+//

+// Var definitions

+//

+$html_entities_match = array("#<#", "#>#", "#& #", "#\"#");

+$html_entities_replace = array("&lt;", "&gt;", "&amp; ", "&quot;");

+

+//

+// Parameters

+//

+$submit = ( isset($HTTP_POST_VARS['submit']) ) ? TRUE : 0;

+$submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0;

+$submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0;

+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;

+$preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0;

+$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;

+$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;

+$delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;

+

+$refresh = $preview || $submit_search;

+

+$mark_list = ( !empty($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : 0;

+

+$folder = ( !empty($HTTP_POST_VARS['folder']) ) ? $HTTP_POST_VARS['folder'] : ( (!empty($HTTP_GET_VARS['folder'])) ? $HTTP_GET_VARS['folder'] : "inbox" );

+

+//

+// Cancel

+//

+if( $cancel )

+{

+ header("Location: " . append_sid("privmsg.$phpEx?folder=$folder"));

+}

+if( !empty($HTTP_POST_VARS['mode']) || !empty($HTTP_GET_VARS['mode']) )

+ $mode = ( !empty($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];

+

+$start = ( !empty($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0;

+

+if( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) )

+{

+ $privmsg_id = ( isset($HTTP_POST_VARS[POST_POST_URL]) ) ? $HTTP_POST_VARS[POST_POST_URL] : $HTTP_GET_VARS[POST_POST_URL];

+}

+else

+{

+ $privmsg_id = "";

+}

+// Define the box image links

+//

+$inbox_img = ($folder != "inbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '"><img src="' . $images['pm_inbox'] . '" border="0" alt="' . $lang['Inbox'] . '" /></a>' : '<img src="' . $images['pm_inbox'] . '" border="0" alt="' . $lang['Inbox'] . '" />';

+$inbox_url = ($folder != "inbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '">' . $lang['Inbox'] . '</a>' : $lang['Inbox'];

+

+$outbox_img = ($folder != "outbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=outbox") . '"><img src="' . $images['pm_outbox'] . '" border="0" alt="' . $lang['Outbox'] . '" /></a>' : '<img src="' . $images['pm_outbox'] . '" border="0" alt="' . $lang['Outbox'] . '" />';

+$outbox_url = ($folder != "outbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=outbox") . '">' . $lang['Outbox'] . '</a>' : $lang['Outbox'];

+

+$sentbox_img = ($folder != "sentbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=sentbox") . '"><img src="' . $images['pm_sentbox'] . '" border="0" alt="' . $lang['Sent'] . '" /></a>' : '<img src="' . $images['pm_sentbox'] . '" border="0" alt="' . $lang['Sent'] . '" />';

+$sentbox_url = ($folder != "sentbox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=sentbox") . '">' . $lang['Sent'] . '</a>' : $lang['Sent'];

+

+$savebox_img = ($folder != "savebox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=savebox") . '"><img src="' . $images['pm_savebox'] . '" border="0" alt="' . $lang['Savebox'] . '" /></a>' : '<img src="' . $images['pm_savebox'] . '" border="0" alt="' . $lang['Saved'] . '" />';

+$savebox_url = ($folder != "savebox" || $mode != "") ? '<a href="' . append_sid("privmsg.$phpEx?folder=savebox") . '">' . $lang['Saved'] . '</a>' : $lang['Saved'];

+

+// ----------

+if( $mode == "read" )

+ if( !empty($HTTP_GET_VARS[POST_POST_URL]) )

+ if( !$userdata['session_logged_in'] )

+ if( $folder )

+ //

+ // SQL to pull appropriate message, prevents nosey people

+ // reading other peoples messages ... hopefully!

+ //

+ $l_box_name = $lang['Inbox'];

+

+ $pm_sql_user = "AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND ( pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )";

+ $l_box_name = $lang['Outbox'];

+

+ $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL;

+ $l_box_name = $lang['Sentbox'];

+

+ $pm_sql_user = "AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;

+ $l_box_name = $lang['Savebox'];

+

+ $pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )

+ OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )

+ )";

+ //

+ // Major query obtains the message ...

+ //

+ $sql = "SELECT u.username AS username_1, u.user_id AS user_id_1, u2.username AS username_2, u2.user_id AS user_id_2, u.user_sig_bbcode_uid, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_avatar, pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text

+ FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u, " . USERS_TABLE . " u2

+ AND pmt.privmsgs_text_id = pm.privmsgs_id

+ $pm_sql_user

+ AND u.user_id = pm.privmsgs_from_userid

+ AND u2.user_id = pm.privmsgs_to_userid";

+ if( !$pm_status = $db->sql_query($sql) )

+

+ //

+ // Did the query return any data?

+ //

+ if( !( $privmsg = $db->sql_fetchrow($pm_status) ) )

+ $privmsg_id = $privmsg['privmsgs_id'];

+ //

+ // Is this a new message in the inbox? If it is then save

+ // a copy in the posters sent box

+ //

+ if( $privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL && $folder == "inbox" )

+ if( !$pm_upd_status = $db->sql_query($sql) )

+ // Check to see if the poster has a 'full' sent box

+ //

+ $sql = "SELECT COUNT(privmsgs_id) AS sent_items, MIN(privmsgs_date) AS oldest_post_time

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "

+ AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Could not obtain sent message info for sendee.", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

+

+ if( $db->sql_numrows($result) )

+ {

+ $sent_info = $db->sql_fetchrow($result);

+

+ if( $sent_info['sent_items'] > $board_config['max_sentbox_privmsgs'] )

+ {

+ $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "

+ WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "

+ AND privmsgs_date <= " . $sent_info['oldest_post_time'] . "

+ AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Could not delete oldest privmsgs.", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ }

+

+ //

+ $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)

+ VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . addslashes($privmsg['privmsgs_subject']) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " . $privmsg['privmsgs_attach_sig'] . ")";

+ if( !$pm_sent_status = $db->sql_query($sql) )

+ $sql = "INSERT $sql_priority INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)

+ VALUES ($privmsg_sent_id, '" . $privmsg['privmsgs_bbcode_uid'] . "', '" . addslashes($privmsg['privmsgs_text']) . "')";

+ // Pick a folder, any folder, so long as it's one

+ // below ...

+ if( $folder == "inbox" )

+ {

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_replymsg'] . "\" alt=\"" . $lang['Post_reply_pm'] . "\" border=\"0\"></a>";

+ $quote_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_quotemsg'] . "\" alt=\"" . $lang['Post_quote_pm'] . "\" border=\"0\"></a>";

+ $edit_pm_img = "";

+ $l_box_name = $lang['Inbox'];

+ }

+ else if( $folder == "outbox" )

+ {

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "";

+ $quote_pm_img = "";

+ $edit_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=edit&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_editmsg'] . "\" alt=\"" . $lang['Edit_pm'] . "\" border=\"0\"></a>";

+ $l_box_name = $lang['Outbox'];

+ }

+ else if( $folder == "savebox" )

+ {

+ if( $privmsg['privmsgs_type'] == PRIVMSGS_SAVED_IN_MAIL )

+ {

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_replymsg'] . "\" alt=\"" . $lang['Post_reply_pm'] . "\" border=\"0\"></a>";

+ $quote_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_quotemsg'] . "\" alt=\"" . $lang['Post_quote_pm'] . "\" border=\"0\"></a>";

+ $edit_pm_img = "";

+ }

+ else

+ {

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "";

+ $quote_pm_img = "";

+ $edit_pm_img = "";

+ }

+ $l_box_name = $lang['Saved'];

+ }

+ else if( $folder == "sentbox" )

+ {

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "";

+ $quote_pm_img = "";

+ $edit_pm_img = "";

+ $l_box_name = $lang['Sent'];

+ }

+ $s_hidden_fields = "<input type=\"hidden\" name=\"mark[]\" value=\"$privmsgs_id\" />";

+ $page_title = $lang['Read_private_message'];

+

+ "L_GO" => $lang['Go'],

+ "L_JUMP_TO" => $lang['Jump_to'],

+ "L_SELECT_FORUM" => $lang['Select_forum'],

+

+ "S_JUMPBOX_LIST" => $jumpbox,

+ "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx"))

+ "INBOX_IMG" => $inbox_img,

+ "SENTBOX_IMG" => $sentbox_img,

+ "OUTBOX_IMG" => $outbox_img,

+ "SAVEBOX_IMG" => $savebox_img,

+ "INBOX_LINK" => $inbox_url,

+

+ "POST_PM_IMG" => $post_pm_img,

+ "REPLY_PM_IMG" => $reply_pm_img,

+ "EDIT_PM_IMG" => $edit_pm_img,

+ "QUOTE_PM_IMG" => $quote_pm_img,

+

+ "SENTBOX_LINK" => $sentbox_url,

+ "OUTBOX_LINK" => $outbox_url,

+ "SAVEBOX_LINK" => $savebox_url,

+

+ "BOX_NAME" => $l_box_name,

+

+ "L_INBOX" => $lang['Inbox'],

+ "L_OUTBOX" => $lang['Outbox'],

+ "L_SENTBOX" => $lang['Sent'],

+ "L_SAVEBOX" => $lang['Saved'],

+ "L_FROM" => $lang['From'],

+ "L_TO" => $lang['To'],

+ "S_HIDDEN_FIELDS" => $s_hidden_fields)

+

+ $username_from = $privmsg['username_1'];

+ $user_id_from = $privmsg['user_id_1'];

+ $username_to = $privmsg['username_2'];

+ $user_id_to = $privmsg['user_id_2'];

+ $post_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['default_timezone']);

+ $profile_img = "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id_from") . "\"><img src=\"" . $images['icon_profile'] . "\" alt=\"" . $lang['Read_profile'] . " $username_from\" border=\"0\" /></a>";

+ $email_addr = str_replace("@", " at ", $privmsg['user_email']);

+ $email_img = ($privmsg['user_viewemail'] && $email_addr != "" ) ? "<a href=\"mailto:$email_addr\"><img src=\"" . $images['icon_email'] . "\" alt=\"" . $lang['Send_email'] . " $username_from\" border=\"0\" /></a>" : "";

+ $www_img = ($privmsg['user_website']) ? "<a href=\"" . $privmsg['user_website'] . "\" target=\"_userwww\"><img src=\"" . $images['icon_www'] . "\" alt=\"" . $lang['Visit_website'] . "\" border=\"0\" /></a>" : "";

+ $icq_status_img = "<a href=\"http://wwp.icq.com/" . $privmsg['user_icq'] . "#pager\"><img src=\"http://web.icq.com/whitepages/online?icq=" . $privmsg['user_icq'] . "&amp;img=5\" width=\"18\" height=\"18\" border=\"0\" /></a>";

+ //

+ // This cannot stay like this, it needs a 'proper' solution, eg a separate

+ // template for overlaying the ICQ icon, or we just do away with the icq status

+ // display (which is after all somewhat a pain in the rear :D

+ //

+ if( $theme['template_name'] == "subSilver" )

+ {

+ $icq_add_img = '<table width="59" border="0" cellspacing="0" cellpadding="0"><tr><td nowrap="nowrap" class="icqback"><img src="images/spacer.gif" width="3" height="18" alt = "">' . $icq_status_img . '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $privmsg['user_icq'] . '"><img src="images/spacer.gif" width="35" height="18" border="0" alt="' . $lang['ICQ'] . '" /></a></td></tr></table>';

+ $icq_status_img = "";

+ }

+ else

+ {

+ $icq_add_img = "<a href=\"http://wwp.icq.com/scripts/search.dll?to=" . $privmsg['user_icq'] . "\"><img src=\"" . $images['icon_icq'] . "\" alt=\"" . $lang['ICQ'] . "\" border=\"0\" /></a>";

+ }

+ $aim_img = ($privmsg['user_aim']) ? "<a href=\"aim:goim?screenname=" . $privmsg['user_aim'] . "&amp;message=Hello+Are+you+there?\"><img src=\"" . $images['icon_aim'] . "\" border=\"0\" alt=\"" . $lang['AIM'] . "\" /></a>" : "";

+

+ $msn_img = ($privmsg['user_msnm']) ? "<a href=\"profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id_from\"><img src=\"" . $images['icon_msnm'] . "\" border=\"0\" alt=\"" . $lang['MSNM'] . "\" /></a>" : "";

+

+ $yim_img = ($privmsg['user_yim']) ? "<a href=\"http://edit.yahoo.com/config/send_webmesg?.target=" . $privmsg['user_yim'] . "&amp;.src=pg\"><img src=\"" . $images['icon_yim'] . "\" border=\"0\" alt=\"" . $lang['YIM'] . "\" /></a>" : "";

+ $search_img = "<a href=\"" . append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&amp;showresults=topics") . "\"><img src=\"" . $images['icon_search'] . "\" border=\"0\" /></a>";

+ //

+ // Processing of post

+ //

+ $post_subject = $privmsg['privmsgs_subject'];

+ $private_message = $privmsg['privmsgs_text'];

+ $bbcode_uid = $privmsg['privmsgs_bbcode_uid'];

+

+ $user_sig = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig'] : $privmsg['user_sig'];

+ $user_sig_bbcode_uid = ( $privmsg['privmsgs_from_userid'] == $userdata['user_id'] ) ? $userdata['user_sig_bbcode_uid'] : $privmsg['user_sig_bbcode_uid'];

+

+ //

+ // If the board has HTML off but the post has HTML

+ // on then we process it, else leave it alone

+ //

+ if( !$board_config['allow_html'] )

+ if( $user_sig != "" && $privmsg['privmsgs_enable_sig'] && $userdata['user_allowhtml'] )

+ {

+ $user_sig = preg_replace("#(<)([\/]?.*?)(>)#is", "&lt;\\2&gt;", $user_sig);

+ }

+

+ if( $privmsg['privmsgs_enable_html'] )

+ {

+ $private_message = preg_replace("#(<)([\/]?.*?)(>)#is", "&lt;\\2&gt;", $private_message);

+ }

+ if( $user_sig != "" && $privmsg['privmsgs_attach_sig'] && $user_sig_bbcode_uid != "" )

+ $user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:[0-9a-z\:]+\]/si", "]", $user_sig);

+ if( $bbcode_uid != "" )

+ {

+ $private_message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($private_message, $bbcode_uid) : preg_replace("/\:[0-9a-z\:]+\]/si", "]", $private_message);

+ }

+ $private_message = make_clickable($private_message);

+ if( $privmsg['privmsgs_attach_sig'] && $user_sig != "" )

+ $private_message .= "<br /><br />_________________<br />" . make_clickable($user_sig);

+

+ if( count($orig_word) )

+ $post_subject = preg_replace($orig_word, $replacement_word, $post_subject);

+ $private_message = preg_replace($orig_word, $replacement_word, $private_message);

+ }

+ if( $board_config['allow_smilies'] && $privmsg['privmsgs_enable_smilies'] )

+ {

+ $private_message = smilies_pass($private_message);

+ $private_message = str_replace("\n", "<br />", $private_message);

+ //

+ // Dump it to the templating engine

+ //

+ "MESSAGE_TO" => $username_to,

+ "MESSAGE_FROM" => $username_from,

+ "RANK_IMAGE" => $rank_image,

+ "POSTER_JOINED" => $poster_joined,

+ "POSTER_POSTS" => $poster_posts,

+ "POSTER_FROM" => $poster_from,

+ "SEARCH_IMG" => $search_img,

+ "YIM_IMG" => $yim_img,

+ "POST_SUBJECT" => $post_subject,

+ "MESSAGE" => $private_message,

+ "POST_DATE" => $post_date)

+else if( ( $delete && $mark_list ) || $delete_all )

+ header("Location: " . append_sid("login.$phpEx?forward_page=privmsg.$phpEx&amp;folder=inbox"));

+ if( !$confirm )

+ $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';

+ $s_hidden_fields .= (isset($HTTP_POST_VARS['delete'])) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';

+

+ for($i = 0; $i < count($mark_list); $i++)

+ {

+ $s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . $mark_list[$i] . '" />';

+ }

+

+ // Output confirmation page

+ include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+ $template->set_filenames(array(

+ "confirm_body" => "confirm_body.tpl")

+ );

+ $template->assign_vars(array(

+ "MESSAGE_TITLE" => $lang['Information'],

+ "MESSAGE_TEXT" => "Are you sure you want to delete these message?",

+

+ "L_YES" => $lang['Yes'],

+ "L_NO" => $lang['No'],

+

+ "S_CONFIRM_ACTION" => append_sid("privmsg.$phpEx?folder=$folder"),

+ "S_HIDDEN_FIELDS" => $s_hidden_fields)

+ );

+ $template->pparse("confirm_body");

+ include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

+ }

+ else if( $confirm )

+ if( $delete_all )

+ switch($folder)

+ {

+ case 'inbox':

+ $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (

+ privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )";

+ break;

+

+ case 'outbox':

+ $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_NEW_MAIL;

+ break;

+

+ case 'sentbox':

+ $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;

+ break;

+

+ case 'savebox':

+ $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )

+ OR ( privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";

+ break;

+ }

+

+ $deleteall_sql = "SELECT privmsgs_id

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE " . $delete_type;

+

+ if(!$del_list_status = $db->sql_query($deleteall_sql))

+ {

+ message_die(GENERAL_ERROR, "Could not obtain id list to delete all messages.", "", __LINE__, __FILE__, $deleteall_sql);

+ }

+

+ $delete_list = $db->sql_fetchrowset($del_list_status);

+ for($i = 0; $i < count($delete_list); $i++)

+ {

+ $mark_list[] = $delete_list[$i]['privmsgs_id'];

+ }

+ unset($delete_list);

+ unset($delete_type);

+

+ $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "

+ WHERE ";

+ $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "

+ WHERE ";

+

+ $delete_sql_id = "";

+ for($i = 0; $i < count($mark_list); $i++)

+ if( $delete_sql_id != "" )

+ {

+ $delete_sql_id .= ", ";

+ }

+ $delete_sql_id .= $mark_list[$i];

+

+ $delete_sql .= "privmsgs_id IN ($delete_sql_id)";

+ $delete_text_sql .= "privmsgs_text_id IN ($delete_sql_id)";

+

+ $delete_sql .= " AND ";

+

+ switch($folder)

+ case 'inbox':

+ $delete_sql .= "privmsgs_to_userid = " . $userdata['user_id'] . " AND (

+ privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )";

+ break;

+ case 'outbox':

+ $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_NEW_MAIL;

+ break;

+

+ case 'sentbox':

+ $delete_sql .= "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;

+ break;

+

+ case 'savebox':

+ $delete_sql .= "( ( privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )

+ OR ( privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";

+ break;

+ }

+ if(!$del_status = $db->sql_query($delete_sql, BEGIN_TRANSACTION))

+ message_die(GENERAL_ERROR, "Could not delete private message info.", "", __LINE__, __FILE__, $delete_sql);

+ if(!$del_text_status = $db->sql_query($delete_text_sql, END_TRANSACTION))

+ {

+ message_die(GENERAL_ERROR, "Could not delete private message text.", "", __LINE__, __FILE__, $delete_text_sql);

+ }

+

+}

+else if( $save && $mark_list && $folder != "savebox" && $folder != "outbox")

+{

+ if( !$userdata['session_logged_in'] )

+ header("Location: " . append_sid("login.$phpEx?forward_page=privmsg.$phpEx&folder=inbox"));

+ //

+ // See if recipient is at their savebox limit

+ //

+ $sql = "SELECT COUNT(privmsgs_id) AS savebox_items, MIN(privmsgs_date) AS oldest_post_time

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )

+ OR ( privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";

+ if( !$result = $db->sql_query($sql) )

+ message_die(GENERAL_ERROR, "Could not obtain sent message info for sendee.", "", __LINE__, __FILE__, $sql);

+ }

+

+ $sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

+

+ if( $db->sql_numrows($result) )

+ {

+ $saved_info = $db->sql_fetchrow($result);

+

+ if( $saved_info['savebox_items'] > $board_config['max_savebox_privmsgs'] )

+ $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "

+ WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )

+ OR ( privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )

+ AND privmsgs_date = " . $saved_info['oldest_post_time'];

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Could not delete oldest privmsgs.", "", __LINE__, __FILE__, $sql);

+ }

+ }

+ //

+ // Process request

+ //

+ $saved_sql = "UPDATE " . PRIVMSGS_TABLE;

+ switch($folder)

+ {

+ case 'inbox':

+ $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "

+ WHERE privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND ( privmsgs_type = " . PRIVMSGS_READ_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )";

+ break;

+ case 'outbox':

+ $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "

+ WHERE privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_NEW_MAIL;

+ break;

+ case 'sentbox':

+ $saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "

+ WHERE privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;

+ break;

+ $saved_sql_id = "";

+ for($i = 0; $i < count($mark_list); $i++)

+ {

+ if( $saved_sql_id != "" )

+ $saved_sql_id .= ", ";

+ $saved_sql_id .= $mark_list[$i];

+ }

+ $saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";

+ if( !$save_status = $db->sql_query($saved_sql) )

+ {

+ message_die(GENERAL_ERROR, "Could not save private messages.", "", __LINE__, __FILE__, $saved_sql);

+ }

+}

+else if( $submit || $refresh || $mode != "" )

+{

+ if(!$userdata['session_logged_in'])

+ {

+ header("Location: " . append_sid("login.$phpEx?forward_page=privmsg.$phpEx&amp;folder=$folder&amp;mode=$mode"));

+ if( $mode == "searchuser" )

+ if( isset($HTTP_POST_VARS['search']) )

+ $username_list = username_search("privmsg.$phpEx", $HTTP_POST_VARS['search_author'], 1);

+ username_search("privmsg.$phpEx", "", 1);

+

+ //

+ // Remove this later

+ //

+ exit;

+ }

+

+ //

+ // Toggles

+ //

+ if( !$board_config['allow_html'] )

+ {

+ $html_on = 0;

+ $html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml'];

+ if( !$board_config['allow_bbcode'] )

+ $bbcode_on = 0;

+ $bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode'];

+ if( !$board_config['allow_smilies'] )

+ $smilies_on = 0;

+ }

+ else

+ {

+ $smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile'];

+ $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ if( $submit && $mode != "edit" )

+ $sql = "SELECT MAX(privmsgs_date) AS last_post_time

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE privmsgs_from_userid = " . $userdata['user_id'];

+ if( $result = $db->sql_query($sql) )

+ $db_row = $db->sql_fetchrow($result);

+ $last_post_time = $db_row['last_post_time'];

+ $current_time = time();

+

+ if( ( $current_time - $last_post_time ) < $board_config['flood_interval'])

+ {

+ message_die(GENERAL_MESSAGE, $lang['Flood_Error']);

+ // End Flood control

+ }

+ if( $submit )

+ {

+ if( !empty($HTTP_POST_VARS['username']) )

+ {

+ $to_username = $HTTP_POST_VARS['username'];

+ $sql = "SELECT user_id, user_notify_pm, user_email

+ FROM " . USERS_TABLE . "

+ WHERE username = '" . $to_username . "'

+ AND user_id <> " . ANONYMOUS;

+ if(!$result = $db->sql_query($sql))

+ {

+ $error = TRUE;

+ $error_msg = $lang['No_such_user'];

+ }

+ else

+ {

+ $to_userdata = $db->sql_fetchrow($result);

+ }

+ }

+ else

+ $error_msg .= $lang['No_to_user'];

+ }

+

+ $privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));

+ if( empty($privmsg_subject) )

+ {

+ $error = TRUE;

+ if( !empty($error_msg) )

+ {

+ $error_msg .= "<br />";

+ }

+ if( !empty($HTTP_POST_VARS['message']) )

+ {

+ if( !$error )

+ {

+ if( $bbcode_on )

+ {

+ $bbcode_uid = make_bbcode_uid();

+ }

+

+ $privmsg_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

+

+ }

+ }

+ else

+ {

+ $error = TRUE;

+ if(!empty($error_msg))

+ {

+ $error_msg .= "<br />";

+ }

+ $error_msg .= $lang['Empty_message'];

+ }

+ }

+

+ if( $submit && !$error )

+ {

+ //

+ // Has admin prevented user from sending PM's?

+ //

+ if( !$userdata['user_allow_pm'] )

+ $message = $lang['Cannot_send_privmsg'];

+ message_die(GENERAL_MESSAGE, $message);

+ }

+

+ $msg_time = time();

+

+ if( $mode != "edit" )

+ {

+ //

+ // See if recipient is at their inbox limit

+ //

+ $sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time

+ FROM " . PRIVMSGS_TABLE . "

+ WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_READ_MAIL . " )

+ AND privmsgs_from_userid = " . $to_userdata['user_id'];

+ if( !$result = $db->sql_query($sql) )

+ message_die(GENERAL_ERROR, "Could not obtain sent message info for sendee.", "", __LINE__, __FILE__, $sql);

+ }

+ $sql_priority = (SQL_LAYER == "mysql") ? "LOW_PRIORITY" : "";

+ if( $db->sql_numrows($result) )

+ {

+ $inbox_info = $db->sql_fetchrow($result);

+ if( $inbox_info['inbox_items'] > $board_config['max_inbox_privmsgs'] )

+ $sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "

+ WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )

+ AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "

+ AND privmsgs_to_userid = " . $to_userdata['user_id'];

+ if( !$result = $db->sql_query($sql) )

+ {

+ message_die(GENERAL_ERROR, "Could not delete oldest privmsgs.", "", __LINE__, __FILE__, $sql);

+ }

+

+ //

+ // This area is reserved for future use :D

+ //

+

+ //

+ //

+ //

+

+ $sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)

+ VALUES (" . PRIVMSGS_NEW_MAIL . ", '$privmsg_subject', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '$user_ip', $html_on, $bbcode_on, $smilies_on, $attach_sig)";

+ }

+ else

+ {

+ $sql_info = "UPDATE " . PRIVMSGS_TABLE . "

+ SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '$privmsg_subject', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '$user_ip', privmsgs_enable_html = $html_on, privmsgs_enable_bbcode = $bbcode_on, privmsgs_enable_smilies = $smilies_on, privmsgs_attach_sig = $attach_sig

+ WHERE privmsgs_id = $privmsg_id";

+ }

+

+ if( !$pm_sent_status = $db->sql_query($sql_info, BEGIN_TRANSACTION) )

+ {

+ message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);

+ }

+ else

+ {

+ if( $mode != "edit" )

+ {

+ $privmsg_sent_id = $db->sql_nextid();

+

+ $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)

+ VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '$privmsg_message')";

+ }

+ $sql = "UPDATE " . PRIVMSGS_TEXT_TABLE . "

+ SET privmsgs_text = '$privmsg_message', privmsgs_bbcode_uid = '$bbcode_uid'

+ WHERE privmsgs_text_id = $privmsg_id";

+ }

+

+ if( !$pm_sent_text_status = $db->sql_query($sql, END_TRANSACTION) )

+ {

+ message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);

+ }

+ else if( $mode != "edit" )

+ {

+ if( $to_userdata['user_notify_pm'] && !empty($to_userdata['user_email']) )

+ $path = (dirname($HTTP_SERVER_VARS['REQUEST_URI']) == "/") ? "" : dirname($HTTP_SERVER_VARS['REQUEST_URI']);

+ $email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";

+

+ include($phpbb_root_path . 'includes/emailer.'.$phpEx);

+ $emailer = new emailer($board_config['smtp_delivery']);

+

+ $emailer->use_template("privmsg_notify");

+

+ $emailer->extra_headers($email_headers);

+ $emailer->email_address($to_userdata['user_email']);

+ $emailer->set_subject($lang['Notification_subject']);

+

+ $emailer->assign_vars(array(

+ "USERNAME" => $to_username,

+ "SITENAME" => $board_config['sitename'],

+ "EMAIL_SIG" => str_replace("<br />", "\n", "-- \n" . $board_config['board_email_sig']),

+

+ "U_INBOX" => "http://" . $HTTP_SERVER_VARS['SERVER_NAME'] . $path . "/privmsg.$phpEx?folder=inbox")

+ );

+

+ $emailer->send();

+ $emailer->reset();

+

+ $template->assign_vars(array(

+ "META" => '<meta http-equiv="refresh" content="3;url=privmsg.' . $phpEx . '?folder=inbox">')

+ );

+

+ $msg = $lang['Message_sent'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("privmsg.$phpEx?folder=inbox") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_inbox'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("index.$phpEx") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_index'];

+

+ message_die(GENERAL_MESSAGE, $msg);

+ }

+ else if( $preview || $refresh || $error )

+ {

+

+ //

+ // If we're previewing or refreshing then obtain the data

+ // passed to the script, process it a little, do some checks

+ // where neccessary, etc.

+ //

+ $to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : "";

+ $privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : "";

+ $privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim(stripslashes($HTTP_POST_VARS['message'])) : "";

+ $privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);

+

+ //

+ // Do mode specific things

+ //

+ if( $mode == "post" )

+ $page_title = $lang['Send_new_privmsg'];

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ }

+ else if( $mode == "reply" )

+ {

+ $page_title = $lang['Reply_privmsg'];

+

+ $user_sig = ( $userdata['user_sig'] != "" ) ? $userdata['user_sig'] : "";

+

+ }

+ else if( $mode == "edit" )

+ {

+ $page_title = $lang['Edit_privmsg'];

+

+ $sql = "SELECT u.user_id, u.user_sig

+ FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u

+ WHERE pm.privmsgs_id = $privmsg_id

+ AND u.user_id = pm.privmsgs_from_userid";

+ if($result = $db->sql_query($sql))

+ {

+ $postrow = $db->sql_fetchrow($result);

+

+ if( $userdata['user_id'] != $postrow['user_id'] )

+ {

+ message_die(GENERAL_MESSAGE, $lang['Sorry_edit_own_posts']);

+ }

+

+ $user_sig = ( $postrow['user_sig'] != "" ) ? $postrow['user_sig'] : "";

+ }

+ else

+ {

+ message_die(GENERAL_ERROR, "Couldn't obtain post and post text", "", __LINE__, __FILE__, $sql);

+ }

+ }

+

+ //

+ // Process the username list operations

+ //

+ if( $submit_search )

+ {

+ if( !empty($HTTP_POST_VARS['username_search']) )

+ }

+ }

+ else

+ {

+ if( !$privmsg_id && ( $mode == "reply" || $mode == "edit" || $mode == "quote" ) )

+ {

+ message_die(GENERAL_ERROR, $lang['No_post_id']);

+ if( !empty($HTTP_GET_VARS[POST_USERS_URL]) )

+ $user_id = $HTTP_GET_VARS[POST_USERS_URL];

+

+ $sql = "SELECT username

+ WHERE user_id = $user_id

+ $row = $db->sql_fetchrow($result);

+ $to_username = $row['username'];

+

+ //

+ // Obtain list of groups/users is

+ // this user is a group moderator

+ //

+ if( $mode == "post" )

+ unset($mod_group_list);

+ $sql = "SELECT g.group_id, g.group_name, g.group_moderator, g.group_single_user, u.username

+ FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u

+ WHERE g.group_moderator = " . $userdata['user_id'] ."

+ AND ug.group_id = g.group_id

+ AND u.user_id = ug.user_id";

+ if(!$group_status = $db->sql_query($sql))

+ message_die(GENERAL_ERROR, "Could not obtain group moderator list.", "", __LINE__, __FILE__, $sql);

+ }

+ if($db->sql_numrows($group_status))

+ {

+ $mod_group_list = $db->sql_fetchrowset($group_status);

+ if( $mode == "edit" )

+ $sql = "SELECT pm.privmsgs_id, pm.privmsgs_subject, pmt.privmsgs_text, u.username, u.user_id, u.user_sig

+ FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u

+ WHERE pm.privmsgs_id = $privmsg_id

+ AND pmt.privmsgs_text_id = pm.privmsgs_id

+ AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "

+ AND u.user_id = pm.privmsgs_to_userid";

+ if( !$pm_edit_status = $db->sql_query($sql) )

+ message_die(GENERAL_ERROR, "Could not obtain private message for editing.", "", __LINE__, __FILE__, $sql);

+ if(!$db->sql_numrows($pm_edit_status))

+ header("Location: " . append_sid("privmsg.$phpEx?folder=$folder"));

+ $privmsg = $db->sql_fetchrow($pm_edit_status);

+

+ $privmsg_subject = $privmsg['privmsgs_subject'];

+ $privmsg_message = $privmsg['privmsgs_text'];

+

+ $privmsg_message = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $privmsg_message);

+ $privmsg_message = str_replace("<br />", "\n", $privmsg_message);

+ $privmsg_message = preg_replace($html_entities_match, $html_entities_replace, $privmsg_message);

+ $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);

+

+ $user_sig = $privmsg['user_sig'];

+

+ $to_username = $privmsg['username'];

+ $to_userid = $privmsg['user_id'];

+

+ }

+ else if( $mode == "reply" || $mode == "quote" )

+ {

+

+ $sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_text, u.username, u.user_id

+ FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u

+ WHERE pm.privmsgs_id = $privmsg_id

+ AND pmt.privmsgs_text_id = pm.privmsgs_id

+ AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND u.user_id = pm.privmsgs_from_userid";

+ if(!$pm_reply_status = $db->sql_query($sql))

+ message_die(GENERAL_ERROR, "Could not obtain private message for editing.", "", __LINE__, __FILE__, $sql);

+ if( !$db->sql_numrows($pm_reply_status) )

+// header("Location: " . append_sid("privmsg.$phpEx?folder=$folder"));

+ }

+ $privmsg = $db->sql_fetchrow($pm_reply_status);

+ $privmsg_subject = ( (strstr("Re:", $privmsg['privmsgs_subject'])) ? $lang['Re'] . ":" : "" ) . $privmsg['privmsgs_subject'];

+ $to_username = $privmsg['username'];

+ $to_userid = $privmsg['user_id'];

+ if( $mode == "quote" )

+ {

+ $privmsg_message = $privmsg['privmsgs_text'];

+

+ $msg_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); //"[date]" . $privmsg['privmsgs_time'] . "[/date]";

+

+ $privmsg_message = preg_replace("/\:[0-9a-z\:]*?\]/si", "]", $privmsg_message);

+ $privmsg_message = str_replace("<br />", "\n", $privmsg_message);

+ $privmsg_message = preg_replace($html_entities_match, $html_entities_replace, $privmsg_message);

+ $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);

+ $msg_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['default_timezone']);

+ $privmsg_message = $to_username . " wrote:\n\n[quote]\n" . $privmsg_message . "\n[/quote]";

+

+ $mode = "reply";

+ // Has admin prevented user from sending PM's?

+ //

+ if( !$userdata['user_allow_pm'] && $mode != "edit" )

+ {

+ $message = $lang['Cannot_send_privmsg'];

+ message_die(GENERAL_MESSAGE, $message);

+ }

+

+ //

+ // Start output, first preview, then errors

+ // then post form

+ $page_title = $lang['Send_private_message'];

+ include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+

+ if( $preview && !$error )

+ $orig_word = array();

+ $replacement_word = array();

+ $result = obtain_word_list($orig_word, $replacement_word);

+

+ if( $bbcode_on )

+ $bbcode_uid = make_bbcode_uid();

+

+ $preview_message = prepare_message($privmsg_message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid);

+

+ //

+ // Finalise processing as per viewtopic

+ //

+ if( !$html_on )

+ if( $user_sig != "" || !$userdata['user_allowhtml'] )

+ {

+ $user_sig = preg_replace("#(<)([\/]?.*?)(>)#is", "&lt;\\2&gt;", $user_sig);

+ }

+ if( $attach_sig && $user_sig != "" && $userdata['user_sig_bbcode_uid'] )

+ {

+ $user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);

+ }

+ if( $bbcode_on )

+ {

+ $preview_message = bbencode_second_pass($preview_message, $bbcode_uid);

+ }

+ if( $attach_sig && $user_sig != "" )

+ {

+ $preview_message = $preview_message . "<br /><br />_________________<br />" . $user_sig;

+ }

+ if( count($orig_word) )

+ $preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);

+ $preview_message = preg_replace($orig_word, $replacement_word, $preview_message);

+

+ if( $smilies_on )

+ $preview_message = smilies_pass($preview_message);

+ }

+

+ $preview_message = make_clickable($preview_message);

+ $preview_message = str_replace("\n", "<br />", $preview_message);

+

+ $s_hidden_fields = "<input type=\"hidden\" name=\"folder\" value=\"$folder\" />";

+ $s_hidden_fields .= "<input type=\"hidden\" name=\"mode\" value=\"$mode\" />";

+

+ if( isset($privmsg_id) )

+ {

+ $s_hidden_fields .= "<input type=\"hidden\" name=\"" . POST_POST_URL . "\" value=\"$privmsg_id\" />";

+ "preview" => "privmsgs_preview.tpl")

+ "TOPIC_TITLE" => $preview_subject,

+ "POST_SUBJECT" => $preview_subject,

+ "MESSAGE_TO" => $to_username,

+ "MESSAGE_FROM" => $userdata['username'],

+ "MESSAGE" => $preview_message,

+ "L_SUBJECT" => $lang['Subject'],

+ "L_DATE" => $lang['Date'],

+ "L_FROM" => $lang['From'],

+ "L_TO" => $lang['To'],

+ // Generic posting form ...

+ //

+

+ //

+ "body" => "posting_body.tpl",

+ "L_GO" => $lang['Go'],

+ "L_JUMP_TO" => $lang['Jump_to'],

+ "L_SELECT_FORUM" => $lang['Select_forum'],

+

+ "S_JUMPBOX_LIST" => $jumpbox,

+ "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx"))

+ //

+ // Generate username search output

+ //

+ $result = $db->sql_query($sql_namesearch);

+ $name_set = $db->sql_fetchrowset($result);

+

+ $user_names_select = "";

+ if($db->sql_numrows($result))

+ for($i = 0; $i < count($name_set); $i++)

+ $name_selected = ($to_username == $name_set[$i]['username']) ? " selected=\"selected\"" : "";

+ $user_names_select .= "<option value=\"" . $name_set[$i]['username'] . "\"$name_selected>" . $name_set[$i]['username'] . "</option>\n";

+ }

+ else

+ {

+ $user_names_select .= "<option value=\"" . ANONYMOUS . "\"$name_selected>" . $lang['No_match'] . "</option>\n";

+ }

+

+ //

+ // Enable extensions in posting_body

+ //

+ $template->assign_block_vars("privmsg_extensions", array());

+

+ //

+ // HTML toggle selection

+ //

+ if($board_config['allow_html'])

+ {

+ $html_status = $lang['ON'];

+ $template->assign_block_vars("html_checkbox", array());

+ //

+ // BBCode toggle selection

+ //

+ $template->assign_block_vars("bbcode_checkbox", array());

+ $bbcode_status = $lang['OFF'];

+ //

+ // Smilies toggle selection

+ //

+ $template->assign_block_vars("smilies_checkbox", array());

+ //

+ // Signature toggle selection - only show if

+ // the user has a signature

+ //

+ if( $user_sig != "" )

+ $template->assign_block_vars("signature_checkbox", array());

+ $s_hidden_fields = "<input type=\"hidden\" name=\"folder\" value=\"$folder\" />";

+ $s_hidden_fields .= "<input type=\"hidden\" name=\"mode\" value=\"$mode\" />";

+ $s_hidden_fields .= "<input type=\"hidden\" name=\"" . POST_POST_URL . "\" value=\"$privmsg_id\" />";

+ "SUBJECT" => preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject),

+ "USERNAME" => preg_replace($html_entities_match, $html_entities_replace, $to_username),

+ "MESSAGE" => $privmsg_message,

+ "HTML_STATUS" => $html_status,

+ "SMILIES_STATUS" => $smilies_status,

+ "BBCODE_STATUS" => $bbcode_status,

+ "FORUM_NAME" => $lang['Private_message'],

+

+ "BOX_NAME" => $l_box_name,

+ "INBOX_IMG" => $inbox_img,

+ "SENTBOX_IMG" => $sentbox_img,

+ "OUTBOX_IMG" => $outbox_img,

+ "SAVEBOX_IMG" => $savebox_img,

+ "INBOX_LINK" => $inbox_url,

+ "SENTBOX_LINK" => $sentbox_url,

+ "OUTBOX_LINK" => $outbox_url,

+ "SAVEBOX_LINK" => $savebox_url,

+ "L_DISABLE_HTML" => $lang['Disable'] . $lang['HTML'] . $lang['in_this_post'],

+ "L_DISABLE_BBCODE" => $lang['Disable'] . $lang['BBCode'] . $lang['in_this_post'],

+ "L_DISABLE_SMILIES" => $lang['Disable'] . $lang['Smilies'] . $lang['in_this_post'],

+ "L_ATTACH_SIGNATURE" => $lang['Attach_signature'],

+

+ "S_HTML_CHECKED" => (!$html_on) ? "checked=\"checked\"" : "",

+ "S_BBCODE_CHECKED" => (!$bbcode_on) ? "checked=\"checked\"" : "",

+ "S_SMILIES_CHECKED" => (!$smilies_on) ? "checked=\"checked\"" : "",

+ "S_SIGNATURE_CHECKED" => ($attach_sig) ? "checked=\"checked\"" : "",

+ "S_HIDDEN_FORM_FIELDS" => $s_hidden_fields,

+

+ "U_VIEW_FORUM" => append_sid("privmsg.$phpEx"))

+ header("Location: " . append_sid("login.$phpEx?forward_page=privmsg.$phpEx&amp;folder=inbox"));

+$page_title = $lang['Private_Messaging'];

+

+ "L_GO" => $lang['Go'],

+ "L_JUMP_TO" => $lang['Jump_to'],

+ "L_SELECT_FORUM" => $lang['Select_forum'],

+

+ "S_JUMPBOX_LIST" => $jumpbox,

+ "S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx"))

+// New message

+$post_new_mesg_url = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['post_new'] . "\" alt=\"" . $lang['Post_new_message'] . "\" border=\"0\" /></a>";

+$sql_tot = "SELECT COUNT(privmsgs_id) AS total

+ FROM " . PRIVMSGS_TABLE . " ";

+$sql = "SELECT pm.privmsgs_type, pm.privmsgs_id, pm.privmsgs_date, pm.privmsgs_subject, u.user_id, u.username

+ FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u ";

+ $sql_tot .= "WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )

+ OR ( privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";

+

+ $sql .= "WHERE ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . "

+ AND u.user_id = pm.privmsgs_from_userid )

+ OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "

+ AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "

+ AND u.user_id = pm.privmsgs_from_userid ) )";

+if( $submit_msgdays && ( !empty($HTTP_POST_VARS['msgdays']) || !empty($HTTP_GET_VARS['msgdays']) ) )

+$sql_all_tot = $sql_tot;

+// Get messages

+//

+if( !$pm_tot_status = $db->sql_query($sql_tot) )

+{

+ message_die(GENERAL_ERROR, "Could not query private message information.", "", __LINE__, __FILE__, $sql_tot);

+}

+else

+{

+ if( $db->sql_numrows($pm_tot_status) )

+ {

+ $row = $db->sql_fetchrow($pm_tot_status);

+ $pm_total = $row['total'];

+ }

+}

+

+if( !$pm_all_status = $db->sql_query($sql_all_tot) )

+{

+ message_die(GENERAL_ERROR, "Could not query private message information.", "", __LINE__, __FILE__, $sql_tot);

+}

+else

+{

+ if( $db->sql_numrows($pm_all_status) )

+ {

+ $row = $db->sql_fetchrow($pm_all_status);

+ $pm_all_total = $row['total'];

+ }

+}

+

+if( !$pm_status = $db->sql_query($sql) )

+{

+ message_die(GENERAL_ERROR, "Could not query private messages.", "", __LINE__, __FILE__, $sql);

+}

+$pm_count = $db->sql_numrows($pm_status);

+

+$pm_list = $db->sql_fetchrowset($pm_status);

+

+//

+$select_msg_days = "";

+ $selected = ($msg_days == $previous_days[$i]) ? " selected=\"selected\"" : "";

+

+//

+// Define correct icons

+//

+if( $folder == "inbox" )

+{

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_replymsg'] . "\" alt=\"" . $lang['Post_reply_pm'] . "\" border=\"0\"></a>";

+ $quote_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_quotemsg'] . "\" alt=\"" . $lang['Post_quote_pm'] . "\" border=\"0\"></a>";

+ $edit_pm_img = "";

+

+ $l_box_name = $lang['Inbox'];

+}

+else if( $folder == "outbox" )

+{

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "";

+ $quote_pm_img = "";

+ $edit_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=edit&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_editmsg'] . "\" alt=\"" . $lang['Edit_pm'] . "\" border=\"0\"></a>";

+

+ $l_box_name = $lang['Outbox'];

+}

+else if( $folder == "savebox" )

+{

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_replymsg'] . "\" alt=\"" . $lang['Post_reply_pm'] . "\" border=\"0\"></a>";

+ $quote_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_quotemsg'] . "\" alt=\"" . $lang['Post_quote_pm'] . "\" border=\"0\"></a>";

+ $edit_pm_img = "";

+

+ $l_box_name = $lang['Savedbox'];

+}

+else if( $folder == "sentbox" )

+{

+ $post_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post") . "\"><img src=\"" . $images['pm_postmsg'] . "\" alt=\"" . $lang['Post_new_pm'] . "\" border=\"0\"></a>";

+ $reply_pm_img = "";

+ $quote_pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . "\"><img src=\"" . $images['pm_quotemsg'] . "\" alt=\"" . $lang['Post_quote_pm'] . "\" border=\"0\"></a>";

+ $edit_pm_img = "";

+

+ $l_box_name = $lang['Sentbox'];

+}

+

+//

+// Output data for inbox status

+//

+if( $folder != "outbox" )

+{

+ $inbox_limit_pct = round(( $pm_all_total / $board_config['max_' . $folder . '_privmsgs'] ) * 100);

+ $inbox_limit_img_length = round(( $pm_all_total / $board_config['max_' . $folder . '_privmsgs'] ) * $board_config['privmsg_graphic_length']);

+ $inbox_limit_remain = $board_config['max_' . $folder . '_privmsgs'] - $pm_all_total;

+

+ $template->assign_block_vars("box_size_notice", array());

+

+ $l_box_size_status = $lang['Your'] . " " . $l_box_name . " " . $lang['is'] . " " . $inbox_limit_pct . "% " . $lang['full'];

+

+}

+ "BOX_NAME" => $l_box_name,

+ "INBOX_IMG" => $inbox_img,

+ "SENTBOX_IMG" => $sentbox_img,

+ "OUTBOX_IMG" => $outbox_img,

+ "SAVEBOX_IMG" => $savebox_img,

+ "INBOX_LINK" => $inbox_url,

+ "SENTBOX_LINK" => $sentbox_url,

+ "OUTBOX_LINK" => $outbox_url,

+ "SAVEBOX_LINK" => $savebox_url,

+

+ "POST_PM_IMG" => $post_pm_img,

+

+ "INBOX_LIMIT_IMG_WIDTH" => $inbox_limit_img_length,

+ "INBOX_LIMIT_PERCENT" => $inbox_limit_pct,

+

+ "BOX_SIZE_STATUS" => $l_box_size_status,

+

+ "L_INBOX" => $lang['Inbox'],

+ "L_OUTBOX" => $lang['Outbox'],

+ "L_SENTBOX" => $lang['Sent'],

+ "L_SAVEBOX" => $lang['Saved'],

+ "L_FROM_OR_TO" => ($folder == "inbox" || $folder == "savebox") ? $lang['From'] : $lang['To'],

+ "L_MARK_ALL" => $lang['Mark_all'],

+ "L_UNMARK_ALL" => $lang['Unmark_all'],

+ "S_HIDDEN_FIELDS" => "",

+ "S_MSG_DAYS_OPTIONS" => $select_msg_days,

+if( $pm_count )

+ $icon_flag = ($flag == PRIVMSGS_NEW_MAIL ) ? "<img src=\"" . $images['pm_unreadmsg'] . "\" alt=\"" . $lang['Unread_message'] . "\" border=\"0\">" : "<img src=\"" . $images['pm_readmsg'] . "\" alt=\"" . $lang['Read_message'] . "\" border=\"0\">";

+ $msg_username = $pm_list[$i]['username'];

+ $u_from_user_profile = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$msg_userid");

+ $msg_subject = $pm_list[$i]['privmsgs_subject'];

+

+ if( count($orig_word) )

+ {

+ $msg_subject = preg_replace($orig_word, $replacement_word, $msg_subject);

+ }

+

+ $u_subject = append_sid("privmsg.$phpEx?folder=$folder&amp;mode=read&amp;" . POST_POST_URL . "=$privmsg_id");

+ if( $flag == PRIVMSGS_NEW_MAIL && $folder == "inbox" )

+ $row_color = (!($i % 2)) ? $theme['td_color1'] : $theme['td_color2'];

+ $row_class = (!($i % 2)) ? $theme['td_class1'] : $theme['td_class2'];

+ "ROW_COLOR" => "#". $row_color,

+ "ROW_CLASS" => $row_class,

+ "S_MARK_ID" => $privmsg_id,

+

+ $template->assign_vars(array(

+ "PAGINATION" => generate_pagination("privmsg.$phpEx?folder=$folder", $pm_total, $board_config['topics_per_page'], $start),

+ "ON_PAGE" => (floor($start/$board_config['topics_per_page'])+1),

+ "TOTAL_PAGES" => ceil(($pm_total)/$board_config['topics_per_page']),

+

+ "L_OF" => $lang['of'],

+ "L_PAGE" => $lang['Page'],

+ "L_GOTO_PAGE" => $lang['Goto_page'])

+ );

+