+// TODO for M-4:

+// * Handle delete flag (user deletes PM from outbox)

+ $folder_specified = request_var('folder', '');

+ if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox')))

+ {

+ $folder_specified = (int) $folder_specified;

+ }

+ else

+ {

+ $folder_specified = ($folder_specified == 'inbox') ? PRIVMSGS_INBOX : (($folder_specified == 'outbox') ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX);

+ }

+

+ if (!$folder_specified)

+ {

+ $mode = (!$mode) ? request_var('mode', 'view_messages') : $mode;

+ }

+ else

+ {

+ $mode = 'view_messages';

+ }

+

+ include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);

+

+ $tpl_file = 'ucp_pm_' . $mode . '.html';

+ switch ($mode)

+ {

+ // New private messages popup

+ case 'popup':

+

+ $l_new_message = '';

+ if ($user->data['user_id'] != ANONYMOUS)

+ {

+ if ($user->data['user_new_privmsg'])

+ {

+ $l_new_message = ($user->data['user_new_privmsg'] == 1 ) ? $user->lang['YOU_NEW_PM'] : $user->lang['YOU_NEW_PMS'];

+ }

+ else

+ {

+ $l_new_message = $user->lang['YOU_NO_NEW_PM'];

+ }

+

+ $l_new_message .= '<br /><br />' . sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . $phpbb_root_path . 'ucp.' . $phpEx . $SID . '&amp;i=pm&amp;folder=inbox" onclick="jump_to_inbox();return false;" target="_new">', '</a>');

+ }

+ else

+ {

+ $l_new_message = $user->lang['LOGIN_CHECK_PM'];

+ }

+

+ $template->assign_vars(array(

+ 'MESSAGE' => $l_new_message)

+ );

+

+ break;

+

+ // Compose message

+ case 'compose':

+ $action = request_var('action', 'post');

+

+ if (!$auth->acl_get('u_sendpm'))

+ {

+ trigger_error('NOT_AUTHORIZED');

+ }

+

+ include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.'.$phpEx);

+ compose_pm($id, $mode, $action);

+

+ $tpl_file = 'posting_body.html';

+ break;

+

+ case 'options':

+ include($phpbb_root_path . 'includes/ucp/ucp_pm_options.'.$phpEx);

+ message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions);

+ break;

+

+ case 'drafts':

+ include($phpbb_root_path . 'includes/ucp/ucp_main.'.$phpEx);

+ $module = new ucp_main($id, $mode);

+ unset($module);

+ exit;

+ break;

+

+ case 'unread':

+ case 'view_messages':

+ if ($folder_specified)

+ {

+ $folder_id = $folder_specified;

+ $action = 'view_folder';

+ }

+ else

+ {

+ $folder_id = request_var('f', PRIVMSGS_NO_BOX);

+ $action = request_var('action', 'view_folder');

+ }

+

+ $msg_id = request_var('p', 0);

+ $view = request_var('view', '');

+

+ if ($msg_id && $action == 'view_folder')

+ {

+ $action = 'view_message';

+ }

+

+ if (!$auth->acl_get('u_readpm'))

+ {

+ trigger_error('NOT_AUTHORIZED');

+ }

+

+ // First Handle Mark actions and moving messages

+

+ // Move PM

+ if (isset($_REQUEST['move_pm']))

+ {

+ $message_limit = (!$user->data['group_message_limit']) ? $config['pm_max_msgs'] : $user->data['group_message_limit'];

+

+ if (move_pm($user->data['user_id'], $message_limit))

+ {

+ // Return to folder view if single message moved

+ if ($action == 'view_message')

+ {

+ $msg_id = 0;

+ $folder_id = request_var('cur_folder_id', PRIVMSGS_NO_BOX);

+ $action = 'view_folder';

+ }

+ }

+ }

+

+ // Message Mark Options

+ if (isset($_REQUEST['submit_mark']))

+ {

+ handle_mark_actions($user->data['user_id'], request_var('mark_option', ''));

+ }

+

+ // If new messages arrived, place them into the appropiate folder

+ $num_not_moved = 0;

+ if ($user->data['user_new_privmsg'] && $action == 'view_folder')

+ {

+ place_pm_into_folder($global_privmsgs_rules, request_var('release', 0));

+ $num_not_moved = $user->data['user_new_privmsg'];

+ }

+ if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX && $mode != 'unread')

+ {

+ $folder_id = PRIVMSGS_INBOX;

+ }

+ else if ($msg_id && $folder_id == PRIVMSGS_NO_BOX)

+ {

+ $sql = 'SELECT folder_id

+ FROM ' . PRIVMSGS_TO_TABLE . "

+ WHERE msg_id = $msg_id

+ AND user_id = " . $user->data['user_id'];

+ $result = $db->sql_query_limit($sql, 1);

+ if (!($row = $db->sql_fetchrow($result)))

+ {

+ trigger_error('MESSAGE_NO_LONGER_AVAILABLE');

+ }

+ $folder_id = (int) $row['folder_id'];

+ }

+

+ $message_row = array();

+ if ($mode == 'view_messages' && $action == 'view_message' && $msg_id)

+ {

+ // Get Message user want to see

+

+ if ($view == 'next' || $view == 'previous')

+ {

+ $sql_condition = ($view == 'next') ? '>' : '<';

+ $sql_ordering = ($view == 'next') ? 'ASC' : 'DESC';

+

+ $sql = 'SELECT t.msg_id

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2

+ WHERE p2.msg_id = $msg_id

+ AND t.folder_id = $folder_id

+ AND t.user_id = " . $user->data['user_id'] . "

+ AND t.msg_id = p.msg_id

+ AND p.message_time $sql_condition p2.message_time

+ ORDER BY p.message_time $sql_ordering";

+ $result = $db->sql_query_limit($sql, 1);

+

+ if (!($row = $db->sql_fetchrow($result)))

+ {

+ $message = ($view == 'next') ? 'NO_NEWER_PM' : 'NO_OLDER_PM';

+ trigger_error($message);

+ }

+ else

+ {

+ $msg_id = $row['msg_id'];

+ }

+ }

+

+ $sql = 'SELECT t.*, p.*, u.*

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u

+ WHERE t.user_id = ' . $user->data['user_id'] . "

+ AND p.author_id = u.user_id

+ AND t.folder_id = $folder_id

+ AND t.msg_id = p.msg_id

+ AND p.msg_id = $msg_id";

+ $result = $db->sql_query_limit($sql, 1);

+

+ if (!($message_row = $db->sql_fetchrow($result)))

+ {

+ trigger_error('MESSAGE_NO_LONGER_AVAILABLE');

+ }

+

+ // Update unread status

+ update_unread_status($message_row['unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id);

+ }

+

+ $unread_pm = array();

+ if ($user->data['user_unread_privmsg'])

+ {

+ $unread_pm = get_unread_pm($user->data['user_id']);

+ }

+ $folder = array();

+

+ if ($mode == 'unread')

+ {

+ $folder['unread'] = array('folder_name' => $user->lang['UNREAD_MESSAGES']);

+ }

+ get_folder($user->data['user_id'], $folder);

+

+ $s_folder_options = $s_to_folder_options = '';

+ foreach ($folder as $f_id => $folder_ary)

+ {

+ $unread = ((isset($unread_pm[$f_id]) || ($f_id == PRIVMSGS_OUTBOX && $folder_ary['num_messages'])) ? ' [' . (($f_id == PRIVMSGS_OUTBOX) ? $folder_ary['num_messages'] : $unread_pm[$f_id]) . ']' : '');

+

+ $option = '<option' . ((!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX))) ? ' class="blue"' : '') . ' value="' . $f_id . '"' . ((($f_id == $folder_id && $mode != 'unread') || ($f_id === 'unread' && $mode == 'unread')) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . $unread . '</option>';

+

+ $s_to_folder_options .= ($f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX) ? $option : '';

+ $s_folder_options .= $option;

+ }

+

+ clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']);

+

+ // Header for message view - folder and so on

+ $folder_status = get_folder_status($folder_id, $folder);

+ $url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=$id";

+

+ $template->assign_vars(array(

+ 'CUR_FOLDER_ID' => $folder_id,

+ 'CUR_FOLDER_NAME' => $folder_status['folder_name'],

+ 'NUM_NOT_MOVED' => $num_not_moved,

+ 'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $url . '&amp;folder=' . $folder_id . '&amp;release=1">', '</a>'),

+ 'NOT_MOVED_MESSAGES' => ($num_not_moved == 1) ? $user->lang['NOT_MOVED_MESSAGE'] : sprintf($user->lang['NOT_MOVED_MESSAGES'], $num_not_moved),

+

+ 'S_FOLDER_OPTIONS' => $s_folder_options,

+ 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options,

+ 'S_FOLDER_ACTION' => "$url&amp;mode=view_messages&amp;action=view_folder",

+ 'S_PM_ACTION' => "$url&amp;mode=$mode&amp;action=$action",

+

+ 'U_INBOX' => ($folder_id != PRIVMSGS_INBOX) ? "$url&amp;folder=inbox" : '',

+ 'U_OUTBOX' => ($folder_id != PRIVMSGS_OUTBOX) ? "$url&amp;folder=outbox" : '',

+ 'U_SENTBOX' => ($folder_id != PRIVMSGS_SENTBOX) ? "$url&amp;folder=sentbox" : '',

+ 'U_CREATE_FOLDER' => "$url&amp;mode=options",

+

+ 'FOLDER_STATUS' => $folder_status['message'],

+ 'FOLDER_MAX_MESSAGES' => $folder_status['max'],

+ 'FOLDER_CUR_MESSAGES' => $folder_status['cur'],

+ 'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'],

+ 'FOLDER_PERCENT' => $folder_status['percent'])

+ );

+

+ if ($mode == 'unread' || $action == 'view_folder')

+ {

+ include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.'.$phpEx);

+ view_folder($id, $mode, $folder_id, $folder, (($mode == 'unread') ? 'unread' : 'folder'));

+

+ $tpl_file = 'ucp_pm_viewfolder.html';

+ }

+ else if ($action == 'view_message')

+ {

+ $template->assign_vars(array(

+ 'S_VIEW_MESSAGE'=> true,

+ 'MSG_ID' => $msg_id)

+ );

+

+ include($phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.'.$phpEx);

+ view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row);

+

+ $tpl_file = ($view == 'print') ? 'ucp_pm_viewmessage_print.html' : 'ucp_pm_viewmessage.html';

+ }

+

+ break;

+

+ default:

+ trigger_error('NOT_AUTHORIZED');

+ }

+

+<?php

+// -------------------------------------------------------------

+//

+// $Id$

+//

+// FILENAME : compose.php

+// STARTED : Sat Mar 27, 2004

+// COPYRIGHT : © 2004 phpBB Group

+// WWW : http://www.phpbb.com/

+// LICENCE : GPL vs2.0 [ see /docs/COPYING ]

+//

+// -------------------------------------------------------------

+

+// * Called from ucp_pm with mode == 'compose'

+

+function compose_pm($id, $mode, $action)

+{

+ global $template, $db, $auth, $user;

+ global $phpbb_root_path, $phpEx, $config, $SID;

+

+ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);

+ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);

+ include($phpbb_root_path . 'includes/message_parser.'.$phpEx);

+

+ if (!$action)

+ {

+ $action = 'post';

+ }

+

+ // Grab only parameters needed here

+ $msg_id = request_var('p', 0);

+ $quote_post = request_var('q', 0);

+ $draft_id = request_var('d', 0);

+ $lastclick = request_var('lastclick', 0);

+

+ // Do NOT use request_var or specialchars here

+ $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array();

+

+ $submit = (isset($_POST['post']));

+ $preview = (isset($_POST['preview']));

+ $save = (isset($_POST['save']));

+ $load = (isset($_POST['load']));

+ $cancel = (isset($_POST['cancel']));

+ $confirm = (isset($_POST['confirm']));

+ $delete = (isset($_POST['delete']));

+

+ $remove_u = (isset($_REQUEST['remove_u']));

+ $remove_g = (isset($_REQUEST['remove_g']));

+ $add_to = (isset($_REQUEST['add_to']));

+ $add_bcc = (isset($_REQUEST['add_bcc']));

+

+ $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || $save || $load

+ || $remove_u || $remove_g || $add_to || $add_bcc;

+

+ $action = ($delete && !$preview && !$refresh && $submit) ? 'delete' : $action;

+

+ $error = array();

+ $current_time = time();

+

+ // Was cancel pressed? If so then redirect to the appropriate page

+ if ($cancel || ($current_time - $lastclick < 2 && $submit))

+ {

+ $redirect = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=$id&amp;mode=view_messages&amp;action=view_message" . (($msg_id) ? "&amp;p=$msg_id" : '');

+ redirect($redirect);

+ }

+

+ $sql = '';

+

+ // What is all this following SQL for? Well, we need to know

+ // some basic information in all cases before we do anything.

+ switch ($action)

+ {

+ case 'post':

+ if (!$auth->acl_get('u_sendpm'))

+ {

+ trigger_error('NOT_AUTHORIZED_POST_PM');

+ }

+

+ break;

+

+ case 'reply':

+ case 'quote':

+ case 'forward':

+ if (!$msg_id)

+ {

+ trigger_error('NO_PM');

+ }

+

+ if ($quote_post)

+ {

+ $sql = 'SELECT p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_html, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username

+ FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u

+ WHERE p.post_id = $msg_id

+ AND t.topic_id = p.topic_id

+ AND u.user_id = p.poster_id";

+ }

+ else

+ {

+ $sql = 'SELECT t.*, p.*, u.username as quote_username

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u

+ WHERE t.user_id = ' . $user->data['user_id'] . "

+ AND p.author_id = u.user_id

+ AND t.msg_id = p.msg_id

+ AND p.msg_id = $msg_id";

+ }

+ break;

+

+ case 'edit':

+ if (!$msg_id)

+ {

+ trigger_error('NO_PM');

+ }

+

+ // check for outbox (not read) status, we do not allow editing if one user already having the message

+ $sql = 'SELECT p.*, t.*

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p

+ WHERE t.user_id = ' . $user->data['user_id'] . '

+ AND t.folder_id = ' . PRIVMSGS_OUTBOX . "

+ AND t.msg_id = $msg_id

+ AND t.msg_id = p.msg_id";

+ break;

+

+ case 'delete':

+ if (!$auth->acl_get('u_pm_delete'))

+ {

+ trigger_error('NOT_AUTHORIZED_DELETE_PM');

+ }

+

+ if (!$msg_id)

+ {

+ trigger_error('NO_PM');

+ }

+

+ $sql = 'SELECT msg_id, unread, new, author_id

+ FROM ' . PRIVMSGS_TO_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'] . "

+ AND msg_id = $msg_id";

+ break;

+

+ case 'smilies':

+ generate_smilies('window', 0);

+ break;

+

+ default:

+ trigger_error('NO_POST_MODE');

+ }

+

+ if ($action == 'reply' && !$auth->acl_get('u_sendpm'))

+ {

+ trigger_error('NOT_AUTHORIZED_REPLY_PM');

+ }

+

+ if ($action == 'quote' && (!$config['auth_quote_pm'] || !$auth->acl_get('u_sendpm')))

+ {

+ trigger_error('NOT_AUTHORIZED_QUOTE_PM');

+ }

+

+ if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward')))

+ {

+ trigger_error('NOT_AUTHORIZED_FORWARD_PM');

+ }

+

+ if ($action == 'edit' && !$auth->acl_get('u_pm_edit'))

+ {

+ trigger_error('NOT_AUTHORIZED_EDIT_PM');

+ }

+

+ if ($sql)

+ {

+ $result = $db->sql_query_limit($sql, 1);

+

+ if (!($row = $db->sql_fetchrow($result)))

+ {

+ trigger_error('NOT_AUTHORIZED');

+ }

+

+ extract($row);

+ $db->sql_freeresult($result);

+

+ $msg_id = (int) $msg_id;

+ $enable_urls = $enable_magic_url;

+

+ if (!$author_id && $msg_id)

+ {

+ trigger_error('NO_USER');

+ }

+

+ if (($action == 'reply' || $action == 'quote') && !sizeof($address_list) && !$refresh && !$submit && !$preview)

+ {

+ $address_list = array('u' => array($author_id => 'to'));

+ }

+ else if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview)

+ {

+ // Rebuild TO and BCC Header

+ $address_list = rebuild_header(array('to' => $to_address, 'bcc' => $bcc_address));

+ }

+ }

+ else

+ {

+ $message_attachment = 0;

+ $message_text = $subject = '';

+ }

+

+ if ($action == 'edit' && !$refresh && !$preview && !$submit)

+ {

+ if (!($message_time > time() - $config['pm_edit_time'] || !$config['pm_edit_time']))

+ {

+ trigger_error('NOT_AUTHORIZED_EDIT_TIME');

+ }

+ }

+

+ $message_parser = new parse_message();

+

+ $message_subject = (isset($message_subject)) ? $message_subject : '';

+ $message_text = ($action == 'reply') ? '' : ((isset($message_text)) ? $message_text : '');

+ $icon_id = 0;

+

+ $s_action = "{$phpbb_root_path}ucp.$phpEx?sid={$user->session_id}&amp;i=$id&amp;mode=$mode&amp;action=$action";

+ $s_action .= ($msg_id) ? "&amp;p=$msg_id" : '';

+ $s_action .= ($quote_post) ? "&amp;q=1" : '';

+

+ // Handle User/Group adding/removing

+ handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc);

+

+ // Check for too many recipients

+ if (!$config['allow_mass_pm'] && num_recipients($address_list) > 1)

+ {

+ $address_list = get_recipient_pos($address_list, 1);

+ $error[] = $user->lang['TOO_MANY_RECIPIENTS'];

+ }

+

+ $message_parser->get_submitted_attachment_data();

+

+ if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit')

+ {

+ $sql = 'SELECT attach_id, physical_filename, comment, real_filename, extension, mimetype, filesize, filetime, thumbnail

+ FROM ' . ATTACHMENTS_TABLE . "

+ WHERE post_msg_id = $msg_id

+ AND in_message = 1

+ ORDER BY filetime " . ((!$config['display_order']) ? 'DESC' : 'ASC');

+ $result = $db->sql_query($sql);

+

+ $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));

+

+ $db->sql_freeresult($result);

+ }

+

+ if (!in_array($action, array('quote', 'edit', 'delete', 'forward')))

+ {

+ $enable_sig = ($config['allow_sig_pm'] && $auth->acl_get('u_pm_sig') && $user->optionget('attachsig'));

+ $enable_smilies = ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smile'));

+ $enable_bbcode = ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode'));

+ $enable_urls = true;

+ }

+

+ $enable_magic_url = $drafts = false;

+

+ // User own some drafts?

+ if ($auth->acl_get('u_savedrafts') && $action != 'delete')

+ {

+ $sql = 'SELECT draft_id

+ FROM ' . DRAFTS_TABLE . '

+ WHERE (forum_id = 0 AND topic_id = 0)

+ AND user_id = ' . $user->data['user_id'] .

+ (($draft_id) ? " AND draft_id <> $draft_id" : '');

+ $result = $db->sql_query_limit($sql, 1);

+

+ if ($db->sql_fetchrow($result))

+ {

+ $drafts = true;

+ }

+ $db->sql_freeresult($result);

+ }

+

+ if ($action == 'edit' || $action == 'forward')

+ {

+ $message_parser->bbcode_uid = $bbcode_uid;

+ }

+

+ // Delete triggered ?

+ if ($action == 'delete')

+ {

+ // Get Folder ID

+ $folder_id = request_var('f', PRIVMSGS_NO_BOX);

+

+ $s_hidden_fields = '<input type="hidden" name="p" value="' . $msg_id . '" /><input type="hidden" name="f" value="' . $folder_id . '" /><input type="hidden" name="action" value="delete" />';

+

+ // Do we need to confirm ?

+ if (confirm_box(true))

+ {

+ delete_pm($user->data['user_id'], $msg_id, $folder_id);

+

+ // TODO - jump to next message in "history"?

+ $meta_info = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;folder=$folder_id";

+ $message = $user->lang['PM_DELETED'];

+

+ meta_refresh(3, $meta_info);

+ $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');

+ trigger_error($message);

+ }

+ else

+ {

+ // "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=compose"

+ confirm_box(false, 'DELETE_PM', $s_hidden_fields);

+ }

+ }

+

+ $html_status = ($config['allow_html'] && $config['auth_html_pm'] && $auth->acl_get('u_pm_html'));

+ $bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode'));

+ $smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies'));

+ $img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img'));

+ $flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash'));

+ $quote_status = ($config['auth_quote_pm']);

+

+ // Save Draft

+ if ($save && $auth->acl_get('u_savedrafts'))

+ {

+ $subject = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', request_var('subject', ''));

+ $subject = (!$subject && $action != 'post') ? $user->lang['NEW_MESSAGE'] : $subject;

+ $message = (isset($_POST['message'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message']))) : '';

+ $message = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $message);

+

+ if ($subject && $message)

+ {

+ $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(

+ 'user_id' => $user->data['user_id'],

+ 'topic_id' => 0,

+ 'forum_id' => 0,

+ 'save_time' => $current_time,

+ 'draft_subject' => $subject,

+ 'draft_message' => $message));

+ $db->sql_query($sql);

+

+ meta_refresh(3, "ucp.$phpEx$SID&i=pm&mode=$mode");

+

+ $message = $user->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], "<a href=\"ucp.$phpEx$SID&amp;i=pm&amp;mode=$mode\">", '</a>');

+

+ trigger_error($message);

+ }

+

+ unset($subject);

+ unset($message);

+ }

+

+ // Load Draft

+ if ($draft_id && $auth->acl_get('u_savedrafts'))

+ {

+ $sql = 'SELECT draft_subject, draft_message

+ FROM ' . DRAFTS_TABLE . "

+ WHERE draft_id = $draft_id

+ AND topic_id = 0

+ AND forum_id = 0

+ AND user_id = " . $user->data['user_id'];

+ $result = $db->sql_query_limit($sql, 1);

+

+ if ($row = $db->sql_fetchrow($result))

+ {

+ $_REQUEST['subject'] = $row['draft_subject'];

+ $_POST['message'] = $row['draft_message'];

+ $refresh = true;

+ $template->assign_var('S_DRAFT_LOADED', true);

+ }

+ else

+ {

+ $draft_id = 0;

+ }

+ }

+

+ // Load Drafts

+ if ($load && $drafts)

+ {

+ load_drafts(0, 0, $id);

+ }

+

+ if ($submit || $preview || $refresh)

+ {

+ $subject = request_var('subject', '');

+

+ if (strcmp($subject, strtoupper($subject)) == 0 && $subject)

+ {

+ $subject = phpbb_strtolower($subject);

+ }

+ $subject = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $subject);

+

+

+ $message_parser->message = (isset($_POST['message'])) ? htmlspecialchars(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['message'])) : '';

+ $message_parser->message = preg_replace('#&amp;(\#[0-9]+;)#', '&\1', $message_parser->message);

+

+ $icon_id = request_var('icon', 0);

+

+ $enable_html = (!$html_status || isset($_POST['disable_html'])) ? false : true;

+ $enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;

+ $enable_smilies = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;

+ $enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1;

+ $enable_sig = (!$config['allow_sig']) ? false : ((isset($_POST['attach_sig'])) ? true : false);

+

+ // Faster than crc32

+ $check_value = (($preview || $refresh) && isset($_POST['status_switch'])) ? (int) $_POST['status_switch'] : (($enable_html+1) << 16) + (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1);

+ $status_switch = (isset($_POST['status_switch']) && (int) $_POST['status_switch'] != $check_value);

+

+

+ // Parse Attachments - before checksum is calculated

+ $message_parser->parse_attachments($action, $msg_id, $submit, $preview, $refresh, true);

+

+ // Grab md5 'checksum' of new message

+ $message_md5 = md5($message_parser->message);

+

+ // Check checksum ... don't re-parse message if the same

+ if ($action != 'edit' || $message_md5 != $post_checksum || $status_switch || $preview)

+ {

+ // Parse message

+ $message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, $img_status, $flash_status, $quote_status);

+ }

+

+ if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood'))

+ {

+ // Flood check

+ $last_post_time = $user->data['user_lastpost_time'];

+

+ if ($last_post_time)

+ {

+ if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))

+ {

+ $error[] = $user->lang['FLOOD_ERROR'];

+ }

+ }

+ }

+

+ // Subject defined

+ if (!$subject)

+ {

+ $error[] = $user->lang['EMPTY_SUBJECT'];

+ }

+

+ if (!sizeof($address_list))

+ {

+ $error[] = $user->lang['NO_RECIPIENT'];

+ }

+

+ if (sizeof($message_parser->warn_msg))

+ {

+ $error[] = implode('<br />', $message_parser->warn_msg);

+ }

+

+ // Store message, sync counters

+ if (!sizeof($error) && $submit)

+ {

+ $pm_data = array(

+ 'subject' => (!$message_subject) ? $subject : $message_subject,

+ 'msg_id' => (int) $msg_id,

+ 'reply_from_root_level' => (int) $root_level,

+ 'reply_from_msg_id' => (int) $msg_id,

+ 'icon_id' => (int) $icon_id,

+ 'author_id' => (int) $author_id,

+ 'enable_sig' => (bool) $enable_sig,

+ 'enable_bbcode' => (bool) $enable_bbcode,

+ 'enable_html' => (bool) $enable_html,

+ 'enable_smilies' => (bool) $enable_smilies,

+ 'enable_urls' => (bool) $enable_urls,

+ 'message_md5' => (int) $message_md5,

+ 'post_checksum' => (int) $post_checksum,

+ 'post_edit_reason' => $post_edit_reason,

+ 'post_edit_user' => ($action == 'edit') ? $user->data['user_id'] : (int) $post_edit_user,

+ 'author_ip' => (int) $author_ip,

+ 'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield,

+ 'address_list' => $address_list

+ );

+

+ submit_pm($action, $message_parser->message, $subject, $message_parser->bbcode_uid, $message_parser->attachment_data, $message_parser->filename_data, $pm_data);

+ }

+

+ $message_text = $message_parser->message;

+ $message_subject = stripslashes($subject);

+ }

+

+ // Preview

+ if (!sizeof($error) && $preview)

+ {

+ $post_time = ($action == 'edit') ? $post_time : $current_time;

+

+ $preview_subject = censor_text($subject);

+

+ $preview_signature = $user->data['user_sig'];

+ $preview_signature_uid = $user->data['user_sig_bbcode_uid'];

+ $preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield'];

+

+ include($phpbb_root_path . 'includes/bbcode.' . $phpEx);

+ $bbcode = new bbcode($message_parser->bbcode_bitfield | $preview_signature_bitfield);

+

+ $preview_message = $message_parser->message;

+ format_display($preview_message, $preview_signature, $message_parser->bbcode_uid, $preview_signature_uid, $enable_html, $enable_bbcode, $enable_urls, $enable_smilies, $enable_sig, $bbcode);

+

+ // Attachment Preview

+ if (sizeof($message_parser->attachment_data))

+ {

+ include($phpbb_root_path . 'includes/functions_display.' . $phpEx);

+ $extensions = $update_count = array();

+

+ $template->assign_var('S_HAS_ATTACHMENTS', true);

+ display_attachments(0, 'attachment', $message_parser->attachment_data, $update_count, true);

+ }

+ }

+

+

+ // Decode text for message display

+ $bbcode_uid = (($action == 'quote' || $action == 'forward')&& !$preview && !$refresh && !sizeof($error)) ? $bbcode_uid : $message_parser->bbcode_uid;

+

+ decode_text($message_text, $bbcode_uid);

+

+ if ($subject)

+ {

+ decode_text($subject, $bbcode_uid);

+ }

+

+

+ if ($action == 'quote' && !$preview && !$refresh)

+ {

+ $message_text = '[quote="' . $quote_username . '"]' . censor_text(trim($message_text)) . "[/quote]\n";

+ }

+

+ if (($action == 'reply' || $action == 'quote') && !$preview && !$refresh)

+ {

+ $message_subject = ((!preg_match('/^Re:/', $message_subject)) ? 'Re: ' : '') . censor_text($message_subject);

+ }

+

+ if ($action == 'forward' && !$preview && !$refresh)

+ {

+ $user->lang['FWD_ORIGINAL_MESSAGE'] = '-------- Original Message --------';

+ $user->lang['FWD_SUBJECT'] = 'Subject: %s';

+ $user->lang['FWD_DATE'] = 'Date: %s';

+ $user->lang['FWD_FROM'] = 'From: %s';

+ $user->lang['FWD_TO'] = 'To: %s';

+

+ $fwd_to_field = write_pm_addresses(array('to' => $to_address), 0, true);

+

+ $forward_text = array();

+ $forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE'];

+ $forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject));

+ $forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time));

+ $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username);

+ $forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to']));

+

+ $message_text = implode("\n", $forward_text) . "\n\n[quote=\"[url=" . generate_board_url() . "/memberlist.$phpEx$SID&mode=viewprofile&u={$author_id}]{$quote_username}[/url]\"]\n" . censor_text(trim($message_text)) . "\n[/quote]";

+ $message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject);

+ }

+

+

+ // MAIN PM PAGE BEGINS HERE

+

+ // Generate smilie listing

+ generate_smilies('inline', 0);

+

+ // Generate PM Icons

+ $s_pm_icons = false;

+ if ($config['enable_pm_icons'])

+ {

+ $s_pm_icons = posting_gen_topic_icons($action, $icon_id);

+ }

+

+ // Generate inline attachment select box

+ posting_gen_inline_attachments($message_parser);

+

+ // Build address list for display

+ // array('u' => array($author_id => 'to'));

+ if (sizeof($address_list))

+ {

+ // Get Usernames and Group Names

+ $result = array();

+ if (isset($address_list['u']) && sizeof($address_list['u']))

+ {

+ $result['u'] = $db->sql_query('SELECT user_id as id, username as name, user_colour as colour

+ FROM ' . USERS_TABLE . '

+ WHERE user_id IN (' . implode(', ', array_map('intval', array_keys($address_list['u']))) . ')');

+ }

+

+ if (isset($address_list['g']) && sizeof($address_list['g']))

+ {

+ $result['g'] = $db->sql_query('SELECT group_id as id, group_name as name, group_colour as colour

+ FROM ' . GROUPS_TABLE . '

+ WHERE group_id IN (' . implode(', ', array_map('intval', array_keys($address_list['g']))) . ')');

+ }

+

+ $u = $g = array();

+ foreach (array('u', 'g') as $type)

+ {

+ if (isset($result[$type]) && $result[$type])

+ {

+ while ($row = $db->sql_fetchrow($result[$type]))

+ {

+ ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);

+ }

+ $db->sql_freeresult($result[$type]);

+ }

+ }

+

+ // Now Build the address list

+ $plain_address_field = '';

+ foreach ($address_list as $type => $adr_ary)

+ {

+ foreach ($adr_ary as $id => $field)

+ {

+ $field = ($field == 'to') ? 'to' : 'bcc';

+ $type = ($type == 'u') ? 'u' : 'g';

+ $id = (int) $id;

+

+ $template->assign_block_vars($field . '_recipient', array(

+ 'NAME' => ${$type}[$id]['name'],

+ 'IS_GROUP' => ($type == 'g'),

+ 'IS_USER' => ($type == 'u'),

+ 'COLOUR' => (${$type}[$id]['colour']) ? ${$type}[$id]['colour'] : '',

+ 'UG_ID' => $id,

+ 'U_VIEW' => ($type == 'u') ? "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $id : "{$phpbb_root_path}groupcp.$phpEx$SID&amp;g=" . $id,

+ 'TYPE' => $type)

+ );

+ }

+ }

+ }

+

+ // Build hidden address list

+ $s_hidden_address_field = '';

+ foreach ($address_list as $type => $adr_ary)

+ {

+ foreach ($adr_ary as $id => $field)

+ {

+ $s_hidden_address_field .= '<input type="hidden" name="address_list[' . (($type == 'u') ? 'u' : 'g') . '][' . (int) $id . ']" value="' . (($field == 'to') ? 'to' : 'bcc') . '" />';

+ }

+ }

+

+ $html_checked = (isset($enable_html)) ? !$enable_html : (($config['allow_html'] && $auth->acl_get('u_pm_html')) ? !$user->optionget('html') : 1);

+ $bbcode_checked = (isset($enable_bbcode)) ? !$enable_bbcode : (($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode')) ? !$user->optionget('bbcode') : 1);

+ $smilies_checked = (isset($enable_smilies)) ? !$enable_smilies : (($config['allow_smilies'] && $auth->acl_get('u_pm_smilies')) ? !$user->optionget('smile') : 1);

+ $urls_checked = (isset($enable_urls)) ? !$enable_urls : 0;

+ $sig_checked = $enable_sig;

+

+ switch ($action)

+ {

+ case 'post':

+ $page_title = $user->lang['POST_NEW_PM'];

+ break;

+

+ case 'quote':

+ $page_title = $user->lang['POST_QUOTE_PM'];

+ break;

+

+ case 'reply':

+ $page_title = $user->lang['POST_REPLY_PM'];

+ break;

+

+ case 'edit':

+ $page_title = $user->lang['POST_EDIT_PM'];

+ break;

+

+ case 'forward':

+ $page_title = $user->lang['POST_FORWARD_PM'];

+ break;

+

+ default:

+ trigger_error('NOT_AUTHORIZED');

+ }

+

+ $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />';

+ $s_hidden_fields .= (isset($check_value)) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : '';

+ $s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : '';

+

+ $form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"';

+

+ // Start assigning vars for main posting page ...

+ $template->assign_vars(array(

+ 'L_POST_A' => $page_title,

+ 'L_ICON' => $user->lang['PM_ICON'],

+ 'L_MESSAGE_BODY_EXPLAIN'=> (intval($config['max_post_chars'])) ? sprintf($user->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '',

+

+ 'SUBJECT' => (isset($message_subject)) ? $message_subject : '',

+ 'MESSAGE' => trim($message_text),

+ 'PREVIEW_SUBJECT' => ($preview && !sizeof($error)) ? $preview_subject : '',

+ 'PREVIEW_MESSAGE' => ($preview && !sizeof($error)) ? $preview_message : '',

+ 'PREVIEW_SIGNATURE' => ($preview && !sizeof($error)) ? $preview_signature : '',

+ 'HTML_STATUS' => ($html_status) ? $user->lang['HTML_IS_ON'] : $user->lang['HTML_IS_OFF'],

+ 'BBCODE_STATUS' => ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),

+ 'IMG_STATUS' => ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],

+ 'FLASH_STATUS' => ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],

+ 'SMILIES_STATUS' => ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],

+ 'MINI_POST_IMG' => $user->img('icon_post', $user->lang['POST']),

+ 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',

+

+ 'S_DISPLAY_PREVIEW' => ($preview && !sizeof($error)),

+ 'S_EDIT_POST' => ($action == 'edit'),

+ 'S_SHOW_PM_ICONS' => $s_pm_icons,

+ 'S_HTML_ALLOWED' => $html_status,

+ 'S_HTML_CHECKED' => ($html_checked) ? ' checked="checked"' : '',

+ 'S_BBCODE_ALLOWED' => $bbcode_status,

+ 'S_BBCODE_CHECKED' => ($bbcode_checked) ? ' checked="checked"' : '',

+ 'S_SMILIES_ALLOWED' => $smilies_status,

+ 'S_SMILIES_CHECKED' => ($smilies_checked) ? ' checked="checked"' : '',

+ 'S_SIG_ALLOWED' => ($config['allow_sig_pm'] && $auth->acl_get('u_pm_sig')),

+ 'S_SIGNATURE_CHECKED' => ($sig_checked) ? ' checked="checked"' : '',

+ 'S_MAGIC_URL_CHECKED' => ($urls_checked) ? ' checked="checked"' : '',

+ 'S_SAVE_ALLOWED' => $auth->acl_get('u_savedrafts'),

+ 'S_HAS_DRAFTS' => ($auth->acl_get('u_savedrafts') && $drafts),

+ 'S_FORM_ENCTYPE' => $form_enctype,

+

+ 'S_POST_ACTION' => $s_action,

+ 'S_HIDDEN_ADDRESS_FIELD'=> $s_hidden_address_field,

+ 'S_HIDDEN_FIELDS' => $s_hidden_fields)

+ );

+

+ // Attachment entry

+ if ($auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype)

+ {

+ posting_gen_attachment_entry($message_parser);

+ }

+}

+

+// Submit PM

+function submit_pm($mode, $message, $subject, $bbcode_uid, $attach_data, $filename_data, $data)

+{

+ global $db, $auth, $user, $config, $phpEx, $SID, $template;

+

+ // We do not handle erasing posts here

+ if ($mode == 'delete')

+ {

+ return;

+ }

+

+ $current_time = time();

+

+ // Collect some basic informations about which tables and which rows to update/insert

+ $sql_data = array();

+ $root_level = 0;

+

+ // Recipient Informations

+ $recipients = $to = $bcc = array();

+

+ if ($mode != 'edit')

+ {

+ // Build Recipient List

+ foreach (array('u', 'g') as $ug_type)

+ {

+ if (sizeof($data['address_list'][$ug_type]))

+ {

+ foreach ($data['address_list'][$ug_type] as $id => $field)

+ {

+ $field = ($field == 'to') ? 'to' : 'bcc';

+ if ($ug_type == 'u')

+ {

+ $recipients[$id] = $field;

+ }

+ ${$field}[] = $ug_type . '_' . (int) $id;

+ }

+ }

+ }

+

+ if (sizeof($data['address_list']['g']))

+ {

+ $sql = 'SELECT group_id, user_id

+ FROM ' . USER_GROUP_TABLE . '

+ WHERE group_id IN (' . implode(', ', array_keys($data['address_list']['g'])) . ')

+ AND user_pending = 0';

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $field = ($data['address_list']['g'][$row['group_id']] == 'to') ? 'to' : 'bcc';

+ $recipients[$row['user_id']] = $field;

+ }

+ $db->sql_freeresult($result);

+ }

+

+ if (!sizeof($recipients))

+ {

+ trigger_error('NO_RECIPIENT');

+ }

+ }

+

+ $sql = '';

+ switch ($mode)

+ {

+ case 'reply':

+ case 'quote':

+ $root_level = ($data['reply_from_root_level']) ? $data['reply_from_root_level'] : $data['reply_from_msg_id'];

+

+ // Set message_replied switch for this user

+ $sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . '

+ SET replied = 1

+ WHERE user_id = ' . $user->data['user_id'] . '

+ AND msg_id = ' . $data['reply_from_msg_id'];

+

+ case 'forward':

+ case 'post':

+ $sql_data = array(

+ 'root_level' => $root_level,

+ 'author_id' => (int) $user->data['user_id'],

+ 'icon_id' => $data['icon_id'],

+ 'author_ip' => $user->ip,

+ 'message_time' => $current_time,

+ 'enable_bbcode' => $data['enable_bbcode'],

+ 'enable_html' => $data['enable_html'],

+ 'enable_smilies' => $data['enable_smilies'],

+ 'enable_magic_url' => $data['enable_urls'],

+ 'enable_sig' => $data['enable_sig'],

+ 'message_subject' => $subject,

+ 'message_text' => $message,

+ 'message_checksum' => $data['message_md5'],

+ 'message_encoding' => $user->lang['ENCODING'],

+ 'message_attachment'=> (sizeof($filename_data['physical_filename'])) ? 1 : 0,

+ 'bbcode_bitfield' => $data['bbcode_bitfield'],

+ 'bbcode_uid' => $bbcode_uid,

+ 'to_address' => implode(':', $to),

+ 'bcc_address' => implode(':', $bcc)

+ );

+ break;

+

+ case 'edit':

+ $sql_data = array(

+ 'icon_id' => $data['icon_id'],

+ 'message_edit_time' => $current_time,

+ 'enable_bbcode' => $data['enable_bbcode'],

+ 'enable_html' => $data['enable_html'],

+ 'enable_smilies' => $data['enable_smilies'],

+ 'enable_magic_url' => $data['enable_urls'],

+ 'enable_sig' => $data['enable_sig'],

+ 'message_subject' => $subject,

+ 'message_text' => $message,

+ 'message_checksum' => $data['message_md5'],

+ 'message_encoding' => $user->lang['ENCODING'],

+ 'message_attachment'=> (sizeof($filename_data['physical_filename'])) ? 1 : 0,

+ 'bbcode_bitfield' => $data['bbcode_bitfield'],

+ 'bbcode_uid' => $bbcode_uid

+ );

+ break;

+ }

+

+ if (sizeof($sql_data))

+ {

+ if ($mode == 'post' || $mode == 'reply' || $mode == 'quote' || $mode == 'forward')

+ {

+ $db->sql_query('INSERT INTO ' . PRIVMSGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_data));

+ $data['msg_id'] = $db->sql_nextid();

+ }

+ else if ($mode == 'edit')

+ {

+ $sql = 'UPDATE ' . PRIVMSGS_TABLE . '

+ SET message_edit_count = message_edit_count + 1, ' . $db->sql_build_array('UPDATE', $sql_data) . '

+ WHERE msg_id = ' . $data['msg_id'];

+ $db->sql_query($sql);

+ }

+ }

+

+ if ($mode != 'edit')

+ {

+ $db->sql_transaction();

+

+ if ($sql)

+ {

+ $db->sql_query($sql);

+ }

+ unset($sql);

+

+ foreach ($recipients as $user_id => $type)

+ {

+ $db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array(

+ 'msg_id' => $data['msg_id'],

+ 'user_id' => $user_id,

+ 'author_id' => $user->data['user_id'],

+ 'folder_id' => PRIVMSGS_NO_BOX,

+ 'new' => 1,

+ 'unread' => 1,

+ 'forwarded' => ($mode == 'forward') ? 1 : 0))

+ );

+ }

+

+ $sql = 'UPDATE ' . USERS_TABLE . '

+ SET user_new_privmsg = user_new_privmsg + 1, user_unread_privmsg = user_unread_privmsg + 1

+ WHERE user_id IN (' . implode(', ', array_keys($recipients)) . ')';

+ $db->sql_query($sql);

+

+ // Put PM into outbox

+ $db->sql_query('INSERT INTO ' . PRIVMSGS_TO_TABLE . ' ' . $db->sql_build_array('INSERT', array(

+ 'msg_id' => (int) $data['msg_id'],

+ 'user_id' => (int) $user->data['user_id'],

+ 'author_id' => (int) $user->data['user_id'],

+ 'folder_id' => PRIVMSGS_OUTBOX,

+ 'new' => 0,

+ 'unread' => 0,

+ 'forwarded' => ($mode == 'forward') ? 1 : 0))

+ );

+

+ $db->sql_transaction('commit');

+ }

+

+ // Set user last post time

+ if ($mode == 'reply' || $mode == 'quote' || $mode == 'forward' || $mode == 'post')

+ {

+ $sql = 'UPDATE ' . USERS_TABLE . "

+ SET user_lastpost_time = $current_time

+ WHERE user_id = " . $user->data['user_id'];

+ $db->sql_query($sql);

+ }

+

+ $db->sql_transaction();

+

+ // Submit Attachments

+ if (count($attach_data) && $data['msg_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit', 'forward')))

+ {

+ $space_taken = $files_added = 0;

+

+ foreach ($attach_data as $pos => $attach_row)

+ {

+ if ($attach_row['attach_id'])

+ {

+ // update entry in db if attachment already stored in db and filespace

+ $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "

+ SET comment = '" . $db->sql_escape($attach_row['comment']) . "'

+ WHERE attach_id = " . (int) $attach_row['attach_id'];

+ $db->sql_query($sql);

+ }

+ else

+ {

+ // insert attachment into db

+ $attach_sql = array(

+ 'post_msg_id' => $data['msg_id'],

+ 'topic_id' => 0,

+ 'in_message' => 1,

+ 'poster_id' => $user->data['user_id'],

+ 'physical_filename' => $attach_row['physical_filename'],

+ 'real_filename' => $attach_row['real_filename'],

+ 'comment' => $attach_row['comment'],

+ 'extension' => $attach_row['extension'],

+ 'mimetype' => $attach_row['mimetype'],

+ 'filesize' => $attach_row['filesize'],

+ 'filetime' => $attach_row['filetime'],

+ 'thumbnail' => $attach_row['thumbnail']

+ );

+

+ $sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' .

+ $db->sql_build_array('INSERT', $attach_sql);

+ $db->sql_query($sql);

+

+ $space_taken += $attach_row['filesize'];

+ $files_added++;

+ }

+ }

+

+ if (count($attach_data))

+ {

+ $sql = 'UPDATE ' . PRIVMSGS_TABLE . '

+ SET message_attachment = 1

+ WHERE msg_id = ' . $data['msg_id'];

+ $db->sql_query($sql);

+ }

+

+ set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);

+ set_config('num_files', $config['num_files'] + $files_added, true);

+ }

+

+ $db->sql_transaction('commit');

+

+ // Delete draft if post was loaded...

+ $draft_id = request_var('draft_loaded', 0);

+ if ($draft_id)

+ {

+ $sql = 'DELETE FROM ' . DRAFTS_TABLE . "

+ WHERE draft_id = $draft_id

+ AND user_id = " . $user->data['user_id'];

+ $db->sql_query($sql);

+ }

+

+ // Send Notifications

+ if ($mode != 'edit')

+ {

+ pm_notification($mode, stripslashes($user->data['username']), $recipients, stripslashes($subject), stripslashes($message));

+ }

+

+ $return_message_url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=view_messages&amp;action=view_message&amp;p=" . $data['msg_id'];

+ $return_folder_url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;folder=outbox";

+ meta_refresh(3, $return_message_url);

+

+ $message = $user->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($user->lang['VIEW_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>');

+ trigger_error($message);

+}

+

+// For composing messages, handle list actions

+function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_to, $add_bcc)

+{

+ global $_REQUEST;

+

+ // Delete User [TO/BCC]

+ if ($remove_u)

+ {

+ $remove_user_id = array_keys($_REQUEST['remove_u']);

+ unset($address_list['u'][(int) $remove_user_id[0]]);

+ }

+

+ // Delete Group [TO/BCC]

+ if ($remove_g)

+ {

+ $remove_group_id = array_keys($_REQUEST['remove_g']);

+ unset($address_list['g'][(int) $remove_group_id[0]]);

+ }

+

+ // Add User/Group [TO]

+ if ($add_to || $add_bcc)

+ {

+ $type = ($add_to) ? 'to' : 'bcc';

+

+ // Add Selected Groups

+ $group_list = isset($_REQUEST['group_list']) ? array_map('intval', $_REQUEST['group_list']) : array();

+

+ if (sizeof($group_list))

+ {

+ foreach ($group_list as $group_id)

+ {

+ $address_list['g'][$group_id] = $type;

+ }

+ }

+

+ // Build usernames to add

+ $usernames = (isset($_REQUEST['username'])) ? array(request_var('username', '')) : array();

+ $username_list = request_var('username_list', '');

+ if ($username_list)

+ {

+ $usernames = array_merge($usernames, explode("\n", $username_list));

+ }

+

+ // Reveal the correct user_ids

+ if (sizeof($usernames))

+ {

+ $user_id_ary = array();

+ user_get_id_name($user_id_ary, $usernames);

+

+ if (sizeof($user_id_ary))

+ {

+ foreach ($user_id_ary as $user_id)

+ {

+ $address_list['u'][$user_id] = $type;

+ }

+ }

+ }

+

+ // Add Friends if specified

+ $friend_list = (is_array($_REQUEST['add_' . $type])) ? array_map('intval', array_keys($_REQUEST['add_' . $type])) : array();

+

+ foreach ($friend_list as $user_id)

+ {

+ $address_list['u'][$user_id] = $type;

+ }

+ }

+

+}

+

+// PM Notification

+function pm_notification($mode, $author, $recipients, $subject, $message)

+{

+ global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;

+

+ decode_text($subject);

+ $subject = censor_text($subject);

+

+ // Get banned User ID's

+ $sql = 'SELECT ban_userid

+ FROM ' . BANLIST_TABLE;

+ $result = $db->sql_query($sql);

+

+ unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ if (isset($row['ban_userid']))

+ {

+ unset($recipients[$row['ban_userid']]);

+ }

+ }

+ $db->sql_freeresult($result);

+

+ if (!sizeof($recipients))

+ {

+ return;

+ }

+

+ $recipient_list = implode(', ', array_keys($recipients));

+

+ $sql = 'SELECT user_id, username, user_email, user_lang, user_notify_type, user_jabber

+ FROM ' . USERS_TABLE . "

+ WHERE user_id IN ($recipient_list)";

+ $result = $db->sql_query($sql);

+

+ $msg_list_ary = array();

+ while ($row = $db->sql_fetchrow($result))

+ {

+ if (trim($row['user_email']))

+ {

+ $msg_list_ary[] = array(

+ 'method' => $row['method'],

+ 'email' => $row['user_email'],

+ 'jabber' => $row['user_jabber'],

+ 'name' => $row['username'],

+ 'lang' => $row['user_lang']

+ );

+ }

+ }

+ $db->sql_freeresult($result);

+

+ if (!sizeof($msg_list_ary))

+ {

+ return;

+ }

+

+ include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);

+ $messenger = new messenger();

+

+ $email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']);

+

+ foreach ($msg_list_ary as $pos => $addr)

+ {

+ $messenger->template('privmsg_notify', $addr['lang']);

+

+ $messenger->replyto($config['board_email']);

+ $messenger->to($addr['email'], $addr['name']);

+ $messenger->im($addr['jabber'], $addr['name']);

+

+ $messenger->assign_vars(array(

+ 'EMAIL_SIG' => $email_sig,

+ 'SITENAME' => $config['sitename'],

+ 'SUBJECT' => $subject,

+ 'AUTHOR_NAME' => $author,

+

+ 'U_INBOX' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=unread")

+ );

+

+ $messenger->send($addr['method']);

+ $messenger->reset();

+ }

+ unset($msg_list_ary);

+

+ if ($messenger->queue)

+ {

+ $messenger->queue->save();

+ }

+}

+

+// Return number of recipients

+function num_recipients($address_list)

+{

+ $num_recipients = 0;

+

+ foreach ($address_list as $field => $adr_ary)

+ {

+ $num_recipients += sizeof($adr_ary);

+ }

+

+ return $num_recipients;

+}

+

+// Get recipient at position 'pos'

+function get_recipient_pos($address_list, $position = 1)

+{

+ $recipient = array();

+

+ $count = 1;

+ foreach ($address_list as $field => $adr_ary)

+ {

+ foreach ($adr_ary as $id => $type)

+ {

+ if ($count == $position)

+ {

+ $recipient[$field][$id] = $type;

+ break 2;

+ }

+ $count++;

+ }

+ }

+

+ return $recipient;

+}

+

+?> \ No newline at end of file

+<?php

+// -------------------------------------------------------------

+//

+// $Id$

+//

+// FILENAME : options.php

+// STARTED : Mon Apr 19, 2004

+// COPYRIGHT : © 2004 phpBB Group

+// WWW : http://www.phpbb.com/

+// LICENCE : GPL vs2.0 [ see /docs/COPYING ]

+//

+// -------------------------------------------------------------

+

+function message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions)

+{

+ global $phpbb_root_path, $phpEx, $SID, $user, $template, $auth, $config, $db;

+

+ $redirect_url = "{$phpbb_root_path}ucp.$phpEx$SID&i=pm&mode=options";

+

+ if (isset($_POST['fullfolder']))

+ {

+ $full_action = request_var('full_action', 0);

+

+ $set_folder_id = 0;

+ switch ($full_action)

+ {

+ case 1:

+ $set_folder_id = FULL_FOLDER_DELETE;

+ break;

+ case 2:

+ $set_folder_id = request_var('full_move_to', PRIVMSGS_INBOX);

+ break;

+ case 3:

+ $set_folder_id = FULL_FOLDER_HOLD;

+ break;

+ default:

+ $full_action = 0;

+ }

+

+ if ($full_action)

+ {

+ $sql = 'UPDATE ' . USERS_TABLE . '

+ SET user_full_folder = ' . $set_folder_id . '

+ WHERE user_id = ' . $user->data['user_id'];

+ $db->sql_query($sql);

+

+ $user->data['user_full_folder'] = $set_folder_id;

+

+ $message = $user->lang['FULL_FOLDER_OPTION_CHANGED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');

+ meta_refresh(3, $redirect_url);

+ trigger_error($message);

+ }

+ }

+

+ if (isset($_POST['addfolder']))

+ {

+ $folder_name = request_var('foldername', '');

+

+ if ($folder_name)

+ {

+ $sql = 'SELECT folder_name

+ FROM ' . PRIVMSGS_FOLDER_TABLE . "

+ WHERE folder_name = '$folder_name'

+ AND user_id = " . $user->data['user_id'];

+ $result = $db->sql_query_limit($sql, 1);

+

+ if ($db->sql_fetchrow($result))

+ {

+ trigger_error(sprintf($user->lang['FOLDER_NAME_EXIST'], $folder_name));

+ }

+ $db->sql_freeresult($result);

+

+ $sql = 'SELECT COUNT(folder_id) as num_folder

+ FROM ' . PRIVMSGS_FOLDER_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'];

+ $result = $db->sql_query($sql);

+

+ if ($db->sql_fetchfield('num_folder', 0, $result) >= $config['pm_max_boxes'])

+ {

+ trigger_error('MAX_FOLDER_REACHED');

+ }

+ $db->sql_freeresult($result);

+

+ $sql = 'INSERT INTO ' . PRIVMSGS_FOLDER_TABLE . ' ' . $db->sql_build_array('INSERT', array(

+ 'user_id' => (int) $user->data['user_id'], 'folder_name' => $folder_name));

+ $db->sql_query($sql);

+

+ $message = $user->lang['FOLDER_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');

+ meta_refresh(3, $redirect_url);

+ trigger_error($message);

+

+ }

+ }

+

+ if (isset($_POST['add_rule']))

+ {

+ $check_option = request_var('check_option', 0);

+ $rule_option = request_var('rule_option', 0);

+ $cond_option = request_var('cond_option', '');

+ $action_option = explode('|', request_var('action_option', ''));

+ $rule_string = ($cond_option != 'none') ? request_var('rule_string', '') : '';

+ $rule_user_id = ($cond_option != 'none') ? request_var('rule_user_id', 0) : 0;

+ $rule_group_id = ($cond_option != 'none') ? request_var('rule_group_id', 0) : 0;

+

+ $action = (int) $action_option[0];

+ $folder_id = (int) $action_option[1];

+

+ if (!$action || !$check_option || !$rule_option || !$cond_option || ($cond_option != 'none' && !$rule_string))

+ {

+ trigger_error('RULE_NOT_DEFINED');

+ }

+

+ if (($cond_option == 'user' && !$rule_user_id) || ($cond_option == 'group' && !$rule_group_id))

+ {

+ trigger_error('RULE_NOT_DEFINED');

+ }

+

+ $rule_ary = array(

+ 'user_id' => $user->data['user_id'],

+ 'rule_check' => $check_option,

+ 'rule_connection' => $rule_option,

+ 'rule_string' => $rule_string,

+ 'rule_user_id' => $rule_user_id,

+ 'rule_group_id' => $rule_group_id,

+ 'rule_action' => $action,

+ 'rule_folder_id'=> $folder_id

+ );

+

+ $sql = 'SELECT rule_id

+ FROM ' . PRIVMSGS_RULES_TABLE . '

+ WHERE ' . $db->sql_build_array('SELECT', $rule_ary);

+ $result = $db->sql_query($sql);

+

+ if ($db->sql_fetchrow($result))

+ {

+ trigger_error('RULE_ALREADY_DEFINED');

+ }

+ $db->sql_freeresult($result);

+

+ $sql = 'INSERT INTO ' . PRIVMSGS_RULES_TABLE . ' ' . $db->sql_build_array('INSERT', $rule_ary);

+ $db->sql_query($sql);

+

+ $message = $user->lang['RULE_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>');

+ meta_refresh(3, $redirect_url);

+ trigger_error($message);

+ }

+

+ if (isset($_POST['delete_rule']) && !isset($_POST['cancel']))

+ {

+ $delete_id = array_map('intval', array_keys($_POST['delete_rule']));

+ $delete_id = (int) $delete_id[0];

+

+ if (!$delete_id)

+ {

+ redirect("{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=$mode");

+ }

+

+ $s_hidden_fields = '<input type="hidden" name="delete_rule[' . $delete_id . ']" value="1" />';

+

+ // Do we need to confirm ?

+ if (confirm_box(true))

+ {

+ $sql = 'DELETE FROM ' . PRIVMSGS_RULES_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'] . "

+ AND rule_id = $delete_id";

+ $db->sql_query($sql);

+

+ $meta_info = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;mode=$mode";

+ $message = $user->lang['RULE_DELETED'];

+

+ meta_refresh(3, $meta_info);

+ $message .= '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $meta_info . '">', '</a>');

+ trigger_error($message);

+ }

+ else

+ {

+ confirm_box(false, 'DELETE_RULE', $s_hidden_fields);

+ }

+

+ }

+

+ $folder = array();

+ $message_limit = (!$user->data['group_message_limit']) ? $config['pm_max_msgs'] : $user->data['group_message_limit'];

+

+ $sql = 'SELECT COUNT(msg_id) as num_messages

+ FROM ' . PRIVMSGS_TO_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'] . '

+ AND folder_id = ' . PRIVMSGS_INBOX;

+ $result = $db->sql_query($sql);

+ $num_messages = $db->sql_fetchfield('num_messages', 0, $result);

+ $db->sql_freeresult($result);

+

+ $folder[PRIVMSGS_INBOX] = array(

+ 'folder_name' => $user->lang['PM_INBOX'],

+ 'message_status'=> sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $num_messages, $message_limit)

+ );

+

+ $sql = 'SELECT folder_id, folder_name, pm_count

+ FROM ' . PRIVMSGS_FOLDER_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'];

+ $result = $db->sql_query($sql);

+

+ $num_user_folder = 0;

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $num_user_folder++;

+ $folder[$row['folder_id']] = array(

+ 'folder_name' => $row['folder_name'],

+ 'message_status'=> sprintf($user->lang['FOLDER_MESSAGE_STATUS'], $row['pm_count'], $message_limit)

+ );

+ }

+ $db->sql_freeresult($result);

+

+ $s_full_folder_options = $s_to_folder_options = $s_folder_options = '';

+

+ foreach ($folder as $folder_id => $folder_ary)

+ {

+ $s_full_folder_options .= '<option value="' . $folder_id . '"' . (($user->data['user_full_folder'] == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';

+ $s_to_folder_options .= '<option value="' . $folder_id . '"' . (($to_folder_id == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';

+

+ if ($folder_id != PRIVMSGS_INBOX)

+ {

+ $s_folder_options .= '<option value="' . $folder_id . '">' . $folder_ary['folder_name'] . ' (' . $folder_ary['message_status'] . ')</option>';

+ }

+ }

+

+ $s_delete_checked = ($user->data['user_full_folder'] == FULL_FOLDER_DELETE) ? ' checked="checked"' : '';

+ $s_hold_checked = ($user->data['user_full_folder'] == FULL_FOLDER_HOLD) ? ' checked="checked"' : '';

+ $s_move_checked = ($user->data['user_full_folder'] >= 0) ? ' checked="checked"' : '';

+

+ if ($user->data['user_full_folder'] == FULL_FOLDER_NONE)

+ {

+ switch ($config['full_folder_action'])

+ {

+ case 1:

+ $s_delete_checked = ' checked="checked"';

+ break;

+ case 2:

+ $s_hold_checked = ' checked="checked"';

+ break;

+ }

+ }

+

+ $template->assign_vars(array(

+ 'S_FULL_FOLDER_OPTIONS' => $s_full_folder_options,

+ 'S_TO_FOLDER_OPTIONS' => $s_to_folder_options,

+ 'S_FOLDER_OPTIONS' => $s_folder_options,

+ 'S_DELETE_CHECKED' => $s_delete_checked,

+ 'S_HOLD_CHECKED' => $s_hold_checked,

+ 'S_MOVE_CHECKED' => $s_move_checked,

+ 'S_MAX_FOLDER_REACHED' => ($num_user_folder >= $config['pm_max_boxes']) ? true : false,

+

+ 'DEFAULT_ACTION' => ($config['full_folder_action'] == 1) ? $user->lang['DELETE_OLDEST_MESSAGES'] : $user->lang['HOLD_NEW_MESSAGES'],

+

+ 'U_FIND_USERNAME' => "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=searchuser&amp;form=ucp&amp;field=rule_string")

+ );

+

+ $rule_lang = $action_lang = $check_lang = array();

+

+ // Build all three language arrays

+ preg_replace('#(?:)((RULE|ACTION|CHECK)_([A-Z0-9_]+))(?:)#e', "\${strtolower('\\2') . '_lang'}[constant('\\1')] = \$user->lang['PM_\\2']['\\3']", implode(':', array_keys(get_defined_constants())));

+

+ /*

+ Rule Ordering:

+ -> CHECK_* -> RULE_* [IN $global_privmsgs_rules:CHECK_*] -> [IF $rule_conditions[RULE_*] [|text|bool|user|group|own_group]] -> ACTION_*

+ */

+

+ $check_option = request_var('check_option', 0);

+ $rule_option = request_var('rule_option', 0);

+ $cond_option = request_var('cond_option', '');

+ $action_option = request_var('action_option', '');

+ $back = (isset($_REQUEST['back'])) ? request_var('back', '') : array();

+

+ if (sizeof($back))

+ {

+ if ($action_option)

+ {

+ $action_option = '';

+ }

+ else if ($cond_option)

+ {

+ $cond_option = '';

+ }

+ else if ($rule_option)

+ {

+ $rule_option = 0;

+ }

+ else if ($check_option)

+ {

+ $check_option = 0;

+ }

+ }

+

+ if (isset($back['action']) && $cond_option == 'none')

+ {

+ $back['cond'] = true;

+ }

+

+ // Check

+ define_check_option(($check_option && !isset($back['rule'])) ? true : false, $check_option, $check_lang);

+

+ if ($check_option && !isset($back['rule']))

+ {

+ define_rule_option(($rule_option && !isset($back['cond'])) ? true : false, $rule_option, $rule_lang, $global_privmsgs_rules[$check_option]);

+ }

+

+ if ($rule_option && !isset($back['cond']))

+ {

+ if (!isset($global_rule_conditions[$rule_option]))

+ {

+ $cond_option = 'none';

+ $template->assign_var('NONE_CONDITION', true);

+ }

+ else

+ {

+ define_cond_option(($cond_option && !isset($back['action'])) ? true : false, $cond_option, $rule_option, $global_rule_conditions);

+ }

+ }

+

+ if ($cond_option && !isset($back['action']))

+ {

+ define_action_option(false, $action_option, $action_lang, $folder);

+ }

+

+ show_defined_rules($user->data['user_id'], $check_lang, $rule_lang, $action_lang, $folder);

+}

+

+function define_check_option($hardcoded, $check_option, $check_lang)

+{

+ global $template;

+

+ $s_check_options = '';

+ if (!$hardcoded)

+ {

+ foreach ($check_lang as $value => $lang)

+ {

+ $s_check_options .= '<option value="' . $value . '"' . (($value == $check_option) ? ' selected="selected"' : '') . '>' . $lang . '</option>';

+ }

+ }

+

+ $template->assign_vars(array(

+ 'S_CHECK_DEFINED' => true,

+ 'S_CHECK_SELECT' => ($hardcoded) ? false : true,

+ 'CHECK_CURRENT' => isset($check_lang[$check_option]) ? $check_lang[$check_option] : '',

+ 'S_CHECK_OPTIONS' => $s_check_options,

+ 'CHECK_OPTION' => $check_option)

+ );

+}

+

+function define_action_option($hardcoded, $action_option, $action_lang, $folder)

+{

+ global $db, $template, $user;

+

+ $l_action = $s_action_options = '';

+ if ($hardcoded)

+ {

+ $option = explode('|', $action_option);

+ $action = (int) $option[0];

+ $folder_id = (int) $option[1];

+

+ $l_action = $action_lang[$action];

+ if ($action == ACTION_PLACE_INTO_FOLDER)

+ {

+ $l_action .= ' -> ' . $folder[$folder_id]['folder_name'];

+ }

+ }

+ else

+ {

+ foreach ($action_lang as $action => $lang)

+ {

+ if ($action == ACTION_PLACE_INTO_FOLDER)

+ {

+ foreach ($folder as $folder_id => $folder_ary)

+ {

+ $s_action_options .= '<option value="' . $action . '|' . $folder_id . '"' . (($action_option == $action . '|' . $folder_id) ? ' selected="selected"' : '') . '>' . $lang . ' -> ' . $folder_ary['folder_name'] . '</option>';

+ }

+ }

+ else

+ {

+ $s_action_options .= '<option value="' . $action . '|0"' . (($action_option == $action . '|0') ? ' selected="selected"' : '') . '>' . $lang . '</option>';

+ }

+ }

+ }

+

+ $template->assign_vars(array(

+ 'S_ACTION_DEFINED' => true,

+ 'S_ACTION_SELECT' => ($hardcoded) ? false : true,

+ 'ACTION_CURRENT' => $l_action,

+ 'S_ACTION_OPTIONS' => $s_action_options,

+ 'ACTION_OPTION' => $action_option)

+ );

+}

+

+function define_rule_option($hardcoded, $rule_option, $rule_lang, $check_ary)

+{

+ global $template;

+

+ $s_rule_options = '';

+ if (!$hardcoded)

+ {

+ foreach ($check_ary as $value => $_check)

+ {

+ $s_rule_options .= '<option value="' . $value . '"' . (($value == $rule_option) ? ' selected="selected"' : '') . '>' . $rule_lang[$value] . '</option>';

+ }

+ }

+

+ $template->assign_vars(array(

+ 'S_RULE_DEFINED' => true,

+ 'S_RULE_SELECT' => !$hardcoded,

+ 'RULE_CURRENT' => isset($rule_lang[$rule_option]) ? $rule_lang[$rule_option] : '',

+ 'S_RULE_OPTIONS' => $s_rule_options,

+ 'RULE_OPTION' => $rule_option)

+ );

+}

+

+function define_cond_option($hardcoded, $cond_option, $rule_option, $global_rule_conditions, &$rule_save_ary)

+{

+ global $db, $template, $_REQUEST;

+

+ $template->assign_vars(array(

+ 'S_COND_DEFINED' => true,

+ 'S_COND_SELECT' => (!$hardcoded && isset($global_rule_conditions[$rule_option])) ? true : false)

+ );

+

+ // Define COND_OPTION

+ if (!isset($global_rule_conditions[$rule_option]))

+ {

+ $template->assign_vars(array(

+ 'COND_OPTION' => 'none',

+ 'COND_CURRENT' => false)

+ );

+ return;

+ }

+

+ // Define Condition

+ $condition = $global_rule_conditions[$rule_option];

+ $current_value = '';

+

+ switch ($condition)

+ {

+ case 'text':

+ $rule_string = request_var('rule_string', '');

+

+ $template->assign_vars(array(

+ 'S_TEXT_CONDITION' => true,

+ 'CURRENT_STRING' => $rule_string,

+ 'CURRENT_USER_ID' => 0,

+ 'CURRENT_GROUP_ID' => 0)

+ );

+

+ $current_value = $rule_string;

+ break;

+

+ case 'user':

+ $rule_user_id = request_var('rule_user_id', 0);

+ $rule_string = request_var('rule_string', '');

+

+ if ($rule_string && !$rule_user_id)

+ {

+ $sql = 'SELECT user_id

+ FROM ' . USERS_TABLE . "

+ WHERE username = '" . $db->sql_escape($rule_string) . "'";

+ $result = $db->sql_query($sql);

+ if (!($rule_user_id = $db->sql_fetchfield('user_id', 0, $result)))

+ {

+ $rule_string = '';

+ }

+ $db->sql_freeresult($result);

+ }

+ else if (!$rule_string && $rule_user_id)

+ {

+ $sql = 'SELECT username

+ FROM ' . USERS_TABLE . "

+ WHERE user_id = $rule_user_id";

+ $result = $db->sql_query($sql);

+ if (!($rule_string = $db->sql_fetchfield('username', 0, $result)))

+ {

+ $rule_user_id = 0;

+ }

+ $db->sql_freeresult($result);

+ }

+

+ $template->assign_vars(array(

+ 'S_USER_CONDITION' => true,

+ 'CURRENT_STRING' => $rule_string,

+ 'CURRENT_USER_ID' => $rule_user_id,

+ 'CURRENT_GROUP_ID' => 0)

+ );

+

+ $current_value = $rule_string;

+ break;

+

+ case 'group':

+ $rule_group_id = request_var('rule_group_id', 0);

+ $rule_string = request_var('rule_string', '');

+

+ $template->assign_vars(array(

+ 'S_GROUP_CONDITION' => true,

+ 'CURRENT_STRING' => $rule_string,

+ 'CURRENT_USER_ID' => 0,

+ 'CURRENT_GROUP_ID' => $rule_group_id)

+ );

+

+ $current_value = $rule_string;

+

+ break;

+

+ default:

+ return;

+ }

+

+ $template->assign_vars(array(

+ 'COND_OPTION' => $condition,

+ 'COND_CURRENT' => $current_value)

+ );

+}

+

+function show_defined_rules($user_id, $check_lang, $rule_lang, $action_lang, $folder)

+{

+ global $db, $template;

+

+ $sql = 'SELECT *

+ FROM ' . PRIVMSGS_RULES_TABLE . '

+ WHERE user_id = ' . $user_id;

+ $result = $db->sql_query($sql);

+

+ $count = 0;

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $template->assign_block_vars('rule', array(

+ 'COUNT' => ++$count,

+ 'RULE_ID' => $row['rule_id'],

+ 'CHECK' => $check_lang[$row['rule_check']],

+ 'RULE' => $rule_lang[$row['rule_connection']],

+ 'STRING' => $row['rule_string'],

+ 'ACTION' => $action_lang[$row['rule_action']],

+ 'FOLDER' => ($row['rule_action'] == ACTION_PLACE_INTO_FOLDER) ? $folder[$row['rule_folder_id']]['folder_name'] : '')

+ );

+ }

+ $db->sql_freeresult($result);

+}

+

+?> \ No newline at end of file

+<?php

+// -------------------------------------------------------------

+//

+// $Id$

+//

+// FILENAME : viewfolder.php

+// STARTED : Sun Apr 11, 2004

+// COPYRIGHT : © 2004 phpBB Group

+// WWW : http://www.phpbb.com/

+// LICENCE : GPL vs2.0 [ see /docs/COPYING ]

+//

+// -------------------------------------------------------------

+

+// * Called from ucp_pm with mode == 'view_messages' && action == 'view_folder'

+

+function view_folder($id, $mode, $folder_id, $folder, $type)

+{

+ global $phpbb_root_path, $phpEx, $SID, $user, $template, $auth, $config, $db;

+

+ $user->add_lang('viewforum');

+

+ // Grab icons

+ $icons = array();

+ obtain_icons($icons);

+

+ $color_rows = array('marked', 'replied', 'message_reported', 'friend', 'foe');

+

+ foreach ($color_rows as $var)

+ {

+ $template->assign_block_vars('pm_colour_info', array(

+ 'IMG' => $user->img("pm_{$var}", ''),

+ 'CLASS' => "pm_{$var}_colour",

+ 'LANG' => $user->lang[strtoupper($var) . '_MESSAGE'])

+ );

+ }

+

+ $mark_options = array('mark_important', 'delete_marked');

+

+ $s_mark_options = '';

+ foreach ($mark_options as $mark_option)

+ {

+ $s_mark_options .= '<option value="' . $mark_option . '">' . $user->lang[strtoupper($mark_option)] . '</option>';

+ }

+

+ $friend = $foe = array();

+

+ // Get friends and foes

+ $sql = 'SELECT *

+ FROM ' . ZEBRA_TABLE . '

+ WHERE user_id = ' . $user->data['user_id'];

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $friend[$row['zebra_id']] = $row['friend'];

+ $foe[$row['zebra_id']] = $row['foe'];

+ }

+ $db->sql_freeresult($result);

+

+ $template->assign_vars(array(

+ 'S_UNREAD' => ($type == 'unread'),

+ 'S_MARK_OPTIONS'=> $s_mark_options)

+ );

+

+ $folder_info = get_pm_from($folder_id, $folder, $user->data['user_id'], "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=$id", $type);

+

+ // Okay, lets dump out the page ...

+ if (sizeof($folder_info['pm_list']))

+ {

+ // Build Recipient List if in outbox/sentbox - max two additional queries

+ $recipient_list = $address_list = $address = array();

+ if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX)

+ {

+

+ foreach ($folder_info['rowset'] as $message_id => $row)

+ {

+ $address[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address']));

+ foreach (array('u', 'g') as $save)

+ {

+ if (isset($address[$message_id][$save]) && sizeof($address[$message_id][$save]))

+ {

+ foreach (array_keys($address[$message_id][$save]) as $ug_id)

+ {

+ $recipient_list[$save][$ug_id] = array('name' => $user->lang['NA'], 'colour' => '');

+ }

+ }

+ }

+ }

+

+ foreach (array('u', 'g') as $ug_type)

+ {

+ if (isset($recipient_list[$ug_type]) && sizeof($recipient_list[$ug_type]))

+ {

+ $sql = ($ug_type == 'u') ? 'SELECT user_id as id, username as name, user_colour as colour FROM ' . USERS_TABLE . ' WHERE user_id' : 'SELECT group_id as id, group_name as name, group_colour as colour FROM ' . GROUPS_TABLE . ' WHERE group_id';

+ $sql .= ' IN (' . implode(', ', array_keys($recipient_list[$ug_type])) . ')';

+

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $recipient_list[$ug_type][$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);

+ }

+ $db->sql_freeresult($result);

+ }

+ }

+

+ foreach ($address as $message_id => $adr_ary)

+ {

+ foreach ($adr_ary as $type => $id_ary)

+ {

+ foreach ($id_ary as $ug_id => $_id)

+ {

+ $address_list[$message_id][] = (($type == 'u') ? "<a href=\"{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=$ug_id\">" : "<a href=\"{$phpbb_root_path}groupcp.$phpEx$SID&amp;g=$ug_id\">") . (($recipient_list[$type][$ug_id]['colour']) ? '<span style="color:#' . $recipient_list[$type][$ug_id]['colour'] . '">' : '<span>') . $recipient_list[$type][$ug_id]['name'] . '</span></a>';

+ }

+ }

+ }

+

+ unset($recipient_list, $address);

+ }

+

+ $i = 0;

+ $url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=$id";

+

+ foreach ($folder_info['pm_list'] as $message_id)

+ {

+ $row =& $folder_info['rowset'][$message_id];

+

+ $folder_img = ($row['unread']) ? 'folder_new' : 'folder';

+ $folder_alt = ($row['unread']) ? 'NEW_MESSAGES' : 'NO_NEW_MESSAGES';

+

+ // Generate all URIs ...

+ $message_author = "<a href=\"{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $row['author_id'] . '">' . $row['username'] . '</a>';

+ $view_message_url = "$url&amp;f=$folder_id&amp;p=$message_id";

+

+ $row_indicator = '';

+ foreach ($color_rows as $var)

+ {

+ if (($var != 'friend' && $var != 'foe' && $row[$var])

+ ||

+ (($var == 'friend' || $var == 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']]))

+ {

+ $row_indicator = $var;

+ break;

+ }

+ }

+

+ // Send vars to template

+ $template->assign_block_vars('messagerow', array(

+ 'PM_CLASS' => ($row_indicator) ? 'pm_' . $row_indicator . '_colour' : '',

+

+ 'FOLDER_ID' => $folder_id,

+ 'MESSAGE_ID' => $message_id,

+ 'MESSAGE_AUTHOR' => $message_author,

+ 'SENT_TIME' => $user->format_date($row['message_time'], $config['board_timezone']),

+ 'SUBJECT' => censor_text($row['message_subject']),

+ 'FOLDER' => (isset($folder[$row['folder_id']])) ? $folder[$row['folder_id']]['folder_name'] : '',

+ 'U_FOLDER' => (isset($folder[$row['folder_id']])) ? "$url&amp;folder=" . $row['folder_id'] : '',

+ 'PM_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '<img src="' . $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] . '" width="' . $icons[$row['icon_id']]['width'] . '" height="' . $icons[$row['icon_id']]['height'] . '" alt="" title="" />' : '',

+ 'FOLDER_IMG' => $user->img($folder_img, $folder_alt),

+ 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '',

+ 'ATTACH_ICON_IMG' => ($auth->acl_get('u_download') && $row['message_attachment'] && $config['pm_attachments'] && $config['auth_download_pm']) ? $user->img('icon_attach', sprintf($user->lang['TOTAL_ATTACHMENTS'], $row['message_attachment'])) : '',

+

+ 'S_ROW_COUNT' => $i,

+ 'S_PM_REPORTED' => (!empty($row['message_reported']) && $auth->acl_get('m_')) ? true : false,

+

+ 'U_VIEW_PM' => $view_message_url,

+ 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode(', ', $address_list[$message_id]) : '',

+ 'U_MCP_REPORT' => "{$phpbb_root_path}mcp.$phpEx?sid={$user->session_id}&amp;mode=reports&amp;pm=$message_id")

+// 'U_MCP_QUEUE' => "mcp.$phpEx?sid={$user->session_id}&amp;mode=mod_queue&amp;t=$topic_id")

+ );

+

+ $i++;

+

+ unset($folder_info['rowset'][$message_id]);

+ }

+

+ $template->assign_vars(array(

+ 'S_SHOW_RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? true : false,

+ 'S_SHOW_COLOUR_LEGEND' => true)

+ );

+ }

+}

+

+// Get PM's in folder x from user x

+// Get PM's in all folders from user x with type of x (unread, new)

+function get_pm_from($folder_id, $folder, $user_id, $url, $type = 'folder')

+{

+ global $user, $db, $template, $config, $auth, $_POST;

+

+ $start = request_var('start', 0);

+

+ $sort_days = (isset($_REQUEST['st'])) ? max(intval($_REQUEST['st']), 0) : ((!empty($user->data['user_show_days'])) ? $user->data['user_show_days'] : 0);

+ $sort_key = (!empty($_REQUEST['sk'])) ? htmlspecialchars($_REQUEST['sk']) : ((!empty($user->data['user_sortby_type'])) ? $user->data['user_sortby_type'] : 't');

+ $sort_dir = (!empty($_REQUEST['sd'])) ? htmlspecialchars($_REQUEST['sd']) : ((!empty($user->data['user_sortby_dir'])) ? $user->data['user_sortby_dir'] : 'd');

+

+ // PM ordering options

+ $limit_days = array(0 => $user->lang['ALL_MESSAGES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 364 => $user->lang['1_YEAR']);

+ $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);

+ $sort_by_sql = array('a' => 'u.username', 't' => 'p.message_time', 's' => 'p.subject');

+

+ $sort_key = (!in_array($sort_key, array('a', 't', 's'))) ? 't' : $sort_key;

+

+ $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';

+ gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);

+

+ if ($type != 'folder')

+ {

+ $folder_sql = ($type == 'unread') ? 't.unread = 1' : 't.new = 1';

+ $folder_id = PRIVMSGS_INBOX;

+ }

+ else

+ {

+ $folder_sql = 't.folder_id = ' . (int) $folder_id;

+ }

+

+ // Limit pms to certain time frame, obtain correct pm count

+ if ($sort_days)

+ {

+ $min_post_time = time() - ($sort_days * 86400);

+

+ $sql = 'SELECT COUNT(t.msg_id) AS pm_count

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . " p

+ WHERE $folder_sql

+ AND t.user_id = $user_id

+ AND t.msg_id = p.msg_id

+ AND p.message_time >= $min_post_time";

+ $result = $db->sql_query_limit($sql, 1);

+

+ if (isset($_POST['sort']))

+ {

+ $start = 0;

+ }

+

+ $pm_count = ($row = $db->sql_fetchrow($result)) ? $row['pm_count'] : 0;

+ $db->sql_freeresult($result);

+

+ $sql_limit_time = "AND p.message_time >= $min_post_time";

+ }

+ else

+ {

+ if ($type == 'folder')

+ {

+ $pm_count = $folder[$folder_id]['num_messages'];

+ }

+ else

+ {

+ if (in_array($folder_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX)))

+ {

+ $sql = 'SELECT COUNT(t.msg_id) AS pm_count

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . " p

+ WHERE $folder_sql

+ AND t.user_id = $user_id

+ AND t.msg_id = p.msg_id";

+ }

+ else

+ {

+ $sql = 'SELECT pm_count

+ FROM ' . PRIVMSGS_FOLDER_TABLE . "

+ WHERE folder_id = $folder_id

+ AND user_id = $user_id";

+ }

+ $result = $db->sql_query_limit($sql, 1);

+ $pm_count = ($row = $db->sql_fetchrow($result)) ? $row['pm_count'] : 0;

+ $db->sql_freeresult($result);

+ }

+

+ $sql_limit_time = '';

+ }

+

+ $template->assign_vars(array(

+ 'PAGINATION' => generate_pagination("$url&amp;mode=view_messages&amp;action=view_folder&amp;f=$folder_id&amp;$u_sort_param", $pm_count, $config['topics_per_page'], $start),

+ 'PAGE_NUMBER' => on_page($pm_count, $config['topics_per_page'], $start),

+ 'TOTAL_MESSAGES'=> (($pm_count == 1) ? $user->lang['VIEW_PM_MESSAGE'] : sprintf($user->lang['VIEW_PM_MESSAGES'], $pm_count)),

+

+ 'POST_IMG' => (!$auth->acl_get('u_sendpm')) ? $user->img('btn_locked', $post_alt) : $user->img('btn_post_pm', $post_alt),

+

+ 'REPORTED_IMG' => $user->img('icon_reported', 'MESSAGE_REPORTED'),

+

+ 'L_NO_MESSAGES' => (!$auth->acl_get('u_sendpm')) ? $user->lang['POST_PM_LOCKED'] : $user->lang['NO_MESSAGES'],

+

+ 'S_SELECT_SORT_DIR' => $s_sort_dir,

+ 'S_SELECT_SORT_KEY' => $s_sort_key,

+ 'S_SELECT_SORT_DAYS' => $s_limit_days,

+ 'S_TOPIC_ICONS' => ($config['enable_pm_icons']) ? true : false,

+

+ 'U_POST_NEW_TOPIC' => ($auth->acl_get('u_sendpm')) ? "$url&amp;mode=compose&amp;action=post" : '',

+ 'S_PM_ACTION' => "$url&amp;mode=view_messages&amp;action=view_folder&amp;f=$folder_id")

+ );

+

+ // Grab all pm data

+ $rowset = $pm_list = array();

+

+ // If the user is trying to reach late pages, start searching from the end

+ $store_reverse = false;

+ $sql_limit = $config['topics_per_page'];

+ if ($start > $pm_count / 2)

+ {

+ $store_reverse = true;

+

+ if ($start + $config['topics_per_page'] > $pm_count)

+ {

+ $sql_limit = min($config['topics_per_page'], max(1, $pm_count - $start));

+ }

+

+ // Select the sort order

+ $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'ASC' : 'DESC');

+ $sql_start = max(0, $pm_count - $sql_limit - $start);

+ }

+ else

+ {

+ // Select the sort order

+ $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');

+ $sql_start = $start;

+ }

+

+ $sql = 'SELECT t.*, p.author_id, p.root_level, p.message_time, p.message_subject, p.icon_id, p.message_reported, p.to_address, p.message_attachment, p.bcc_address, u.username

+ FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . " u

+ WHERE t.user_id = $user_id

+ AND p.author_id = u.user_id

+ AND $folder_sql

+ AND t.msg_id = p.msg_id

+ $sql_limit_time

+ ORDER BY $sql_sort_order";

+

+ $result = $db->sql_query_limit($sql, $sql_limit, $sql_start);

+

+ while($row = $db->sql_fetchrow($result))

+ {

+ $rowset[$row['msg_id']] = $row;

+ $pm_list[] = $row['msg_id'];

+ }

+ $db->sql_freeresult($result);

+

+ $pm_list = ($store_reverse) ? array_reverse($pm_list) : $pm_list;

+

+ return array(

+ 'pm_count' => $pm_count,

+ 'pm_list' => $pm_list,

+ 'rowset' => $rowset

+ );

+}

+

+?> \ No newline at end of file

+<?php

+// -------------------------------------------------------------

+//

+// $Id$

+//

+// FILENAME : viewmessage.php

+// STARTED : Mon Apr 12, 2004

+// COPYRIGHT : © 2004 phpBB Group

+// WWW : http://www.phpbb.com/

+// LICENCE : GPL vs2.0 [ see /docs/COPYING ]

+//

+// -------------------------------------------------------------

+

+function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)

+{

+ global $phpbb_root_path, $phpEx, $SID, $user, $template, $auth, $config, $db;

+

+ $user->add_lang('viewtopic');

+

+ $msg_id = (int) $msg_id;

+ $folder_id = (int) $folder_id;

+ $author_id = (int) $message_row['author_id'];

+

+ // Grab icons

+ $icons = array();

+ obtain_icons($icons);

+

+ // Instantiate BBCode if need be

+ if ($message_row['bbcode_bitfield'])

+ {

+ include($phpbb_root_path . 'includes/bbcode.'.$phpEx);

+ $bbcode = new bbcode($message_row['bbcode_bitfield']);

+ }

+

+ // Assign TO/BCC Addresses to template

+ write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);

+

+ $user_info = get_user_informations($author_id, $message_row);

+

+ // Parse the message and subject

+ $message = $message_row['message_text'];

+

+ // If the board has HTML off but the message has HTML on then we process it, else leave it alone

+ if (!$config['auth_html_pm'] || !$auth->acl_get('u_pm_html'))

+ {

+ if ($message_row['enable_html'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode'))

+ {

+ $message = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $message);

+ }

+ }

+

+ // Second parse bbcode here

+ if ($message_row['bbcode_bitfield'])

+ {

+ $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']);

+ }

+

+ // Always process smilies after parsing bbcodes

+ $message = smilie_text($message);

+

+ // Replace naughty words such as farty pants

+ $message_row['message_subject'] = censor_text($message_row['message_subject']);

+ $message = str_replace("\n", '<br />', censor_text($message));

+

+ // Editing information

+ if ($message_row['message_edit_count'] && $config['display_last_edited'])

+ {

+ $l_edit_time_total = ($message_row['message_edit_count'] == 1) ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL'];

+ $l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, (!$message_row['message_edit_user']) ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time']), $message_row['message_edit_count']);

+ }

+ else

+ {

+ $l_edited_by = '';

+ }

+

+ // Pull attachment data

+ $display_notice = false;

+ $attachments = array();

+

+ if ($message_row['message_attachment'] && $config['allow_pm_attach'])

+ {

+ if ($config['auth_download_pm'] && $auth->acl_get('u_pm_download'))

+ {

+ include($phpbb_root_path . 'includes/functions_display.' . $phpEx);

+

+ $sql = 'SELECT *

+ FROM ' . ATTACHMENTS_TABLE . "

+ WHERE post_msg_id = $msg_id

+ AND in_message = 1

+ ORDER BY filetime " . ((!$config['display_order']) ? 'DESC' : 'ASC') . ', post_msg_id ASC';

+ $result = $db->sql_query($sql);

+

+ while ($row = $db->sql_fetchrow($result))

+ {

+ $attachments[] = $row;

+ }

+ $db->sql_freeresult($result);

+

+ // No attachments exist, but message table thinks they do so go ahead and reset attach flags

+ if (!sizeof($attachments))

+ {

+ $sql = 'UPDATE ' . PRIVMSGS_TABLE . "

+ SET message_attachment = 0

+ WHERE msg_id = $msg_id";

+ $db->sql_query($sql);

+ }

+ }

+ else

+ {

+ $display_notice = true;

+ }

+ }

+

+ // Assign inline attachments

+ if (sizeof($attachments))

+ {

+ // preg_replace_callback does not work here because of inability to correctly assign globals (seems to be a bug in some PHP versions)

+ process_inline_attachments($message, $attachments, $update_count);

+ }

+

+ $user_info['sig'] = '';

+

+ $signature = ($message_row['enable_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_pm_sig') && $user->optionget('viewsigs')) ? $user_info['user_sig'] : '';

+

+ // End signature parsing, only if needed

+ if ($signature)

+ {

+ if ($user_info['user_sig_bbcode_bitfield'])

+ {

+ if (!isset($bbcode) || !$bbcode)

+ {

+ include($phpbb_root_path . 'includes/bbcode.'.$phpEx);

+ $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']);

+ }

+

+ $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']);

+ }

+

+ $signature = smilie_text($signature);

+ $signature = str_replace("\n", '<br />', censor_text($signature));

+ }

+

+ $url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=$id";

+

+ $template->assign_vars(array(

+ 'AUTHOR_NAME' => ($user_info['user_colour']) ? '<span style="color:#' . $user_info['user_colour'] . '">' . $user_info['username'] . '</span>' : $user_info['username'],

+ 'AUTHOR_RANK' => $user_info['rank_title'],

+ 'RANK_IMAGE' => $user_info['rank_image'],

+ 'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '',

+ 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate'], $user->lang['DATE_FORMAT']),

+ 'AUTHOR_POSTS' => (!empty($user_info['user_posts'])) ? $user_info['user_posts'] : '',

+ 'AUTHOR_FROM' => (!empty($user_info['user_from'])) ? $user_info['user_from'] : '',

+

+ 'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : (($user_info['online']) ? $user->img('btn_online', $user->lang['ONLINE']) : $user->img('btn_offline', $user->lang['OFFLINE'])),

+ 'DELETE_IMG' => $user->img('btn_delete', $user->lang['DELETE_PM']),

+ 'IP_IMG' => $user->img('btn_ip', $user->lang['VIEW_IP']),

+ 'REPORT_IMG' => $user->img('btn_report', $user->lang['REPORT_PM']),

+ 'REPORTED_IMG' => $user->img('icon_reported', $user->lang['REPORTED_MESSAGE']),

+ 'PROFILE_IMG' => $user->img('btn_profile', $user->lang['READ_PROFILE']),

+ 'EMAIL_IMG' => $user->img('btn_email', $user->lang['SEND_EMAIL']),

+ 'QUOTE_IMG' => $user->img('btn_quote', $user->lang['POST_QUOTE_PM']),

+ 'REPLY_IMG' => $user->img('btn_reply_pm', $user->lang['POST_REPLY_PM']),

+ 'EDIT_IMG' => $user->img('btn_edit', $user->lang['POST_EDIT_PM']),

+ 'MINI_POST_IMG' => $user->img('icon_post', $user->lang['PM']),

+

+ 'SENT_DATE' => $user->format_date($message_row['message_time']),

+ 'SUBJECT' => $message_row['message_subject'],

+ 'MESSAGE' => $message,

+ 'SIGNATURE' => ($message_row['enable_sig']) ? $signature : '',

+ 'EDITED_MESSAGE' => $l_edited_by,

+

+ 'U_MCP_REPORT' => "{$phpbb_root_path}mcp.$phpEx$SID&amp;mode=pm_details&amp;p=" . $message_row['msg_id'],

+ 'U_REPORT' => ($config['auth_report_pm'] && $auth->acl_get('u_pm_report')) ? "{$phpbb_root_path}report.$phpEx$SID&amp;pm=" . $message_row['msg_id'] : '',

+ 'U_IP' => ($auth->acl_get('m_') && $message_row['message_reported']) ? "{$phpbb_root_path}mcp.$phpEx?sid=" . $user->session_id . "&amp;mode=pm_details&amp;p=" . $message_row['msg_id'] . '#ip' : '',

+ 'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&amp;mode=compose&amp;action=delete&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '',

+ 'U_AUTHOR_PROFILE' => "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=" . $author_id,

+ 'U_EMAIL' => $user_info['email'],

+ 'U_QUOTE' => ($config['auth_quote_pm'] && $auth->acl_get('u_sendpm') && $author_id != $user->data['user_id']) ? "$url&amp;mode=compose&amp;action=quote&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '',

+ 'U_EDIT' => (($message_row['message_time'] > time() - $config['pm_edit_time'] || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit')) ? "$url&amp;mode=compose&amp;action=edit&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '',

+ 'U_POST_REPLY_PM' => ($author_id != $user->data['user_id'] && $auth->acl_get('u_sendpm')) ? "$url&amp;mode=compose&amp;action=reply&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '',

+ 'U_PREVIOUS_PM' => "$url&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] . "&amp;view=previous",

+ 'U_NEXT_PM' => "$url&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] . "&amp;view=next",

+

+ 'S_MESSAGE_REPORTED'=> ($message_row['message_reported'] && $auth->acl_get('m_')) ? true : false,

+ 'S_HAS_ATTACHMENTS' => (sizeof($attachments)) ? true : false,

+ 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'],

+

+ 'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] . "&amp;view=print" : '',

+ 'U_EMAIL_PM' => ($config['email_pm'] && $config['email_enable'] && $auth->acl_get('u_pm_emailpm')) ? 'Email' : '',

+ 'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_pm_forward')) ? "$url&amp;mode=compose&amp;action=forward&amp;f=$folder_id&amp;p=" . $message_row['msg_id'] : '')

+ );

+

+ // Display not already displayed Attachments for this post, we already parsed them. ;)

+ if (sizeof($attachments))

+ {

+ foreach ($attachments as $attachment)

+ {

+ $template->assign_block_vars('attachment', array(

+ 'DISPLAY_ATTACHMENT' => $attachment)

+ );

+ }

+ }

+

+ if ($_REQUEST['view'] != 'print')

+ {

+ // Message History

+ if (message_history($msg_id, $user->data['user_id'], $message_row, $folder))

+ {

+ $template->assign_var('S_DISPLAY_HISTORY', true);

+ }

+ }

+}

+

+// Display Message History

+function message_history($msg_id, $user_id, $message_row, $folder)

+{

+ global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $SID, $auth, $bbcode;

+

+ // Get History Messages (could be newer)

+ $sql = 'SELECT t.*, p.*, u.*

+ FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . ' t, ' . USERS_TABLE . ' u

+ WHERE t.msg_id = p.msg_id

+ AND p.author_id = u.user_id

+ AND t.folder_id <> ' . PRIVMSGS_NO_BOX . "

+ AND t.user_id = $user_id";

+

+ if (!$message_row['root_level'])

+ {

+ $sql .= " AND (p.root_level = $msg_id OR (p.root_level = 0 AND p.msg_id = $msg_id))";

+ }

+ else

+ {

+ $sql .= " AND (p.root_level = " . $message_row['root_level'] . ' OR p.msg_id = ' . $message_row['root_level'] . ')';

+ }

+ $sql .= ' ORDER BY p.message_time ';

+ $sort_dir = (!empty($user->data['user_sortby_dir'])) ? $user->data['user_sortby_dir'] : 'd';

+ $sql .= ($sort_dir == 'd') ? 'ASC' : 'DESC';

+

+ $result = $db->sql_query($sql);

+

+ if (!($row = $db->sql_fetchrow($result)))

+ {

+ return false;

+ }

+

+ $rowset = array();

+ $bbcode_bitfield = 0;

+ $folder_url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm&amp;folder=";

+

+ $title = ($sort_dir == 'd') ? $row['message_subject'] : '';

+ do

+ {

+ $folder_id = (int) $row['folder_id'];

+

+ $row['folder'][] = (isset($folder[$folder_id])) ? '<a href="' . $folder_url . $folder_id . '">' . $folder[$folder_id]['folder_name'] . '</a>' : $user->lang['UNKOWN_FOLDER'];

+

+ if (isset($rowset[$row['msg_id']]))

+ {

+ $rowset[$row['msg_id']]['folder'][] = (isset($folder[$folder_id])) ? '<a href="' . $folder_url . $folder_id . '">' . $folder[$folder_id]['folder_name'] . '</a>' : $user->lang['UNKOWN_FOLDER'];

+ }

+ else

+ {

+ $rowset[$row['msg_id']] = $row;

+ $bbcode_bitfield |= $row['bbcode_bitfield'];

+ }

+ }

+ while ($row = $db->sql_fetchrow($result));

+ $db->sql_freeresult($result);

+

+ $title = ($sort_dir == 'a') ? $row['message_subject'] : $title;

+

+ if (sizeof($rowset) == 1)

+ {

+ return false;

+ }

+

+ // Instantiate BBCode class

+ if (!isset($bbcode) && $bbcode_bitfield)

+ {

+ if (!class_exists('bbcode'))

+ {

+ include($phpbb_root_path . 'includes/bbcode.'.$phpEx);

+ }

+ $bbcode = new bbcode($bbcode_bitfield);

+ }

+

+ $title = censor_text($title);

+

+ $i = 1;

+ $url = "{$phpbb_root_path}ucp.$phpEx$SID&amp;i=pm";

+ $next_history_pm = $previous_history_pm = $prev_id = 0;

+

+ foreach ($rowset as $id => $row)

+ {

+ $author_id = $row['author_id'];

+ $author = $row['username'];

+ $folder_id = (int) $row['folder_id'];

+

+ $subject = $row['message_subject'];

+ $message = $row['message_text'];

+

+ if ($row['bbcode_bitfield'])

+ {

+ $bbcode->bbcode_second_pass($message, $row['bbcode_uid'], $row['bbcode_bitfield']);

+ }

+

+ $message = smilie_text($message, !$row['enable_smilies']);

+

+ $subject = censor_text($subject);

+ $message = censor_text($message);

+

+ if ($id == $msg_id)

+ {

+ $next_history_pm = next($rowset);

+ $next_history_pm = (sizeof($next_history_pm)) ? (int) $next_history_pm['msg_id'] : 0;

+ $previous_history_pm = $prev_id;

+ }

+

+ $template->assign_block_vars('history_row', array(

+ 'AUTHOR_NAME' => $author,

+ 'SUBJECT' => $subject,

+ 'SENT_DATE' => $user->format_date($row['message_time']),

+ 'MESSAGE' => str_replace("\n", '<br />', $message),

+ 'FOLDER' => implode(', ', $row['folder']),

+

+ 'S_CURRENT_MSG' => ($row['msg_id'] == $msg_id),

+

+ 'U_MSG_ID' => $row['msg_id'],

+ 'U_VIEW_MESSAGE'=> "$url&amp;f=$folder_id&amp;p=" . $row['msg_id'],

+ 'U_AUTHOR_PROFILE' => "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=$author_id",

+ 'U_QUOTE' => ($config['auth_quote_pm'] && $auth->acl_get('u_sendpm') && $author_id != $user->data['user_id']) ? "$url&amp;mode=compose&amp;action=quote&amp;f=" . $folder_id . "&amp;p=" . $row['msg_id'] : '',

+ 'U_POST_REPLY_PM' => ($author_id != $user->data['user_id'] && $auth->acl_get('u_sendpm')) ? "$url&amp;mode=compose&amp;action=reply&amp;f=$folder_id&amp;p=" . $row['msg_id'] : '',

+

+ 'S_ROW_COUNT' => $i)

+ );

+ unset($rowset[$id]);

+ $prev_id = $id;

+ $i++;

+ }

+

+ $template->assign_vars(array(

+ 'QUOTE_IMG' => $user->img('btn_quote', $user->lang['REPLY_WITH_QUOTE']),

+ 'TITLE' => $title,

+

+ 'U_VIEW_NEXT_HISTORY' => "$url&amp;p=" . (($next_history_pm) ? $next_history_pm : $msg_id),

+ 'U_VIEW_PREVIOUS_HISTORY' => "$url&amp;p=" . (($previous_history_pm) ? $previous_history_pm : $msg_id))

+ );

+

+ return true;

+}

+

+// Get User Informations (only for message display)

+function get_user_informations($user_id, $user_row)

+{

+ global $config, $db, $auth, $user, $phpbb_root_path, $phpEx, $SID;

+

+ if (!$user_id)

+ {

+ return;

+ }

+

+ if (empty($user_row))

+ {

+ $user_row = get_userdata((int) $user_id);

+ }

+

+ // Grab ranks

+ $ranks = array();

+ obtain_ranks($ranks);

+

+ // Generate online information for user

+ if ($config['load_onlinetrack'])

+ {

+ $sql = 'SELECT session_user_id, MAX(session_time) as online_time, MIN(session_allow_viewonline) AS viewonline

+ FROM ' . SESSIONS_TABLE . "

+ WHERE session_user_id = $user_id

+ GROUP BY session_user_id";

+ $result = $db->sql_query_limit($sql, 1);

+

+ $update_time = $config['load_online_time'] * 60;

+ if ($row = $db->sql_fetchrow($result))

+ {

+ $user_row['online'] = (time() - $update_time < $row['online_time'] && ($row['viewonline'] && $user_row['user_allow_viewonline'])) ? true : false;

+ }

+ }

+ else

+ {

+ $user_row['online'] = false;

+ }

+

+ if ($user_row['user_avatar'] && $user->optionget('viewavatars'))

+ {

+ $avatar_img = '';

+ switch ($user_row['user_avatar_type'])

+ {

+ case AVATAR_UPLOAD:

+ $avatar_img = $config['avatar_path'] . '/';

+ break;

+ case AVATAR_GALLERY:

+ $avatar_img = $config['avatar_gallery_path'] . '/';

+ break;

+ }

+ $avatar_img .= $user_row['user_avatar'];

+

+ $user_row['avatar'] = '<img src="' . $avatar_img . '" width="' . $user_row['user_avatar_width'] . '" height="' . $user_row['user_avatar_height'] . '" border="0" alt="" />';

+ }

+

+ if (!empty($user_row['user_rank']))

+ {

+ $user_row['rank_title'] = $ranks['special'][$user_row['user_rank']]['rank_title'];

+ $user_row['rank_image'] = (!empty($ranks['special'][$user_row['user_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$user_row['user_rank']]['rank_image'] . '" border="0" alt="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" title="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" /><br />' : '';

+ }

+ else

+ {

+ foreach ($ranks['normal'] as $rank)

+ {

+ if ($user_row['user_posts'] >= $rank['rank_min'])

+ {

+ $user_row['rank_title'] = $rank['rank_title'];

+ $user_row['rank_image'] = (!empty($rank['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $rank['rank_image'] . '" border="0" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" /><br />' : '';

+ break;

+ }

+ }

+ }

+

+ if (!empty($user_row['user_allow_viewemail']) || $auth->acl_get('a_email'))

+ {

+ $user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? "{$phpbb_root_path}memberlist.$phpEx$SID&amp;mode=email&amp;u=" . $user_id : 'mailto:' . $user_row['user_email'];

+ }

+ else

+ {

+ $user_row['email'] = '';

+ }

+

+ return $user_row;

+}

+

+function process_inline_attachments(&$message, &$attachments, &$update_count)

+{

+ global $user, $config;

+

+ $tpl = array();

+ $tpl = display_attachments(0, NULL, $attachments, $update_count, false, true);

+ $tpl_size = sizeof($tpl);

+

+ $unset_tpl = array();

+

+ preg_match_all('#<!\-\- ia([0-9]+) \-\->(.*?)<!\-\- ia\1 \-\->#', $message, $matches);

+

+ $replace = array();

+ foreach ($matches[0] as $num => $capture)

+ {

+ // Flip index if we are displaying the reverse way

+ $index = ($config['display_order']) ? ($tpl_size-($matches[1][$num] + 1)) : $matches[1][$num];

+

+ $replace['from'][] = $matches[0][$index];

+ $replace['to'][] = (isset($tpl[$index])) ? $tpl[$index] : sprintf($user->lang['MISSING_INLINE_ATTACHMENT'], $matches[2][$num]);

+

+ $unset_tpl[] = $index;

+ }

+ unset($tpl, $tpl_size);

+

+ $message = str_replace($replace['from'], $replace['to'], $message);

+

+ foreach (array_unique($unset_tpl) as $index)

+ {

+ unset($attachments[$index]);

+ }

+}

+

+?> \ No newline at end of file