Vergleich inc/datahandlers/pm.php - 1.8.2 - 1.8.6

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 50Zeile 50

/**
* PM ID currently being manipulated by the datahandlers.


/**
* PM ID currently being manipulated by the datahandlers.

 
	 *
* @var int

	 */
public $pmid = 0;


	 */
public $pmid = 0;


Zeile 95Zeile 97

// No message, return an error.
if(trim_blank_chrs($message) == '')


// No message, return an error.
if(trim_blank_chrs($message) == '')

		{

		{

			$this->set_error("missing_message");
return false;
}

			$this->set_error("missing_message");
return false;
}

Zeile 123Zeile 125
		$sender = get_user($pm['fromid']);

// Collect user permissions for the sender.

		$sender = get_user($pm['fromid']);

// Collect user permissions for the sender.

		$sender_permissions = user_permissions($pm['fromid']);


		$sender_permissions = user_permissions($pm['fromid']);


		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

Zeile 167Zeile 169
					$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

					$pm[$recipient_type] = array();
}
if(!is_array($pm[$recipient_type]))

				{

				{

					$pm[$recipient_type] = array($pm[$recipient_type]);
}

					$pm[$recipient_type] = array($pm[$recipient_type]);
}





				$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))

				$pm[$recipient_type] = array_map('trim', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);

// No recipients? Skip query
if(empty($pm[$recipient_type]))

				{

				{

					if($recipient_type == 'to' && !$pm['saveasdraft'])
{
$this->set_error("no_recipients");

					if($recipient_type == 'to' && !$pm['saveasdraft'])
{
$this->set_error("no_recipients");

Zeile 195Zeile 197
				while($user = $db->fetch_array($query))
{
if($recipient_type == "bcc")

				while($user = $db->fetch_array($query))
{
if($recipient_type == "bcc")

					{
$user['bcc'] = 1;
}

$recipients[] = $user;

					{
$user['bcc'] = 1;
}

$recipients[] = $user;

					$validUsernames[] = $user['username'];
}


					$validUsernames[] = $user['username'];
}


Zeile 208Zeile 210
					if(!in_array($username, $validUsernames))
{
$invalid_recipients[] = $username;

					if(!in_array($username, $validUsernames))
{
$invalid_recipients[] = $username;

					}
}

					}
}

			}
}
// We have recipient IDs

			}
}
// We have recipient IDs

Zeile 218Zeile 220
			foreach(array("toid", "bccid") as $recipient_type)
{
if(!isset($pm[$recipient_type]))

			foreach(array("toid", "bccid") as $recipient_type)
{
if(!isset($pm[$recipient_type]))

				{

				{

					$pm[$recipient_type] = array();

					$pm[$recipient_type] = array();

				}

				}

				if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
}
$pm[$recipient_type] = array_map('intval', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);

				if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);
}
$pm[$recipient_type] = array_map('intval', $pm[$recipient_type]);
$pm[$recipient_type] = array_filter($pm[$recipient_type]);





				// No recipients? Skip query
if(empty($pm[$recipient_type]))
{

				// No recipients? Skip query
if(empty($pm[$recipient_type]))
{

Zeile 246Zeile 248
				$validUids = array();

while($user = $db->fetch_array($query))

				$validUids = array();

while($user = $db->fetch_array($query))

				{

				{

					if($recipient_type == "bccid")
{
$user['bcc'] = 1;
}

					if($recipient_type == "bccid")
{
$user['bcc'] = 1;
}





					$recipients[] = $user;
$validUids[] = $user['uid'];

					$recipients[] = $user;
$validUids[] = $user['uid'];

				}


				}


				foreach($pm[$recipient_type] as $uid)
{
if(!in_array($uid, $validUids))

				foreach($pm[$recipient_type] as $uid)
{
if(!in_array($uid, $validUids))

Zeile 269Zeile 271
		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{

		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{

			$invalid_recipients = implode(", ", array_map("htmlspecialchars_uni", $invalid_recipients));

			$invalid_recipients = implode($lang->comma, array_map("htmlspecialchars_uni", $invalid_recipients));

			$this->set_error("invalid_recipients", array($invalid_recipients));

			$this->set_error("invalid_recipients", array($invalid_recipients));

			return false;
}

$sender_permissions = user_permissions($pm['fromid']);

			return false;
}

$sender_permissions = user_permissions($pm['fromid']);


// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)


// Are we trying to send this message to more users than the permissions allow?
if($sender_permissions['maxpmrecipients'] > 0 && count($recipients) > $sender_permissions['maxpmrecipients'] && $this->admin_override != true)

Zeile 292Zeile 294
			// - admin_override is set or
// - sender is an administrator
if(($this->admin_override != true && $sender_permissions['cancp'] != 1) && $sender_permissions['canoverridepm'] != 1)

			// - admin_override is set or
// - sender is an administrator
if(($this->admin_override != true && $sender_permissions['cancp'] != 1) && $sender_permissions['canoverridepm'] != 1)

			{
$ignorelist = explode(",", $user['ignorelist']);
if(!empty($ignorelist) && in_array($pm['fromid'], $ignorelist))
{
$this->set_error("recipient_is_ignoring", array($user['username']));

			{
if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)
{
$this->set_error('recipient_is_ignoring', array($user['username']));


				}

// Is the recipient only allowing private messages from their buddy list?

				}

// Is the recipient only allowing private messages from their buddy list?

				if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)

				if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1 && !empty($user['buddylist']) && strpos(','.$user['buddylist'].',', ','.$pm['fromid'].',') === false)

				{

				{

					$buddylist = explode(",", $user['buddylist']);
if(!empty($buddylist) && !in_array($pm['fromid'], $buddylist))
{
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}

					$this->set_error('recipient_has_buddy_only', array(htmlspecialchars_uni($user['username'])));





				}

// Can the recipient actually receive private messages based on their permissions or user setting?

				}

// Can the recipient actually receive private messages based on their permissions or user setting?

Zeile 327Zeile 324
				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				elseif($mybb->settings['bblanguage'])
{
$uselang = $mybb->settings['bblanguage'];

				}
else

				}
else

				{
$uselang = "english";
}

				{
$uselang = "english";
}

Zeile 355Zeile 352
					"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''

					"subject" => $db->escape_string($emailsubject),
"message" => $db->escape_string($emailmessage),
"headers" => ''

				);


				);


				$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();


				$db->insert_query("mailqueue", $new_email);
$cache->update_mailqueue();


Zeile 389Zeile 386
	/**
* Verify that the user is not flooding the system.
*

	/**
* Verify that the user is not flooding the system.
*

	* @return boolean True

	* @return boolean

	*/
function verify_pm_flooding()
{

	*/
function verify_pm_flooding()
{

Zeile 571Zeile 568
			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => (int)$pm['options']['readreceipt'],
'readtime' => 0,

			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => (int)$pm['options']['readreceipt'],
'readtime' => 0,

			'recipients' => $db->escape_string(serialize($recipient_list)),

			'recipients' => $db->escape_string(my_serialize($recipient_list)),

			'ipaddress' => $db->escape_binary($pm['ipaddress'])
);


			'ipaddress' => $db->escape_binary($pm['ipaddress'])
);


Zeile 657Zeile 654

require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;


require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;

				$pm['message'] = $parser->text_parse_message($pm['message'], array('me_username' => $pm['sender']['username'], 'filter_badwords' => 1, 'safe_html' => 1));







			
$parser_options = array(
'me_username' => $pm['sender']['username'],
'filter_badwords' => 1
);

$pm['message'] = $parser->text_parse_message($pm['message'], $parser_options);


$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);


$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);