Vergleich private.php - 1.8.16 - 1.8.26

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 40Zeile 40
if($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0)
{
error_no_permission();

if($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0)
{
error_no_permission();

}

if(!$mybb->user['pmfolders'])
{
$mybb->user['pmfolders'] = "1**$%%$2**$%%$3**$%%$4**";

$sql_array = array(
"pmfolders" => $mybb->user['pmfolders']
);
$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);

 
}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

}

$mybb->input['fid'] = $mybb->get_input('fid', MyBB::INPUT_INT);

Zeile 76Zeile 66
	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	$folder_name = $folderinfo[1];

eval("\$folderjump_folder .= \"".$templates->get("private_jump_folders_folder")."\";");

	eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}

$from_fid = $mybb->input['fid'];











// Manipulate search folder selection & move selector to omit "Unread"
if($folder_id != 1)
{
if($folder_id == 0)
{
$folder_id = 1;
}
eval("\$folderoplist_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
eval("\$foldersearch_folder .= \"".$templates->get("private_jump_folders_folder")."\";");
}
}

$from_fid = $mybb->input['fid'];


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");


eval("\$folderjump = \"".$templates->get("private_jump_folders")."\";");
eval("\$folderoplist = \"".$templates->get("private_move")."\";");

Zeile 208Zeile 207
		"keywords" => $db->escape_string($mybb->get_input('keywords')),
);
$plugins->run_hooks("private_do_search_process");

		"keywords" => $db->escape_string($mybb->get_input('keywords')),
);
$plugins->run_hooks("private_do_search_process");





	$db->insert_query("searchlog", $searcharray);

// Sender sort won't work yet

	$db->insert_query("searchlog", $searcharray);

// Sender sort won't work yet

Zeile 267Zeile 266
	else
{
$sortby = $query_sortby = "dateline";

	else
{
$sortby = $query_sortby = "dateline";

	}

if($order != "asc")
{
$order = "desc";
}

	}

if($order != "asc")
{
$order = "desc";
}


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{
$mybb->settings['threadsperpage'] = 20;
}


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{
$mybb->settings['threadsperpage'] = 20;
}

 

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_field($query, "total");


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];


// Work out pagination, which page we're at, as well as the limits.
$perpage = $mybb->settings['threadsperpage'];

Zeile 285Zeile 287
	if($page > 0)
{
$start = ($page-1) * $perpage;

	if($page > 0)
{
$start = ($page-1) * $perpage;

 
		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}

	}
else
{

	}
else
{

Zeile 303Zeile 311
	}

// Do Multi Pages

	}

// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "pmid IN(".$db->escape_string($search['querycache']).")");
$pmscount = $db->fetch_array($query);


 
	if($upper > $pmscount)
{
$upper = $pmscount;
}

	if($upper > $pmscount)
{
$upper = $pmscount;
}

	$multipage = multipage($pmscount['total'], $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$multipage = multipage($pmscount, $perpage, $page, "private.php?action=results&amp;sid=".htmlspecialchars_uni($mybb->get_input('sid'))."&amp;sortby={$sortby}&amp;order={$order}");

	$messagelist = '';

$icon_cache = $cache->read("posticons");

	$messagelist = '';

$icon_cache = $cache->read("posticons");

Zeile 475Zeile 480
			$senddate = $lang->not_sent;
}


			$senddate = $lang->not_sent;
}


		$foldername = $foldernames[$message['folder']];






		$fid = "0";
if((int)$message['folder'] > 1)
{
$fid = $message['folder'];
}
$foldername = $foldernames[$fid];


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(


// What we do here is parse the post using our post parser, then strip the tags from it
$parser_options = array(

Zeile 490Zeile 500
		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}

		{
$message['message'] = my_substr($message['message'], 0, 200)."...";
}





		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");

		eval("\$messagelist .= \"".$templates->get("private_search_messagebit")."\";");

	}


	}


	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}

	if($db->num_rows($query) == 0)
{
eval("\$messagelist = \"".$templates->get("private_search_results_nomessages")."\";");
}





	$plugins->run_hooks("private_results_end");

eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);

	$plugins->run_hooks("private_results_end");

eval("\$results = \"".$templates->get("private_search_results")."\";");
output_page($results);

}


}


if($mybb->input['action'] == "advanced_search")

if($mybb->input['action'] == "advanced_search")

{

{

	$plugins->run_hooks("private_advanced_search");


	$plugins->run_hooks("private_advanced_search");


	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");


	eval("\$advanced_search = \"".$templates->get("private_advanced_search")."\";");


	output_page($advanced_search);
}


	output_page($advanced_search);
}


Zeile 518Zeile 528
if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

if($mybb->input['action'] == "dismiss_notice")
{
if($mybb->user['pmnotice'] != 2)

	{

	{

		exit;
}


		exit;
}


Zeile 547Zeile 557
if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{
if($mybb->usergroup['cansendpms'] == 0)

if($mybb->input['action'] == "do_send" && $mybb->request_method == "post")
{
if($mybb->usergroup['cansendpms'] == 0)

	{

	{

		error_no_permission();
}


		error_no_permission();
}


Zeile 558Zeile 568

// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));


// Attempt to see if this PM is a duplicate or not
$to = array_map("trim", explode(",", $mybb->get_input('to')));

 
	$to = array_unique($to); // Filter out any duplicates

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("

	$to_escaped = implode("','", array_map(array($db, 'escape_string'), array_map('my_strtolower', $to)));
$time_cutoff = TIME_NOW - (5 * 60 * 60);
$query = $db->query("

Zeile 575Zeile 586

require_once MYBB_ROOT."inc/datahandlers/pm.php";
$pmhandler = new PMDataHandler();


require_once MYBB_ROOT."inc/datahandlers/pm.php";
$pmhandler = new PMDataHandler();





	$pm = array(
"subject" => $mybb->get_input('subject'),
"message" => $mybb->get_input('message'),

	$pm = array(
"subject" => $mybb->get_input('subject'),
"message" => $mybb->get_input('message'),

Zeile 589Zeile 600
	// Split up any recipients we have
$pm['to'] = $to;
if(!empty($mybb->input['bcc']))

	// Split up any recipients we have
$pm['to'] = $to;
if(!empty($mybb->input['bcc']))

	{

	{

		$pm['bcc'] = explode(",", $mybb->get_input('bcc'));
$pm['bcc'] = array_map("trim", $pm['bcc']);
}

		$pm['bcc'] = explode(",", $mybb->get_input('bcc'));
$pm['bcc'] = array_map("trim", $pm['bcc']);
}

Zeile 655Zeile 666
		}
}
}

		}
}
}





if($mybb->input['action'] == "send")
{
if($mybb->usergroup['cansendpms'] == 0)

if($mybb->input['action'] == "send")
{
if($mybb->usergroup['cansendpms'] == 0)

	{

	{

		error_no_permission();

		error_no_permission();

	}

$plugins->run_hooks("private_send_start");

	}

$plugins->run_hooks("private_send_start");


$smilieinserter = $codebuttons = '';



$smilieinserter = $codebuttons = '';


Zeile 671Zeile 682
	{
$codebuttons = build_mycode_inserter("message", $mybb->settings['pmsallowsmilies']);
if($mybb->settings['pmsallowsmilies'] != 0)

	{
$codebuttons = build_mycode_inserter("message", $mybb->settings['pmsallowsmilies']);
if($mybb->settings['pmsallowsmilies'] != 0)

		{

		{

			$smilieinserter = build_clickable_smilies();
}
}

			$smilieinserter = build_clickable_smilies();
}
}

Zeile 689Zeile 700
	{
$options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
if(isset($options['signature']) && $options['signature'] == 1)

	{
$options = $mybb->get_input('options', MyBB::INPUT_ARRAY);
if(isset($options['signature']) && $options['signature'] == 1)

		{

		{

			$optionschecked['signature'] = 'checked="checked"';
}
if(isset($options['disablesmilies']) && $options['disablesmilies'] == 1)

			$optionschecked['signature'] = 'checked="checked"';
}
if(isset($options['disablesmilies']) && $options['disablesmilies'] == 1)

Zeile 704Zeile 715
		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		{
$optionschecked['readreceipt'] = 'checked="checked"';
}

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

$preview = '';

	}

$preview = '';

Zeile 757Zeile 768
		foreach($data_key as $field => $key)
{
$post[$key] = $groupscache[$post['usergroup']][$field];

		foreach($data_key as $field => $key)
{
$post[$key] = $groupscache[$post['usergroup']][$field];

		}


		}


		$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");
}
else if(!$send_errors)

		$postbit = build_postbit($post, 2);
eval("\$preview = \"".$templates->get("previewpost")."\";");
}
else if(!$send_errors)

	{

	{

		// New PM, so load default settings
if($mybb->user['signature'] != '')
{

		// New PM, so load default settings
if($mybb->user['signature'] != '')
{

Zeile 775Zeile 786
		}
$optionschecked['savecopy'] = 'checked="checked"';
}

		}
$optionschecked['savecopy'] = 'checked="checked"';
}





	// Draft, reply, forward
if($mybb->get_input('pmid') && empty($mybb->input['preview']) && !$send_errors)
{

	// Draft, reply, forward
if($mybb->get_input('pmid') && empty($mybb->input['preview']) && !$send_errors)
{

Zeile 791Zeile 802
		$subject = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

if($pm['folder'] == "3")

		$subject = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));

if($pm['folder'] == "3")

		{

		{

			// message saved in drafts
$mybb->input['uid'] = $pm['toid'];


			// message saved in drafts
$mybb->input['uid'] = $pm['toid'];


Zeile 859Zeile 870
			if($mybb->settings['maxpmquotedepth'] != '0')
{
$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);

			if($mybb->settings['maxpmquotedepth'] != '0')
{
$message = remove_message_quotes($message, $mybb->settings['maxpmquotedepth']);

			}


			}


			if($mybb->input['do'] == 'forward')
{
$subject = "Fw: $subject";

			if($mybb->input['do'] == 'forward')
{
$subject = "Fw: $subject";

Zeile 924Zeile 935

if($send_errors)
{


if($send_errors)
{

		$to = htmlspecialchars_uni($mybb->get_input('to'));
$bcc = htmlspecialchars_uni($mybb->get_input('bcc'));

		$to = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('to'))))));
$bcc = htmlspecialchars_uni(implode(', ', array_unique(array_map('trim', explode(',', $mybb->get_input('bcc'))))));

	}

// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");

	}

// Load the auto complete javascript if it is enabled.
eval("\$autocompletejs = \"".$templates->get("private_send_autocomplete")."\";");





	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
$do = $mybb->get_input('do');
if($do != "forward" && $do != "reply" && $do != "replyall")

	$pmid = $mybb->get_input('pmid', MyBB::INPUT_INT);
$do = $mybb->get_input('do');
if($do != "forward" && $do != "reply" && $do != "replyall")

Zeile 1095Zeile 1106
	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	{
$uid_sql = $pm['toid'];
$pm['recipients']['to'] = array($pm['toid']);

	}

$show_bcc = 0;


	}

$show_bcc = 0;


	// If we have any BCC recipients and this user is an Administrator, add them on to the query
if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
{

	// If we have any BCC recipients and this user is an Administrator, add them on to the query
if(isset($pm['recipients']['bcc']) && count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1)
{

Zeile 1131Zeile 1142
		$bcc_recipients = implode(', ', $bcc_recipients);
$bcc_form_val = implode(',', $bcc_form_val);
eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

		$bcc_recipients = implode(', ', $bcc_recipients);
$bcc_form_val = implode(',', $bcc_form_val);
eval("\$bcc = \"".$templates->get("private_read_bcc")."\";");

	}

	}

	else
{
$bcc_form_val = '';

	else
{
$bcc_form_val = '';

	}


	}


	$replyall = false;
if(count($to_recipients) > 1)
{

	$replyall = false;
if(count($to_recipients) > 1)
{

Zeile 1144Zeile 1155
	}

if(count($to_recipients) > 0)

	}

if(count($to_recipients) > 0)

	{

	{

		$to_recipients = implode($lang->comma, $to_recipients);
}
else

		$to_recipients = implode($lang->comma, $to_recipients);
}
else

	{

	{

		$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");

		$to_recipients = $lang->nobody;
}

eval("\$pm['subject_extra'] = \"".$templates->get("private_read_to")."\";");





	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);


	add_breadcrumb($pm['subject']);
$message = build_postbit($pm, 2);


Zeile 1165Zeile 1176

$optionschecked = array('savecopy' => 'checked="checked"');
if(!empty($mybb->user['signature']))


$optionschecked = array('savecopy' => 'checked="checked"');
if(!empty($mybb->user['signature']))

		{

		{

			$optionschecked['signature'] = 'checked="checked"';
}
if($mybb->usergroup['cantrackpms'] == 1)

			$optionschecked['signature'] = 'checked="checked"';
}
if($mybb->usergroup['cantrackpms'] == 1)

Zeile 1231Zeile 1242
	if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

	if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1)
{
$mybb->settings['postsperpage'] = 20;

	}


	}


	// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];


	// Figure out if we need to display multiple pages.
$perpage = $mybb->settings['postsperpage'];


Zeile 1400Zeile 1411
	{
$mybb->input['unreadcheck'] = $mybb->get_input('unreadcheck', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['unreadcheck']))

	{
$mybb->input['unreadcheck'] = $mybb->get_input('unreadcheck', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['unreadcheck']))

		{

		{

			foreach($mybb->input['unreadcheck'] as $pmid => $val)
{
$pmids[$pmid] = (int)$pmid;

			foreach($mybb->input['unreadcheck'] as $pmid => $val)
{
$pmids[$pmid] = (int)$pmid;

			}

			}


$pmids = implode(",", $pmids);
$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");


$pmids = implode(",", $pmids);
$query = $db->simple_select("privatemessages", "uid", "pmid IN ($pmids) AND fromid='".$mybb->user['uid']."'");

Zeile 1426Zeile 1437
}

if($mybb->input['action'] == "stopalltracking")

}

if($mybb->input['action'] == "stopalltracking")

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_stopalltracking_start");

$sql_array = array(

{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

$plugins->run_hooks("private_stopalltracking_start");

$sql_array = array(

		"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "receipt='2' AND folder!='3' AND status!='0' AND fromid=".$mybb->user['uid']);

		"receipt" => 0
);
$db->update_query("privatemessages", $sql_array, "receipt='2' AND folder!='3' AND status!='0' AND fromid=".$mybb->user['uid']);

Zeile 1454Zeile 1465
		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		$fid = $folderinfo[0];
$foldername = get_pm_folder_name($fid, $foldername);


		if($folderinfo[0] == "1" || $folderinfo[0] == "2" || $folderinfo[0] == "3" || $folderinfo[0] == "4")

		if((int)$folderinfo[0] < 5)

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

		{
$foldername2 = get_pm_folder_name($fid);
eval("\$folderlist .= \"".$templates->get("private_folders_folder_unremovable")."\";");

Zeile 1499Zeile 1510
			{
++$highestid;
$fid = (int)$highestid;

			{
++$highestid;
$fid = (int)$highestid;

			}

			}

			else // Editing an existing folder
{
if($key > $highestid)

			else // Editing an existing folder
{
if($key > $highestid)

				{

				{

					$highestid = $key;
}

$fid = (int)$key;
// Use default language strings if empty or value is language string

					$highestid = $key;
}

$fid = (int)$key;
// Use default language strings if empty or value is language string

				switch($fid)

				if($val == get_pm_folder_name($fid) || trim($val) == '')

				{

				{

					case 1:
if($val == $lang->folder_inbox || trim($val) == '')
{
$val = '';
}
break;
case 2:
if($val == $lang->folder_sent_items || trim($val) == '')
{
$val = '';
}
break;
case 3:
if($val == $lang->folder_drafts || trim($val) == '')
{
$val = '';
}
break;
case 4:
if($val == $lang->folder_trash || trim($val) == '')
{
$val = '';
}
break;

					$val = '';
























				}
}


				}
}


			if($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4))

			if($val != '' && trim($val) == '' && !(is_numeric($key) && $key <= 4))

			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			{
// If the name only contains whitespace and it's not a default folder, print an error
error($lang->error_emptypmfoldername);
}


			if($val != '' || ($key >= 1 && $key <= 4))

			if($val != '' || (is_numeric($key) && $key <= 4))

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

			{
// If there is a name or if this is a default folder, save it
$foldername = $db->escape_string(htmlspecialchars_uni($val));

Zeile 1593Zeile 1581
	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$plugins->run_hooks("private_empty_start");

$foldersexploded = explode("$%%$", $mybb->user['pmfolders']);

	$folderlist = '';

	$folderlist = $unread = '';

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$fid = $folderinfo[0];

	foreach($foldersexploded as $key => $folders)
{
$folderinfo = explode("**", $folders, 2);
$fid = $folderinfo[0];

		$foldername = get_pm_folder_name($fid, $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid' AND uid='".$mybb->user['uid']."'");










		if($folderinfo[0] == "1")
{
$fid = "1";
$unread = " AND status='0'";
}
if($folderinfo[0] == "0")
{
$fid = "1";
}
$foldername = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
$query = $db->simple_select("privatemessages", "COUNT(*) AS pmsinfolder", " folder='$fid'$unread AND uid='".$mybb->user['uid']."'");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

		$thing = $db->fetch_array($query);
$foldercount = my_number_format($thing['pmsinfolder']);
eval("\$folderlist .= \"".$templates->get("private_empty_folder")."\";");

Zeile 1624Zeile 1621
	if($mybb->get_input('keepunread', MyBB::INPUT_INT) == 1)
{
$keepunreadq = " AND status!='0'";

	if($mybb->get_input('keepunread', MyBB::INPUT_INT) == 1)
{
$keepunreadq = " AND status!='0'";

	}

	}

	if(!empty($mybb->input['empty']))
{
foreach($mybb->input['empty'] as $key => $val)

	if(!empty($mybb->input['empty']))
{
foreach($mybb->input['empty'] as $key => $val)

		{

		{

			if($val == 1)
{
$key = (int)$key;

			if($val == 1)
{
$key = (int)$key;

Zeile 1648Zeile 1645

// Update PM count
update_pm_count();


// Update PM count
update_pm_count();





	$plugins->run_hooks("private_do_empty_end");
redirect("private.php", $lang->redirect_pmfoldersemptied);
}

	$plugins->run_hooks("private_do_empty_end");
redirect("private.php", $lang->redirect_pmfoldersemptied);
}





if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));

if($mybb->input['action'] == "do_stuff" && $mybb->request_method == "post")
{
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));





	$plugins->run_hooks("private_do_stuff");

if(!empty($mybb->input['hop']))

	$plugins->run_hooks("private_do_stuff");

if(!empty($mybb->input['hop']))

	{

	{

		header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))

		header("Location: private.php?fid=".$mybb->get_input('jumpto'));
}
elseif(!empty($mybb->input['moveto']))

	{
$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))

	{
$pms = array_map('intval', array_keys($mybb->get_input('check', MyBB::INPUT_ARRAY)));
if(!empty($pms))

		{

		{

			foreach($mybb->input['check'] as $key => $val)

			if(!$mybb->input['fid'])

			{

			{

				$sql_array = array(
"folder" => $mybb->input['fid']
);
$db->update_query("privatemessages", $sql_array, "pmid='".(int)$key."' AND uid='".$mybb->user['uid']."'");

				$mybb->input['fid'] = 1;




			}

			}

		}
// Update PM count
update_pm_count();










if(array_key_exists($mybb->input['fid'], $foldernames))
{
$db->update_query("privatemessages", array("folder" => $mybb->input['fid']), "pmid IN (".implode(",", $pms).") AND uid='".$mybb->user['uid']."'");
update_pm_count();
}
else
{
error($lang->error_invalidmovefid);
}
}


if(!empty($mybb->input['fromfid']))
{


if(!empty($mybb->input['fromfid']))
{

Zeile 1693Zeile 1695
	{
$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))

	{
$mybb->input['check'] = $mybb->get_input('check', MyBB::INPUT_ARRAY);
if(!empty($mybb->input['check']))

		{

		{

			$pmssql = '';
foreach($mybb->input['check'] as $key => $val)
{

			$pmssql = '';
foreach($mybb->input['check'] as $key => $val)
{

Zeile 2079Zeile 2081

if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{


if(!$mybb->input['fid'] || !array_key_exists($mybb->input['fid'], $foldernames))
{

		$mybb->input['fid'] = 1;

		$mybb->input['fid'] = 0;

	}


	}


	$folder = $mybb->input['fid'];
$foldername = $foldernames[$folder];


	$fid = (int)$mybb->input['fid'];
$folder = !$fid ? 1 : $fid;
$foldername = $foldernames[$fid];


if($folder == 2 || $folder == 3)
{ // Sent Items Folder


if($folder == 2 || $folder == 3)
{ // Sent Items Folder

Zeile 2134Zeile 2137
	eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");

// Do Multi Pages

	eval("\$orderarrow['$sortby'] = \"".$templates->get("private_orderarrow")."\";");

// Do Multi Pages

	$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'");
$pmscount = $db->fetch_array($query);







	$selective = "";
if($fid == 1)
{
$selective = " AND status='0'";
}

$query = $db->simple_select("privatemessages", "COUNT(*) AS total", "uid='".$mybb->user['uid']."' AND folder='$folder'$selective");
$pmscount = $db->fetch_field($query, "total");


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{


if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{

Zeile 2148Zeile 2157
	if($page > 0)
{
$start = ($page-1) *$perpage;

	if($page > 0)
{
$start = ($page-1) *$perpage;

	}







		$pages = ceil($pmscount / $perpage);
if($page > $pages)
{
$start = 0;
$page = 1;
}
}

	else
{
$start = 0;

	else
{
$start = 0;

Zeile 2165Zeile 2180
	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	}

if($mybb->input['order'] || ($sortby && $sortby != "dateline"))

	{
$page_url = "private.php?fid={$folder}&sortby={$sortby}&order={$sortordernow}";
}
else
{
$page_url = "private.php?fid={$folder}";
}

$multipage = multipage($pmscount['total'], $perpage, $page, $page_url);
$messagelist = '';

$icon_cache = $cache->read("posticons");

	{
$page_url = "private.php?fid={$fid}&sortby={$sortby}&order={$sortordernow}";
}
else
{
$page_url = "private.php?fid={$fid}";
}

$multipage = multipage($pmscount, $perpage, $page, $page_url);
$selective = $messagelist = '';

$icon_cache = $cache->read("posticons");


// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)


// Cache users in multiple recipients for sent & drafts folder
if($folder == 2 || $folder == 3)

Zeile 2188Zeile 2203
		else
{
$u = "pm.";

		else
{
$u = "pm.";

		}


		}


		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->query("

		// Get all recipients into an array
$cached_users = $get_users = array();
$users_query = $db->query("

Zeile 2211Zeile 2226
			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

			if(isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc']))
{
$get_users = array_merge($get_users, $recipients['bcc']);

			}
}

$get_users = implode(',', array_unique($get_users));

			}
}

$get_users = implode(',', array_unique($get_users));


// Grab info
if($get_users)


// Grab info
if($get_users)

Zeile 2240Zeile 2255
	}
else
{

	}
else
{

 
		if($fid == 1)
{
$selective = " AND pm.status='0'";
}


		if($sortfield == "username")
{
$pm = "fu.";

		if($sortfield == "username")
{
$pm = "fu.";

Zeile 2255Zeile 2275
		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		FROM ".TABLE_PREFIX."privatemessages pm
LEFT JOIN ".TABLE_PREFIX."users fu ON (fu.uid=pm.fromid)
LEFT JOIN ".TABLE_PREFIX."users tu ON (tu.uid=pm.toid)

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'

		WHERE pm.folder='$folder' AND pm.uid='".$mybb->user['uid']."'{$selective}

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");

		ORDER BY {$pm}{$sortfield} {$sortordernow}
LIMIT $start, $perpage
");