Vergleich inc/datahandlers/pm.php - 1.8.28 - 1.8.38

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 126Zeile 126
		// Return if we've already validated
if(!empty($pm['sender']))
{

		// Return if we've already validated
if(!empty($pm['sender']))
{

 
			return true;
}

if($pm['fromid'] <= 0)
{
$pm['sender'] = array(
"uid" => 0,
"username" => ''
);


			return true;
}


			return true;
}


Zeile 134Zeile 144

// Collect user permissions for the sender.
$sender_permissions = user_permissions($pm['fromid']);


// Collect user permissions for the sender.
$sender_permissions = user_permissions($pm['fromid']);





		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

Zeile 152Zeile 162

return true;
}


return true;
}





	/**
* Verifies if an array of recipients for a private message are valid
*

	/**
* Verifies if an array of recipients for a private message are valid
*

Zeile 171Zeile 181
		if(array_key_exists("to", $pm))
{
foreach(array("to", "bcc") as $recipient_type)

		if(array_key_exists("to", $pm))
{
foreach(array("to", "bcc") as $recipient_type)

			{
if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
}


			{
if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
}


				$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);


				$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);


Zeile 193Zeile 203
						return false;
}
continue;

						return false;
}
continue;

				}

				}


$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";


$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";

Zeile 230Zeile 240
				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

				}
if(!is_array($pm[$recipient_type]))

				}
if(!is_array($pm[$recipient_type]))

				{
$pm[$recipient_type] = array($pm[$recipient_type]);
}

				{
$pm[$recipient_type] = array($pm[$recipient_type]);
}

Zeile 242Zeile 252
				if(empty($pm[$recipient_type]))
{
if($recipient_type == 'toid' && !$pm['saveasdraft'])

				if(empty($pm[$recipient_type]))
{
if($recipient_type == 'toid' && !$pm['saveasdraft'])

					{

					{

						$this->set_error("no_recipients");
return false;
}
continue;

						$this->set_error("no_recipients");
return false;
}
continue;

				}

$recipientUids = "'".implode("','", $pm[$recipient_type])."'";

				}

$recipientUids = "'".implode("','", $pm[$recipient_type])."'";


$query = $db->simple_select('users', '*', 'uid IN('.$recipientUids.')');



$query = $db->simple_select('users', '*', 'uid IN('.$recipientUids.')');


Zeile 260Zeile 270
					if($recipient_type == "bccid")
{
$user['bcc'] = 1;

					if($recipient_type == "bccid")
{
$user['bcc'] = 1;

					}


					}


					$recipients[] = $user;
$validUids[] = $user['uid'];
}

					$recipients[] = $user;
$validUids[] = $user['uid'];
}

Zeile 274Zeile 284
					}
}
}

					}
}
}

		}


		}


		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{
$invalid_recipients = implode($lang->comma, array_map("htmlspecialchars_uni", $invalid_recipients));
$this->set_error("invalid_recipients", array($invalid_recipients));

		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{
$invalid_recipients = implode($lang->comma, array_map("htmlspecialchars_uni", $invalid_recipients));
$this->set_error("invalid_recipients", array($invalid_recipients));

			return false;
}

$sender_permissions = user_permissions($pm['fromid']);

// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)

			return false;
}

if($pm['fromid'] > 0)




		{

		{

			$this->set_error("too_many_recipients", array($sender_permissions['maxpmrecipients']));







			$sender_permissions = user_permissions($pm['fromid']);

// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)
{
$this->set_error("too_many_recipients", array($sender_permissions['maxpmrecipients']));
}

		}

// Now we're done with that we loop through each recipient

		}

// Now we're done with that we loop through each recipient

 
		$pm['recipients'] = array();

		foreach($recipients as $user)
{
// Collect group permissions for this recipient.

		foreach($recipients as $user)
{
// Collect group permissions for this recipient.

Zeile 301Zeile 315
			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			if($this->admin_override != true && $sender_permissions['canoverridepm'] != 1)

			if($this->admin_override != true && empty($sender_permissions['canoverridepm']))

			{
if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{

			{
if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{

Zeile 323Zeile 337
			}

// Check to see if the user has reached their private message quota - if they have, email them.

			}

// Check to see if the user has reached their private message quota - if they have, email them.

			if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)

			if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && empty($sender_permissions['cancp']) && empty($pm['saveasdraft']) && !$this->admin_override)

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))
{

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))
{

Zeile 386Zeile 400
			if(isset($user['bcc']) && $user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			if(isset($user['bcc']) && $user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			}
}
return true;
}


			}
}
return true;
}


	/**
* Verify that the user is not flooding the system.
*
* @return boolean
*/
function verify_pm_flooding()

	/**
* Verify that the user is not flooding the system.
*
* @return boolean
*/
function verify_pm_flooding()

	{

	{

		global $mybb, $db;

$pm = &$this->data;

// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		global $mybb, $db;

$pm = &$this->data;

// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] > 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

Zeile 411Zeile 425
			// Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");

			// Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");





			// A little bit of calculation magic and moderator status checking.
if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'])
{

			// A little bit of calculation magic and moderator status checking.
if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'])
{

Zeile 443Zeile 457

$this->verify_yesno_option($options, 'signature', 1);
$this->verify_yesno_option($options, 'savecopy', 1);


$this->verify_yesno_option($options, 'signature', 1);
$this->verify_yesno_option($options, 'savecopy', 1);

		$this->verify_yesno_option($options, 'disablesmilies', 0);

		$this->verify_yesno_option($options, 'disablesmilies', 0);


// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
{
$options['readreceipt'] = 1;


// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
{
$options['readreceipt'] = 1;

		}
else

		}
else

		{
$options['readreceipt'] = 0;
}
return true;
}

		{
$options['readreceipt'] = 0;
}
return true;
}





	/**
* Validate an entire private message.
*

	/**
* Validate an entire private message.
*

Zeile 469Zeile 483
		$pm = &$this->data;

if(empty($pm['savedraft']))

		$pm = &$this->data;

if(empty($pm['savedraft']))

		{

		{

			$this->verify_pm_flooding();
}

// Verify all PM assets.
$this->verify_subject();

			$this->verify_pm_flooding();
}

// Verify all PM assets.
$this->verify_subject();





		$this->verify_sender();

$this->verify_recipient();

		$this->verify_sender();

$this->verify_recipient();

Zeile 488Zeile 502

// Choose the appropriate folder to save in.
if(!empty($pm['saveasdraft']))


// Choose the appropriate folder to save in.
if(!empty($pm['saveasdraft']))

		{

		{

			$pm['folder'] = 3;
}
else
{
$pm['folder'] = 1;

			$pm['folder'] = 3;
}
else
{
$pm['folder'] = 1;

		}

		}


// We are done validating, return.
$this->set_validated(true);


// We are done validating, return.
$this->set_validated(true);

Zeile 543Zeile 557

$uid = 0;



$uid = 0;


		if(!is_array($pm['recipients']))
{
$recipient_list = array();
}
else

		// Build recipient list
$recipient_list = array();
if(isset($pm['recipients']) && is_array($pm['recipients']))



		{

		{

			// Build recipient list

 
			foreach($pm['recipients'] as $recipient)
{
if(!empty($recipient['bcc']))

			foreach($pm['recipients'] as $recipient)
{
if(!empty($recipient['bcc']))

Zeile 585Zeile 596
		$draftcheck = $db->fetch_array($query);

// This PM was previously a draft

		$draftcheck = $db->fetch_array($query);

// This PM was previously a draft

		if(!empty($draftcheck['pmid']))

		if($draftcheck)

		{
if($draftcheck['deletetime'])
{

		{
if($draftcheck['deletetime'])
{