Vergleich private.php - 1.4.3 - 1.4.12

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 1	Zeile 1
<?php /** * MyBB 1.4	<?php /** * MyBB 1.4
* Copyright � 2008 MyBB Group, All Rights Reserved	* Copyright © 2008 MyBB Group, All Rights Reserved
* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *	* * Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license *
* $Id: private.php 4188 2008-09-14 05:05:26Z Tikitiki $	* $Id: private.php 4864 2010-04-10 09:13:19Z RyanGordon $
*/ define("IN_MYBB", 1);	*/ define("IN_MYBB", 1);
Zeile 47	Zeile 47
} // On a random occassion, recount the users pm's just to make sure everything is in sync.	} // On a random occassion, recount the users pm's just to make sure everything is in sync.
$rand = rand(0, 9);	$rand = my_rand(0, 9);
if($rand == 5) { update_pm_count();	if($rand == 5) { update_pm_count();
Zeile 347	Zeile 347
// Get list of recipients $recipients = unserialize($pm['recipients']); $comma = '';	// Get list of recipients $recipients = unserialize($pm['recipients']); $comma = '';
$recipientids = $pm['fromid'];
if(isset($recipients['to']) && is_array($recipients['to'])) { foreach($recipients['to'] as $recipient)	if(isset($recipients['to']) && is_array($recipients['to'])) { foreach($recipients['to'] as $recipient)
Zeile 357	Zeile 356
$comma = ','; } }	$comma = ','; } }

if(isset($recipients['bcc']) && is_array($recipients['bcc']))	if(isset($recipients['bcc']) && is_array($recipients['bcc']))
{	{
foreach($recipients['bcc'] as $recipient)	foreach($recipients['bcc'] as $recipient)
{	{
$recipient_list['bcc'][] = $recipient; $recipientids .= $comma.$recipient; $comma = ','; } }	$recipient_list['bcc'][] = $recipient; $recipientids .= $comma.$recipient; $comma = ','; } }
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})"); while($user = $db->fetch_array($query)) { if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc'])) { $bcc .= htmlspecialchars_uni($user['username']).', '; } else { $to .= htmlspecialchars_uni($user['username']).', ';	if(!empty($recipientids)) { $query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})"); while($user = $db->fetch_array($query)) { if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc'])) { $bcc .= htmlspecialchars_uni($user['username']).', '; } else { $to .= htmlspecialchars_uni($user['username']).', '; }
}	}
}	}
} else { // forward/reply	} else { // forward/reply
Zeile 387	Zeile 389
$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']); $posttime = my_date($mybb->settings['timeformat'], $pm['dateline']); $message = "[quote={$pm['quotename']}]\n$message\n[/quote]";	$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']); $posttime = my_date($mybb->settings['timeformat'], $pm['dateline']); $message = "[quote={$pm['quotename']}]\n$message\n[/quote]";
$pm['message'] = preg_replace('#^/me (.)$#im', " ".$pm['quotename']." \\1", $pm['message']);	$message = preg_replace('#^/me (.)$#im', " ".$pm['quotename']." \\1", $message);
if($mybb->input['do'] == 'forward') { $subject = "Fw: $subject"; } elseif($mybb->input['do'] == 'reply')	if($mybb->input['do'] == 'forward') { $subject = "Fw: $subject"; } elseif($mybb->input['do'] == 'reply')
{	{
$subject = "Re: $subject"; $uid = $pm['fromid']; if($mybb->user['uid'] == $uid)	$subject = "Re: $subject"; $uid = $pm['fromid']; if($mybb->user['uid'] == $uid)
Zeile 425	Zeile 427
} $recipientids .= ','.$recipient; }	} $recipientids .= ','.$recipient; }
}	}
$comma = ''; $query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})"); while($user = $db->fetch_array($query))	$comma = ''; $query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})"); while($user = $db->fetch_array($query))
Zeile 461	Zeile 463
$pmid = $mybb->input['pmid']; $do = $mybb->input['do'];	$pmid = $mybb->input['pmid']; $do = $mybb->input['do'];
if($do != "forward" && $do != "reply")	if($do != "forward" && $do != "reply" && $do != "replyall")
{ $do = ''; }	{ $do = ''; }
Zeile 474	Zeile 476
$buddy_select = 'bcc'; eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";"); }	$buddy_select = 'bcc'; eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";"); }

eval("\$send = \"".$templates->get("private_send")."\";"); $plugins->run_hooks("private_send_end"); output_page($send); }	eval("\$send = \"".$templates->get("private_send")."\";"); $plugins->run_hooks("private_send_end"); output_page($send); }

if($mybb->input['action'] == "read") { $plugins->run_hooks("private_read");	if($mybb->input['action'] == "read") { $plugins->run_hooks("private_read");

$pmid = intval($mybb->input['pmid']); $query = $db->query(" SELECT pm., u., f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle	$pmid = intval($mybb->input['pmid']); $query = $db->query(" SELECT pm., u., f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle
FROM ".TABLE_PREFIX."privatemessages pm	FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid) LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)	LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid) LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid) LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)
Zeile 497	Zeile 499
"); $pm = $db->fetch_array($query); if($pm['folder'] == 3)	"); $pm = $db->fetch_array($query); if($pm['folder'] == 3)
{	{
header("Location: private.php?action=send&pmid={$pm['pmid']}"); exit; }	header("Location: private.php?action=send&pmid={$pm['pmid']}"); exit; }
Zeile 505	Zeile 507
if(!$pm['pmid']) { error($lang->error_invalidpm);	if(!$pm['pmid']) { error($lang->error_invalidpm);
}	}
if($pm['receipt'] == 1) {	if($pm['receipt'] == 1) {
Zeile 552	Zeile 554
$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']); if($reply_date == $lang->today \|\| $reply_date == $lang->yesterday)	$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']); if($reply_date == $lang->today \|\| $reply_date == $lang->yesterday)
{	{
$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']); $actioned_on = $lang->sprintf($lang->you_replied, $reply_date); }	$reply_date .= ', '.my_date($mybb->settings['timeformat'], $pm['statustime']); $actioned_on = $lang->sprintf($lang->you_replied, $reply_date); }
Zeile 600	Zeile 602
{ $uid_sql = $pm['toid']; $pm['recipients']['to'] = array($pm['toid']);	{ $uid_sql = $pm['toid']; $pm['recipients']['to'] = array($pm['toid']);
}	}
$show_bcc = 0;	$show_bcc = 0;
Zeile 615	Zeile 617
$bcc_recipients = $to_recipients = array(); $query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})"); while($recipient = $db->fetch_array($query))	$bcc_recipients = $to_recipients = array(); $query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})"); while($recipient = $db->fetch_array($query))
{	{
// User is a BCC recipient if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc'])) {	// User is a BCC recipient if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc'])) {
Zeile 647	Zeile 649
else { $to_recipients = $lang->nobody;	else { $to_recipients = $lang->nobody;
}	}
eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");	eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");
Zeile 663	Zeile 665
$plugins->run_hooks("private_tracking_start"); $readmessages = ''; $unreadmessages = '';	$plugins->run_hooks("private_tracking_start"); $readmessages = ''; $unreadmessages = '';

$query = $db->query(" SELECT pm.*, u.username as tousername FROM ".TABLE_PREFIX."privatemessages pm	$query = $db->query(" SELECT pm.*, u.username as tousername FROM ".TABLE_PREFIX."privatemessages pm
Zeile 678	Zeile 680
$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']); $readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']); eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");	$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']); $readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']); eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");
}	}
if(!$readmessages) {	if(!$readmessages) {
Zeile 741	Zeile 743
{ $sql_array = array( "receipt" => 0	{ $sql_array = array( "receipt" => 0
);	);
$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']); } }	$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']); } }
Zeile 992	Zeile 994
header("Location: private.php?fid=".intval($mybb->input['jumpto'])); } elseif($mybb->input['moveto'])	header("Location: private.php?fid=".intval($mybb->input['jumpto'])); } elseif($mybb->input['moveto'])
{ if(is_array($mybb->input['check']))	{ if(is_array($mybb->input['check']))
{ foreach($mybb->input['check'] as $key => $val) {	{ foreach($mybb->input['check'] as $key => $val) {
Zeile 1001	Zeile 1003
"folder" => intval($mybb->input['fid']) ); $db->update_query("privatemessages", $sql_array, "pmid='".intval($key)."' AND uid='".$mybb->user['uid']."'");	"folder" => intval($mybb->input['fid']) ); $db->update_query("privatemessages", $sql_array, "pmid='".intval($key)."' AND uid='".$mybb->user['uid']."'");
} } // Update PM count	} } // Update PM count
update_pm_count(); if(!empty($mybb->input['fromfid']))	update_pm_count(); if(!empty($mybb->input['fromfid']))
Zeile 1031	Zeile 1033
$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); while($delpm = $db->fetch_array($query))	$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); while($delpm = $db->fetch_array($query))
{	{
$deletepms[$delpm['pmid']] = 1; }	$deletepms[$delpm['pmid']] = 1; }
Zeile 1040	Zeile 1042
{ $key = intval($key); if($deletepms[$key])	{ $key = intval($key); if($deletepms[$key])
{	{
$db->delete_query("privatemessages", "pmid='$key' AND uid='".$mybb->user['uid']."'"); } else	$db->delete_query("privatemessages", "pmid='$key' AND uid='".$mybb->user['uid']."'"); } else
Zeile 1059	Zeile 1061
redirect("private.php", $lang->redirect_pmsdeleted); } }	redirect("private.php", $lang->redirect_pmsdeleted); } }

if($mybb->input['action'] == "delete") { // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);	if($mybb->input['action'] == "delete") { // Verify incoming POST request verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_delete_start");	$plugins->run_hooks("private_delete_start");
$sql_array = array( "folder" => 4, "deletetime" => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'");	$query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid')); if($db->num_rows($query) == 1) { $db->delete_query("privatemessages", "pmid='".intval($mybb->input['pmid'])."'"); } else { $sql_array = array( "folder" => 4, "deletetime" => TIME_NOW ); $db->update_query("privatemessages", $sql_array, "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'"); }
// Update PM count update_pm_count();	// Update PM count update_pm_count();
Zeile 1329	Zeile 1339
eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";"); if($mybb->input['deletepms'] == 1) { // delete the archived pms	eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";"); if($mybb->input['deletepms'] == 1) { // delete the archived pms
$db->delete_query("privatemessages", "pmid IN (''$ids)");	$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count update_pm_count(); }	// Update PM count update_pm_count(); }
Zeile 1374	Zeile 1384
{ $mybb->input['fid'] = 1; }	{ $mybb->input['fid'] = 1; }
	$folder = '';
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']); foreach($foldersexploded as $key => $folders) {
Zeile 1436	Zeile 1447
{ // Get all recipients into an array $cached_users = $get_users = array();	{ // Get all recipients into an array $cached_users = $get_users = array();
$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage));	$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));
while($row = $db->fetch_array($users_query)) { $recipients = unserialize($row['recipients']);	while($row = $db->fetch_array($users_query)) { $recipients = unserialize($row['recipients']);
Zeile 1564	Zeile 1575
if($message['icon'] > 0 && $icon_cache[$message['icon']]) { $icon = $icon_cache[$message['icon']];	if($message['icon'] > 0 && $icon_cache[$message['icon']]) { $icon = $icon_cache[$message['icon']];
$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" valign=\"middle\" align=\"center\" /> ";	$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";
} else {	} else {
$icon = '';	$icon = ' ';
} if(!trim($message['subject']))	} if(!trim($message['subject']))