->settings['threadsperpage'] = 20;
	}

	// Work out pagination, which page we're at, as well as the limits.
	$perpage = $mybb->settings['threadsperpage'];

	// Work out pagination, which page we're at, as well as the limits.
	$perpage = $mybb->settings['threadsperpage'];

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

	if($page > 0)
	{
		$start = ($page-1) * $perpage;

	}
	else
	{

	}
	else
	{

	}

	// Do Multi Pages

	}

	// Do Multi Pages

	if($upper > $pmscount)
	{
		$upper = $pmscount;
	}

	if($upper > $pmscount)
	{
		$upper = $pmscount;
	}

	$messagelist = '';

	$icon_cache = $cache->read("posticons");

	$messagelist = '';

	$icon_cache = $cache->read("posticons");

	// Attempt to see if this PM is a duplicate or not
	$to = array_map("trim", explode(",", $mybb->get_input('to')));

	// Attempt to see if this PM is a duplicate or not
	$to = array_map("trim", explode(",", $mybb->get_input('to')));

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
	$time_cutoff = TIME_NOW - (5 * 60 * 60);
	$query = $db->query("

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
	$time_cutoff = TIME_NOW - (5 * 60 * 60);
	$query = $db->query("

		{
			$optionschecked['readreceipt'] = 'checked="checked"';
		}

		{
			$optionschecked['readreceipt'] = 'checked="checked"';
		}

	}

	$preview = '';

	}

	$preview = '';

			if($mybb->settings['maxpmquotedepth'] != '0')
			{
				$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);

			if($mybb->settings['maxpmquotedepth'] != '0')
			{
				$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);

			if($mybb->input['do'] == 'forward')
			{

			if($mybb->input['do'] == 'forward')
			{

	if($send_errors)
	{

	if($send_errors)
	{

	}

	// Load the auto complete javascript if it is enabled.

	}

	// Load the auto complete javascript if it is enabled.

		'image' => 'groupimage',
		'namestyle' => 'namestyle'
	);

		'image' => 'groupimage',
		'namestyle' => 'namestyle'
	);

	foreach($data_key as $field => $key)
	{
		$pm[$key] = $groupscache[$pm['usergroup']][$field];

	foreach($data_key as $field => $key)
	{
		$pm[$key] = $groupscache[$pm['usergroup']][$field];

	{
		$uid_sql = $pm['toid'];
		$pm['recipients']['to'] = array($pm['toid']);

	{
		$uid_sql = $pm['toid'];
		$pm['recipients']['to'] = array($pm['toid']);

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
	if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
	{

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
	if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
	{

		$bcc_recipients = implode(', ', $bcc_recipients);
		$bcc_form_val = implode(',', $bcc_form_val);
		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

		$bcc_recipients = implode(', ', $bcc_recipients);
		$bcc_form_val = implode(',', $bcc_form_val);
		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

	else
	{
		$bcc_form_val = '';

	else
	{
		$bcc_form_val = '';

	$replyall = false;
	if(count($to_recipients) > 1)
	{

	$replyall = false;
	if(count($to_recipients) > 1)
	{

	}

	if(count($to_recipients) > 0)

	}

	if(count($to_recipients) > 0)

		$to_recipients = implode($lang->comma, $to_recipients);
	}
	else

		$to_recipients = implode($lang->comma, $to_recipients);
	}
	else

		$to_recipients = $lang->nobody;
	}

	eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

		$to_recipients = $lang->nobody;
	}

	eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

	add_breadcrumb($pm['subject']);
	$message = build_postbit($pm, 2);

	add_breadcrumb($pm['subject']);
	$message = build_postbit($pm, 2);

		$optionschecked = array('savecopy' => 'checked="checked"');
		if(!empty($mybb->user['signature']))

		$optionschecked = array('savecopy' => 'checked="checked"');
		if(!empty($mybb->user['signature']))

			$optionschecked['signature'] = 'checked="checked"';
		}
		if($mybb->usergroup['cantrackpms'] == 1)

			$optionschecked['signature'] = 'checked="checked"';
		}
		if($mybb->usergroup['cantrackpms'] == 1)

	$query = $db->query("
		SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername

	$query = $db->query("
		SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
		WHERE pm.receipt='2' AND pm.folder!='3'  AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."'
		ORDER BY pm.readtime DESC

		LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
		WHERE pm.receipt='2' AND pm.folder!='3'  AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."'
		ORDER BY pm.readtime DESC

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
		$readdate = my_date('relative', $readmessage['readtime']);
		eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
		$readdate = my_date('relative', $readmessage['readtime']);
		eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

	$stoptrackingread = '';
	if(!empty($readmessages))

	$stoptrackingread = '';
	if(!empty($readmessages))

		eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");
	}

		eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");
	}

	$pages = ceil($pages);

	if($mybb->get_input('unread_page') == "last")

	$pages = ceil($pages);

	if($mybb->get_input('unread_page') == "last")

		$page = $pages;
	}

		$page = $pages;
	}

		if(!empty($mybb->input['unreadcheck']))
		{
			foreach($mybb->input['unreadcheck'] as $pmid => $val)

		if(!empty($mybb->input['unreadcheck']))
		{
			foreach($mybb->input['unreadcheck'] as $pmid => $val)

				$pmids[$pmid] = (int)$pmid;

				$pmids[$pmid] = (int)$pmid;

			$pmids = implode(",", $pmids);
			$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");
			while($pm = $db->fetch_array($query))

			$pmids = implode(",", $pmids);
			$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");
			while($pm = $db->fetch_array($query))

			$db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'");
			foreach($pmuids as $uid)

			$db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'");
			foreach($pmuids as $uid)

				// Message is canceled, update PM count for this user
				update_pm_count($uid);
			}

				// Message is canceled, update PM count for this user
				update_pm_count($uid);
			}

}

if($mybb->input['action'] == "stopalltracking")

}

if($mybb->input['action'] == "stopalltracking")

	$plugins->run_hooks("private_stopalltracking_start");

	$plugins->run_hooks("private_stopalltracking_start");

}

if($mybb->input['action'] == "folders")

}

if($mybb->input['action'] == "folders")

	$plugins->run_hooks("private_folders_start");

	$folderlist = '';

	$plugins->run_hooks("private_folders_start");

	$folderlist = '';

		$fid = $folderinfo[0];
		$foldername = get_pm_folder_name($fid, $foldername);

		$fid = $folderinfo[0];
		$foldername = get_pm_folder_name($fid, $foldername);

		{
			$foldername2 = get_pm_folder_name($fid);
			eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

		{
			$foldername2 = get_pm_folder_name($fid);
			eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

		if(empty($donefolders[$val]) )// Probably was a check for duplicate folder names, but doesn't seem to be used now
		{
			if(my_substr($key, 0, 3) == "new") // Create a new folder

		if(empty($donefolders[$val]) )// Probably was a check for duplicate folder names, but doesn't seem to be used now
		{
			if(my_substr($key, 0, 3) == "new") // Create a new folder

				++$highestid;
				$fid = (int)$highestid;
			}
			else // Editing an existing folder
			{
				if($key > $highestid)

				++$highestid;
				$fid = (int)$highestid;
			}
			else // Editing an existing folder
			{
				if($key > $highestid)

					$highestid = $key;
				}

				$fid = (int)$key;
				// Use default language strings if empty or value is language string

					$highestid = $key;
				}

				$fid = (int)$key;
				// Use default language strings if empty or value is language string

				{

				{

				}
			}

				}
			}

			{
				// If the name only contains whitespace and it's not a default folder, print an error
				error($lang->error_emptypmfoldername);
			}

			{
				// If the name only contains whitespace and it's not a default folder, print an error
				error($lang->error_emptypmfoldername);
			}

			{
				// If there is a name or if this is a default folder, save it
				$foldername = $db->escape_string(htmlspecialchars_uni($val));

			{
				// If there is a name or if this is a default folder, save it
				$foldername = $db->escape_string(htmlspecialchars_uni($val));

	if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
	{

	if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
	{

	}

	}

	if($folder == 2 || $folder == 3)
	{ // Sent Items Folder

	if($folder == 2 || $folder == 3)
	{ // Sent Items Folder

	// Do Multi Pages
	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");

	// Do Multi Pages
	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
	{

	if($page > 0)
	{
		$start = ($page-1) *$perpage;

	if($page > 0)
	{
		$start = ($page-1) *$perpage;

	}
	else
	{

	}
	else
	{

	}

	if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	}

	if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	$icon_cache = $cache->read("posticons");

	// Cache users in multiple recipients for sent & drafts folder

	$icon_cache = $cache->read("posticons");

	// Cache users in multiple recipients for sent & drafts folder

		if($sortfield == "username")
		{
			$u = "u.";

		if($sortfield == "username")
		{
			$u = "u.";

		else
		{
			$u = "pm.";

		else
		{
			$u = "pm.";

			if(is_array($recipients['to']) && count($recipients['to']))
			{
				$get_users = array_merge($get_users, $recipients['to']);

			if(is_array($recipients['to']) && count($recipients['to']))
			{
				$get_users = array_merge($get_users, $recipients['to']);

			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
			{

			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
			{

	}

	if($folder == 2 || $folder == 3)

	}

	if($folder == 2 || $folder == 3)

		if($sortfield == "username")

		if($sortfield == "username")

			$pm = "tu.";
		}
		else

			$pm = "tu.";
		}
		else

			$pm = "pm.";
		}
	}
	else
	{

			$pm = "pm.";
		}
	}
	else
	{

		if($sortfield == "username")
		{
			$pm = "fu.";

		if($sortfield == "username")
		{
			$pm = "fu.";

		FROM ".TABLE_PREFIX."privatemessages pm
		LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
		LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		FROM ".TABLE_PREFIX."privatemessages pm
		LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
		LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		ORDER BY {$pm}{$sortfield} {$sortordernow}
		LIMIT $start, $perpage
	");

		ORDER BY {$pm}{$sortfield} {$sortordernow}
		LIMIT $start, $perpage
	");