Vergleich private.php - 1.4.1 - 1.4.7

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/about/license
*

 * $Id: private.php 4117 2008-08-15 15:38:41Z Tikitiki $

 * $Id: private.php 4330 2009-03-16 02:17:06Z Tikitiki $

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 347Zeile 347
			// Get list of recipients
$recipients = unserialize($pm['recipients']);
$comma = '';

			// Get list of recipients
$recipients = unserialize($pm['recipients']);
$comma = '';

			$recipientids = $pm['fromid'];

 
			if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

			if(isset($recipients['to']) && is_array($recipients['to']))
{
foreach($recipients['to'] as $recipient)

Zeile 357Zeile 356
					$comma = ',';
}
}

					$comma = ',';
}
}



			

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			{

			{

				foreach($recipients['bcc'] as $recipient)

				foreach($recipients['bcc'] as $recipient)

				{

				{

					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';
}

					$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';
}

			}

			}

			

			

			$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';
}
}
}




			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{
$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else
{
$to .= htmlspecialchars_uni($user['username']).', ';
}
}
}
}

		else
{ // forward/reply
$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

		else
{ // forward/reply
$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);
$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$pm['message'] = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $pm['message']);

			$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);


if($mybb->input['do'] == 'forward')
{


if($mybb->input['do'] == 'forward')
{

Zeile 435Zeile 437
				}
}
}

				}
}
}

	}


	}


	// New PM with recipient preset
if($mybb->input['uid'] && !$mybb->input['preview'])

	// New PM with recipient preset
if($mybb->input['uid'] && !$mybb->input['preview'])

	{

	{

		$query = $db->simple_select('users', 'username', "uid='".$db->escape_string($mybb->input['uid'])."'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username')).', ';
}

$max_recipients = '';
if($mybb->usergroup['maxpmrecipients'] > 0)

		$query = $db->simple_select('users', 'username', "uid='".$db->escape_string($mybb->input['uid'])."'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username')).', ';
}

$max_recipients = '';
if($mybb->usergroup['maxpmrecipients'] > 0)

	{

	{

		$max_recipients = $lang->sprintf($lang->max_recipients, $mybb->usergroup['maxpmrecipients']);
}


		$max_recipients = $lang->sprintf($lang->max_recipients, $mybb->usergroup['maxpmrecipients']);
}


Zeile 454Zeile 456
	{
$to = htmlspecialchars_uni($mybb->input['to']);
$bcc = htmlspecialchars_uni($mybb->input['bcc']);

	{
$to = htmlspecialchars_uni($mybb->input['to']);
$bcc = htmlspecialchars_uni($mybb->input['bcc']);

	}


	}


	// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");

$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];
if($do != "forward" && $do != "reply")

	// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");

$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];
if($do != "forward" && $do != "reply")

	{

	{

		$do = '';
}


		$do = '';
}


Zeile 473Zeile 475
		eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");

		eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");

	}

	}


eval("\$send = \"".$templates->get("private_send")."\";");
$plugins->run_hooks("private_send_end");


eval("\$send = \"".$templates->get("private_send")."\";");
$plugins->run_hooks("private_send_end");

Zeile 510Zeile 512
	if($pm['receipt'] == 1)
{
if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1)

	if($pm['receipt'] == 1)
{
if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1)

		{

		{

			$receiptadd = 0;
}
else

			$receiptadd = 0;
}
else

Zeile 528Zeile 530
		);

if(isset($receiptadd))

		);

if(isset($receiptadd))

		{

		{

			$updatearray['receipt'] = $receiptadd;
}


			$updatearray['receipt'] = $receiptadd;
}


Zeile 600Zeile 602
	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	}


	}


	$show_bcc = 0;

// If we have any BCC recipients and this user is an Administrator, add them on to the query

	$show_bcc = 0;

// If we have any BCC recipients and this user is an Administrator, add them on to the query

Zeile 656Zeile 658
	eval("\$read = \"".$templates->get("private_read")."\";");
$plugins->run_hooks("private_read_end");
output_page($read);

	eval("\$read = \"".$templates->get("private_read")."\";");
$plugins->run_hooks("private_read_end");
output_page($read);

}


}


if($mybb->input['action'] == "tracking")
{
$plugins->run_hooks("private_tracking_start");

if($mybb->input['action'] == "tracking")
{
$plugins->run_hooks("private_tracking_start");

Zeile 723Zeile 725
		if(is_array($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

		if(is_array($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php", $lang->redirect_pmstrackingstopped);

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php", $lang->redirect_pmstrackingstopped);

	}
elseif($mybb->input['stoptrackingunread'])
{

	}
elseif($mybb->input['stoptrackingunread'])
{

Zeile 764Zeile 766
				$pmuids[$pm['uid']] = $pm['uid'];
}


				$pmuids[$pm['uid']] = $pm['uid'];
}


			$db->delete_query("privatemessages", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");

			$db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'");

			foreach($pmuids as $uid)
{
// Message is canceled, update PM count for this user

			foreach($pmuids as $uid)
{
// Message is canceled, update PM count for this user

				update_pm_count($pm['uid']);

				update_pm_count($uid);

			}

			}

		}

		}

		$plugins->run_hooks("private_do_tracking_end");
redirect("private.php", $lang->redirect_pmstrackingcanceled);
}

		$plugins->run_hooks("private_do_tracking_end");
redirect("private.php", $lang->redirect_pmstrackingcanceled);
}

Zeile 807Zeile 809
		$fid = "new$i";
$foldername = '';
eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");

		$fid = "new$i";
$foldername = '';
eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");

	}

	}

	
eval("\$folders = \"".$templates->get("private_folders")."\";");
$plugins->run_hooks("private_folders_end");

	
eval("\$folders = \"".$templates->get("private_folders")."\";");
$plugins->run_hooks("private_folders_end");

Zeile 825Zeile 827
	$folders = '';
@reset($mybb->input['folder']);
foreach($mybb->input['folder'] as $key => $val)

	$folders = '';
@reset($mybb->input['folder']);
foreach($mybb->input['folder'] as $key => $val)

	{

	{

		if(!$donefolders[$val]) // Probably was a check for duplicate folder names, but doesn't seem to be used now 
{
if(my_substr($key, 0, 3) == "new") // Create a new folder

		if(!$donefolders[$val]) // Probably was a check for duplicate folder names, but doesn't seem to be used now 
{
if(my_substr($key, 0, 3) == "new") // Create a new folder

			{

			{

				++$highestid;
$fid = intval($highestid);
}
else // Editing an existing folder
{
if($key > $highestid)

				++$highestid;
$fid = intval($highestid);
}
else // Editing an existing folder
{
if($key > $highestid)

				{

				{

					$highestid = $key;
}

$fid = intval($key);
// Use default language strings if empty or value is language string
switch($fid)

					$highestid = $key;
}

$fid = intval($key);
// Use default language strings if empty or value is language string
switch($fid)

				{

				{

					case 1:
if($val == $lang->folder_inbox || trim($val) == '')

					case 1:
if($val == $lang->folder_inbox || trim($val) == '')

						{
$val = '';
}

						{
$val = '';
}

						break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')
{

						break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')
{

							$val = '';
}
break;
case 3:
if($val == $lang->folder_drafts || trim($val) == '')
{

							$val = '';
}
break;
case 3:
if($val == $lang->folder_drafts || trim($val) == '')
{

							$val = '';
}
break;

							$val = '';
}
break;

Zeile 869Zeile 871
						}
break;
}

						}
break;
}

			}


			}


			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			

			

			if($val != '' || ($key >= 1 && $key <= 4))

			if($val != '' || ($key >= 1 && $key <= 4))

			{

			{

				// If there is a name or if this is a default folder, save it 
$foldername = $val;
$foldername = $db->escape_string(htmlspecialchars_uni($foldername));

				// If there is a name or if this is a default folder, save it 
$foldername = $val;
$foldername = $db->escape_string(htmlspecialchars_uni($foldername));

Zeile 898Zeile 900
				}
}
else

				}
}
else

			{

			{

				// Delete PMs from the folder
$db->delete_query("privatemessages", "folder='$fid' AND uid='".$mybb->user['uid']."'");
}

				// Delete PMs from the folder
$db->delete_query("privatemessages", "folder='$fid' AND uid='".$mybb->user['uid']."'");
}

Zeile 909Zeile 911
		"pmfolders" => $folders
);
$db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");

		"pmfolders" => $folders
);
$db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");

	

	

	// Update PM count
update_pm_count();

$plugins->run_hooks("private_do_folders_end");

redirect("private.php", $lang->redirect_pmfoldersupdated);

	// Update PM count
update_pm_count();

$plugins->run_hooks("private_do_folders_end");

redirect("private.php", $lang->redirect_pmfoldersupdated);

}

}


if($mybb->input['action'] == "empty")
{


if($mybb->input['action'] == "empty")
{

Zeile 934Zeile 936
		$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");
}

		$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");
}

	

	

	eval("\$folders = \"".$templates->get("private_empty")."\";");
$plugins->run_hooks("private_empty_end");
output_page($folders);
}

	eval("\$folders = \"".$templates->get("private_empty")."\";");
$plugins->run_hooks("private_empty_end");
output_page($folders);
}





if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{
// Verify incoming POST request

if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{
// Verify incoming POST request

Zeile 953Zeile 955
		foreach($mybb->input['empty'] as $key => $val)
{
if($val == 1)

		foreach($mybb->input['empty'] as $key => $val)
{
if($val == 1)

			{
$key = intval($key);

			{
$key = intval($key);

				if($emptyq)
{
$emptyq .= " OR ";

				if($emptyq)
{
$emptyq .= " OR ";

Zeile 1134Zeile 1136
			{
$wsql .= "<=";
}

			{
$wsql .= "<=";
}

			elseif($mybb->input['dayway'] == "newer")

			else

			{
$wsql .= ">=";
}

			{
$wsql .= ">=";
}

Zeile 1162Zeile 1164
					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					}

					}

					else
{
$folderlst .= ",'$val'";

					else
{
$folderlst .= ",'$val'";

Zeile 1205Zeile 1207
		if($message['folder'] == 2 || $message['folder'] == 3)
{ // Sent Items or Drafts Folder Check
if($message['toid'])

		if($message['folder'] == 2 || $message['folder'] == 3)
{ // Sent Items or Drafts Folder Check
if($message['toid'])

			{

			{

				$tofromuid = $message['toid'];
if($mybb->input['exporttype'] == "txt")
{

				$tofromuid = $message['toid'];
if($mybb->input['exporttype'] == "txt")
{

Zeile 1249Zeile 1251
		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		}


		}


		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

Zeile 1275Zeile 1277
			);

$message['message'] = $parser->parse_message($message['message'], $parser_options);

			);

$message['message'] = $parser->parse_message($message['message'], $parser_options);

 
			$message['subject'] = htmlspecialchars_uni($message['subject']);

		}

if($mybb->input['exporttype'] == "txt" || $mybb->input['exporttype'] == "csv")

		}

if($mybb->input['exporttype'] == "txt" || $mybb->input['exporttype'] == "csv")

Zeile 1303Zeile 1306
					$foldername = $folderinfo[1];
if($mybb->input['exporttype'] != "csv")
{

					$foldername = $folderinfo[1];
if($mybb->input['exporttype'] != "csv")
{

 
						if($mybb->input['exporttype'] != "html")
{
$mybb->input['exporttype'] == "txt";
}

						eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_folderhead", 1, 0)."\";");
}
else

						eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_folderhead", 1, 0)."\";");
}
else

Zeile 1324Zeile 1331
	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");
if($mybb->input['deletepms'] == 1)
{ // delete the archived pms

		$db->delete_query("privatemessages", "pmid IN (''$ids)");

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");

		// Update PM count
update_pm_count();
}

		// Update PM count
update_pm_count();
}

Zeile 1343Zeile 1350
	{
$filename = "pm-archive.txt";
$contenttype = "text/plain";

	{
$filename = "pm-archive.txt";
$contenttype = "text/plain";

	}

	}

	
$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");

	
$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");

Zeile 1369Zeile 1376
	{
$mybb->input['fid'] = 1;
}

	{
$mybb->input['fid'] = 1;
}




	
$folder = '';

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

Zeile 1379Zeile 1387
			$folder = $folderinfo[0];
$foldername = get_pm_folder_name($folder, $folderinfo[1]);
}

			$folder = $folderinfo[0];
$foldername = get_pm_folder_name($folder, $folderinfo[1]);
}

	}


	}


	$lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername);
if($folder == 2 || $folder == 3)
{ // Sent Items Folder
$sender = $lang->sentto;

	$lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername);
if($folder == 2 || $folder == 3)
{ // Sent Items Folder
$sender = $lang->sentto;

	}

	}

	else

	else

	{

	{

		$sender = $lang->sender;
}


		$sender = $lang->sender;
}


Zeile 1398Zeile 1406
	if(!$mybb->settings['threadsperpage'])
{
$mybb->settings['threadsperpage'] = 20;

	if(!$mybb->settings['threadsperpage'])
{
$mybb->settings['threadsperpage'] = 20;

	}

	}


$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);


$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);

Zeile 1416Zeile 1424
	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	

	

	if($upper > $threadcount)
{
$upper = $threadcount;

	if($upper > $threadcount)
{
$upper = $threadcount;

Zeile 1431Zeile 1439
	{		
// Get all recipients into an array
$cached_users = $get_users = array();

	{		
// Get all recipients into an array
$cached_users = $get_users = array();

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage));

		$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

		while($row = $db->fetch_array($users_query))
{
$recipients = unserialize($row['recipients']);

Zeile 1453Zeile 1461
		{
$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))

		{
$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))

			{

			{

				$cached_users[$user['uid']] = $user;
}
}

				$cached_users[$user['uid']] = $user;
}
}

Zeile 1526Zeile 1534
					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

				{

				{

					$tofromusername = $message['tousername'];
$tofromuid = $message['toid'];

					$tofromusername = $message['tousername'];
$tofromuid = $message['toid'];

				}

				}

				else

				else

				{

				{

					$tofromusername = $lang->not_sent;

					$tofromusername = $lang->not_sent;

				}

				}

			}
else
{

			}
else
{

Zeile 1545Zeile 1553
				}
}


				}
}


			if($tofromuid != 0)
{
$tofromusername = build_profile_link($tofromusername, $tofromuid);
}

			$tofromusername = build_profile_link($tofromusername, $tofromuid);




			
if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $message['receipt'] == '1' && $message['folder'] != '3' && $message['folder'] != 2)
{

			
if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $message['receipt'] == '1' && $message['folder'] != '3' && $message['folder'] != 2)
{

Zeile 1562Zeile 1567
			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" valign=\"middle\" align=\"center\" />&nbsp;";

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

			}
else
{

			}
else
{

				$icon = '';

				$icon = '&nbsp;';

			}

if(!trim($message['subject']))

			}

if(!trim($message['subject']))