Changeset 2072 in ExiteCMS for trunk/pm.php
- Timestamp:
- 11/26/08 22:19:58 (3 years ago)
- File:
-
- 1 edited
-
trunk/pm.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/pm.php
r2010 r2072 26 26 locale_load("main.pm"); 27 27 28 // include the pm functions 29 require_once PATH_INCLUDES."pm_functions_include.php"; 30 28 31 // include the forum functions 29 32 require_once PATH_INCLUDES."forum_functions_include.php"; … … 45 48 // get the information of the sender 46 49 $msgrec['sender'] = array(); 47 $result2 = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_id = '".$msgrec['pmindex_from_id']."'"); 48 if ($data2 = dbarray($result2)) { 49 $data2['group_names'] = array(); 50 // user & group memberships 51 $data2['group_names'][] = array('type' => 'U', 'level' => $data2['user_level'], 'name' => getuserlevel($data2['user_level'])); 52 if ($data2['user_groups'] != "") { 53 $gresult = dbquery("SELECT group_name, group_forumname, group_color FROM ".$db_prefix."user_groups WHERE group_id IN (".str_replace('.', ',', substr($data2['user_groups'],1)).") AND group_visible & 2"); 54 $grecs = dbrows($gresult); 55 while ($gdata = dbarray($gresult)) { 56 $data2['group_names'][] = array('type' => 'G', 'color' => $gdata['group_color'], 'name' => $gdata['group_forumname']==""?$gdata['group_name']:$gdata['group_forumname']); 57 } 58 } 59 // country flag 60 if ($settings['forum_flags']) { 61 // fix the webmaster to the site's country code 62 if ($msgrec['pmindex_from_id'] == 1) { 63 $data2['cc_flag'] = GeoIP_Code2Flag($settings['country']); 50 if ($msgrec['pmindex_from_id'] == 0) { 51 // automatic post 52 $msgrec['sender']['user_name'] = $locale['sysusr']; 53 $msgrec['sender']['user_posts'] = "-"; 54 $data2 = dbarray(dbquery("SELECT user_level, user_joined FROM ".$db_prefix."users WHERE user_id = '1'")); 55 $msgrec['sender']['user_joined'] = $data2['user_joined']; 56 $msgrec['sender']['user_level'] = 0; 57 $msgrec['sender']['user_location'] = "-"; 58 $msgrec['sender']['user_sig'] = ""; 59 $msgrec['sender']['user_status'] = "0"; 60 } else { 61 $result2 = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_id = '".$msgrec['pmindex_from_id']."'"); 62 if ($data2 = dbarray($result2)) { 63 $data2['group_names'] = array(); 64 // user & group memberships 65 $data2['group_names'][] = array('type' => 'U', 'level' => $data2['user_level'], 'name' => getuserlevel($data2['user_level'])); 66 if ($data2['user_groups'] != "") { 67 $gresult = dbquery("SELECT group_name, group_forumname, group_color FROM ".$db_prefix."user_groups WHERE group_id IN (".str_replace('.', ',', substr($data2['user_groups'],1)).") AND group_visible & 2"); 68 $grecs = dbrows($gresult); 69 while ($gdata = dbarray($gresult)) { 70 $data2['group_names'][] = array('type' => 'G', 'color' => $gdata['group_color'], 'name' => $gdata['group_forumname']==""?$gdata['group_name']:$gdata['group_forumname']); 71 } 72 } 73 // country flag 74 if ($settings['forum_flags']) { 75 // fix the webmaster to the site's country code 76 if ($msgrec['pmindex_from_id'] == 1) { 77 $data2['cc_flag'] = GeoIP_Code2Flag($settings['country']); 78 } else { 79 $data2['cc_flag'] = GeoIP_IP2Flag($data2['user_ip']); 80 } 64 81 } else { 65 $data2['cc_flag'] = GeoIP_IP2Flag($data2['user_ip']); 66 } 67 } else { 68 $data2['cc_flag'] = GeoIP_Code2Flag(""); 69 } 70 $msgrec['sender'] = $data2; 82 $data2['cc_flag'] = GeoIP_Code2Flag(""); 83 } 84 $msgrec['sender'] = $data2; 85 } 71 86 } 72 87 … … 285 300 286 301 /*---------------------------------------------------+ 287 | Delete a single message, identified by pmindex_id |288 +----------------------------------------------------*/289 function deletemessage($msg_id, $user_id) {290 291 global $db_prefix;292 293 // delete the selected message294 $result = dbquery("SELECT * FROM ".$db_prefix."pm_index WHERE pmindex_id = '".$msg_id."' AND pmindex_user_id='".$user_id."'");295 if ($data = dbarray($result)) {296 $result2 = dbquery("DELETE FROM ".$db_prefix."pm_index WHERE pmindex_id='".$msg_id."' AND pmindex_user_id='".$user_id."'");297 if (dbcount("(*)", "pm_index", "pm_id = '".$data['pm_id']."'") == 0) {298 $result2 = dbquery("SELECT * FROM ".$db_prefix."pm_attachments WHERE pm_id = '".$data['pm_id']."'");299 while ($data2 = dbarray($result2)) {300 @unlink(PATH_PM_ATTACHMENTS.$data2['pmattach_name']);301 // if a thumb exists, delete that too...302 if (file_exists(PATH_PM_ATTACHMENTS.$data2['pmattach_name'].".thumb")) {303 @unlink(PATH_PM_ATTACHMENTS.$data2['pmattach_name'].".thumb");304 }305 }306 $result2 = dbquery("DELETE FROM ".$db_prefix."pm_attachments WHERE pm_id = '".$data['pm_id']."'");307 $result2 = dbquery("DELETE FROM ".$db_prefix."pm WHERE pm_id = '".$data['pm_id']."'");308 }309 }310 }311 312 /*---------------------------------------------------+313 | Save the new message, and send notifications out |314 +----------------------------------------------------*/315 function storemessage($message, $old_pm_id) {316 317 global $db_prefix, $settings, $userdata, $locale, $action, $attachments, $global_options, $user_options, $totals, $random_id;318 319 // check for double posting, generate an error if it is320 if (isset($_SESSION['pm'][$random_id])) {321 return $locale['641'];322 }323 324 // add this post to pm message tracker325 if (!isset($_SESSION['pm']) || !is_array($_SESSION['pm'])) $_SESSION['pm'] = array();326 $_SESSION['pm'][$random_id] = time()+60*60*12;327 328 // check if we need to make room in the outbox of the sender329 if (!$global_options['pm_sentbox_group']) {330 if ($totals['outbox'] >= $global_options['pm_sentbox']) {331 $limit = $totals['outbox'] - $global_options['pm_sentbox'] + 1;332 $result = dbquery(333 "SELECT * FROM ".$db_prefix."pm m, ".$db_prefix."pm_index i334 WHERE m.pm_id = i.pm_id AND i.pmindex_user_id = '".$userdata['user_id']."' AND i.pmindex_folder = '1'335 ORDER BY m.pm_datestamp LIMIT ".$limit336 );337 while ($data = dbarray($result)) {338 deletemessage($data['pmindex_id'], $userdata['user_id']);339 }340 }341 }342 343 // create the recipients list for this message344 $recipients = "";345 foreach($message['recipients'] as $recipient) {346 $recipients .= ($recipients == "" ? "" : "," ) . $recipient;347 }348 349 // store the new message350 $result = dbquery("INSERT INTO ".$db_prefix."pm (pm_subject, pm_message, pm_recipients, pm_smileys, pm_size, pm_datestamp)351 VALUES ('".$message['pm_subject']."', '".$message['pm_message']."', '".$recipients."', '".$message['pm_smileys']."', '".$message['pm_size']."', '".$message['pm_datestamp']."')");352 $pm_id = mysql_insert_id();353 354 // process the attachments, handle deletes first355 if (isset($_POST['delattach']) && count($_POST['delattach']) != 0) {356 foreach($_POST['delattach'] as $key => $value) {357 // check to make sure it is a new upload358 if ($value[0] == "-") {359 $attach = $attachments[substr($value,1)];360 // delete the attachment361 @unlink(PATH_PM_ATTACHMENTS.$attach['attach_tmp']);362 // if a thumb exists, delete that too...363 if (file_exists(PATH_PM_ATTACHMENTS.$attach['attach_tmp'].".thumb")) {364 @unlink(PATH_PM_ATTACHMENTS.$attach['attach_tmp'].".thumb");365 }366 // and remove the upload from the attachment array367 unset($attachments[substr($value,1)]);368 }369 }370 }371 // now save any remaining attachments uploads372 foreach($attachments as $key => $attachment) {373 $attachext = strtolower(strrchr($attachment['attach_name'],"."));374 $attachname = attach_exists(strtolower($attachment['attach_name']), PATH_PM_ATTACHMENTS);375 if (file_exists(PATH_PM_ATTACHMENTS.$attachment['attach_tmp'].".thumb")) {376 rename(PATH_PM_ATTACHMENTS.$attachment['attach_tmp'].".thumb", PATH_PM_ATTACHMENTS.$attachname.".thumb");377 chmod(PATH_PM_ATTACHMENTS.$attachname.".thumb",0664);378 }379 rename(PATH_PM_ATTACHMENTS.$attachment['attach_tmp'], PATH_PM_ATTACHMENTS.$attachname);380 chmod(PATH_PM_ATTACHMENTS.$attachname,0664);381 $result = dbquery("INSERT INTO ".$db_prefix."pm_attachments (pm_id, pmattach_name, pmattach_realname, pmattach_comment, pmattach_ext, pmattach_size) VALUES ('$pm_id', '$attachname', '".$attachment['attach_name']."', '".$attachment['attach_comment']."', '$attachext', '".$attachment['attach_size']."')");382 }383 384 // copy original (and not excluded) attachments when forwarding a message385 if ($action == "forward" && $old_pm_id) {386 $result = dbquery("SELECT * FROM ".$db_prefix."pm_attachments WHERE pm_id='$old_pm_id'");387 while ($data = dbarray($result)) {388 // check if this attachment is not excluded389 if (!in_array($data['pmattach_id'], $_POST['delattach'])) {390 // make a copy of the attachment391 $attachname = attach_exists(strtolower($data['pmattach_realname']), PATH_PM_ATTACHMENTS);392 if (file_exists(PATH_PM_ATTACHMENTS.$data['pmattach_name'].".thumb")) {393 copy(PATH_PM_ATTACHMENTS.$data['pmattach_name'].".thumb", PATH_PM_ATTACHMENTS.$attachname.".thumb");394 chmod(PATH_PM_ATTACHMENTS.$attachname.".thumb",0664);395 }396 copy(PATH_PM_ATTACHMENTS.$data['pmattach_name'], PATH_PM_ATTACHMENTS.$attachname);397 chmod(PATH_PM_ATTACHMENTS.$attachname,0664);398 // and create a new attachment record399 $result2 = dbquery("INSERT INTO ".$db_prefix."pm_attachments (pm_id, pmattach_name, pmattach_realname, pmattach_comment, pmattach_ext, pmattach_size) VALUES ('$pm_id', '$attachname', '".$data['pmattach_realname']."', '".$data['pmattach_comment']."', '".$data['pmattach_ext']."', '".$data['pmattach_size']."')");400 }401 }402 }403 404 // create an index record for the outbox of the sender405 $result = dbquery("INSERT INTO ".$db_prefix."pm_index (pm_id, pmindex_user_id, pmindex_reply_id, pmindex_from_id, pmindex_from_email, pmindex_to_id, pmindex_to_email, pmindex_to_group, pmindex_folder, pmindex_read_datestamp)406 VALUES ('".$pm_id."', '".$userdata['user_id']."', '0', '".$userdata['user_id']."', '', '0', '', '0', '1', '".time()."')");407 408 // load the sendmail module, we might have to send notifications409 require_once PATH_INCLUDES."sendmail_include.php";410 411 // loop through the users412 $error = "";413 foreach($message['user_ids'] as $user) {414 // check if this recipient has room in his inbox. If not, create it415 if (!$global_options['pm_inbox_group']) {416 $inbox_total = dbcount("(pmindex_id)", "pm_index", "pmindex_user_id = '".$user['user_id']."' AND pmindex_folder = '0'");417 if ($inbox_total >= $global_options['pm_inbox']) {418 $limit = $inbox_total - $global_options['pm_inbox'] + 1;419 $result = dbquery(420 "SELECT * FROM ".$db_prefix."pm m, ".$db_prefix."pm_index i421 WHERE m.pm_id = i.pm_id AND i.pmindex_user_id = '".$user['user_id']."' AND i.pmindex_folder = '0'422 ORDER BY m.pm_datestamp LIMIT ".$limit423 );424 while ($data = dbarray($result)) {425 deletemessage($data['pmindex_id'], $user['user_id']);426 }427 }428 }429 // create an index record for the inbox of the recipient430 $result = dbquery("INSERT INTO ".$db_prefix."pm_index (pm_id, pmindex_user_id, pmindex_reply_id, pmindex_from_id, pmindex_from_email, pmindex_to_id, pmindex_to_email, pmindex_to_group, pmindex_folder, pmindex_read_requested)431 VALUES ('".$pm_id."', '".$user['user_id']."', '0', '".$userdata['user_id']."', '', '".$user['user_id']."', '', '0', '0', '1')");432 // user notification if needed433 if ($user['pmconfig_email_notify']) {434 $error = sendemail($user['user_name'], $user['user_email'], $settings['siteusername'],435 ($settings['newsletter_email'] != "" ? $settings['newsletter_email'] : $settings['siteemail']),436 sprintf($locale['625'],$settings['sitename']),437 $user['user_name'].sprintf($locale['626'], $userdata['user_name'], $settings['sitename'], $message['pm_subject'], $settings['siteurl']));438 }439 }440 return $error == true ? "" : $error;441 }442 443 /*---------------------------------------------------+444 302 | Main | 445 303 +----------------------------------------------------*/ … … 480 338 } 481 339 482 // get the global message options483 $result = dbquery("SELECT * FROM ".$db_prefix."pm_config WHERE user_id='0'");484 if (dbrows($result) == 0) {485 // if they don't exist, set a default486 $result = dbquery("INSERT INTO ".$db_prefix."pm_config (user_id, pmconfig_save_sent, pmconfig_read_notify, pmconfig_email_notify, pmconfig_auto_archive, pmconfig_view ) VALUES ('0', '0', '1', '0', '90', '0')");487 $result = dbquery("SELECT * FROM ".$db_prefix."pm_config WHERE user_id='0'");488 }489 $global_options = dbarray($result);490 $global_options['pm_inbox'] = $settings['pm_inbox'];491 $global_options['pm_sentbox'] = $settings['pm_sentbox'];492 $global_options['pm_savebox'] = $settings['pm_savebox'];493 $global_options['pm_inbox_group'] = ($settings['pm_inbox_group'] && checkgroup($settings['pm_inbox_group']));494 $global_options['pm_sentbox_group'] = ($settings['pm_sentbox_group'] && checkgroup($settings['pm_sentbox_group']));495 $global_options['pm_savebox_group'] = ($settings['pm_savebox_group'] && checkgroup($settings['pm_savebox_group']));496 $global_options['pm_send2group'] = $settings['pm_send2group'];497 $global_options['pm_hide_rcpts'] = $settings['pm_hide_rcpts'];498 $variables['global_options'] = $global_options;499 500 340 // get the users message options 501 341 $result = dbquery("SELECT * FROM ".$db_prefix."pm_config WHERE user_id='".$userdata['user_id']."'"); … … 597 437 "SELECT u.user_id, u.user_name, u.user_email, mo.pmconfig_email_notify FROM ".$db_prefix."users u 598 438 LEFT JOIN ".$db_prefix."pm_config mo USING(user_id) 599 WHERE user_ level >= '".$group_id."'"439 WHERE user_status = '0' AND user_level >= '".$group_id."'" 600 440 ); 601 441 } else {
Note: See TracChangeset
for help on using the changeset viewer.
