Vergleich private.php - 1.6.0 - 1.6.17

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: private.php 5159 2010-08-01 09:19:26Z RyanGordon $

 * $Id$

 */

define("IN_MYBB", 1);

 */

define("IN_MYBB", 1);

Zeile 14Zeile 14
define('THIS_SCRIPT', 'private.php');

$templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage";

define('THIS_SCRIPT', 'private.php');

$templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage";

$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav_changename,usercp_nav,private_empty_folder,private_empty,posticons";
$templatelist .= "usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,usercp_nav_messenger,multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage";
$templatelist .= ",private_messagebit,codebuttons,smilieinsert,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to, postbit_online,postbit_find,postbit_pm, postbit_email,postbit_reputation,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages";




$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_empty,private_archive_txt,private_archive_csv,private_archive_html";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,usercp_nav_editsignature,private_read_action,postbit_away,postbit_avatar,postbit_warn,postbit_rep_button";
$templatelist .= ",private_messagebit,codebuttons,smilieinsert,smilieinsert_getmore,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to,postbit_online,postbit_find,postbit_pm,postbit_email,postbit_reputation,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm";
$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients";
$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc";
$templatelist .= ",private_archive,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_gotopost,usercp_nav_messenger_tracking,multipage_prevpage";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 122Zeile 125
	$mybb->input['action'] = "send";
}


	$mybb->input['action'] = "send";
}


if(($mybb->input['action'] == "do_search" || $mybb->input['quick_search']) && $mybb->request_method == "post")

if(($mybb->input['action'] == "do_search" || $mybb->input['action'] == "do_stuff" && ($mybb->input['quick_search'] || !$mybb->input['hop'] && !$mybb->input['moveto'] && !$mybb->input['delete'])) && $mybb->request_method == "post")

{
$plugins->run_hooks("private_do_search_start");

{
$plugins->run_hooks("private_do_search_start");

	



	// Simulate coming from our advanced search form with some preset options
if($mybb->input['quick_search'])
{

	// Simulate coming from our advanced search form with some preset options
if($mybb->input['quick_search'])
{

Zeile 159Zeile 162
			error($lang->error_searchflooding);
}
}

			error($lang->error_searchflooding);
}
}

	



	if($mybb->input['subject'] != 1 && $mybb->input['message'] != 1)

	if($mybb->input['subject'] != 1 && $mybb->input['message'] != 1)

	{

	{

		error($lang->error_nosearchresults);

		error($lang->error_nosearchresults);

	}


	}


	if($mybb->input['message'] == 1)
{
$resulttype = "pmmessages";

	if($mybb->input['message'] == 1)
{
$resulttype = "pmmessages";

Zeile 181Zeile 184
		"sender" => $mybb->input['sender'],
"status" => $mybb->input['status'],
"folder" => $mybb->input['folder'],

		"sender" => $mybb->input['sender'],
"status" => $mybb->input['status'],
"folder" => $mybb->input['folder'],

	);

	);


if($db->can_search == true)
{
require_once MYBB_ROOT."inc/functions_search.php";


if($db->can_search == true)
{
require_once MYBB_ROOT."inc/functions_search.php";

		



		$search_results = privatemessage_perform_search_mysql($search_data);
}
else

		$search_results = privatemessage_perform_search_mysql($search_data);
}
else

Zeile 208Zeile 211
	$plugins->run_hooks("private_do_search_process");

$db->insert_query("searchlog", $searcharray);

	$plugins->run_hooks("private_do_search_process");

$db->insert_query("searchlog", $searcharray);

	



	// Sender sort won't work yet
$sortby = array('subject', 'sender', 'dateline');

	// Sender sort won't work yet
$sortby = array('subject', 'sender', 'dateline');

	



	if(in_array($mybb->input['sort'], $sortby))

	if(in_array($mybb->input['sort'], $sortby))

	{

	{

		$sortby = $mybb->input['sort'];

		$sortby = $mybb->input['sort'];

	}

	}

	else
{
$sortby = "dateline";

	else
{
$sortby = "dateline";

	}


	}


	if(my_strtolower($mybb->input['sortordr']) == "asc" || my_strtolower($mybb->input['sortordr']) == "desc")

	if(my_strtolower($mybb->input['sortordr']) == "asc" || my_strtolower($mybb->input['sortordr']) == "desc")

	{

	{

		$sortorder = $mybb->input['sortordr'];
}
else
{
$sortorder = "desc";
}

		$sortorder = $mybb->input['sortordr'];
}
else
{
$sortorder = "desc";
}

	



	$plugins->run_hooks("private_do_search_end");
redirect("private.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults);
}

	$plugins->run_hooks("private_do_search_end");
redirect("private.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults);
}

Zeile 248Zeile 251
	$plugins->run_hooks("private_results_start");

// Decide on our sorting fields and sorting order.

	$plugins->run_hooks("private_results_start");

// Decide on our sorting fields and sorting order.

	$order = my_strtolower(htmlspecialchars($mybb->input['order']));
$sortby = my_strtolower(htmlspecialchars($mybb->input['sortby']));

	$order = my_strtolower(htmlspecialchars_uni($mybb->input['order']));
$sortby = my_strtolower(htmlspecialchars_uni($mybb->input['sortby']));


$sortby_accepted = array('subject', 'username', 'dateline');


$sortby_accepted = array('subject', 'username', 'dateline');

	



	if(in_array($sortby, $sortby_accepted))
{
$query_sortby = $sortby;

	if(in_array($sortby, $sortby_accepted))
{
$query_sortby = $sortby;

		



		if($query_sortby == "username")
{
$query_sortby = "fromusername";
}

		if($query_sortby == "username")
{
$query_sortby = "fromusername";
}

	}

	}

	else
{
$sortby = $query_sortby = "dateline";
}

	else
{
$sortby = $query_sortby = "dateline";
}

	



	if($order != "asc")
{
$order = "desc";
}

	if($order != "asc")
{
$order = "desc";
}

	



	if(!$mybb->settings['threadsperpage'])

	if(!$mybb->settings['threadsperpage'])

	{

	{

		$mybb->settings['threadsperpage'] = 20;

		$mybb->settings['threadsperpage'] = 20;

	}


	}


	// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);
if($page > 0)

	// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);
if($page > 0)

	{

	{

		$start = ($page-1) * $perpage;
}
else

		$start = ($page-1) * $perpage;
}
else

Zeile 292Zeile 295
	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	



	// Work out if we have terms to highlight
$highlight = "";
if($search['keywords'])
{
$highlight = "&highlight=".urlencode($search['keywords']);
}

	// Work out if we have terms to highlight
$highlight = "";
if($search['keywords'])
{
$highlight = "&highlight=".urlencode($search['keywords']);
}

	



	// Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_array($query);

	// Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_array($query);

	



	if($upper > $threadcount)

	if($upper > $threadcount)

	{

	{

		$upper = $threadcount;
}
$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->input['sid'])."&sortby={$sortby}&order={$order}");
$messagelist = '';

		$upper = $threadcount;
}
$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&sid=".htmlspecialchars_uni($mybb->input['sid'])."&sortby={$sortby}&order={$order}");
$messagelist = '';

	



	$icon_cache = $cache->read("posticons");

	$icon_cache = $cache->read("posticons");

	



	// Cache users in multiple recipients for sent & drafts folder
// Get all recipients into an array
$cached_users = $get_users = array();

	// Cache users in multiple recipients for sent & drafts folder
// Get all recipients into an array
$cached_users = $get_users = array();

Zeile 324Zeile 327
		{
$get_users = array_merge($get_users, $recipients['to']);
}

		{
$get_users = array_merge($get_users, $recipients['to']);
}

		



		if(is_array($recipients['bcc']) && count($recipients['bcc']))

		if(is_array($recipients['bcc']) && count($recipients['bcc']))

		{

		{

			$get_users = array_merge($get_users, $recipients['bcc']);

			$get_users = array_merge($get_users, $recipients['bcc']);

		}
}


		}
}


	$get_users = implode(',', array_unique($get_users));

	$get_users = implode(',', array_unique($get_users));

	



	// Grab info
if($get_users)
{

	// Grab info
if($get_users)
{

Zeile 342Zeile 345
			$cached_users[$user['uid']] = $user;
}
}

			$cached_users[$user['uid']] = $user;
}
}

	



	$query = $db->query("
SELECT pm.*, fu.username AS fromusername, tu.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

	$query = $db->query("
SELECT pm.*, fu.username AS fromusername, tu.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

Zeile 355Zeile 358
	while($message = $db->fetch_array($query))
{
$msgalt = $msgsuffix = $msgprefix = '';

	while($message = $db->fetch_array($query))
{
$msgalt = $msgsuffix = $msgprefix = '';

		



		// Determine Folder Icon
if($message['status'] == 0)
{

		// Determine Folder Icon
if($message['status'] == 0)
{

Zeile 379Zeile 382
			$msgfolder = 'fw_pm.gif';
$msgalt = $lang->fwd_pm;
}

			$msgfolder = 'fw_pm.gif';
$msgalt = $lang->fwd_pm;
}

		



		if($folder == 2 || $folder == 3)
{
// Sent Items or Drafts Folder Check

		if($folder == 2 || $folder == 3)
{
// Sent Items or Drafts Folder Check

Zeile 388Zeile 391
			if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && count($recipients['bcc']) > 0))
{
foreach($recipients['to'] as $uid)

			if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && count($recipients['bcc']) > 0))
{
foreach($recipients['to'] as $uid)

				{

				{

					$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);

					$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);

					eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 

					eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

				}
if(is_array($recipients['bcc']) && count($recipients['bcc']))
{

				}
if(is_array($recipients['bcc']) && count($recipients['bcc']))
{

Zeile 402Zeile 405
						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);

						$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];
$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);

						eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 

						eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

					}
}

					}
}

				



				eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

				eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

Zeile 427Zeile 430
				$tofromusername = $lang->mybb_engine;
}
}

				$tofromusername = $lang->mybb_engine;
}
}

		



		$tofromusername = build_profile_link($tofromusername, $tofromuid);

		$tofromusername = build_profile_link($tofromusername, $tofromuid);

		



		$denyreceipt = '';

		$denyreceipt = '';

		



		if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

		if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

 
			$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);

			$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

			$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

		}

		}

		else
{
$icon = '&#009;';
}

		else
{
$icon = '&#009;';
}

		



		if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;
}

$message['subject'] = $parser->parse_badwords($message['subject']);

		if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;
}

$message['subject'] = $parser->parse_badwords($message['subject']);

		



		if(my_strlen($message['subject']) > 50)
{
$message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50)."...");

		if(my_strlen($message['subject']) > 50)
{
$message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50)."...");

		}
else

		}
else

		{
$message['subject'] = htmlspecialchars_uni($message['subject']);
}

		{
$message['subject'] = htmlspecialchars_uni($message['subject']);
}

		



		if($message['folder'] != "3")
{
$sendpmdate = my_date($mybb->settings['dateformat'], $message['dateline']);
$sendpmtime = my_date($mybb->settings['timeformat'], $message['dateline']);
$senddate = $sendpmdate.", ".$sendpmtime;

		if($message['folder'] != "3")
{
$sendpmdate = my_date($mybb->settings['dateformat'], $message['dateline']);
$sendpmtime = my_date($mybb->settings['timeformat'], $message['dateline']);
$senddate = $sendpmdate.", ".$sendpmtime;

		}

		}

		else
{
$senddate = $lang->not_sent;
}

		else
{
$senddate = $lang->not_sent;
}

		
$foldername = htmlspecialchars_uni($foldernames[$message['folder']]);



$foldername = $foldernames[$message['folder']];


		// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(
'allow_html' => 0,

		// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(
'allow_html' => 0,

Zeile 484Zeile 489
		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}

		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}

		
// For my sanity...
$message['message'] = htmlspecialchars_uni($message['message']);







		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");

		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");

	}


	}


	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}

	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}

	



	$plugins->run_hooks("private_results_end");

	$plugins->run_hooks("private_results_end");

	



	eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);

	eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);

}

}


if($mybb->input['action'] == "advanced_search")
{
$plugins->run_hooks("private_advanced_search");


if($mybb->input['action'] == "advanced_search")
{
$plugins->run_hooks("private_advanced_search");

	



	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");

	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");

	



	output_page($advanced_search);

	output_page($advanced_search);

}


}


// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

	{

	{

		exit;
}


		exit;
}


Zeile 536Zeile 538
	{
header("Location: index.php");
exit;

	{
header("Location: index.php");
exit;

	}
}

$send_errors = '';

	}
}

$send_errors = '';


if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{


if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{

Zeile 586Zeile 588
	{
$pm['bcc'] = explode(",", $mybb->input['bcc']);
$pm['bcc'] = array_map("trim", $pm['bcc']);

	{
$pm['bcc'] = explode(",", $mybb->input['bcc']);
$pm['bcc'] = array_map("trim", $pm['bcc']);

 
	}

if(!$mybb->usergroup['cantrackpms'])
{
$mybb->input['options']['readreceipt'] = false;

	}

$pm['options'] = array(

	}

$pm['options'] = array(

Zeile 625Zeile 632
}

if($mybb->input['action'] == "send")

}

if($mybb->input['action'] == "send")

{

{

	if($mybb->usergroup['cansendpms'] == 0)
{
error_no_permission();

	if($mybb->usergroup['cansendpms'] == 0)
{
error_no_permission();

	}

$plugins->run_hooks("private_send_start");


	}

$plugins->run_hooks("private_send_start");


	$smilieinserter = $codebuttons = '';

	$smilieinserter = $codebuttons = '';

	



	if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
$codebuttons = build_mycode_inserter();

	if($mybb->settings['bbcodeinserter'] != 0 && $mybb->settings['pmsallowmycode'] != 0 && $mybb->user['showcodebuttons'] != 0)
{
$codebuttons = build_mycode_inserter();

Zeile 643Zeile 650
			$smilieinserter = build_clickable_smilies();
}
}

			$smilieinserter = build_clickable_smilies();
}
}

 

$lang->post_icon = $lang->message_icon;


$posticons = get_post_icons();


$posticons = get_post_icons();

	$previewmessage = $mybb->input['message'];
$message = htmlspecialchars_uni($mybb->input['message']);
$subject = $previewsubject = htmlspecialchars_uni($mybb->input['subject']);

	$message = htmlspecialchars_uni($parser->parse_badwords($mybb->input['message']));
$subject = htmlspecialchars_uni($parser->parse_badwords($mybb->input['subject']));



if($mybb->input['preview'] || $send_errors)
{


if($mybb->input['preview'] || $send_errors)
{

Zeile 677Zeile 685
	{
$options = $mybb->input['options'];
$query = $db->query("

	{
$options = $mybb->input['options'];
$query = $db->query("

			SELECT u.username AS userusername, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.namestyle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.usereputationsystem

			SELECT u.username AS userusername, u.*, f.*

			FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)

			FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)

			LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

 
			WHERE u.uid='".$mybb->user['uid']."'
");

			WHERE u.uid='".$mybb->user['uid']."'
");

 


		$post = $db->fetch_array($query);

		$post = $db->fetch_array($query);

 


		$post['userusername'] = $mybb->user['username'];
$post['postusername'] = $mybb->user['username'];

		$post['userusername'] = $mybb->user['username'];
$post['postusername'] = $mybb->user['username'];

		$post['message'] = $previewmessage;
$post['subject'] = $previewsubject;

		$post['message'] = $mybb->input['message'];
$post['subject'] = htmlspecialchars_uni($mybb->input['subject']);

		$post['icon'] = $mybb->input['icon'];
$post['smilieoff'] = $options['disablesmilies'];
$post['dateline'] = TIME_NOW;

		$post['icon'] = $mybb->input['icon'];
$post['smilieoff'] = $options['disablesmilies'];
$post['dateline'] = TIME_NOW;

 


		if(!$options['signature'])

		if(!$options['signature'])

		{

		{

			$post['includesig'] = 0;
}
else
{
$post['includesig'] = 1;

			$post['includesig'] = 0;
}
else
{
$post['includesig'] = 1;

		}


















		}

// Merge usergroup data from the cache
$data_key = array(
'title' => 'grouptitle',
'usertitle' => 'groupusertitle',
'stars' => 'groupstars',
'starimage' => 'groupstarimage',
'image' => 'groupimage',
'namestyle' => 'namestyle',
'usereputationsystem' => 'usereputationsystem'
);

foreach($data_key as $field => $key)
{
$post[$key] = $groupscache[$post['usergroup']][$field];
}


		$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");

		$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");

	}

	}

	else if(!$send_errors)
{
// New PM, so load default settings

	else if(!$send_errors)
{
// New PM, so load default settings

Zeile 715Zeile 742
		}
$optionschecked['savecopy'] = 'checked="checked"';
}

		}
$optionschecked['savecopy'] = 'checked="checked"';
}

	



	// Draft, reply, forward
if($mybb->input['pmid'] && !$mybb->input['preview'] && !$send_errors)
{

	// Draft, reply, forward
if($mybb->input['pmid'] && !$mybb->input['preview'] && !$send_errors)
{

Zeile 723Zeile 750
			SELECT pm.*, u.username AS quotename
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)

			SELECT pm.*, u.username AS quotename
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)

			WHERE pm.pmid='".intval($mybb->input['pmid'])."' AND pm.uid='".$mybb->user['uid']."'

			WHERE pm.pmid='{$mybb->input['pmid']}' AND pm.uid='{$mybb->user['uid']}'

		");

		");

		$pm = $db->fetch_array($query);

 




		$message = htmlspecialchars_uni($pm['message']);
$subject = htmlspecialchars_uni($pm['subject']);


		$pm = $db->fetch_array($query);
$message = htmlspecialchars_uni($parser->parse_badwords($pm['message']));
$subject = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));


if($pm['folder'] == "3")


if($pm['folder'] == "3")

		{ // message saved in drafts


		{
// message saved in drafts

			$mybb->input['uid'] = $pm['toid'];

			$mybb->input['uid'] = $pm['toid'];





			if($pm['includesig'] == 1)
{
$optionschecked['signature'] = 'checked="checked"';

			if($pm['includesig'] == 1)
{
$optionschecked['signature'] = 'checked="checked"';

			}

			}

			if($pm['smilieoff'] == 1)
{
$optionschecked['disablesmilies'] = 'checked="checked"';

			if($pm['smilieoff'] == 1)
{
$optionschecked['disablesmilies'] = 'checked="checked"';

Zeile 755Zeile 783
				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

					$recipientids .= $comma.$recipient;
$comma = ',';

					$recipientids .= $comma.$recipient;
$comma = ',';

				}
}

				}
}

			



			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			if(isset($recipients['bcc']) && is_array($recipients['bcc']))

			{

			{

				foreach($recipients['bcc'] as $recipient)
{
$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';

				foreach($recipients['bcc'] as $recipient)
{
$recipient_list['bcc'][] = $recipient;
$recipientids .= $comma.$recipient;
$comma = ',';

				}	

				}

			}

			}

			



			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))

			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))

					{

					{

						$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else

						$bcc .= htmlspecialchars_uni($user['username']).', ';
}
else

Zeile 787Zeile 815
			}
}
else

			}
}
else

		{ // forward/reply


		{
// forward/reply

			$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);

			$subject = preg_replace("#(FW|RE):( *)#is", '', $subject);
$postdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
$posttime = my_date($mybb->settings['timeformat'], $pm['dateline']);

			$message = "[quote={$pm['quotename']}]\n$message\n[/quote]";

			$message = "[quote='{$pm['quotename']}']\n$message\n[/quote]";

			$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);

if($mybb->input['do'] == 'forward')

			$message = preg_replace('#^/me (.*)$#im', "* ".$pm['quotename']." \\1", $message);

if($mybb->input['do'] == 'forward')

Zeile 821Zeile 850
				$recipients = unserialize($pm['recipients']);
$recipientids = $pm['fromid'];
if(isset($recipients['to']) && is_array($recipients['to']))

				$recipients = unserialize($pm['recipients']);
$recipientids = $pm['fromid'];
if(isset($recipients['to']) && is_array($recipients['to']))

				{

				{

					foreach($recipients['to'] as $recipient)
{
if($recipient == $mybb->user['uid'])

					foreach($recipients['to'] as $recipient)
{
if($recipient == $mybb->user['uid'])

Zeile 835Zeile 864
				$query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{

				$query = $db->simple_select('users', 'uid, username', "uid IN ({$recipientids})");
while($user = $db->fetch_array($query))
{

					$to .= $comma.htmlspecialchars($user['username']);

					$to .= $comma.htmlspecialchars_uni($user['username']);

					$comma = $lang->comma;
}
}

					$comma = $lang->comma;
}
}

Zeile 858Zeile 887
	if($send_errors)
{
$to = htmlspecialchars_uni($mybb->input['to']);

	if($send_errors)
{
$to = htmlspecialchars_uni($mybb->input['to']);

		$bcc = htmlspecialchars_uni($mybb->input['bcc']); 

		$bcc = htmlspecialchars_uni($mybb->input['bcc']);

	}

// Load the auto complete javascript if it is enabled.

	}

// Load the auto complete javascript if it is enabled.

Zeile 867Zeile 896
	$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];
if($do != "forward" && $do != "reply" && $do != "replyall")

	$pmid = $mybb->input['pmid'];
$do = $mybb->input['do'];
if($do != "forward" && $do != "reply" && $do != "replyall")

	{

	{

		$do = '';

		$do = '';

	}


	}


	// See if it's actually worth showing the buddylist icon.

	// See if it's actually worth showing the buddylist icon.

	if($mybb->user['buddylist'] != '')

	if($mybb->user['buddylist'] != '' && $mybb->settings['use_xmlhttprequest'] == 1)

	{
$buddy_select = 'to';
eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");
}

	{
$buddy_select = 'to';
eval("\$buddy_select_to = \"".$templates->get("private_send_buddyselect")."\";");
$buddy_select = 'bcc';
eval("\$buddy_select_bcc = \"".$templates->get("private_send_buddyselect")."\";");
}

	



















// Hide tracking option if no permission
$private_send = $templates->get("private_send");
$tracking = '';
if($mybb->usergroup['cantrackpms'])
{
$tracking = $templates->get("private_send_tracking");
}
eval("\$private_send_tracking = \"".$tracking."\";");

// Hide signature option if no permission
$option_signature = '';
if($mybb->usergroup['canusesig'] && !$mybb->user['suspendsignature'])
{
$option_signature = $templates->get('private_send_signature');
}
eval("\$private_send_signature = \"".$option_signature."\";");


	$plugins->run_hooks("private_send_end");


	$plugins->run_hooks("private_send_end");


	eval("\$send = \"".$templates->get("private_send")."\";");

	eval("\$send = \"".$private_send."\";");

	output_page($send);

	output_page($send);

}


}



if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");


if($mybb->input['action'] == "read")
{
$plugins->run_hooks("private_read");





	$pmid = intval($mybb->input['pmid']);

$query = $db->query("

	$pmid = intval($mybb->input['pmid']);

$query = $db->query("

		SELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle

		SELECT pm.*, u.*, f.*

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."userfields f ON (f.ufid=u.uid)

		LEFT JOIN ".TABLE_PREFIX."usergroups g ON (g.gid=u.usergroup)

 
		WHERE pm.pmid='".intval($mybb->input['pmid'])."' AND pm.uid='".$mybb->user['uid']."'
");
$pm = $db->fetch_array($query);

		WHERE pm.pmid='".intval($mybb->input['pmid'])."' AND pm.uid='".$mybb->user['uid']."'
");
$pm = $db->fetch_array($query);

Zeile 908Zeile 952
		exit;
}


		exit;
}


	if(!$pm['pmid'])
















	if(!$pm['pmid'])
{
error($lang->error_invalidpm);
}

// If we've gotten a PM, attach the group info
$data_key = array(
'title' => 'grouptitle',
'usertitle' => 'groupusertitle',
'stars' => 'groupstars',
'starimage' => 'groupstarimage',
'image' => 'groupimage',
'namestyle' => 'namestyle'
);

foreach($data_key as $field => $key)

	{

	{

		error($lang->error_invalidpm);

		$pm[$key] = $groupscache[$pm['usergroup']][$field];

	}

if($pm['receipt'] == 1)
{

	}

if($pm['receipt'] == 1)
{

		if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1)

		if($mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1)

		{
$receiptadd = 0;
}

		{
$receiptadd = 0;
}

Zeile 956Zeile 1015
	else if($pm['status'] == 3 && $pm['statustime'])
{
$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

	else if($pm['status'] == 3 && $pm['statustime'])
{
$reply_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

		



		if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		if($reply_date == $lang->today || $reply_date == $lang->yesterday)

		{
$reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);

		{
$reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);

			$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);

			$actioned_on = $lang->sprintf($lang->you_replied, $reply_date);

		}
else

		}
else

		{
$reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied_on, $reply_date);
}

		{
$reply_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_replied_on, $reply_date);
}

		



		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}
else if($pm['status'] == 4 && $pm['statustime'])
{
$forward_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}
else if($pm['status'] == 4 && $pm['statustime'])
{
$forward_date = my_date($mybb->settings['dateformat'], $pm['statustime']);

		



		if(strpos($forward_date, $lang->today) !== false || strpos($forward_date, $lang->yesterday) !== false)
{
$forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_forwarded, $forward_date);
}
else

		if(strpos($forward_date, $lang->today) !== false || strpos($forward_date, $lang->yesterday) !== false)
{
$forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_forwarded, $forward_date);
}
else

		{

		{

			$forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_forwarded_on, $forward_date);
}

			$forward_date .= $lang->comma.my_date($mybb->settings['timeformat'], $pm['statustime']);
$actioned_on = $lang->sprintf($lang->you_forwarded_on, $forward_date);
}

		



		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}

$pm['userusername'] = $pm['username'];
$pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

		eval("\$action_time = \"".$templates->get("private_read_action")."\";");
}

$pm['userusername'] = $pm['username'];
$pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

 


	if($pm['fromid'] == 0)
{
$pm['username'] = $lang->mybb_engine;

	if($pm['fromid'] == 0)
{
$pm['username'] = $lang->mybb_engine;

	}


	}


	if(!$pm['username'])

	if(!$pm['username'])

	{

	{

		$pm['username'] = $lang->na;
}


		$pm['username'] = $lang->na;
}


Zeile 1004Zeile 1064
	$pm['recipients'] = @unserialize($pm['recipients']);

if(is_array($pm['recipients']['to']))

	$pm['recipients'] = @unserialize($pm['recipients']);

if(is_array($pm['recipients']['to']))

	{

	{

		$uid_sql = implode(',', $pm['recipients']['to']);
}
else
{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

		$uid_sql = implode(',', $pm['recipients']['to']);
}
else
{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	}

	}


$show_bcc = 0;


$show_bcc = 0;





	// If we have any BCC recipients and this user is an Administrator, add them on to the query
if(count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
{
$show_bcc = 1;
$uid_sql .= ','.implode(',', $pm['recipients']['bcc']);
}

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
if(count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
{
$show_bcc = 1;
$uid_sql .= ','.implode(',', $pm['recipients']['bcc']);
}

	



	// Fetch recipient names from the database
$bcc_recipients = $to_recipients = array();
$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");

	// Fetch recipient names from the database
$bcc_recipients = $to_recipients = array();
$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");

Zeile 1050Zeile 1110
	{
$replyall = true;
}

	{
$replyall = true;
}

	



	if(count($to_recipients) > 0)

	if(count($to_recipients) > 0)

	{

	{

		$to_recipients = implode(", ", $to_recipients);

		$to_recipients = implode(", ", $to_recipients);

	}

	}

	else
{
$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

	else
{
$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

	



	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);

	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);

	



	$plugins->run_hooks("private_read_end");

	$plugins->run_hooks("private_read_end");

	



	eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);
}

if($mybb->input['action'] == "tracking")
{

	eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);
}

if($mybb->input['action'] == "tracking")
{

 
	if(!$mybb->usergroup['cantrackpms'])
{
error_no_permission();
}


	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';


	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';


 
	if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;
}


	// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];

	// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];

	



	$query = $db->simple_select("privatemessages", "COUNT(pmid) as readpms", "receipt='2' AND folder!='3'  AND status!='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "readpms");

	$query = $db->simple_select("privatemessages", "COUNT(pmid) as readpms", "receipt='2' AND folder!='3'  AND status!='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "readpms");

	



	$page = intval($mybb->input['read_page']);
$pages = $postcount / $perpage;
$pages = ceil($pages);

	$page = intval($mybb->input['read_page']);
$pages = $postcount / $perpage;
$pages = ceil($pages);

Zeile 1090Zeile 1160
	if($mybb->input['page'] == "last")
{
$page = $pages;

	if($mybb->input['page'] == "last")
{
$page = $pages;

	}


	}


	if($page > $pages || $page <= 0)
{
$page = 1;

	if($page > $pages || $page <= 0)
{
$page = 1;

Zeile 1100Zeile 1170
	if($page)
{
$start = ($page-1) * $perpage;

	if($page)
{
$start = ($page-1) * $perpage;

	}
else
{

	}
else
{

		$start = 0;
$page = 1;

		$start = 0;
$page = 1;

	}


	}


	$read_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;read_page={page}");

	$read_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;read_page={page}");

	



	$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

	$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

Zeile 1124Zeile 1194
		$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);
$readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readdate = my_date($mybb->settings['dateformat'], $readmessage['readtime']);
$readtime = my_date($mybb->settings['timeformat'], $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

	}

if(!$readmessages)
{
eval("\$readmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}


	}

if(!$readmessages)
{
eval("\$readmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}


	$query = $db->simple_select("privatemessages", "COUNT(pmid) as unreadpms", "receipt='1' AND folder!='3' AND status='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "unreadpms");

	$query = $db->simple_select("privatemessages", "COUNT(pmid) as unreadpms", "receipt='1' AND folder!='3' AND status='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "unreadpms");

	



	$page = intval($mybb->input['unread_page']);
$pages = $postcount / $perpage;
$pages = ceil($pages);

	$page = intval($mybb->input['unread_page']);
$pages = $postcount / $perpage;
$pages = ceil($pages);

Zeile 1141Zeile 1211
	if($mybb->input['page'] == "last")
{
$page = $pages;

	if($mybb->input['page'] == "last")
{
$page = $pages;

	}

	}


if($page > $pages || $page <= 0)


if($page > $pages || $page <= 0)

	{
$page = 1;

	{
$page = 1;

	}

if($page)

	}

if($page)

	{

	{

		$start = ($page-1) * $perpage;
}
else

		$start = ($page-1) * $perpage;
}
else

Zeile 1157Zeile 1227
		$start = 0;
$page = 1;
}

		$start = 0;
$page = 1;
}

	



	$unread_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;unread_page={page}");

	$unread_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;unread_page={page}");

	



	$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.dateline, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

	$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.dateline, u.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

Zeile 1171Zeile 1241
	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);		

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);

		$senddate = my_date($mybb->settings['dateformat'], $unreadmessage['dateline']);
$sendtime = my_date($mybb->settings['timeformat'], $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");
}

		$senddate = my_date($mybb->settings['dateformat'], $unreadmessage['dateline']);
$sendtime = my_date($mybb->settings['timeformat'], $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");
}

	



	if(!$unreadmessages)
{
$lang->no_readmessages = $lang->no_unreadmessages;
eval("\$unreadmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}

	if(!$unreadmessages)
{
$lang->no_readmessages = $lang->no_unreadmessages;
eval("\$unreadmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}

	



	$plugins->run_hooks("private_tracking_end");

	$plugins->run_hooks("private_tracking_end");

	



	eval("\$tracking = \"".$templates->get("private_tracking")."\";");
output_page($tracking);
}
if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")

	eval("\$tracking = \"".$templates->get("private_tracking")."\";");
output_page($tracking);
}
if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")

{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


	$plugins->run_hooks("private_do_tracking_start");

	$plugins->run_hooks("private_do_tracking_start");

	



	if($mybb->input['stoptracking'])
{
if(is_array($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

	if($mybb->input['stoptracking'])
{
if(is_array($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

			{
$sql_array = array(
"receipt" => 0
);

			{
$sql_array = array(
"receipt" => 0
);

				$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}
$plugins->run_hooks("private_do_tracking_end");

				$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);
}
}
$plugins->run_hooks("private_do_tracking_end");

		redirect("private.php", $lang->redirect_pmstrackingstopped);

		redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);

	}
elseif($mybb->input['stoptrackingunread'])
{

	}
elseif($mybb->input['stoptrackingunread'])
{

Zeile 1220Zeile 1290
					"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);

					"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".intval($key)." AND fromid=".$mybb->user['uid']);

			}
}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php", $lang->redirect_pmstrackingstopped);

			}
}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);

	}
elseif($mybb->input['cancel'])
{

	}
elseif($mybb->input['cancel'])
{

Zeile 1233Zeile 1303
			{
$pmids[$pmid] = intval($pmid);
}

			{
$pmids[$pmid] = intval($pmid);
}

			



			$pmids = implode(",", $pmids);
$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");
while($pm = $db->fetch_array($query))
{
$pmuids[$pm['uid']] = $pm['uid'];

			$pmids = implode(",", $pmids);
$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");
while($pm = $db->fetch_array($query))
{
$pmuids[$pm['uid']] = $pm['uid'];

			}


			}


			$db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'");
foreach($pmuids as $uid)
{

			$db->delete_query("privatemessages", "pmid IN ($pmids) AND receipt='1' AND status='0' AND fromid='".$mybb->user['uid']."'");
foreach($pmuids as $uid)
{

Zeile 1249Zeile 1319
			}
}
$plugins->run_hooks("private_do_tracking_end");

			}
}
$plugins->run_hooks("private_do_tracking_end");

		redirect("private.php", $lang->redirect_pmstrackingcanceled);

		redirect("private.php?action=tracking", $lang->redirect_pmstrackingcanceled);

	}
}

if($mybb->input['action'] == "folders")
{
$plugins->run_hooks("private_folders_start");

	}
}

if($mybb->input['action'] == "folders")
{
$plugins->run_hooks("private_folders_start");

	
$folderlist = '';


$folderlist = '';

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)
{

Zeile 1265Zeile 1335
		$foldername = $folderinfo[1];
$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);

		$foldername = $folderinfo[1];
$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);

		



		if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4")
{
$foldername2 = get_pm_folder_name($fid);

		if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4")
{
$foldername2 = get_pm_folder_name($fid);

Zeile 1276Zeile 1346
		{
eval("\$folderlist .= \"".$templates->get("private_folders_folder")."\";");
}

		{
eval("\$folderlist .= \"".$templates->get("private_folders_folder")."\";");
}

	}


	}


	$newfolders = '';
for($i = 1; $i <= 5; ++$i)
{

	$newfolders = '';
for($i = 1; $i <= 5; ++$i)
{

Zeile 1285Zeile 1355
		$foldername = '';
eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");
}

		$foldername = '';
eval("\$newfolders .= \"".$templates->get("private_folders_folder")."\";");
}

	



	$plugins->run_hooks("private_folders_end");

	$plugins->run_hooks("private_folders_end");

	



	eval("\$folders = \"".$templates->get("private_folders")."\";");
output_page($folders);
}

	eval("\$folders = \"".$templates->get("private_folders")."\";");
output_page($folders);
}

Zeile 1298Zeile 1368
	verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_do_folders_start");

	verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_do_folders_start");

	



	$highestid = 2;
$folders = '';
@reset($mybb->input['folder']);
foreach($mybb->input['folder'] as $key => $val)
{

	$highestid = 2;
$folders = '';
@reset($mybb->input['folder']);
foreach($mybb->input['folder'] as $key => $val)
{

		if(!$donefolders[$val]) // Probably was a check for duplicate folder names, but doesn't seem to be used now 

		if(!$donefolders[$val]) // Probably was a check for duplicate folder names, but doesn't seem to be used now

		{
if(my_substr($key, 0, 3) == "new") // Create a new folder

		{
if(my_substr($key, 0, 3) == "new") // Create a new folder

			{

			{

				++$highestid;
$fid = intval($highestid);
}

				++$highestid;
$fid = intval($highestid);
}

Zeile 1317Zeile 1387
				{
$highestid = $key;
}

				{
$highestid = $key;
}

				



				$fid = intval($key);
// Use default language strings if empty or value is language string
switch($fid)

				$fid = intval($key);
// Use default language strings if empty or value is language string
switch($fid)

Zeile 1348Zeile 1418
						break;
}
}

						break;
}
}

			



			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}

			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}

			





			if($val != '' || ($key >= 1 && $key <= 4))
{

			if($val != '' || ($key >= 1 && $key <= 4))
{

				// If there is a name or if this is a default folder, save it 
$foldername = $val;
$foldername = $db->escape_string(htmlspecialchars_uni($foldername));


				// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));



				if(my_strpos($foldername, "$%%$") === false)

				if(my_strpos($foldername, "$%%$") === false)

				{

				{

					if($folders != '')
{
$folders .= "$%%$";

					if($folders != '')
{
$folders .= "$%%$";

Zeile 1385Zeile 1454

$sql_array = array(
"pmfolders" => $folders


$sql_array = array(
"pmfolders" => $folders

	);	

	);

	$db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");

	$db->update_query("users", $sql_array, "uid='".$mybb->user['uid']."'");

	



	// Update PM count
update_pm_count();

	// Update PM count
update_pm_count();

	



	$plugins->run_hooks("private_do_folders_end");

	$plugins->run_hooks("private_do_folders_end");

	



	redirect("private.php", $lang->redirect_pmfoldersupdated);
}

	redirect("private.php", $lang->redirect_pmfoldersupdated);
}





if($mybb->input['action'] == "empty")
{
$plugins->run_hooks("private_empty_start");

if($mybb->input['action'] == "empty")
{
$plugins->run_hooks("private_empty_start");

	



	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folderlist = '';
foreach($foldersexploded as $key => $folders)

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folderlist = '';
foreach($foldersexploded as $key => $folders)

Zeile 1412Zeile 1481
		$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");
}

		$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");
}

	



	$plugins->run_hooks("private_empty_end");

	$plugins->run_hooks("private_empty_end");

	



	eval("\$folders = \"".$templates->get("private_empty")."\";");
output_page($folders);

	eval("\$folders = \"".$templates->get("private_empty")."\";");
output_page($folders);

}

}


if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);


if($mybb->input['action'] == "do_empty" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);





	$plugins->run_hooks("private_do_empty_start");

	$plugins->run_hooks("private_do_empty_start");

	



	$emptyq = '';
if(is_array($mybb->input['empty']))
{

	$emptyq = '';
if(is_array($mybb->input['empty']))
{

Zeile 1441Zeile 1510
				$emptyq .= "folder='$key'";
}
}

				$emptyq .= "folder='$key'";
}
}

		



		if($emptyq != '')
{
if($mybb->input['keepunread'] == 1)

		if($emptyq != '')
{
if($mybb->input['keepunread'] == 1)

Zeile 1451Zeile 1520
			$db->delete_query("privatemessages", "($emptyq) AND uid='".$mybb->user['uid']."' $keepunreadq");
}
}

			$db->delete_query("privatemessages", "($emptyq) AND uid='".$mybb->user['uid']."' $keepunreadq");
}
}

	



	// Update PM count
update_pm_count();

	// Update PM count
update_pm_count();





	$plugins->run_hooks("private_do_empty_end");
redirect("private.php", $lang->redirect_pmfoldersemptied);
}

	$plugins->run_hooks("private_do_empty_end");
redirect("private.php", $lang->redirect_pmfoldersemptied);
}





if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_do_stuff");

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_do_stuff");

	



	if($mybb->input['hop'])
{
header("Location: private.php?fid=".intval($mybb->input['jumpto']));

	if($mybb->input['hop'])
{
header("Location: private.php?fid=".intval($mybb->input['jumpto']));

Zeile 1507Zeile 1576
				}
$pmssql .= "'".intval($key)."'";
}

				}
$pmssql .= "'".intval($key)."'";
}

			



			$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
while($delpm = $db->fetch_array($query))
{
$deletepms[$delpm['pmid']] = 1;
}

			$query = $db->simple_select("privatemessages", "pmid, folder", "pmid IN ($pmssql) AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
while($delpm = $db->fetch_array($query))
{
$deletepms[$delpm['pmid']] = 1;
}

			



			reset($mybb->input['check']);
foreach($mybb->input['check'] as $key => $val)
{

			reset($mybb->input['check']);
foreach($mybb->input['check'] as $key => $val)
{

Zeile 1540Zeile 1609
			redirect("private.php?fid=".intval($mybb->input['fromfid']), $lang->redirect_pmsdeleted);
}
else

			redirect("private.php?fid=".intval($mybb->input['fromfid']), $lang->redirect_pmsdeleted);
}
else

		{

		{

			redirect("private.php", $lang->redirect_pmsdeleted);
}
}
}

			redirect("private.php", $lang->redirect_pmsdeleted);
}
}
}





if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_delete_start");

if($mybb->input['action'] == "delete")
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

$plugins->run_hooks("private_delete_start");

	



	$query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)
{

	$query = $db->simple_select("privatemessages", "*", "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."' AND folder='4'", array('order_by' => 'pmid'));
if($db->num_rows($query) == 1)
{

Zeile 1577Zeile 1646
if($mybb->input['action'] == "export")
{
$plugins->run_hooks("private_export_start");

if($mybb->input['action'] == "export")
{
$plugins->run_hooks("private_export_start");

	



	$folderlist = "<select name=\"exportfolders[]\" multiple=\"multiple\">\n";
$folderlist .= "<option value=\"all\" selected=\"selected\">$lang->all_folders</option>";
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$folderlist = "<select name=\"exportfolders[]\" multiple=\"multiple\">\n";
$folderlist .= "<option value=\"all\" selected=\"selected\">$lang->all_folders</option>";
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

Zeile 1588Zeile 1657
		$folderlist .= "<option value=\"$folderinfo[0]\">$folderinfo[1]</option>\n";
}
$folderlist .= "</select>\n";

		$folderlist .= "<option value=\"$folderinfo[0]\">$folderinfo[1]</option>\n";
}
$folderlist .= "</select>\n";

	



	$plugins->run_hooks("private_export_end");

	$plugins->run_hooks("private_export_end");

	



	eval("\$archive = \"".$templates->get("private_archive")."\";");

	eval("\$archive = \"".$templates->get("private_archive")."\";");

	



	output_page($archive);
}


	output_page($archive);
}


Zeile 1600Zeile 1669
{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);

{
// Verify incoming POST request
verify_post_check($mybb->input['my_post_key']);





	$plugins->run_hooks("private_do_export_start");

	$plugins->run_hooks("private_do_export_start");

	



	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']);
$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);

	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']);
$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);

Zeile 1613Zeile 1682
		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$foldersexploded[$key] = implode("**", $folderinfo);

		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$foldersexploded[$key] = implode("**", $folderinfo);

	}


	}


	if($mybb->input['pmid'])
{
$wsql = "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'";

	if($mybb->input['pmid'])
{
$wsql = "pmid='".intval($mybb->input['pmid'])."' AND uid='".$mybb->user['uid']."'";

Zeile 1628Zeile 1697
			if($mybb->input['dayway'] == "older")
{
$wsql .= "<=";

			if($mybb->input['dayway'] == "older")
{
$wsql .= "<=";

			}
else

			}
else

			{
$wsql .= ">=";
}

			{
$wsql .= ">=";
}

Zeile 1639Zeile 1708
		{
$wsql = "1=1";
}

		{
$wsql = "1=1";
}

		



		if(is_array($mybb->input['exportfolders']))
{
$folderlst = '';

		if(is_array($mybb->input['exportfolders']))
{
$folderlst = '';

Zeile 1657Zeile 1726
					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					if(!$folderlst)
{
$folderlst = " AND pm.folder IN ('$val'";

					}
else
{

					}
else
{

						$folderlst .= ",'$val'";
}
}

						$folderlst .= ",'$val'";
}
}

			}

			}

			if($folderlst)
{
$folderlst .= ")";

			if($folderlst)
{
$folderlst .= ")";

Zeile 1674Zeile 1743
		{
error($lang->error_pmnoarchivefolders);
}

		{
error($lang->error_pmnoarchivefolders);
}

		



		if($mybb->input['exportunread'] != 1)
{
$wsql .= " AND pm.status!='0'";

		if($mybb->input['exportunread'] != 1)
{
$wsql .= " AND pm.status!='0'";

Zeile 1693Zeile 1762
	{
error($lang->error_nopmsarchive);
}

	{
error($lang->error_nopmsarchive);
}

	



	$pmsdownload = '';
while($message = $db->fetch_array($query))
{

	$pmsdownload = '';
while($message = $db->fetch_array($query))
{

Zeile 1710Zeile 1779
				{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);
}

				{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);
}

			}

			}

			else
{
$tofromusername = $lang->not_sent;
}
$tofrom = $lang->to;

			else
{
$tofromusername = $lang->not_sent;
}
$tofrom = $lang->to;

		}
else
{

		}
else
{

			$tofromuid = $message['fromid'];
if($mybb->input['exporttype'] == "txt")

			$tofromuid = $message['fromid'];
if($mybb->input['exporttype'] == "txt")

			{

			{

				$tofromusername = $message['fromusername'];

				$tofromusername = $message['fromusername'];

			}

			}

			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);
}

			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);
}

			



			if($tofromuid == 0)
{
$tofromusername = $lang->mybb_engine;
}
$tofrom = $lang->from;

			if($tofromuid == 0)
{
$tofromusername = $lang->mybb_engine;
}
$tofrom = $lang->from;

		}


		}


		if($tofromuid == 0)
{
$message['fromusername'] = $lang->mybb_engine;
}

		if($tofromuid == 0)
{
$message['fromusername'] = $lang->mybb_engine;
}

		



		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

		if(!$message['toid'] && $message['folder'] == 3)
{
$message['tousername'] = $lang->not_sent;

Zeile 1757Zeile 1826
		{
$senddate = $lang->not_sent;
}

		{
$senddate = $lang->not_sent;
}

		



		if($mybb->input['exporttype'] == "html")
{
$parser_options = array(

		if($mybb->input['exporttype'] == "html")
{
$parser_options = array(

Zeile 1773Zeile 1842
			$message['message'] = $parser->parse_message($message['message'], $parser_options);
$message['subject'] = htmlspecialchars_uni($message['subject']);
}

			$message['message'] = $parser->parse_message($message['message'], $parser_options);
$message['subject'] = htmlspecialchars_uni($message['subject']);
}

		



		if($mybb->input['exporttype'] == "txt" || $mybb->input['exporttype'] == "csv")
{
$message['message'] = str_replace("\r\n", "\n", $message['message']);
$message['message'] = str_replace("\n", "\r\n", $message['message']);
}

		if($mybb->input['exporttype'] == "txt" || $mybb->input['exporttype'] == "csv")
{
$message['message'] = str_replace("\r\n", "\n", $message['message']);
$message['message'] = str_replace("\n", "\r\n", $message['message']);
}

		



		if($mybb->input['exporttype'] == "csv")

		if($mybb->input['exporttype'] == "csv")

		{

		{

			$message['message'] = addslashes($message['message']);
$message['subject'] = addslashes($message['subject']);
$message['tousername'] = addslashes($message['tousername']);
$message['fromusername'] = addslashes($message['fromusername']);
}

			$message['message'] = addslashes($message['message']);
$message['subject'] = addslashes($message['subject']);
$message['tousername'] = addslashes($message['tousername']);
$message['fromusername'] = addslashes($message['fromusername']);
}

		





		if(!$donefolder[$message['folder']])
{
reset($foldersexploded);

		if(!$donefolder[$message['folder']])
{
reset($foldersexploded);

Zeile 1814Zeile 1883
				}
}
}

				}
}
}

		



		eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";");
$ids .= ",'{$message['pmid']}'";

		eval("\$pmsdownload .= \"".$templates->get("private_archive_".$mybb->input['exporttype']."_message", 1, 0)."\";");
$ids .= ",'{$message['pmid']}'";

	}

$query = $db->simple_select("themestylesheets", "stylesheet", "sid=1", array('limit' => 1));
$css = $db->fetch_field($query, "stylesheet");






	}

if($mybb->input['exporttype'] == "html")
{
// Gather global stylesheet for HTML
$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));
$css = $db->fetch_field($query, "stylesheet");
}


	$plugins->run_hooks("private_do_export_end");

eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");

	$plugins->run_hooks("private_do_export_end");

eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");

Zeile 1831Zeile 1904
		// Update PM count
update_pm_count();
}

		// Update PM count
update_pm_count();
}

	



	if($mybb->input['exporttype'] == "html")
{
$filename = "pm-archive.html";

	if($mybb->input['exporttype'] == "html")
{
$filename = "pm-archive.html";

Zeile 1847Zeile 1920
		$filename = "pm-archive.txt";
$contenttype = "text/plain";
}

		$filename = "pm-archive.txt";
$contenttype = "text/plain";
}

	



	$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");
header("Content-type: ".$contenttype);

	$archived = str_replace("\\\'","'",$archived);
header("Content-disposition: filename=$filename");
header("Content-type: ".$contenttype);

	



	if($mybb->input['exporttype'] == "html")

	if($mybb->input['exporttype'] == "html")

	{

	{

		output_page($archived);
}
else
{
echo $archived;

		output_page($archived);
}
else
{
echo $archived;

	}

	}

}

if(!$mybb->input['action'])
{
$plugins->run_hooks("private_start");

}

if(!$mybb->input['action'])
{
$plugins->run_hooks("private_start");

	



	if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{
$mybb->input['fid'] = 1;
}

	if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{
$mybb->input['fid'] = 1;
}

	



	$folder = $mybb->input['fid'];

	$folder = $mybb->input['fid'];

	
$foldername = htmlspecialchars_uni($foldernames[$folder]);

	$foldername = $foldernames[$folder];



$lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername);
if($folder == 2 || $folder == 3)


$lang->pms_in_folder = $lang->sprintf($lang->pms_in_folder, $foldername);
if($folder == 2 || $folder == 3)

Zeile 1896Zeile 1968

$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);


$perpage = $mybb->settings['threadsperpage'];
$page = intval($mybb->input['page']);

	



	if(intval($mybb->input['page']) > 0)
{
$start = ($page-1) *$perpage;
}
else

	if(intval($mybb->input['page']) > 0)
{
$start = ($page-1) *$perpage;
}
else

	{

	{

		$start = 0;
$page = 1;

		$start = 0;
$page = 1;

	}


	}


	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	$end = $start + $perpage;
$lower = $start+1;
$upper = $end;

	



	if($upper > $threadcount)

	if($upper > $threadcount)

	{

	{

		$upper = $threadcount;
}
$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?fid=$folder");
$messagelist = '';

		$upper = $threadcount;
}
$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?fid=$folder");
$messagelist = '';

	



	$icon_cache = $cache->read("posticons");

	$icon_cache = $cache->read("posticons");

	



	// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)

	// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)

	{		

	{

		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));

		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->simple_select("privatemessages", "recipients", "folder='$folder' AND uid='{$mybb->user['uid']}'", array('limit_start' => $start, 'limit' => $perpage, 'order_by' => 'dateline', 'order_dir' => 'DESC'));

Zeile 1933Zeile 2005
			{
$get_users = array_merge($get_users, $recipients['to']);
}

			{
$get_users = array_merge($get_users, $recipients['to']);
}

			



			if(is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

			if(is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

			}
}


			}
}


		$get_users = implode(',', array_unique($get_users));

		$get_users = implode(',', array_unique($get_users));

		



		// Grab info
if($get_users)
{

		// Grab info
if($get_users)
{

Zeile 1952Zeile 2024
			}
}
}

			}
}
}

	



	$query = $db->query("
SELECT pm.*, fu.username AS fromusername, tu.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

	$query = $db->query("
SELECT pm.*, fu.username AS fromusername, tu.username as tousername
FROM ".TABLE_PREFIX."privatemessages pm

Zeile 1962Zeile 2034
		ORDER BY pm.dateline DESC
LIMIT $start, $perpage
");

		ORDER BY pm.dateline DESC
LIMIT $start, $perpage
");

		



	if($db->num_rows($query) > 0)
{
while($message = $db->fetch_array($query))

	if($db->num_rows($query) > 0)
{
while($message = $db->fetch_array($query))

Zeile 1977Zeile 2049
				$msgsuffix = "</strong>";
}
elseif($message['status'] == 1)

				$msgsuffix = "</strong>";
}
elseif($message['status'] == 1)

			{

			{

				$msgfolder = 'old_pm.gif';
$msgalt = $lang->old_pm;
}

				$msgfolder = 'old_pm.gif';
$msgalt = $lang->old_pm;
}

Zeile 1985Zeile 2057
			{
$msgfolder = 're_pm.gif';
$msgalt = $lang->reply_pm;

			{
$msgfolder = 're_pm.gif';
$msgalt = $lang->reply_pm;

			}

			}

			elseif($message['status'] == 4)
{
$msgfolder = 'fw_pm.gif';
$msgalt = $lang->fwd_pm;
}

			elseif($message['status'] == 4)
{
$msgfolder = 'fw_pm.gif';
$msgalt = $lang->fwd_pm;
}

			



			if($folder == 2 || $folder == 3)
{ // Sent Items or Drafts Folder Check
$recipients = unserialize($message['recipients']);

			if($folder == 2 || $folder == 3)
{ // Sent Items or Drafts Folder Check
$recipients = unserialize($message['recipients']);

Zeile 2007Zeile 2079
						{
$username = $lang->na;
}

						{
$username = $lang->na;
}

						eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 

						eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

					}
if(is_array($recipients['bcc']) && count($recipients['bcc']))
{

					}
if(is_array($recipients['bcc']) && count($recipients['bcc']))
{

Zeile 2021Zeile 2093
							{
$username = $lang->na;
}

							{
$username = $lang->na;
}

							eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";"); 

							eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");

						}
}

						}
}

					



					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

					eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");
}
else if($message['toid'])

Zeile 2045Zeile 2117
				{
$tofromusername = $lang->mybb_engine;
}

				{
$tofromusername = $lang->mybb_engine;
}

				



				if(!$tofromusername)
{
$tofromuid = 0;
$tofromusername = $lang->na;
}
}

				if(!$tofromusername)
{
$tofromuid = 0;
$tofromusername = $lang->na;
}
}

			



			$tofromusername = build_profile_link($tofromusername, $tofromuid);

			$tofromusername = build_profile_link($tofromusername, $tofromuid);

			
if($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $message['receipt'] == '1' && $message['folder'] != '3' && $message['folder'] != 2)


if($mybb->usergroup['candenypmreceipts'] == 1 && $message['receipt'] == '1' && $message['folder'] != '3' && $message['folder'] != 2)

			{
eval("\$denyreceipt = \"".$templates->get("private_messagebit_denyreceipt")."\";");

			{
eval("\$denyreceipt = \"".$templates->get("private_messagebit_denyreceipt")."\";");

			}
else

			}
else

			{
$denyreceipt = '';
}

			{
$denyreceipt = '';
}

			



			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

			if($message['icon'] > 0 && $icon_cache[$message['icon']])
{
$icon = $icon_cache[$message['icon']];

 
				$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

				$icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" align=\"center\" valign=\"middle\" />";

			}

			}

			else
{
$icon = '&#009;';
}

			else
{
$icon = '&#009;';
}

			



			if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;

			if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;

Zeile 2127Zeile 2201
				$overhalf = "100%";
}
}

				$overhalf = "100%";
}
}

		



		eval("\$pmspacebar = \"".$templates->get("private_pmspace")."\";");

		eval("\$pmspacebar = \"".$templates->get("private_pmspace")."\";");

	}


	}


	if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1)
{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}

	if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1)
{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}

	



	$plugins->run_hooks("private_end");

	$plugins->run_hooks("private_end");

	



	eval("\$folder = \"".$templates->get("private")."\";");
output_page($folder);
}

	eval("\$folder = \"".$templates->get("private")."\";");
output_page($folder);
}