Vergleich private.php - 1.8.25 - 1.8.37

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 44Zeile 44

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);



$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);


$folder_id = $folder_name = '';

$folder_id = $folder_name = $folderjump_folder = $folderoplist_folder = $foldersearch_folder ='';


$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);


$foldernames = array();
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

Zeile 327Zeile 327
	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

	while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

		if(is_array($recipients['to']) && count($recipients['to']))

		if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

		{
$get_users = array_merge($get_users, $recipients['to']);
}

		{
$get_users = array_merge($get_users, $recipients['to']);
}

Zeile 393Zeile 393
			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			// Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))




			if(
isset($recipients['to']) &&
(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))
)

			{
foreach($recipients['to'] as $uid)
{

			{
foreach($recipients['to'] as $uid)
{

Zeile 578Zeile 581
		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1
");

	$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

	if($db->num_rows($query) > 0)


	{
error($lang->error_pm_already_submitted);
}

	{
error($lang->error_pm_already_submitted);
}

Zeile 813Zeile 815
			if($pm['smilieoff'] == 1)
{
$optionschecked['disablesmilies'] = 'checked="checked"';

			if($pm['smilieoff'] == 1)
{
$optionschecked['disablesmilies'] = 'checked="checked"';

			}

			}

			if($pm['receipt'])
{
$optionschecked['readreceipt'] = 'checked="checked"';

			if($pm['receipt'])
{
$optionschecked['readreceipt'] = 'checked="checked"';

Zeile 1008Zeile 1010
		'namestyle' => 'namestyle'
);


		'namestyle' => 'namestyle'
);


	foreach($data_key as $field => $key)

	if(isset($groupscache[$pm['usergroup']]))

	{

	{

		$pm[$key] = $groupscache[$pm['usergroup']][$field];




		foreach($data_key as $field => $key)
{
$pm[$key] = $groupscache[$pm['usergroup']][$field];
}

	}

if($pm['receipt'] == 1)

	}

if($pm['receipt'] == 1)

Zeile 1098Zeile 1103
	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	// Fetch the recipients for this message
$pm['recipients'] = my_unserialize($pm['recipients']);


	if(is_array($pm['recipients']['to']))

	if(isset($pm['recipients']['to']) && is_array($pm['recipients']['to']))

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

	{
$uid_sql = implode(',', $pm['recipients']['to']);
}

Zeile 1174Zeile 1179
	{
$trow = alt_trow();


	{
$trow = alt_trow();


		$optionschecked = array('savecopy' => 'checked="checked"');

		$optionschecked = array('savecopy' => 'checked="checked"', 'signature' => '', 'disablesmilies' => '');

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

		if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

Zeile 1217Zeile 1222

eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}


eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}

		
$expaltext = (in_array("quickreply", $collapse)) ? "[+]" : "[-]";

















$postoptionschecked = $optionschecked; // Backwards compatability instead of correcting variable used in template

if(!isset($collapsedthead['quickreply']))
{
$collapsedthead['quickreply'] = '';
}
if(!isset($collapsedimg['quickreply']))
{
$collapsedimg['quickreply'] = '';
}
if(!isset($collapsed['quickreply_e']))
{
$collapsed['quickreply_e'] = '';
}

$expaltext = (in_array("quickreply", $collapse)) ? $lang->expcol_expand : $lang->expcol_collapse;

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");
}





	$plugins->run_hooks("private_read_end");

eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);
}

	$plugins->run_hooks("private_read_end");

eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);
}





if($mybb->input['action'] == "tracking")
{
if(!$mybb->usergroup['cantrackpms'])

if($mybb->input['action'] == "tracking")
{
if(!$mybb->usergroup['cantrackpms'])

Zeile 1260Zeile 1280
	}

if($page > $pages || $page <= 0)

	}

if($page > $pages || $page <= 0)

	{

	{

		$page = 1;
}


		$page = 1;
}


Zeile 1285Zeile 1305
		LIMIT {$start}, {$perpage}
");
while($readmessage = $db->fetch_array($query))

		LIMIT {$start}, {$perpage}
");
while($readmessage = $db->fetch_array($query))

	{

	{

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));
$readmessage['tousername'] = htmlspecialchars_uni($readmessage['tousername']);
$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));
$readmessage['tousername'] = htmlspecialchars_uni($readmessage['tousername']);
$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);

Zeile 1581Zeile 1601
	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$folderlist = $unread = '';

	$folderlist = '';

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);

 
		$unread = ''; 

		$fid = $folderinfo[0];
if($folderinfo[0] == "1")

		$fid = $folderinfo[0];
if($folderinfo[0] == "1")

		{
$fid = "1";

		{
$fid = "1";

			$unread = " AND status='0'";

			$unread = " AND status='0'";

		}

		}

		if($folderinfo[0] == "0")
{
$fid = "1";

		if($folderinfo[0] == "0")
{
$fid = "1";

Zeile 1600Zeile 1621
		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

	}

$plugins->run_hooks("private_empty_end");


	}

$plugins->run_hooks("private_empty_end");


	eval("\$folders = \"".$templates->get("private_empty")."\";");
output_page($folders);
}

	eval("\$folders = \"".$templates->get("private_empty")."\";");
output_page($folders);
}

Zeile 1667Zeile 1688
		if(!empty($pms))
{
if(!$mybb->input['fid'])

		if(!empty($pms))
{
if(!$mybb->input['fid'])

			{

			{

				$mybb->input['fid'] = 1;

				$mybb->input['fid'] = 1;

			}


			}


			if(array_key_exists($mybb->input['fid'], $foldernames))
{
$db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'");

			if(array_key_exists($mybb->input['fid'], $foldernames))
{
$db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'");

Zeile 1689Zeile 1710
		else
{
redirect("private.php", $lang->redirect_pmsmoved);

		else
{
redirect("private.php", $lang->redirect_pmsmoved);

		}

		}

	}
elseif(!empty($mybb->input['delete']))
{

	}
elseif(!empty($mybb->input['delete']))
{

Zeile 1732Zeile 1753
		}
// Update PM count
update_pm_count();

		}
// Update PM count
update_pm_count();





		if(!empty($mybb->input['fromfid']))
{
redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsdeleted);

		if(!empty($mybb->input['fromfid']))
{
redirect("private.php?fid=".$mybb->get_input('fromfid', MyBB::INPUT_INT), $lang->redirect_pmsdeleted);

Zeile 1743Zeile 1764
		}
}
}

		}
}
}





if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("private_delete_start");

$query = $db->simple_select("privatemessages", "*", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)

	$plugins->run_hooks("private_delete_start");

$query = $db->simple_select("privatemessages", "*", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)

	{

	{

		$db->delete_query("privatemessages", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."'");

		$db->delete_query("privatemessages", "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."'");

	}

	}

	else
{
$sql_array = array(

	else
{
$sql_array = array(

Zeile 1763Zeile 1784
			"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");

			"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");

	}


	}


	// Update PM count
update_pm_count();

	// Update PM count
update_pm_count();





	$plugins->run_hooks("private_delete_end");
redirect("private.php", $lang->redirect_pmsdeleted);
}

	$plugins->run_hooks("private_delete_end");
redirect("private.php", $lang->redirect_pmsdeleted);
}

Zeile 1777Zeile 1798
	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	}

$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folder_name = $folder_id = '';
foreach($foldersexploded as $key => $folders)
{

	}

$plugins->run_hooks("private_export_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folderlist_folder = '';
foreach($foldersexploded as $key => $folders)
{

		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);


		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);


Zeile 1841Zeile 1862
				$wsql .= ">=";
}
$wsql .= "'$datecut'";

				$wsql .= ">=";
}
$wsql .= "'$datecut'";

		}
else

		}
else

		{
$wsql = "1=1";
}

		{
$wsql = "1=1";
}

Zeile 1900Zeile 1921
	{
error($lang->error_nopmsarchive);
}

	{
error($lang->error_nopmsarchive);
}





	$mybb->input['exporttype'] = $mybb->get_input('exporttype');

$pmsdownload = $ids = '';

	$mybb->input['exporttype'] = $mybb->get_input('exporttype');

$pmsdownload = $ids = '';

Zeile 1987Zeile 2008
		{
$message['message'] = str_replace("\r\n", "\n", $message['message']);
$message['message'] = str_replace("\n", "\r\n", $message['message']);

		{
$message['message'] = str_replace("\r\n", "\n", $message['message']);
$message['message'] = str_replace("\n", "\r\n", $message['message']);

		}

		}


if($mybb->input['exporttype'] == "csv")
{


if($mybb->input['exporttype'] == "csv")
{

Zeile 2030Zeile 2051
	if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML

	if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML

		$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));


		$css_tid = empty($theme['tid']) ? '' : "'". (int)$theme['tid'] ."',";
$query = $db->simple_select("themestylesheets", "stylesheet", "tid in ({$css_tid}'2','1') AND name = 'global.css'", array('order_by' => 'tid', 'order_dir' => 'DESC', 'limit' => 1));

		$css = $db->fetch_field($query, "stylesheet");
}


		$css = $db->fetch_field($query, "stylesheet");
}


Zeile 2042Zeile 2064
		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

	}

if($mybb->input['exporttype'] == "html")
{

	}

if($mybb->input['exporttype'] == "html")
{

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

Zeile 2053Zeile 2075
	{
$filename = "pm-archive.csv";
$contenttype = "application/octet-stream";

	{
$filename = "pm-archive.csv";
$contenttype = "application/octet-stream";

	}

	}

	else
{
$filename = "pm-archive.txt";

	else
{
$filename = "pm-archive.txt";

Zeile 2067Zeile 2089
	if($mybb->input['exporttype'] == "html")
{
output_page($archived);

	if($mybb->input['exporttype'] == "html")
{
output_page($archived);

	}

	}

	else
{
echo "\xEF\xBB\xBF"; // UTF-8 BOM
echo $archived;
}
}

	else
{
echo "\xEF\xBB\xBF"; // UTF-8 BOM
echo $archived;
}
}





if(!$mybb->input['action'])
{
$plugins->run_hooks("private_inbox");

if(!$mybb->input['action'])
{
$plugins->run_hooks("private_inbox");

Zeile 2190Zeile 2212

$multipage = multipage($pmscount, $perpage, $page, $page_url);
$selective = $messagelist = '';


$multipage = multipage($pmscount, $perpage, $page, $page_url);
$selective = $messagelist = '';





	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

Zeile 2201Zeile 2223
			$u = "u.";
}
else

			$u = "u.";
}
else

		{

		{

			$u = "pm.";
}


			$u = "pm.";
}


Zeile 2218Zeile 2240
		while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

		while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);

			if(is_array($recipients['to']) && count($recipients['to']))

			if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))

			{
$get_users = array_merge($get_users, $recipients['to']);

			{
$get_users = array_merge($get_users, $recipients['to']);

			}


			}


			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))

			{

			{

				$get_users = array_merge($get_users, $recipients['bcc']);

				$get_users = array_merge($get_users, $recipients['bcc']);

			}
}

			}
}


$get_users = implode(',', array_unique($get_users));

// Grab info
if($get_users)


$get_users = implode(',', array_unique($get_users));

// Grab info
if($get_users)

		{

		{

			$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;
}

			$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;
}

		}
}

		}
}


if($folder == 2 || $folder == 3)
{
if($sortfield == "username")
{
$pm = "tu.";


if($folder == 2 || $folder == 3)
{
if($sortfield == "username")
{
$pm = "tu.";

		}
else
{
$pm = "pm.";
}
}

		}
else
{
$pm = "pm.";
}
}

	else
{
if($fid == 1)

	else
{
if($fid == 1)

		{

		{

			$selective = " AND pm.status='0'";
}

if($sortfield == "username")
{
$pm = "fu.";

			$selective = " AND pm.status='0'";
}

if($sortfield == "username")
{
$pm = "fu.";

		}

		}

		else
{
$pm = "pm.";

		else
{
$pm = "pm.";

Zeile 2281Zeile 2303
	");

if($db->num_rows($query) > 0)

	");

if($db->num_rows($query) > 0)

	{


	{
$bgcolor = alt_trow(true);

		while($message = $db->fetch_array($query))
{
$msgalt = $msgstatus = '';

		while($message = $db->fetch_array($query))
{
$msgalt = $msgstatus = '';

Zeile 2317Zeile 2340
				{
foreach($recipients['to'] as $uid)
{

				{
foreach($recipients['to'] as $uid)
{

 
						if(!isset($cached_users[$uid]))
{
continue;
}

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])

						{

						{

							$username = $lang->na;
}
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

							$username = $lang->na;
}
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

Zeile 2332Zeile 2359
						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

						eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";");
foreach($recipients['bcc'] as $uid)
{

 
							if(!isset($cached_users[$uid]))
{
continue;
}

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

							$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$user['username'] = htmlspecialchars_uni($user['username']);

Zeile 2397Zeile 2428
			}

if(!trim($message['subject']))

			}

if(!trim($message['subject']))

			{

			{

				$message['subject'] = $lang->pm_no_subject;
}


				$message['subject'] = $lang->pm_no_subject;
}


Zeile 2414Zeile 2445
			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

			$plugins->run_hooks("private_message");

eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");

 
			$bgcolor = alt_trow();

		}
}
else

		}
}
else

Zeile 2456Zeile 2488
			{
$spaceused_severity = "high";
}

			{
$spaceused_severity = "high";
}

			



			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{

			$overhalf = round($spaceused, 0)."%";
if((int)$overhalf > 100)
{