+* This file is part of the phpBB Forum Software package.

+*

+* @copyright (c) phpBB Limited <https://www.phpbb.com>

+* @license GNU General Public License, version 2 (GPL-2.0)

+*

+* For full copyright and license information, please see

+* the docs/CREDITS.txt file.

+ global $template, $db, $auth, $user, $cache;

+ global $request, $phpbb_dispatcher, $phpbb_container;

+ $address_list = $request->variable('address_list', array('' => array(0 => '')));

+ /**

+ * Alter sql query to get message for user to write the PM

+ *

+ * @event core.ucp_pm_compose_compose_pm_basic_info_query_before

+ * @var string sql String with the query to be executed

+ * @var array forum_list List of forums that contain the posts

+ * @var int visibility_const Integer with one of the possible ITEM_* constant values

+ * @var int msg_id topic_id in the page request

+ * @var int to_user_id The id of whom the message is to

+ * @var int to_group_id The id of the group whom the message is to

+ * @var bool submit Whether the user is sending the PM or not

+ * @var bool preview Whether the user is previewing the PM or not

+ * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies

+ * @var bool delete Whether the user is deleting the PM

+ * @var int reply_to_all Value of reply_to_all request variable.

+ * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string)

+ * @var string sort_order_sql String with the ORDER BY SQL code used in this query

+ * @since 3.1.0-RC5

+ */

+ $vars = array(

+ 'sql',

+ 'forum_list',

+ 'visibility_const',

+ 'msg_id',

+ 'to_user_id',

+ 'to_group_id',

+ 'submit',

+ 'preview',

+ 'action',

+ 'delete',

+ 'reply_to_all',

+ 'limit_time_sql',

+ 'sort_order_sql',

+ );

+ extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars)));

+

+ /**

+ * Get the result of querying for the post to be quoted in the pm message

+ *

+ * @event core.ucp_pm_compose_quotepost_query_after

+ * @var string sql The original SQL used in the query

+ * @var array post Associative array with the data of the quoted post

+ * @var array msg_id The post_id that was searched to get the message for quoting

+ * @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values)

+ * @var int topic_id Topic ID of the quoted post

+ * @var int to_user_id Users the message is sent to

+ * @var int to_group_id Groups the message is sent to

+ * @var bool submit Whether the user is sending the PM or not

+ * @var bool preview Whether the user is previewing the PM or not

+ * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies

+ * @var bool delete If deleting message

+ * @var int reply_to_all Value of reply_to_all request variable.

+ * @since 3.1.0-RC5

+ */

+ $vars = array(

+ 'sql',

+ 'post',

+ 'msg_id',

+ 'visibility_const',

+ 'topic_id',

+ 'to_user_id',

+ 'to_group_id',

+ 'submit',

+ 'preview',

+ 'action',

+ 'delete',

+ 'reply_to_all',

+ );

+ extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars)));

+

+ $plupload = $phpbb_container->get('plupload');

+ $message_parser->set_plupload($plupload);

+ $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize

+ $message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}{$user->lang['COLON']} {$message_subject}[/url]\n\n";

+ $message_link = $user->lang['SUBJECT'] . $user->lang['COLON'] . ' ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n";

+ $forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to']));

+ $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? $request->variable('draft_loaded', 0) : $draft_id) . '" />' : '';

+ 'L_MESSAGE_BODY_EXPLAIN' => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']),

+ 'S_ATTACH_DATA' => json_encode($message_parser->attachment_data),

+ if ($allowed)

+ {

+ $max_files = ($auth->acl_gets('a_', 'm_')) ? 0 : (int) $config['max_attachments_pm'];

+ $plupload->configure($cache, $template, $s_action, false, $max_files);

+ }

+

+ global $request;

+ if ($remove_u && $request->variable('remove_u', array(0 => '')))

+ $remove_user_id = array_keys($request->variable('remove_u', array(0 => '')));

+ if ($remove_g && $request->variable('remove_g', array(0 => '')))

+ $remove_group_id = array_keys($request->variable('remove_g', array(0 => '')));

+ $friend_list = array_keys($request->variable('add_' . $type, array(0)));

+ $can_ignore_allow_pm = $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_');

+

+ // Administrator deactivated users check and we need to check their

+ // PM status (do they want to receive PM's?)

+ // Only check PM status if not a moderator or admin, since they

+ // are allowed to override this user setting

+ $sql = 'SELECT user_id, user_allow_pm

+ FROM ' . USERS_TABLE . '

+ WHERE ' . $db->sql_in_set('user_id', array_keys($address_list['u'])) . '

+ AND (

+ (user_type = ' . USER_INACTIVE . '

+ AND user_inactive_reason = ' . INACTIVE_MANUAL . ')

+ ' . ($can_ignore_allow_pm ? '' : ' OR user_allow_pm = 0') . '

+ )';

+

+ $result = $db->sql_query($sql);

+

+ $removed_no_pm = $removed_no_permission = false;

+ while ($row = $db->sql_fetchrow($result))

+ if (!$can_ignore_allow_pm && !$row['user_allow_pm'])

+ {

+ $removed_no_pm = true;

+ }

+ else

+ {

+ $removed_no_permission = true;

+ }

+ unset($address_list['u'][$row['user_id']]);

+ }

+ $db->sql_freeresult($result);

+

+ // print a notice about users not being added who do not want to receive pms

+ if ($removed_no_pm)

+ {

+ $error[] = $user->lang['PM_USERS_REMOVED_NO_PM'];

+ }

+

+ // print a notice about users not being added who do not have permission to receive PMs

+ if ($removed_no_permission)

+ {

+ $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];

+ }

+

+ if (!sizeof(array_keys($address_list['u'])))

+ {

+ return;

+ }

+

+ // Check if users have permission to read PMs

+ $can_read = $auth->acl_get_list(array_keys($address_list['u']), 'u_readpm');

+ $can_read = (empty($can_read) || !isset($can_read[0]['u_readpm'])) ? array() : $can_read[0]['u_readpm'];

+ $cannot_read_list = array_diff(array_keys($address_list['u']), $can_read);

+ if (!empty($cannot_read_list))

+ {

+ foreach ($cannot_read_list as $cannot_read)

+ unset($address_list['u'][$cannot_read]);

+ $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];

+ }

+

+ // Check if users are banned

+ $banned_user_list = phpbb_get_banned_user_ids(array_keys($address_list['u']), false);

+ if (!empty($banned_user_list))

+ {

+ foreach ($banned_user_list as $banned_user)

+ unset($address_list['u'][$banned_user]);

+

+ $error[] = $user->lang['PM_USERS_REMOVED_NO_PERMISSION'];