Vergleich inc/datahandlers/pm.php - 1.8.2 - 1.8.26

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 50Zeile 50

/**
* PM ID currently being manipulated by the datahandlers.


/**
* PM ID currently being manipulated by the datahandlers.

	 */



	 *
* @var int
*/

	public $pmid = 0;

	public $pmid = 0;


/**


/**

	 * Values to be returned after inserting a PM.
*
* @var array
*/
public $return_values = array();

	 * Values to be returned after inserting a PM.
*
* @var array
*/
public $return_values = array();


/**


/**

	 * Verifies a private message subject.
*
* @return boolean True when valid, false when invalid.

	 * Verifies a private message subject.
*
* @return boolean True when valid, false when invalid.

Zeile 79Zeile 81
		if(!trim_blank_chrs($subject))
{
$this->set_error("missing_subject");

		if(!trim_blank_chrs($subject))
{
$this->set_error("missing_subject");

			return false;
}
return true;

			return false;
}
return true;

	}

/**

	}

/**

Zeile 99Zeile 101
			$this->set_error("missing_message");
return false;
}

			$this->set_error("missing_message");
return false;
}

 

// If the length of message is beyond SQL limitation for 'text' field
else if(strlen($message) > 65535)
{
$this->set_error("message_too_long", array('65535', strlen($message)));
return false;
}


		return true;
}

		return true;
}





	/**
* Verifies if the specified sender is valid or not.
*

	/**
* Verifies if the specified sender is valid or not.
*

Zeile 112Zeile 122
		global $db, $mybb, $lang;

$pm = &$this->data;

		global $db, $mybb, $lang;

$pm = &$this->data;





		// Return if we've already validated
if(!empty($pm['sender']))
{

		// Return if we've already validated
if(!empty($pm['sender']))
{

Zeile 128Zeile 138
		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

		// Check if the sender is over their quota or not - if they are, disable draft sending
if(isset($pm['options']['savecopy']) && $pm['options']['savecopy'] != 0 && empty($pm['saveasdraft']))
{

			if($sender_permissions['pmquota'] != "0" && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)

			if($sender_permissions['pmquota'] != 0 && $sender['totalpms'] >= $sender_permissions['pmquota'] && $this->admin_override != true)

			{
$pm['options']['savecopy'] = 0;

			{
$pm['options']['savecopy'] = 0;

			}
}


			}
}


		// Assign the sender information to the data.
$pm['sender'] = array(
"uid" => $sender['uid'],

		// Assign the sender information to the data.
$pm['sender'] = array(
"uid" => $sender['uid'],

Zeile 165Zeile 175
				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

				}

				}

				if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);

				if(!is_array($pm[$recipient_type]))
{
$pm[$recipient_type] = array($pm[$recipient_type]);

Zeile 216Zeile 226
		else
{
foreach(array("toid", "bccid") as $recipient_type)

		else
{
foreach(array("toid", "bccid") as $recipient_type)

			{

			{

				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

				if(!isset($pm[$recipient_type]))
{
$pm[$recipient_type] = array();

Zeile 235Zeile 245
					{
$this->set_error("no_recipients");
return false;

					{
$this->set_error("no_recipients");
return false;

					}

					}

					continue;
}


					continue;
}


Zeile 254Zeile 264

$recipients[] = $user;
$validUids[] = $user['uid'];


$recipients[] = $user;
$validUids[] = $user['uid'];

				}


				}


				foreach($pm[$recipient_type] as $uid)
{
if(!in_array($uid, $validUids))

				foreach($pm[$recipient_type] as $uid)
{
if(!in_array($uid, $validUids))

Zeile 264Zeile 274
					}
}
}

					}
}
}

		}


		}


		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{

		// If we have one or more invalid recipients and we're not saving a draft, error
if(count($invalid_recipients) > 0)
{

			$invalid_recipients = implode(", ", array_map("htmlspecialchars_uni", $invalid_recipients));

			$invalid_recipients = implode($lang->comma, array_map("htmlspecialchars_uni", $invalid_recipients));

			$this->set_error("invalid_recipients", array($invalid_recipients));
return false;
}

			$this->set_error("invalid_recipients", array($invalid_recipients));
return false;
}

Zeile 291Zeile 301
			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			// See if the sender is on the recipients ignore list and that either
// - admin_override is set or
// - sender is an administrator

			if(($this->admin_override != true && $sender_permissions['cancp'] != 1) && $sender_permissions['canoverridepm'] != 1)

			if($this->admin_override != true && $sender_permissions['canoverridepm'] != 1)

			{

			{

				$ignorelist = explode(",", $user['ignorelist']);
if(!empty($ignorelist) && in_array($pm['fromid'], $ignorelist))

				if(!empty($user['ignorelist']) && strpos(','.$user['ignorelist'].',', ','.$pm['fromid'].',') !== false)


				{

				{

					$this->set_error("recipient_is_ignoring", array($user['username']));

					$this->set_error("recipient_is_ignoring", array(htmlspecialchars_uni($user['username'])));

				}

// Is the recipient only allowing private messages from their buddy list?

				}

// Is the recipient only allowing private messages from their buddy list?

				if($mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1)
{
$buddylist = explode(",", $user['buddylist']);
if(!empty($buddylist) && !in_array($pm['fromid'], $buddylist))
{
$this->set_error("recipient_has_buddy_only", array(htmlspecialchars_uni($user['username'])));
}
}


				if(empty($pm['saveasdraft']) && $mybb->settings['allowbuddyonly'] == 1 && $user['receivefrombuddy'] == 1 && !empty($user['buddylist']) && strpos(','.$user['buddylist'].',', ','.$pm['fromid'].',') === false)
{
$this->set_error('recipient_has_buddy_only', array(htmlspecialchars_uni($user['username'])));
}






				// Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && empty($pm['saveasdraft']))
{

				// Can the recipient actually receive private messages based on their permissions or user setting?
if(($user['receivepms'] == 0 || $recipient_permissions['canusepms'] == 0) && empty($pm['saveasdraft']))
{

					$this->set_error("recipient_pms_disabled", array($user['username']));

					$this->set_error("recipient_pms_disabled", array(htmlspecialchars_uni($user['username'])));

					return false;
}
}

// Check to see if the user has reached their private message quota - if they have, email them.

					return false;
}
}

// Check to see if the user has reached their private message quota - if they have, email them.

			if($recipient_permissions['pmquota'] != "0" && $user['totalpms'] >= $recipient_permissions['pmquota'] && $recipient_permissions['cancp'] != 1 && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)

			if($recipient_permissions['pmquota'] != 0 && $user['totalpms'] >= $recipient_permissions['pmquota'] && $sender_permissions['cancp'] != 1 && empty($pm['saveasdraft']) && !$this->admin_override)

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))

			{
if(trim($user['language']) != '' && $lang->language_exists($user['language']))

				{

				{

					$uselang = trim($user['language']);

					$uselang = trim($user['language']);

				}

				}

				elseif($mybb->settings['bblanguage'])

				elseif($mybb->settings['bblanguage'])

				{

				{

					$uselang = $mybb->settings['bblanguage'];
}
else
{
$uselang = "english";

					$uselang = $mybb->settings['bblanguage'];
}
else
{
$uselang = "english";

				}

				}

				if($uselang == $mybb->settings['bblanguage'] || !$uselang)
{
$emailsubject = $lang->emailsubject_reachedpmquota;

				if($uselang == $mybb->settings['bblanguage'] || !$uselang)
{
$emailsubject = $lang->emailsubject_reachedpmquota;

Zeile 362Zeile 367

if($this->admin_override != true)
{


if($this->admin_override != true)
{

					$this->set_error("recipient_reached_quota", array($user['username']));

					$this->set_error("recipient_reached_quota", array(htmlspecialchars_uni($user['username'])));

				}
}


				}
}


Zeile 389Zeile 394
	/**
* Verify that the user is not flooding the system.
*

	/**
* Verify that the user is not flooding the system.
*

	* @return boolean True

	* @return boolean

	*/
function verify_pm_flooding()
{
global $mybb, $db;


	*/
function verify_pm_flooding()
{
global $mybb, $db;


		$pm = &$this->data;


		$pm = &$this->data;


		// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		// Check if post flooding is enabled within MyBB or if the admin override option is specified.

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false)

		if($mybb->settings['pmfloodsecs'] > 0 && $pm['fromid'] != 0 && $this->admin_override == false && !is_moderator(0, '', $pm['fromid']))

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

		{
// Fetch the senders profile data.
$sender = get_user($pm['fromid']);

Zeile 408Zeile 413
			$sender['lastpm'] = $db->fetch_field($query, "dateline");

// A little bit of calculation magic and moderator status checking.

			$sender['lastpm'] = $db->fetch_field($query, "dateline");

// A little bit of calculation magic and moderator status checking.

			if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'] && !is_moderator("", "", $pm['fromid']))

			if(TIME_NOW-$sender['lastpm'] <= $mybb->settings['pmfloodsecs'])

			{
// Oops, user has been flooding - throw back error message.
$time_to_wait = ($mybb->settings['pmfloodsecs'] - (TIME_NOW-$sender['lastpm'])) + 1;

			{
// Oops, user has been flooding - throw back error message.
$time_to_wait = ($mybb->settings['pmfloodsecs'] - (TIME_NOW-$sender['lastpm'])) + 1;

Zeile 429Zeile 434

/**
* Verifies if the various 'options' for sending PMs are valid.


/**
* Verifies if the various 'options' for sending PMs are valid.

	 *

	 *

	 * @return boolean True when valid, false when invalid.
*/
function verify_options()
{
$options = &$this->data['options'];

	 * @return boolean True when valid, false when invalid.
*/
function verify_options()
{
$options = &$this->data['options'];





		$this->verify_yesno_option($options, 'signature', 1);
$this->verify_yesno_option($options, 'savecopy', 1);

		$this->verify_yesno_option($options, 'signature', 1);
$this->verify_yesno_option($options, 'savecopy', 1);

		$this->verify_yesno_option($options, 'disablesmilies', 0);


		$this->verify_yesno_option($options, 'disablesmilies', 0);


		// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
{

		// Requesting a read receipt?
if(isset($options['readreceipt']) && $options['readreceipt'] == 1)
{

Zeile 461Zeile 466
	{
global $plugins;


	{
global $plugins;


		$pm = &$this->data;


		$pm = &$this->data;


		if(empty($pm['savedraft']))
{
$this->verify_pm_flooding();

		if(empty($pm['savedraft']))
{
$this->verify_pm_flooding();

Zeile 471Zeile 476
		// Verify all PM assets.
$this->verify_subject();


		// Verify all PM assets.
$this->verify_subject();


		$this->verify_sender();


		$this->verify_sender();


		$this->verify_recipient();

		$this->verify_recipient();





		$this->verify_message();

$this->verify_options();

$plugins->run_hooks("datahandler_pm_validate", $this);

		$this->verify_message();

$this->verify_options();

$plugins->run_hooks("datahandler_pm_validate", $this);





		// Choose the appropriate folder to save in.
if(!empty($pm['saveasdraft']))
{

		// Choose the appropriate folder to save in.
if(!empty($pm['saveasdraft']))
{

Zeile 571Zeile 576
			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => (int)$pm['options']['readreceipt'],
'readtime' => 0,

			'smilieoff' => $pm['options']['disablesmilies'],
'receipt' => (int)$pm['options']['readreceipt'],
'readtime' => 0,

			'recipients' => $db->escape_string(serialize($recipient_list)),

			'recipients' => $db->escape_string(my_serialize($recipient_list)),

			'ipaddress' => $db->escape_binary($pm['ipaddress'])
);


			'ipaddress' => $db->escape_binary($pm['ipaddress'])
);


Zeile 605Zeile 610
			}

$plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);

			}

$plugins->run_hooks("datahandler_pm_insert_updatedraft", $this);

			$db->insert_query("privatemessages", $this->pm_insert_data);





$this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data);

$plugins->run_hooks("datahandler_pm_insert_updatedraft_commit", $this);


// If this is a draft, end it here - below deals with complete messages
return array(


// If this is a draft, end it here - below deals with complete messages
return array(

Zeile 657Zeile 665

require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;


require_once MYBB_ROOT.'inc/class_parser.php';
$parser = new Postparser;

				$pm['message'] = $parser->text_parse_message($pm['message'], array('me_username' => $pm['sender']['username'], 'filter_badwords' => 1, 'safe_html' => 1));







			
$parser_options = array(
'me_username' => $pm['sender']['username'],
'filter_badwords' => 1
);

$pm['message'] = $parser->text_parse_message($pm['message'], $parser_options);


$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);


$emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl'], $pm['message']);
$emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname'], $pm['subject']);

Zeile 676Zeile 690

$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];


$this->pm_insert_data['uid'] = $recipient['uid'];
$this->pm_insert_data['toid'] = $recipient['uid'];





			$plugins->run_hooks("datahandler_pm_insert", $this);

			$plugins->run_hooks("datahandler_pm_insert", $this);

 


			$this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data);

			$this->pmid[] = $db->insert_query("privatemessages", $this->pm_insert_data);

 

$plugins->run_hooks("datahandler_pm_insert_commit", $this);


// If PM noices/alerts are on, show!
if($recipient['pmnotice'] == 1)
{
$updated_user = array(
"pmnotice" => 2


// If PM noices/alerts are on, show!
if($recipient['pmnotice'] == 1)
{
$updated_user = array(
"pmnotice" => 2

				);

				);

				$db->update_query("users", $updated_user, "uid='{$recipient['uid']}'");
}


				$db->update_query("users", $updated_user, "uid='{$recipient['uid']}'");
}


Zeile 701Zeile 718
			{
$sql_array = array(
'status' => 3,

			{
$sql_array = array(
'status' => 3,

					'statustime' => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
}

					'statustime' => TIME_NOW
);
$db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}");
}

			elseif($pm['do'] == "forward")
{
$sql_array = array(

			elseif($pm['do'] == "forward")
{
$sql_array = array(

Zeile 718Zeile 735
		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

		// If we're saving a copy
if($pm['options']['savecopy'] != 0)
{

			if(isset($recipient_list['to']) && count($recipient_list['to']) == 1)

			if(isset($recipient_list['to']) && is_array($recipient_list['to']) && count($recipient_list['to']) == 1)

			{
$this->pm_insert_data['toid'] = $uid;
}

			{
$this->pm_insert_data['toid'] = $uid;
}

Zeile 732Zeile 749
			$this->pm_insert_data['receipt'] = 0;

$plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);

			$this->pm_insert_data['receipt'] = 0;

$plugins->run_hooks("datahandler_pm_insert_savedcopy", $this);

 


			$db->insert_query("privatemessages", $this->pm_insert_data);

			$db->insert_query("privatemessages", $this->pm_insert_data);

 

$plugins->run_hooks("datahandler_pm_insert_savedcopy_commit", $this);


// Because the sender saved a copy, update their total pm count
require_once MYBB_ROOT."/inc/functions_user.php";


// Because the sender saved a copy, update their total pm count
require_once MYBB_ROOT."/inc/functions_user.php";