diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-06-13 19:30:27 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-06-13 19:30:27 +0000 |
| commit | fc9163db62c4a28f59c2d7f97835185a492c7163 (patch) | |
| tree | c35d322b12bdc10cd3b52ce81a3ff4fd47393eca /phpBB/privmsg.php | |
| parent | f9b181e0ce92fbc2d91d64a0570a74e73156c5fe (diff) | |
| download | forums-fc9163db62c4a28f59c2d7f97835185a492c7163.tar forums-fc9163db62c4a28f59c2d7f97835185a492c7163.tar.gz forums-fc9163db62c4a28f59c2d7f97835185a492c7163.tar.bz2 forums-fc9163db62c4a28f59c2d7f97835185a492c7163.tar.xz forums-fc9163db62c4a28f59c2d7f97835185a492c7163.zip | |
Basic posting of messages, no reply, quote or edit yet
git-svn-id: file:///svn/phpbb/trunk@488 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/privmsg.php')
| -rw-r--r-- | phpBB/privmsg.php | 58 |
1 files changed, 48 insertions, 10 deletions
diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php index a40c5c1312..b07b594f6e 100644 --- a/phpBB/privmsg.php +++ b/phpBB/privmsg.php @@ -283,8 +283,6 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $attach_sig = (isset($HTTP_POST_VARS['attach_sig'])) ? $HTTP_POST_VARS['attach_sig'] : $userdata['user_attachsig']; $preview = (isset($HTTP_POST_VARS['preview'])) ? TRUE : FALSE; - $username = (isset($HTTP_POST_VARS['username'])) ? $HTTP_POST_VARS['username'] : ""; - if($mode == "reply" || $mode == "edit") { if(!empty($HTTP_GET_VARS[POST_POST_URL])) @@ -298,7 +296,7 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") } } - if!empty($HTTP_GET_VARS[POST_USERS_URL])) + if(!empty($HTTP_GET_VARS[POST_USERS_URL]) && !$preview && empty($HTTP_POST_VARS['submit'])) { $sql = "SELECT username FROM " . USERS_TABLE . " @@ -310,9 +308,18 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") } else { - list($username) = $db->sql_fetchrow($result); + list($to_username) = $db->sql_fetchrow($result); + $to_username = stripslashes($to_username); } } + else if(!empty($HTTP_POST_VARS['to_username'])) + { + $to_username = stripslashes($HTTP_POST_VARS['to_username']); + } + else + { + $to_username = ""; + } if($HTTP_POST_VARS['submit'] || $preview) { @@ -361,6 +368,9 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $smile_on = ($disable_smilies) ? FALSE : TRUE; $message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smile_on, $uid); + $message = preg_replace('#</textarea>#si', '</TEXTAREA>', $message); + + $uid = make_bbcode_uid(); if($attach_sig && !empty($userdata['user_sig'])) { @@ -371,6 +381,7 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") { // do stripslashes incase magic_quotes is on. $message = stripslashes($HTTP_POST_VARS['message']); + $message = preg_replace('#</textarea>#si', '</TEXTAREA>', $message); } } else @@ -383,9 +394,20 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $error_msg .= $lang['Empty_msg']; } - if(!empty($HTTP_POST_VARS['to_userid'])) + if(!empty($HTTP_POST_VARS['to_username'])) { - $to_user_id = $HTTP_POST_VARS['to_userid']; + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE username = '" . addslashes($to_username) . "'"; + if(!$result = $db->sql_query($sql)) + { + $error = TRUE; + $error_msg = $lang['No_such_user']; + } + else + { + list($to_userid) = $db->sql_fetchrow($result); + } } else { @@ -397,10 +419,12 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $error_msg .= $lang['No_to_user']; } - if($HTTP_POST_VARS['submit'] && !$preview) + if($HTTP_POST_VARS['submit'] && !$preview && $mode == "post") { + $msg_time = get_gmt_ts(); + $sql = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_bbcode_uid) - VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . stripslashes($privmsg['privmsgs_subject']) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', '" . $privmsg['privmsgs_bbcode_uid'] . "')"; + VALUES (" . PRIVMSGS_NEW_MAIL . ", '$subject', " . $userdata['user_id'] . ", $to_userid, $msg_time, '$user_ip', '$uid')"; if(!$pm_sent_status = $db->sql_query($sql)) { error_die(SQL_QUERY, "Could not insert private message sent info.", __LINE__, __FILE__); @@ -410,16 +434,26 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $privmsg_sent_id = $db->sql_nextid($pm_sent_status); $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_text) - VALUES ($privmsg_sent_id, '" . stripslashes($privmsg['privmsgs_text']) . "')"; + VALUES ($privmsg_sent_id, '$message')"; if(!$pm_sent_text_status = $db->sql_query($sql)) { error_die(SQL_QUERY, "Could not insert private message sent text.", __LINE__, __FILE__); } - } + include('includes/page_header.'.$phpEx); + $msg = $lang['Message_sent'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("privmsg.$phpEx?folder=inbox") . "\">" . $lang['Here'] . "</a> " . $lang['to_return_inbox'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("index.$phpEx") . "\">" . $lang['Here'] . "</a> ". $lang['to_return_index']; + $template->set_filenames(array( + "reg_header" => "error_body.tpl") + ); + $template->assign_vars(array( + "ERROR_MESSAGE" => $msg) + ); + $template->pparse("reg_header"); + include('includes/page_tail.'.$phpEx); + } } } @@ -548,9 +582,13 @@ else if($mode == "post" || $mode == "reply" || $mode == "edit") $post_a = $lang['Edit_Post']; } + $subject_input = '<input type="text" name="subject" value="'.$subject.'" size="50" maxlength="255">'; + $message_input = '<textarea name="message" rows="10" cols="40" wrap="virtual">'.$message.'</textarea>'; + $hidden_form_fields = "<input type=\"hidden\" name=\"mode\" value=\"$mode\"><input type=\"hidden\" name=\"folder\" value=\"$folder\">"; $template->assign_vars(array( + "S_USERNAME_INPUT" => "<input type=\"text\" name=\"to_username\" value=\"$to_username\">", "SUBJECT_INPUT" => $subject_input, "MESSAGE_INPUT" => $message_input, "HTML_STATUS" => $html_status, |