1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
|
/** create a new pm **/
if($_REQUEST['action']=="newpm" || $_REQUEST['action']=="replypm" || $_REQUEST['action']=="forwardpm") {
if($newpm_default_checked_0==1) $checked[0]="checked";
if($newpm_default_checked_1==1) $checked[1]="checked";
if($newpm_default_checked_2==1) $checked[2]="checked";
if($newpm_default_checked_3==1) $checked[3]="checked";
if($newpm_default_checked_4==1) $checked[4]="checked";
if(isset($_REQUEST['pmid'])) $pmid=intval($_REQUEST['pmid']);
if(isset($_POST['send'])) {
$subject=trim($_POST['subject']);
$recipient=trim($_POST['recipient']);
$message=stripcrap(trim($_POST['message']));
if(isset($_POST['iconid'])) $iconid=intval($_POST['iconid']);
else $iconid=0;
if(!isset($_POST['preview'])) {
$error="";
if(!$subject || !$recipient || !$message) eval ("\$error .= "".$tpl->get("newthread_error1")."";");
if($recipient) {
$result=$db->query_first("SELECT userid, username, email, ignorelist, receivepm, emailonpm, pmpopup FROM bb".$n."_users WHERE username='".addslashes(htmlspecialchars($recipient))."'");
$recipient = htmlspecialchars($recipient);
if(!$result['userid']) eval ("\$error .= "".$tpl->get("pms_newpm_error1")."";");
else {
if($result['receivepm']==0) eval ("\$error .= "".$tpl->get("pms_newpm_error2")."";");
elseif(add2list($result['ignorelist'],$wbbuserdata['userid'])==-1) eval ("\$error .= "".$tpl->get("pms_newpm_error3")."";");
else {
list($countpms)=$db->query_first("SELECT COUNT(*) FROM bb".$n."_privatemessage WHERE recipientid='$result[userid]' AND deletepm<>1");
if($countpms>=$maxpms) eval ("\$error .= "".$tpl->get("pms_newpm_error4")."";");
}
}
}
if($error) eval ("\$pm_error = "".$tpl->get("newthread_error")."";");
else {
if($_POST['parseurl']==1) $message=parseURL($message);
$db->unbuffered_query("INSERT INTO bb".$n."_privatemessage (privatemessageid,senderid,recipientid,subject,message,sendtime,showsmilies,showsignature,iconid,deletepm) VALUES (NULL,'$wbbuserdata[userid]','$result[userid]','".addslashes(htmlspecialchars($subject))."','".addslashes($message)."','".time()."','".(1-intval($_POST['disablesmilies']))."','".intval($_POST['showsignature'])."','$iconid','".ifelse($_POST['savecopy']==1,0,2)."')",1);
if($result['pmpopup']==1) $db->unbuffered_query("UPDATE bb".$n."_users SET pmpopup=2 WHERE userid='$result[userid]'",1);
if($result['emailonpm']==1) {
eval ("\$mail_text = "".$tpl->get("mt_newpm")."";");
eval ("\$mail_subject = "".$tpl->get("ms_newpm")."";");
mailer($result['email'],$mail_subject,$mail_text);
}
if($_REQUEST['action']=="replypm") $db->unbuffered_query("UPDATE bb".$n."_privatemessage SET reply=1 WHERE privatemessageid='$pmid' AND recipientid='$wbbuserdata[userid]'",1);
if($_REQUEST['action']=="forwardpm") $db->unbuffered_query("UPDATE bb".$n."_privatemessage SET forward=1 WHERE privatemessageid='$pmid' AND recipientid='$wbbuserdata[userid]'",1);
header("Location: pms.php?sid=$session[hash]");
exit();
}
}
else {
$allowsmilies=1-intval($_POST['disablesmilies']);
$parse = new parse($docensor,75,$allowsmilies*$pm_allowsmilies,$pm_allowbbcode,$wbbuserdata['showimages'],$usecode);
$preview_subject=$parse->textwrap(htmlspecialchars($subject),30);
$preview_message=$parse->doparse(ifelse($_POST['parseurl']==1,parseURL($message),$message),$allowsmilies*$pm_allowsmilies,$pm_allowhtml,$pm_allowbbcode,$pm_allowimages);
if($iconid) {
$result = $db->query_first("SELECT * FROM bb".$n."_icons WHERE iconid = '$iconid'");
$preview_posticon=makeimgtag($result['iconpath'],$result['icontitle']);
}
eval ("\$preview_window = "".$tpl->get("pms_newpm_preview")."";");
}
if($_POST['parseurl']==1) $checked[0]="checked";
else $checked[0]="";
if($_POST['disablesmilies']==1) $checked[1]="checked";
else $checked[1]="";
if($_POST['showsignature']==1) $checked[2]="checked";
else $checked[2]="";
if($_POST['savecopy']==1) $checked[3]="checked";
else $checked[3]="";
}
else {
if(isset($_GET['userid'])) list($recipient)=$db->query_first("SELECT username FROM bb".$n."_users WHERE userid='".intval($_GET['userid'])."'");
if($_REQUEST['action']=="replypm" || $_REQUEST['action']=="forwardpm") {
$pm = $db->query_first("SELECT p.senderid, p.subject, p.message, p.sendtime, u.username FROM bb".$n."_privatemessage p LEFT JOIN bb".$n."_users u ON (u.userid=p.senderid) WHERE p.privatemessageid='$pmid' AND p.recipientid='$wbbuserdata[userid]'");
$sendtime=formatdate($dateformat." ".$timeformat,$pm['sendtime']);
if($docensor==1) {
if($parse) $pm['message']=$parse->censor($pm['message']);
else {
$parse = new parse(1);
$pm['message']=$parse->censor($pm['message']);
}
}
$pm['username']=rehtmlspecialchars($pm['username']);
if($_REQUEST['action']=="replypm") {
$pm['subject']=preg_replace("/^RE: /i","",$pm['subject']);
eval ("\$subject = "".$tpl->get("pms_reply_subject")."";");
eval ("\$message = "".$tpl->get("pms_reply_message")."";");
$recipient=$pm['username'];
}
if($_REQUEST['action']=="forwardpm") {
$pm['subject']=preg_replace("/^FW: /i","",$pm['subject']);
eval ("\$subject = "".$tpl->get("pms_forward_subject")."";");
eval ("\$message = "".$tpl->get("pms_forward_message")."";");
}
}
}
if(!isset($iconid)) $iconid=0;
$ICONselected[$iconid]="checked";
$result = $db->query("SELECT * FROM bb".$n."_icons ORDER BY iconorder ASC");
$iconcount=0;
while($row=$db->fetch_array($result)) {
$row_iconid=$row['iconid'];
eval ("\$choice_posticons .= "".$tpl->get("newthread_iconbit")."";");
if($iconcount==6) {
$choice_posticons.="<br>";
$iconcount=0;
}
else $iconcount++;
}
eval ("\$pm_icons .= "".$tpl->get("newthread_icons")."";");
if($pm_allowbbcode==1) $bbcode_buttons = getcodebuttons();
if($pm_allowsmilies==1) $bbcode_smilies = getclickysmilies($smilie_table_cols,$smilie_table_rows);
eval ("\$note = "".$tpl->get("note_html_".ifelse($pm_allowhtml==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_bbcode_".ifelse($pm_allowbbcode==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_smilies_".ifelse($pm_allowsmilies==0,"not_")."allow")."";");
eval ("\$note .= "".$tpl->get("note_images_".ifelse($pm_allowimages==0,"not_")."allow")."";");
if(isset($message)) $message=parse::convertHTML($message);
if(isset($subject)) $subject=str_replace(""",""",$subject);
if(isset($recipient)) $recipient=str_replace(""",""",$recipient);
eval("\$tpl->output("".$tpl->get("pms_newpm")."");");
} |