Vergleich private.php - 1.8.11 - 1.8.38

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 42	Zeile 42
error_no_permission(); }	error_no_permission(); }
if(!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = "1$%%$2$%%$3$%%$4"; $sql_array = array( "pmfolders" => $mybb->user['pmfolders'] ); $db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']); } $mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT); $folder_id = $folder_name = '';	$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT); $folder_id = $folder_name = $folderjump_folder = $folderoplist_folder = $foldersearch_folder ='';
$foldernames = array(); $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders)	$foldernames = array(); $foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders)
Zeile 64	Zeile 54
if($mybb->input['fid'] == $folderinfo[0]) { $sel = ' selected="selected"';	if($mybb->input['fid'] == $folderinfo[0]) { $sel = ' selected="selected"';
}	}
else { $sel = '';	else { $sel = '';
Zeile 76	Zeile 66
$folder_name = $folderinfo[1]; eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");	$folder_name = $folderinfo[1]; eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";"); eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");	// Manipulate search folder selection & move selector to omit "Unread" if($folder_id != 1) { if($folder_id == 0) { $folder_id = 1; } eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";"); eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";"); }
}	}
	$from_fid = $mybb->input['fid'];
eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";"); eval("\$folderoplist = \"".$templates->get("private_move")."\";"); eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";"); usercp_menu();	eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";"); eval("\$folderoplist = \"".$templates->get("private_move")."\";"); eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";"); usercp_menu();

$plugins->run_hooks("private_start"); // Make navigation	$plugins->run_hooks("private_start"); // Make navigation
Zeile 93	Zeile 94
$mybb->input['action'] = $mybb->get_input('action'); switch($mybb->input['action'])	$mybb->input['action'] = $mybb->get_input('action'); switch($mybb->input['action'])
{	{
case "send": add_breadcrumb($lang->nav_send); break;	case "send": add_breadcrumb($lang->nav_send); break;
Zeile 102	Zeile 103
break; case "folders": add_breadcrumb($lang->nav_folders);	break; case "folders": add_breadcrumb($lang->nav_folders);
break;	break;
case "empty": add_breadcrumb($lang->nav_empty); break;	case "empty": add_breadcrumb($lang->nav_empty); break;
Zeile 111	Zeile 112
break; case "advanced_search": add_breadcrumb($lang->nav_search);	break; case "advanced_search": add_breadcrumb($lang->nav_search);
break;	break;
case "results": add_breadcrumb($lang->nav_results); break;	case "results": add_breadcrumb($lang->nav_results); break;
}	}
if(!empty($mybb->input['preview'])) { $mybb->input['action'] = "send";	if(!empty($mybb->input['preview'])) { $mybb->input['action'] = "send";
}	}
if(($mybb->input['action'] == "do_search" \|\| $mybb->input['action'] == "do_stuff" && ($mybb->get_input('quick_search') \|\| !$mybb->get_input('hop') && !$mybb->get_input('moveto') && !$mybb->get_input('delete'))) && $mybb->request_method == "post") { $plugins->run_hooks("private_do_search_start");	if(($mybb->input['action'] == "do_search" \|\| $mybb->input['action'] == "do_stuff" && ($mybb->get_input('quick_search') \|\| !$mybb->get_input('hop') && !$mybb->get_input('moveto') && !$mybb->get_input('delete'))) && $mybb->request_method == "post") { $plugins->run_hooks("private_do_search_start");
Zeile 157	Zeile 158
$lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); } error($lang->error_searchflooding);	$lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); } error($lang->error_searchflooding);
}	}
} if($mybb->get_input('subject', MyBB::INPUT_INT) != 1 && $mybb->get_input('message', MyBB::INPUT_INT) != 1)	} if($mybb->get_input('subject', MyBB::INPUT_INT) != 1 && $mybb->get_input('message', MyBB::INPUT_INT) != 1)
Zeile 265	Zeile 266
else { $sortby = $query_sortby = "dateline";	else { $sortby = $query_sortby = "dateline";
}	}
if($order != "asc") { $order = "desc"; } if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	if($order != "asc") { $order = "desc"; } if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
{	{
$mybb->settings['threadsperpage'] = 20; }	$mybb->settings['threadsperpage'] = 20; }
	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")"); $pmscount = $db->fetch_field($query, "total");
// Work out pagination, which page we're at, as well as the limits. $perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0)	// Work out pagination, which page we're at, as well as the limits. $perpage = $mybb->settings['threadsperpage']; $page = $mybb->get_input('page', MyBB::INPUT_INT); if($page > 0)
{	{
$start = ($page-1) * $perpage;	$start = ($page-1) * $perpage;
	$pages = ceil($pmscount / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else	} else
{	{
$start = 0; $page = 1; }	$start = 0; $page = 1; }
Zeile 298	Zeile 308
if($search['keywords']) { $highlight = "&highlight=".urlencode($search['keywords']);	if($search['keywords']) { $highlight = "&highlight=".urlencode($search['keywords']);
}	}
// Do Multi Pages	// Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")"); $pmscount = $db->fetch_array($query);
if($upper > $pmscount) { $upper = $pmscount; }	if($upper > $pmscount) { $upper = $pmscount; }
$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby={$sortby}&order={$order}");	$multipage = multipage($pmscount, $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&sortby={$sortby}&order={$order}");
$messagelist = ''; $icon_cache = $cache->read("posticons");	$messagelist = ''; $icon_cache = $cache->read("posticons");
Zeile 320	Zeile 327
while($row = $db->fetch_array($users_query)) { $recipients = my_unserialize($row['recipients']);	while($row = $db->fetch_array($users_query)) { $recipients = my_unserialize($row['recipients']);
if(is_array($recipients['to']) && count($recipients['to'])) {	if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to'])) {
$get_users = array_merge($get_users, $recipients['to']); } if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))	$get_users = array_merge($get_users, $recipients['to']); } if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{	{
$get_users = array_merge($get_users, $recipients['bcc']);	$get_users = array_merge($get_users, $recipients['bcc']);
} }	} }
$get_users = implode(',', array_unique($get_users)); // Grab info	$get_users = implode(',', array_unique($get_users)); // Grab info
Zeile 340	Zeile 347
while($user = $db->fetch_array($users_query)) { $cached_users[$user['uid']] = $user;	while($user = $db->fetch_array($users_query)) { $cached_users[$user['uid']] = $user;
} }	} }
$query = $db->query(" SELECT pm.*, fu.username AS fromusername, tu.username as tousername FROM ".TABLE_PREFIX."privatemessages pm	$query = $db->query(" SELECT pm.*, fu.username AS fromusername, tu.username as tousername FROM ".TABLE_PREFIX."privatemessages pm
Zeile 386	Zeile 393
// Sent Items or Drafts Folder Check $recipients = my_unserialize($message['recipients']); $to_users = $bcc_users = '';	// Sent Items or Drafts Folder Check $recipients = my_unserialize($message['recipients']); $to_users = $bcc_users = '';
if(count($recipients['to']) > 1 \|\| (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))	if( isset($recipients['to']) && (count($recipients['to']) > 1 \|\| (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0)) )
{ foreach($recipients['to'] as $uid) {	{ foreach($recipients['to'] as $uid) {
Zeile 451	Zeile 461
if(!trim($message['subject'])) { $message['subject'] = $lang->pm_no_subject;	if(!trim($message['subject'])) { $message['subject'] = $lang->pm_no_subject;
} $message['subject'] = $parser->parse_badwords($message['subject']);	} $message['subject'] = $parser->parse_badwords($message['subject']);
if(my_strlen($message['subject']) > 50)	if(my_strlen($message['subject']) > 50)
{	{
$message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50)."...");	$message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50)."...");
}	}
else { $message['subject'] = htmlspecialchars_uni($message['subject']);	else { $message['subject'] = htmlspecialchars_uni($message['subject']);
}	}
if($message['folder'] != "3")	if($message['folder'] != "3")
{	{
$senddate = my_date('relative', $message['dateline']); } else	$senddate = my_date('relative', $message['dateline']); } else
Zeile 473	Zeile 483
$senddate = $lang->not_sent; }	$senddate = $lang->not_sent; }
$foldername = $foldernames[$message['folder']];	$fid = "0"; if((int)$message['folder'] > 1) { $fid = $message['folder']; } $foldername = $foldernames[$fid];
// What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array(	// What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array(
Zeile 537	Zeile 552
{ header("Location: index.php"); exit;	{ header("Location: index.php"); exit;
}	}
} $send_errors = '';	} $send_errors = '';

if($mybb->input['action'] == "do_send" && $mybb->request_method == "post") { if($mybb->usergroup['cansendpms'] == 0) { error_no_permission(); }	if($mybb->input['action'] == "do_send" && $mybb->request_method == "post") { if($mybb->usergroup['cansendpms'] == 0) { error_no_permission(); }

// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	// Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_send_do_send"); // Attempt to see if this PM is a duplicate or not $to = array_map("trim", explode(",", $mybb->get_input('to')));	$plugins->run_hooks("private_send_do_send"); // Attempt to see if this PM is a duplicate or not $to = array_map("trim", explode(",", $mybb->get_input('to')));
	$to = array_unique($to); // Filter out any duplicates
$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to))); $time_cutoff = TIME_NOW - (5 * 60 * 60); $query = $db->query("	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to))); $time_cutoff = TIME_NOW - (5 * 60 * 60); $query = $db->query("
Zeile 565	Zeile 581
WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3' LIMIT 0, 1 ");	WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3' LIMIT 0, 1 ");
$duplicate_check = $db->fetch_field($query, "pmid"); if($duplicate_check)	if($db->num_rows($query) > 0)
{ error($lang->error_pm_already_submitted); }	{ error($lang->error_pm_already_submitted); }
Zeile 702	Zeile 717
{ $optionschecked['readreceipt'] = 'checked="checked"'; }	{ $optionschecked['readreceipt'] = 'checked="checked"'; }
$to = htmlspecialchars_uni($mybb->get_input('to')); $bcc = htmlspecialchars_uni($mybb->get_input('bcc'));	$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to')))))); $bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));
} $preview = '';	} $preview = '';
Zeile 922	Zeile 937
if($send_errors) {	if($send_errors) {
$to = htmlspecialchars_uni($mybb->get_input('to')); $bcc = htmlspecialchars_uni($mybb->get_input('bcc'));	$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to')))))); $bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));
} // Load the auto complete javascript if it is enabled.	} // Load the auto complete javascript if it is enabled.
Zeile 995	Zeile 1010
'namestyle' => 'namestyle' );	'namestyle' => 'namestyle' );
foreach($data_key as $field => $key)	if(isset($groupscache[$pm['usergroup']]))
{	{
$pm[$key] = $groupscache[$pm['usergroup']][$field];	foreach($data_key as $field => $key) { $pm[$key] = $groupscache[$pm['usergroup']][$field]; }
} if($pm['receipt'] == 1)	} if($pm['receipt'] == 1)
Zeile 1085	Zeile 1103
// Fetch the recipients for this message $pm['recipients'] = my_unserialize($pm['recipients']);	// Fetch the recipients for this message $pm['recipients'] = my_unserialize($pm['recipients']);
if(is_array($pm['recipients']['to']))	if(isset($pm['recipients']['to']) && is_array($pm['recipients']['to']))
{ $uid_sql = implode(',', $pm['recipients']['to']); }	{ $uid_sql = implode(',', $pm['recipients']['to']); }
Zeile 1125	Zeile 1143
$bcc = ''; if(count($bcc_recipients) > 0)	$bcc = ''; if(count($bcc_recipients) > 0)
{	{
$bcc_recipients = implode(', ', $bcc_recipients); $bcc_form_val = implode(',', $bcc_form_val); eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");	$bcc_recipients = implode(', ', $bcc_recipients); $bcc_form_val = implode(',', $bcc_form_val); eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");
}	}
else { $bcc_form_val = '';	else { $bcc_form_val = '';
Zeile 1142	Zeile 1160
} if(count($to_recipients) > 0)	} if(count($to_recipients) > 0)
{	{
$to_recipients = implode($lang->comma, $to_recipients); } else	$to_recipients = implode($lang->comma, $to_recipients); } else
Zeile 1151	Zeile 1169
} eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");	} eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

add_breadcrumb($pm['subject']); $message = build_postbit($pm, 2);	add_breadcrumb($pm['subject']); $message = build_postbit($pm, 2);
Zeile 1161	Zeile 1179
{ $trow = alt_trow();	{ $trow = alt_trow();
$optionschecked = array('savecopy' => 'checked="checked"');	$optionschecked = array('savecopy' => 'checked="checked"', 'signature' => '', 'disablesmilies' => '');
if(!empty($mybb->user['signature'])) { $optionschecked['signature'] = 'checked="checked"';	if(!empty($mybb->user['signature'])) { $optionschecked['signature'] = 'checked="checked"';
Zeile 1205	Zeile 1223
eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";"); }	eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";"); }
	$postoptionschecked = $optionschecked; // Backwards compatability instead of correcting variable used in template if(!isset($collapsedthead['quickreply'])) { $collapsedthead['quickreply'] = ''; } if(!isset($collapsedimg['quickreply'])) { $collapsedimg['quickreply'] = ''; } if(!isset($collapsed['quickreply_e'])) { $collapsed['quickreply_e'] = ''; } $expaltext = (in_array("quickreply", $collapse)) ? $lang->expcol_expand : $lang->expcol_collapse;
eval("\$quickreply = \"".$templates->get("private_quickreply")."\";"); }	eval("\$quickreply = \"".$templates->get("private_quickreply")."\";"); }
Zeile 1451	Zeile 1485
$fid = $folderinfo[0]; $foldername = get_pm_folder_name($fid, $foldername);	$fid = $folderinfo[0]; $foldername = get_pm_folder_name($fid, $foldername);
if($folderinfo[0] == "1" \|\| $folderinfo[0] == "2" \|\| $folderinfo[0] == "3" \|\| $folderinfo[0] == "4")	if((int)$folderinfo[0] < 5)
{ $foldername2 = get_pm_folder_name($fid); eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");	{ $foldername2 = get_pm_folder_name($fid); eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");
Zeile 1506	Zeile 1540
$fid = (int)$key; // Use default language strings if empty or value is language string	$fid = (int)$key; // Use default language strings if empty or value is language string
switch($fid) { case 1: if($val == $lang->folder_inbox \|\| trim($val) == '') { $val = ''; } break; case 2: if($val == $lang->folder_sent_items \|\| trim($val) == '') { $val = ''; } break; case 3: if($val == $lang->folder_drafts \|\| trim($val) == '') { $val = ''; } break; case 4: if($val == $lang->folder_trash \|\| trim($val) == '') { $val = ''; } break; } } if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))	if($val == get_pm_folder_name($fid) \|\| trim($val) == '') { $val = ''; } } if($val != '' && trim($val) == '' && !(is_numeric($key) && $key <= 4))
{ // If the name only contains whitespace and it's not a default folder, print an error error($lang->error_emptypmfoldername);	{ // If the name only contains whitespace and it's not a default folder, print an error error($lang->error_emptypmfoldername);
} if($val != '' \|\| ($key >= 1 && $key <= 4))	} if($val != '' \|\| (is_numeric($key) && $key <= 4))
{ // If there is a name or if this is a default folder, save it $foldername = $db->escape_string(htmlspecialchars_uni($val));	{ // If there is a name or if this is a default folder, save it $foldername = $db->escape_string(htmlspecialchars_uni($val));
Zeile 1572	Zeile 1583
); $db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");	); $db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");
// Update PM count update_pm_count();	// Update PM count update_pm_count();
$plugins->run_hooks("private_do_folders_end"); redirect("private.php", $lang->redirect_pmfoldersupdated);	$plugins->run_hooks("private_do_folders_end"); redirect("private.php", $lang->redirect_pmfoldersupdated);
}	}
if($mybb->input['action'] == "empty") { if($mybb->user['totalpms'] == 0)	if($mybb->input['action'] == "empty") { if($mybb->user['totalpms'] == 0)
{	{
error($lang->error_nopms);	error($lang->error_nopms);
} $plugins->run_hooks("private_empty_start");	} $plugins->run_hooks("private_empty_start");
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); $folderlist = ''; foreach($foldersexploded as $key => $folders) { $folderinfo = explode("**", $folders, 2);	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); $folderlist = ''; foreach($foldersexploded as $key => $folders) { $folderinfo = explode("**", $folders, 2);
	$unread = '';
$fid = $folderinfo[0];	$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $folderinfo[1]); $query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid' AND uid='".$mybb->user['uid']."'");	if($folderinfo[0] == "1") { $fid = "1"; $unread = " AND status='0'"; } if($folderinfo[0] == "0") { $fid = "1"; } $foldername = get_pm_folder_name($folderinfo[0], $folderinfo[1]); $query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid'$unread AND uid='".$mybb->user['uid']."'");
$thing = $db->fetch_array($query); $foldercount = my_number_format($thing['pmsinfolder']); eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";"); } $plugins->run_hooks("private_empty_end");	$thing = $db->fetch_array($query); $foldercount = my_number_format($thing['pmsinfolder']); eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";"); } $plugins->run_hooks("private_empty_end");

eval("\$folders = \"".$templates->get("private_empty")."\";"); output_page($folders); } if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")	eval("\$folders = \"".$templates->get("private_empty")."\";"); output_page($folders); } if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));	{ // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("private_do_empty_start");	$plugins->run_hooks("private_do_empty_start");
Zeile 1663	Zeile 1684
} elseif(!empty($mybb->input['moveto'])) {	} elseif(!empty($mybb->input['moveto'])) {
$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY); if(!empty($mybb->input['check']))	$pms = array_map('intval', array_keys($mybb->get_input('check', MyBB::INPUT_ARRAY))); if(!empty($pms))
{	{
foreach($mybb->input['check'] as $key => $val)	if(!$mybb->input['fid'])
{	{
$sql_array = array( "folder" => $mybb->input['fid'] ); $db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");	$mybb->input['fid'] = 1;
}	}
} // Update PM count update_pm_count();	if(array_key_exists($mybb->input['fid'], $foldernames)) { $db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'"); update_pm_count(); } else { error($lang->error_invalidmovefid); } }
if(!empty($mybb->input['fromfid'])) {	if(!empty($mybb->input['fromfid'])) {
Zeile 1684	Zeile 1710
else { redirect("private.php", $lang->redirect_pmsmoved);	else { redirect("private.php", $lang->redirect_pmsmoved);
} }	} }
elseif(!empty($mybb->input['delete'])) { $mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);	elseif(!empty($mybb->input['delete'])) { $mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
Zeile 1758	Zeile 1784
"deletetime" => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");	"deletetime" => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");
}	}
// Update PM count update_pm_count();	// Update PM count update_pm_count();
Zeile 1777	Zeile 1803
$plugins->run_hooks("private_export_start"); $foldersexploded = explode("$%%$", $mybb->user['pmfolders']);	$plugins->run_hooks("private_export_start"); $foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folder_name = $folder_id = '';	$folderlist_folder = '';
foreach($foldersexploded as $key => $folders) { $folderinfo = explode("**", $folders, 2);	foreach($foldersexploded as $key => $folders) { $folderinfo = explode("**", $folders, 2);
Zeile 1830	Zeile 1856
if($mybb->get_input('dayway') == "older") { $wsql .= "<=";	if($mybb->get_input('dayway') == "older") { $wsql .= "<=";
} else	} else
{ $wsql .= ">="; } $wsql .= "'$datecut'";	{ $wsql .= ">="; } $wsql .= "'$datecut'";
}	}
else { $wsql = "1=1";	else { $wsql = "1=1";
Zeile 1850	Zeile 1876
{ $val = $db->escape_string($val); if($val == "all")	{ $val = $db->escape_string($val); if($val == "all")
{	{
$folderlst = ''; break; }	$folderlst = ''; break; }
Zeile 1859	Zeile 1885
if(!$folderlst) { $folderlst = " AND pm.folder IN ('$val'";	if(!$folderlst) { $folderlst = " AND pm.folder IN ('$val'";
}	}
else { $folderlst .= ",'$val'";	else { $folderlst .= ",'$val'";
Zeile 1867	Zeile 1893
} } if($folderlst)	} } if($folderlst)
{ $folderlst .= ")";	{ $folderlst .= ")";
} $wsql .= "$folderlst"; } else	} $wsql .= "$folderlst"; } else
{	{
error($lang->error_pmnoarchivefolders); }	error($lang->error_pmnoarchivefolders); }
Zeile 1895	Zeile 1921
{ error($lang->error_nopmsarchive); }	{ error($lang->error_nopmsarchive); }

$mybb->input['exporttype'] = $mybb->get_input('exporttype'); $pmsdownload = $ids = '';	$mybb->input['exporttype'] = $mybb->get_input('exporttype'); $pmsdownload = $ids = '';
Zeile 1904	Zeile 1930
if($message['folder'] == 2 \|\| $message['folder'] == 3) { // Sent Items or Drafts Folder Check if($message['toid'])	if($message['folder'] == 2 \|\| $message['folder'] == 3) { // Sent Items or Drafts Folder Check if($message['toid'])
{	{
$tofromuid = $message['toid']; if($mybb->input['exporttype'] == "txt") { $tofromusername = $message['tousername'];	$tofromuid = $message['toid']; if($mybb->input['exporttype'] == "txt") { $tofromusername = $message['tousername'];
}	}
else { $tofromusername = build_profile_link($message['tousername'], $tofromuid); }	else { $tofromusername = build_profile_link($message['tousername'], $tofromuid); }
}	}
else { $tofromusername = $lang->not_sent;	else { $tofromusername = $lang->not_sent;
}	}
$tofrom = $lang->to; } else	$tofrom = $lang->to; } else
Zeile 1931	Zeile 1957
else { $tofromusername = build_profile_link($message['fromusername'], $tofromuid);	else { $tofromusername = build_profile_link($message['fromusername'], $tofromuid);
}	}
if($tofromuid == 0) { $tofromusername = $lang->mybb_engine;	if($tofromuid == 0) { $tofromusername = $lang->mybb_engine;
Zeile 1941	Zeile 1967
} if($tofromuid == 0)	} if($tofromuid == 0)
{	{
$message['fromusername'] = $lang->mybb_engine; } if(!$message['toid'] && $message['folder'] == 3)	$message['fromusername'] = $lang->mybb_engine; } if(!$message['toid'] && $message['folder'] == 3)
{	{
$message['tousername'] = $lang->not_sent; } $message['subject'] = $parser->parse_badwords($message['subject']); if($message['folder'] != "3") {	$message['tousername'] = $lang->not_sent; } $message['subject'] = $parser->parse_badwords($message['subject']); if($message['folder'] != "3") {
$senddate = my_date($mybb->settings['dateformat'], $message['dateline']); $sendtime = my_date($mybb->settings['timeformat'], $message['dateline']);	$senddate = my_date($mybb->settings['dateformat'], $message['dateline'], "", false); $sendtime = my_date($mybb->settings['timeformat'], $message['dateline'], "", false);
$senddate .= " $lang->at $sendtime"; } else { $senddate = $lang->not_sent;	$senddate .= " $lang->at $sendtime"; } else { $senddate = $lang->not_sent;
}	}
if($mybb->input['exporttype'] == "html") { $parser_options = array(	if($mybb->input['exporttype'] == "html") { $parser_options = array(
Zeile 1979	Zeile 2005
} if($mybb->input['exporttype'] == "txt" \|\| $mybb->input['exporttype'] == "csv")	} if($mybb->input['exporttype'] == "txt" \|\| $mybb->input['exporttype'] == "csv")
{	{
$message['message'] = str_replace("\r\n", "\n", $message['message']); $message['message'] = str_replace("\n", "\r\n", $message['message']); } if($mybb->input['exporttype'] == "csv") {	$message['message'] = str_replace("\r\n", "\n", $message['message']); $message['message'] = str_replace("\n", "\r\n", $message['message']); } if($mybb->input['exporttype'] == "csv") {
$message['message'] = addslashes($message['message']); $message['subject'] = addslashes($message['subject']); $message['tousername'] = addslashes($message['tousername']); $message['fromusername'] = addslashes($message['fromusername']);	$message['message'] = my_escape_csv($message['message']); $message['subject'] = my_escape_csv($message['subject']); $message['tousername'] = my_escape_csv($message['tousername']); $message['fromusername'] = my_escape_csv($message['fromusername']);
} if(empty($donefolder[$message['folder']]))	} if(empty($donefolder[$message['folder']]))
Zeile 2011	Zeile 2037
} else {	} else {
$foldername = addslashes($folderinfo[1]);	$foldername = my_escape_csv($folderinfo[1]);
} $donefolder[$message['folder']] = 1; }	} $donefolder[$message['folder']] = 1; }
Zeile 2020	Zeile 2046
eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";"); $ids .= ",'{$message['pmid']}'";	eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";"); $ids .= ",'{$message['pmid']}'";
}	}
if($mybb->input['exporttype'] == "html") { // Gather global stylesheet for HTML	if($mybb->input['exporttype'] == "html") { // Gather global stylesheet for HTML
$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));	$css_tid = empty($theme['tid']) ? '' : "'". (int)$theme['tid'] ."',"; $query = $db->simple_select("themestylesheets", "stylesheet", "tid in ({$css_tid}'2','1') AND name = 'global.css'", array('order_by' => 'tid', 'order_dir' => 'DESC', 'limit' => 1));
$css = $db->fetch_field($query, "stylesheet"); }	$css = $db->fetch_field($query, "stylesheet"); }
Zeile 2040	Zeile 2067
} if($mybb->input['exporttype'] == "html")	} if($mybb->input['exporttype'] == "html")
{	{
$filename = "pm-archive.html"; $contenttype = "text/html"; } elseif($mybb->input['exporttype'] == "csv")	$filename = "pm-archive.html"; $contenttype = "text/html"; } elseif($mybb->input['exporttype'] == "csv")
{	{
$filename = "pm-archive.csv"; $contenttype = "application/octet-stream"; }	$filename = "pm-archive.csv"; $contenttype = "application/octet-stream"; }
Zeile 2058	Zeile 2085
$archived = str_replace("\\\'","'",$archived); header("Content-disposition: filename=$filename"); header("Content-type: ".$contenttype);	$archived = str_replace("\\\'","'",$archived); header("Content-disposition: filename=$filename"); header("Content-type: ".$contenttype);

if($mybb->input['exporttype'] == "html") { output_page($archived);	if($mybb->input['exporttype'] == "html") { output_page($archived);
Zeile 2076	Zeile 2103
if(!$mybb->input['fid'] \|\| !array_key_exists($mybb->input['fid'], $foldernames)) {	if(!$mybb->input['fid'] \|\| !array_key_exists($mybb->input['fid'], $foldernames)) {
$mybb->input['fid'] = 1;	$mybb->input['fid'] = 0;
}	}
$folder = $mybb->input['fid']; $foldername = $foldernames[$folder];	$fid = (int)$mybb->input['fid']; $folder = !$fid ? 1 : $fid; $foldername = $foldernames[$fid];
if($folder == 2 \|\| $folder == 3) { // Sent Items Folder	if($folder == 2 \|\| $folder == 3) { // Sent Items Folder
Zeile 2131	Zeile 2159
eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";"); // Do Multi Pages	eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";"); // Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'"); $pmscount = $db->fetch_array($query);	$selective = ""; if($fid == 1) { $selective = " AND status='0'"; } $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'$selective"); $pmscount = $db->fetch_field($query, "total");
if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)	if(!$mybb->settings['threadsperpage'] \|\| (int)$mybb->settings['threadsperpage'] < 1)
{	{
$mybb->settings['threadsperpage'] = 20; }	$mybb->settings['threadsperpage'] = 20; }
Zeile 2145	Zeile 2179
if($page > 0) { $start = ($page-1) *$perpage;	if($page > 0) { $start = ($page-1) *$perpage;
	$pages = ceil($pmscount / $perpage); if($page > $pages) { $start = 0; $page = 1; }
} else {	} else {
Zeile 2159	Zeile 2199
if($upper > $pmscount) { $upper = $pmscount;	if($upper > $pmscount) { $upper = $pmscount;
}	}
if($mybb->input['order'] \|\| ($sortby && $sortby != "dateline")) {	if($mybb->input['order'] \|\| ($sortby && $sortby != "dateline")) {
$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$sortordernow}";	$page_url = "private.php?fid={$fid}&sortby={$sortby}&order={$sortordernow}";
} else {	} else {
$page_url = "private.php?fid={$folder}";	$page_url = "private.php?fid={$fid}";
}	}
$multipage = multipage($pmscount['total'], $perpage, $page, $page_url); $messagelist = '';	$multipage = multipage($pmscount, $perpage, $page, $page_url); $selective = $messagelist = '';
$icon_cache = $cache->read("posticons");	$icon_cache = $cache->read("posticons");
Zeile 2200	Zeile 2240
while($row = $db->fetch_array($users_query)) { $recipients = my_unserialize($row['recipients']);	while($row = $db->fetch_array($users_query)) { $recipients = my_unserialize($row['recipients']);
if(is_array($recipients['to']) && count($recipients['to']))	if(isset($recipients['to']) && is_array($recipients['to']) && count($recipients['to']))
{ $get_users = array_merge($get_users, $recipients['to']); }	{ $get_users = array_merge($get_users, $recipients['to']); }
Zeile 2208	Zeile 2248
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc'])) { $get_users = array_merge($get_users, $recipients['bcc']);	if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc'])) { $get_users = array_merge($get_users, $recipients['bcc']);
} } $get_users = implode(',', array_unique($get_users));	} } $get_users = implode(',', array_unique($get_users));
// Grab info if($get_users)	// Grab info if($get_users)
{	{
$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})"); while($user = $db->fetch_array($users_query)) { $cached_users[$user['uid']] = $user; }	$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})"); while($user = $db->fetch_array($users_query)) { $cached_users[$user['uid']] = $user; }
}	}
} if($folder == 2 \|\| $folder == 3) { if($sortfield == "username")	} if($folder == 2 \|\| $folder == 3) { if($sortfield == "username")
{	{
$pm = "tu."; } else { $pm = "pm.";	$pm = "tu."; } else { $pm = "pm.";
}	}
} else {	} else {
	if($fid == 1) { $selective = " AND pm.status='0'"; }
if($sortfield == "username") { $pm = "fu.";	if($sortfield == "username") { $pm = "fu.";
Zeile 2252	Zeile 2297
FROM ".TABLE_PREFIX."privatemessages pm LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid) LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)	FROM ".TABLE_PREFIX."privatemessages pm LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid) LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)
WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'	WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'{$selective}
ORDER BY {$pm}{$sortfield} {$sortordernow} LIMIT $start, $perpage "); if($db->num_rows($query) > 0) {	ORDER BY {$pm}{$sortfield} {$sortordernow} LIMIT $start, $perpage "); if($db->num_rows($query) > 0) {
	$bgcolor = alt_trow(true);
while($message = $db->fetch_array($query)) { $msgalt = $msgstatus = '';	while($message = $db->fetch_array($query)) { $msgalt = $msgstatus = '';
Zeile 2290	Zeile 2336
{ // Sent Items or Drafts Folder Check $recipients = my_unserialize($message['recipients']); $to_users = $bcc_users = '';	{ // Sent Items or Drafts Folder Check $recipients = my_unserialize($message['recipients']); $to_users = $bcc_users = '';
if(count($recipients['to']) > 1 \|\| (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))	if(isset($recipients['to']) && count($recipients['to']) > 1 \|\| (isset($recipients['to']) && count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))
{ foreach($recipients['to'] as $uid) {	{ foreach($recipients['to'] as $uid) {
	if(!isset($cached_users[$uid])) { continue; }
$profilelink = get_profile_link($uid); $user = $cached_users[$uid]; $user['username'] = htmlspecialchars_uni($user['username']); $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); if(!$user['username'])	$profilelink = get_profile_link($uid); $user = $cached_users[$uid]; $user['username'] = htmlspecialchars_uni($user['username']); $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); if(!$user['username'])
{	{
$username = $lang->na; } eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");	$username = $lang->na; } eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
Zeile 2309	Zeile 2359
eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";"); foreach($recipients['bcc'] as $uid) {	eval("\$bcc_users = \"".$templates->get("private_multiple_recipients_bcc")."\";"); foreach($recipients['bcc'] as $uid) {
	if(!isset($cached_users[$uid])) { continue; }
$profilelink = get_profile_link($uid); $user = $cached_users[$uid]; $user['username'] = htmlspecialchars_uni($user['username']);	$profilelink = get_profile_link($uid); $user = $cached_users[$uid]; $user['username'] = htmlspecialchars_uni($user['username']);
Zeile 2358	Zeile 2412
else { $denyreceipt = '';	else { $denyreceipt = '';
}	}
if($message['icon'] > 0 && $icon_cache[$message['icon']]) { $icon = $icon_cache[$message['icon']];	if($message['icon'] > 0 && $icon_cache[$message['icon']]) { $icon = $icon_cache[$message['icon']];
Zeile 2391	Zeile 2445
$plugins->run_hooks("private_message"); eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");	$plugins->run_hooks("private_message"); eval("\$messagelist .= \"".$templates->get("private_messagebit")."\";");
	$bgcolor = alt_trow();
} } else	} } else
Zeile 2399	Zeile 2454
} $pmspacebar = '';	} $pmspacebar = '';
if($mybb->usergroup['pmquota'] != '0' && $mybb->usergroup['cancp'] != 1)	if($mybb->usergroup['pmquota'] != 0)
{ $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'"); $pmscount = $db->fetch_array($query);	{ $query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'"); $pmscount = $db->fetch_array($query);
Zeile 2433	Zeile 2488
{ $spaceused_severity = "high"; }	{ $spaceused_severity = "high"; }

$overhalf = round($spaceused, 0)."%"; if((int)$overhalf > 100) {	$overhalf = round($spaceused, 0)."%"; if((int)$overhalf > 100) {
Zeile 2463	Zeile 2518
} $limitwarning = '';	} $limitwarning = '';
if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1)	if($mybb->usergroup['pmquota'] != 0 && $pmscount['total'] >= $mybb->usergroup['pmquota'])
{ eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";"); }	{ eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";"); }