Vergleich private.php - 1.8.19 - 1.8.37

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 40Zeile 40
if($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0)
{
error_no_permission();

if($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0)
{
error_no_permission();

}

if(!$mybb->user['pmfolders'])
{
$mybb->user['pmfolders'] = "1**$%%$2**$%%$3**$%%$4**";

$sql_array = array(
"pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

 
}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);


}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);


$folder_id = $folder_name = '';

$folder_id = $folder_name = $folderjump_folder = $folderoplist_folder = $foldersearch_folder ='';


$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);


$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

Zeile 76Zeile 66
	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");











// Manipulate search folder selection & move selector to omit "Unread"
if($folder_id != 1)
{
if($folder_id == 0)
{
$folder_id = 1;
}
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

}

$from_fid = $mybb->input['fid'];

}

$from_fid = $mybb->input['fid'];

Zeile 328Zeile 327
	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

		if(is_array($recipients['to']) && count($recipients['to']))

		if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

		{
$get_users = array_merge($get_users, $recipients['to']);
}

		{
$get_users = array_merge($get_users, $recipients['to']);
}

Zeile 394Zeile 393
			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))




			if(
isset($recipients['to']) &&
(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))
)

			{
foreach($recipients['to'] as $uid)
{

			{
foreach($recipients['to'] as $uid)
{

Zeile 481Zeile 483
			$senddate = $lang->not_sent;
}


			$senddate = $lang->not_sent;
}


		$foldername = $foldernames[$message['folder']];






		$fid = "0";
if((int)$message['folder'] > 1)
{
$fid = $message['folder'];
}
$foldername = $foldernames[$fid];


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(

Zeile 496Zeile 503
		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}

		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}





		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");
}

if($db->num_rows($query) == 0)

		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");
}

if($db->num_rows($query) == 0)

	{

	{

		eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}


		eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}


Zeile 539Zeile 546
	if(!empty($mybb->input['ajax']))
{
echo 1;

	if(!empty($mybb->input['ajax']))
{
echo 1;

		exit;
}
else

		exit;
}
else

	{
header("Location: index.php");
exit;

	{
header("Location: index.php");
exit;

Zeile 549Zeile 556
}

$send_errors = '';

}

$send_errors = '';





if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{
if($mybb->usergroup['cansendpms'] == 0)
{
error_no_permission();
}

if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{
if($mybb->usergroup['cansendpms'] == 0)
{
error_no_permission();
}





	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_send_do_send");

	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_send_do_send");





	// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));
$to = array_unique($to); // Filter out any duplicates

	// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));
$to = array_unique($to); // Filter out any duplicates

Zeile 574Zeile 581
		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

	$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

	if($db->num_rows($query) > 0)


	{
error($lang->error_pm_already_submitted);
}

	{
error($lang->error_pm_already_submitted);
}

Zeile 642Zeile 648

// Now let the pm handler do all the hard work.
if(!$pmhandler->validate_pm())


// Now let the pm handler do all the hard work.
if(!$pmhandler->validate_pm())

	{

	{

		$pm_errors = $pmhandler->get_friendly_errors();
$send_errors = inline_error($pm_errors);
$mybb->input['action'] = "send";

		$pm_errors = $pmhandler->get_friendly_errors();
$send_errors = inline_error($pm_errors);
$mybb->input['action'] = "send";

Zeile 823Zeile 829
				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

					$recipientids .= $comma.$recipient;
$comma = ',';
}
}


					$recipientids .= $comma.$recipient;
$comma = ',';
}
}


			if(isset($recipients['bcc']) && is_array($recipients['bcc']))
{
foreach($recipients['bcc'] as $recipient)

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))
{
foreach($recipients['bcc'] as $recipient)

Zeile 835Zeile 841
					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';

					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';

				}
}


				}
}


			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");

			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");

Zeile 846Zeile 852
					if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';

					if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';

					}

					}

					else
{
$to .= htmlspecialchars_uni($user['username']).', ';

					else
{
$to .= htmlspecialchars_uni($user['username']).', ';

Zeile 860Zeile 866
			$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$message = "[quote='{$pm['quotename']}']\n$message\n[/quote]";
$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);

			$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$message = "[quote='{$pm['quotename']}']\n$message\n[/quote]";
$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);





			require_once MYBB_ROOT."inc/functions_posting.php";

if($mybb->settings['maxpmquotedepth'] != '0')

			require_once MYBB_ROOT."inc/functions_posting.php";

if($mybb->settings['maxpmquotedepth'] != '0')

			{

			{

				$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);
}


				$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);
}


Zeile 937Zeile 943

// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");


// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");





	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
$do = $mybb->get_input('do');
if($do != "forward" && $do != "reply" && $do != "replyall")

	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
$do = $mybb->get_input('do');
if($do != "forward" && $do != "reply" && $do != "replyall")

Zeile 953Zeile 959
		eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");

		eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");

	}


	}


	// Hide tracking option if no permission
$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])

	// Hide tracking option if no permission
$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])

Zeile 963Zeile 969
	}

$plugins->run_hooks("private_send_end");

	}

$plugins->run_hooks("private_send_end");





	eval("\$send = \"".$templates->get("private_send")."\";");
output_page($send);
}

	eval("\$send = \"".$templates->get("private_send")."\";");
output_page($send);
}

Zeile 971Zeile 977
if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");

if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");





	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);

$query = $db->query("

	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);

$query = $db->query("

Zeile 982Zeile 988
		WHERE pm.pmid='{$pmid}' AND pm.uid='".$mybb->user['uid']."'
");
$pm = $db->fetch_array($query);

		WHERE pm.pmid='{$pmid}' AND pm.uid='".$mybb->user['uid']."'
");
$pm = $db->fetch_array($query);





	if(!$pm)
{
error($lang->error_invalidpm);

	if(!$pm)
{
error($lang->error_invalidpm);

	}

	}


if($pm['folder'] == 3)
{


if($pm['folder'] == 3)
{

Zeile 1004Zeile 1010
		'namestyle' => 'namestyle'
);


		'namestyle' => 'namestyle'
);


	foreach($data_key as $field => $key)
{
$pm[$key] = $groupscache[$pm['usergroup']][$field];
}





	if(isset($groupscache[$pm['usergroup']]))
{
foreach($data_key as $field => $key)
{
$pm[$key] = $groupscache[$pm['usergroup']][$field];
}
}


	if($pm['receipt'] == 1)
{
if($mybb->usergroup['candenypmreceipts'] == 1 && $mybb->get_input('denyreceipt', MyBB::INPUT_INT) == 1)

	if($pm['receipt'] == 1)
{
if($mybb->usergroup['candenypmreceipts'] == 1 && $mybb->get_input('denyreceipt', MyBB::INPUT_INT) == 1)

Zeile 1094Zeile 1103
	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	if(is_array($pm['recipients']['to']))

	if(isset($pm['recipients']['to']) && is_array($pm['recipients']['to']))

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

Zeile 1170Zeile 1179
	{
$trow = alt_trow();


	{
$trow = alt_trow();


		$optionschecked = array('savecopy' => 'checked="checked"');

		$optionschecked = array('savecopy' => 'checked="checked"', 'signature' => '', 'disablesmilies' => '');

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

Zeile 1178Zeile 1187
		if($mybb->usergroup['cantrackpms'] == 1)
{
$optionschecked['readreceipt'] = 'checked="checked"';

		if($mybb->usergroup['cantrackpms'] == 1)
{
$optionschecked['readreceipt'] = 'checked="checked"';

		}


		}


		require_once MYBB_ROOT.'inc/functions_posting.php';

$quoted_message = array(

		require_once MYBB_ROOT.'inc/functions_posting.php';

$quoted_message = array(

Zeile 1188Zeile 1197
			'quote_is_pm' => true
);
$quoted_message = parse_quoted_message($quoted_message);

			'quote_is_pm' => true
);
$quoted_message = parse_quoted_message($quoted_message);





		if($mybb->settings['maxpmquotedepth'] != '0')
{
$quoted_message = remove_message_quotes($quoted_message, $mybb->settings['maxpmquotedepth']);

		if($mybb->settings['maxpmquotedepth'] != '0')
{
$quoted_message = remove_message_quotes($quoted_message, $mybb->settings['maxpmquotedepth']);

		}

		}


$subject = preg_replace("#(FW|RE):( *)#is", '', $pm['subject']);



$subject = preg_replace("#(FW|RE):( *)#is", '', $pm['subject']);


Zeile 1204Zeile 1213
		{
$query = $db->simple_select('users', 'username', "uid='{$pm['fromid']}'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username'));

		{
$query = $db->simple_select('users', 'username', "uid='{$pm['fromid']}'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username'));

		}

		}


$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])


$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])

		{

		{

			$lang->options_read_receipt = $lang->quickreply_read_receipt;

			$lang->options_read_receipt = $lang->quickreply_read_receipt;





			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}

			eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}

		
$expaltext = (in_array("quickreply", $collapse)) ? "[+]" : "[-]";

















$postoptionschecked = $optionschecked; // Backwards compatability instead of correcting variable used in template

if(!isset($collapsedthead['quickreply']))
{
$collapsedthead['quickreply'] = '';
}
if(!isset($collapsedimg['quickreply']))
{
$collapsedimg['quickreply'] = '';
}
if(!isset($collapsed['quickreply_e']))
{
$collapsed['quickreply_e'] = '';
}

$expaltext = (in_array("quickreply", $collapse)) ? $lang->expcol_expand : $lang->expcol_collapse;

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}


		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}


Zeile 1461Zeile 1485
		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4")

		if((int)$folderinfo[0] < 5)

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

Zeile 1516Zeile 1540

$fid = (int)$key;
// Use default language strings if empty or value is language string


$fid = (int)$key;
// Use default language strings if empty or value is language string

				switch($fid)

				if($val == get_pm_folder_name($fid) || trim($val) == '')

				{

				{

					case 1:
if($val == $lang->folder_inbox || trim($val) == '')
{
$val = '';
}
break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')
{
$val = '';
}
break;
case 3:
if($val == $lang->folder_drafts || trim($val) == '')
{
$val = '';
}
break;
case 4:
if($val == $lang->folder_trash || trim($val) == '')
{
$val = '';
}
break;

					$val = '';
























				}

				}

			}

if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))

			}

if($val != '' && trim($val) == '' && !(is_numeric($key) && $key <= 4))

			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);

			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);

			}

if($val != '' || ($key >= 1 && $key <= 4))

			}

if($val != '' || (is_numeric($key) && $key <= 4))

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

Zeile 1584Zeile 1585

// Update PM count
update_pm_count();


// Update PM count
update_pm_count();





	$plugins->run_hooks("private_do_folders_end");

redirect("private.php", $lang->redirect_pmfoldersupdated);

	$plugins->run_hooks("private_do_folders_end");

redirect("private.php", $lang->redirect_pmfoldersupdated);

}

}


if($mybb->input['action'] == "empty")
{


if($mybb->input['action'] == "empty")
{

Zeile 1596Zeile 1597
	{
error($lang->error_nopms);
}

	{
error($lang->error_nopms);
}





	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

Zeile 1604Zeile 1605
	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

 
		$unread = ''; 

		$fid = $folderinfo[0];

		$fid = $folderinfo[0];

		$foldername = get_pm_folder_name($fid, $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid' AND uid='".$mybb->user['uid']."'");










		if($folderinfo[0] == "1")
{
$fid = "1";
$unread = " AND status='0'";
}
if($folderinfo[0] == "0")
{
$fid = "1";
}
$foldername = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid'$unread AND uid='".$mybb->user['uid']."'");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

Zeile 1661Zeile 1672
}

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	$plugins->run_hooks("private_do_stuff");

if(!empty($mybb->input['hop']))

	$plugins->run_hooks("private_do_stuff");

if(!empty($mybb->input['hop']))

Zeile 1672Zeile 1683
		header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))

		header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))

	{
$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))

	{
$pms = array_map('intval', array_keys($mybb->get_input('check', MyBB::INPUT_ARRAY)));
if(!empty($pms))

		{

		{

			foreach($mybb->input['check'] as $key => $val)

			if(!$mybb->input['fid'])

			{

			{

				$sql_array = array(
"folder" => $mybb->input['fid']
);
$db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");








				$mybb->input['fid'] = 1;
}

if(array_key_exists($mybb->input['fid'], $foldernames))
{
$db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'");
update_pm_count();
}
else
{
error($lang->error_invalidmovefid);

			}

			}

		}
// Update PM count
update_pm_count();

		}




if(!empty($mybb->input['fromfid']))
{
redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsmoved);


if(!empty($mybb->input['fromfid']))
{
redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsmoved);

		}

		}

		else
{
redirect("private.php", $lang->redirect_pmsmoved);

		else
{
redirect("private.php", $lang->redirect_pmsmoved);

Zeile 1702Zeile 1718
		if(!empty($mybb->input['check']))
{
$pmssql = '';

		if(!empty($mybb->input['check']))
{
$pmssql = '';

			foreach($mybb->input['check'] as $key => $val)
{

			foreach($mybb->input['check'] as $key => $val)
{

				if($pmssql)
{
$pmssql .= ",";

				if($pmssql)
{
$pmssql .= ",";

Zeile 1787Zeile 1803
	$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$folder_name = $folder_id = '';

	$folderlist_folder = '';

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

Zeile 1850Zeile 1866
		else
{
$wsql = "1=1";

		else
{
$wsql = "1=1";

		}


		}


		$mybb->input['exportfolders'] = $mybb->get_input('exportfolders', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['exportfolders']))
{
$folderlst = '';
foreach($mybb->input['exportfolders'] as $key => $val)

		$mybb->input['exportfolders'] = $mybb->get_input('exportfolders', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['exportfolders']))
{
$folderlst = '';
foreach($mybb->input['exportfolders'] as $key => $val)

			{

			{

				$val = $db->escape_string($val);
if($val == "all")
{

				$val = $db->escape_string($val);
if($val == "all")
{

Zeile 1869Zeile 1885
					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					}

					}

					else
{
$folderlst .= ",'$val'";

					else
{
$folderlst .= ",'$val'";

Zeile 1881Zeile 1897
				$folderlst .= ")";
}
$wsql .= "$folderlst";

				$folderlst .= ")";
}
$wsql .= "$folderlst";

		}
else
{
error($lang->error_pmnoarchivefolders);
}

if($mybb->get_input('exportunread', MyBB::INPUT_INT) != 1)

		}
else
{
error($lang->error_pmnoarchivefolders);
}

if($mybb->get_input('exportunread', MyBB::INPUT_INT) != 1)

		{
$wsql .= " AND pm.status!='0'";
}

		{
$wsql .= " AND pm.status!='0'";
}

Zeile 1905Zeile 1921
	{
error($lang->error_nopmsarchive);
}

	{
error($lang->error_nopmsarchive);
}





	$mybb->input['exporttype'] = $mybb->get_input('exporttype');

$pmsdownload = $ids = '';

	$mybb->input['exporttype'] = $mybb->get_input('exporttype');

$pmsdownload = $ids = '';

Zeile 1923Zeile 1939
				else
{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);

				else
{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);

				}

				}

			}
else
{
$tofromusername = $lang->not_sent;

			}
else
{
$tofromusername = $lang->not_sent;

			}

			}

			$tofrom = $lang->to;
}
else

			$tofrom = $lang->to;
}
else

		{

		{

			$tofromuid = $message['fromid'];
if($mybb->input['exporttype'] == "txt")
{
$tofromusername = $message['fromusername'];

			$tofromuid = $message['fromid'];
if($mybb->input['exporttype'] == "txt")
{
$tofromusername = $message['fromusername'];

			}

			}

			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);

			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);

			}

			}


if($tofromuid == 0)
{


if($tofromuid == 0)
{

Zeile 1958Zeile 1974
		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		}

		}


$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")


$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")

Zeile 2030Zeile 2046

eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";");
$ids .= ",'{$message['pmid']}'";


eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";");
$ids .= ",'{$message['pmid']}'";

	}

	}


if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML


if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML

		$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));


		$css_tid = empty($theme['tid']) ? '' : "'". (int)$theme['tid'] ."',";
$query = $db->simple_select("themestylesheets", "stylesheet", "tid in ({$css_tid}'2','1') AND name = 'global.css'", array('order_by' => 'tid', 'order_dir' => 'DESC', 'limit' => 1));

		$css = $db->fetch_field($query, "stylesheet");
}


		$css = $db->fetch_field($query, "stylesheet");
}


Zeile 2086Zeile 2103

if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{


if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{

		$mybb->input['fid'] = 1;

		$mybb->input['fid'] = 0;

	}


	}


	$folder = $mybb->input['fid'];
$foldername = $foldernames[$folder];


	$fid = (int)$mybb->input['fid'];
$folder = !$fid ? 1 : $fid;
$foldername = $foldernames[$fid];


if($folder == 2 || $folder == 3)
{ // Sent Items Folder


if($folder == 2 || $folder == 3)
{ // Sent Items Folder

Zeile 2141Zeile 2159
	eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");

// Do Multi Pages

	eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");

// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");







	$selective = "";
if($fid == 1)
{
$selective = " AND status='0'";
}

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'$selective");

	$pmscount = $db->fetch_field($query, "total");

if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	$pmscount = $db->fetch_field($query, "total");

if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

Zeile 2179Zeile 2203

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))
{


if($mybb->input['order'] || ($sortby && $sortby != "dateline"))
{

		$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$sortordernow}";

		$page_url = "private.php?fid={$fid}&sortby={$sortby}&order={$sortordernow}";

	}
else
{

	}
else
{

		$page_url = "private.php?fid={$folder}";

		$page_url = "private.php?fid={$fid}";

	}

$multipage = multipage($pmscount, $perpage, $page, $page_url);

	}

$multipage = multipage($pmscount, $perpage, $page, $page_url);

	$messagelist = '';

	$selective = $messagelist = '';


$icon_cache = $cache->read("posticons");



$icon_cache = $cache->read("posticons");


Zeile 2195Zeile 2219
	if($folder == 2 || $folder == 3)
{
if($sortfield == "username")

	if($folder == 2 || $folder == 3)
{
if($sortfield == "username")

		{

		{

			$u = "u.";
}
else

			$u = "u.";
}
else

		{

		{

			$u = "pm.";
}

			$u = "pm.";
}





		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->query("

		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->query("

Zeile 2216Zeile 2240
		while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

		while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

			if(is_array($recipients['to']) && count($recipients['to']))

			if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

			{
$get_users = array_merge($get_users, $recipients['to']);

			{
$get_users = array_merge($get_users, $recipients['to']);

			}


			}


			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

			{

			{

				$get_users = array_merge($get_users, $recipients['bcc']);

				$get_users = array_merge($get_users, $recipients['bcc']);

			}
}

			}
}


$get_users = implode(',', array_unique($get_users));

// Grab info
if($get_users)


$get_users = implode(',', array_unique($get_users));

// Grab info
if($get_users)

		{

		{

			$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;
}

			$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;
}

		}
}

		}
}


if($folder == 2 || $folder == 3)


if($folder == 2 || $folder == 3)

	{

	{

		if($sortfield == "username")

		if($sortfield == "username")

		{

		{

			$pm = "tu.";

			$pm = "tu.";

		}
else
{
$pm = "pm.";
}
}
else
{






		}
else
{
$pm = "pm.";
}
}
else
{
if($fid == 1)
{
$selective = " AND pm.status='0'";
}


		if($sortfield == "username")
{
$pm = "fu.";

		if($sortfield == "username")
{
$pm = "fu.";

Zeile 2268Zeile 2297
		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'{$selective}

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");

if($db->num_rows($query) > 0)
{

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");

if($db->num_rows($query) > 0)
{

 
		$bgcolor = alt_trow(true);

		while($message = $db->fetch_array($query))
{
$msgalt = $msgstatus = '';

		while($message = $db->fetch_array($query))
{
$msgalt = $msgstatus = '';

Zeile 2286Zeile 2316
				$msgalt = $lang->new_pm;
}
else if($message['status'] == 1)

				$msgalt = $lang->new_pm;
}
else if($message['status'] == 1)

			{

			{

				$msgstatus = 'old_pm';
$msgalt = $lang->old_pm;

				$msgstatus = 'old_pm';
$msgalt = $lang->old_pm;

			}

			}

			else if($message['status'] == 3)
{
$msgstatus = 're_pm';

			else if($message['status'] == 3)
{
$msgstatus = 're_pm';

Zeile 2310Zeile 2340
				{
foreach($recipients['to'] as $uid)
{

				{
foreach($recipients['to'] as $uid)
{

 
						if(!isset($cached_users[$uid]))
{
continue;
}

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

Zeile 2325Zeile 2359
						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

 
							if(!isset($cached_users[$uid]))
{
continue;
}

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

Zeile 2383Zeile 2421
				$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
eval("\$icon = \"".$templates->get("private_messagebit_icon")."\";");

				$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
eval("\$icon = \"".$templates->get("private_messagebit_icon")."\";");

			}

			}

			else
{
$icon = '&#009;';

			else
{
$icon = '&#009;';

Zeile 2407Zeile 2445
			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

 
			$bgcolor = alt_trow();

		}
}
else

		}
}
else

Zeile 2449Zeile 2488
			{
$spaceused_severity = "high";
}

			{
$spaceused_severity = "high";
}

			



			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{

			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{