Vergleich private.php - 1.8.4 - 1.8.9

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 12Zeile 12
define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


$templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,private_orderarrow,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_empty,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_nav_editsignature,posticons_icon";
$templatelist .= ",private_messagebit,codebuttons,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to,postbit_online,postbit_warninglevel_formatted,postbit_iplogged_hiden";

$templatelist = "private_send,private_send_buddyselect,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start";
$templatelist .= ",private_messagebit,codebuttons,posticons,private_send_autocomplete,private_messagebit_denyreceipt,postbit_warninglevel_formatted,private_emptyexportlink,postbit_purgespammer,postbit_gotopost,private_read";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink,postbit_purgespammer";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_gotopost,postbit_userstar,postbit_reputation_formatted_link,postbit_icon";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find,private_emptyexportlink";


$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_reputation_formatted_link";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders,usercp_nav_home";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find";
$templatelist .= ",usercp_nav_editsignature,posticons_icon,postbit_icon,postbit_iplogged_hiden,usercp_nav_profile,usercp_nav_misc,postbit_userstar,private_read_to,postbit_online,private_empty,private_orderarrow,postbit_reply_pm";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 49Zeile 50
		 "pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

		 "pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

}

// On a random occassion, recount the user's pms just to make sure everything is in sync.
$rand = my_rand(0, 9);
if($rand == 5)
{
update_pm_count();

 
}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

Zeile 80Zeile 74

$folder_id = $folderinfo[0];
$folder_name = $folderinfo[1];


$folder_id = $folderinfo[0];
$folder_name = $folderinfo[1];





	eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

Zeile 89Zeile 83
eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");

eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");





usercp_menu();

usercp_menu();





$plugins->run_hooks("private_start");

$plugins->run_hooks("private_start");





// Make navigation
add_breadcrumb($lang->nav_pms, "private.php");


// Make navigation
add_breadcrumb($lang->nav_pms, "private.php");


Zeile 163Zeile 157
				$lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
}
error($lang->error_searchflooding);

				$lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
}
error($lang->error_searchflooding);

		}

		}

	}

if($mybb->get_input('subject', MyBB::INPUT_INT) != 1 && $mybb->get_input('message', MyBB::INPUT_INT) != 1)

	}

if($mybb->get_input('subject', MyBB::INPUT_INT) != 1 && $mybb->get_input('message', MyBB::INPUT_INT) != 1)

	{

	{

		error($lang->error_nosearchresults);
}

if($mybb->get_input('message', MyBB::INPUT_INT) == 1)
{
$resulttype = "pmmessages";

		error($lang->error_nosearchresults);
}

if($mybb->get_input('message', MyBB::INPUT_INT) == 1)
{
$resulttype = "pmmessages";

	}
else
{

	}
else
{

		$resulttype = "pmsubjects";
}


		$resulttype = "pmsubjects";
}


Zeile 198Zeile 192
	else
{
error($lang->error_no_search_support);

	else
{
error($lang->error_no_search_support);

	}

	}

	$sid = md5(uniqid(microtime(), true));
$searcharray = array(
"sid" => $db->escape_string($sid),

	$sid = md5(uniqid(microtime(), true));
$searcharray = array(
"sid" => $db->escape_string($sid),

Zeile 266Zeile 260
		if($query_sortby == "username")
{
$query_sortby = "fromusername";

		if($query_sortby == "username")
{
$query_sortby = "fromusername";

		}
}
else

		}
}
else

	{
$sortby = $query_sortby = "dateline";
}

	{
$sortby = $query_sortby = "dateline";
}

Zeile 338Zeile 332
	}

$get_users = implode(',', array_unique($get_users));

	}

$get_users = implode(',', array_unique($get_users));





	// Grab info
if($get_users)
{

	// Grab info
if($get_users)
{

Zeile 360Zeile 354
	");
while($message = $db->fetch_array($query))
{

	");
while($message = $db->fetch_array($query))
{

		$msgalt = $msgsuffix = $msgprefix = '';

		$msgalt = $msgstatus = '';


// Determine Folder Icon
if($message['status'] == 0)
{


// Determine Folder Icon
if($message['status'] == 0)
{

			$msgfolder = 'new_pm.png';

			$msgstatus = 'new_pm';

			$msgalt = $lang->new_pm;

			$msgalt = $lang->new_pm;

			$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
		}

		}

		elseif($message['status'] == 1)

		else if($message['status'] == 1)

		{

		{

			$msgfolder = 'old_pm.png';

			$msgstatus = 'old_pm';

			$msgalt = $lang->old_pm;
}

			$msgalt = $lang->old_pm;
}

		elseif($message['status'] == 3)

		else if($message['status'] == 3)

		{

		{

			$msgfolder = 're_pm.png';

			$msgstatus = 're_pm';

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgfolder = 'fw_pm.png';

			$msgstatus = 'fw_pm';

			$msgalt = $lang->fwd_pm;
}


			$msgalt = $lang->fwd_pm;
}


Zeile 400Zeile 392
				{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

				{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
					$user['username'] = htmlspecialchars_uni($user['username']);

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

Zeile 410Zeile 403
					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}
}

eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}
}

eval("\$tofromusername = \"".$templates->get("private_multiple_recipients")."\";");

			}

			}

			else if($message['toid'])
{

			else if($message['toid'])
{

				$tofromusername = $message['tousername'];

				$tofromusername = htmlspecialchars_uni($message['tousername']);

				$tofromuid = $message['toid'];

				$tofromuid = $message['toid'];

			}

			}

			else
{
$tofromusername = $lang->not_sent;

			else
{
$tofromusername = $lang->not_sent;

			}

			}

		}
else
{

		}
else
{

			$tofromusername = $message['fromusername'];

			$tofromusername = htmlspecialchars_uni($message['fromusername']);

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

Zeile 452Zeile 446
		else
{
$icon = '&#009;';

		else
{
$icon = '&#009;';

		}


		}


		if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;

		if(!trim($message['subject']))
{
$message['subject'] = $lang->pm_no_subject;

Zeile 522Zeile 516
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

	{
exit;

	{
exit;

	}

// Verify incoming POST request

	}

// Verify incoming POST request

Zeile 561Zeile 555
	$plugins->run_hooks("private_send_do_send");

// Attempt to see if this PM is a duplicate or not

	$plugins->run_hooks("private_send_do_send");

// Attempt to see if this PM is a duplicate or not

 
	$to = array_map("trim", explode(",", $mybb->get_input('to')));
$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));

	$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("
SELECT pm.pmid
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON(u.uid=pm.toid)

	$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("
SELECT pm.pmid
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON(u.uid=pm.toid)

		WHERE LOWER(u.username)='".$db->escape_string(my_strtolower($mybb->get_input('to')))."' AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'


		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1

	");
$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

	");
$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

Zeile 588Zeile 585
	);

// Split up any recipients we have

	);

// Split up any recipients we have

	$pm['to'] = explode(",", $mybb->get_input('to'));
$pm['to'] = array_map("trim", $pm['to']);

	$pm['to'] = $to;


	if(!empty($mybb->input['bcc']))
{
$pm['bcc'] = explode(",", $mybb->get_input('bcc'));

	if(!empty($mybb->input['bcc']))
{
$pm['bcc'] = explode(",", $mybb->get_input('bcc'));

Zeile 632Zeile 628
	if(!empty($mybb->input['saveasdraft']))
{
$pm['saveasdraft'] = 1;

	if(!empty($mybb->input['saveasdraft']))
{
$pm['saveasdraft'] = 1;

	}

	}

	$pmhandler->set_data($pm);

// Now let the pm handler do all the hard work.

	$pmhandler->set_data($pm);

// Now let the pm handler do all the hard work.

Zeile 737Zeile 733
		$post['dateline'] = TIME_NOW;

if(!isset($options['signature']))

		$post['dateline'] = TIME_NOW;

if(!isset($options['signature']))

		{

		{

			$post['includesig'] = 0;
}
else

			$post['includesig'] = 0;
}
else

Zeile 755Zeile 751
			'namestyle' => 'namestyle',
'usereputationsystem' => 'usereputationsystem'
);

			'namestyle' => 'namestyle',
'usereputationsystem' => 'usereputationsystem'
);





		foreach($data_key as $field => $key)
{
$post[$key] = $groupscache[$post['usergroup']][$field];

		foreach($data_key as $field => $key)
{
$post[$key] = $groupscache[$post['usergroup']][$field];

		}

		}


$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");


$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");

Zeile 772Zeile 768
			$optionschecked['signature'] = 'checked="checked"';
}
if($mybb->usergroup['cantrackpms'] == 1)

			$optionschecked['signature'] = 'checked="checked"';
}
if($mybb->usergroup['cantrackpms'] == 1)

		{

		{

			$optionschecked['readreceipt'] = 'checked="checked"';
}
$optionschecked['savecopy'] = 'checked="checked"';

			$optionschecked['readreceipt'] = 'checked="checked"';
}
$optionschecked['savecopy'] = 'checked="checked"';

Zeile 913Zeile 909

// New PM with recipient preset
if($mybb->get_input('uid', MyBB::INPUT_INT) && empty($mybb->input['preview']))


// New PM with recipient preset
if($mybb->get_input('uid', MyBB::INPUT_INT) && empty($mybb->input['preview']))

	{

	{

		$query = $db->simple_select('users', 'username', "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username')).', ';
}

		$query = $db->simple_select('users', 'username', "uid='".$mybb->get_input('uid', MyBB::INPUT_INT)."'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username')).', ';
}

Zeile 981Zeile 977
	if(!$pm)
{
error($lang->error_invalidpm);

	if(!$pm)
{
error($lang->error_invalidpm);

	}


	}


	if($pm['folder'] == 3)
{
header("Location: private.php?action=send&pmid={$pm['pmid']}");

	if($pm['folder'] == 3)
{
header("Location: private.php?action=send&pmid={$pm['pmid']}");

Zeile 1049Zeile 1045
	{
$reply_string = $lang->you_replied_on;
$reply_date = my_date('relative', $pm['statustime']);

	{
$reply_string = $lang->you_replied_on;
$reply_date = my_date('relative', $pm['statustime']);


if((TIME_NOW - $pm['statustime']) < 3600)
{


if((TIME_NOW - $pm['statustime']) < 3600)
{

			// Relative string for the first hour
$reply_string = $lang->you_replied;
}

			// Relative string for the first hour
$reply_string = $lang->you_replied;
}

Zeile 1109Zeile 1105
	}

// Fetch recipient names from the database

	}

// Fetch recipient names from the database

	$bcc_recipients = $to_recipients = array();

	$bcc_recipients = $to_recipients = $bcc_form_val = array();

	$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

	$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

 
		$recipient['username'] = htmlspecialchars_uni($recipient['username']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

 
			$bcc_form_val[] = $recipient['username'];

		}
// User is a normal recipient
else if(in_array($recipient['uid'], $pm['recipients']['to']))

		}
// User is a normal recipient
else if(in_array($recipient['uid'], $pm['recipients']['to']))

Zeile 1129Zeile 1127
	if(count($bcc_recipients) > 0)
{
$bcc_recipients = implode(', ', $bcc_recipients);

	if(count($bcc_recipients) > 0)
{
$bcc_recipients = implode(', ', $bcc_recipients);

 
		$bcc_form_val = implode(',', $bcc_form_val);

		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

 
	}
else
{
$bcc_form_val = '';

	}

$replyall = false;
if(count($to_recipients) > 1)

	}

$replyall = false;
if(count($to_recipients) > 1)

	{

	{

		$replyall = true;
}

		$replyall = true;
}


if(count($to_recipients) > 0)
{
$to_recipients = implode(", ", $to_recipients);
}


if(count($to_recipients) > 0)
{
$to_recipients = implode($lang->comma, $to_recipients);
}

	else
{
$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

	else
{
$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");





	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);


	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);


Zeile 1157Zeile 1160
	if($mybb->settings['pmquickreply'] != 0 && $mybb->user['showquickreply'] != 0 && $mybb->usergroup['cansendpms'] != 0 && $pm['fromid'] != 0 && $pm['folder'] != 3)
{
$trow = alt_trow();

	if($mybb->settings['pmquickreply'] != 0 && $mybb->user['showquickreply'] != 0 && $mybb->usergroup['cansendpms'] != 0 && $pm['fromid'] != 0 && $pm['folder'] != 3)
{
$trow = alt_trow();





		$optionschecked = array('savecopy' => 'checked="checked"');
if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

		$optionschecked = array('savecopy' => 'checked="checked"');
if(!empty($mybb->user['signature']))
{
$optionschecked['signature'] = 'checked="checked"';

		}

		}

		if($mybb->usergroup['cantrackpms'] == 1)
{
$optionschecked['readreceipt'] = 'checked="checked"';

		if($mybb->usergroup['cantrackpms'] == 1)
{
$optionschecked['readreceipt'] = 'checked="checked"';

		}

		}


require_once MYBB_ROOT.'inc/functions_posting.php';



require_once MYBB_ROOT.'inc/functions_posting.php';


Zeile 1187Zeile 1190
		if($mybb->user['uid'] == $pm['fromid'])
{
$to = htmlspecialchars_uni($mybb->user['username']);

		if($mybb->user['uid'] == $pm['fromid'])
{
$to = htmlspecialchars_uni($mybb->user['username']);

		}

		}

		else
{
$query = $db->simple_select('users', 'username', "uid='{$pm['fromid']}'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username'));

		else
{
$query = $db->simple_select('users', 'username', "uid='{$pm['fromid']}'");
$to = htmlspecialchars_uni($db->fetch_field($query, 'username'));

		}

		}


$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])


$private_send_tracking = '';
if($mybb->usergroup['cantrackpms'])

Zeile 1261Zeile 1264

$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername


$query = $db->query("
SELECT pm.pmid, pm.subject, pm.toid, pm.readtime, u.username as tousername

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)

		WHERE pm.receipt='2' AND pm.folder!='3'  AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."'
ORDER BY pm.readtime DESC
LIMIT {$start}, {$perpage}

		WHERE pm.receipt='2' AND pm.folder!='3'  AND pm.status!='0' AND pm.fromid='".$mybb->user['uid']."'
ORDER BY pm.readtime DESC
LIMIT {$start}, {$perpage}

Zeile 1270Zeile 1273
	while($readmessage = $db->fetch_array($query))
{
$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

	while($readmessage = $db->fetch_array($query))
{
$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

 
		$readmessage['tousername'] = htmlspecialchars_uni($readmessage['tousername']);

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

Zeile 1279Zeile 1283
	if(!empty($readmessages))
{
eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");

	if(!empty($readmessages))
{
eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");

	}


	}


	if(!$readmessages)
{
eval("\$readmessages = \"".$templates->get("private_tracking_nomessage")."\";");

	if(!$readmessages)
{
eval("\$readmessages = \"".$templates->get("private_tracking_nomessage")."\";");

Zeile 1296Zeile 1300
	if($mybb->get_input('unread_page') == "last")
{
$page = $pages;

	if($mybb->get_input('unread_page') == "last")
{
$page = $pages;

	}


	}


	if($page > $pages || $page <= 0)
{
$page = 1;

	if($page > $pages || $page <= 0)
{
$page = 1;

Zeile 1326Zeile 1330
	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

 
		$unreadmessage['tousername'] = htmlspecialchars_uni($unreadmessage['tousername']);

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

Zeile 1362Zeile 1367
		if(!empty($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

		if(!empty($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".(int)$key." AND fromid=".$mybb->user['uid']);
}

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".(int)$key." AND fromid=".$mybb->user['uid']);
}

		}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);

		}
$plugins->run_hooks("private_do_tracking_end");
redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);

Zeile 1473Zeile 1478
}

if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post")

{

{

	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


	// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));


Zeile 1505Zeile 1510
				{
case 1:
if($val == $lang->folder_inbox || trim($val) == '')

				{
case 1:
if($val == $lang->folder_inbox || trim($val) == '')

						{
$val = '';
}

						{
$val = '';
}

						break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')

						break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')

						{
$val = '';

						{
$val = '';

						}
break;
case 3:

						}
break;
case 3:

Zeile 1528Zeile 1533
						}
break;
}

						}
break;
}

			}


			}


			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error

			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))
{
// If the name only contains whitespace and it's not a default folder, print an error

Zeile 1542Zeile 1547
				$foldername = $db->escape_string(htmlspecialchars_uni($val));

if(my_strpos($foldername, "$%%$") === false)

				$foldername = $db->escape_string(htmlspecialchars_uni($val));

if(my_strpos($foldername, "$%%$") === false)

				{

				{

					if($folders != '')
{
$folders .= "$%%$";

					if($folders != '')
{
$folders .= "$%%$";

Zeile 1646Zeile 1651
}

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")

{
// Verify incoming POST request

{
// Verify incoming POST request

	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_do_stuff");

	verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_do_stuff");

Zeile 1682Zeile 1687
		}
}
elseif(!empty($mybb->input['delete']))

		}
}
elseif(!empty($mybb->input['delete']))

	{

	{

		$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))
{

		$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))
{

Zeile 1753Zeile 1758
			"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");

			"deletetime" => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid='".$mybb->get_input('pmid', MyBB::INPUT_INT)."' AND uid='".$mybb->user['uid']."'");

	}

	}


// Update PM count
update_pm_count();


// Update PM count
update_pm_count();

Zeile 1767Zeile 1772
	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	if($mybb->user['totalpms'] == 0)
{
error($lang->error_nopms);

	}

$plugins->run_hooks("private_export_start");


	}

$plugins->run_hooks("private_export_start");


	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folder_name = $folder_id = '';
foreach($foldersexploded as $key => $folders)

	$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
$folder_name = $folder_id = '';
foreach($foldersexploded as $key => $folders)

Zeile 1787Zeile 1792
	eval("\$folderlist = \"".$templates->get("private_archive_folders")."\";");

$plugins->run_hooks("private_export_end");

	eval("\$folderlist = \"".$templates->get("private_archive_folders")."\";");

$plugins->run_hooks("private_export_end");





	eval("\$archive = \"".$templates->get("private_archive")."\";");

output_page($archive);
}

	eval("\$archive = \"".$templates->get("private_archive")."\";");

output_page($archive);
}





if($mybb->input['action'] == "do_export" && $mybb->request_method == "post")
{
// Verify incoming POST request

if($mybb->input['action'] == "do_export" && $mybb->request_method == "post")
{
// Verify incoming POST request

Zeile 1800Zeile 1805

$plugins->run_hooks("private_do_export_start");



$plugins->run_hooks("private_do_export_start");


	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']);

	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, htmlspecialchars_uni($mybb->user['username']));

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);
$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);
foreach($foldersexploded as $key => $folders)

	{

	{

		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$foldersexploded[$key] = implode("**", $folderinfo);

		$folderinfo = explode("**", $folders, 2);
$folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$foldersexploded[$key] = implode("**", $folderinfo);

	}

	}


if($mybb->get_input('pmid', MyBB::INPUT_INT))
{


if($mybb->get_input('pmid', MyBB::INPUT_INT))
{

Zeile 1823Zeile 1828
			$datecut = TIME_NOW-($mybb->get_input('daycut', MyBB::INPUT_INT) * 86400);
$wsql = "pm.dateline";
if($mybb->get_input('dayway') == "older")

			$datecut = TIME_NOW-($mybb->get_input('daycut', MyBB::INPUT_INT) * 86400);
$wsql = "pm.dateline";
if($mybb->get_input('dayway') == "older")

			{

			{

				$wsql .= "<=";
}
else

				$wsql .= "<=";
}
else

Zeile 1845Zeile 1850
			{
$val = $db->escape_string($val);
if($val == "all")

			{
$val = $db->escape_string($val);
if($val == "all")

				{

				{

					$folderlst = '';
break;
}

					$folderlst = '';
break;
}

Zeile 1858Zeile 1863
					else
{
$folderlst .= ",'$val'";

					else
{
$folderlst .= ",'$val'";

					}

					}

				}
}
if($folderlst)

				}
}
if($folderlst)

Zeile 1889Zeile 1894
	if(!$numpms)
{
error($lang->error_nopmsarchive);

	if(!$numpms)
{
error($lang->error_nopmsarchive);

	}

$mybb->input['exporttype'] = $mybb->get_input('exporttype');


	}

$mybb->input['exporttype'] = $mybb->get_input('exporttype');


	$pmsdownload = $ids = '';
while($message = $db->fetch_array($query))
{

	$pmsdownload = $ids = '';
while($message = $db->fetch_array($query))
{

Zeile 1909Zeile 1914
				{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);
}

				{
$tofromusername = build_profile_link($message['tousername'], $tofromuid);
}

			}
else

			}
else

			{
$tofromusername = $lang->not_sent;
}

			{
$tofromusername = $lang->not_sent;
}

Zeile 1926Zeile 1931
			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);

			else
{
$tofromusername = build_profile_link($message['fromusername'], $tofromuid);

			}


			}


			if($tofromuid == 0)
{
$tofromusername = $lang->mybb_engine;

			if($tofromuid == 0)
{
$tofromusername = $lang->mybb_engine;

Zeile 1997Zeile 2002
				{
$foldername = $folderinfo[1];
if($mybb->input['exporttype'] != "csv")

				{
$foldername = $folderinfo[1];
if($mybb->input['exporttype'] != "csv")

					{

					{

						if($mybb->input['exporttype'] != "html")
{
$mybb->input['exporttype'] == "txt";

						if($mybb->input['exporttype'] != "html")
{
$mybb->input['exporttype'] == "txt";

Zeile 2022Zeile 2027
		// Gather global stylesheet for HTML
$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));
$css = $db->fetch_field($query, "stylesheet");

		// Gather global stylesheet for HTML
$query = $db->simple_select("themestylesheets", "stylesheet", "sid = '1'", array('limit' => 1));
$css = $db->fetch_field($query, "stylesheet");

	}


	}


	$plugins->run_hooks("private_do_export_end");

eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");

	$plugins->run_hooks("private_do_export_end");

eval("\$archived = \"".$templates->get("private_archive_".$mybb->input['exporttype'], 1, 0)."\";");

Zeile 2032Zeile 2037
		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

	}

if($mybb->input['exporttype'] == "html")
{

	}

if($mybb->input['exporttype'] == "html")
{

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

Zeile 2060Zeile 2065
	}
else
{

	}
else
{

 
		echo "\xEF\xBB\xBF"; // UTF-8 BOM

		echo $archived;
}
}

		echo $archived;
}
}

Zeile 2139Zeile 2145
	if($page > 0)
{
$start = ($page-1) *$perpage;

	if($page > 0)
{
$start = ($page-1) *$perpage;

	}
else

	}
else

	{
$start = 0;
$page = 1;

	{
$start = 0;
$page = 1;

Zeile 2156Zeile 2162
	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	{
$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$mybb->input['order']}";

	{
$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$sortordernow}";

	}
else
{

	}
else
{

Zeile 2166Zeile 2172

$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);
$messagelist = '';


$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);
$messagelist = '';





	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

Zeile 2175Zeile 2181
		if($sortfield == "username")
{
$u = "u.";

		if($sortfield == "username")
{
$u = "u.";

		}
else

		}
else

		{
$u = "pm.";
}

		{
$u = "pm.";
}

Zeile 2188Zeile 2194
			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			ORDER BY {$u}{$sortfield} {$mybb->input['order']}

			ORDER BY {$u}{$sortfield} {$sortordernow}

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);
if(is_array($recipients['to']) && count($recipients['to']))

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))
{
$recipients = my_unserialize($row['recipients']);
if(is_array($recipients['to']) && count($recipients['to']))

			{

			{

				$get_users = array_merge($get_users, $recipients['to']);
}


				$get_users = array_merge($get_users, $recipients['to']);
}


Zeile 2204Zeile 2210
				$get_users = array_merge($get_users, $recipients['bcc']);
}
}

				$get_users = array_merge($get_users, $recipients['bcc']);
}
}





		$get_users = implode(',', array_unique($get_users));

// Grab info

		$get_users = implode(',', array_unique($get_users));

// Grab info

Zeile 2212Zeile 2218
		{
$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))

		{
$users_query = $db->simple_select("users", "uid, username, usergroup, displaygroup", "uid IN ({$get_users})");
while($user = $db->fetch_array($users_query))

			{

			{

				$cached_users[$user['uid']] = $user;
}
}

				$cached_users[$user['uid']] = $user;
}
}

Zeile 2255Zeile 2261
	{
while($message = $db->fetch_array($query))
{

	{
while($message = $db->fetch_array($query))
{

			$msgalt = $msgsuffix = $msgprefix = '';


			$msgalt = $msgstatus = '';


			// Determine Folder Icon
if($message['status'] == 0)
{

			// Determine Folder Icon
if($message['status'] == 0)
{

				$msgfolder = 'new_pm.png';

				$msgstatus = 'new_pm';

				$msgalt = $lang->new_pm;

				$msgalt = $lang->new_pm;

				$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
			}

			}

			elseif($message['status'] == 1)

			else if($message['status'] == 1)

			{

			{

				$msgfolder = 'old_pm.png';

				$msgstatus = 'old_pm';

				$msgalt = $lang->old_pm;
}

				$msgalt = $lang->old_pm;
}

			elseif($message['status'] == 3)

			else if($message['status'] == 3)

			{

			{

				$msgfolder = 're_pm.png';

				$msgstatus = 're_pm';

				$msgalt = $lang->reply_pm;
}

				$msgalt = $lang->reply_pm;
}

			elseif($message['status'] == 4)

			else if($message['status'] == 4)

			{

			{

				$msgfolder = 'fw_pm.png';

				$msgstatus = 'fw_pm';

				$msgalt = $lang->fwd_pm;
}


				$msgalt = $lang->fwd_pm;
}


Zeile 2291Zeile 2296
					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2305Zeile 2311
						{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

						{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
							$user['username'] = htmlspecialchars_uni($user['username']);

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2318Zeile 2325
				}
else if($message['toid'])
{

				}
else if($message['toid'])
{

					$tofromusername = $message['tousername'];

					$tofromusername = htmlspecialchars_uni($message['tousername']);

					$tofromuid = $message['toid'];

					$tofromuid = $message['toid'];

				}

				}

				else
{
$tofromusername = $lang->not_sent;

				else
{
$tofromusername = $lang->not_sent;

Zeile 2328Zeile 2335
			}
else
{

			}
else
{

				$tofromusername = $message['fromusername'];

				$tofromusername = htmlspecialchars_uni($message['fromusername']);

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{