Vergleich private.php - 1.8.4 - 1.8.19

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 12Zeile 12
define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


define("IGNORE_CLEAN_VARS", "sid");
define('THIS_SCRIPT', 'private.php');


$templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,private_orderarrow,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_empty,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_nav_editsignature,posticons_icon";
$templatelist .= ",private_messagebit,codebuttons,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to,postbit_online,postbit_warninglevel_formatted,postbit_iplogged_hiden";

$templatelist = "private_send,private_send_buddyselect,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop";
$templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop";
$templatelist .= ",usercp_nav_messenger,usercp_nav_changename,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start";
$templatelist .= ",private_messagebit,codebuttons,posticons,private_send_autocomplete,private_messagebit_denyreceipt,postbit_warninglevel_formatted,private_emptyexportlink,postbit_purgespammer,postbit_gotopost,private_read";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder";

$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink,postbit_purgespammer";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_gotopost,postbit_userstar,postbit_reputation_formatted_link,postbit_icon";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find,private_emptyexportlink";


$templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink";
$templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_reputation_formatted_link";
$templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders,usercp_nav_home";
$templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find";
$templatelist .= ",usercp_nav_editsignature,posticons_icon,postbit_icon,postbit_iplogged_hiden,usercp_nav_profile,usercp_nav_misc,postbit_userstar,private_read_to,postbit_online,private_empty,private_orderarrow,postbit_reply_pm";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";


require_once "./global.php";
require_once MYBB_ROOT."inc/functions_post.php";

Zeile 49Zeile 50
		 "pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

		 "pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

}

// On a random occassion, recount the user's pms just to make sure everything is in sync.
$rand = my_rand(0, 9);
if($rand == 5)
{
update_pm_count();

 
}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

Zeile 85Zeile 79
	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

 

$from_fid = $mybb->input['fid'];


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");

usercp_menu();


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");
eval("\$foldersearch = \"".$templates->get("private_advanced_search_folders")."\";");

usercp_menu();





$plugins->run_hooks("private_start");

// Make navigation

$plugins->run_hooks("private_start");

// Make navigation

Zeile 99Zeile 95

$mybb->input['action'] = $mybb->get_input('action');
switch($mybb->input['action'])


$mybb->input['action'] = $mybb->get_input('action');
switch($mybb->input['action'])

{

{

	case "send":
add_breadcrumb($lang->nav_send);
break;

	case "send":
add_breadcrumb($lang->nav_send);
break;

Zeile 108Zeile 104
		break;
case "folders":
add_breadcrumb($lang->nav_folders);

		break;
case "folders":
add_breadcrumb($lang->nav_folders);

		break;

		break;

	case "empty":
add_breadcrumb($lang->nav_empty);
break;

	case "empty":
add_breadcrumb($lang->nav_empty);
break;

Zeile 117Zeile 113
		break;
case "advanced_search":
add_breadcrumb($lang->nav_search);

		break;
case "advanced_search":
add_breadcrumb($lang->nav_search);

		break;

		break;

	case "results":
add_breadcrumb($lang->nav_results);
break;

	case "results":
add_breadcrumb($lang->nav_results);
break;

}

}


if(!empty($mybb->input['preview']))
{
$mybb->input['action'] = "send";


if(!empty($mybb->input['preview']))
{
$mybb->input['action'] = "send";

}

}


if(($mybb->input['action'] == "do_search" || $mybb->input['action'] == "do_stuff" && ($mybb->get_input('quick_search') || !$mybb->get_input('hop') && !$mybb->get_input('moveto') && !$mybb->get_input('delete'))) && $mybb->request_method == "post")
{


if(($mybb->input['action'] == "do_search" || $mybb->input['action'] == "do_stuff" && ($mybb->get_input('quick_search') || !$mybb->get_input('hop') && !$mybb->get_input('moveto') && !$mybb->get_input('delete'))) && $mybb->request_method == "post")
{

Zeile 194Zeile 190
		require_once MYBB_ROOT."inc/functions_search.php";

$search_results = privatemessage_perform_search_mysql($search_data);

		require_once MYBB_ROOT."inc/functions_search.php";

$search_results = privatemessage_perform_search_mysql($search_data);

	}
else

	}
else

	{
error($lang->error_no_search_support);
}

	{
error($lang->error_no_search_support);
}

Zeile 217Zeile 213

// Sender sort won't work yet
$sortby = array('subject', 'sender', 'dateline');


// Sender sort won't work yet
$sortby = array('subject', 'sender', 'dateline');





	if(in_array($mybb->get_input('sort'), $sortby))
{
$sortby = $mybb->get_input('sort');

	if(in_array($mybb->get_input('sort'), $sortby))
{
$sortby = $mybb->get_input('sort');

Zeile 230Zeile 226
	if(my_strtolower($mybb->get_input('sortordr')) == "asc")
{
$sortorder = "asc";

	if(my_strtolower($mybb->get_input('sortordr')) == "asc")
{
$sortorder = "asc";

	}

	}

	else
{
$sortorder = "desc";

	else
{
$sortorder = "desc";

	}

	}


$plugins->run_hooks("private_do_search_end");
redirect("private.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults);


$plugins->run_hooks("private_do_search_end");
redirect("private.php?action=results&sid=".$sid."&sortby=".$sortby."&order=".$sortorder, $lang->redirect_searchresults);

Zeile 264Zeile 260
		$query_sortby = $sortby;

if($query_sortby == "username")

		$query_sortby = $sortby;

if($query_sortby == "username")

		{

		{

			$query_sortby = "fromusername";

			$query_sortby = "fromusername";

		}
}

		}
}

	else
{
$sortby = $query_sortby = "dateline";

	else
{
$sortby = $query_sortby = "dateline";

Zeile 276Zeile 272
	if($order != "asc")
{
$order = "desc";

	if($order != "asc")
{
$order = "desc";

	}

	}


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)

	{

	{

		$mybb->settings['threadsperpage'] = 20;
}

		$mybb->settings['threadsperpage'] = 20;
}

 

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_field($query, "total");


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];

Zeile 289Zeile 288
	if($page > 0)
{
$start = ($page-1) * $perpage;

	if($page > 0)
{
$start = ($page-1) * $perpage;

 
		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}

	}
else
{

	}
else
{

Zeile 307Zeile 312
	}

// Do Multi Pages

	}

// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_array($query);


 
	if($upper > $pmscount)
{
$upper = $pmscount;
}

	if($upper > $pmscount)
{
$upper = $pmscount;
}

	$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$multipage = multipage($pmscount, $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$messagelist = '';

	$messagelist = '';





	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

	$icon_cache = $cache->read("posticons");

// Cache users in multiple recipients for sent & drafts folder

Zeile 334Zeile 336
		if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

		if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

		}
}

$get_users = implode(',', array_unique($get_users));


		}
}

$get_users = implode(',', array_unique($get_users));


	// Grab info
if($get_users)
{

	// Grab info
if($get_users)
{

Zeile 346Zeile 348
		while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;

		while($user = $db->fetch_array($users_query))
{
$cached_users[$user['uid']] = $user;

		}

		}

	}

$query = $db->query("

	}

$query = $db->query("

Zeile 360Zeile 362
	");
while($message = $db->fetch_array($query))
{

	");
while($message = $db->fetch_array($query))
{

		$msgalt = $msgsuffix = $msgprefix = '';

		$msgalt = $msgstatus = '';


// Determine Folder Icon
if($message['status'] == 0)


// Determine Folder Icon
if($message['status'] == 0)

		{
$msgfolder = 'new_pm.png';

		{
$msgstatus = 'new_pm';

			$msgalt = $lang->new_pm;

			$msgalt = $lang->new_pm;

			$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
		}

		}

		elseif($message['status'] == 1)
{
$msgfolder = 'old_pm.png';
$msgalt = $lang->old_pm;
}
elseif($message['status'] == 3)

		else if($message['status'] == 1)






		{

		{

			$msgfolder = 're_pm.png';






			$msgstatus = 'old_pm';
$msgalt = $lang->old_pm;
}
else if($message['status'] == 3)
{
$msgstatus = 're_pm';

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgalt = $lang->reply_pm;
}
else if($message['status'] == 4)
{

			$msgfolder = 'fw_pm.png';

			$msgstatus = 'fw_pm';

			$msgalt = $lang->fwd_pm;
}


			$msgalt = $lang->fwd_pm;
}


Zeile 400Zeile 400
				{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

				{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
					$user['username'] = htmlspecialchars_uni($user['username']);

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

					$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$to_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

Zeile 410Zeile 411
					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

					{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
eval("\$bcc_users .= \"".$templates->get("private_multiple_recipients_user")."\";");
}

Zeile 419Zeile 421
			}
else if($message['toid'])
{

			}
else if($message['toid'])
{

				$tofromusername = $message['tousername'];

				$tofromusername = htmlspecialchars_uni($message['tousername']);

				$tofromuid = $message['toid'];
}
else

				$tofromuid = $message['toid'];
}
else

Zeile 429Zeile 431
		}
else
{

		}
else
{

			$tofromusername = $message['fromusername'];

			$tofromusername = htmlspecialchars_uni($message['fromusername']);

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

			$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

Zeile 448Zeile 450
			$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
eval("\$icon = \"".$templates->get("private_messagebit_icon")."\";");

			$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
eval("\$icon = \"".$templates->get("private_messagebit_icon")."\";");

		}
else
{

		}
else
{

			$icon = '&#009;';
}


			$icon = '&#009;';
}


Zeile 520Zeile 522

// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")


// Dismissing a new/unread PM notice
if($mybb->input['action'] == "dismiss_notice")

{

{

	if($mybb->user['pmnotice'] != 2)
{
exit;

	if($mybb->user['pmnotice'] != 2)
{
exit;

Zeile 561Zeile 563
	$plugins->run_hooks("private_send_do_send");

// Attempt to see if this PM is a duplicate or not

	$plugins->run_hooks("private_send_do_send");

// Attempt to see if this PM is a duplicate or not

 
	$to = array_map("trim", explode(",", $mybb->get_input('to')));
$to = array_unique($to); // Filter out any duplicates
$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));

	$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("
SELECT pm.pmid
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON(u.uid=pm.toid)

	$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("
SELECT pm.pmid
FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON(u.uid=pm.toid)

		WHERE LOWER(u.username)='".$db->escape_string(my_strtolower($mybb->get_input('to')))."' AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'


		WHERE LOWER(u.username) IN ('{$to_escaped}') AND pm.dateline > {$time_cutoff} AND pm.fromid='{$mybb->user['uid']}' AND pm.subject='".$db->escape_string($mybb->get_input('subject'))."' AND pm.message='".$db->escape_string($mybb->get_input('message'))."' AND pm.folder!='3'
LIMIT 0, 1

	");
$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

	");
$duplicate_check = $db->fetch_field($query, "pmid");
if($duplicate_check)

Zeile 588Zeile 594
	);

// Split up any recipients we have

	);

// Split up any recipients we have

	$pm['to'] = explode(",", $mybb->get_input('to'));
$pm['to'] = array_map("trim", $pm['to']);

	$pm['to'] = $to;


	if(!empty($mybb->input['bcc']))
{
$pm['bcc'] = explode(",", $mybb->get_input('bcc'));

	if(!empty($mybb->input['bcc']))
{
$pm['bcc'] = explode(",", $mybb->get_input('bcc'));

Zeile 627Zeile 632
	if(isset($mybb->input['options']['readreceipt']))
{
$pm['options']['readreceipt'] = $mybb->input['options']['readreceipt'];

	if(isset($mybb->input['options']['readreceipt']))
{
$pm['options']['readreceipt'] = $mybb->input['options']['readreceipt'];

	}

	}


if(!empty($mybb->input['saveasdraft']))
{
$pm['saveasdraft'] = 1;


if(!empty($mybb->input['saveasdraft']))
{
$pm['saveasdraft'] = 1;

	}

	}

	$pmhandler->set_data($pm);

// Now let the pm handler do all the hard work.

	$pmhandler->set_data($pm);

// Now let the pm handler do all the hard work.

Zeile 648Zeile 653
		$plugins->run_hooks("private_do_send_end");

if(isset($pminfo['draftsaved']))

		$plugins->run_hooks("private_do_send_end");

if(isset($pminfo['draftsaved']))

		{

		{

			redirect("private.php", $lang->redirect_pmsaved);
}
else

			redirect("private.php", $lang->redirect_pmsaved);
}
else

Zeile 661Zeile 666
if($mybb->input['action'] == "send")
{
if($mybb->usergroup['cansendpms'] == 0)

if($mybb->input['action'] == "send")
{
if($mybb->usergroup['cansendpms'] == 0)

	{

	{

		error_no_permission();
}


		error_no_permission();
}


Zeile 706Zeile 711
		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

$preview = '';

	}

$preview = '';

Zeile 732Zeile 737
		if(!isset($options['disablesmilies']))
{
$options['disablesmilies'] = 0;

		if(!isset($options['disablesmilies']))
{
$options['disablesmilies'] = 0;

		}

		}

		$post['smilieoff'] = $options['disablesmilies'];
$post['dateline'] = TIME_NOW;


		$post['smilieoff'] = $options['disablesmilies'];
$post['dateline'] = TIME_NOW;


Zeile 802Zeile 807
				$optionschecked['signature'] = 'checked="checked"';
}
if($pm['smilieoff'] == 1)

				$optionschecked['signature'] = 'checked="checked"';
}
if($pm['smilieoff'] == 1)

			{

			{

				$optionschecked['disablesmilies'] = 'checked="checked"';
}
if($pm['receipt'])

				$optionschecked['disablesmilies'] = 'checked="checked"';
}
if($pm['receipt'])

			{

			{

				$optionschecked['readreceipt'] = 'checked="checked"';
}


				$optionschecked['readreceipt'] = 'checked="checked"';
}


Zeile 814Zeile 819
			$recipients = my_unserialize($pm['recipients']);
$comma = $recipientids = '';
if(isset($recipients['to']) && is_array($recipients['to']))

			$recipients = my_unserialize($pm['recipients']);
$comma = $recipientids = '';
if(isset($recipients['to']) && is_array($recipients['to']))

			{

			{

				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

				foreach($recipients['to'] as $recipient)
{
$recipient_list['to'][] = $recipient;

					$recipientids .= $comma.$recipient;

					$recipientids .= $comma.$recipient;

					$comma = ',';
}
}

					$comma = ',';
}
}

Zeile 836Zeile 841
			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");

			if(!empty($recipientids))
{
$query = $db->simple_select("users", "uid, username", "uid IN ({$recipientids})");

				while($user = $db->fetch_array($query))

				while($user = $db->fetch_array($query))

				{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{

				{
if(isset($recipients['bcc']) && is_array($recipients['bcc']) && in_array($user['uid'], $recipient_list['bcc']))
{

Zeile 906Zeile 911
				{
$to .= $comma.htmlspecialchars_uni($user['username']);
$comma = $lang->comma;

				{
$to .= $comma.htmlspecialchars_uni($user['username']);
$comma = $lang->comma;

				}
}
}

				}
}
}

	}

// New PM with recipient preset

	}

// New PM with recipient preset

Zeile 922Zeile 927
	if($mybb->usergroup['maxpmrecipients'] > 0)
{
$max_recipients = $lang->sprintf($lang->max_recipients, $mybb->usergroup['maxpmrecipients']);

	if($mybb->usergroup['maxpmrecipients'] > 0)
{
$max_recipients = $lang->sprintf($lang->max_recipients, $mybb->usergroup['maxpmrecipients']);

	}

	}


if($send_errors)
{


if($send_errors)
{

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

// Load the auto complete javascript if it is enabled.

	}

// Load the auto complete javascript if it is enabled.

Zeile 938Zeile 943
	if($do != "forward" && $do != "reply" && $do != "replyall")
{
$do = '';

	if($do != "forward" && $do != "reply" && $do != "replyall")
{
$do = '';

	}

	}


$buddy_select_to = $buddy_select_bcc = '';
// See if it's actually worth showing the buddylist icon.


$buddy_select_to = $buddy_select_bcc = '';
// See if it's actually worth showing the buddylist icon.

Zeile 1109Zeile 1114
	}

// Fetch recipient names from the database

	}

// Fetch recipient names from the database

	$bcc_recipients = $to_recipients = array();

	$bcc_recipients = $to_recipients = $bcc_form_val = array();

	$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

	$query = $db->simple_select('users', 'uid, username', "uid IN ({$uid_sql})");
while($recipient = $db->fetch_array($query))
{
// User is a BCC recipient

 
		$recipient['username'] = htmlspecialchars_uni($recipient['username']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

		if($show_bcc && in_array($recipient['uid'], $pm['recipients']['bcc']))
{
$bcc_recipients[] = build_profile_link($recipient['username'], $recipient['uid']);

 
			$bcc_form_val[] = $recipient['username'];

		}
// User is a normal recipient
else if(in_array($recipient['uid'], $pm['recipients']['to']))

		}
// User is a normal recipient
else if(in_array($recipient['uid'], $pm['recipients']['to']))

Zeile 1129Zeile 1136
	if(count($bcc_recipients) > 0)
{
$bcc_recipients = implode(', ', $bcc_recipients);

	if(count($bcc_recipients) > 0)
{
$bcc_recipients = implode(', ', $bcc_recipients);

 
		$bcc_form_val = implode(',', $bcc_form_val);

		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

		eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

 
	}
else
{
$bcc_form_val = '';

	}

$replyall = false;

	}

$replyall = false;

Zeile 1140Zeile 1152

if(count($to_recipients) > 0)
{


if(count($to_recipients) > 0)
{

		$to_recipients = implode(", ", $to_recipients);

		$to_recipients = implode($lang->comma, $to_recipients);

	}
else
{

	}
else
{

Zeile 1201Zeile 1213

eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}


eval("\$private_send_tracking = \"".$templates->get("private_send_tracking")."\";");
}




		
$expaltext = (in_array("quickreply", $collapse)) ? "[+]" : "[-]";

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");

		eval("\$quickreply = \"".$templates->get("private_quickreply")."\";");

	}

$plugins->run_hooks("private_read_end");

	}

$plugins->run_hooks("private_read_end");


eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);


eval("\$read = \"".$templates->get("private_read")."\";");
output_page($read);

Zeile 1216Zeile 1229
	if(!$mybb->usergroup['cantrackpms'])
{
error_no_permission();

	if(!$mybb->usergroup['cantrackpms'])
{
error_no_permission();

	}


	}


	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';

	$plugins->run_hooks("private_tracking_start");
$readmessages = '';
$unreadmessages = '';





	if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

	if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

Zeile 1229Zeile 1242

// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];


// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];





	$query = $db->simple_select("privatemessages", "COUNT(pmid) as readpms", "receipt='2' AND folder!='3' AND status!='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "readpms");

$page = $mybb->get_input('read_page', MyBB::INPUT_INT);

	$query = $db->simple_select("privatemessages", "COUNT(pmid) as readpms", "receipt='2' AND folder!='3' AND status!='0' AND fromid='".$mybb->user['uid']."'");
$postcount = $db->fetch_field($query, "readpms");

$page = $mybb->get_input('read_page', MyBB::INPUT_INT);

	$pages = $postcount / $perpage;
$pages = ceil($pages);

	$pages = $postcount / $perpage;
$pages = ceil($pages);


if($mybb->get_input('read_page') == "last")
{
$page = $pages;


if($mybb->get_input('read_page') == "last")
{
$page = $pages;

	}

	}


if($page > $pages || $page <= 0)


if($page > $pages || $page <= 0)

	{
$page = 1;

	{
$page = 1;

	}

if($page)

	}

if($page)

	{

	{

		$start = ($page-1) * $perpage;
}
else

		$start = ($page-1) * $perpage;
}
else

Zeile 1256Zeile 1269
		$start = 0;
$page = 1;
}

		$start = 0;
$page = 1;
}





	$read_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;read_page={page}");

$query = $db->query("

	$read_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;read_page={page}");

$query = $db->query("

Zeile 1268Zeile 1281
		LIMIT {$start}, {$perpage}
");
while($readmessage = $db->fetch_array($query))

		LIMIT {$start}, {$perpage}
");
while($readmessage = $db->fetch_array($query))

	{

	{

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

		$readmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($readmessage['subject']));

 
		$readmessage['tousername'] = htmlspecialchars_uni($readmessage['tousername']);

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

		$readmessage['profilelink'] = build_profile_link($readmessage['tousername'], $readmessage['toid']);
$readdate = my_date('relative', $readmessage['readtime']);
eval("\$readmessages .= \"".$templates->get("private_tracking_readmessage")."\";");

Zeile 1279Zeile 1293
	if(!empty($readmessages))
{
eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");

	if(!empty($readmessages))
{
eval("\$stoptrackingread = \"".$templates->get("private_tracking_readmessage_stop")."\";");

	}

	}


if(!$readmessages)
{


if(!$readmessages)
{

Zeile 1299Zeile 1313
	}

if($page > $pages || $page <= 0)

	}

if($page > $pages || $page <= 0)

	{
$page = 1;
}


	{
$page = 1;
}


	if($page)
{
$start = ($page-1) * $perpage;

	if($page)
{
$start = ($page-1) * $perpage;

Zeile 1311Zeile 1325
	{
$start = 0;
$page = 1;

	{
$start = 0;
$page = 1;

	}

	}


$unread_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;unread_page={page}");



$unread_multipage = multipage($postcount, $perpage, $page, "private.php?action=tracking&amp;unread_page={page}");


Zeile 1326Zeile 1340
	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

	while($unreadmessage = $db->fetch_array($query))
{
$unreadmessage['subject'] = htmlspecialchars_uni($parser->parse_badwords($unreadmessage['subject']));

 
		$unreadmessage['tousername'] = htmlspecialchars_uni($unreadmessage['tousername']);

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

		$unreadmessage['profilelink'] = build_profile_link($unreadmessage['tousername'], $unreadmessage['toid']);
$senddate = my_date('relative', $unreadmessage['dateline']);
eval("\$unreadmessages .= \"".$templates->get("private_tracking_unreadmessage")."\";");

Zeile 1335Zeile 1350
	if(!empty($unreadmessages))
{
eval("\$stoptrackingunread = \"".$templates->get("private_tracking_unreadmessage_stop")."\";");

	if(!empty($unreadmessages))
{
eval("\$stoptrackingunread = \"".$templates->get("private_tracking_unreadmessage_stop")."\";");

	}

	}


if(!$unreadmessages)


if(!$unreadmessages)

	{

	{

		$lang->no_readmessages = $lang->no_unreadmessages;
eval("\$unreadmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}

		$lang->no_readmessages = $lang->no_unreadmessages;
eval("\$unreadmessages = \"".$templates->get("private_tracking_nomessage")."\";");
}

Zeile 1348Zeile 1363
	eval("\$tracking = \"".$templates->get("private_tracking")."\";");
output_page($tracking);
}

	eval("\$tracking = \"".$templates->get("private_tracking")."\";");
output_page($tracking);
}





if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")
{
// Verify incoming POST request

if($mybb->input['action'] == "do_tracking" && $mybb->request_method == "post")
{
// Verify incoming POST request

Zeile 1362Zeile 1377
		if(!empty($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

		if(!empty($mybb->input['readcheck']))
{
foreach($mybb->input['readcheck'] as $key => $val)

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".(int)$key." AND fromid=".$mybb->user['uid']);
}
}

			{
$sql_array = array(
"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "pmid=".(int)$key." AND fromid=".$mybb->user['uid']);
}
}

		$plugins->run_hooks("private_do_tracking_end");
redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);
}

		$plugins->run_hooks("private_do_tracking_end");
redirect("private.php?action=tracking", $lang->redirect_pmstrackingstopped);
}

Zeile 1469Zeile 1484
	$plugins->run_hooks("private_folders_end");

eval("\$folders = \"".$templates->get("private_folders")."\";");

	$plugins->run_hooks("private_folders_end");

eval("\$folders = \"".$templates->get("private_folders")."\";");

	output_page($folders);

	output_page($folders);

}

if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post")

}

if($mybb->input['action'] == "do_folders" && $mybb->request_method == "post")

Zeile 1800Zeile 1815

$plugins->run_hooks("private_do_export_start");



$plugins->run_hooks("private_do_export_start");


	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, $mybb->user['username']);

	$lang->private_messages_for = $lang->sprintf($lang->private_messages_for, htmlspecialchars_uni($mybb->user['username']));

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);

	$exdate = my_date($mybb->settings['dateformat'], TIME_NOW, 0, 0);
$extime = my_date($mybb->settings['timeformat'], TIME_NOW, 0, 0);
$lang->exported_date = $lang->sprintf($lang->exported_date, $exdate, $extime);

Zeile 1948Zeile 1963
		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

		$message['subject'] = $parser->parse_badwords($message['subject']);
if($message['folder'] != "3")
{

			$senddate = my_date($mybb->settings['dateformat'], $message['dateline']);
$sendtime = my_date($mybb->settings['timeformat'], $message['dateline']);

			$senddate = my_date($mybb->settings['dateformat'], $message['dateline'], "", false);
$sendtime = my_date($mybb->settings['timeformat'], $message['dateline'], "", false);

			$senddate .= " $lang->at $sendtime";
}
else

			$senddate .= " $lang->at $sendtime";
}
else

Zeile 1981Zeile 1996

if($mybb->input['exporttype'] == "csv")
{


if($mybb->input['exporttype'] == "csv")
{

			$message['message'] = addslashes($message['message']);
$message['subject'] = addslashes($message['subject']);
$message['tousername'] = addslashes($message['tousername']);
$message['fromusername'] = addslashes($message['fromusername']);

			$message['message'] = my_escape_csv($message['message']);
$message['subject'] = my_escape_csv($message['subject']);
$message['tousername'] = my_escape_csv($message['tousername']);
$message['fromusername'] = my_escape_csv($message['fromusername']);

		}

if(empty($donefolder[$message['folder']]))

		}

if(empty($donefolder[$message['folder']]))

Zeile 2006Zeile 2021
					}
else
{

					}
else
{

						$foldername = addslashes($folderinfo[1]);

						$foldername = my_escape_csv($folderinfo[1]);

					}
$donefolder[$message['folder']] = 1;
}

					}
$donefolder[$message['folder']] = 1;
}

Zeile 2032Zeile 2047
		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

		$db->delete_query("privatemessages", "pmid IN ('0'$ids)");
// Update PM count
update_pm_count();

	}

if($mybb->input['exporttype'] == "html")
{

	}

if($mybb->input['exporttype'] == "html")
{

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

		$filename = "pm-archive.html";
$contenttype = "text/html";
}

Zeile 2060Zeile 2075
	}
else
{

	}
else
{

 
		echo "\xEF\xBB\xBF"; // UTF-8 BOM

		echo $archived;
}
}

		echo $archived;
}
}

Zeile 2126Zeile 2142

// Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");


// Do Multi Pages
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");

	$pmscount = $db->fetch_array($query);

	$pmscount = $db->fetch_field($query, "total");


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{

Zeile 2139Zeile 2155
	if($page > 0)
{
$start = ($page-1) *$perpage;

	if($page > 0)
{
$start = ($page-1) *$perpage;

	}
else
{







		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}
}
else
{

		$start = 0;
$page = 1;
}

		$start = 0;
$page = 1;
}

Zeile 2153Zeile 2175
	if($upper > $pmscount)
{
$upper = $pmscount;

	if($upper > $pmscount)
{
$upper = $pmscount;

	}


	}


	if($mybb->input['order'] || ($sortby && $sortby != "dateline"))
{

	if($mybb->input['order'] || ($sortby && $sortby != "dateline"))
{

		$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$mybb->input['order']}";
}
else
{

		$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$sortordernow}";
}
else
{

		$page_url = "private.php?fid={$folder}";
}


		$page_url = "private.php?fid={$folder}";
}


	$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);

	$multipage = multipage($pmscount, $perpage, $page, $page_url);

	$messagelist = '';

$icon_cache = $cache->read("posticons");

	$messagelist = '';

$icon_cache = $cache->read("posticons");

Zeile 2175Zeile 2197
		if($sortfield == "username")
{
$u = "u.";

		if($sortfield == "username")
{
$u = "u.";

		}
else
{

		}
else
{

			$u = "pm.";
}


			$u = "pm.";
}


Zeile 2188Zeile 2210
			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=pm.toid)
WHERE pm.folder='{$folder}' AND pm.uid='{$mybb->user['uid']}'

			ORDER BY {$u}{$sortfield} {$mybb->input['order']}

			ORDER BY {$u}{$sortfield} {$sortordernow}

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))

			LIMIT {$start}, {$perpage}
");
while($row = $db->fetch_array($users_query))

Zeile 2255Zeile 2277
	{
while($message = $db->fetch_array($query))
{

	{
while($message = $db->fetch_array($query))
{

			$msgalt = $msgsuffix = $msgprefix = '';


			$msgalt = $msgstatus = '';


			// Determine Folder Icon
if($message['status'] == 0)
{

			// Determine Folder Icon
if($message['status'] == 0)
{

				$msgfolder = 'new_pm.png';

				$msgstatus = 'new_pm';

				$msgalt = $lang->new_pm;

				$msgalt = $lang->new_pm;

				$msgprefix = "<strong>";
$msgsuffix = "</strong>";

 
			}

			}

			elseif($message['status'] == 1)

			else if($message['status'] == 1)

			{

			{

				$msgfolder = 'old_pm.png';

				$msgstatus = 'old_pm';

				$msgalt = $lang->old_pm;
}

				$msgalt = $lang->old_pm;
}

			elseif($message['status'] == 3)

			else if($message['status'] == 3)

			{

			{

				$msgfolder = 're_pm.png';

				$msgstatus = 're_pm';

				$msgalt = $lang->reply_pm;
}

				$msgalt = $lang->reply_pm;
}

			elseif($message['status'] == 4)

			else if($message['status'] == 4)

			{

			{

				$msgfolder = 'fw_pm.png';

				$msgstatus = 'fw_pm';

				$msgalt = $lang->fwd_pm;
}


				$msgalt = $lang->fwd_pm;
}


Zeile 2285Zeile 2306
			{ // Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

			{ // Sent Items or Drafts Folder Check
$recipients = my_unserialize($message['recipients']);
$to_users = $bcc_users = '';

				if(count($recipients['to']) > 1 || (count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))

				if(isset($recipients['to']) && count($recipients['to']) > 1 || (isset($recipients['to']) && count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0))

				{
foreach($recipients['to'] as $uid)
{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

				{
foreach($recipients['to'] as $uid)
{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
						$user['username'] = htmlspecialchars_uni($user['username']);

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

						$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2305Zeile 2327
						{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

						{
$profilelink = get_profile_link($uid);
$user = $cached_users[$uid];

 
							$user['username'] = htmlspecialchars_uni($user['username']);

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

							$username = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
if(!$user['username'])
{

Zeile 2318Zeile 2341
				}
else if($message['toid'])
{

				}
else if($message['toid'])
{

					$tofromusername = $message['tousername'];

					$tofromusername = htmlspecialchars_uni($message['tousername']);

					$tofromuid = $message['toid'];

					$tofromuid = $message['toid'];

				}

				}

				else
{
$tofromusername = $lang->not_sent;

				else
{
$tofromusername = $lang->not_sent;

Zeile 2328Zeile 2351
			}
else
{

			}
else
{

				$tofromusername = $message['fromusername'];

				$tofromusername = htmlspecialchars_uni($message['fromusername']);

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

				$tofromuid = $message['fromid'];
if($tofromuid == 0)
{

Zeile 2392Zeile 2415
	}

$pmspacebar = '';

	}

$pmspacebar = '';

	if($mybb->usergroup['pmquota'] != '0' && $mybb->usergroup['cancp'] != 1)

	if($mybb->usergroup['pmquota'] != 0)

	{
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'");
$pmscount = $db->fetch_array($query);

	{
$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."'");
$pmscount = $db->fetch_array($query);

Zeile 2456Zeile 2479
	}

$limitwarning = '';

	}

$limitwarning = '';

	if($mybb->usergroup['pmquota'] != "0" && $pmscount['total'] >= $mybb->usergroup['pmquota'] && $mybb->usergroup['cancp'] != 1)

	if($mybb->usergroup['pmquota'] != 0 && $pmscount['total'] >= $mybb->usergroup['pmquota'])

	{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}

	{
eval("\$limitwarning = \"".$templates->get("private_limitwarning")."\";");
}