Viewing file:  pms.php (15.32 KB) -rw-rw-r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/**
*
* @author Robert Johnston
*
* @package Forum Runner
* @version CVS/SVN: $Id: $
* @copyright (c) 2010 End of Time Studios, LLC
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
chdir(MCWD);
chdir('../');
$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require($phpbb_root_path . 'common.' . $phpEx);
require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
require($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
fr_set_debug();
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup('ucp');
$user->page['root_script_path'] = str_replace('/forumrunner', '', $user->page['root_script_path']);
function
do_get_pm_folders ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
if (!$user->data['is_registered']) {
json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
$folders = get_folder($user->data['user_id']);
foreach ($folders as $key => $folder) {
$out[$key] = prepare_utf8_string($folder['folder_name']);
}
return array(
'folders' => $out,
);
}
function
do_get_pms ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
global $global_privmsgs_rules;
include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx);
if (!$user->data['is_registered'])
{
trigger_error('NO_MESSAGE');
}
// Is PM disabled?
if (!$config['allow_privmsg'])
{
trigger_error('PM_DISABLED');
}
$user->add_lang('posting');
// Folder directly specified?
$folder_specified = request_var('folderid', '');
if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox')))
{
$folder_specified = (int) $folder_specified;
}
else
{
$folder_specified = ($folder_specified == 'inbox') ? PRIVMSGS_INBOX : (($folder_specified == 'outbox') ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX);
}
if (!$folder_specified)
{
$mode = (!$mode) ? request_var('mode', 'view') : $mode;
}
else
{
$mode = 'view';
}
set_user_message_limit();
if ($folder_specified)
{
$folder_id = $folder_specified;
$action = 'view_folder';
}
else
{
$folder_id = request_var('f', PRIVMSGS_NO_BOX);
$action = request_var('action', 'view_folder');
}
$msg_id = request_var('p', 0);
$view = request_var('view', '');
// View message if specified
if ($msg_id)
{
$action = 'view_message';
}
if (!$auth->acl_get('u_readpm'))
{
trigger_error('NO_AUTH_READ_MESSAGE');
}
// Do not allow hold messages to be seen
if ($folder_id == PRIVMSGS_HOLD_BOX)
{
trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
}
// If new messages arrived, place them into the appropriate folder
$num_not_moved = $num_removed = 0;
$release = request_var('release', 0);
if ($user->data['user_new_privmsg'] && $action == 'view_folder')
{
$return = place_pm_into_folder($global_privmsgs_rules, $release);
$num_not_moved = $return['not_moved'];
$num_removed = $return['removed'];
}
if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX)
{
$folder_id = PRIVMSGS_INBOX;
}
$folder = get_folder($user->data['user_id'], $folder_id);
$s_folder_options = $s_to_folder_options = '';
clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']);
// Header for message view - folder and so on
$folder_status = get_folder_status($folder_id, $folder);
// Hack in our page/num calculation
$page = request_var('page', 1);
$perpage = request_var('perpage', 15);
$config['topics_per_page'] = $perpage;
$_REQUEST['start'] = (($page - 1) * $perpage);
$folder_info = get_pm_from($folder_id, $folder, $user->data['user_id']);
$pm_out = array();
if (count($folder_info['pm_list'])) {
foreach ($folder_info['pm_list'] as $pm) {
$row = &$folder_info['rowset'][$pm];
$addresses = write_pm_addresses(array('to' => $row['to_address'], 'bcc' => $message_row['bcc_address']), $row['author_id']);
$users = array();
if (isset($addresses['to']['user'])) {
foreach ($addresses['to']['user'] as $tmp_user) {
$users[] = $tmp_user['name'];
}
}
// Fetch avatar
$avatarresult = $db->sql_query($db->sql_build_query('SELECT', array(
'SELECT' => 'u.*',
'FROM' => array(
USERS_TABLE => 'u',
),
'WHERE' => 'u.user_id = ' . $row['author_id']
)));
$avatarinfo = $db->sql_fetchrow($avatarresult);
$db->sql_freeresult($avatarresult);
$avatarurl = process_avatarurl(fr_get_user_avatar($avatarinfo['user_avatar'], $avatarinfo['user_avatar_type'], $avatarinfo['user_avatar_width'], $avatarinfo['user_avatar_height']));
$tmp = array(
'id' => $row['msg_id'],
'new_pm' => $row['pm_unread'],
'username' => prepare_utf8_string(strip_tags($row['username'])),
'to_usernames' => prepare_utf8_string(implode('; ', $users)),
'title' => prepare_utf8_string($row['message_subject']),
'message' => prepare_utf8_string(fr_get_preview($row['msg_id'], FR_PREVIEW_LEN, FR_PREVIEW_PM)),
'pm_timestamp' => prepare_utf8_string(date_trunc($user->format_date($row['message_time']))),
);
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$pm_out[] = $tmp;
}
}
return array(
'pms' => $pm_out,
'total_pms' => $folder_info['pm_count'],
);
}
function
do_get_pm ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
global $global_privmsgs_rules;
$usesmilies = false;
$folder_id = request_var('folderid', PRIVMSGS_NO_BOX);
if (!$user->data['is_registered'])
{
trigger_error('NO_MESSAGE');
}
// Is PM disabled?
if (!$config['allow_privmsg'])
{
trigger_error('PM_DISABLED');
}
$user->add_lang('posting');
$template->assign_var('S_PRIVMSGS', true);
set_user_message_limit();
$msg_id = request_var('pmid', 0);
if (!$auth->acl_get('u_readpm'))
{
trigger_error('NO_AUTH_READ_MESSAGE');
}
// Do not allow hold messages to be seen
if ($folder_id == PRIVMSGS_HOLD_BOX)
{
trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
}
if ($folder_id == PRIVMSGS_NO_BOX) {
$sql = 'SELECT folder_id
FROM ' . PRIVMSGS_TO_TABLE . "
WHERE msg_id = $msg_id
AND folder_id <> " . PRIVMSGS_NO_BOX . '
AND user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_MESSAGE');
}
$folder_id = (int) $row['folder_id'];
}
$message_row = array();
$sql = 'SELECT t.*, p.*, u.*
FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
WHERE t.user_id = ' . $user->data['user_id'] . "
AND p.author_id = u.user_id
AND t.folder_id = $folder_id
AND t.msg_id = p.msg_id
AND p.msg_id = $msg_id";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_MESSAGE');
}
// Update unread status
update_unread_status($row['pm_unread'], $row['msg_id'], $user->data['user_id'], $folder_id);
$addresses = write_pm_addresses(array('to' => $row['to_address'], 'bcc' => $message_row['bcc_address']), $row['author_id']);
// Parse the post for quotes and inline images
$stripped_text = remove_bbcode_uids_and_smilies($row['message_text'], $row['bbcode_uid']);
list ($text, $nuked_quotes, $images) = parse_post($stripped_text, $row['enable_smilies'] && $usesmilies, array());
// Avatar work
$avatarurl = process_avatarurl(fr_get_user_avatar($row['user_avatar'], $row['user_avatar_type'], $row['user_avatar_width'], $row['user_avatar_height']));
$users = array();
if (isset($addresses['to']['user'])) {
foreach ($addresses['to']['user'] as $tmp_user) {
$users[] = $tmp_user['name'];
}
}
$out = array(
'id' => $row['msg_id'],
'pm_unread' => $row['pm_unread'],
'username' => prepare_utf8_string(strip_tags($row['username'])),
'to_usernames' => prepare_utf8_string(implode('; ', $users)),
'userid' => $row['author_id'],
'title' => prepare_utf8_string($row['message_subject']),
'message' => $text,
'quotable' => $nuked_quotes,
'images' => $images,
'pm_timestamp' => prepare_utf8_string(date_trunc($user->format_date($row['message_time']))),
);
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
return $out;
}
function
do_send_pm ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
global $global_privmsgs_rules;
include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx);
$user->add_lang('posting');
$current_time = time();
if (!$user->data['is_registered'])
{
trigger_error('NO_AUTH_SEND_MESSAGE');
}
// Is PM disabled?
if (!$config['allow_privmsg'])
{
trigger_error('PM_DISABLED');
}
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
$action = 'post';
add_form_key('ucp_pm_compose');
$user->add_lang('viewtopic');
if (!$auth->acl_get('u_sendpm'))
{
trigger_error('NO_AUTH_SEND_MESSAGE');
}
$message_attachment = 0;
$recipients = split(';', request_var('recipients', ''));
if (!count($recipients)) {
trigger_error('PM_NO_USERS');
}
$address_list = array();
foreach ($recipients as $name) {
$sql = 'SELECT u.user_id FROM ' . USERS_TABLE . " u WHERE UCASE(username) = '" . strtoupper($db->sql_escape(trim($name))) . "'";
$result = $db->sql_query($sql);
$user_id = (int)$db->sql_fetchfield('user_id');
$db->sql_freeresult($result);
if (!$user_id) {
trigger_error('PM_NO_USERS');
}
$address_list['u'][$user_id] = 'to';
}
$check_value = 0;
$message_parser = new parse_message();
$max_recipients = $config['pm_max_recipients'];
// Check mass pm to group permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g']))
{
trigger_error('NO_AUTH_GROUP_MESSAGE');
}
// Check mass pm to users permission
if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1)
{
trigger_error('TOO_MANY_RECIPIENTS');
}
// Check for too many recipients
if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients)
{
trigger_error('TOO_MANY_RECIPIENTS');
}
$bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false;
$smilies_status = ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false;
$img_status = ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false;
$flash_status = ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false;
$url_status = ($config['allow_post_links']) ? true : false;
$subject = utf8_normalize_nfc(request_var('title', '', true));
$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
$icon_id = request_var('icon', 0);
$enable_bbcode = (!$bbcode_status || isset($_POST['disable_bbcode'])) ? false : true;
$enable_smilies = (!$smilies_status || isset($_POST['disable_smilies'])) ? false : true;
$enable_urls = (isset($_POST['disable_magic_url'])) ? 0 : 1;
$enable_sig = (!$config['allow_sig'] ||!$config['allow_sig_pm']) ? false : ((isset($_POST['attach_sig'])) ? true : false);
$status_switch = (($enable_bbcode+1) << 8) + (($enable_smilies+1) << 4) + (($enable_urls+1) << 2) + (($enable_sig+1) << 1);
$status_switch = ($status_switch != $check_value);
// Parse message
$message_parser->parse($enable_bbcode, ($config['allow_post_links']) ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']);
if (count($message_parser->warn_msg))
{
trigger_error(join('; ', $message_parser->warn_msg));
}
if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood'))
{
// Flood check
$last_post_time = $user->data['user_lastpost_time'];
if ($last_post_time)
{
if ($last_post_time && ($current_time - $last_post_time) < intval($config['flood_interval']))
{
trigger_error('FLOOD_ERROR');
}
}
}
// Subject defined
if (utf8_clean_string($subject) === '')
{
trigger_error('EMPTY_MESSAGE_SUBJECT');
}
if (!sizeof($address_list))
{
trigger_error('NO_RECIPIENT');
}
// Store message, sync counters
$pm_data = array(
'msg_id' => (int) $msg_id,
'from_user_id' => $user->data['user_id'],
'from_user_ip' => $user->ip,
'from_username' => $user->data['username'],
'reply_from_root_level' => (isset($post['root_level'])) ? (int) $post['root_level'] : 0,
'reply_from_msg_id' => (int) $msg_id,
'icon_id' => (int) $icon_id,
'enable_sig' => (bool) $enable_sig,
'enable_bbcode' => (bool) $enable_bbcode,
'enable_smilies' => (bool) $enable_smilies,
'enable_urls' => (bool) $enable_urls,
'bbcode_bitfield' => $message_parser->bbcode_bitfield,
'bbcode_uid' => $message_parser->bbcode_uid,
'message' => $message_parser->message,
'attachment_data' => $message_parser->attachment_data,
'filename_data' => $message_parser->filename_data,
'address_list' => $address_list
);
// ((!$message_subject) ? $subject : $message_subject)
$msg_id = submit_pm($action, $subject, $pm_data);
return array(
'success' => 1,
);
}
function
do_delete_pm ()
{
global $config, $template, $user, $auth, $db, $phpbb_root_path, $phpEx, $cache, $template;
global $global_privmsgs_rules;
if (!$user->data['is_registered'])
{
trigger_error('NO_MESSAGE');
}
// Is PM disabled?
if (!$config['allow_privmsg'])
{
trigger_error('PM_DISABLED');
}
$pmid = request_var('pm', 0);
if (!$pmid) {
json_error(ERR_INVALID_PM, RV_POST_ERROR);
}
$sql = 'SELECT folder_id
FROM ' . PRIVMSGS_TO_TABLE . "
WHERE msg_id = $pmid
AND folder_id <> " . PRIVMSGS_NO_BOX . '
AND user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_MESSAGE');
}
$folder_id = (int) $row['folder_id'];
delete_pm($user->data['user_id'], array($pmid), $folder_id);
return array(
'success' => 1,
);
}
function
num_recipients ($address_list)
{
$num_recipients = 0;
foreach ($address_list as $field => $adr_ary) {
$num_recipients += sizeof($adr_ary);
}
return $num_recipients;
}
?>
|