Vergleich inc/datahandlers/pm.php - 1.6.5 - 1.6.13

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: pm.php 5625 2011-10-02 19:16:35Z ralgith $

 * $Id$

 */

// Disallow direct access to this file for security reasons

 */

// Disallow direct access to this file for security reasons

Zeile 34Zeile 34
	* @var string
*/
public $language_prefix = 'pmdata';

	* @var string
*/
public $language_prefix = 'pmdata';

	



	/**
* Array of data inserted in to a private message.
*
* @var array
*/
public $pm_insert_data = array();

	/**
* Array of data inserted in to a private message.
*
* @var array
*/
public $pm_insert_data = array();


/**


/**

	 * Array of data used to update a private message.
*
* @var array
*/
public $pm_update_data = array();

	 * Array of data used to update a private message.
*
* @var array
*/
public $pm_update_data = array();

	
/**


/**

	 * PM ID currently being manipulated by the datahandlers.

	 * PM ID currently being manipulated by the datahandlers.

	 */
public $pmid = 0;

	 */
public $pmid = 0;


/**
* Verifies a private message subject.


/**
* Verifies a private message subject.

	 *
* @return boolean True when valid, false when invalid.
*/

	 *
* @return boolean True when valid, false when invalid.
*/

	function verify_subject()
{
$subject = &$this->data['subject'];

	function verify_subject()
{
$subject = &$this->data['subject'];

Zeile 73Zeile 73
		if(!trim_blank_chrs($subject))
{
$this->set_error("missing_subject");

		if(!trim_blank_chrs($subject))
{
$this->set_error("missing_subject");

			return false;
}

			return false;
}

		return true;
}

/**
* Verifies if a message for a PM is valid.

		return true;
}

/**
* Verifies if a message for a PM is valid.

	 *
* @return boolean True when valid, false when invalid.
*/

	 *
* @return boolean True when valid, false when invalid.
*/

	function verify_message()
{
$message = &$this->data['message'];

	function verify_message()
{
$message = &$this->data['message'];

Zeile 98Zeile 98

/**
* Verifies if the specified sender is valid or not.


/**
* Verifies if the specified sender is valid or not.

	 *
* @return boolean True when valid, false when invalid.
*/

	 *
* @return boolean True when valid, false when invalid.
*/

	function verify_sender()
{
global $db, $mybb, $lang;

	function verify_sender()
{
global $db, $mybb, $lang;

Zeile 122Zeile 122
			if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)
{
$pm['options']['savecopy'] = 0;

			if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)
{
$pm['options']['savecopy'] = 0;

			}
}


			}
}


		// Assign the sender information to the data.
$pm['sender'] = array(
"uid" => $sender['uid'],

		// Assign the sender information to the data.
$pm['sender'] = array(
"uid" => $sender['uid'],

Zeile 141Zeile 141
	 */
function verify_recipient()
{

	 */
function verify_recipient()
{

		global $db, $mybb, $lang;

		global $cache, $db, $mybb, $lang;


$pm = &$this->data;



$pm = &$this->data;


Zeile 151Zeile 151
		// We have our recipient usernames but need to fetch user IDs
if(array_key_exists("to", $pm))
{

		// We have our recipient usernames but need to fetch user IDs
if(array_key_exists("to", $pm))
{

			if((count($pm['to']) <= 0 || trim(implode("", $pm['to'])) == "") && !$pm['saveasdraft'])

			foreach(array("to", "bcc") as $recipient_type)

			{

			{

				$this->set_error("no_recipients");
return false;
}






































				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
}

$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))
{
if($recipient_type == 'to' && !$pm['saveasdraft'])
{
$this->set_error("no_recipients");
return false;
}
continue;
}

$recipientUsernames = array_map(array($db, 'escape_string'), $pm[$recipient_type]);
$recipientUsernames = "'".implode("','", $recipientUsernames)."'";

$query = $db->simple_select('users', '*', 'username IN('.$recipientUsernames.')');

$validUsernames = array();

while($user = $db->fetch_array($query))
{
if($recipient_type == "bcc")
{
$user['bcc'] = 1;
}

$recipients[] = $user;
$validUsernames[] = $user['username'];
}





			foreach(array("to", "bcc") as $recipient_type)













				foreach($pm[$recipient_type] as $username)
{
if(!in_array($username, $validUsernames))
{
$invalid_recipients[] = $username;
}
}
}
}
// We have recipient IDs
else
{
foreach(array("toid", "bccid") as $recipient_type)

			{

			{

 
				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();
}

				if(!is_array($pm[$recipient_type]))

				if(!is_array($pm[$recipient_type]))

				{

				{

					$pm[$recipient_type] = array($pm[$recipient_type]);
}

					$pm[$recipient_type] = array($pm[$recipient_type]);
}

				foreach($pm[$recipient_type] as $username)
{
$username = trim($username);
if(empty($username))
{
continue;
}
// Check that this recipient actually exists
$query = $db->simple_select("users", "*", "username='".$db->escape_string($username)."'");
$user = $db->fetch_array($query);
if($recipient_type == "bcc")
{
$user['bcc'] = 1;
}
if($user['uid'])
{
$recipients[] = $user;
}
else
{
$invalid_recipients[] = $username;
}
}
}
}
// We have recipient IDs
else
{
foreach(array("toid", "bccid") as $recipient_type)
{
if(count($pm['toid']) <= 0)
{
$this->set_error("no_recipients");
return false;
}
if(is_array($pm[$recipient_type]))

				$pm[$recipient_type] = array_map('intval', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))
{
if($recipient_type == 'toid' && !$pm['saveasdraft'])
{
$this->set_error("no_recipients");
return false;
}
continue;
}

$recipientUids = "'".implode("','", $pm[$recipient_type])."'";

$query = $db->simple_select('users', '*', 'uid IN('.$recipientUids.')');

$validUids = array();

while($user = $db->fetch_array($query))
{
if($recipient_type == "bccid")
{
$user['bcc'] = 1;
}

$recipients[] = $user;
$validUids[] = $user['uid'];
}

foreach($pm[$recipient_type] as $uid)





				{

				{

					foreach($pm[$recipient_type] as $uid)

					if(!in_array($uid, $validUids))

					{

					{

						// Check that this recipient actually exists
$query = $db->simple_select("users", "*", "uid='".intval($uid)."'");
$user = $db->fetch_array($query);
if($recipient_type == "bccid")
{
$user['bcc'] = 1;
}
if($user['uid'])
{
$recipients[] = $user;
}
else
{
$invalid_recipients[] = $uid;
}

						$invalid_recipients[] = $uid;















					}
}
}

					}
}
}

Zeile 243Zeile 278
		{
// Collect group permissions for this recipient.
$recipient_permissions = user_permissions($user['uid']);

		{
// Collect group permissions for this recipient.
$recipient_permissions = user_permissions($user['uid']);

	



			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

Zeile 254Zeile 289
				{
$this->set_error("recipient_is_ignoring", array($user['username']));
}

				{
$this->set_error("recipient_is_ignoring", array($user['username']));
}

				



				// Is the recipient only allowing private messages from their buddy list?
if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)
{

				// Is the recipient only allowing private messages from their buddy list?
if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)
{

Zeile 264Zeile 299
						$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}
}

						$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}
}

				



				// Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft'])
{

				// Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && !$pm['saveasdraft'])
{

Zeile 272Zeile 307
					return false;
}
}

					return false;
}
}

	



			// Check to see if the user has reached their private message quota - if they have, email them.
if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override)
{

			// Check to see if the user has reached their private message quota - if they have, email them.
if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && !$pm['saveasdraft'] && !$this->admin_override)
{

Zeile 304Zeile 339
				}
$emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);

				}
$emailmessage = $lang->sprintf($emailmessage, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);

				my_mail($user['email'], $emailsubject, $emailmessage);













$new_email = array(
"mailto" => $db->escape_string($user['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''
);

$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();


				if($this->admin_override != true)
{
$this->set_error("recipient_reached_quota", array($user['username']));
}
}

				if($this->admin_override != true)
{
$this->set_error("recipient_reached_quota", array($user['username']));
}
}

	



			// Everything looks good, assign some specifics about the recipient
$pm['recipients'][$user['uid']] = array(
"uid" => $user['uid'],

			// Everything looks good, assign some specifics about the recipient
$pm['recipients'][$user['uid']] = array(
"uid" => $user['uid'],

Zeile 322Zeile 367
				"pmnotify" => $user['pmnotify'],
"language" => $user['language']
);

				"pmnotify" => $user['pmnotify'],
"language" => $user['language']
);

			



			// If this recipient is defined as a BCC recipient, save it
if($user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			// If this recipient is defined as a BCC recipient, save it
if($user['bcc'] == 1)
{
$pm['recipients'][$user['uid']]['bcc'] = 1;

			}
}
return true;

			}
}
return true;

	}

	}

	



	/**
* Verify that the user is not flooding the system.
*
* @return boolean True
*/
function verify_pm_flooding()

	/**
* Verify that the user is not flooding the system.
*
* @return boolean True
*/
function verify_pm_flooding()

	{

	{

		global $mybb, $db;

		global $mybb, $db;





		$pm = &$this->data;

		$pm = &$this->data;

		



		// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)
{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

		// Check if post flooding is enabled within MyBB or if the admin override option is specified.
if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)
{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

			



			// Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");

			// Calculate last post
$query = $db->simple_select("privatemessages", "dateline", "fromid='".$db->escape_string($pm['fromid'])."' AND toid != '0'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1));
$sender['lastpm'] = $db->fetch_field($query, "dateline");

Zeile 372Zeile 417
		// All is well that ends well - return true.
return true;
}

		// All is well that ends well - return true.
return true;
}





	/**
* Verifies if the various 'options' for sending PMs are valid.
*

	/**
* Verifies if the various 'options' for sending PMs are valid.
*

Zeile 388Zeile 433

// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)


// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)

		{

		{

			$options['readreceipt'] = 1;

			$options['readreceipt'] = 1;

		}

		}

		else
{
$options['readreceipt'] = 0;
}
return true;

		else
{
$options['readreceipt'] = 0;
}
return true;

	}

	}


/**
* Validate an entire private message.


/**
* Validate an entire private message.

Zeile 404Zeile 449
	 * @return boolean True when valid, false when invalid.
*/
function validate_pm()

	 * @return boolean True when valid, false when invalid.
*/
function validate_pm()

	{

	{

		global $plugins;

		global $plugins;





		$pm = &$this->data;

		$pm = &$this->data;

		



		if(!$pm['savedraft'])
{
$this->verify_pm_flooding();

		if(!$pm['savedraft'])
{
$this->verify_pm_flooding();

		}


		}


		// Verify all PM assets.
$this->verify_subject();

		// Verify all PM assets.
$this->verify_subject();





		$this->verify_sender();

		$this->verify_sender();





		$this->verify_recipient();

		$this->verify_recipient();

		
$this->verify_message();


$this->verify_message();


$this->verify_options();



$this->verify_options();


		$plugins->run_hooks_by_ref("datahandler_pm_validate", $this);


		$plugins->run_hooks("datahandler_pm_validate", $this);


		// Choose the appropriate folder to save in.
if($pm['saveasdraft'])
{
$pm['folder'] = 3;

		// Choose the appropriate folder to save in.
if($pm['saveasdraft'])
{
$pm['folder'] = 3;

		}

		}

		else
{
$pm['folder'] = 1;

		else
{
$pm['folder'] = 1;

Zeile 439Zeile 484

// We are done validating, return.
$this->set_validated(true);


// We are done validating, return.
$this->set_validated(true);

		if(count($this->get_errors()) > 0)

		if(count($this->get_errors()) > 0)

		{
return false;
}

		{
return false;
}

Zeile 456Zeile 501
	 */
function insert_pm()
{

	 */
function insert_pm()
{

		global $db, $mybb, $plugins, $lang;

		global $cache, $db, $mybb, $plugins, $lang;


// Yes, validating is required.
if(!$this->get_validated())


// Yes, validating is required.
if(!$this->get_validated())

Zeile 464Zeile 509
			die("The PM needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)

			die("The PM needs to be validated before inserting it into the DB.");
}
if(count($this->get_errors()) > 0)

		{

		{

			die("The PM is not valid.");
}


			die("The PM is not valid.");
}


Zeile 476Zeile 521
		if(!$pm['icon'] || $pm['icon'] < 0)
{
$pm['icon'] = 0;

		if(!$pm['icon'] || $pm['icon'] < 0)
{
$pm['icon'] = 0;

		}

$uid = 0;


		}

$uid = 0;


		if(!is_array($pm['recipients']))
{
$recipient_list = array();

		if(!is_array($pm['recipients']))
{
$recipient_list = array();

Zeile 500Zeile 545
				}
}
}

				}
}
}

		$recipient_list = serialize($recipient_list);

 

$this->pm_insert_data = array(
'fromid' => intval($pm['sender']['uid']),


$this->pm_insert_data = array(
'fromid' => intval($pm['sender']['uid']),

Zeile 514Zeile 558
			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => intval($pm['options']['readreceipt']),
'readtime' => 0,

			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => intval($pm['options']['readreceipt']),
'readtime' => 0,

			'recipients' => $db->escape_string($recipient_list)

			'recipients' => $db->escape_string(serialize($recipient_list))

		);

// Check if we're updating a draft or not.

		);

// Check if we're updating a draft or not.

Zeile 529Zeile 573
				// This draft was a reply to a PM
$pm['pmid'] = $draftcheck['deletetime'];
$pm['do'] = "reply";

				// This draft was a reply to a PM
$pm['pmid'] = $draftcheck['deletetime'];
$pm['do'] = "reply";

			}


			}


			// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");
}

			// Delete the old draft as we no longer need it
$db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'");
}

Zeile 546Zeile 590
				$this->pm_insert_data['deletetime'] = $pm['pmid'];
}


				$this->pm_insert_data['deletetime'] = $pm['pmid'];
}


			$plugins->run_hooks_by_ref("datahandler_pm_insert_updatedraft", $this);

			$plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);

			$db->insert_query("privatemessages", $this->pm_insert_data);

// If this is a draft, end it here - below deals with complete messages

			$db->insert_query("privatemessages", $this->pm_insert_data);

// If this is a draft, end it here - below deals with complete messages

Zeile 570Zeile 614
				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				}
else
{

				}
else
{

					$uselang = "english";
}
if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm))
{
$emailsubject = $lang->emailsubject_newpm;
$emailmessage = $lang->email_newpm;

					$uselang = "english";
}
if($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm))
{
$emailsubject = $lang->emailsubject_newpm;
$emailmessage = $lang->email_newpm;

				}

				}

				else
{
$userlang = new MyLanguage;

				else
{
$userlang = new MyLanguage;

Zeile 589Zeile 633
					$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;
}

					$emailsubject = $userlang->emailsubject_newpm;
$emailmessage = $userlang->email_newpm;
}

				



				if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}

				if(!$pm['sender']['username'])
{
$pm['sender']['username'] = $lang->mybb_engine;
}

				



				$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);

				$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']);

				my_mail($recipient['email'], $emailsubject, $emailmessage);












$new_email = array(
"mailto" => $db->escape_string($recipient['email']),
"mailfrom" => '',
"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''
);

$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();

			}

$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];


			}

$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];


			$plugins->run_hooks_by_ref("datahandler_pm_insert", $this);

			$plugins->run_hooks("datahandler_pm_insert", $this);

			$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);

// If PM noices/alerts are on, show!

			$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);

// If PM noices/alerts are on, show!

Zeile 644Zeile 698
		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

			if(count($recipient_list['to']) == 1)

			if(isset($recipient_list['to']) && count($recipient_list['to']) == 1)

			{
$this->pm_insert_data['toid'] = $uid;
}

			{
$this->pm_insert_data['toid'] = $uid;
}

Zeile 657Zeile 711
			$this->pm_insert_data['status'] = 1;
$this->pm_insert_data['receipt'] = 0;


			$this->pm_insert_data['status'] = 1;
$this->pm_insert_data['receipt'] = 0;


			$plugins->run_hooks_by_ref("datahandler_pm_insert_savedcopy", $this);

			$plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);

			$db->insert_query("privatemessages", $this->pm_insert_data);

// Because the sender saved a copy, update their total pm count

			$db->insert_query("privatemessages", $this->pm_insert_data);

// Because the sender saved a copy, update their total pm count