Vergleich inc/datahandlers/pm.php - 1.8.15 - 1.8.38

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 101Zeile 101
			$this->set_error("missing_message");
return false;
}

			$this->set_error("missing_message");
return false;
}

 

// If the length of message is beyond SQL limitation for 'text' field
else if(strlen($message) > 65535)
{
$this->set_error("message_too_long", array('65535', strlen($message)));
return false;
}


		return true;
}


		return true;
}


Zeile 117Zeile 125

// Return if we've already validated
if(!empty($pm['sender']))


// Return if we've already validated
if(!empty($pm['sender']))

		{











		{
return true;
}

if($pm['fromid'] <= 0)
{
$pm['sender'] = array(
"uid" => 0,
"username" => ''
);


			return true;
}

			return true;
}





		// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

// Collect user permissions for the sender.
$sender_permissions = user_permissions($pm['fromid']);

		// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

// Collect user permissions for the sender.
$sender_permissions = user_permissions($pm['fromid']);





		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

Zeile 163Zeile 181
		if(array_key_exists("to", $pm))
{
foreach(array("to", "bcc") as $recipient_type)

		if(array_key_exists("to", $pm))
{
foreach(array("to", "bcc") as $recipient_type)

			{
if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

			{
if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

				{
$pm[$recipient_type] = array($pm[$recipient_type]);
}

$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);

				{
$pm[$recipient_type] = array($pm[$recipient_type]);
}

$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);

				$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))

				$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))

				{

				{

					if($recipient_type == 'to' && !$pm['saveasdraft'])

					if($recipient_type == 'to' && empty($pm['saveasdraft']))

					{
$this->set_error("no_recipients");
return false;
}
continue;

					{
$this->set_error("no_recipients");
return false;
}
continue;

				}


				}


				$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";

				$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";





				$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');

				$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');





				$validUsernames = array();

while($user = $db->fetch_array($query))

				$validUsernames = array();

while($user = $db->fetch_array($query))

				{

				{

					if($recipient_type == "bcc")
{
$user['bcc'] = 1;

					if($recipient_type == "bcc")
{
$user['bcc'] = 1;

Zeile 203Zeile 221

$recipients[] = $user;
$validUsernames[] = $user['username'];


$recipients[] = $user;
$validUsernames[] = $user['username'];

				}

				}


foreach($pm[$recipient_type] as $username)
{


foreach($pm[$recipient_type] as $username)
{

Zeile 220Zeile 238
			foreach(array("toid", "bccid") as $recipient_type)
{
if(!isset($pm[$recipient_type]))

			foreach(array("toid", "bccid") as $recipient_type)
{
if(!isset($pm[$recipient_type]))

				{

				{

					$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

					$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

Zeile 237Zeile 255
					{
$this->set_error("no_recipients");
return false;

					{
$this->set_error("no_recipients");
return false;

					}

					}

					continue;
}


					continue;
}


Zeile 248Zeile 266
				$validUids = array();

while($user = $db->fetch_array($query))

				$validUids = array();

while($user = $db->fetch_array($query))

				{

				{

					if($recipient_type == "bccid")
{
$user['bcc'] = 1;

					if($recipient_type == "bccid")
{
$user['bcc'] = 1;

					}


					}


					$recipients[] = $user;
$validUids[] = $user['uid'];
}

					$recipients[] = $user;
$validUids[] = $user['uid'];
}

Zeile 276Zeile 294
			return false;
}


			return false;
}


		$sender_permissions = user_permissions($pm['fromid']);

// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)

		if($pm['fromid'] > 0)




		{

		{

			$this->set_error("too_many_recipients", array($sender_permissions['maxpmrecipients']));







			$sender_permissions = user_permissions($pm['fromid']);

// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)
{
$this->set_error("too_many_recipients", array($sender_permissions['maxpmrecipients']));
}

		}

// Now we're done with that we loop through each recipient

		}

// Now we're done with that we loop through each recipient

 
		$pm['recipients'] = array();

		foreach($recipients as $user)
{
// Collect group permissions for this recipient.

		foreach($recipients as $user)
{
// Collect group permissions for this recipient.

Zeile 293Zeile 315
			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			if($this->admin_override != true && $sender_permissions['canoverridepm'] != 1)

			if($this->admin_override != true && empty($sender_permissions['canoverridepm']))

			{
if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{

			{
if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{

Zeile 301Zeile 323
				}

// Is the recipient only allowing private messages from their buddy list?

				}

// Is the recipient only allowing private messages from their buddy list?

				if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1 && !empty($user['buddylist']) && strpos(','.$user['buddylist'].',', ','.$pm['fromid'].',') === false)

				if(empty($pm['saveasdraft']) && $mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1 && !empty($user['buddylist']) && strpos(','.$user['buddylist'].',', ','.$pm['fromid'].',') === false)

				{
$this->set_error('recipient_has_buddy_only', array(htmlspecialchars_uni($user['username'])));
}

				{
$this->set_error('recipient_has_buddy_only', array(htmlspecialchars_uni($user['username'])));
}

Zeile 315Zeile 337
			}

// Check to see if the user has reached their private message quota - if they have, email them.

			}

// Check to see if the user has reached their private message quota - if they have, email them.

			if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)

			if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && empty($sender_permissions['cancp']) && empty($pm['saveasdraft']) && !$this->admin_override)

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))
{

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))
{

Zeile 378Zeile 400
			if(isset($user['bcc']) && $user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			if(isset($user['bcc']) && $user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			}
}

			}
}

		return true;
}


		return true;
}


Zeile 395Zeile 417
		$pm = &$this->data;

// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		$pm = &$this->data;

// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] > 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

Zeile 423Zeile 445
		// All is well that ends well - return true.
return true;
}

		// All is well that ends well - return true.
return true;
}





	/**
* Verifies if the various 'options' for sending PMs are valid.
*

	/**
* Verifies if the various 'options' for sending PMs are valid.
*

Zeile 447Zeile 469
			$options['readreceipt'] = 0;
}
return true;

			$options['readreceipt'] = 0;
}
return true;

	}


	}


	/**
* Validate an entire private message.
*

	/**
* Validate an entire private message.
*

Zeile 535Zeile 557

$uid = 0;



$uid = 0;


		if(!is_array($pm['recipients']))



		// Build recipient list
$recipient_list = array();
if(isset($pm['recipients']) && is_array($pm['recipients']))

		{

		{

			$recipient_list = array();
}
else
{
// Build recipient list

 
			foreach($pm['recipients'] as $recipient)
{
if(!empty($recipient['bcc']))
{
$recipient_list['bcc'][] = $recipient['uid'];

			foreach($pm['recipients'] as $recipient)
{
if(!empty($recipient['bcc']))
{
$recipient_list['bcc'][] = $recipient['uid'];

				}

				}

				else
{
$recipient_list['to'][] = $recipient['uid'];
$uid = $recipient['uid'];
}

				else
{
$recipient_list['to'][] = $recipient['uid'];
$uid = $recipient['uid'];
}

			}

			}

		}

$this->pm_insert_data = array(

		}

$this->pm_insert_data = array(

Zeile 575Zeile 594
		// Check if we're updating a draft or not.
$query = $db->simple_select("privatemessages", "pmid, deletetime", "folder='3' AND uid='".(int)$pm['sender']['uid']."' AND pmid='{$pm['pmid']}'");
$draftcheck = $db->fetch_array($query);

		// Check if we're updating a draft or not.
$query = $db->simple_select("privatemessages", "pmid, deletetime", "folder='3' AND uid='".(int)$pm['sender']['uid']."' AND pmid='{$pm['pmid']}'");
$draftcheck = $db->fetch_array($query);





		// This PM was previously a draft

		// This PM was previously a draft

		if($draftcheck['pmid'])

		if($draftcheck)

		{
if($draftcheck['deletetime'])
{

		{
if($draftcheck['deletetime'])
{

Zeile 588Zeile 607

// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");


// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");

		}

		}


// Saving this message as a draft
if(!empty($pm['saveasdraft']))


// Saving this message as a draft
if(!empty($pm['saveasdraft']))

Zeile 597Zeile 616

// If this is a reply, then piggyback into the deletetime to let us know in the future
if($pm['do'] == "reply" || $pm['do'] == "replyall")


// If this is a reply, then piggyback into the deletetime to let us know in the future
if($pm['do'] == "reply" || $pm['do'] == "replyall")

			{

			{

				$this->pm_insert_data['deletetime'] = $pm['pmid'];
}


				$this->pm_insert_data['deletetime'] = $pm['pmid'];
}


Zeile 614Zeile 633
		}

$this->pmid = array();

		}

$this->pmid = array();





		// Save a copy of the PM for each of our recipients
foreach($pm['recipients'] as $recipient)
{
// Send email notification of new PM if it is enabled for the recipient
$query = $db->simple_select("privatemessages", "dateline", "uid='".$recipient['uid']."' AND folder='1'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$lastpm = $db->fetch_array($query);

		// Save a copy of the PM for each of our recipients
foreach($pm['recipients'] as $recipient)
{
// Send email notification of new PM if it is enabled for the recipient
$query = $db->simple_select("privatemessages", "dateline", "uid='".$recipient['uid']."' AND folder='1'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$lastpm = $db->fetch_array($query);

			if($recipient['pmnotify'] == 1 && $recipient['lastactive'] > $lastpm['dateline'])

			if($recipient['pmnotify'] == 1 && (empty($lastpm['dateline']) || $recipient['lastactive'] > $lastpm['dateline']))

			{
if($recipient['language'] != "" && $lang->language_exists($recipient['language']))
{

			{
if($recipient['language'] != "" && $lang->language_exists($recipient['language']))
{

Zeile 630Zeile 649
				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				}
else

				}
else

				{
$uselang = "english";
}

				{
$uselang = "english";
}

Zeile 648Zeile 667
					$userlang->load("messages");
$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;

					$userlang->load("messages");
$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;

				}


				}


				if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}

				if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}





				require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;

				require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;

			



				$parser_options = array(
'me_username' => $pm['sender']['username'],
'filter_badwords' => 1

				$parser_options = array(
'me_username' => $pm['sender']['username'],
'filter_badwords' => 1

Zeile 727Zeile 746
		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

			if(isset($recipient_list['to']) && count($recipient_list['to']) == 1)

			if(isset($recipient_list['to']) && is_array($recipient_list['to']) && count($recipient_list['to']) == 1)

			{
$this->pm_insert_data['toid'] = $uid;
}

			{
$this->pm_insert_data['toid'] = $uid;
}