PersonalMessage.php 141 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178
  1. <?php
  2. /**
  3. * This file is mainly meant for controlling the actions related to personal
  4. * messages. It allows viewing, sending, deleting, and marking personal
  5. * messages. For compatibility reasons, they are often called "instant messages".
  6. *
  7. * Simple Machines Forum (SMF)
  8. *
  9. * @package SMF
  10. * @author Simple Machines http://www.simplemachines.org
  11. * @copyright 2014 Simple Machines and individual contributors
  12. * @license http://www.simplemachines.org/about/smf/license.php BSD
  13. *
  14. * @version 2.1 Alpha 1
  15. */
  16. if (!defined('SMF'))
  17. die('No direct access...');
  18. /**
  19. * This helps organize things...
  20. * @todo this should be a simple dispatcher....
  21. */
  22. function MessageMain()
  23. {
  24. global $txt, $scripturl, $sourcedir, $context, $user_info, $user_settings, $smcFunc, $modSettings;
  25. // No guests!
  26. is_not_guest();
  27. // You're not supposed to be here at all, if you can't even read PMs.
  28. isAllowedTo('pm_read');
  29. // This file contains the basic functions for sending a PM.
  30. require_once($sourcedir . '/Subs-Post.php');
  31. loadLanguage('PersonalMessage+Drafts');
  32. if (WIRELESS && WIRELESS_PROTOCOL == 'wap')
  33. fatal_lang_error('wireless_error_notyet', false);
  34. elseif (WIRELESS)
  35. $context['sub_template'] = WIRELESS_PROTOCOL . '_pm';
  36. elseif (!isset($_REQUEST['xml']))
  37. loadTemplate('PersonalMessage');
  38. // Load up the members maximum message capacity.
  39. if ($user_info['is_admin'])
  40. $context['message_limit'] = 0;
  41. elseif (($context['message_limit'] = cache_get_data('msgLimit:' . $user_info['id'], 360)) === null)
  42. {
  43. // @todo Why do we do this? It seems like if they have any limit we should use it.
  44. $request = $smcFunc['db_query']('', '
  45. SELECT MAX(max_messages) AS top_limit, MIN(max_messages) AS bottom_limit
  46. FROM {db_prefix}membergroups
  47. WHERE id_group IN ({array_int:users_groups})',
  48. array(
  49. 'users_groups' => $user_info['groups'],
  50. )
  51. );
  52. list ($maxMessage, $minMessage) = $smcFunc['db_fetch_row']($request);
  53. $smcFunc['db_free_result']($request);
  54. $context['message_limit'] = $minMessage == 0 ? 0 : $maxMessage;
  55. // Save us doing it again!
  56. cache_put_data('msgLimit:' . $user_info['id'], $context['message_limit'], 360);
  57. }
  58. // Prepare the context for the capacity bar.
  59. if (!empty($context['message_limit']))
  60. {
  61. $bar = ($user_info['messages'] * 100) / $context['message_limit'];
  62. $context['limit_bar'] = array(
  63. 'messages' => $user_info['messages'],
  64. 'allowed' => $context['message_limit'],
  65. 'percent' => $bar,
  66. 'bar' => min(100, (int) $bar),
  67. 'text' => sprintf($txt['pm_currently_using'], $user_info['messages'], round($bar, 1)),
  68. );
  69. }
  70. // a previous message was sent successfully? show a small indication.
  71. if (isset($_GET['done']) && ($_GET['done'] == 'sent'))
  72. $context['pm_sent'] = true;
  73. $context['labels'] = array();
  74. // Load the label data.
  75. if ($user_settings['new_pm'] || ($context['labels'] = cache_get_data('labelCounts:' . $user_info['id'], 720)) === null)
  76. {
  77. // Looks like we need to reseek!
  78. // Inbox "label"
  79. $context['labels'][-1] = array(
  80. 'id' => -1,
  81. 'name' => $txt['pm_msg_label_inbox'],
  82. 'messages' => 0,
  83. 'unread_messages' => 0,
  84. );
  85. // First get the inbox counts
  86. // The CASE WHEN here is because is_read is set to 3 when you reply to a message
  87. $result = $smcFunc['db_query']('', '
  88. SELECT COUNT(*) AS total, SUM(is_read & 1) AS num_read
  89. FROM {db_prefix}pm_recipients
  90. WHERE id_member = {int:current_member}
  91. AND in_inbox = {int:in_inbox}
  92. AND deleted = {int:not_deleted}',
  93. array(
  94. 'current_member' => $user_info['id'],
  95. 'in_inbox' => 1,
  96. 'not_deleted' => 0,
  97. )
  98. );
  99. while ($row = $smcFunc['db_fetch_assoc']($result))
  100. {
  101. $context['labels'][-1]['messages'] = $row['total'];
  102. $context['labels'][-1]['unread_messages'] = $row['total'] - $row['num_read'];
  103. }
  104. $smcFunc['db_free_result']($result);
  105. // Now load info about all the other labels
  106. $result = $smcFunc['db_query']('', '
  107. SELECT l.id_label, l.name, IFNULL(SUM(pr.is_read & 1), 0) AS num_read, IFNULL(COUNT(pr.id_pm), 0) AS total
  108. FROM {db_prefix}pm_labels AS l
  109. LEFT JOIN {db_prefix}pm_labeled_messages AS pl ON (pl.id_label = l.id_label)
  110. LEFT JOIN {db_prefix}pm_recipients AS pr ON (pr.id_pm = pl.id_pm)
  111. WHERE l.id_member = {int:current_member}
  112. GROUP BY l.id_label, l.name',
  113. array(
  114. 'current_member' => $user_info['id'],
  115. )
  116. );
  117. while ($row = $smcFunc['db_fetch_assoc']($result))
  118. {
  119. $context['labels'][$row['id_label']] = array(
  120. 'id' => $row['id_label'],
  121. 'name' => $row['name'],
  122. 'messages' => $row['total'],
  123. 'unread_messages' => $row['total'] - $row['num_read']
  124. );
  125. }
  126. $smcFunc['db_free_result']($result);
  127. // Store it please!
  128. cache_put_data('labelCounts:' . $user_info['id'], $context['labels'], 720);
  129. }
  130. // Now we have the labels, and assuming we have unsorted mail, apply our rules!
  131. if ($user_settings['new_pm'])
  132. {
  133. ApplyRules();
  134. updateMemberData($user_info['id'], array('new_pm' => 0));
  135. $smcFunc['db_query']('', '
  136. UPDATE {db_prefix}pm_recipients
  137. SET is_new = {int:not_new}
  138. WHERE id_member = {int:current_member}',
  139. array(
  140. 'current_member' => $user_info['id'],
  141. 'not_new' => 0,
  142. )
  143. );
  144. }
  145. // This determines if we have more labels than just the standard inbox.
  146. $context['currently_using_labels'] = count($context['labels']) > 1 ? 1 : 0;
  147. // Some stuff for the labels...
  148. $context['current_label_id'] = isset($_REQUEST['l']) && isset($context['labels'][$_REQUEST['l']]) ? (int) $_REQUEST['l'] : -1;
  149. $context['current_label'] = &$context['labels'][$context['current_label_id']]['name'];
  150. $context['folder'] = !isset($_REQUEST['f']) || $_REQUEST['f'] != 'sent' ? 'inbox' : 'sent';
  151. // This is convenient. Do you know how annoying it is to do this every time?!
  152. $context['current_label_redirect'] = 'action=pm;f=' . $context['folder'] . (isset($_GET['start']) ? ';start=' . $_GET['start'] : '') . (isset($_REQUEST['l']) ? ';l=' . $_REQUEST['l'] : '');
  153. $context['can_issue_warning'] = allowedTo('issue_warning') && $modSettings['warning_settings'][0] == 1;
  154. // Are PM drafts enabled?
  155. $context['drafts_pm_save'] = !empty($modSettings['drafts_pm_enabled']) && allowedTo('pm_draft');
  156. $context['drafts_autosave'] = !empty($context['drafts_pm_save']) && !empty($modSettings['drafts_autosave_enabled']) && allowedTo('pm_autosave_draft');
  157. // Build the linktree for all the actions...
  158. $context['linktree'][] = array(
  159. 'url' => $scripturl . '?action=pm',
  160. 'name' => $txt['personal_messages']
  161. );
  162. // Preferences...
  163. $context['display_mode'] = WIRELESS ? 0 : $user_settings['pm_prefs'] & 3;
  164. $subActions = array(
  165. 'popup' => 'MessagePopup',
  166. 'addbuddy' => 'WirelessAddBuddy',
  167. 'manlabels' => 'ManageLabels',
  168. 'manrules' => 'ManageRules',
  169. 'pmactions' => 'MessageActionsApply',
  170. 'prune' => 'MessagePrune',
  171. 'removeall' => 'MessageKillAllQuery',
  172. 'removeall2' => 'MessageKillAll',
  173. 'report' => 'ReportMessage',
  174. 'search' => 'MessageSearch',
  175. 'search2' => 'MessageSearch2',
  176. 'send' => 'MessagePost',
  177. 'send2' => 'MessagePost2',
  178. 'settings' => 'MessageSettings',
  179. 'showpmdrafts' => 'MessageDrafts',
  180. );
  181. if (!isset($_REQUEST['sa']) || !isset($subActions[$_REQUEST['sa']]))
  182. {
  183. $_REQUEST['sa'] = '';
  184. MessageFolder();
  185. }
  186. else
  187. {
  188. if (!isset($_REQUEST['xml']) && $_REQUEST['sa'] != 'popup')
  189. messageIndexBar($_REQUEST['sa']);
  190. $subActions[$_REQUEST['sa']]();
  191. }
  192. }
  193. /**
  194. * A menu to easily access different areas of the PM section
  195. *
  196. * @param string $area
  197. */
  198. function messageIndexBar($area)
  199. {
  200. global $txt, $context, $scripturl, $sourcedir, $sc, $modSettings, $user_info;
  201. $pm_areas = array(
  202. 'folders' => array(
  203. 'title' => $txt['pm_messages'],
  204. 'areas' => array(
  205. 'send' => array(
  206. 'label' => $txt['new_message'],
  207. 'custom_url' => $scripturl . '?action=pm;sa=send',
  208. 'permission' => allowedTo('pm_send'),
  209. ),
  210. 'inbox' => array(
  211. 'label' => $txt['inbox'],
  212. 'custom_url' => $scripturl . '?action=pm',
  213. ),
  214. 'sent' => array(
  215. 'label' => $txt['sent_items'],
  216. 'custom_url' => $scripturl . '?action=pm;f=sent',
  217. ),
  218. 'drafts' => array(
  219. 'label' => $txt['drafts_show'],
  220. 'custom_url' => $scripturl . '?action=pm;sa=showpmdrafts',
  221. 'permission' => allowedTo('pm_draft'),
  222. 'enabled' => !empty($modSettings['drafts_pm_enabled']),
  223. ),
  224. ),
  225. ),
  226. 'labels' => array(
  227. 'title' => $txt['pm_labels'],
  228. 'areas' => array(),
  229. ),
  230. 'actions' => array(
  231. 'title' => $txt['pm_actions'],
  232. 'areas' => array(
  233. 'search' => array(
  234. 'label' => $txt['pm_search_bar_title'],
  235. 'custom_url' => $scripturl . '?action=pm;sa=search',
  236. ),
  237. 'prune' => array(
  238. 'label' => $txt['pm_prune'],
  239. 'custom_url' => $scripturl . '?action=pm;sa=prune'
  240. ),
  241. ),
  242. ),
  243. 'pref' => array(
  244. 'title' => $txt['pm_preferences'],
  245. 'areas' => array(
  246. 'manlabels' => array(
  247. 'label' => $txt['pm_manage_labels'],
  248. 'custom_url' => $scripturl . '?action=pm;sa=manlabels',
  249. ),
  250. 'manrules' => array(
  251. 'label' => $txt['pm_manage_rules'],
  252. 'custom_url' => $scripturl . '?action=pm;sa=manrules',
  253. ),
  254. 'settings' => array(
  255. 'label' => $txt['pm_settings'],
  256. 'custom_url' => $scripturl . '?action=pm;sa=settings',
  257. ),
  258. ),
  259. ),
  260. );
  261. // Handle labels.
  262. if (empty($context['currently_using_labels']))
  263. unset($pm_areas['labels']);
  264. else
  265. {
  266. // Note we send labels by id as it will have less problems in the querystring.
  267. $unread_in_labels = 0;
  268. foreach ($context['labels'] as $label)
  269. {
  270. if ($label['id'] == -1)
  271. continue;
  272. // Count the amount of unread items in labels.
  273. $unread_in_labels += $label['unread_messages'];
  274. // Add the label to the menu.
  275. $pm_areas['labels']['areas']['label' . $label['id']] = array(
  276. 'label' => $label['name'] . (!empty($label['unread_messages']) ? ' <span class="amt">' . $label['unread_messages'] . '</span>' : ''),
  277. 'custom_url' => $scripturl . '?action=pm;l=' . $label['id'],
  278. 'unread_messages' => $label['unread_messages'],
  279. 'messages' => $label['messages'],
  280. );
  281. }
  282. if (!empty($unread_in_labels))
  283. $pm_areas['labels']['title'] .= ' <span class="amt">' . $unread_in_labels . '</span>';
  284. }
  285. $pm_areas['folders']['areas']['inbox']['unread_messages'] = &$context['labels'][-1]['unread_messages'];
  286. $pm_areas['folders']['areas']['inbox']['messages'] = &$context['labels'][-1]['messages'];
  287. if (!empty($context['labels'][-1]['unread_messages']))
  288. {
  289. $pm_areas['folders']['areas']['inbox']['label'] .= ' <span class="amt">' . $context['labels'][-1]['unread_messages'] . '</span>';
  290. $pm_areas['folders']['title'] .= ' <span class="amt">' . $context['labels'][-1]['unread_messages'] . '</span>';
  291. }
  292. // Do we have a limit on the amount of messages we can keep?
  293. if (!empty($context['message_limit']))
  294. {
  295. $bar = round(($user_info['messages'] * 100) / $context['message_limit'], 1);
  296. $context['limit_bar'] = array(
  297. 'messages' => $user_info['messages'],
  298. 'allowed' => $context['message_limit'],
  299. 'percent' => $bar,
  300. 'bar' => $bar > 100 ? 100 : (int) $bar,
  301. 'text' => sprintf($txt['pm_currently_using'], $user_info['messages'], $bar)
  302. );
  303. }
  304. require_once($sourcedir . '/Subs-Menu.php');
  305. // What page is this, again?
  306. $current_page = $scripturl . '?action=pm' . (!empty($_REQUEST['sa']) ? ';sa=' . $_REQUEST['sa'] : '') . (!empty($context['folder']) ? ';f=' . $context['folder'] : '') . (!empty($context['current_label_id']) ? ';l=' . $context['current_label_id'] : '');
  307. // Set a few options for the menu.
  308. $menuOptions = array(
  309. 'current_area' => $area,
  310. 'disable_url_session_check' => true,
  311. );
  312. // Actually create the menu!
  313. $pm_include_data = createMenu($pm_areas, $menuOptions);
  314. unset($pm_areas);
  315. // No menu means no access.
  316. if (!$pm_include_data && (!$user_info['is_guest'] || validateSession()))
  317. fatal_lang_error('no_access', false);
  318. // Make a note of the Unique ID for this menu.
  319. $context['pm_menu_id'] = $context['max_menu_id'];
  320. $context['pm_menu_name'] = 'menu_data_' . $context['pm_menu_id'];
  321. // Set the selected item.
  322. $current_area = $pm_include_data['current_area'];
  323. $context['menu_item_selected'] = $current_area;
  324. // Set the template for this area and add the profile layer.
  325. if (!WIRELESS && !isset($_REQUEST['xml']))
  326. $context['template_layers'][] = 'pm';
  327. }
  328. /**
  329. * The popup for when we ask for the popup from the user.
  330. */
  331. function MessagePopup()
  332. {
  333. global $context, $modSettings, $smcFunc, $memberContext, $scripturl, $user_settings, $db_show_debug;
  334. // We do not want to output debug information here.
  335. $db_show_debug = false;
  336. // We only want to output our little layer here.
  337. $context['template_layers'] = array();
  338. $context['sub_template'] = 'pm_popup';
  339. $context['can_send_pm'] = allowedTo('pm_send');
  340. $context['can_draft'] = allowedTo('pm_draft') && !empty($modSettings['drafts_pm_enabled']);
  341. // So are we loading stuff?
  342. $request = $smcFunc['db_query']('', '
  343. SELECT id_pm
  344. FROM {db_prefix}pm_recipients AS pmr
  345. WHERE pmr.id_member = {int:current_member}
  346. AND is_read = {int:not_read}
  347. ORDER BY id_pm',
  348. array(
  349. 'current_member' => $context['user']['id'],
  350. 'not_read' => 0,
  351. )
  352. );
  353. $pms = array();
  354. while ($row = $smcFunc['db_fetch_row']($request))
  355. $pms[] = $row[0];
  356. $smcFunc['db_free_result']($request);
  357. if (!empty($pms))
  358. {
  359. // Just quickly, it's possible that the number of PMs can get out of sync.
  360. $count_unread = count($pms);
  361. if ($count_unread != $user_settings['unread_messages'])
  362. {
  363. updateMemberData($context['user']['id'], array('unread_messages' => $count_unread));
  364. $context['user']['unread_messages'] = count($pms);
  365. }
  366. // Now, actually fetch me some PMs. Make sure we track the senders, got some work to do for them.
  367. $senders = array();
  368. $request = $smcFunc['db_query']('', '
  369. SELECT pm.id_pm, pm.id_pm_head, IFNULL(mem.id_member, pm.id_member_from) AS id_member_from,
  370. IFNULL(mem.real_name, pm.from_name) AS member_from, pm.msgtime AS timestamp, pm.subject
  371. FROM {db_prefix}personal_messages AS pm
  372. LEFT JOIN {db_prefix}members AS mem ON (pm.id_member_from = mem.id_member)
  373. WHERE pm.id_pm IN ({array_int:id_pms})',
  374. array(
  375. 'id_pms' => $pms,
  376. )
  377. );
  378. while ($row = $smcFunc['db_fetch_assoc']($request))
  379. {
  380. if (!empty($row['id_member_from']))
  381. $senders[] = $row['id_member_from'];
  382. $row['replied_to_you'] = $row['id_pm'] != $row['id_pm_head'];
  383. $row['time'] = timeformat($row['timestamp']);
  384. $row['pm_link'] = '<a href="' . $scripturl . '?action=pm;f=inbox;pmsg=' . $row['id_pm'] . '">' . $row['subject'] . '</a>';
  385. $context['unread_pms'][$row['id_pm']] = $row;
  386. }
  387. $smcFunc['db_free_result']($request);
  388. if (!empty($senders))
  389. {
  390. $senders = loadMemberData($senders);
  391. foreach ($senders as $member)
  392. loadMemberContext($member);
  393. }
  394. // Having loaded everyone, attach them to the PMs.
  395. foreach ($context['unread_pms'] as $id_pm => $details)
  396. if (!empty($memberContext[$details['id_member_from']]))
  397. $context['unread_pms'][$id_pm]['member'] = &$memberContext[$details['id_member_from']];
  398. }
  399. }
  400. /**
  401. * A folder, ie. inbox/sent etc.
  402. */
  403. function MessageFolder()
  404. {
  405. global $txt, $scripturl, $modSettings, $context, $subjects_request;
  406. global $messages_request, $user_info, $recipients, $options, $smcFunc, $memberContext, $user_settings;
  407. // Changing view?
  408. if (isset($_GET['view']))
  409. {
  410. $context['display_mode'] = $context['display_mode'] > 1 ? 0 : $context['display_mode'] + 1;
  411. updateMemberData($user_info['id'], array('pm_prefs' => ($user_settings['pm_prefs'] & 252) | $context['display_mode']));
  412. }
  413. // Make sure the starting location is valid.
  414. if (isset($_GET['start']) && $_GET['start'] != 'new')
  415. $_GET['start'] = (int) $_GET['start'];
  416. elseif (!isset($_GET['start']) && !empty($options['view_newest_pm_first']))
  417. $_GET['start'] = 0;
  418. else
  419. $_GET['start'] = 'new';
  420. // Set up some basic theme stuff.
  421. $context['from_or_to'] = $context['folder'] != 'sent' ? 'from' : 'to';
  422. $context['get_pmessage'] = 'prepareMessageContext';
  423. $context['signature_enabled'] = substr($modSettings['signature_settings'], 0, 1) == 1;
  424. $context['disabled_fields'] = isset($modSettings['disabled_profile_fields']) ? array_flip(explode(',', $modSettings['disabled_profile_fields'])) : array();
  425. $labelJoin = '';
  426. $labelQuery = '';
  427. $labelQuery2 = '';
  428. // SMF logic: If you're viewing a label, it's still the inbox
  429. if ($context['folder'] == 'inbox' && $context['current_label_id'] == -1)
  430. {
  431. $labelQuery = '
  432. AND pmr.in_inbox = 1';
  433. }
  434. elseif ($context['folder'] != 'sent')
  435. {
  436. $labelJoin = '
  437. INNER JOIN {db_prefix}pm_labeled_messages AS pl ON (pl.id_pm = pmr.id_pm)';
  438. $labelQuery2 = '
  439. AND pl.id_label = ' . $context['current_label_id'];
  440. }
  441. // Set the index bar correct!
  442. messageIndexBar($context['current_label_id'] == -1 ? $context['folder'] : 'label' . $context['current_label_id']);
  443. // Sorting the folder.
  444. $sort_methods = array(
  445. 'date' => 'pm.id_pm',
  446. 'name' => 'IFNULL(mem.real_name, \'\')',
  447. 'subject' => 'pm.subject',
  448. );
  449. // They didn't pick one, use the forum default.
  450. if (!isset($_GET['sort']) || !isset($sort_methods[$_GET['sort']]))
  451. {
  452. $context['sort_by'] = 'date';
  453. $_GET['sort'] = 'pm.id_pm';
  454. // An overriding setting?
  455. $descending = !empty($options['view_newest_pm_first']);
  456. }
  457. // Otherwise use the defaults: ascending, by date.
  458. else
  459. {
  460. $context['sort_by'] = $_GET['sort'];
  461. $_GET['sort'] = $sort_methods[$_GET['sort']];
  462. $descending = isset($_GET['desc']);
  463. }
  464. $context['sort_direction'] = $descending ? 'down' : 'up';
  465. // Set the text to resemble the current folder.
  466. $pmbox = $context['folder'] != 'sent' ? $txt['inbox'] : $txt['sent_items'];
  467. $txt['delete_all'] = str_replace('PMBOX', $pmbox, $txt['delete_all']);
  468. // Now, build the link tree!
  469. if ($context['current_label_id'] == -1)
  470. $context['linktree'][] = array(
  471. 'url' => $scripturl . '?action=pm;f=' . $context['folder'],
  472. 'name' => $pmbox
  473. );
  474. // Build it further for a label.
  475. if ($context['current_label_id'] != -1)
  476. $context['linktree'][] = array(
  477. 'url' => $scripturl . '?action=pm;f=' . $context['folder'] . ';l=' . $context['current_label_id'],
  478. 'name' => $txt['pm_current_label'] . ': ' . $context['current_label']
  479. );
  480. // Figure out how many messages there are.
  481. if ($context['folder'] == 'sent')
  482. $request = $smcFunc['db_query']('', '
  483. SELECT COUNT(' . ($context['display_mode'] == 2 ? 'DISTINCT pm.id_pm_head' : '*') . ')
  484. FROM {db_prefix}personal_messages AS pm
  485. WHERE pm.id_member_from = {int:current_member}
  486. AND pm.deleted_by_sender = {int:not_deleted}',
  487. array(
  488. 'current_member' => $user_info['id'],
  489. 'not_deleted' => 0,
  490. )
  491. );
  492. else
  493. $request = $smcFunc['db_query']('', '
  494. SELECT COUNT(' . ($context['display_mode'] == 2 ? 'DISTINCT pm.id_pm_head' : '*') . ')
  495. FROM {db_prefix}pm_recipients AS pmr' . ($context['display_mode'] == 2 ? '
  496. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)' : '') . $labelJoin . '
  497. WHERE pmr.id_member = {int:current_member}
  498. AND pmr.deleted = {int:not_deleted}' . $labelQuery . $labelQuery2,
  499. array(
  500. 'current_member' => $user_info['id'],
  501. 'not_deleted' => 0,
  502. )
  503. );
  504. list ($max_messages) = $smcFunc['db_fetch_row']($request);
  505. $smcFunc['db_free_result']($request);
  506. // Only show the button if there are messages to delete.
  507. $context['show_delete'] = $max_messages > 0;
  508. // Start on the last page.
  509. if (!is_numeric($_GET['start']) || $_GET['start'] >= $max_messages)
  510. $_GET['start'] = ($max_messages - 1) - (($max_messages - 1) % $modSettings['defaultMaxMessages']);
  511. elseif ($_GET['start'] < 0)
  512. $_GET['start'] = 0;
  513. // ... but wait - what if we want to start from a specific message?
  514. if (isset($_GET['pmid']))
  515. {
  516. $pmID = (int) $_GET['pmid'];
  517. // Make sure you have access to this PM.
  518. if (!isAccessiblePM($pmID, $context['folder'] == 'sent' ? 'outbox' : 'inbox'))
  519. fatal_lang_error('no_access', false);
  520. $context['current_pm'] = $pmID;
  521. // With only one page of PM's we're gonna want page 1.
  522. if ($max_messages <= $modSettings['defaultMaxMessages'])
  523. $_GET['start'] = 0;
  524. // If we pass kstart we assume we're in the right place.
  525. elseif (!isset($_GET['kstart']))
  526. {
  527. if ($context['folder'] == 'sent')
  528. $request = $smcFunc['db_query']('', '
  529. SELECT COUNT(' . ($context['display_mode'] == 2 ? 'DISTINCT pm.id_pm_head' : '*') . ')
  530. FROM {db_prefix}personal_messages
  531. WHERE id_member_from = {int:current_member}
  532. AND deleted_by_sender = {int:not_deleted}
  533. AND id_pm ' . ($descending ? '>' : '<') . ' {int:id_pm}',
  534. array(
  535. 'current_member' => $user_info['id'],
  536. 'not_deleted' => 0,
  537. 'id_pm' => $pmID,
  538. )
  539. );
  540. else
  541. $request = $smcFunc['db_query']('', '
  542. SELECT COUNT(' . ($context['display_mode'] == 2 ? 'DISTINCT pm.id_pm_head' : '*') . ')
  543. FROM {db_prefix}pm_recipients AS pmr' . ($context['display_mode'] == 2 ? '
  544. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)' : '') . $labelJoin . '
  545. WHERE pmr.id_member = {int:current_member}
  546. AND pmr.deleted = {int:not_deleted}' . $labelQuery . $labelQuery2 . '
  547. AND pmr.id_pm ' . ($descending ? '>' : '<') . ' {int:id_pm}',
  548. array(
  549. 'current_member' => $user_info['id'],
  550. 'not_deleted' => 0,
  551. 'id_pm' => $pmID,
  552. )
  553. );
  554. list ($_GET['start']) = $smcFunc['db_fetch_row']($request);
  555. $smcFunc['db_free_result']($request);
  556. // To stop the page index's being abnormal, start the page on the page the message would normally be located on...
  557. $_GET['start'] = $modSettings['defaultMaxMessages'] * (int) ($_GET['start'] / $modSettings['defaultMaxMessages']);
  558. }
  559. }
  560. // Sanitize and validate pmsg variable if set.
  561. if (isset($_GET['pmsg']))
  562. {
  563. $pmsg = (int) $_GET['pmsg'];
  564. if (!isAccessiblePM($pmsg, $context['folder'] == 'sent' ? 'outbox' : 'inbox'))
  565. fatal_lang_error('no_access', false);
  566. }
  567. // Set up the page index.
  568. $context['page_index'] = constructPageIndex($scripturl . '?action=pm;f=' . $context['folder'] . (isset($_REQUEST['l']) ? ';l=' . (int) $_REQUEST['l'] : '') . ';sort=' . $context['sort_by'] . ($descending ? ';desc' : ''), $_GET['start'], $max_messages, $modSettings['defaultMaxMessages']);
  569. $context['start'] = $_GET['start'];
  570. // Determine the navigation context (especially useful for the wireless template).
  571. $context['links'] = array(
  572. 'first' => $_GET['start'] >= $modSettings['defaultMaxMessages'] ? $scripturl . '?action=pm;start=0' : '',
  573. 'prev' => $_GET['start'] >= $modSettings['defaultMaxMessages'] ? $scripturl . '?action=pm;start=' . ($_GET['start'] - $modSettings['defaultMaxMessages']) : '',
  574. 'next' => $_GET['start'] + $modSettings['defaultMaxMessages'] < $max_messages ? $scripturl . '?action=pm;start=' . ($_GET['start'] + $modSettings['defaultMaxMessages']) : '',
  575. 'last' => $_GET['start'] + $modSettings['defaultMaxMessages'] < $max_messages ? $scripturl . '?action=pm;start=' . (floor(($max_messages - 1) / $modSettings['defaultMaxMessages']) * $modSettings['defaultMaxMessages']) : '',
  576. 'up' => $scripturl,
  577. );
  578. $context['page_info'] = array(
  579. 'current_page' => $_GET['start'] / $modSettings['defaultMaxMessages'] + 1,
  580. 'num_pages' => floor(($max_messages - 1) / $modSettings['defaultMaxMessages']) + 1
  581. );
  582. // First work out what messages we need to see - if grouped is a little trickier...
  583. if ($context['display_mode'] == 2)
  584. {
  585. if ($context['folder'] != 'sent' && $context['folder'] != 'inbox')
  586. {
  587. $labelJoin = '
  588. INNER JOIN {db_prefix}pm_labeled_messages AS pl ON (pl.id_pm = pm.id_pm)';
  589. $labelQuery = '';
  590. $labelQuery2 = '
  591. AND pl.id_label = ' . $context['current_label_id'];
  592. }
  593. // On a non-default sort due to PostgreSQL we have to do a harder sort.
  594. if ($smcFunc['db_title'] == 'PostgreSQL' && $_GET['sort'] != 'pm.id_pm')
  595. {
  596. $sub_request = $smcFunc['db_query']('', '
  597. SELECT MAX({raw:sort}) AS sort_param, pm.id_pm_head
  598. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? ($context['sort_by'] == 'name' ? '
  599. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)' : '') : '
  600. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm
  601. AND pmr.id_member = {int:current_member}
  602. AND pmr.deleted = {int:not_deleted}
  603. ' . $labelQuery . ')') . $labelJoin . ($context['sort_by'] == 'name' ? ( '
  604. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = {raw:id_member})') : '') . '
  605. WHERE ' . ($context['folder'] == 'sent' ? 'pm.id_member_from = {int:current_member}
  606. AND pm.deleted_by_sender = {int:not_deleted}' : '1=1') . (empty($pmsg) ? '' : '
  607. AND pm.id_pm = {int:id_pm}') . $labelQuery2 . '
  608. GROUP BY pm.id_pm_head
  609. ORDER BY sort_param' . ($descending ? ' DESC' : ' ASC') . (empty($pmsg) ? '
  610. LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'] : ''),
  611. array(
  612. 'current_member' => $user_info['id'],
  613. 'not_deleted' => 0,
  614. 'id_member' => $context['folder'] == 'sent' ? 'pmr.id_member' : 'pm.id_member_from',
  615. 'id_pm' => isset($pmsg) ? $pmsg : '0',
  616. 'sort' => $_GET['sort'],
  617. )
  618. );
  619. $sub_pms = array();
  620. while ($row = $smcFunc['db_fetch_assoc']($sub_request))
  621. $sub_pms[$row['id_pm_head']] = $row['sort_param'];
  622. $smcFunc['db_free_result']($sub_request);
  623. $request = $smcFunc['db_query']('', '
  624. SELECT pm.id_pm AS id_pm, pm.id_pm_head
  625. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? ($context['sort_by'] == 'name' ? '
  626. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)' : '') : '
  627. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm
  628. AND pmr.id_member = {int:current_member}
  629. AND pmr.deleted = {int:not_deleted}
  630. ' . $labelQuery . ')') . $labelJoin . ($context['sort_by'] == 'name' ? ( '
  631. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = {raw:id_member})') : '') . '
  632. WHERE ' . (empty($sub_pms) ? '0=1' : 'pm.id_pm IN ({array_int:pm_list})') . $labelQuery2 . '
  633. ORDER BY ' . ($_GET['sort'] == 'pm.id_pm' && $context['folder'] != 'sent' ? 'id_pm' : '{raw:sort}') . ($descending ? ' DESC' : ' ASC') . (empty($pmsg) ? '
  634. LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'] : ''),
  635. array(
  636. 'current_member' => $user_info['id'],
  637. 'pm_list' => array_keys($sub_pms),
  638. 'not_deleted' => 0,
  639. 'sort' => $_GET['sort'],
  640. 'id_member' => $context['folder'] == 'sent' ? 'pmr.id_member' : 'pm.id_member_from',
  641. )
  642. );
  643. }
  644. else
  645. {
  646. $request = $smcFunc['db_query']('pm_conversation_list', '
  647. SELECT MAX(pm.id_pm) AS id_pm, pm.id_pm_head
  648. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? ($context['sort_by'] == 'name' ? '
  649. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)' : '') : '
  650. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm
  651. AND pmr.id_member = {int:current_member}
  652. AND pmr.deleted = {int:deleted_by}
  653. ' . $labelQuery . ')') . $labelJoin . ($context['sort_by'] == 'name' ? ( '
  654. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = {raw:pm_member})') : '') . '
  655. WHERE ' . ($context['folder'] == 'sent' ? 'pm.id_member_from = {int:current_member}
  656. AND pm.deleted_by_sender = {int:deleted_by}' : '1=1') . (empty($pmsg) ? '' : '
  657. AND pm.id_pm = {int:pmsg}') . $labelQuery2 . '
  658. GROUP BY pm.id_pm_head
  659. ORDER BY ' . ($_GET['sort'] == 'pm.id_pm' && $context['folder'] != 'sent' ? 'id_pm' : '{raw:sort}') . ($descending ? ' DESC' : ' ASC') . (empty($_GET['pmsg']) ? '
  660. LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'] : ''),
  661. array(
  662. 'current_member' => $user_info['id'],
  663. 'deleted_by' => 0,
  664. 'sort' => $_GET['sort'],
  665. 'pm_member' => $context['folder'] == 'sent' ? 'pmr.id_member' : 'pm.id_member_from',
  666. 'pmsg' => isset($pmsg) ? (int) $pmsg : 0,
  667. )
  668. );
  669. }
  670. }
  671. // This is kinda simple!
  672. else
  673. {
  674. // @todo SLOW This query uses a filesort. (inbox only.)
  675. $request = $smcFunc['db_query']('', '
  676. SELECT pm.id_pm, pm.id_pm_head, pm.id_member_from
  677. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? '' . ($context['sort_by'] == 'name' ? '
  678. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)' : '') : '
  679. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm
  680. AND pmr.id_member = {int:current_member}
  681. AND pmr.deleted = {int:is_deleted}
  682. ' . $labelQuery . ')') . $labelJoin . ($context['sort_by'] == 'name' ? ( '
  683. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = {raw:pm_member})') : '') . '
  684. WHERE ' . ($context['folder'] == 'sent' ? 'pm.id_member_from = {raw:current_member}
  685. AND pm.deleted_by_sender = {int:is_deleted}' : '1=1') . (empty($pmsg) ? '' : '
  686. AND pm.id_pm = {int:pmsg}') . $labelQuery2 . '
  687. ORDER BY ' . ($_GET['sort'] == 'pm.id_pm' && $context['folder'] != 'sent' ? 'pmr.id_pm' : '{raw:sort}') . ($descending ? ' DESC' : ' ASC') . (empty($pmsg) ? '
  688. LIMIT ' . $_GET['start'] . ', ' . $modSettings['defaultMaxMessages'] : ''),
  689. array(
  690. 'current_member' => $user_info['id'],
  691. 'is_deleted' => 0,
  692. 'sort' => $_GET['sort'],
  693. 'pm_member' => $context['folder'] == 'sent' ? 'pmr.id_member' : 'pm.id_member_from',
  694. 'pmsg' => isset($pmsg) ? (int) $pmsg : 0,
  695. )
  696. );
  697. }
  698. // Load the id_pms and initialize recipients.
  699. $pms = array();
  700. $lastData = array();
  701. $posters = $context['folder'] == 'sent' ? array($user_info['id']) : array();
  702. $recipients = array();
  703. while ($row = $smcFunc['db_fetch_assoc']($request))
  704. {
  705. if (!isset($recipients[$row['id_pm']]))
  706. {
  707. if (isset($row['id_member_from']))
  708. $posters[$row['id_pm']] = $row['id_member_from'];
  709. $pms[$row['id_pm']] = $row['id_pm'];
  710. $recipients[$row['id_pm']] = array(
  711. 'to' => array(),
  712. 'bcc' => array()
  713. );
  714. }
  715. // Keep track of the last message so we know what the head is without another query!
  716. if ((empty($pmID) && (empty($options['view_newest_pm_first']) || !isset($lastData))) || empty($lastData) || (!empty($pmID) && $pmID == $row['id_pm']))
  717. $lastData = array(
  718. 'id' => $row['id_pm'],
  719. 'head' => $row['id_pm_head'],
  720. );
  721. }
  722. $smcFunc['db_free_result']($request);
  723. // Make sure that we have been given a correct head pm id!
  724. if ($context['display_mode'] == 2 && !empty($pmID) && $pmID != $lastData['id'])
  725. fatal_lang_error('no_access', false);
  726. if (!empty($pms))
  727. {
  728. // Select the correct current message.
  729. if (empty($pmID))
  730. $context['current_pm'] = $lastData['id'];
  731. // This is a list of the pm's that are used for "full" display.
  732. if ($context['display_mode'] == 0)
  733. $display_pms = $pms;
  734. else
  735. $display_pms = array($context['current_pm']);
  736. // At this point we know the main id_pm's. But - if we are looking at conversations we need the others!
  737. if ($context['display_mode'] == 2)
  738. {
  739. $request = $smcFunc['db_query']('', '
  740. SELECT pm.id_pm, pm.id_member_from, pm.deleted_by_sender, pmr.id_member, pmr.deleted
  741. FROM {db_prefix}personal_messages AS pm
  742. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
  743. WHERE pm.id_pm_head = {int:id_pm_head}
  744. AND ((pm.id_member_from = {int:current_member} AND pm.deleted_by_sender = {int:not_deleted})
  745. OR (pmr.id_member = {int:current_member} AND pmr.deleted = {int:not_deleted}))
  746. ORDER BY pm.id_pm',
  747. array(
  748. 'current_member' => $user_info['id'],
  749. 'id_pm_head' => $lastData['head'],
  750. 'not_deleted' => 0,
  751. )
  752. );
  753. while ($row = $smcFunc['db_fetch_assoc']($request))
  754. {
  755. // This is, frankly, a joke. We will put in a workaround for people sending to themselves - yawn!
  756. if ($context['folder'] == 'sent' && $row['id_member_from'] == $user_info['id'] && $row['deleted_by_sender'] == 1)
  757. continue;
  758. elseif ($row['id_member'] == $user_info['id'] & $row['deleted'] == 1)
  759. continue;
  760. if (!isset($recipients[$row['id_pm']]))
  761. $recipients[$row['id_pm']] = array(
  762. 'to' => array(),
  763. 'bcc' => array()
  764. );
  765. $display_pms[] = $row['id_pm'];
  766. $posters[$row['id_pm']] = $row['id_member_from'];
  767. }
  768. $smcFunc['db_free_result']($request);
  769. }
  770. // This is pretty much EVERY pm!
  771. $all_pms = array_merge($pms, $display_pms);
  772. $all_pms = array_unique($all_pms);
  773. // Get recipients (don't include bcc-recipients for your inbox, you're not supposed to know :P).
  774. $request = $smcFunc['db_query']('', '
  775. SELECT pmr.id_pm, mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc, pmr.in_inbox, pmr.is_read
  776. FROM {db_prefix}pm_recipients AS pmr
  777. LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
  778. WHERE pmr.id_pm IN ({array_int:pm_list})',
  779. array(
  780. 'pm_list' => $all_pms,
  781. )
  782. );
  783. $context['message_labels'] = array();
  784. $context['message_replied'] = array();
  785. $context['message_unread'] = array();
  786. while ($row = $smcFunc['db_fetch_assoc']($request))
  787. {
  788. if ($context['folder'] == 'sent' || empty($row['bcc']))
  789. $recipients[$row['id_pm']][empty($row['bcc']) ? 'to' : 'bcc'][] = empty($row['id_member_to']) ? $txt['guest_title'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . '">' . $row['to_name'] . '</a>';
  790. if ($row['id_member_to'] == $user_info['id'] && $context['folder'] != 'sent')
  791. {
  792. $context['message_replied'][$row['id_pm']] = $row['is_read'] & 2;
  793. $context['message_unread'][$row['id_pm']] = $row['is_read'] == 0;
  794. // Get the labels for this PM
  795. $request2 = $smcFunc['db_query']('', '
  796. SELECT id_label
  797. FROM {db_prefix}pm_labeled_messages
  798. WHERE id_pm = {int:current_pm}',
  799. array(
  800. 'current_pm' => $row['id_pm'],
  801. )
  802. );
  803. while($row2 = $smcFunc['db_fetch_assoc']($request2))
  804. {
  805. $l_id = $row2['id_label'];
  806. if (isset($context['labels'][$l_id]))
  807. $context['message_labels'][$row['id_pm']][$l_id] = array('id' => $l_id, 'name' => $context['labels'][$l_id]['name']);
  808. }
  809. $smcFunc['db_free_result']($request2);
  810. // Is this in the inbox as well?
  811. if ($row['in_inbox'] == 1)
  812. {
  813. $context['message_labels'][$row['id_pm']][-1] = array('id' => -1, 'name' => $context['labels'][-1]['name']);
  814. }
  815. }
  816. }
  817. $smcFunc['db_free_result']($request);
  818. // Make sure we don't load unnecessary data.
  819. if ($context['display_mode'] == 1)
  820. {
  821. foreach ($posters as $k => $v)
  822. if (!in_array($k, $display_pms))
  823. unset($posters[$k]);
  824. }
  825. // Load any users....
  826. $posters = array_unique($posters);
  827. if (!empty($posters))
  828. loadMemberData($posters);
  829. // If we're on grouped/restricted view get a restricted list of messages.
  830. if ($context['display_mode'] != 0)
  831. {
  832. // Get the order right.
  833. $orderBy = array();
  834. foreach (array_reverse($pms) as $pm)
  835. $orderBy[] = 'pm.id_pm = ' . $pm;
  836. // Seperate query for these bits!
  837. $subjects_request = $smcFunc['db_query']('', '
  838. SELECT pm.id_pm, pm.subject, IFNULL(pm.id_member_from, 0) AS id_member_from, pm.msgtime, IFNULL(mem.real_name, pm.from_name) AS from_name,
  839. mem.id_member
  840. FROM {db_prefix}personal_messages AS pm
  841. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = pm.id_member_from)
  842. WHERE pm.id_pm IN ({array_int:pm_list})
  843. ORDER BY ' . implode(', ', $orderBy) . '
  844. LIMIT ' . count($pms),
  845. array(
  846. 'pm_list' => $pms,
  847. )
  848. );
  849. }
  850. // Execute the query!
  851. $messages_request = $smcFunc['db_query']('', '
  852. SELECT pm.id_pm, pm.subject, pm.id_member_from, pm.body, pm.msgtime, pm.from_name
  853. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? '
  854. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)' : '') . ($context['sort_by'] == 'name' ? '
  855. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = {raw:id_member})' : '') . '
  856. WHERE pm.id_pm IN ({array_int:display_pms})' . ($context['folder'] == 'sent' ? '
  857. GROUP BY pm.id_pm, pm.subject, pm.id_member_from, pm.body, pm.msgtime, pm.from_name' : '') . '
  858. ORDER BY ' . ($context['display_mode'] == 2 ? 'pm.id_pm' : $_GET['sort']) . ($descending ? ' DESC' : ' ASC') . '
  859. LIMIT ' . count($display_pms),
  860. array(
  861. 'display_pms' => $display_pms,
  862. 'id_member' => $context['folder'] == 'sent' ? 'pmr.id_member' : 'pm.id_member_from',
  863. )
  864. );
  865. // Build the conversation button array.
  866. if ($context['display_mode'] == 2)
  867. {
  868. $context['conversation_buttons'] = array(
  869. 'delete' => array('text' => 'delete_conversation', 'image' => 'delete.png', 'lang' => true, 'url' => $scripturl . '?action=pm;sa=pmactions;pm_actions[' . $context['current_pm'] . ']=delete;conversation;f=' . $context['folder'] . ';start=' . $context['start'] . ($context['current_label_id'] != -1 ? ';l=' . $context['current_label_id'] : '') . ';' . $context['session_var'] . '=' . $context['session_id'], 'custom' => 'onclick="return confirm(\'' . addslashes($txt['remove_conversation']) . '?\');"'),
  870. );
  871. // Allow mods to add additional buttons here
  872. call_integration_hook('integrate_conversation_buttons');
  873. }
  874. }
  875. else
  876. $messages_request = false;
  877. $context['can_send_pm'] = allowedTo('pm_send');
  878. $context['can_send_email'] = allowedTo('moderate_forum');
  879. if (!WIRELESS)
  880. $context['sub_template'] = 'folder';
  881. $context['page_title'] = $txt['pm_inbox'];
  882. // Finally mark the relevant messages as read.
  883. if ($context['folder'] != 'sent' && !empty($context['labels'][(int) $context['current_label_id']]['unread_messages']))
  884. {
  885. // If the display mode is "old sk00l" do them all...
  886. if ($context['display_mode'] == 0)
  887. markMessages(null, $context['current_label_id']);
  888. // Otherwise do just the current one!
  889. elseif (!empty($context['current_pm']))
  890. markMessages($display_pms, $context['current_label_id']);
  891. }
  892. }
  893. /**
  894. * Get a personal message for the theme. (used to save memory.)
  895. *
  896. * @param $type
  897. * @param $reset
  898. */
  899. function prepareMessageContext($type = 'subject', $reset = false)
  900. {
  901. global $txt, $scripturl, $modSettings, $settings, $context, $messages_request, $memberContext, $recipients, $smcFunc;
  902. global $user_info, $subjects_request;
  903. // Count the current message number....
  904. static $counter = null;
  905. if ($counter === null || $reset)
  906. $counter = $context['start'];
  907. static $temp_pm_selected = null;
  908. if ($temp_pm_selected === null)
  909. {
  910. $temp_pm_selected = isset($_SESSION['pm_selected']) ? $_SESSION['pm_selected'] : array();
  911. $_SESSION['pm_selected'] = array();
  912. }
  913. // If we're in non-boring view do something exciting!
  914. if ($context['display_mode'] != 0 && $subjects_request && $type == 'subject')
  915. {
  916. $subject = $smcFunc['db_fetch_assoc']($subjects_request);
  917. if (!$subject)
  918. {
  919. $smcFunc['db_free_result']($subjects_request);
  920. return false;
  921. }
  922. $subject['subject'] = $subject['subject'] == '' ? $txt['no_subject'] : $subject['subject'];
  923. censorText($subject['subject']);
  924. $output = array(
  925. 'id' => $subject['id_pm'],
  926. 'member' => array(
  927. 'id' => $subject['id_member_from'],
  928. 'name' => $subject['from_name'],
  929. 'link' => ($subject['id_member_from'] != 0) ? '<a href="' . $scripturl . '?action=profile;u=' . $subject['id_member_from'] . '">' . $subject['from_name'] . '</a>' : $subject['from_name'],
  930. ),
  931. 'recipients' => &$recipients[$subject['id_pm']],
  932. 'subject' => $subject['subject'],
  933. 'time' => timeformat($subject['msgtime']),
  934. 'timestamp' => forum_time(true, $subject['msgtime']),
  935. 'number_recipients' => count($recipients[$subject['id_pm']]['to']),
  936. 'labels' => &$context['message_labels'][$subject['id_pm']],
  937. 'fully_labeled' => count($context['message_labels'][$subject['id_pm']]) == count($context['labels']),
  938. 'is_replied_to' => &$context['message_replied'][$subject['id_pm']],
  939. 'is_unread' => &$context['message_unread'][$subject['id_pm']],
  940. 'is_selected' => !empty($temp_pm_selected) && in_array($subject['id_pm'], $temp_pm_selected),
  941. );
  942. return $output;
  943. }
  944. // Bail if it's false, ie. no messages.
  945. if ($messages_request == false)
  946. return false;
  947. // Reset the data?
  948. if ($reset == true)
  949. return @$smcFunc['db_data_seek']($messages_request, 0);
  950. // Get the next one... bail if anything goes wrong.
  951. $message = $smcFunc['db_fetch_assoc']($messages_request);
  952. if (!$message)
  953. {
  954. if ($type != 'subject')
  955. $smcFunc['db_free_result']($messages_request);
  956. return false;
  957. }
  958. // Use '(no subject)' if none was specified.
  959. $message['subject'] = $message['subject'] == '' ? $txt['no_subject'] : $message['subject'];
  960. // Load the message's information - if it's not there, load the guest information.
  961. if (!loadMemberContext($message['id_member_from'], true))
  962. {
  963. $memberContext[$message['id_member_from']]['name'] = $message['from_name'];
  964. $memberContext[$message['id_member_from']]['id'] = 0;
  965. // Sometimes the forum sends messages itself (Warnings are an example) - in this case don't label it from a guest.
  966. $memberContext[$message['id_member_from']]['group'] = $message['from_name'] == $context['forum_name'] ? '' : $txt['guest_title'];
  967. $memberContext[$message['id_member_from']]['link'] = $message['from_name'];
  968. $memberContext[$message['id_member_from']]['email'] = '';
  969. $memberContext[$message['id_member_from']]['show_email'] = false;
  970. $memberContext[$message['id_member_from']]['is_guest'] = true;
  971. }
  972. else
  973. {
  974. $memberContext[$message['id_member_from']]['can_view_profile'] = allowedTo('profile_view') || ($message['id_member_from'] == $user_info['id'] && !$user_info['is_guest']);
  975. $memberContext[$message['id_member_from']]['can_see_warning'] = !isset($context['disabled_fields']['warning_status']) && $memberContext[$message['id_member_from']]['warning_status'] && ($context['user']['can_mod'] || (!empty($modSettings['warning_show']) && ($modSettings['warning_show'] > 1 || $message['id_member_from'] == $user_info['id'])));
  976. }
  977. $memberContext[$message['id_member_from']]['show_profile_buttons'] = $settings['show_profile_buttons'] && (!empty($memberContext[$message['id_member_from']]['can_view_profile']) || (!empty($memberContext[$message['id_member_from']]['website']['url']) && !isset($context['disabled_fields']['website'])) || (in_array($memberContext[$message['id_member_from']]['show_email'], array('yes', 'yes_permission_override', 'no_through_forum'))) || $context['can_send_pm']);
  978. // Censor all the important text...
  979. censorText($message['body']);
  980. censorText($message['subject']);
  981. // Run UBBC interpreter on the message.
  982. $message['body'] = parse_bbc($message['body'], true, 'pm' . $message['id_pm']);
  983. // Send the array.
  984. $output = array(
  985. 'alternate' => $counter % 2,
  986. 'id' => $message['id_pm'],
  987. 'member' => &$memberContext[$message['id_member_from']],
  988. 'subject' => $message['subject'],
  989. 'time' => timeformat($message['msgtime']),
  990. 'timestamp' => forum_time(true, $message['msgtime']),
  991. 'counter' => $counter,
  992. 'body' => $message['body'],
  993. 'recipients' => &$recipients[$message['id_pm']],
  994. 'number_recipients' => count($recipients[$message['id_pm']]['to']),
  995. 'labels' => &$context['message_labels'][$message['id_pm']],
  996. 'fully_labeled' => count($context['message_labels'][$message['id_pm']]) == count($context['labels']),
  997. 'is_replied_to' => &$context['message_replied'][$message['id_pm']],
  998. 'is_unread' => &$context['message_unread'][$message['id_pm']],
  999. 'is_selected' => !empty($temp_pm_selected) && in_array($message['id_pm'], $temp_pm_selected),
  1000. 'is_message_author' => $message['id_member_from'] == $user_info['id'],
  1001. 'can_report' => !empty($modSettings['enableReportPM']),
  1002. 'can_see_ip' => allowedTo('moderate_forum') || ($message['id_member_from'] == $user_info['id'] && !empty($user_info['id'])),
  1003. );
  1004. $counter++;
  1005. return $output;
  1006. }
  1007. /**
  1008. * Allows to search through personal messages.
  1009. */
  1010. function MessageSearch()
  1011. {
  1012. global $context, $txt, $scripturl, $modSettings, $smcFunc;
  1013. if (isset($_REQUEST['params']))
  1014. {
  1015. $temp_params = explode('|"|', base64_decode(strtr($_REQUEST['params'], array(' ' => '+'))));
  1016. $context['search_params'] = array();
  1017. foreach ($temp_params as $i => $data)
  1018. {
  1019. @list ($k, $v) = explode('|\'|', $data);
  1020. $context['search_params'][$k] = $v;
  1021. }
  1022. }
  1023. if (isset($_REQUEST['search']))
  1024. $context['search_params']['search'] = un_htmlspecialchars($_REQUEST['search']);
  1025. if (isset($context['search_params']['search']))
  1026. $context['search_params']['search'] = $smcFunc['htmlspecialchars']($context['search_params']['search']);
  1027. if (isset($context['search_params']['userspec']))
  1028. $context['search_params']['userspec'] = $smcFunc['htmlspecialchars']($context['search_params']['userspec']);
  1029. if (!empty($context['search_params']['searchtype']))
  1030. $context['search_params']['searchtype'] = 2;
  1031. if (!empty($context['search_params']['minage']))
  1032. $context['search_params']['minage'] = (int) $context['search_params']['minage'];
  1033. if (!empty($context['search_params']['maxage']))
  1034. $context['search_params']['maxage'] = (int) $context['search_params']['maxage'];
  1035. $context['search_params']['subject_only'] = !empty($context['search_params']['subject_only']);
  1036. $context['search_params']['show_complete'] = !empty($context['search_params']['show_complete']);
  1037. // Create the array of labels to be searched.
  1038. $context['search_labels'] = array();
  1039. $searchedLabels = isset($context['search_params']['labels']) && $context['search_params']['labels'] != '' ? explode(',', $context['search_params']['labels']) : array();
  1040. foreach ($context['labels'] as $label)
  1041. {
  1042. $context['search_labels'][] = array(
  1043. 'id' => $label['id'],
  1044. 'name' => $label['name'],
  1045. 'checked' => !empty($searchedLabels) ? in_array($label['id'], $searchedLabels) : true,
  1046. );
  1047. }
  1048. // Are all the labels checked?
  1049. $context['check_all'] = empty($searchedLabels) || count($context['search_labels']) == count($searchedLabels);
  1050. // Load the error text strings if there were errors in the search.
  1051. if (!empty($context['search_errors']))
  1052. {
  1053. loadLanguage('Errors');
  1054. $context['search_errors']['messages'] = array();
  1055. foreach ($context['search_errors'] as $search_error => $dummy)
  1056. {
  1057. if ($search_error == 'messages')
  1058. continue;
  1059. $context['search_errors']['messages'][] = $txt['error_' . $search_error];
  1060. }
  1061. }
  1062. $context['page_title'] = $txt['pm_search_title'];
  1063. $context['sub_template'] = 'search';
  1064. $context['linktree'][] = array(
  1065. 'url' => $scripturl . '?action=pm;sa=search',
  1066. 'name' => $txt['pm_search_bar_title'],
  1067. );
  1068. }
  1069. /**
  1070. * Actually do the search of personal messages.
  1071. */
  1072. function MessageSearch2()
  1073. {
  1074. global $scripturl, $modSettings, $user_info, $context, $txt;
  1075. global $memberContext, $smcFunc;
  1076. if (!empty($context['load_average']) && !empty($modSettings['loadavg_search']) && $context['load_average'] >= $modSettings['loadavg_search'])
  1077. fatal_lang_error('loadavg_search_disabled', false);
  1078. /**
  1079. * @todo For the moment force the folder to the inbox.
  1080. * @todo Maybe set the inbox based on a cookie or theme setting?
  1081. */
  1082. $context['folder'] = 'inbox';
  1083. // Some useful general permissions.
  1084. $context['can_send_pm'] = allowedTo('pm_send');
  1085. // Some hardcoded veriables that can be tweaked if required.
  1086. $maxMembersToSearch = 500;
  1087. // Extract all the search parameters.
  1088. $search_params = array();
  1089. if (isset($_REQUEST['params']))
  1090. {
  1091. $temp_params = explode('|"|', base64_decode(strtr($_REQUEST['params'], array(' ' => '+'))));
  1092. foreach ($temp_params as $i => $data)
  1093. {
  1094. @list ($k, $v) = explode('|\'|', $data);
  1095. $search_params[$k] = $v;
  1096. }
  1097. }
  1098. $context['start'] = isset($_GET['start']) ? (int) $_GET['start'] : 0;
  1099. // Store whether simple search was used (needed if the user wants to do another query).
  1100. if (!isset($search_params['advanced']))
  1101. $search_params['advanced'] = empty($_REQUEST['advanced']) ? 0 : 1;
  1102. // 1 => 'allwords' (default, don't set as param) / 2 => 'anywords'.
  1103. if (!empty($search_params['searchtype']) || (!empty($_REQUEST['searchtype']) && $_REQUEST['searchtype'] == 2))
  1104. $search_params['searchtype'] = 2;
  1105. // Minimum age of messages. Default to zero (don't set param in that case).
  1106. if (!empty($search_params['minage']) || (!empty($_REQUEST['minage']) && $_REQUEST['minage'] > 0))
  1107. $search_params['minage'] = !empty($search_params['minage']) ? (int) $search_params['minage'] : (int) $_REQUEST['minage'];
  1108. // Maximum age of messages. Default to infinite (9999 days: param not set).
  1109. if (!empty($search_params['maxage']) || (!empty($_REQUEST['maxage']) && $_REQUEST['maxage'] != 9999))
  1110. $search_params['maxage'] = !empty($search_params['maxage']) ? (int) $search_params['maxage'] : (int) $_REQUEST['maxage'];
  1111. $search_params['subject_only'] = !empty($search_params['subject_only']) || !empty($_REQUEST['subject_only']);
  1112. $search_params['show_complete'] = !empty($search_params['show_complete']) || !empty($_REQUEST['show_complete']);
  1113. // Default the user name to a wildcard matching every user (*).
  1114. if (!empty($search_params['user_spec']) || (!empty($_REQUEST['userspec']) && $_REQUEST['userspec'] != '*'))
  1115. $search_params['userspec'] = isset($search_params['userspec']) ? $search_params['userspec'] : $_REQUEST['userspec'];
  1116. // This will be full of all kinds of parameters!
  1117. $searchq_parameters = array();
  1118. // If there's no specific user, then don't mention it in the main query.
  1119. if (empty($search_params['userspec']))
  1120. $userQuery = '';
  1121. else
  1122. {
  1123. $userString = strtr($smcFunc['htmlspecialchars']($search_params['userspec'], ENT_QUOTES), array('&quot;' => '"'));
  1124. $userString = strtr($userString, array('%' => '\%', '_' => '\_', '*' => '%', '?' => '_'));
  1125. preg_match_all('~"([^"]+)"~', $userString, $matches);
  1126. $possible_users = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $userString)));
  1127. for ($k = 0, $n = count($possible_users); $k < $n; $k++)
  1128. {
  1129. $possible_users[$k] = trim($possible_users[$k]);
  1130. if (strlen($possible_users[$k]) == 0)
  1131. unset($possible_users[$k]);
  1132. }
  1133. if (!empty($possible_users))
  1134. {
  1135. // We need to bring this into the query and do it nice and cleanly.
  1136. $where_params = array();
  1137. $where_clause = array();
  1138. foreach ($possible_users as $k => $v)
  1139. {
  1140. $where_params['name_' . $k] = $v;
  1141. $where_clause[] = '{raw:real_name} LIKE {string:name_' . $k . '}';
  1142. if (!isset($where_params['real_name']))
  1143. $where_params['real_name'] = $smcFunc['db_case_sensitive'] ? 'LOWER(real_name)' : 'real_name';
  1144. }
  1145. // Who matches those criteria?
  1146. // @todo This doesn't support sent item searching.
  1147. $request = $smcFunc['db_query']('', '
  1148. SELECT id_member
  1149. FROM {db_prefix}members
  1150. WHERE ' . implode(' OR ', $where_clause),
  1151. $where_params
  1152. );
  1153. // Simply do nothing if there're too many members matching the criteria.
  1154. if ($smcFunc['db_num_rows']($request) > $maxMembersToSearch)
  1155. $userQuery = '';
  1156. elseif ($smcFunc['db_num_rows']($request) == 0)
  1157. {
  1158. $userQuery = 'AND pm.id_member_from = 0 AND ({raw:pm_from_name} LIKE {raw:guest_user_name_implode})';
  1159. $searchq_parameters['guest_user_name_implode'] = '\'' . implode('\' OR ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(pm.from_name)' : 'pm.from_name') . ' LIKE \'', $possible_users) . '\'';
  1160. $searchq_parameters['pm_from_name'] = $smcFunc['db_case_sensitive'] ? 'LOWER(pm.from_name)' : 'pm.from_name';
  1161. }
  1162. else
  1163. {
  1164. $memberlist = array();
  1165. while ($row = $smcFunc['db_fetch_assoc']($request))
  1166. $memberlist[] = $row['id_member'];
  1167. $userQuery = 'AND (pm.id_member_from IN ({array_int:member_list}) OR (pm.id_member_from = 0 AND ({raw:pm_from_name} LIKE {raw:guest_user_name_implode})))';
  1168. $searchq_parameters['guest_user_name_implode'] = '\'' . implode('\' OR ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(pm.from_name)' : 'pm.from_name') . ' LIKE \'', $possible_users) . '\'';
  1169. $searchq_parameters['member_list'] = $memberlist;
  1170. $searchq_parameters['pm_from_name'] = $smcFunc['db_case_sensitive'] ? 'LOWER(pm.from_name)' : 'pm.from_name';
  1171. }
  1172. $smcFunc['db_free_result']($request);
  1173. }
  1174. else
  1175. $userQuery = '';
  1176. }
  1177. // Setup the sorting variables...
  1178. // @todo Add more in here!
  1179. $sort_columns = array(
  1180. 'pm.id_pm',
  1181. );
  1182. if (empty($search_params['sort']) && !empty($_REQUEST['sort']))
  1183. list ($search_params['sort'], $search_params['sort_dir']) = array_pad(explode('|', $_REQUEST['sort']), 2, '');
  1184. $search_params['sort'] = !empty($search_params['sort']) && in_array($search_params['sort'], $sort_columns) ? $search_params['sort'] : 'pm.id_pm';
  1185. $search_params['sort_dir'] = !empty($search_params['sort_dir']) && $search_params['sort_dir'] == 'asc' ? 'asc' : 'desc';
  1186. // Sort out any labels we may be searching by.
  1187. $labelQuery = '';
  1188. $labelJoin = '';
  1189. if ($context['folder'] == 'inbox' && !empty($search_params['advanced']) && $context['currently_using_labels'])
  1190. {
  1191. // Came here from pagination? Put them back into $_REQUEST for sanitization.
  1192. if (isset($search_params['labels']))
  1193. $_REQUEST['searchlabel'] = explode(',', $search_params['labels']);
  1194. // Assuming we have some labels - make them all integers.
  1195. if (!empty($_REQUEST['searchlabel']) && is_array($_REQUEST['searchlabel']))
  1196. {
  1197. foreach ($_REQUEST['searchlabel'] as $key => $id)
  1198. $_REQUEST['searchlabel'][$key] = (int) $id;
  1199. }
  1200. else
  1201. $_REQUEST['searchlabel'] = array();
  1202. // Now that everything is cleaned up a bit, make the labels a param.
  1203. $search_params['labels'] = implode(',', $_REQUEST['searchlabel']);
  1204. // No labels selected? That must be an error!
  1205. if (empty($_REQUEST['searchlabel']))
  1206. $context['search_errors']['no_labels_selected'] = true;
  1207. // Otherwise prepare the query!
  1208. elseif (count($_REQUEST['searchlabel']) != count($context['labels']))
  1209. {
  1210. // Special case here... "inbox" isn't a real label anymore...
  1211. if (in_array(-1, $_REQUEST['searchlabel']))
  1212. {
  1213. $labelQuery = ' AND pmr.in_inbox = {int:in_inbox}';
  1214. $searchq_parameters['in_inbox'] = 1;
  1215. // Now we get rid of that...
  1216. $temp = array_diff($_REQUEST['searchlabel'], array(-1));
  1217. $_REQUEST['searchlabel'] = $temp;
  1218. }
  1219. // Still have something?
  1220. if (!empty($_REQUEST['searchlabel']))
  1221. {
  1222. if ($labelQuery == '')
  1223. {
  1224. // Not searching the inbox - PM must be labeled
  1225. $labelQuery = ' AND pml.id_label IN ({array_int:labels})';
  1226. $labelJoin = ' INNER JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_pm = pmr.id_pm)';
  1227. }
  1228. else
  1229. {
  1230. // Searching the inbox - PM doesn't have to be labeled
  1231. $labelQuery = ' AND (' . substr($labelQuery, 5) . ' OR pml.id_label IN ({array_int:labels}))';
  1232. $labelJoin = ' LEFT JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_pm = pmr.id_pm)';
  1233. }
  1234. $searchq_parameters['labels'] = $_REQUEST['searchlabel'];
  1235. }
  1236. }
  1237. }
  1238. // What are we actually searching for?
  1239. $search_params['search'] = !empty($search_params['search']) ? $search_params['search'] : (isset($_REQUEST['search']) ? $_REQUEST['search'] : '');
  1240. // If we ain't got nothing - we should error!
  1241. if (!isset($search_params['search']) || $search_params['search'] == '')
  1242. $context['search_errors']['invalid_search_string'] = true;
  1243. // Extract phrase parts first (e.g. some words "this is a phrase" some more words.)
  1244. preg_match_all('~(?:^|\s)([-]?)"([^"]+)"(?:$|\s)~' . ($context['utf8'] ? 'u' : ''), $search_params['search'], $matches, PREG_PATTERN_ORDER);
  1245. $searchArray = $matches[2];
  1246. // Remove the phrase parts and extract the words.
  1247. $tempSearch = explode(' ', preg_replace('~(?:^|\s)(?:[-]?)"(?:[^"]+)"(?:$|\s)~' . ($context['utf8'] ? 'u' : ''), ' ', $search_params['search']));
  1248. // A minus sign in front of a word excludes the word.... so...
  1249. $excludedWords = array();
  1250. // .. first, we check for things like -"some words", but not "-some words".
  1251. foreach ($matches[1] as $index => $word)
  1252. if ($word == '-')
  1253. {
  1254. $word = $smcFunc['strtolower'](trim($searchArray[$index]));
  1255. if (strlen($word) > 0)
  1256. $excludedWords[] = $word;
  1257. unset($searchArray[$index]);
  1258. }
  1259. // Now we look for -test, etc.... normaller.
  1260. foreach ($tempSearch as $index => $word)
  1261. {
  1262. if (strpos(trim($word), '-') === 0)
  1263. {
  1264. $word = substr($smcFunc['strtolower']($word), 1);
  1265. if (strlen($word) > 0)
  1266. $excludedWords[] = $word;
  1267. unset($tempSearch[$index]);
  1268. }
  1269. }
  1270. $searchArray = array_merge($searchArray, $tempSearch);
  1271. // Trim everything and make sure there are no words that are the same.
  1272. foreach ($searchArray as $index => $value)
  1273. {
  1274. $searchArray[$index] = $smcFunc['strtolower'](trim($value));
  1275. if ($searchArray[$index] == '')
  1276. unset($searchArray[$index]);
  1277. else
  1278. {
  1279. // Sort out entities first.
  1280. $searchArray[$index] = $smcFunc['htmlspecialchars']($searchArray[$index]);
  1281. }
  1282. }
  1283. $searchArray = array_unique($searchArray);
  1284. // Create an array of replacements for highlighting.
  1285. $context['mark'] = array();
  1286. foreach ($searchArray as $word)
  1287. $context['mark'][$word] = '<strong class="highlight">' . $word . '</strong>';
  1288. // This contains *everything*
  1289. $searchWords = array_merge($searchArray, $excludedWords);
  1290. // Make sure at least one word is being searched for.
  1291. if (empty($searchArray))
  1292. $context['search_errors']['invalid_search_string'] = true;
  1293. // Sort out the search query so the user can edit it - if they want.
  1294. $context['search_params'] = $search_params;
  1295. if (isset($context['search_params']['search']))
  1296. $context['search_params']['search'] = $smcFunc['htmlspecialchars']($context['search_params']['search']);
  1297. if (isset($context['search_params']['userspec']))
  1298. $context['search_params']['userspec'] = $smcFunc['htmlspecialchars']($context['search_params']['userspec']);
  1299. // Now we have all the parameters, combine them together for pagination and the like...
  1300. $context['params'] = array();
  1301. foreach ($search_params as $k => $v)
  1302. $context['params'][] = $k . '|\'|' . $v;
  1303. $context['params'] = base64_encode(implode('|"|', $context['params']));
  1304. // Compile the subject query part.
  1305. $andQueryParts = array();
  1306. foreach ($searchWords as $index => $word)
  1307. {
  1308. if ($word == '')
  1309. continue;
  1310. if ($search_params['subject_only'])
  1311. $andQueryParts[] = 'pm.subject' . (in_array($word, $excludedWords) ? ' NOT' : '') . ' LIKE {string:search_' . $index . '}';
  1312. else
  1313. $andQueryParts[] = '(pm.subject' . (in_array($word, $excludedWords) ? ' NOT' : '') . ' LIKE {string:search_' . $index . '} ' . (in_array($word, $excludedWords) ? 'AND pm.body NOT' : 'OR pm.body') . ' LIKE {string:search_' . $index . '})';
  1314. $searchq_parameters['search_' . $index] = '%' . strtr($word, array('_' => '\\_', '%' => '\\%')) . '%';
  1315. }
  1316. $searchQuery = ' 1=1';
  1317. if (!empty($andQueryParts))
  1318. $searchQuery = implode(!empty($search_params['searchtype']) && $search_params['searchtype'] == 2 ? ' OR ' : ' AND ', $andQueryParts);
  1319. // Age limits?
  1320. $timeQuery = '';
  1321. if (!empty($search_params['minage']))
  1322. $timeQuery .= ' AND pm.msgtime < ' . (time() - $search_params['minage'] * 86400);
  1323. if (!empty($search_params['maxage']))
  1324. $timeQuery .= ' AND pm.msgtime > ' . (time() - $search_params['maxage'] * 86400);
  1325. // If we have errors - return back to the first screen...
  1326. if (!empty($context['search_errors']))
  1327. {
  1328. $_REQUEST['params'] = $context['params'];
  1329. return MessageSearch();
  1330. }
  1331. // Get the amount of results.
  1332. $request = $smcFunc['db_query']('', '
  1333. SELECT COUNT(*)
  1334. FROM {db_prefix}pm_recipients AS pmr
  1335. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)
  1336. ' . $labelJoin . '
  1337. WHERE ' . ($context['folder'] == 'inbox' ? '
  1338. pmr.id_member = {int:current_member}
  1339. AND pmr.deleted = {int:not_deleted}' : '
  1340. pm.id_member_from = {int:current_member}
  1341. AND pm.deleted_by_sender = {int:not_deleted}') . '
  1342. ' . $userQuery . $labelQuery . $timeQuery . '
  1343. AND (' . $searchQuery . ')',
  1344. array_merge($searchq_parameters, array(
  1345. 'current_member' => $user_info['id'],
  1346. 'not_deleted' => 0,
  1347. ))
  1348. );
  1349. list ($numResults) = $smcFunc['db_fetch_row']($request);
  1350. $smcFunc['db_free_result']($request);
  1351. // Get all the matching messages... using standard search only (No caching and the like!)
  1352. // @todo This doesn't support sent item searching yet.
  1353. $request = $smcFunc['db_query']('', '
  1354. SELECT pm.id_pm, pm.id_pm_head, pm.id_member_from
  1355. FROM {db_prefix}pm_recipients AS pmr
  1356. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)
  1357. ' . $labelJoin . '
  1358. WHERE ' . ($context['folder'] == 'inbox' ? '
  1359. pmr.id_member = {int:current_member}
  1360. AND pmr.deleted = {int:not_deleted}' : '
  1361. pm.id_member_from = {int:current_member}
  1362. AND pm.deleted_by_sender = {int:not_deleted}') . '
  1363. ' . $userQuery . $labelQuery . $timeQuery . '
  1364. AND (' . $searchQuery . ')
  1365. ORDER BY ' . $search_params['sort'] . ' ' . $search_params['sort_dir'] . '
  1366. LIMIT ' . $context['start'] . ', ' . $modSettings['search_results_per_page'],
  1367. array_merge($searchq_parameters, array(
  1368. 'current_member' => $user_info['id'],
  1369. 'not_deleted' => 0,
  1370. ))
  1371. );
  1372. $foundMessages = array();
  1373. $posters = array();
  1374. $head_pms = array();
  1375. while ($row = $smcFunc['db_fetch_assoc']($request))
  1376. {
  1377. $foundMessages[] = $row['id_pm'];
  1378. $posters[] = $row['id_member_from'];
  1379. $head_pms[$row['id_pm']] = $row['id_pm_head'];
  1380. }
  1381. $smcFunc['db_free_result']($request);
  1382. // Find the real head pms!
  1383. if ($context['display_mode'] == 2 && !empty($head_pms))
  1384. {
  1385. $request = $smcFunc['db_query']('', '
  1386. SELECT MAX(pm.id_pm) AS id_pm, pm.id_pm_head
  1387. FROM {db_prefix}personal_messages AS pm
  1388. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
  1389. WHERE pm.id_pm_head IN ({array_int:head_pms})
  1390. AND pmr.id_member = {int:current_member}
  1391. AND pmr.deleted = {int:not_deleted}
  1392. GROUP BY pm.id_pm_head
  1393. LIMIT {int:limit}',
  1394. array(
  1395. 'head_pms' => array_unique($head_pms),
  1396. 'current_member' => $user_info['id'],
  1397. 'not_deleted' => 0,
  1398. 'limit' => count($head_pms),
  1399. )
  1400. );
  1401. $real_pm_ids = array();
  1402. while ($row = $smcFunc['db_fetch_assoc']($request))
  1403. $real_pm_ids[$row['id_pm_head']] = $row['id_pm'];
  1404. $smcFunc['db_free_result']($request);
  1405. }
  1406. // Load the users...
  1407. $posters = array_unique($posters);
  1408. if (!empty($posters))
  1409. loadMemberData($posters);
  1410. // Sort out the page index.
  1411. $context['page_index'] = constructPageIndex($scripturl . '?action=pm;sa=search2;params=' . $context['params'], $_GET['start'], $numResults, $modSettings['search_results_per_page'], false);
  1412. $context['message_labels'] = array();
  1413. $context['message_replied'] = array();
  1414. $context['personal_messages'] = array();
  1415. if (!empty($foundMessages))
  1416. {
  1417. // Now get recipients (but don't include bcc-recipients for your inbox, you're not supposed to know :P!)
  1418. $request = $smcFunc['db_query']('', '
  1419. SELECT
  1420. pmr.id_pm, mem_to.id_member AS id_member_to, mem_to.real_name AS to_name,
  1421. pmr.bcc, pmr.in_inbox, pmr.is_read
  1422. FROM {db_prefix}pm_recipients AS pmr
  1423. LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
  1424. WHERE pmr.id_pm IN ({array_int:message_list})',
  1425. array(
  1426. 'message_list' => $foundMessages,
  1427. )
  1428. );
  1429. while ($row = $smcFunc['db_fetch_assoc']($request))
  1430. {
  1431. if ($context['folder'] == 'sent' || empty($row['bcc']))
  1432. $recipients[$row['id_pm']][empty($row['bcc']) ? 'to' : 'bcc'][] = empty($row['id_member_to']) ? $txt['guest_title'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . '">' . $row['to_name'] . '</a>';
  1433. if ($row['id_member_to'] == $user_info['id'] && $context['folder'] != 'sent')
  1434. {
  1435. $context['message_replied'][$row['id_pm']] = $row['is_read'] & 2;
  1436. $row['labels'] = '';
  1437. // Get the labels for this PM
  1438. $request2 = $smcFunc['db_query']('', '
  1439. SELECT id_label
  1440. FROM {db_prefix}pm_labeled_messages
  1441. WHERE id_pm = {int:current_pm}',
  1442. array(
  1443. 'current_pm' => $row['id_pm'],
  1444. )
  1445. );
  1446. while($row2 = $smcFunc['db_fetch_assoc']($request2))
  1447. {
  1448. $l_id = $row2['id_label'];
  1449. if (isset($context['labels'][$id_label]))
  1450. $context['message_labels'][$row['id_pm']][$l_id] = array('id' => $l_id, 'name' => $context['labels'][$l_id]['name']);
  1451. // Here we find the first label on a message - for linking to posts in results
  1452. if (!isset($context['first_label'][$row['id_pm']]) && $row['in_inbox'] != 1)
  1453. $context['first_label'][$row['id_pm']] = $l_id;
  1454. }
  1455. $smcFunc['db_free_result']($request2);
  1456. // Is this in the inbox as well?
  1457. if ($row['in_inbox'] == 1)
  1458. {
  1459. $context['message_labels'][$row['id_pm']][-1] = array('id' => -1, 'name' => $context['labels'][-1]['name']);
  1460. }
  1461. $row['labels'] = $row['labels'] == '' ? array() : explode(',', $row['labels']);
  1462. }
  1463. }
  1464. // Prepare the query for the callback!
  1465. $request = $smcFunc['db_query']('', '
  1466. SELECT pm.id_pm, pm.subject, pm.id_member_from, pm.body, pm.msgtime, pm.from_name
  1467. FROM {db_prefix}personal_messages AS pm
  1468. WHERE pm.id_pm IN ({array_int:message_list})
  1469. ORDER BY ' . $search_params['sort'] . ' ' . $search_params['sort_dir'] . '
  1470. LIMIT ' . count($foundMessages),
  1471. array(
  1472. 'message_list' => $foundMessages,
  1473. )
  1474. );
  1475. $counter = 0;
  1476. while ($row = $smcFunc['db_fetch_assoc']($request))
  1477. {
  1478. // If there's no message subject, use the default.
  1479. $row['subject'] = $row['subject'] == '' ? $txt['no_subject'] : $row['subject'];
  1480. // Load this posters context info, if it ain't there then fill in the essentials...
  1481. if (!loadMemberContext($row['id_member_from'], true))
  1482. {
  1483. $memberContext[$row['id_member_from']]['name'] = $row['from_name'];
  1484. $memberContext[$row['id_member_from']]['id'] = 0;
  1485. $memberContext[$row['id_member_from']]['group'] = $txt['guest_title'];
  1486. $memberContext[$row['id_member_from']]['link'] = $row['from_name'];
  1487. $memberContext[$row['id_member_from']]['email'] = '';
  1488. $memberContext[$row['id_member_from']]['is_guest'] = true;
  1489. }
  1490. // Censor anything we don't want to see...
  1491. censorText($row['body']);
  1492. censorText($row['subject']);
  1493. // Parse out any BBC...
  1494. $row['body'] = parse_bbc($row['body'], true, 'pm' . $row['id_pm']);
  1495. $href = $scripturl . '?action=pm;f=' . $context['folder'] . (isset($context['first_label'][$row['id_pm']]) ? ';l=' . $context['first_label'][$row['id_pm']] : '') . ';pmid=' . ($context['display_mode'] == 2 && isset($real_pm_ids[$head_pms[$row['id_pm']]]) ? $real_pm_ids[$head_pms[$row['id_pm']]] : $row['id_pm']) . '#msg' . $row['id_pm'];
  1496. $context['personal_messages'][] = array(
  1497. 'id' => $row['id_pm'],
  1498. 'member' => &$memberContext[$row['id_member_from']],
  1499. 'subject' => $row['subject'],
  1500. 'body' => $row['body'],
  1501. 'time' => timeformat($row['msgtime']),
  1502. 'recipients' => &$recipients[$row['id_pm']],
  1503. 'labels' => &$context['message_labels'][$row['id_pm']],
  1504. 'fully_labeled' => count($context['message_labels'][$row['id_pm']]) == count($context['labels']),
  1505. 'is_replied_to' => &$context['message_replied'][$row['id_pm']],
  1506. 'href' => $href,
  1507. 'link' => '<a href="' . $href . '">' . $row['subject'] . '</a>',
  1508. 'counter' => ++$counter,
  1509. );
  1510. }
  1511. $smcFunc['db_free_result']($request);
  1512. }
  1513. // Finish off the context.
  1514. $context['page_title'] = $txt['pm_search_title'];
  1515. $context['sub_template'] = 'search_results';
  1516. $context['menu_data_' . $context['pm_menu_id']]['current_area'] = 'search';
  1517. $context['linktree'][] = array(
  1518. 'url' => $scripturl . '?action=pm;sa=search',
  1519. 'name' => $txt['pm_search_bar_title'],
  1520. );
  1521. }
  1522. /**
  1523. * Send a new message?
  1524. */
  1525. function MessagePost()
  1526. {
  1527. global $txt, $sourcedir, $scripturl, $modSettings;
  1528. global $context, $smcFunc, $language, $user_info;
  1529. isAllowedTo('pm_send');
  1530. loadLanguage('PersonalMessage');
  1531. // Just in case it was loaded from somewhere else.
  1532. if (!WIRELESS)
  1533. {
  1534. loadTemplate('PersonalMessage');
  1535. loadJavascriptFile('PersonalMessage.js', array('default_theme' => true, 'defer' => false), 'smf_pms');
  1536. loadJavascriptFile('suggest.js', array('default_theme' => true, 'defer' => false), 'smf_suggest');
  1537. $context['sub_template'] = 'send';
  1538. }
  1539. // Extract out the spam settings - cause it's neat.
  1540. list ($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
  1541. // Set the title...
  1542. $context['page_title'] = $txt['send_message'];
  1543. $context['reply'] = isset($_REQUEST['pmsg']) || isset($_REQUEST['quote']);
  1544. // Check whether we've gone over the limit of messages we can send per hour.
  1545. if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail')) && $user_info['mod_cache']['bq'] == '0=1' && $user_info['mod_cache']['gq'] == '0=1')
  1546. {
  1547. // How many messages have they sent this last hour?
  1548. $request = $smcFunc['db_query']('', '
  1549. SELECT COUNT(pr.id_pm) AS post_count
  1550. FROM {db_prefix}personal_messages AS pm
  1551. INNER JOIN {db_prefix}pm_recipients AS pr ON (pr.id_pm = pm.id_pm)
  1552. WHERE pm.id_member_from = {int:current_member}
  1553. AND pm.msgtime > {int:msgtime}',
  1554. array(
  1555. 'current_member' => $user_info['id'],
  1556. 'msgtime' => time() - 3600,
  1557. )
  1558. );
  1559. list ($postCount) = $smcFunc['db_fetch_row']($request);
  1560. $smcFunc['db_free_result']($request);
  1561. if (!empty($postCount) && $postCount >= $modSettings['pm_posts_per_hour'])
  1562. fatal_lang_error('pm_too_many_per_hour', true, array($modSettings['pm_posts_per_hour']));
  1563. }
  1564. // Quoting/Replying to a message?
  1565. if (!empty($_REQUEST['pmsg']))
  1566. {
  1567. $pmsg = (int) $_REQUEST['pmsg'];
  1568. // Make sure this is yours.
  1569. if (!isAccessiblePM($pmsg))
  1570. fatal_lang_error('no_access', false);
  1571. // Work out whether this is one you've received?
  1572. $request = $smcFunc['db_query']('', '
  1573. SELECT
  1574. id_pm
  1575. FROM {db_prefix}pm_recipients
  1576. WHERE id_pm = {int:id_pm}
  1577. AND id_member = {int:current_member}
  1578. LIMIT 1',
  1579. array(
  1580. 'current_member' => $user_info['id'],
  1581. 'id_pm' => $pmsg,
  1582. )
  1583. );
  1584. $isReceived = $smcFunc['db_num_rows']($request) != 0;
  1585. $smcFunc['db_free_result']($request);
  1586. // Get the quoted message (and make sure you're allowed to see this quote!).
  1587. $request = $smcFunc['db_query']('', '
  1588. SELECT
  1589. pm.id_pm, CASE WHEN pm.id_pm_head = {int:id_pm_head_empty} THEN pm.id_pm ELSE pm.id_pm_head END AS pm_head,
  1590. pm.body, pm.subject, pm.msgtime, mem.member_name, IFNULL(mem.id_member, 0) AS id_member,
  1591. IFNULL(mem.real_name, pm.from_name) AS real_name
  1592. FROM {db_prefix}personal_messages AS pm' . (!$isReceived ? '' : '
  1593. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = {int:id_pm})') . '
  1594. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = pm.id_member_from)
  1595. WHERE pm.id_pm = {int:id_pm}' . (!$isReceived ? '
  1596. AND pm.id_member_from = {int:current_member}' : '
  1597. AND pmr.id_member = {int:current_member}') . '
  1598. LIMIT 1',
  1599. array(
  1600. 'current_member' => $user_info['id'],
  1601. 'id_pm_head_empty' => 0,
  1602. 'id_pm' => $pmsg,
  1603. )
  1604. );
  1605. if ($smcFunc['db_num_rows']($request) == 0)
  1606. fatal_lang_error('pm_not_yours', false);
  1607. $row_quoted = $smcFunc['db_fetch_assoc']($request);
  1608. $smcFunc['db_free_result']($request);
  1609. // Censor the message.
  1610. censorText($row_quoted['subject']);
  1611. censorText($row_quoted['body']);
  1612. // Add 'Re: ' to it....
  1613. if (!isset($context['response_prefix']) && !($context['response_prefix'] = cache_get_data('response_prefix')))
  1614. {
  1615. if ($language === $user_info['language'])
  1616. $context['response_prefix'] = $txt['response_prefix'];
  1617. else
  1618. {
  1619. loadLanguage('index', $language, false);
  1620. $context['response_prefix'] = $txt['response_prefix'];
  1621. loadLanguage('index');
  1622. }
  1623. cache_put_data('response_prefix', $context['response_prefix'], 600);
  1624. }
  1625. $form_subject = $row_quoted['subject'];
  1626. if ($context['reply'] && trim($context['response_prefix']) != '' && $smcFunc['strpos']($form_subject, trim($context['response_prefix'])) !== 0)
  1627. $form_subject = $context['response_prefix'] . $form_subject;
  1628. if (isset($_REQUEST['quote']))
  1629. {
  1630. // Remove any nested quotes and <br>...
  1631. $form_message = preg_replace('~<br ?/?' . '>~i', "\n", $row_quoted['body']);
  1632. if (!empty($modSettings['removeNestedQuotes']))
  1633. $form_message = preg_replace(array('~\n?\[quote.*?\].+?\[/quote\]\n?~is', '~^\n~', '~\[/quote\]~'), '', $form_message);
  1634. if (empty($row_quoted['id_member']))
  1635. $form_message = '[quote author=&quot;' . $row_quoted['real_name'] . '&quot;]' . "\n" . $form_message . "\n" . '[/quote]';
  1636. else
  1637. $form_message = '[quote author=' . $row_quoted['real_name'] . ' link=action=profile;u=' . $row_quoted['id_member'] . ' date=' . $row_quoted['msgtime'] . ']' . "\n" . $form_message . "\n" . '[/quote]';
  1638. }
  1639. else
  1640. $form_message = '';
  1641. // Do the BBC thang on the message.
  1642. $row_quoted['body'] = parse_bbc($row_quoted['body'], true, 'pm' . $row_quoted['id_pm']);
  1643. // Set up the quoted message array.
  1644. $context['quoted_message'] = array(
  1645. 'id' => $row_quoted['id_pm'],
  1646. 'pm_head' => $row_quoted['pm_head'],
  1647. 'member' => array(
  1648. 'name' => $row_quoted['real_name'],
  1649. 'username' => $row_quoted['member_name'],
  1650. 'id' => $row_quoted['id_member'],
  1651. 'href' => !empty($row_quoted['id_member']) ? $scripturl . '?action=profile;u=' . $row_quoted['id_member'] : '',
  1652. 'link' => !empty($row_quoted['id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row_quoted['id_member'] . '">' . $row_quoted['real_name'] . '</a>' : $row_quoted['real_name'],
  1653. ),
  1654. 'subject' => $row_quoted['subject'],
  1655. 'time' => timeformat($row_quoted['msgtime']),
  1656. 'timestamp' => forum_time(true, $row_quoted['msgtime']),
  1657. 'body' => $row_quoted['body']
  1658. );
  1659. }
  1660. else
  1661. {
  1662. $context['quoted_message'] = false;
  1663. $form_subject = '';
  1664. $form_message = '';
  1665. }
  1666. $context['recipients'] = array(
  1667. 'to' => array(),
  1668. 'bcc' => array(),
  1669. );
  1670. // Sending by ID? Replying to all? Fetch the real_name(s).
  1671. if (isset($_REQUEST['u']))
  1672. {
  1673. // If the user is replying to all, get all the other members this was sent to..
  1674. if ($_REQUEST['u'] == 'all' && isset($row_quoted))
  1675. {
  1676. // Firstly, to reply to all we clearly already have $row_quoted - so have the original member from.
  1677. if ($row_quoted['id_member'] != $user_info['id'])
  1678. $context['recipients']['to'][] = array(
  1679. 'id' => $row_quoted['id_member'],
  1680. 'name' => $smcFunc['htmlspecialchars']($row_quoted['real_name']),
  1681. );
  1682. // Now to get the others.
  1683. $request = $smcFunc['db_query']('', '
  1684. SELECT mem.id_member, mem.real_name
  1685. FROM {db_prefix}pm_recipients AS pmr
  1686. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = pmr.id_member)
  1687. WHERE pmr.id_pm = {int:id_pm}
  1688. AND pmr.id_member != {int:current_member}
  1689. AND pmr.bcc = {int:not_bcc}',
  1690. array(
  1691. 'current_member' => $user_info['id'],
  1692. 'id_pm' => $pmsg,
  1693. 'not_bcc' => 0,
  1694. )
  1695. );
  1696. while ($row = $smcFunc['db_fetch_assoc']($request))
  1697. $context['recipients']['to'][] = array(
  1698. 'id' => $row['id_member'],
  1699. 'name' => $row['real_name'],
  1700. );
  1701. $smcFunc['db_free_result']($request);
  1702. }
  1703. else
  1704. {
  1705. $_REQUEST['u'] = explode(',', $_REQUEST['u']);
  1706. foreach ($_REQUEST['u'] as $key => $uID)
  1707. $_REQUEST['u'][$key] = (int) $uID;
  1708. $_REQUEST['u'] = array_unique($_REQUEST['u']);
  1709. $request = $smcFunc['db_query']('', '
  1710. SELECT id_member, real_name
  1711. FROM {db_prefix}members
  1712. WHERE id_member IN ({array_int:member_list})
  1713. LIMIT ' . count($_REQUEST['u']),
  1714. array(
  1715. 'member_list' => $_REQUEST['u'],
  1716. )
  1717. );
  1718. while ($row = $smcFunc['db_fetch_assoc']($request))
  1719. $context['recipients']['to'][] = array(
  1720. 'id' => $row['id_member'],
  1721. 'name' => $row['real_name'],
  1722. );
  1723. $smcFunc['db_free_result']($request);
  1724. }
  1725. // Get a literal name list in case the user has JavaScript disabled.
  1726. $names = array();
  1727. foreach ($context['recipients']['to'] as $to)
  1728. $names[] = $to['name'];
  1729. $context['to_value'] = empty($names) ? '' : '&quot;' . implode('&quot;, &quot;', $names) . '&quot;';
  1730. }
  1731. else
  1732. $context['to_value'] = '';
  1733. // Set the defaults...
  1734. $context['subject'] = $form_subject;
  1735. $context['message'] = str_replace(array('"', '<', '>', '&nbsp;'), array('&quot;', '&lt;', '&gt;', ' '), $form_message);
  1736. $context['post_error'] = array();
  1737. // And build the link tree.
  1738. $context['linktree'][] = array(
  1739. 'url' => $scripturl . '?action=pm;sa=send',
  1740. 'name' => $txt['new_message']
  1741. );
  1742. $modSettings['disable_wysiwyg'] = !empty($modSettings['disable_wysiwyg']) || empty($modSettings['enableBBC']);
  1743. // Generate a list of drafts that they can load in to the editor
  1744. if (!empty($context['drafts_pm_save']))
  1745. {
  1746. require_once($sourcedir . '/Drafts.php');
  1747. $pm_seed = isset($_REQUEST['pmsg']) ? $_REQUEST['pmsg'] : (isset($_REQUEST['quote']) ? $_REQUEST['quote'] : 0);
  1748. ShowDrafts($user_info['id'], $pm_seed, 1);
  1749. }
  1750. // Needed for the WYSIWYG editor.
  1751. require_once($sourcedir . '/Subs-Editor.php');
  1752. // Now create the editor.
  1753. $editorOptions = array(
  1754. 'id' => 'message',
  1755. 'value' => $context['message'],
  1756. 'height' => '250px',
  1757. 'width' => '100%',
  1758. 'labels' => array(
  1759. 'post_button' => $txt['send_message'],
  1760. ),
  1761. 'preview_type' => 2,
  1762. 'required' => true,
  1763. );
  1764. create_control_richedit($editorOptions);
  1765. // Store the ID for old compatibility.
  1766. $context['post_box_name'] = $editorOptions['id'];
  1767. $context['bcc_value'] = '';
  1768. $context['require_verification'] = !$user_info['is_admin'] && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification'];
  1769. if ($context['require_verification'])
  1770. {
  1771. $verificationOptions = array(
  1772. 'id' => 'pm',
  1773. );
  1774. $context['require_verification'] = create_control_verification($verificationOptions);
  1775. $context['visual_verification_id'] = $verificationOptions['id'];
  1776. }
  1777. // Register this form and get a sequence number in $context.
  1778. checkSubmitOnce('register');
  1779. }
  1780. /**
  1781. * This function allows the user to view their PM drafts
  1782. */
  1783. function MessageDrafts()
  1784. {
  1785. global $sourcedir, $user_info;
  1786. // validate with loadMemberData()
  1787. $memberResult = loadMemberData($user_info['id'], false);
  1788. if (!is_array($memberResult))
  1789. fatal_lang_error('not_a_user', false);
  1790. list ($memID) = $memberResult;
  1791. // drafts is where the functions reside
  1792. require_once($sourcedir . '/Drafts.php');
  1793. showPMDrafts($memID);
  1794. }
  1795. /**
  1796. * An error in the message...
  1797. *
  1798. * @param $error_types
  1799. * @param $named_recipients
  1800. * @param $recipient_ids
  1801. */
  1802. function messagePostError($error_types, $named_recipients, $recipient_ids = array())
  1803. {
  1804. global $txt, $context, $scripturl, $modSettings;
  1805. global $smcFunc, $user_info, $sourcedir;
  1806. if (!isset($_REQUEST['xml']))
  1807. $context['menu_data_' . $context['pm_menu_id']]['current_area'] = 'send';
  1808. if (!WIRELESS && !isset($_REQUEST['xml']))
  1809. $context['sub_template'] = 'send';
  1810. elseif (isset($_REQUEST['xml']))
  1811. $context['sub_template'] = 'pm';
  1812. $context['page_title'] = $txt['send_message'];
  1813. // Got some known members?
  1814. $context['recipients'] = array(
  1815. 'to' => array(),
  1816. 'bcc' => array(),
  1817. );
  1818. if (!empty($recipient_ids['to']) || !empty($recipient_ids['bcc']))
  1819. {
  1820. $allRecipients = array_merge($recipient_ids['to'], $recipient_ids['bcc']);
  1821. $request = $smcFunc['db_query']('', '
  1822. SELECT id_member, real_name
  1823. FROM {db_prefix}members
  1824. WHERE id_member IN ({array_int:member_list})',
  1825. array(
  1826. 'member_list' => $allRecipients,
  1827. )
  1828. );
  1829. while ($row = $smcFunc['db_fetch_assoc']($request))
  1830. {
  1831. $recipientType = in_array($row['id_member'], $recipient_ids['bcc']) ? 'bcc' : 'to';
  1832. $context['recipients'][$recipientType][] = array(
  1833. 'id' => $row['id_member'],
  1834. 'name' => $row['real_name'],
  1835. );
  1836. }
  1837. $smcFunc['db_free_result']($request);
  1838. }
  1839. // Set everything up like before....
  1840. $context['subject'] = isset($_REQUEST['subject']) ? $smcFunc['htmlspecialchars']($_REQUEST['subject']) : '';
  1841. $context['message'] = isset($_REQUEST['message']) ? str_replace(array(' '), array('&nbsp; '), $smcFunc['htmlspecialchars']($_REQUEST['message'])) : '';
  1842. $context['reply'] = !empty($_REQUEST['replied_to']);
  1843. if ($context['reply'])
  1844. {
  1845. $_REQUEST['replied_to'] = (int) $_REQUEST['replied_to'];
  1846. $request = $smcFunc['db_query']('', '
  1847. SELECT
  1848. pm.id_pm, CASE WHEN pm.id_pm_head = {int:no_id_pm_head} THEN pm.id_pm ELSE pm.id_pm_head END AS pm_head,
  1849. pm.body, pm.subject, pm.msgtime, mem.member_name, IFNULL(mem.id_member, 0) AS id_member,
  1850. IFNULL(mem.real_name, pm.from_name) AS real_name
  1851. FROM {db_prefix}personal_messages AS pm' . ($context['folder'] == 'sent' ? '' : '
  1852. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = {int:replied_to})') . '
  1853. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = pm.id_member_from)
  1854. WHERE pm.id_pm = {int:replied_to}' . ($context['folder'] == 'sent' ? '
  1855. AND pm.id_member_from = {int:current_member}' : '
  1856. AND pmr.id_member = {int:current_member}') . '
  1857. LIMIT 1',
  1858. array(
  1859. 'current_member' => $user_info['id'],
  1860. 'no_id_pm_head' => 0,
  1861. 'replied_to' => $_REQUEST['replied_to'],
  1862. )
  1863. );
  1864. if ($smcFunc['db_num_rows']($request) == 0)
  1865. {
  1866. if (!isset($_REQUEST['xml']))
  1867. fatal_lang_error('pm_not_yours', false);
  1868. else
  1869. $error_types[] = 'pm_not_yours';
  1870. }
  1871. $row_quoted = $smcFunc['db_fetch_assoc']($request);
  1872. $smcFunc['db_free_result']($request);
  1873. censorText($row_quoted['subject']);
  1874. censorText($row_quoted['body']);
  1875. $context['quoted_message'] = array(
  1876. 'id' => $row_quoted['id_pm'],
  1877. 'pm_head' => $row_quoted['pm_head'],
  1878. 'member' => array(
  1879. 'name' => $row_quoted['real_name'],
  1880. 'username' => $row_quoted['member_name'],
  1881. 'id' => $row_quoted['id_member'],
  1882. 'href' => !empty($row_quoted['id_member']) ? $scripturl . '?action=profile;u=' . $row_quoted['id_member'] : '',
  1883. 'link' => !empty($row_quoted['id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row_quoted['id_member'] . '">' . $row_quoted['real_name'] . '</a>' : $row_quoted['real_name'],
  1884. ),
  1885. 'subject' => $row_quoted['subject'],
  1886. 'time' => timeformat($row_quoted['msgtime']),
  1887. 'timestamp' => forum_time(true, $row_quoted['msgtime']),
  1888. 'body' => parse_bbc($row_quoted['body'], true, 'pm' . $row_quoted['id_pm']),
  1889. );
  1890. }
  1891. // Build the link tree....
  1892. $context['linktree'][] = array(
  1893. 'url' => $scripturl . '?action=pm;sa=send',
  1894. 'name' => $txt['new_message']
  1895. );
  1896. // Set each of the errors for the template.
  1897. loadLanguage('Errors');
  1898. $context['error_type'] = 'minor';
  1899. $context['post_error'] = array(
  1900. 'messages' => array(),
  1901. // @todo error handling: maybe fatal errors can be error_type => serious
  1902. 'error_type' => '',
  1903. );
  1904. foreach ($error_types as $error_type)
  1905. {
  1906. $context['post_error'][$error_type] = true;
  1907. if (isset($txt['error_' . $error_type]))
  1908. {
  1909. if ($error_type == 'long_message')
  1910. $txt['error_' . $error_type] = sprintf($txt['error_' . $error_type], $modSettings['max_messageLength']);
  1911. $context['post_error']['messages'][] = $txt['error_' . $error_type];
  1912. }
  1913. // If it's not a minor error flag it as such.
  1914. if (!in_array($error_type, array('new_reply', 'not_approved', 'new_replies', 'old_topic', 'need_qr_verification', 'no_subject')))
  1915. $context['error_type'] = 'serious';
  1916. }
  1917. // We need to load the editor once more.
  1918. require_once($sourcedir . '/Subs-Editor.php');
  1919. // Create it...
  1920. $editorOptions = array(
  1921. 'id' => 'message',
  1922. 'value' => $context['message'],
  1923. 'width' => '90%',
  1924. 'height' => '250px',
  1925. 'labels' => array(
  1926. 'post_button' => $txt['send_message'],
  1927. ),
  1928. 'preview_type' => 2,
  1929. );
  1930. create_control_richedit($editorOptions);
  1931. // ... and store the ID again...
  1932. $context['post_box_name'] = $editorOptions['id'];
  1933. // Check whether we need to show the code again.
  1934. $context['require_verification'] = !$user_info['is_admin'] && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification'];
  1935. if ($context['require_verification'] && !isset($_REQUEST['xml']))
  1936. {
  1937. require_once($sourcedir . '/Subs-Editor.php');
  1938. $verificationOptions = array(
  1939. 'id' => 'pm',
  1940. );
  1941. $context['require_verification'] = create_control_verification($verificationOptions);
  1942. $context['visual_verification_id'] = $verificationOptions['id'];
  1943. }
  1944. $context['to_value'] = empty($named_recipients['to']) ? '' : '&quot;' . implode('&quot;, &quot;', $named_recipients['to']) . '&quot;';
  1945. $context['bcc_value'] = empty($named_recipients['bcc']) ? '' : '&quot;' . implode('&quot;, &quot;', $named_recipients['bcc']) . '&quot;';
  1946. // No check for the previous submission is needed.
  1947. checkSubmitOnce('free');
  1948. // Acquire a new form sequence number.
  1949. checkSubmitOnce('register');
  1950. }
  1951. /**
  1952. * Send it!
  1953. */
  1954. function MessagePost2()
  1955. {
  1956. global $txt, $context, $sourcedir;
  1957. global $user_info, $modSettings, $scripturl, $smcFunc;
  1958. isAllowedTo('pm_send');
  1959. require_once($sourcedir . '/Subs-Auth.php');
  1960. // PM Drafts enabled and needed?
  1961. if ($context['drafts_pm_save'] && (isset($_POST['save_draft']) || isset($_POST['id_pm_draft'])))
  1962. require_once($sourcedir . '/Drafts.php');
  1963. loadLanguage('PersonalMessage', '', false);
  1964. // Extract out the spam settings - it saves database space!
  1965. list ($modSettings['max_pm_recipients'], $modSettings['pm_posts_verification'], $modSettings['pm_posts_per_hour']) = explode(',', $modSettings['pm_spam_settings']);
  1966. // Initialize the errors we're about to make.
  1967. $post_errors = array();
  1968. // Check whether we've gone over the limit of messages we can send per hour - fatal error if fails!
  1969. if (!empty($modSettings['pm_posts_per_hour']) && !allowedTo(array('admin_forum', 'moderate_forum', 'send_mail')) && $user_info['mod_cache']['bq'] == '0=1' && $user_info['mod_cache']['gq'] == '0=1')
  1970. {
  1971. // How many have they sent this last hour?
  1972. $request = $smcFunc['db_query']('', '
  1973. SELECT COUNT(pr.id_pm) AS post_count
  1974. FROM {db_prefix}personal_messages AS pm
  1975. INNER JOIN {db_prefix}pm_recipients AS pr ON (pr.id_pm = pm.id_pm)
  1976. WHERE pm.id_member_from = {int:current_member}
  1977. AND pm.msgtime > {int:msgtime}',
  1978. array(
  1979. 'current_member' => $user_info['id'],
  1980. 'msgtime' => time() - 3600,
  1981. )
  1982. );
  1983. list ($postCount) = $smcFunc['db_fetch_row']($request);
  1984. $smcFunc['db_free_result']($request);
  1985. if (!empty($postCount) && $postCount >= $modSettings['pm_posts_per_hour'])
  1986. {
  1987. if (!isset($_REQUEST['xml']))
  1988. fatal_lang_error('pm_too_many_per_hour', true, array($modSettings['pm_posts_per_hour']));
  1989. else
  1990. $post_errors[] = 'pm_too_many_per_hour';
  1991. }
  1992. }
  1993. // If your session timed out, show an error, but do allow to re-submit.
  1994. if (!isset($_REQUEST['xml']) && checkSession('post', '', false) != '')
  1995. $post_errors[] = 'session_timeout';
  1996. $_REQUEST['subject'] = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : '';
  1997. $_REQUEST['to'] = empty($_POST['to']) ? (empty($_GET['to']) ? '' : $_GET['to']) : $_POST['to'];
  1998. $_REQUEST['bcc'] = empty($_POST['bcc']) ? (empty($_GET['bcc']) ? '' : $_GET['bcc']) : $_POST['bcc'];
  1999. // Route the input from the 'u' parameter to the 'to'-list.
  2000. if (!empty($_POST['u']))
  2001. $_POST['recipient_to'] = explode(',', $_POST['u']);
  2002. // Construct the list of recipients.
  2003. $recipientList = array();
  2004. $namedRecipientList = array();
  2005. $namesNotFound = array();
  2006. foreach (array('to', 'bcc') as $recipientType)
  2007. {
  2008. // First, let's see if there's user ID's given.
  2009. $recipientList[$recipientType] = array();
  2010. if (!empty($_POST['recipient_' . $recipientType]) && is_array($_POST['recipient_' . $recipientType]))
  2011. {
  2012. foreach ($_POST['recipient_' . $recipientType] as $recipient)
  2013. $recipientList[$recipientType][] = (int) $recipient;
  2014. }
  2015. // Are there also literal names set?
  2016. if (!empty($_REQUEST[$recipientType]))
  2017. {
  2018. // We're going to take out the "s anyway ;).
  2019. $recipientString = strtr($_REQUEST[$recipientType], array('\\"' => '"'));
  2020. preg_match_all('~"([^"]+)"~', $recipientString, $matches);
  2021. $namedRecipientList[$recipientType] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $recipientString))));
  2022. foreach ($namedRecipientList[$recipientType] as $index => $recipient)
  2023. {
  2024. if (strlen(trim($recipient)) > 0)
  2025. $namedRecipientList[$recipientType][$index] = $smcFunc['htmlspecialchars']($smcFunc['strtolower'](trim($recipient)));
  2026. else
  2027. unset($namedRecipientList[$recipientType][$index]);
  2028. }
  2029. if (!empty($namedRecipientList[$recipientType]))
  2030. {
  2031. $foundMembers = findMembers($namedRecipientList[$recipientType]);
  2032. // Assume all are not found, until proven otherwise.
  2033. $namesNotFound[$recipientType] = $namedRecipientList[$recipientType];
  2034. foreach ($foundMembers as $member)
  2035. {
  2036. $testNames = array(
  2037. $smcFunc['strtolower']($member['username']),
  2038. $smcFunc['strtolower']($member['name']),
  2039. $smcFunc['strtolower']($member['email']),
  2040. );
  2041. if (count(array_intersect($testNames, $namedRecipientList[$recipientType])) !== 0)
  2042. {
  2043. $recipientList[$recipientType][] = $member['id'];
  2044. // Get rid of this username, since we found it.
  2045. $namesNotFound[$recipientType] = array_diff($namesNotFound[$recipientType], $testNames);
  2046. }
  2047. }
  2048. }
  2049. }
  2050. // Selected a recipient to be deleted? Remove them now.
  2051. if (!empty($_POST['delete_recipient']))
  2052. $recipientList[$recipientType] = array_diff($recipientList[$recipientType], array((int) $_POST['delete_recipient']));
  2053. // Make sure we don't include the same name twice
  2054. $recipientList[$recipientType] = array_unique($recipientList[$recipientType]);
  2055. }
  2056. // Are we changing the recipients some how?
  2057. $is_recipient_change = !empty($_POST['delete_recipient']) || !empty($_POST['to_submit']) || !empty($_POST['bcc_submit']);
  2058. // Check if there's at least one recipient.
  2059. if (empty($recipientList['to']) && empty($recipientList['bcc']))
  2060. $post_errors[] = 'no_to';
  2061. // Make sure that we remove the members who did get it from the screen.
  2062. if (!$is_recipient_change)
  2063. {
  2064. foreach ($recipientList as $recipientType => $dummy)
  2065. {
  2066. if (!empty($namesNotFound[$recipientType]))
  2067. {
  2068. $post_errors[] = 'bad_' . $recipientType;
  2069. // Since we already have a post error, remove the previous one.
  2070. $post_errors = array_diff($post_errors, array('no_to'));
  2071. foreach ($namesNotFound[$recipientType] as $name)
  2072. $context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
  2073. }
  2074. }
  2075. }
  2076. // Did they make any mistakes?
  2077. if ($_REQUEST['subject'] == '')
  2078. $post_errors[] = 'no_subject';
  2079. if (!isset($_REQUEST['message']) || $_REQUEST['message'] == '')
  2080. $post_errors[] = 'no_message';
  2081. elseif (!empty($modSettings['max_messageLength']) && $smcFunc['strlen']($_REQUEST['message']) > $modSettings['max_messageLength'])
  2082. $post_errors[] = 'long_message';
  2083. else
  2084. {
  2085. // Preparse the message.
  2086. $message = $_REQUEST['message'];
  2087. preparsecode($message);
  2088. // Make sure there's still some content left without the tags.
  2089. if ($smcFunc['htmltrim'](strip_tags(parse_bbc($smcFunc['htmlspecialchars']($message, ENT_QUOTES), false), '<img>')) === '' && (!allowedTo('admin_forum') || strpos($message, '[html]') === false))
  2090. $post_errors[] = 'no_message';
  2091. }
  2092. // Wrong verification code?
  2093. if (!$user_info['is_admin'] && !isset($_REQUEST['xml']) && !empty($modSettings['pm_posts_verification']) && $user_info['posts'] < $modSettings['pm_posts_verification'])
  2094. {
  2095. require_once($sourcedir . '/Subs-Editor.php');
  2096. $verificationOptions = array(
  2097. 'id' => 'pm',
  2098. );
  2099. $context['require_verification'] = create_control_verification($verificationOptions, true);
  2100. if (is_array($context['require_verification']))
  2101. $post_errors = array_merge($post_errors, $context['require_verification']);
  2102. }
  2103. // If they did, give a chance to make ammends.
  2104. if (!empty($post_errors) && !$is_recipient_change && !isset($_REQUEST['preview']) && !isset($_REQUEST['xml']))
  2105. return messagePostError($post_errors, $namedRecipientList, $recipientList);
  2106. // Want to take a second glance before you send?
  2107. if (isset($_REQUEST['preview']))
  2108. {
  2109. // Set everything up to be displayed.
  2110. $context['preview_subject'] = $smcFunc['htmlspecialchars']($_REQUEST['subject']);
  2111. $context['preview_message'] = $smcFunc['htmlspecialchars']($_REQUEST['message'], ENT_QUOTES);
  2112. preparsecode($context['preview_message'], true);
  2113. // Parse out the BBC if it is enabled.
  2114. $context['preview_message'] = parse_bbc($context['preview_message']);
  2115. // Censor, as always.
  2116. censorText($context['preview_subject']);
  2117. censorText($context['preview_message']);
  2118. // Set a descriptive title.
  2119. $context['page_title'] = $txt['preview'] . ' - ' . $context['preview_subject'];
  2120. // Pretend they messed up but don't ignore if they really did :P.
  2121. return messagePostError($post_errors, $namedRecipientList, $recipientList);
  2122. }
  2123. // Adding a recipient cause javascript ain't working?
  2124. elseif ($is_recipient_change)
  2125. {
  2126. // Maybe we couldn't find one?
  2127. foreach ($namesNotFound as $recipientType => $names)
  2128. {
  2129. $post_errors[] = 'bad_' . $recipientType;
  2130. foreach ($names as $name)
  2131. $context['send_log']['failed'][] = sprintf($txt['pm_error_user_not_found'], $name);
  2132. }
  2133. return messagePostError(array(), $namedRecipientList, $recipientList);
  2134. }
  2135. // Want to save this as a draft and think about it some more?
  2136. if ($context['drafts_pm_save'] && isset($_POST['save_draft']))
  2137. {
  2138. SavePMDraft($post_errors, $recipientList);
  2139. return messagePostError($post_errors, $namedRecipientList, $recipientList);
  2140. }
  2141. // Before we send the PM, let's make sure we don't have an abuse of numbers.
  2142. elseif (!empty($modSettings['max_pm_recipients']) && count($recipientList['to']) + count($recipientList['bcc']) > $modSettings['max_pm_recipients'] && !allowedTo(array('moderate_forum', 'send_mail', 'admin_forum')))
  2143. {
  2144. $context['send_log'] = array(
  2145. 'sent' => array(),
  2146. 'failed' => array(sprintf($txt['pm_too_many_recipients'], $modSettings['max_pm_recipients'])),
  2147. );
  2148. return messagePostError($post_errors, $namedRecipientList, $recipientList);
  2149. }
  2150. // Protect from message spamming.
  2151. spamProtection('pm');
  2152. // Prevent double submission of this form.
  2153. checkSubmitOnce('check');
  2154. // Do the actual sending of the PM.
  2155. if (!empty($recipientList['to']) || !empty($recipientList['bcc']))
  2156. $context['send_log'] = sendpm($recipientList, $_REQUEST['subject'], $_REQUEST['message'], true, null, !empty($_REQUEST['pm_head']) ? (int) $_REQUEST['pm_head'] : 0);
  2157. else
  2158. $context['send_log'] = array(
  2159. 'sent' => array(),
  2160. 'failed' => array()
  2161. );
  2162. // Mark the message as "replied to".
  2163. if (!empty($context['send_log']['sent']) && !empty($_REQUEST['replied_to']) && isset($_REQUEST['f']) && $_REQUEST['f'] == 'inbox')
  2164. {
  2165. $smcFunc['db_query']('', '
  2166. UPDATE {db_prefix}pm_recipients
  2167. SET is_read = is_read | 2
  2168. WHERE id_pm = {int:replied_to}
  2169. AND id_member = {int:current_member}',
  2170. array(
  2171. 'current_member' => $user_info['id'],
  2172. 'replied_to' => (int) $_REQUEST['replied_to'],
  2173. )
  2174. );
  2175. }
  2176. // If one or more of the recipient were invalid, go back to the post screen with the failed usernames.
  2177. if (!empty($context['send_log']['failed']))
  2178. return messagePostError($post_errors, $namesNotFound, array(
  2179. 'to' => array_intersect($recipientList['to'], $context['send_log']['failed']),
  2180. 'bcc' => array_intersect($recipientList['bcc'], $context['send_log']['failed'])
  2181. ));
  2182. // Message sent successfully?
  2183. if (!empty($context['send_log']) && empty($context['send_log']['failed']))
  2184. {
  2185. $context['current_label_redirect'] = $context['current_label_redirect'] . ';done=sent';
  2186. // If we had a PM draft for this one, then its time to remove it since it was just sent
  2187. if ($context['drafts_pm_save'] && !empty($_POST['id_pm_draft']))
  2188. DeleteDraft($_POST['id_pm_draft']);
  2189. }
  2190. // Go back to the where they sent from, if possible...
  2191. redirectexit($context['current_label_redirect']);
  2192. }
  2193. /**
  2194. * This function lists all buddies for wireless protocols.
  2195. */
  2196. function WirelessAddBuddy()
  2197. {
  2198. global $scripturl, $txt, $user_info, $context, $smcFunc;
  2199. isAllowedTo('pm_send');
  2200. $context['page_title'] = $txt['wireless_pm_add_buddy'];
  2201. $current_buddies = empty($_REQUEST['u']) ? array() : explode(',', $_REQUEST['u']);
  2202. foreach ($current_buddies as $key => $buddy)
  2203. $current_buddies[$key] = (int) $buddy;
  2204. $base_url = $scripturl . '?action=pm;sa=send;u=' . (empty($current_buddies) ? '' : implode(',', $current_buddies) . ',');
  2205. $context['pm_href'] = $scripturl . '?action=pm;sa=send' . (empty($current_buddies) ? '' : ';u=' . implode(',', $current_buddies));
  2206. $context['buddies'] = array();
  2207. if (!empty($user_info['buddies']))
  2208. {
  2209. $request = $smcFunc['db_query']('', '
  2210. SELECT id_member, real_name
  2211. FROM {db_prefix}members
  2212. WHERE id_member IN ({array_int:buddy_list})
  2213. ORDER BY real_name
  2214. LIMIT ' . count($user_info['buddies']),
  2215. array(
  2216. 'buddy_list' => $user_info['buddies'],
  2217. )
  2218. );
  2219. while ($row = $smcFunc['db_fetch_assoc']($request))
  2220. $context['buddies'][] = array(
  2221. 'id' => $row['id_member'],
  2222. 'name' => $row['real_name'],
  2223. 'selected' => in_array($row['id_member'], $current_buddies),
  2224. 'add_href' => $base_url . $row['id_member'],
  2225. );
  2226. $smcFunc['db_free_result']($request);
  2227. }
  2228. }
  2229. /**
  2230. * This function performs all additional stuff...
  2231. */
  2232. function MessageActionsApply()
  2233. {
  2234. global $txt, $context, $user_info, $options, $smcFunc;
  2235. checkSession('request');
  2236. if (isset($_REQUEST['del_selected']))
  2237. $_REQUEST['pm_action'] = 'delete';
  2238. if (isset($_REQUEST['pm_action']) && $_REQUEST['pm_action'] != '' && !empty($_REQUEST['pms']) && is_array($_REQUEST['pms']))
  2239. {
  2240. foreach ($_REQUEST['pms'] as $pm)
  2241. $_REQUEST['pm_actions'][(int) $pm] = $_REQUEST['pm_action'];
  2242. }
  2243. if (empty($_REQUEST['pm_actions']))
  2244. redirectexit($context['current_label_redirect']);
  2245. // If we are in conversation, we may need to apply this to every message in the conversation.
  2246. if ($context['display_mode'] == 2 && isset($_REQUEST['conversation']))
  2247. {
  2248. $id_pms = array();
  2249. foreach ($_REQUEST['pm_actions'] as $pm => $dummy)
  2250. $id_pms[] = (int) $pm;
  2251. $request = $smcFunc['db_query']('', '
  2252. SELECT id_pm_head, id_pm
  2253. FROM {db_prefix}personal_messages
  2254. WHERE id_pm IN ({array_int:id_pms})',
  2255. array(
  2256. 'id_pms' => $id_pms,
  2257. )
  2258. );
  2259. $pm_heads = array();
  2260. while ($row = $smcFunc['db_fetch_assoc']($request))
  2261. $pm_heads[$row['id_pm_head']] = $row['id_pm'];
  2262. $smcFunc['db_free_result']($request);
  2263. $request = $smcFunc['db_query']('', '
  2264. SELECT id_pm, id_pm_head
  2265. FROM {db_prefix}personal_messages
  2266. WHERE id_pm_head IN ({array_int:pm_heads})',
  2267. array(
  2268. 'pm_heads' => array_keys($pm_heads),
  2269. )
  2270. );
  2271. // Copy the action from the single to PM to the others.
  2272. while ($row = $smcFunc['db_fetch_assoc']($request))
  2273. {
  2274. if (isset($pm_heads[$row['id_pm_head']]) && isset($_REQUEST['pm_actions'][$pm_heads[$row['id_pm_head']]]))
  2275. $_REQUEST['pm_actions'][$row['id_pm']] = $_REQUEST['pm_actions'][$pm_heads[$row['id_pm_head']]];
  2276. }
  2277. $smcFunc['db_free_result']($request);
  2278. }
  2279. $to_delete = array();
  2280. $to_label = array();
  2281. $to_unlabel = array();
  2282. $label_type = array();
  2283. $labels = array();
  2284. foreach ($_REQUEST['pm_actions'] as $pm => $action)
  2285. {
  2286. if ($action === 'delete')
  2287. $to_delete[] = (int) $pm;
  2288. else
  2289. {
  2290. if (substr($action, 0, 4) == 'add_')
  2291. {
  2292. $type = 'add';
  2293. $action = substr($action, 4);
  2294. }
  2295. elseif (substr($action, 0, 4) == 'rem_')
  2296. {
  2297. $type = 'rem';
  2298. $action = substr($action, 4);
  2299. }
  2300. else
  2301. $type = 'unk';
  2302. if ($action == '-1' || (int) $action > 0)
  2303. {
  2304. $to_label[(int) $pm] = (int) $action;
  2305. $label_type[(int) $pm] = $type;
  2306. }
  2307. }
  2308. }
  2309. // Deleting, it looks like?
  2310. if (!empty($to_delete))
  2311. deleteMessages($to_delete, $context['display_mode'] == 2 ? null : $context['folder']);
  2312. // Are we labeling anything?
  2313. if (!empty($to_label) && $context['folder'] == 'inbox')
  2314. {
  2315. $updateErrors = 0;
  2316. // Are we dealing with conversation view? If so, get all the messages in each conversation
  2317. if ($context['display_mode'] == 2)
  2318. {
  2319. $get_pms = $smcFunc['db_query']('', '
  2320. SELECT pm.id_pm_head, pm.id_pm
  2321. FROM {db_prefix}personal_messages AS pm
  2322. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
  2323. WHERE pm.id_pm_head IN ({array_int:head_pms})
  2324. AND pm.id_pm NOT IN ({array_int:head_pms})
  2325. AND pmr.id_recipient = {int:current_member}',
  2326. array(
  2327. 'head_pms' => array_keys($to_label),
  2328. 'current_member' => $user_info['id'],
  2329. )
  2330. );
  2331. while ($other_pms = $smcFunc['db_query']($get_pms))
  2332. {
  2333. $to_label[$other_pms['id_pm']] = $to_label[$other_pms['id_pm_head']];
  2334. }
  2335. $smcFunc['db_free_result']($get_pms);
  2336. }
  2337. // Get information about each message...
  2338. $request = $smcFunc['db_query']('', '
  2339. SELECT id_pm, in_inbox
  2340. FROM {db_prefix}pm_recipients
  2341. WHERE id_member = {int:current_member}
  2342. AND id_pm IN ({array_int:to_label})
  2343. LIMIT ' . count($to_label),
  2344. array(
  2345. 'current_member' => $user_info['id'],
  2346. 'to_label' => array_keys($to_label),
  2347. )
  2348. );
  2349. while ($row = $smcFunc['db_fetch_assoc']($request))
  2350. {
  2351. // Get the labels as well, but only if we're not dealing with the inbox
  2352. if ($to_label[$row['id_pm']] != '-1')
  2353. {
  2354. // The JOIN here ensures we only get labels that this user has applied to this PM
  2355. $request2 = $smcFunc['db_query']('', '
  2356. SELECT l.id_label, pml.id_pm
  2357. FROM {db_prefix}pm_labels AS l
  2358. INNER JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_label = l.id_label)
  2359. WHERE l.id_member = {int:current_member}
  2360. AND pml.id_pm = {int:current_pm}',
  2361. array(
  2362. 'current_member' => $user_info['id'],
  2363. 'current_pm' => $row['id_pm'],
  2364. )
  2365. );
  2366. while ($row2 = $smcFunc['db_fetch_assoc']($request2))
  2367. {
  2368. $labels[$row2['id_label']] = $row2['id_label'];
  2369. }
  2370. $smcFunc['db_free_result']($request2);
  2371. }
  2372. elseif ($type == 'rem')
  2373. {
  2374. // If we're removing from the inbox, see if we have at least one other label.
  2375. // This query is faster than the one above
  2376. $request2 = $smcFunc['db_query']('', '
  2377. SELECT COUNT(l.id_label)
  2378. FROM {db_prefix}pm_labels AS l
  2379. INNER JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_label = l.id_label)
  2380. WHERE l.id_member = {int:current_member}
  2381. AND pml.id_pm = {int:current_pm}',
  2382. array(
  2383. 'current_member' => $user_info['id'],
  2384. 'current_pm' => $row['id_pm'],
  2385. )
  2386. );
  2387. // How many labels do you have?
  2388. list ($num_labels) = $smcFunc['db_fetch_assoc']($request2);
  2389. if ($num_labels > 0);
  2390. $context['can_remove_inbox'] = true;
  2391. $smcFunc['db_free_result']($request2);
  2392. }
  2393. // Use this to determine what to do later on...
  2394. $original_labels = $labels;
  2395. // Ignore inbox for now - we'll deal with it later
  2396. if ($to_label[$row['id_pm']] != '-1')
  2397. {
  2398. // If this label is in the list and we're not adding it, remove it
  2399. if (array_key_exists($to_label[$row['id_pm']], $labels) && $type !== 'add')
  2400. unset($labels[$to_label[$row['id_pm']]]);
  2401. else if ($type !== 'rem')
  2402. $labels[$to_label[$row['id_pm']]] = $to_label[$row['id_pm']];
  2403. }
  2404. // Removing all labels or just removing the inbox label
  2405. if ($type == 'rem' && empty($labels))
  2406. $in_inbox = (empty($context['can_remove_inbox']) ? 1 : 0);
  2407. // Adding new labels, but removing inbox and applying new ones
  2408. elseif ($type == 'add' && !empty($options['pm_remove_inbox_label']) && !empty($labels))
  2409. $in_inbox = 0;
  2410. // Just adding it to the inbox
  2411. else
  2412. $in_inbox = 1;
  2413. // Are we adding it to or removing it from the inbox?
  2414. if ($in_inbox != $row['in_inbox'])
  2415. {
  2416. $smcFunc['db_query']('', '
  2417. UPDATE {db_prefix}pm_recipients
  2418. SET in_inbox = {int:in_inbox}
  2419. WHERE id_pm = {int:id_pm}
  2420. AND id_member = {int:current_member}',
  2421. array(
  2422. 'current_member' => $user_info['id'],
  2423. 'id_pm' => $row['id_pm'],
  2424. 'in_inbox' => $in_inbox,
  2425. )
  2426. );
  2427. }
  2428. // Which labels do we not want now?
  2429. $labels_to_remove = array_diff($original_labels, $labels);
  2430. // Don't apply it if it's already applied
  2431. $labels_to_apply = array_diff($labels, $original_labels);
  2432. // Remove labels
  2433. if (!empty($labels_to_remove))
  2434. {
  2435. $smcFunc['db_query']('', '
  2436. DELETE FROM {db_prefix}pm_labeled_messages
  2437. WHERE id_pm = {int:current_pm}
  2438. AND id_label IN ({array_int:labels_to_remove})',
  2439. array(
  2440. 'current_pm' => $row['id_pm'],
  2441. 'labels_to_remove' => $labels_to_remove,
  2442. )
  2443. );
  2444. }
  2445. // Add new ones
  2446. if (!empty($labels_to_apply))
  2447. {
  2448. $inserts = array();
  2449. foreach ($labels_to_apply as $label)
  2450. $inserts[] = array($row['id_pm'], $label);
  2451. $smcFunc['db_insert']('',
  2452. '{db_prefix}pm_labeled_messages',
  2453. array('id_pm' => 'int', 'id_label' => 'int'),
  2454. $inserts,
  2455. array()
  2456. );
  2457. }
  2458. }
  2459. $smcFunc['db_free_result']($request);
  2460. }
  2461. // Back to the folder.
  2462. $_SESSION['pm_selected'] = array_keys($to_label);
  2463. redirectexit($context['current_label_redirect'] . (count($to_label) == 1 ? '#msg' . $_SESSION['pm_selected'][0] : ''), count($to_label) == 1 && isBrowser('ie'));
  2464. }
  2465. /**
  2466. * Are you sure you want to PERMANENTLY (mostly) delete ALL your messages?
  2467. */
  2468. function MessageKillAllQuery()
  2469. {
  2470. global $txt, $context;
  2471. // Only have to set up the template....
  2472. $context['sub_template'] = 'ask_delete';
  2473. $context['page_title'] = $txt['delete_all'];
  2474. $context['delete_all'] = $_REQUEST['f'] == 'all';
  2475. // And set the folder name...
  2476. $txt['delete_all'] = str_replace('PMBOX', $context['folder'] != 'sent' ? $txt['inbox'] : $txt['sent_items'], $txt['delete_all']);
  2477. }
  2478. /**
  2479. * Delete ALL the messages!
  2480. */
  2481. function MessageKillAll()
  2482. {
  2483. global $context;
  2484. checkSession('get');
  2485. // If all then delete all messages the user has.
  2486. if ($_REQUEST['f'] == 'all')
  2487. deleteMessages(null, null);
  2488. // Otherwise just the selected folder.
  2489. else
  2490. deleteMessages(null, $_REQUEST['f'] != 'sent' ? 'inbox' : 'sent');
  2491. // Done... all gone.
  2492. redirectexit($context['current_label_redirect']);
  2493. }
  2494. /**
  2495. * This function allows the user to delete all messages older than so many days.
  2496. */
  2497. function MessagePrune()
  2498. {
  2499. global $txt, $context, $user_info, $scripturl, $smcFunc;
  2500. // Actually delete the messages.
  2501. if (isset($_REQUEST['age']))
  2502. {
  2503. checkSession();
  2504. // Calculate the time to delete before.
  2505. $deleteTime = max(0, time() - (86400 * (int) $_REQUEST['age']));
  2506. // Array to store the IDs in.
  2507. $toDelete = array();
  2508. // Select all the messages they have sent older than $deleteTime.
  2509. $request = $smcFunc['db_query']('', '
  2510. SELECT id_pm
  2511. FROM {db_prefix}personal_messages
  2512. WHERE deleted_by_sender = {int:not_deleted}
  2513. AND id_member_from = {int:current_member}
  2514. AND msgtime < {int:msgtime}',
  2515. array(
  2516. 'current_member' => $user_info['id'],
  2517. 'not_deleted' => 0,
  2518. 'msgtime' => $deleteTime,
  2519. )
  2520. );
  2521. while ($row = $smcFunc['db_fetch_row']($request))
  2522. $toDelete[] = $row[0];
  2523. $smcFunc['db_free_result']($request);
  2524. // Select all messages in their inbox older than $deleteTime.
  2525. $request = $smcFunc['db_query']('', '
  2526. SELECT pmr.id_pm
  2527. FROM {db_prefix}pm_recipients AS pmr
  2528. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)
  2529. WHERE pmr.deleted = {int:not_deleted}
  2530. AND pmr.id_member = {int:current_member}
  2531. AND pm.msgtime < {int:msgtime}',
  2532. array(
  2533. 'current_member' => $user_info['id'],
  2534. 'not_deleted' => 0,
  2535. 'msgtime' => $deleteTime,
  2536. )
  2537. );
  2538. while ($row = $smcFunc['db_fetch_assoc']($request))
  2539. $toDelete[] = $row['id_pm'];
  2540. $smcFunc['db_free_result']($request);
  2541. // Delete the actual messages.
  2542. deleteMessages($toDelete);
  2543. // Go back to their inbox.
  2544. redirectexit($context['current_label_redirect']);
  2545. }
  2546. // Build the link tree elements.
  2547. $context['linktree'][] = array(
  2548. 'url' => $scripturl . '?action=pm;sa=prune',
  2549. 'name' => $txt['pm_prune']
  2550. );
  2551. $context['sub_template'] = 'prune';
  2552. $context['page_title'] = $txt['pm_prune'];
  2553. }
  2554. /**
  2555. * Delete the specified personal messages.
  2556. *
  2557. * @param array $personal_messages array of pm ids
  2558. * @param string $folder = null
  2559. * @param int $owner = null
  2560. */
  2561. function deleteMessages($personal_messages, $folder = null, $owner = null)
  2562. {
  2563. global $user_info, $smcFunc;
  2564. if ($owner === null)
  2565. $owner = array($user_info['id']);
  2566. elseif (empty($owner))
  2567. return;
  2568. elseif (!is_array($owner))
  2569. $owner = array($owner);
  2570. if ($personal_messages !== null)
  2571. {
  2572. if (empty($personal_messages) || !is_array($personal_messages))
  2573. return;
  2574. foreach ($personal_messages as $index => $delete_id)
  2575. $personal_messages[$index] = (int) $delete_id;
  2576. $where = '
  2577. AND id_pm IN ({array_int:pm_list})';
  2578. }
  2579. else
  2580. $where = '';
  2581. if ($folder == 'sent' || $folder === null)
  2582. {
  2583. $smcFunc['db_query']('', '
  2584. UPDATE {db_prefix}personal_messages
  2585. SET deleted_by_sender = {int:is_deleted}
  2586. WHERE id_member_from IN ({array_int:member_list})
  2587. AND deleted_by_sender = {int:not_deleted}' . $where,
  2588. array(
  2589. 'member_list' => $owner,
  2590. 'is_deleted' => 1,
  2591. 'not_deleted' => 0,
  2592. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2593. )
  2594. );
  2595. }
  2596. if ($folder != 'sent' || $folder === null)
  2597. {
  2598. // Calculate the number of messages each member's gonna lose...
  2599. $request = $smcFunc['db_query']('', '
  2600. SELECT id_member, COUNT(*) AS num_deleted_messages, CASE WHEN is_read & 1 >= 1 THEN 1 ELSE 0 END AS is_read
  2601. FROM {db_prefix}pm_recipients
  2602. WHERE id_member IN ({array_int:member_list})
  2603. AND deleted = {int:not_deleted}' . $where . '
  2604. GROUP BY id_member, is_read',
  2605. array(
  2606. 'member_list' => $owner,
  2607. 'not_deleted' => 0,
  2608. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2609. )
  2610. );
  2611. // ...And update the statistics accordingly - now including unread messages!.
  2612. while ($row = $smcFunc['db_fetch_assoc']($request))
  2613. {
  2614. if ($row['is_read'])
  2615. updateMemberData($row['id_member'], array('instant_messages' => $where == '' ? 0 : 'instant_messages - ' . $row['num_deleted_messages']));
  2616. else
  2617. updateMemberData($row['id_member'], array('instant_messages' => $where == '' ? 0 : 'instant_messages - ' . $row['num_deleted_messages'], 'unread_messages' => $where == '' ? 0 : 'unread_messages - ' . $row['num_deleted_messages']));
  2618. // If this is the current member we need to make their message count correct.
  2619. if ($user_info['id'] == $row['id_member'])
  2620. {
  2621. $user_info['messages'] -= $row['num_deleted_messages'];
  2622. if (!($row['is_read']))
  2623. $user_info['unread_messages'] -= $row['num_deleted_messages'];
  2624. }
  2625. }
  2626. $smcFunc['db_free_result']($request);
  2627. // Do the actual deletion.
  2628. $smcFunc['db_query']('', '
  2629. UPDATE {db_prefix}pm_recipients
  2630. SET deleted = {int:is_deleted}
  2631. WHERE id_member IN ({array_int:member_list})
  2632. AND deleted = {int:not_deleted}' . $where,
  2633. array(
  2634. 'member_list' => $owner,
  2635. 'is_deleted' => 1,
  2636. 'not_deleted' => 0,
  2637. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2638. )
  2639. );
  2640. $labels = array();
  2641. // Get any labels that the owner may have applied to this PM
  2642. // The join is here to ensure we only get labels applied by the specified member(s)
  2643. $get_labels = $smcFunc['db_query']('', '
  2644. SELECT pml.id_label
  2645. FROM {db_prefix}pm_labels AS l
  2646. INNER JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_label = l.id_label)
  2647. WHERE l.id_member IN ({array_int:member_list})' . $where,
  2648. array(
  2649. 'member_list' => $owner,
  2650. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2651. )
  2652. );
  2653. while ($row = $smcFunc['db_fetch_assoc']($get_labels))
  2654. {
  2655. $labels[] = $row['id_label'];
  2656. }
  2657. $smcFunc['db_free_result']($get_labels);
  2658. if (!empty($labels))
  2659. {
  2660. $smcFunc['db_query']('', '
  2661. DELETE FROM {db_prefix}pm_labeled_messages
  2662. WHERE label_id IN ({array_int:labels})' . $where,
  2663. array(
  2664. 'labels' => $labels,
  2665. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2666. )
  2667. );
  2668. }
  2669. }
  2670. // If sender and recipients all have deleted their message, it can be removed.
  2671. $request = $smcFunc['db_query']('', '
  2672. SELECT pm.id_pm AS sender, pmr.id_pm
  2673. FROM {db_prefix}personal_messages AS pm
  2674. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm AND pmr.deleted = {int:not_deleted})
  2675. WHERE pm.deleted_by_sender = {int:is_deleted}
  2676. ' . str_replace('id_pm', 'pm.id_pm', $where) . '
  2677. GROUP BY sender, pmr.id_pm
  2678. HAVING pmr.id_pm IS null',
  2679. array(
  2680. 'not_deleted' => 0,
  2681. 'is_deleted' => 1,
  2682. 'pm_list' => $personal_messages !== null ? array_unique($personal_messages) : array(),
  2683. )
  2684. );
  2685. $remove_pms = array();
  2686. while ($row = $smcFunc['db_fetch_assoc']($request))
  2687. $remove_pms[] = $row['sender'];
  2688. $smcFunc['db_free_result']($request);
  2689. if (!empty($remove_pms))
  2690. {
  2691. $smcFunc['db_query']('', '
  2692. DELETE FROM {db_prefix}personal_messages
  2693. WHERE id_pm IN ({array_int:pm_list})',
  2694. array(
  2695. 'pm_list' => $remove_pms,
  2696. )
  2697. );
  2698. $smcFunc['db_query']('', '
  2699. DELETE FROM {db_prefix}pm_recipients
  2700. WHERE id_pm IN ({array_int:pm_list})',
  2701. array(
  2702. 'pm_list' => $remove_pms,
  2703. )
  2704. );
  2705. $smcFunc['db_query']('', '
  2706. DELETE FROM {db_prefix}pm_labeled_messages
  2707. WHERE id_pm IN ({array_int:pm_list})',
  2708. array(
  2709. 'pm_list' => $remove_pms,
  2710. )
  2711. );
  2712. }
  2713. // Any cached numbers may be wrong now.
  2714. cache_put_data('labelCounts:' . $user_info['id'], null, 720);
  2715. }
  2716. /**
  2717. * Mark the specified personal messages read.
  2718. *
  2719. * @param array $personal_messages = null, array of pm ids
  2720. * @param string $label = null, if label is set, only marks messages with that label
  2721. * @param int $owner = null, if owner is set, marks messages owned by that member id
  2722. */
  2723. function markMessages($personal_messages = null, $label = null, $owner = null)
  2724. {
  2725. global $user_info, $context, $smcFunc;
  2726. if ($owner === null)
  2727. $owner = $user_info['id'];
  2728. $in_inbox = '';
  2729. // Marking all messages with a specific label as read?
  2730. // If we know which PMs we're marking read, then we don't need label info
  2731. if ($personal_messages === null && $label !== null && $label != '-1')
  2732. {
  2733. $personal_messages = array();
  2734. $get_messages = $smcFunc['db_query']('', '
  2735. SELECT id_pm
  2736. FROM {db_prefix}pm_labeled_messages
  2737. WHERE id_label = {int:current_label}',
  2738. array(
  2739. 'current_label' => $label,
  2740. )
  2741. );
  2742. while ($row = $smcFunc['db_fetch_assoc']($get_messages))
  2743. {
  2744. $personal_messages[] = $row['id_pm'];
  2745. }
  2746. $smcFunc['db_free_result']($get_messages);
  2747. }
  2748. elseif ($label = '-1')
  2749. {
  2750. // Marking all PMs in your inbox read
  2751. $in_inbox = '
  2752. AND in_inbox = {int:in_inbox}';
  2753. }
  2754. $smcFunc['db_query']('', '
  2755. UPDATE {db_prefix}pm_recipients
  2756. SET is_read = is_read | 1
  2757. WHERE id_member = {int:id_member}
  2758. AND NOT (is_read & 1 >= 1)' . ($personal_messages !== null ? '
  2759. AND id_pm IN ({array_int:personal_messages})' : '') . $in_inbox,
  2760. array(
  2761. 'personal_messages' => $personal_messages,
  2762. 'id_member' => $owner,
  2763. 'in_inbox' => 1,
  2764. )
  2765. );
  2766. // If something wasn't marked as read, get the number of unread messages remaining.
  2767. if ($smcFunc['db_affected_rows']() > 0)
  2768. {
  2769. if ($owner == $user_info['id'])
  2770. {
  2771. foreach ($context['labels'] as $label)
  2772. $context['labels'][(int) $label['id']]['unread_messages'] = 0;
  2773. }
  2774. $result = $smcFunc['db_query']('', '
  2775. SELECT id_pm, in_inbox, COUNT(*) AS num
  2776. FROM {db_prefix}pm_recipients
  2777. WHERE id_member = {int:id_member}
  2778. AND NOT (is_read & 1 >= 1)
  2779. AND deleted = {int:is_not_deleted}',
  2780. array(
  2781. 'id_member' => $owner,
  2782. 'is_not_deleted' => 0,
  2783. )
  2784. );
  2785. $total_unread = 0;
  2786. while ($row = $smcFunc['db_fetch_assoc']($result))
  2787. {
  2788. $total_unread += $row['num'];
  2789. if ($owner != $user_info['id'] || empty($row['id_pm']))
  2790. continue;
  2791. $this_labels = array();
  2792. // Get all the labels
  2793. $result2 = $smcFunc['db_query']('', '
  2794. SELECT pml.id_label
  2795. FROM {db_prefix}pm_labels AS l
  2796. INNER JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_label = l.id_label)
  2797. WHERE l.id_member = {int:id_member}
  2798. AND pml.id_pm = {int:current_pm}',
  2799. array(
  2800. 'id_member' => $owner,
  2801. 'current_pm' => $row['id_pm'],
  2802. )
  2803. );
  2804. while ($row2 = $smcFunc['db_fetch_assoc']($result2))
  2805. {
  2806. $this_labels[] = $row2['id_label'];
  2807. }
  2808. $smcFunc['db_free_result']($result2);
  2809. foreach ($this_labels as $this_label)
  2810. $context['labels'][$this_label]['unread_messages'] += $row['num'];
  2811. if ($row['in_inbox'] == 1)
  2812. $context['labels'][-1]['unread_messages'] += $row['num'];
  2813. }
  2814. $smcFunc['db_free_result']($result);
  2815. // Need to store all this.
  2816. cache_put_data('labelCounts:' . $owner, $context['labels'], 720);
  2817. updateMemberData($owner, array('unread_messages' => $total_unread));
  2818. // If it was for the current member, reflect this in the $user_info array too.
  2819. if ($owner == $user_info['id'])
  2820. $user_info['unread_messages'] = $total_unread;
  2821. }
  2822. }
  2823. /**
  2824. * This function handles adding, deleting and editing labels on messages.
  2825. */
  2826. function ManageLabels()
  2827. {
  2828. global $txt, $context, $user_info, $scripturl, $smcFunc;
  2829. // Build the link tree elements...
  2830. $context['linktree'][] = array(
  2831. 'url' => $scripturl . '?action=pm;sa=manlabels',
  2832. 'name' => $txt['pm_manage_labels']
  2833. );
  2834. $context['page_title'] = $txt['pm_manage_labels'];
  2835. $context['sub_template'] = 'labels';
  2836. $the_labels = array();
  2837. $labels_to_add = array();
  2838. $labels_to_remove = array();
  2839. $label_updates = array();
  2840. // Add all existing labels to the array to save, slashing them as necessary...
  2841. foreach ($context['labels'] as $label)
  2842. {
  2843. if ($label['id'] != -1)
  2844. $the_labels[$label['id']] = $label['name'];
  2845. }
  2846. if (isset($_POST[$context['session_var']]))
  2847. {
  2848. checkSession();
  2849. // This will be for updating messages.
  2850. $message_changes = array();
  2851. $rule_changes = array();
  2852. // Will most likely need this.
  2853. LoadRules();
  2854. // Adding a new label?
  2855. if (isset($_POST['add']))
  2856. {
  2857. $_POST['label'] = strtr($smcFunc['htmlspecialchars'](trim($_POST['label'])), array(',' => '&#044;'));
  2858. if ($smcFunc['strlen']($_POST['label']) > 30)
  2859. $_POST['label'] = $smcFunc['substr']($_POST['label'], 0, 30);
  2860. if ($_POST['label'] != '')
  2861. {
  2862. $the_labels[] = $_POST['label'];
  2863. $labels_to_add[] = $_POST['label'];
  2864. }
  2865. }
  2866. // Deleting an existing label?
  2867. elseif (isset($_POST['delete'], $_POST['delete_label']))
  2868. {
  2869. foreach ($_POST['delete_label'] AS $label => $dummy)
  2870. {
  2871. unset($the_labels[$label]);
  2872. $labels_to_remove[] = $label;
  2873. }
  2874. }
  2875. // The hardest one to deal with... changes.
  2876. elseif (isset($_POST['save']) && !empty($_POST['label_name']))
  2877. {
  2878. foreach ($the_labels as $id => $name)
  2879. {
  2880. if ($id == -1)
  2881. continue;
  2882. elseif (isset($_POST['label_name'][$id]))
  2883. {
  2884. $_POST['label_name'][$id] = trim(strtr($smcFunc['htmlspecialchars']($_POST['label_name'][$id]), array(',' => '&#044;')));
  2885. if ($smcFunc['strlen']($_POST['label_name'][$id]) > 30)
  2886. $_POST['label_name'][$id] = $smcFunc['substr']($_POST['label_name'][$id], 0, 30);
  2887. if ($_POST['label_name'][$id] != '')
  2888. {
  2889. // Changing the name of this label?
  2890. if ($the_labels[$id] != $_POST['label_name'][$id])
  2891. $label_updates[$id] = $_POST['label_name'][$id];
  2892. $the_labels[(int) $id] = $_POST['label_name'][$id];
  2893. }
  2894. else
  2895. {
  2896. unset($the_labels[(int) $id]);
  2897. $labels_to_remove[] = $id;
  2898. $message_changes[(int) $id] = true;
  2899. }
  2900. }
  2901. }
  2902. }
  2903. // Save any new labels
  2904. if (!empty($labels_to_add))
  2905. {
  2906. $inserts = array();
  2907. foreach ($labels_to_add AS $label)
  2908. $inserts[] = array($user_info['id'], $label);
  2909. $smcFunc['db_insert']('', '{db_prefix}pm_labels', array('id_member' => 'int', 'name' => 'string-30'), $inserts, array());
  2910. }
  2911. // Update existing labels as needed
  2912. if (!empty($label_upates))
  2913. {
  2914. foreach ($label_updates AS $id => $name)
  2915. {
  2916. $smcFunc['db_query']('', '
  2917. UPDATE {db_prefix}labels
  2918. SET name = {string:name}
  2919. WHERE id_label = {int:id_label}',
  2920. array(
  2921. 'name' => $name,
  2922. 'id' => $id
  2923. )
  2924. );
  2925. }
  2926. }
  2927. // Now the fun part... Deleting labels.
  2928. if (!empty($labels_to_remove))
  2929. {
  2930. // First delete the labels
  2931. $smcFunc['db_query']('', '
  2932. DELETE FROM {db_prefix}pm_labels
  2933. WHERE id_label IN ({array_int:labels_to_delete})',
  2934. array(
  2935. 'labels_to_delete' => $labels_to_remove,
  2936. )
  2937. );
  2938. // Now remove the now-deleted labels from any PMs...
  2939. $smcFunc['db_query']('', '
  2940. DELETE FROM {db_prefix}pm_labeled_messages
  2941. WHERE id_label IN ({array_int:labels_to_delete})',
  2942. array(
  2943. 'labels_to_delete' => $labels_to_remove,
  2944. )
  2945. );
  2946. // Get any PMs with no labels which aren't in the inbox
  2947. $get_stranded_pms = $smcFunc['db_query']('', '
  2948. SELECT pmr.id_pm
  2949. FROM {db_prefix}pm_recipients AS pmr
  2950. LEFT JOIN {db_prefix}pm_labeled_messages AS pml ON (pml.id_pm = pmr.id_pm)
  2951. WHERE pml.id_label IS NULL
  2952. AND pmr.in_inbox = {int:not_in_inbox}
  2953. AND pmr.deleted = {int:not_deleted}
  2954. AND pmr.id_member = {int:current_member}',
  2955. array(
  2956. 'not_in_inbox' => 0,
  2957. 'not_deleted' => 0,
  2958. 'current_member' => $user_info['id'],
  2959. )
  2960. );
  2961. $stranded_messages = array();
  2962. while ($row = $smcFunc['db_fetch_assoc']($get_stranded_pms))
  2963. {
  2964. $stranded_messages[] = $row['id_pm'];
  2965. }
  2966. $smcFunc['db_free_result']($get_stranded_pms);
  2967. // Move these back to the inbox if necessary
  2968. if (!empty($stranded_messages))
  2969. {
  2970. // We now have more messages in the inbox
  2971. $context['labels'][-1]['messages'] += count($stranded_messages);
  2972. $smcFunc['db_query']('', '
  2973. UPDATE {db_prefix}pm_recipients
  2974. SET in_inbox = {int:in_inbox}
  2975. WHERE id_pm IN ({array_int:stranded_messages})
  2976. AND id_member = {int:current_member}',
  2977. array(
  2978. 'stranded_messages' => $stranded_messages,
  2979. 'in_inbox' => 1,
  2980. )
  2981. );
  2982. }
  2983. // Now do the same the rules - check through each rule.
  2984. foreach ($context['rules'] as $k => $rule)
  2985. {
  2986. // Each action...
  2987. foreach ($rule['actions'] as $k2 => $action)
  2988. {
  2989. if ($action['t'] != 'lab' || !in_array($action['v'], $labels_to_remove))
  2990. continue;
  2991. $rule_changes[] = $rule['id'];
  2992. // Can't apply this label anymore if it doesn't exist
  2993. unset($context['rules'][$k]['actions'][$k2]);
  2994. }
  2995. }
  2996. }
  2997. // If we have rules to change do so now.
  2998. if (!empty($rule_changes))
  2999. {
  3000. $rule_changes = array_unique($rule_changes);
  3001. // Update/delete as appropriate.
  3002. foreach ($rule_changes as $k => $id)
  3003. if (!empty($context['rules'][$id]['actions']))
  3004. {
  3005. $smcFunc['db_query']('', '
  3006. UPDATE {db_prefix}pm_rules
  3007. SET actions = {string:actions}
  3008. WHERE id_rule = {int:id_rule}
  3009. AND id_member = {int:current_member}',
  3010. array(
  3011. 'current_member' => $user_info['id'],
  3012. 'id_rule' => $id,
  3013. 'actions' => serialize($context['rules'][$id]['actions']),
  3014. )
  3015. );
  3016. unset($rule_changes[$k]);
  3017. }
  3018. // Anything left here means it's lost all actions...
  3019. if (!empty($rule_changes))
  3020. $smcFunc['db_query']('', '
  3021. DELETE FROM {db_prefix}pm_rules
  3022. WHERE id_rule IN ({array_int:rule_list})
  3023. AND id_member = {int:current_member}',
  3024. array(
  3025. 'current_member' => $user_info['id'],
  3026. 'rule_list' => $rule_changes,
  3027. )
  3028. );
  3029. }
  3030. // Make sure we're not caching this!
  3031. cache_put_data('labelCounts:' . $user_info['id'], null, 720);
  3032. // To make the changes appear right away, redirect.
  3033. redirectexit('action=pm;sa=manlabels');
  3034. }
  3035. }
  3036. /**
  3037. * Allows to edit Personal Message Settings.
  3038. *
  3039. * @uses Profile.php
  3040. * @uses Profile-Modify.php
  3041. * @uses Profile template.
  3042. * @uses Profile language file.
  3043. */
  3044. function MessageSettings()
  3045. {
  3046. global $txt, $user_settings, $user_info, $context, $sourcedir, $smcFunc;
  3047. global $scripturl, $profile_vars, $cur_profile, $user_profile;
  3048. // Need this for the display.
  3049. require_once($sourcedir . '/Profile.php');
  3050. require_once($sourcedir . '/Profile-Modify.php');
  3051. // We want them to submit back to here.
  3052. $context['profile_custom_submit_url'] = $scripturl . '?action=pm;sa=settings;save';
  3053. loadMemberData($user_info['id'], false, 'profile');
  3054. $cur_profile = $user_profile[$user_info['id']];
  3055. loadLanguage('Profile');
  3056. loadTemplate('Profile');
  3057. // Since this is internally handled with the profile code because that's how it was done ages ago
  3058. // we have to set everything up for handling this...
  3059. $context['page_title'] = $txt['pm_settings'];
  3060. $context['user']['is_owner'] = true;
  3061. $context['id_member'] = $user_info['id'];
  3062. $context['require_password'] = false;
  3063. $context['menu_item_selected'] = 'settings';
  3064. $context['submit_button_text'] = $txt['pm_settings'];
  3065. $context['profile_header_text'] = $txt['personal_messages'];
  3066. $context['sub_template'] = 'edit_options';
  3067. $context['page_desc'] = $txt['pm_settings_desc'];
  3068. loadThemeOptions($user_info['id']);
  3069. loadCustomFields($user_info['id'], 'pmprefs');
  3070. // Add our position to the linktree.
  3071. $context['linktree'][] = array(
  3072. 'url' => $scripturl . '?action=pm;sa=settings',
  3073. 'name' => $txt['pm_settings']
  3074. );
  3075. // Are they saving?
  3076. if (isset($_REQUEST['save']))
  3077. {
  3078. checkSession();
  3079. // Mimic what profile would do.
  3080. $_POST = htmltrim__recursive($_POST);
  3081. $_POST = htmlspecialchars__recursive($_POST);
  3082. // Save the fields.
  3083. saveProfileFields();
  3084. if (!empty($profile_vars))
  3085. updateMemberData($user_info['id'], $profile_vars);
  3086. }
  3087. setupProfileContext(
  3088. array(
  3089. 'pm_prefs',
  3090. )
  3091. );
  3092. }
  3093. /**
  3094. * Allows the user to report a personal message to an administrator.
  3095. *
  3096. * - In the first instance requires that the ID of the message to report is passed through $_GET.
  3097. * - It allows the user to report to either a particular administrator - or the whole admin team.
  3098. * - It will forward on a copy of the original message without allowing the reporter to make changes.
  3099. *
  3100. * @uses report_message sub-template.
  3101. */
  3102. function ReportMessage()
  3103. {
  3104. global $txt, $context, $scripturl, $sourcedir;
  3105. global $user_info, $language, $modSettings, $smcFunc;
  3106. // Check that this feature is even enabled!
  3107. if (empty($modSettings['enableReportPM']) || empty($_REQUEST['pmsg']))
  3108. fatal_lang_error('no_access', false);
  3109. $pmsg = (int) $_REQUEST['pmsg'];
  3110. if (!isAccessiblePM($pmsg, 'inbox'))
  3111. fatal_lang_error('no_access', false);
  3112. $context['pm_id'] = $pmsg;
  3113. $context['page_title'] = $txt['pm_report_title'];
  3114. // If we're here, just send the user to the template, with a few useful context bits.
  3115. if (!isset($_POST['report']))
  3116. {
  3117. $context['sub_template'] = 'report_message';
  3118. // @todo I don't like being able to pick who to send it to. Favoritism, etc. sucks.
  3119. // Now, get all the administrators.
  3120. $request = $smcFunc['db_query']('', '
  3121. SELECT id_member, real_name
  3122. FROM {db_prefix}members
  3123. WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
  3124. ORDER BY real_name',
  3125. array(
  3126. 'admin_group' => 1,
  3127. )
  3128. );
  3129. $context['admins'] = array();
  3130. while ($row = $smcFunc['db_fetch_assoc']($request))
  3131. $context['admins'][$row['id_member']] = $row['real_name'];
  3132. $smcFunc['db_free_result']($request);
  3133. // How many admins in total?
  3134. $context['admin_count'] = count($context['admins']);
  3135. }
  3136. // Otherwise, let's get down to the sending stuff.
  3137. else
  3138. {
  3139. // Check the session before proceeding any further!
  3140. checkSession();
  3141. // First, pull out the message contents, and verify it actually went to them!
  3142. $request = $smcFunc['db_query']('', '
  3143. SELECT pm.subject, pm.body, pm.msgtime, pm.id_member_from, IFNULL(m.real_name, pm.from_name) AS sender_name
  3144. FROM {db_prefix}personal_messages AS pm
  3145. INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
  3146. LEFT JOIN {db_prefix}members AS m ON (m.id_member = pm.id_member_from)
  3147. WHERE pm.id_pm = {int:id_pm}
  3148. AND pmr.id_member = {int:current_member}
  3149. AND pmr.deleted = {int:not_deleted}
  3150. LIMIT 1',
  3151. array(
  3152. 'current_member' => $user_info['id'],
  3153. 'id_pm' => $context['pm_id'],
  3154. 'not_deleted' => 0,
  3155. )
  3156. );
  3157. // Can only be a hacker here!
  3158. if ($smcFunc['db_num_rows']($request) == 0)
  3159. fatal_lang_error('no_access', false);
  3160. list ($subject, $body, $time, $memberFromID, $memberFromName) = $smcFunc['db_fetch_row']($request);
  3161. $smcFunc['db_free_result']($request);
  3162. // Remove the line breaks...
  3163. $body = preg_replace('~<br ?/?' . '>~i', "\n", $body);
  3164. // Get any other recipients of the email.
  3165. $request = $smcFunc['db_query']('', '
  3166. SELECT mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc
  3167. FROM {db_prefix}pm_recipients AS pmr
  3168. LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
  3169. WHERE pmr.id_pm = {int:id_pm}
  3170. AND pmr.id_member != {int:current_member}',
  3171. array(
  3172. 'current_member' => $user_info['id'],
  3173. 'id_pm' => $context['pm_id'],
  3174. )
  3175. );
  3176. $recipients = array();
  3177. $hidden_recipients = 0;
  3178. while ($row = $smcFunc['db_fetch_assoc']($request))
  3179. {
  3180. // If it's hidden still don't reveal their names - privacy after all ;)
  3181. if ($row['bcc'])
  3182. $hidden_recipients++;
  3183. else
  3184. $recipients[] = '[url=' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . ']' . $row['to_name'] . '[/url]';
  3185. }
  3186. $smcFunc['db_free_result']($request);
  3187. if ($hidden_recipients)
  3188. $recipients[] = sprintf($txt['pm_report_pm_hidden'], $hidden_recipients);
  3189. // Now let's get out and loop through the admins.
  3190. $request = $smcFunc['db_query']('', '
  3191. SELECT id_member, real_name, lngfile
  3192. FROM {db_prefix}members
  3193. WHERE (id_group = {int:admin_id} OR FIND_IN_SET({int:admin_id}, additional_groups) != 0)
  3194. ' . (empty($_POST['id_admin']) ? '' : 'AND id_member = {int:specific_admin}') . '
  3195. ORDER BY lngfile',
  3196. array(
  3197. 'admin_id' => 1,
  3198. 'specific_admin' => isset($_POST['id_admin']) ? (int) $_POST['id_admin'] : 0,
  3199. )
  3200. );
  3201. // Maybe we shouldn't advertise this?
  3202. if ($smcFunc['db_num_rows']($request) == 0)
  3203. fatal_lang_error('no_access', false);
  3204. $memberFromName = un_htmlspecialchars($memberFromName);
  3205. // Prepare the message storage array.
  3206. $messagesToSend = array();
  3207. // Loop through each admin, and add them to the right language pile...
  3208. while ($row = $smcFunc['db_fetch_assoc']($request))
  3209. {
  3210. // Need to send in the correct language!
  3211. $cur_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  3212. if (!isset($messagesToSend[$cur_language]))
  3213. {
  3214. loadLanguage('PersonalMessage', $cur_language, false);
  3215. // Make the body.
  3216. $report_body = str_replace(array('{REPORTER}', '{SENDER}'), array(un_htmlspecialchars($user_info['name']), $memberFromName), $txt['pm_report_pm_user_sent']);
  3217. $report_body .= "\n" . '[b]' . $_POST['reason'] . '[/b]' . "\n\n";
  3218. if (!empty($recipients))
  3219. $report_body .= $txt['pm_report_pm_other_recipients'] . ' ' . implode(', ', $recipients) . "\n\n";
  3220. $report_body .= $txt['pm_report_pm_unedited_below'] . "\n" . '[quote author=' . (empty($memberFromID) ? '&quot;' . $memberFromName . '&quot;' : $memberFromName . ' link=action=profile;u=' . $memberFromID . ' date=' . $time) . ']' . "\n" . un_htmlspecialchars($body) . '[/quote]';
  3221. // Plonk it in the array ;)
  3222. $messagesToSend[$cur_language] = array(
  3223. 'subject' => ($smcFunc['strpos']($subject, $txt['pm_report_pm_subject']) === false ? $txt['pm_report_pm_subject'] : '') . un_htmlspecialchars($subject),
  3224. 'body' => $report_body,
  3225. 'recipients' => array(
  3226. 'to' => array(),
  3227. 'bcc' => array()
  3228. ),
  3229. );
  3230. }
  3231. // Add them to the list.
  3232. $messagesToSend[$cur_language]['recipients']['to'][$row['id_member']] = $row['id_member'];
  3233. }
  3234. $smcFunc['db_free_result']($request);
  3235. // Send a different email for each language.
  3236. foreach ($messagesToSend as $lang => $message)
  3237. sendpm($message['recipients'], $message['subject'], $message['body']);
  3238. // Give the user their own language back!
  3239. if (!empty($modSettings['userLanguage']))
  3240. loadLanguage('PersonalMessage', '', false);
  3241. // Leave them with a template.
  3242. $context['sub_template'] = 'report_message_complete';
  3243. }
  3244. }
  3245. /**
  3246. * List all rules, and allow adding/entering etc...
  3247. */
  3248. function ManageRules()
  3249. {
  3250. global $txt, $context, $user_info, $scripturl, $smcFunc;
  3251. // The link tree - gotta have this :o
  3252. $context['linktree'][] = array(
  3253. 'url' => $scripturl . '?action=pm;sa=manrules',
  3254. 'name' => $txt['pm_manage_rules']
  3255. );
  3256. $context['page_title'] = $txt['pm_manage_rules'];
  3257. $context['sub_template'] = 'rules';
  3258. // Load them... load them!!
  3259. LoadRules();
  3260. // Likely to need all the groups!
  3261. $request = $smcFunc['db_query']('', '
  3262. SELECT mg.id_group, mg.group_name, IFNULL(gm.id_member, 0) AS can_moderate, mg.hidden
  3263. FROM {db_prefix}membergroups AS mg
  3264. LEFT JOIN {db_prefix}group_moderators AS gm ON (gm.id_group = mg.id_group AND gm.id_member = {int:current_member})
  3265. WHERE mg.min_posts = {int:min_posts}
  3266. AND mg.id_group != {int:moderator_group}
  3267. AND mg.hidden = {int:not_hidden}
  3268. ORDER BY mg.group_name',
  3269. array(
  3270. 'current_member' => $user_info['id'],
  3271. 'min_posts' => -1,
  3272. 'moderator_group' => 3,
  3273. 'not_hidden' => 0,
  3274. )
  3275. );
  3276. $context['groups'] = array();
  3277. while ($row = $smcFunc['db_fetch_assoc']($request))
  3278. {
  3279. // Hide hidden groups!
  3280. if ($row['hidden'] && !$row['can_moderate'] && !allowedTo('manage_membergroups'))
  3281. continue;
  3282. $context['groups'][$row['id_group']] = $row['group_name'];
  3283. }
  3284. $smcFunc['db_free_result']($request);
  3285. // Applying all rules?
  3286. if (isset($_GET['apply']))
  3287. {
  3288. checkSession('get');
  3289. ApplyRules(true);
  3290. redirectexit('action=pm;sa=manrules');
  3291. }
  3292. // Editing a specific one?
  3293. if (isset($_GET['add']))
  3294. {
  3295. $context['rid'] = isset($_GET['rid']) && isset($context['rules'][$_GET['rid']])? (int) $_GET['rid'] : 0;
  3296. $context['sub_template'] = 'add_rule';
  3297. // Current rule information...
  3298. if ($context['rid'])
  3299. {
  3300. $context['rule'] = $context['rules'][$context['rid']];
  3301. $members = array();
  3302. // Need to get member names!
  3303. foreach ($context['rule']['criteria'] as $k => $criteria)
  3304. if ($criteria['t'] == 'mid' && !empty($criteria['v']))
  3305. $members[(int) $criteria['v']] = $k;
  3306. if (!empty($members))
  3307. {
  3308. $request = $smcFunc['db_query']('', '
  3309. SELECT id_member, member_name
  3310. FROM {db_prefix}members
  3311. WHERE id_member IN ({array_int:member_list})',
  3312. array(
  3313. 'member_list' => array_keys($members),
  3314. )
  3315. );
  3316. while ($row = $smcFunc['db_fetch_assoc']($request))
  3317. $context['rule']['criteria'][$members[$row['id_member']]]['v'] = $row['member_name'];
  3318. $smcFunc['db_free_result']($request);
  3319. }
  3320. }
  3321. else
  3322. $context['rule'] = array(
  3323. 'id' => '',
  3324. 'name' => '',
  3325. 'criteria' => array(),
  3326. 'actions' => array(),
  3327. 'logic' => 'and',
  3328. );
  3329. }
  3330. // Saving?
  3331. elseif (isset($_GET['save']))
  3332. {
  3333. checkSession();
  3334. $context['rid'] = isset($_GET['rid']) && isset($context['rules'][$_GET['rid']])? (int) $_GET['rid'] : 0;
  3335. // Name is easy!
  3336. $ruleName = $smcFunc['htmlspecialchars'](trim($_POST['rule_name']));
  3337. if (empty($ruleName))
  3338. fatal_lang_error('pm_rule_no_name', false);
  3339. // Sanity check...
  3340. if (empty($_POST['ruletype']) || empty($_POST['acttype']))
  3341. fatal_lang_error('pm_rule_no_criteria', false);
  3342. // Let's do the criteria first - it's also hardest!
  3343. $criteria = array();
  3344. foreach ($_POST['ruletype'] as $ind => $type)
  3345. {
  3346. // Check everything is here...
  3347. if ($type == 'gid' && (!isset($_POST['ruledefgroup'][$ind]) || !isset($context['groups'][$_POST['ruledefgroup'][$ind]])))
  3348. continue;
  3349. elseif ($type != 'bud' && !isset($_POST['ruledef'][$ind]))
  3350. continue;
  3351. // Members need to be found.
  3352. if ($type == 'mid')
  3353. {
  3354. $name = trim($_POST['ruledef'][$ind]);
  3355. $request = $smcFunc['db_query']('', '
  3356. SELECT id_member
  3357. FROM {db_prefix}members
  3358. WHERE real_name = {string:member_name}
  3359. OR member_name = {string:member_name}',
  3360. array(
  3361. 'member_name' => $name,
  3362. )
  3363. );
  3364. if ($smcFunc['db_num_rows']($request) == 0)
  3365. continue;
  3366. list ($memID) = $smcFunc['db_fetch_row']($request);
  3367. $smcFunc['db_free_result']($request);
  3368. $criteria[] = array('t' => 'mid', 'v' => $memID);
  3369. }
  3370. elseif ($type == 'bud')
  3371. $criteria[] = array('t' => 'bud', 'v' => 1);
  3372. elseif ($type == 'gid')
  3373. $criteria[] = array('t' => 'gid', 'v' => (int) $_POST['ruledefgroup'][$ind]);
  3374. elseif (in_array($type, array('sub', 'msg')) && trim($_POST['ruledef'][$ind]) != '')
  3375. $criteria[] = array('t' => $type, 'v' => $smcFunc['htmlspecialchars'](trim($_POST['ruledef'][$ind])));
  3376. }
  3377. // Also do the actions!
  3378. $actions = array();
  3379. $doDelete = 0;
  3380. $isOr = $_POST['rule_logic'] == 'or' ? 1 : 0;
  3381. foreach ($_POST['acttype'] as $ind => $type)
  3382. {
  3383. // Picking a valid label?
  3384. if ($type == 'lab' && (!isset($_POST['labdef'][$ind]) || !isset($context['labels'][$_POST['labdef'][$ind]])))
  3385. continue;
  3386. // Record what we're doing.
  3387. if ($type == 'del')
  3388. $doDelete = 1;
  3389. elseif ($type == 'lab')
  3390. $actions[] = array('t' => 'lab', 'v' => (int) $_POST['labdef'][$ind]);
  3391. }
  3392. if (empty($criteria) || (empty($actions) && !$doDelete))
  3393. fatal_lang_error('pm_rule_no_criteria', false);
  3394. // What are we storing?
  3395. $criteria = serialize($criteria);
  3396. $actions = serialize($actions);
  3397. // Create the rule?
  3398. if (empty($context['rid']))
  3399. $smcFunc['db_insert']('',
  3400. '{db_prefix}pm_rules',
  3401. array(
  3402. 'id_member' => 'int', 'rule_name' => 'string', 'criteria' => 'string', 'actions' => 'string',
  3403. 'delete_pm' => 'int', 'is_or' => 'int',
  3404. ),
  3405. array(
  3406. $user_info['id'], $ruleName, $criteria, $actions, $doDelete, $isOr,
  3407. ),
  3408. array('id_rule')
  3409. );
  3410. else
  3411. $smcFunc['db_query']('', '
  3412. UPDATE {db_prefix}pm_rules
  3413. SET rule_name = {string:rule_name}, criteria = {string:criteria}, actions = {string:actions},
  3414. delete_pm = {int:delete_pm}, is_or = {int:is_or}
  3415. WHERE id_rule = {int:id_rule}
  3416. AND id_member = {int:current_member}',
  3417. array(
  3418. 'current_member' => $user_info['id'],
  3419. 'delete_pm' => $doDelete,
  3420. 'is_or' => $isOr,
  3421. 'id_rule' => $context['rid'],
  3422. 'rule_name' => $ruleName,
  3423. 'criteria' => $criteria,
  3424. 'actions' => $actions,
  3425. )
  3426. );
  3427. redirectexit('action=pm;sa=manrules');
  3428. }
  3429. // Deleting?
  3430. elseif (isset($_POST['delselected']) && !empty($_POST['delrule']))
  3431. {
  3432. checkSession();
  3433. $toDelete = array();
  3434. foreach ($_POST['delrule'] as $k => $v)
  3435. $toDelete[] = (int) $k;
  3436. if (!empty($toDelete))
  3437. $smcFunc['db_query']('', '
  3438. DELETE FROM {db_prefix}pm_rules
  3439. WHERE id_rule IN ({array_int:delete_list})
  3440. AND id_member = {int:current_member}',
  3441. array(
  3442. 'current_member' => $user_info['id'],
  3443. 'delete_list' => $toDelete,
  3444. )
  3445. );
  3446. redirectexit('action=pm;sa=manrules');
  3447. }
  3448. }
  3449. /**
  3450. * This will apply rules to all unread messages. If all_messages is set will, clearly, do it to all!
  3451. *
  3452. * @param bool $all_messages = false
  3453. */
  3454. function ApplyRules($all_messages = false)
  3455. {
  3456. global $user_info, $smcFunc, $context, $options;
  3457. // Want this - duh!
  3458. loadRules();
  3459. // No rules?
  3460. if (empty($context['rules']))
  3461. return;
  3462. // Just unread ones?
  3463. $ruleQuery = $all_messages ? '' : ' AND pmr.is_new = 1';
  3464. // @todo Apply all should have timeout protection!
  3465. // Get all the messages that match this.
  3466. $request = $smcFunc['db_query']('', '
  3467. SELECT
  3468. pmr.id_pm, pm.id_member_from, pm.subject, pm.body, mem.id_group
  3469. FROM {db_prefix}pm_recipients AS pmr
  3470. INNER JOIN {db_prefix}personal_messages AS pm ON (pm.id_pm = pmr.id_pm)
  3471. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = pm.id_member_from)
  3472. WHERE pmr.id_member = {int:current_member}
  3473. AND pmr.deleted = {int:not_deleted}
  3474. ' . $ruleQuery,
  3475. array(
  3476. 'current_member' => $user_info['id'],
  3477. 'not_deleted' => 0,
  3478. )
  3479. );
  3480. $actions = array();
  3481. while ($row = $smcFunc['db_fetch_assoc']($request))
  3482. {
  3483. foreach ($context['rules'] as $rule)
  3484. {
  3485. $match = false;
  3486. // Loop through all the criteria hoping to make a match.
  3487. foreach ($rule['criteria'] as $criterium)
  3488. {
  3489. if (($criterium['t'] == 'mid' && $criterium['v'] == $row['id_member_from']) || ($criterium['t'] == 'gid' && $criterium['v'] == $row['id_group']) || ($criterium['t'] == 'sub' && strpos($row['subject'], $criterium['v']) !== false) || ($criterium['t'] == 'msg' && strpos($row['body'], $criterium['v']) !== false))
  3490. $match = true;
  3491. // If we're adding and one criteria don't match then we stop!
  3492. elseif ($rule['logic'] == 'and')
  3493. {
  3494. $match = false;
  3495. break;
  3496. }
  3497. }
  3498. // If we have a match the rule must be true - act!
  3499. if ($match)
  3500. {
  3501. if ($rule['delete'])
  3502. $actions['deletes'][] = $row['id_pm'];
  3503. else
  3504. {
  3505. foreach ($rule['actions'] as $ruleAction)
  3506. {
  3507. if ($ruleAction['t'] == 'lab')
  3508. {
  3509. // Get a basic pot started!
  3510. if (!isset($actions['labels'][$row['id_pm']]))
  3511. $actions['labels'][$row['id_pm']] = array();
  3512. $actions['labels'][$row['id_pm']][] = $ruleAction['v'];
  3513. }
  3514. }
  3515. }
  3516. }
  3517. }
  3518. }
  3519. $smcFunc['db_free_result']($request);
  3520. // Deletes are easy!
  3521. if (!empty($actions['deletes']))
  3522. deleteMessages($actions['deletes']);
  3523. // Relabel?
  3524. if (!empty($actions['labels']))
  3525. {
  3526. foreach ($actions['labels'] as $pm => $labels)
  3527. {
  3528. // Quickly check each label is valid!
  3529. $realLabels = array();
  3530. foreach ($context['labels'] as $label)
  3531. {
  3532. if (in_array($label['id'], $labels) && $label['id'] != -1 || empty($options['pm_remove_inbox_label']))
  3533. {
  3534. // Make sure this stays in the inbox
  3535. if ($label['id'] == '-1')
  3536. {
  3537. $smcFunc['db_query']('', '
  3538. UPDATE {db_prefix}pm_recipients
  3539. SET in_inbox = {int:in_inbox}
  3540. WHERE id_pm = {int:id_pm}
  3541. AND id_member = {int:current_member}',
  3542. array(
  3543. 'in_inbox' => 1,
  3544. 'id_pm' => $pm,
  3545. 'current_member' => $user_info['id'],
  3546. )
  3547. );
  3548. }
  3549. else
  3550. {
  3551. $realLabels[] = $label['id'];
  3552. }
  3553. }
  3554. }
  3555. $inserts = array();
  3556. // Now we insert the label info
  3557. foreach ($realLabels as $a_label)
  3558. $inserts[] = array($pm, $a_label);
  3559. $smcFunc['db_insert']('',
  3560. '{db_prefix}pm_labeled_messages',
  3561. array('id_pm' => 'int', 'id_label' => 'int'),
  3562. $inserts,
  3563. array()
  3564. );
  3565. }
  3566. }
  3567. }
  3568. /**
  3569. * Load up all the rules for the current user.
  3570. *
  3571. * @param bool $reload = false
  3572. */
  3573. function LoadRules($reload = false)
  3574. {
  3575. global $user_info, $context, $smcFunc;
  3576. if (isset($context['rules']) && !$reload)
  3577. return;
  3578. $request = $smcFunc['db_query']('', '
  3579. SELECT
  3580. id_rule, rule_name, criteria, actions, delete_pm, is_or
  3581. FROM {db_prefix}pm_rules
  3582. WHERE id_member = {int:current_member}',
  3583. array(
  3584. 'current_member' => $user_info['id'],
  3585. )
  3586. );
  3587. $context['rules'] = array();
  3588. // Simply fill in the data!
  3589. while ($row = $smcFunc['db_fetch_assoc']($request))
  3590. {
  3591. $context['rules'][$row['id_rule']] = array(
  3592. 'id' => $row['id_rule'],
  3593. 'name' => $row['rule_name'],
  3594. 'criteria' => unserialize($row['criteria']),
  3595. 'actions' => unserialize($row['actions']),
  3596. 'delete' => $row['delete_pm'],
  3597. 'logic' => $row['is_or'] ? 'or' : 'and',
  3598. );
  3599. if ($row['delete_pm'])
  3600. $context['rules'][$row['id_rule']]['actions'][] = array('t' => 'del', 'v' => 1);
  3601. }
  3602. $smcFunc['db_free_result']($request);
  3603. }
  3604. /**
  3605. * Check if the PM is available to the current user.
  3606. *
  3607. * @param int $pmID
  3608. * @param $validFor
  3609. * @return boolean
  3610. */
  3611. function isAccessiblePM($pmID, $validFor = 'in_or_outbox')
  3612. {
  3613. global $user_info, $smcFunc;
  3614. $request = $smcFunc['db_query']('', '
  3615. SELECT
  3616. pm.id_member_from = {int:id_current_member} AND pm.deleted_by_sender = {int:not_deleted} AS valid_for_outbox,
  3617. pmr.id_pm IS NOT NULL AS valid_for_inbox
  3618. FROM {db_prefix}personal_messages AS pm
  3619. LEFT JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm AND pmr.id_member = {int:id_current_member} AND pmr.deleted = {int:not_deleted})
  3620. WHERE pm.id_pm = {int:id_pm}
  3621. AND ((pm.id_member_from = {int:id_current_member} AND pm.deleted_by_sender = {int:not_deleted}) OR pmr.id_pm IS NOT NULL)',
  3622. array(
  3623. 'id_pm' => $pmID,
  3624. 'id_current_member' => $user_info['id'],
  3625. 'not_deleted' => 0,
  3626. )
  3627. );
  3628. if ($smcFunc['db_num_rows']($request) === 0)
  3629. {
  3630. $smcFunc['db_free_result']($request);
  3631. return false;
  3632. }
  3633. $validationResult = $smcFunc['db_fetch_assoc']($request);
  3634. $smcFunc['db_free_result']($request);
  3635. switch ($validFor)
  3636. {
  3637. case 'inbox':
  3638. return !empty($validationResult['valid_for_inbox']);
  3639. break;
  3640. case 'outbox':
  3641. return !empty($validationResult['valid_for_outbox']);
  3642. break;
  3643. case 'in_or_outbox':
  3644. return !empty($validationResult['valid_for_inbox']) || !empty($validationResult['valid_for_outbox']);
  3645. break;
  3646. default:
  3647. trigger_error('Undefined validation type given', E_USER_ERROR);
  3648. break;
  3649. }
  3650. }
  3651. ?>