Vergleich private.php - 1.8.7 - 1.8.36

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 12Zeile 12
define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


$templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,private_orderarrow,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_empty,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_nav_editsignature,posticons_icon";
$templatelist .= ",private_messagebit,codebuttons,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to,postbit_online,postbit_warninglevel_formatted,postbit_iplogged_hiden";

$templatelist = "private_send,private_send_buddyselect,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start";
$templatelist .= ",private_messagebit,codebuttons,posticons,private_send_autocomplete,private_messagebit_denyreceipt,postbit_warninglevel_formatted,private_emptyexportlink,postbit_purgespammer,postbit_gotopost,private_read";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink,postbit_purgespammer";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_gotopost,postbit_userstar,postbit_reputation_formatted_link,postbit_icon";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find,private_emptyexportlink";


$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_reputation_formatted_link";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders,usercp_nav_home";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find";
$templatelist .= ",usercp_nav_editsignature,posticons_icon,postbit_icon,postbit_iplogged_hiden,usercp_nav_profile,usercp_nav_misc,postbit_userstar,private_read_to,postbit_online,private_empty,private_orderarrow,postbit_reply_pm";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 41Zeile 42
	error_no_permission();
}


	error_no_permission();
}


if(!$mybb->user['pmfolders'])
{
$mybb->user['pmfolders'] = "1**$%%$2**$%%$3**$%%$4**";

$sql_array = array(
"pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);
}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

$folder_id = $folder_name = '';

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

$folder_id = $folder_name = $folderjump_folder = $folderoplist_folder = $foldersearch_folder ='';












$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);


$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

Zeile 75Zeile 66
	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");











// Manipulate search folder selection & move selector to omit "Unread"
if($folder_id != 1)
{
if($folder_id == 0)
{
$folder_id = 1;
}
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

}

}

 

$from_fid = $mybb->input['fid'];


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");

Zeile 238Zeile 240
	$sid = $mybb->get_input('sid');
$query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
$search = $db->fetch_array($query);

	$sid = $mybb->get_input('sid');
$query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
$search = $db->fetch_array($query);





	if(!$search)
{
error($lang->error_invalidsearch);

	if(!$search)
{
error($lang->error_invalidsearch);

	}

$plugins->run_hooks("private_results_start");

	}

$plugins->run_hooks("private_results_start");


// Decide on our sorting fields and sorting order.
$order = my_strtolower($mybb->get_input('order'));


// Decide on our sorting fields and sorting order.
$order = my_strtolower($mybb->get_input('order'));

Zeile 260Zeile 262
		{
$query_sortby = "fromusername";
}

		{
$query_sortby = "fromusername";
}

	}

	}

	else

	else

	{

	{

		$sortby = $query_sortby = "dateline";

		$sortby = $query_sortby = "dateline";

	}

if($order != "asc")
{
$order = "desc";
}


	}

if($order != "asc")
{
$order = "desc";
}


	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{
$mybb->settings['threadsperpage'] = 20;

	if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{
$mybb->settings['threadsperpage'] = 20;

	}




	}

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_field($query, "total");


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];

Zeile 282Zeile 287
	if($page > 0)
{
$start = ($page-1) * $perpage;

	if($page > 0)
{
$start = ($page-1) * $perpage;

	}







		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}
}

	else
{
$start = 0;

	else
{
$start = 0;

Zeile 300Zeile 311
	}

// Do Multi Pages

	}

// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_array($query);


 
	if($upper > $pmscount)
{
$upper = $pmscount;
}

	if($upper > $pmscount)
{
$upper = $pmscount;
}

	$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$multipage = multipage($pmscount, $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$messagelist = '';

$icon_cache = $cache->read("posticons");

	$messagelist = '';

$icon_cache = $cache->read("posticons");

Zeile 319Zeile 327
	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

		if(is_array($recipients['to']) && count($recipients['to']))

		if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

		{
$get_users = array_merge($get_users, $recipients['to']);
}

		{
$get_users = array_merge($get_users, $recipients['to']);
}

Zeile 353Zeile 361
	");
while($message = $db->fetch_array($query))
{

	");
while($message = $db->fetch_array($query))
{

		$msgalt = $msgsuffix = $msgprefix = '';

		$msgalt = $msgstatus = '';


// Determine Folder Icon
if($message['status'] == 0)
{


// Determine Folder Icon
if($message['status'] == 0)
{

			$msgfolder = 'new_pm.png';

			$msgstatus = 'new_pm';

			$msgalt = $lang->new_pm;

			$msgalt = $lang->new_pm;

			$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
		}

		}

		elseif($message['status'] == 1)

		else if($message['status'] == 1)

		{

		{

			$msgfolder = 'old_pm.png';

			$msgstatus = 'old_pm';

			$msgalt = $lang->old_pm;
}

			$msgalt = $lang->old_pm;
}

		elseif($message['status'] == 3)

		else if($message['status'] == 3)

		{

		{

			$msgfolder = 're_pm.png';

			$msgstatus = 're_pm';

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgfolder = 'fw_pm.png';

			$msgstatus = 'fw_pm';

			$msgalt = $lang->fwd_pm;
}


			$msgalt = $lang->fwd_pm;
}


Zeile 387Zeile 393
			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))




			if(
isset($recipients['to']) &&
(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))
)

			{
foreach($recipients['to'] as $uid)
{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

			{
foreach($recipients['to'] as $uid)
{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
					$user['username'] = htmlspecialchars_uni($user['username']);

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

Zeile 403Zeile 413
					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

Zeile 412Zeile 423
			}
else if($message['toid'])
{

			}
else if($message['toid'])
{

				$tofromusername = $message['tousername'];

				$tofromusername = htmlspecialchars_uni($message['tousername']);

				$tofromuid = $message['toid'];
}
else

				$tofromuid = $message['toid'];
}
else

Zeile 422Zeile 433
		}
else
{

		}
else
{

			$tofromusername = $message['fromusername'];

			$tofromusername = htmlspecialchars_uni($message['fromusername']);

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

Zeile 472Zeile 483
			$senddate = $lang->not_sent;
}


			$senddate = $lang->not_sent;
}


		$foldername = $foldernames[$message['folder']];






		$fid = "0";
if((int)$message['folder'] > 1)
{
$fid = $message['folder'];
}
$foldername = $foldernames[$fid];


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(

Zeile 494Zeile 510
	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");

	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");

	}

$plugins->run_hooks("private_results_end");

	}

$plugins->run_hooks("private_results_end");


eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);
}


eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);
}





if($mybb->input['action'] == "advanced_search")
{
$plugins->run_hooks("private_advanced_search");

eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");

if($mybb->input['action'] == "advanced_search")
{
$plugins->run_hooks("private_advanced_search");

eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");





	output_page($advanced_search);
}

	output_page($advanced_search);
}





// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

	{
exit;
}


	{
exit;
}


	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


Zeile 555Zeile 571

// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));


// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));

 
	$to = array_unique($to); // Filter out any duplicates

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("

Zeile 564Zeile 581
		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

	$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

	if($db->num_rows($query) > 0)


	{
error($lang->error_pm_already_submitted);
}

	{
error($lang->error_pm_already_submitted);
}

Zeile 701Zeile 717
		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

$preview = '';

	}

$preview = '';

Zeile 921Zeile 937

if($send_errors)
{


if($send_errors)
{

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

// Load the auto complete javascript if it is enabled.

	}

// Load the auto complete javascript if it is enabled.

Zeile 1084Zeile 1100
	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	if(is_array($pm['recipients']['to']))

	if(isset($pm['recipients']['to']) && is_array($pm['recipients']['to']))

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

Zeile 1109Zeile 1125
	while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

	while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

 
		$recipient['username'] = htmlspecialchars_uni($recipient['username']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

Zeile 1159Zeile 1176
	{
$trow = alt_trow();


	{
$trow = alt_trow();


		$optionschecked = array('savecopy' => 'checked="checked"');

		$optionschecked = array('savecopy' => 'checked="checked"', 'signature' => '', 'disablesmilies' => '');

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

Zeile 1203Zeile 1220
			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}


			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}


 
		$postoptionschecked = $optionschecked; // Backwards compatability instead of correcting variable used in template

if(!isset($collapsedthead['quickreply']))
{
$collapsedthead['quickreply'] = '';
}
if(!isset($collapsedimg['quickreply']))
{
$collapsedimg['quickreply'] = '';
}
if(!isset($collapsed['quickreply_e']))
{
$collapsed['quickreply_e'] = '';
}

$expaltext = (in_array("quickreply", $collapse)) ? $lang->expcol_expand : $lang->expcol_collapse;

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}


		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}


Zeile 1271Zeile 1304
	while($readmessage = $db->fetch_array($query))
{
$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

	while($readmessage = $db->fetch_array($query))
{
$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

 
		$readmessage['tousername'] = htmlspecialchars_uni($readmessage['tousername']);

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

Zeile 1327Zeile 1361
	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

 
		$unreadmessage['tousername'] = htmlspecialchars_uni($unreadmessage['tousername']);

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

Zeile 1447Zeile 1482
		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4")

		if((int)$folderinfo[0] < 5)

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

Zeile 1502Zeile 1537

$fid = (int)$key;
// Use default language strings if empty or value is language string


$fid = (int)$key;
// Use default language strings if empty or value is language string

				switch($fid)
{
case 1:
if($val == $lang->folder_inbox || trim($val) == '')
{
$val = '';
}
break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')
{
$val = '';
}
break;
case 3:
if($val == $lang->folder_drafts || trim($val) == '')
{
$val = '';
}
break;
case 4:
if($val == $lang->folder_trash || trim($val) == '')
{
$val = '';
}
break;

				if($val == get_pm_folder_name($fid) || trim($val) == '')
{
$val = '';
























				}
}


				}
}


			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))

			if($val != '' && trim($val) == '' && !(is_numeric($key) && $key <= 4))

			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			if($val != '' || ($key >= 1 && $key <= 4))

			if($val != '' || (is_numeric($key) && $key <= 4))

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

Zeile 1581Zeile 1593
	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	}

	}


$plugins->run_hooks("private_empty_start");



$plugins->run_hooks("private_empty_start");


Zeile 1590Zeile 1602
	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

 
		$unread = ''; 

		$fid = $folderinfo[0];

		$fid = $folderinfo[0];

		$foldername = get_pm_folder_name($fid, $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid' AND uid='".$mybb->user['uid']."'");










		if($folderinfo[0] == "1")
{
$fid = "1";
$unread = " AND status='0'";
}
if($folderinfo[0] == "0")
{
$fid = "1";
}
$foldername = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid'$unread AND uid='".$mybb->user['uid']."'");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

Zeile 1617Zeile 1639
	if($mybb->get_input('keepunread', MyBB::INPUT_INT) == 1)
{
$keepunreadq = " AND status!='0'";

	if($mybb->get_input('keepunread', MyBB::INPUT_INT) == 1)
{
$keepunreadq = " AND status!='0'";

	}

	}

	if(!empty($mybb->input['empty']))
{
foreach($mybb->input['empty'] as $key => $val)

	if(!empty($mybb->input['empty']))
{
foreach($mybb->input['empty'] as $key => $val)

Zeile 1652Zeile 1674
	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_do_stuff");

	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_do_stuff");





	if(!empty($mybb->input['hop']))
{
header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))
{

	if(!empty($mybb->input['hop']))
{
header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))
{

		$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))

		$pms = array_map('intval', array_keys($mybb->get_input('check', MyBB::INPUT_ARRAY)));
if(!empty($pms))

		{

		{

			foreach($mybb->input['check'] as $key => $val)











			if(!$mybb->input['fid'])
{
$mybb->input['fid'] = 1;
}

if(array_key_exists($mybb->input['fid'], $foldernames))
{
$db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'");
update_pm_count();
}
else

			{

			{

				$sql_array = array(
"folder" => $mybb->input['fid']
);
$db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");

				error($lang->error_invalidmovefid);




			}
}

			}
}

		// Update PM count
update_pm_count();

 

if(!empty($mybb->input['fromfid']))
{


if(!empty($mybb->input['fromfid']))
{

Zeile 1773Zeile 1800
	$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$folder_name = $folder_id = '';

	$folderlist_folder = '';

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

Zeile 1801Zeile 1828

$plugins->run_hooks("private_do_export_start");



$plugins->run_hooks("private_do_export_start");


	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']);

	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, htmlspecialchars_uni($mybb->user['username']));

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);

Zeile 1949Zeile 1976
		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

			$senddate = my_date($mybb->settings['dateformat'], $message['dateline']);
$sendtime = my_date($mybb->settings['timeformat'], $message['dateline']);

			$senddate = my_date($mybb->settings['dateformat'], $message['dateline'], "", false);
$sendtime = my_date($mybb->settings['timeformat'], $message['dateline'], "", false);

			$senddate .= " $lang->at $sendtime";
}
else

			$senddate .= " $lang->at $sendtime";
}
else

Zeile 1982Zeile 2009

if($mybb->input['exporttype'] == "csv")
{


if($mybb->input['exporttype'] == "csv")
{

			$message['message'] = addslashes($message['message']);
$message['subject'] = addslashes($message['subject']);
$message['tousername'] = addslashes($message['tousername']);
$message['fromusername'] = addslashes($message['fromusername']);

			$message['message'] = my_escape_csv($message['message']);
$message['subject'] = my_escape_csv($message['subject']);
$message['tousername'] = my_escape_csv($message['tousername']);
$message['fromusername'] = my_escape_csv($message['fromusername']);

		}

if(empty($donefolder[$message['folder']]))

		}

if(empty($donefolder[$message['folder']]))

Zeile 2007Zeile 2034
					}
else
{

					}
else
{

						$foldername = addslashes($folderinfo[1]);

						$foldername = my_escape_csv($folderinfo[1]);

					}
$donefolder[$message['folder']] = 1;
}

					}
$donefolder[$message['folder']] = 1;
}

Zeile 2021Zeile 2048
	if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML

	if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML

		$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));


		$css_tid = empty($theme['tid']) ? '' : "'". (int)$theme['tid'] ."',";
$query = $db->simple_select("themestylesheets", "stylesheet", "tid in ({$css_tid}'2','1') AND name = 'global.css'", array('order_by' => 'tid', 'order_dir' => 'DESC', 'limit' => 1));

		$css = $db->fetch_field($query, "stylesheet");
}


		$css = $db->fetch_field($query, "stylesheet");
}


Zeile 2072Zeile 2100

if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{


if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{

		$mybb->input['fid'] = 1;

		$mybb->input['fid'] = 0;

	}


	}


	$folder = $mybb->input['fid'];
$foldername = $foldernames[$folder];


	$fid = (int)$mybb->input['fid'];
$folder = !$fid ? 1 : $fid;
$foldername = $foldernames[$fid];


if($folder == 2 || $folder == 3)
{ // Sent Items Folder


if($folder == 2 || $folder == 3)
{ // Sent Items Folder

Zeile 2120Zeile 2149
			$sortfield = "dateline";
$mybb->input['sortby'] = "dateline";
break;

			$sortfield = "dateline";
$mybb->input['sortby'] = "dateline";
break;

	}

	}

	$orderarrow = $sortsel = array('subject' => '', 'username' => '', 'dateline' => '');
$sortsel[$sortby] = "selected=\"selected\"";

eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");

	$orderarrow = $sortsel = array('subject' => '', 'username' => '', 'dateline' => '');
$sortsel[$sortby] = "selected=\"selected\"";

eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");





	// Do Multi Pages

	// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");
$pmscount = $db->fetch_array($query);







	$selective = "";
if($fid == 1)
{
$selective = " AND status='0'";
}

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'$selective");
$pmscount = $db->fetch_field($query, "total");


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	{

	{

		$mybb->settings['threadsperpage'] = 20;
}


		$mybb->settings['threadsperpage'] = 20;
}


Zeile 2141Zeile 2176
	if($page > 0)
{
$start = ($page-1) *$perpage;

	if($page > 0)
{
$start = ($page-1) *$perpage;

 
		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}

	}
else
{

	}
else
{

Zeile 2158Zeile 2199
	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	{
$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$mybb->input['order']}";

	{
$page_url = "private.php?fid={$fid}&sortby={$sortby}&order={$sortordernow}";

	}
else
{

	}
else
{

		$page_url = "private.php?fid={$folder}";

		$page_url = "private.php?fid={$fid}";

	}


	}


	$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);
$messagelist = '';


	$multipage = multipage($pmscount, $perpage, $page, $page_url);
$selective = $messagelist = '';


	$icon_cache = $cache->read("posticons");

	$icon_cache = $cache->read("posticons");





	// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)
{
if($sortfield == "username")

	// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)
{
if($sortfield == "username")

		{

		{

			$u = "u.";
}
else

			$u = "u.";
}
else

		{

		{

			$u = "pm.";
}


			$u = "pm.";
}


Zeile 2190Zeile 2231
			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			ORDER BY {$u}{$sortfield} {$mybb->input['order']}

			ORDER BY {$u}{$sortfield} {$sortordernow}

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

			if(is_array($recipients['to']) && count($recipients['to']))

			if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

			{
$get_users = array_merge($get_users, $recipients['to']);

			{
$get_users = array_merge($get_users, $recipients['to']);

			}

			}


if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);


if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

			}
}

$get_users = implode(',', array_unique($get_users));


			}
}

$get_users = implode(',', array_unique($get_users));


		// Grab info
if($get_users)
{

		// Grab info
if($get_users)
{

Zeile 2233Zeile 2274
	}
else
{

	}
else
{

 
		if($fid == 1)
{
$selective = " AND pm.status='0'";
}


		if($sortfield == "username")
{
$pm = "fu.";

		if($sortfield == "username")
{
$pm = "fu.";

Zeile 2248Zeile 2294
		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'{$selective}

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");

if($db->num_rows($query) > 0)
{

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");

if($db->num_rows($query) > 0)
{

 
		$bgcolor = alt_trow(true);

		while($message = $db->fetch_array($query))
{

		while($message = $db->fetch_array($query))
{

			$msgalt = $msgsuffix = $msgprefix = '';


			$msgalt = $msgstatus = '';


			// Determine Folder Icon
if($message['status'] == 0)
{

			// Determine Folder Icon
if($message['status'] == 0)
{

				$msgfolder = 'new_pm.png';

				$msgstatus = 'new_pm';

				$msgalt = $lang->new_pm;

				$msgalt = $lang->new_pm;

				$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
			}

			}

			elseif($message['status'] == 1)

			else if($message['status'] == 1)

			{

			{

				$msgfolder = 'old_pm.png';

				$msgstatus = 'old_pm';

				$msgalt = $lang->old_pm;
}

				$msgalt = $lang->old_pm;
}

			elseif($message['status'] == 3)

			else if($message['status'] == 3)

			{

			{

				$msgfolder = 're_pm.png';

				$msgstatus = 're_pm';

				$msgalt = $lang->reply_pm;
}

				$msgalt = $lang->reply_pm;
}

			elseif($message['status'] == 4)

			else if($message['status'] == 4)

			{

			{

				$msgfolder = 'fw_pm.png';

				$msgstatus = 'fw_pm';

				$msgalt = $lang->fwd_pm;
}


				$msgalt = $lang->fwd_pm;
}


Zeile 2287Zeile 2333
			{ // Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			{ // Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

				if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))

				if(isset($recipients['to']) && count($recipients['to']) > 1 || (isset($recipients['to']) && count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))

				{
foreach($recipients['to'] as $uid)
{

				{
foreach($recipients['to'] as $uid)
{

 
						if(!isset($cached_users[$uid]))
{
continue;
}

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2305Zeile 2356
						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

 
							if(!isset($cached_users[$uid]))
{
continue;
}

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
							$user['username'] = htmlspecialchars_uni($user['username']);

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2319Zeile 2375
					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

				{
$tofromusername = $message['tousername'];

				{
$tofromusername = htmlspecialchars_uni($message['tousername']);

					$tofromuid = $message['toid'];

					$tofromuid = $message['toid'];

				}

				}

				else
{
$tofromusername = $lang->not_sent;

				else
{
$tofromusername = $lang->not_sent;

Zeile 2330Zeile 2386
			}
else
{

			}
else
{

				$tofromusername = $message['fromusername'];

				$tofromusername = htmlspecialchars_uni($message['fromusername']);

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

Zeile 2386Zeile 2442
			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

 
			$bgcolor = alt_trow();

		}
}
else

		}
}
else

Zeile 2394Zeile 2451
	}

$pmspacebar = '';

	}

$pmspacebar = '';

	if($mybb->usergroup['pmquota'] != '0' && $mybb->usergroup['cancp'] != 1)

	if($mybb->usergroup['pmquota'] != 0)

	{
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'");
$pmscount = $db->fetch_array($query);

	{
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'");
$pmscount = $db->fetch_array($query);

Zeile 2428Zeile 2485
			{
$spaceused_severity = "high";
}

			{
$spaceused_severity = "high";
}

			



			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{

			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{

Zeile 2458Zeile 2515
	}

$limitwarning = '';

	}

$limitwarning = '';

	if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1)

	if($mybb->usergroup['pmquota'] != 0 && $pmscount['total'] >= $mybb->usergroup['pmquota'])

	{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}

	{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}