| [ Index ] |
|
Code source de Phorum 5.1.25 |
1 <?php 2 3 //////////////////////////////////////////////////////////////////////////////// 4 // // 5 // Copyright (C) 2006 Phorum Development Team // 6 // http://www.phorum.org // 7 // // 8 // This program is free software. You can redistribute it and/or modify // 9 // it under the terms of either the current Phorum License (viewable at // 10 // phorum.org) or the Phorum License that was distributed with this file // 11 // // 12 // This program is distributed in the hope that it will be useful, // 13 // but WITHOUT ANY WARRANTY, without even the implied warranty of // 14 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. // 15 // // 16 // You should have received a copy of the Phorum License // 17 // along with this program. // 18 //////////////////////////////////////////////////////////////////////////////// 19 20 // These language strings are set dynamically, so the language 21 // tool won't recognize them automatically. Therefore they are 22 // mentioned here. 23 // $PHORUM["DATA"]["LANG"]["PMFolderCreateSuccess"] 24 // $PHORUM["DATA"]["LANG"]["PMFolderRenameSuccess"] 25 // $PHORUM["DATA"]["LANG"]["PMFolderDeleteSuccess"] 26 // $PHORUM["DATA"]["LANG"]["PMSent"] 27 28 // PMTODO If reading from a mail notify, lookup the folder_id, 29 // so the close button will work. Now the folder_id is empty. 30 // PMTODO implement pm_reply_flag functionality 31 32 define('phorum_page','pm'); 33 34 include_once ("./common.php"); 35 36 phorum_require_login(); 37 38 // set all our common URL's 39 phorum_build_common_urls(); 40 41 include_once ("./include/email_functions.php"); 42 include_once ("./include/format_functions.php"); 43 44 // a user has to be logged in to use the private messages system 45 if (!$PHORUM["DATA"]["LOGGEDIN"]) { 46 phorum_redirect_by_url(phorum_get_url(PHORUM_LIST_URL)); 47 exit(); 48 } 49 50 // if the user is not fully logged in, send him to the login page 51 if (!$PHORUM["DATA"]["FULLY_LOGGEDIN"]) { 52 53 // Construct the URL to redirect to after logging in. 54 $args = array(PHORUM_PM_URL); 55 foreach ($PHORUM["args"] as $k => $v) { 56 if (in_array("$k=$v", $PHORUM["DATA"]["GET_VARS"])) continue; 57 if(is_numeric($k)) $args[] = $v; else $args[] = "$k=$v"; 58 } 59 $redir = urlencode(call_user_func_array('phorum_get_url', $args)); 60 61 phorum_redirect_by_url(phorum_get_url(PHORUM_LOGIN_URL, "redir=$redir")); 62 exit(); 63 } 64 65 // If private messages are disabled, just show a simple error message. 66 if (! $PHORUM["enable_pm"]) { 67 $PHORUM["DATA"]["BLOCK_CONTENT"] = $PHORUM["DATA"]["LANG"]["PMDisabled"]; 68 include phorum_get_template("header"); 69 phorum_hook("after_header"); 70 include phorum_get_template("stdblock"); 71 phorum_hook("before_footer"); 72 include phorum_get_template("footer"); 73 return; 74 } 75 76 // ------------------------------------------------------------------------ 77 // Parameter handling 78 // ------------------------------------------------------------------------ 79 80 // Retrieve a parameter from either the args-list or $_POST. 81 // Do typecasting if requested. 82 function phorum_getparam($name, $type = NULL) 83 { 84 $PHORUM = $GLOBALS["PHORUM"]; 85 86 $ret = NULL; 87 if (isset($PHORUM["args"][$name])) { 88 $ret = trim($PHORUM["args"][$name]); 89 }elseif (isset($_POST[$name])) { 90 $ret = trim($_POST[$name]); 91 } 92 93 // Apply typecasting if requested. 94 if ($ret != NULL && $type != NULL) { 95 switch ($type) { 96 97 case 'integer': 98 $ret = (int) $ret; 99 break; 100 101 case 'boolean': 102 $ret = $ret ? 1 : 0; 103 break; 104 105 case 'folder_id': 106 if ($ret != PHORUM_PM_INBOX && $ret != PHORUM_PM_OUTBOX) { 107 $ret = (int)$ret; 108 } 109 break; 110 111 default: 112 die("Internal error in phorum_getparam: " . 113 "illegal type for typecasting: ".htmlspecialchars($type)); 114 } 115 } 116 117 return $ret; 118 } 119 120 // Get basic parameters. 121 $action = phorum_getparam('action'); 122 $page = phorum_getparam('page'); 123 $folder_id = phorum_getparam('folder_id', 'folder_id'); 124 $pm_id = phorum_getparam('pm_id', 'integer'); 125 $forum_id = (int)$PHORUM["forum_id"]; 126 $user_id = (int)$PHORUM["user"]["user_id"]; 127 $hide_userselect = phorum_getparam('hide_userselect', 'boolean'); 128 129 // Cleanup array with checked PM items. 130 if (isset($_POST["checked"])) { 131 $checked = array(); 132 foreach ($_POST["checked"] as $pm_id) { 133 $checked[] = (int)$pm_id; 134 } 135 $_POST["checked"] = $checked; 136 } 137 138 // Get recipients from the form and create a valid list of recipients. 139 $recipients = array(); 140 if (isset($_POST["recipients"]) && is_array($_POST["recipients"])) { 141 foreach ($_POST["recipients"] as $id => $username) { 142 $user = phorum_user_get($id, false); 143 if ($user && $user["active"] == 1) { 144 $recipients[$id] = $user; 145 } 146 } 147 } 148 149 // init error var 150 $error_msg = ""; 151 152 // ------------------------------------------------------------------------ 153 // Banlist checking 154 // ------------------------------------------------------------------------ 155 156 // Start editor Post message Post reply 157 if ($page == 'send' || $action == 'post' || ($action == 'list' && isset($pm_id))) 158 { 159 include_once ("./include/profile_functions.php"); 160 $error = phorum_check_bans(array( 161 array($PHORUM["user"]["username"], PHORUM_BAD_NAMES), 162 array($PHORUM["user"]["email"], PHORUM_BAD_EMAILS), 163 array($user_id, PHORUM_BAD_USERID), 164 array(NULL, PHORUM_BAD_IPS), 165 )); 166 167 // Show an error in case we encountered a ban. 168 if (! empty($error)) { 169 $PHORUM["DATA"]["ERROR"] = $error; 170 include phorum_get_template("header"); 171 phorum_hook("after_header"); 172 include phorum_get_template("message"); 173 phorum_hook("before_footer"); 174 include phorum_get_template("footer"); 175 return; 176 } 177 } 178 179 // ------------------------------------------------------------------------ 180 // Perform actions 181 // ------------------------------------------------------------------------ 182 183 // Initialize error and ok message. 184 $error = ''; 185 $okmsg = ''; 186 187 // init folder list 188 $pm_folders = phorum_db_pm_getfolders(NULL, true); 189 190 // Translate button clicks from the read page to appropriate actions. 191 if (isset($_POST['close_message'])) { 192 $page = 'list'; 193 } elseif (isset($_POST['delete_message'])) { 194 $page = 'list'; 195 $_POST['delete'] = 1; 196 $_POST['checked'] = array($pm_id); 197 $action = 'list'; 198 } elseif (isset($_POST['move_message'])) { 199 $page = 'list'; 200 $_POST['move'] = 1; 201 $_POST['checked'] = array($pm_id); 202 $action = 'list'; 203 } elseif (isset($_POST['reply']) || isset($_POST['reply_to_all'])) { 204 $page = 'send'; 205 $action = ''; 206 } 207 208 if (!empty($action)) { 209 210 // Utility function to check if a foldername already exists. 211 // No extreme checking with locking here. Technically 212 // speaking duplicate foldernames will work. It's just 213 // confusing for the user. 214 function phorum_pm_folder_exists($foldername) 215 { 216 global $pm_folders; 217 foreach ($pm_folders as $id => $data) { 218 if (strcasecmp($foldername, $data["name"]) == 0) { 219 return true; 220 } 221 } 222 return false; 223 } 224 225 // Redirect will be set to a true value if after performing 226 // the action we want to use a redirect to get to the 227 // result page. This is done for two reasons: 228 // 1) Let the result page use refreshed PM data; 229 // 2) Prevent reloading of the action page (which could for 230 // example result in duplicate message sending). 231 // The variable $redirect_message can be set to a language 232 // key string to have a message displayed after redirection. 233 $redirect = false; 234 $redirect_message = ''; 235 236 switch($action) { 237 238 // Actions which are triggered from the folder management interface. 239 case "folders": 240 241 $redirect = false; 242 $page = "folders"; 243 244 // Create folder. 245 if (!empty($_POST['create_folder'])) 246 { 247 $foldername = trim($_POST["create_folder_name"]); 248 249 if ($foldername != '') 250 { 251 if (phorum_pm_folder_exists($foldername)) { 252 $error = $PHORUM["DATA"]["LANG"]["PMFolderExistsError"]; 253 } else { 254 phorum_db_pm_create_folder($foldername); 255 $redirect_message = "PMFolderCreateSuccess"; 256 $redirect = true; 257 } 258 259 } 260 } 261 262 // Rename a folder. 263 elseif (!empty($_POST['rename_folder'])) 264 { 265 $from = $_POST['rename_folder_from']; 266 $to = trim($_POST['rename_folder_to']); 267 268 if (!empty($from) && $to != '') { 269 if (phorum_pm_folder_exists($to)) { 270 $error = $PHORUM["DATA"]["LANG"]["PMFolderExistsError"]; 271 } else { 272 phorum_db_pm_rename_folder($from, $to); 273 $redirect_message = "PMFolderRenameSuccess"; 274 $redirect = true; 275 } 276 } 277 } 278 279 // Delete a folder. 280 elseif (!empty($_POST['delete_folder'])) 281 { 282 $folder_id = $_POST["delete_folder_target"]; 283 if (!empty($folder_id)) { 284 phorum_db_pm_delete_folder($folder_id); 285 $redirect_message = "PMFolderDeleteSuccess"; 286 $redirect = true; 287 288 // Invalidate user cache, to update message counts. 289 phorum_cache_remove('user',$user_id); 290 } 291 } 292 293 break; 294 295 296 // Actions which are triggered from the list interface. 297 case "list": 298 299 // Delete all checked messages. 300 if (isset($_POST["delete"]) && isset($_POST["checked"])) { 301 foreach($_POST["checked"] as $pm_id) { 302 if (phorum_db_pm_get($pm_id, $folder_id)) { 303 phorum_db_pm_delete($pm_id, $folder_id); 304 } 305 } 306 307 // Invalidate user cache, to update message counts. 308 phorum_cache_remove('user',$user_id); 309 } 310 311 // Move checked messages to another folder. 312 elseif (isset($_POST["move"]) && isset($_POST["checked"])) { 313 $to = $_POST['target_folder']; 314 if (! empty($to)) { 315 foreach($_POST["checked"] as $pm_id) { 316 if (phorum_db_pm_get($pm_id, $folder_id)) { 317 phorum_db_pm_move($pm_id, $folder_id, $to); 318 } 319 } 320 } 321 } 322 323 $page = "list"; 324 $redirect = true; 325 326 break; 327 328 329 // Actions which are triggered from the post form. 330 case "post": 331 332 // Parse clicks on the image buttons that we use for 333 // deleting recipients from the list of recipients. 334 // These are not sent as name=value, but instead 335 // name_x=xclickoffset and name_y=yclickoffset are sent. 336 // Also accept normal button clicks with name="del_rcpt::<id>", 337 // so template builders can use that. 338 $del_rcpt = NULL; 339 foreach ($_POST as $key => $val) { 340 if (preg_match('/^del_rcpt::(\d+)(_x)?$/', $key, $m)) { 341 $del_rcpt = $m[1]; 342 break; 343 } 344 } 345 346 // Determine what action to perform. 347 $action = "post"; 348 if (isset($_POST["preview"])) $action = "preview"; 349 if (isset($_POST["rcpt_add"])) $action = "rcpt_add"; 350 if (!is_null($del_rcpt)) $action = "del_rcpt"; 351 352 // Adding a recipient. 353 if ($action == "rcpt_add" || $action == "preview" || $action == "post") { 354 355 // Convert adding a recipient by name to adding by user id. 356 if (isset($_POST["to_name"])) { 357 $to_name = trim($_POST["to_name"]); 358 if ($to_name != '') { 359 $to_user_id = phorum_db_user_check_field('username', $to_name); 360 if ($to_user_id) { 361 $_POST["to_id"] = $to_user_id; 362 } else { 363 $error = $PHORUM["DATA"]["LANG"]["UserNotFound"]; 364 } 365 } 366 } 367 368 // Add a recipient by id. 369 if (isset($_POST["to_id"]) && is_numeric($_POST["to_id"])) { 370 $user = phorum_user_get($_POST["to_id"], false); 371 if ($user && $user["active"] == 1) { 372 unset($_POST["to_name"]); 373 $recipients[$user["user_id"]] = $user; 374 } else { 375 $error = $PHORUM["DATA"]["LANG"]["UserNotFound"]; 376 } 377 } 378 379 $page = "send"; 380 381 // Deleting a recipient. 382 } elseif ($action == "del_rcpt") { 383 384 unset($recipients[$del_rcpt]); 385 $page = "send"; 386 387 // When deleting a recipient, we always have to 388 // show the user selection. Put it back in, for 389 // situations where we had the user selection 390 // hidden intentionally. 391 $hide_userselect = 0; 392 } 393 394 // For previewing the message, no action has to be taken. 395 if ($action == "preview") { 396 $page = "send"; 397 } 398 399 // Posting the message. 400 elseif ($action == "post") { 401 402 // Only send the message if we have at least one recipient. 403 if (count($recipients)) { 404 $_POST["subject"] = trim($_POST["subject"]); 405 $_POST["message"] = trim($_POST["message"]); 406 407 // Only send the message if all required message data is filled in. 408 if ($_POST["subject"] == '' || $_POST["message"] == '') { 409 410 $error = $PHORUM["DATA"]["LANG"]["PMRequiredFields"]; 411 412 // Message data is okay. Post the message. 413 } else { 414 415 if (empty($_POST["keep"])) $_POST["keep"] = 0; 416 417 // Check if sender and recipients have not yet reached the 418 // maximum number of messages that may be stored on the server. 419 // Administrators may always send PM. 420 if (!$PHORUM['user']['admin'] && isset($PHORUM['max_pm_messagecount']) && $PHORUM['max_pm_messagecount']) 421 { 422 // Build a list of users to check. 423 $checkusers = $recipients; 424 if ($_POST['keep']) $checkusers[] = $PHORUM['user']; 425 426 // Check all users. 427 foreach ($checkusers as $user) 428 { 429 if ($user['admin']) continue; // No limits for admins 430 $current_count = phorum_db_pm_messagecount(PHORUM_PM_ALLFOLDERS, $user["user_id"]); 431 if ($current_count['total'] >= $PHORUM['max_pm_messagecount']) { 432 if ($user['user_id'] == $PHORUM["user"]["user_id"]) { 433 $error = $PHORUM["DATA"]["LANG"]["PMFromMailboxFull"]; 434 } else { 435 $error = $PHORUM["DATA"]["LANG"]["PMToMailboxFull"]; 436 $error = str_replace('%recipient%', htmlspecialchars($user["username"]), $error); 437 } 438 } 439 } 440 } 441 442 // Send the private message if no errors occurred. 443 if (empty($error)) { 444 445 $pm_message_id = phorum_db_pm_send($_POST["subject"], $_POST["message"], array_keys($recipients), NULL, $_POST["keep"]); 446 447 // Show an error in case of problems. 448 if (! $pm_message_id) { 449 450 $error = $PHORUM["DATA"]["LANG"]["PMNotSent"]; 451 452 // Do e-mail notifications on successful sending. 453 } else { 454 455 include_once ("./include/email_functions.php"); 456 457 $pm_message = array( 458 'pm_message_id' => $pm_message_id, 459 'subject' => $_POST['subject'], 460 'message' => $_POST['message'], 461 'from_username' => $PHORUM['user']['username'], 462 'from_user_id' => $user_id, 463 ); 464 465 // Sort all recipients that want a notify by language. 466 $langrcpts = array(); 467 foreach ($recipients as $rcpt_id => $rcpt) { 468 469 if ($rcpt["pm_email_notify"]) { 470 if (!isset($langrcpts[$rcpt["user_language"]])) { 471 $langrcpts[$rcpt["user_language"]] = array($rcpt); 472 } else { 473 $langrcpts[$rcpt["user_language"]][] = $rcpt; 474 } 475 } 476 } 477 478 phorum_email_pm_notice($pm_message, $langrcpts); 479 480 phorum_hook("pm_sent", $pm_message, array_keys($recipients)); 481 } 482 } 483 484 // Invalidate user cache, to update message counts. 485 phorum_cache_remove('user', $user_id); 486 foreach ($recipients as $rcpt) { 487 phorum_cache_remove('user', $rcpt["user_id"]); 488 } 489 490 $redirect_message = "PMSent"; 491 } 492 493 } else { 494 $error = $PHORUM["DATA"]["LANG"]["PMNoRecipients"]; 495 } 496 497 // Stay on the post page in case of errors. Redirect on success. 498 if ($error) { 499 $page = "send"; 500 } else { 501 $redirect = true; 502 } 503 504 } 505 506 break; 507 508 509 // Actions that are triggered from the buddy list. 510 case "buddies": 511 512 // Delete all checked buddies. 513 if (isset($_POST["delete"]) && isset($_POST["checked"])) { 514 foreach($_POST["checked"] as $buddy_user_id) { 515 phorum_db_pm_buddy_delete($buddy_user_id); 516 phorum_hook("buddy_delete", $buddy_user_id); 517 } 518 } 519 520 // Send a PM to the checked buddies. 521 if (isset($_POST["send_pm"]) && isset($_POST["checked"])) { 522 $pm_rcpts = $_POST["checked"]; 523 if (count($pm_rcpts)) { 524 $redirect = true; 525 $page = "send"; 526 } else { 527 unset($pm_rcpts); 528 } 529 } 530 531 break; 532 533 534 // Add a user to this user's buddy list. 535 case "addbuddy": 536 537 $buddy_user_id = $PHORUM["args"]["addbuddy_id"]; 538 if (!empty($buddy_user_id)) { 539 if (phorum_db_pm_buddy_add($buddy_user_id)) { 540 $okmsg = $PHORUM["DATA"]["LANG"]["BuddyAddSuccess"]; 541 phorum_hook("buddy_add", $buddy_user_id); 542 } else { 543 $error = $PHORUM["DATA"]["LANG"]["BuddyAddFail"]; 544 } 545 } 546 break; 547 548 549 default: 550 die("Unhandled action for pm.php: " . htmlspecialchars($action)); 551 552 } 553 554 // The action has been completed successfully. 555 // Redirect the user to the result page. 556 if ($redirect) 557 { 558 $args = array( 559 PHORUM_PM_URL, 560 "page=" . $page, 561 "folder_id=" . $folder_id, 562 ); 563 if (isset($pm_rcpts)) $args[] = "to_id=" . implode(':', $pm_rcpts); 564 if (!empty($pm_id)) $args[] = "pm_id=" . $pm_id; 565 if (!empty($redirect_message)) $args[] = "okmsg=" . $redirect_message; 566 567 $redir_url = call_user_func_array('phorum_get_url', $args); 568 569 phorum_redirect_by_url($redir_url); 570 exit(); 571 } 572 573 } 574 575 // ------------------------------------------------------------------------ 576 // Display a PM page 577 // ------------------------------------------------------------------------ 578 579 // Use the message list as the default page. 580 if (!$page){ 581 $page = "list"; 582 $folder_id = PHORUM_PM_INBOX; 583 } 584 585 // Show an OK message for a redirected page? 586 $okmsg_id = phorum_getparam('okmsg'); 587 if ($okmsg_id && isset($PHORUM["DATA"]["LANG"][$okmsg_id])) { 588 $okmsg = $PHORUM["DATA"]["LANG"][$okmsg_id]; 589 } 590 591 // Make error and OK messages available in the template. 592 $PHORUM["DATA"]["ERROR"] = (empty($error)) ? "" : $error; 593 $PHORUM["DATA"]["OKMSG"] = (empty($okmsg)) ? "" : $okmsg; 594 595 $template = ''; 596 597 switch ($page) { 598 599 // Manage the PM folders. 600 case "folders": 601 602 $PHORUM["DATA"]["CREATE_FOLDER_NAME"] = isset($_POST["create_folder_name"]) ? htmlspecialchars($_POST["create_folder_name"]) : ''; 603 $PHORUM["DATA"]["RENAME_FOLDER_NAME"] = isset($_POST["rename_folder_name"]) ? htmlspecialchars($_POST["rename_folder_name"]) : ''; 604 $template = "pm_folders"; 605 break; 606 607 608 // Manage the buddies. 609 case "buddies": 610 611 // Retrieve a list of users that are buddies for the current user. 612 $buddy_list = phorum_db_pm_buddy_list(NULL, true); 613 if (count($buddy_list)) { 614 $buddy_users = phorum_user_get(array_keys($buddy_list), false); 615 $buddy_users = phorum_hook("read_user_info", $buddy_users); 616 } else { 617 $buddy_users = array(); 618 } 619 620 // Sort the buddies by username. 621 function phorum_sort_buddy_list($a,$b) { 622 return strcasecmp($a["username"], $b["username"]); 623 } 624 uasort($buddy_users, 'phorum_sort_buddy_list'); 625 626 $buddies = array(); 627 foreach ($buddy_users as $id => $buddy_user) { 628 $buddy = array( 629 'user_id' => $id, 630 'profile_url' => phorum_get_url(PHORUM_PROFILE_URL, $buddy_user["user_id"]), 631 'username' => htmlspecialchars($buddy_user["username"]), 632 'real_name' => isset($buddy_user["real_name"]) ? htmlspecialchars($buddy_user["real_name"]) : '', 633 'mutual' => $buddy_list[$id]["mutual"], 634 ); 635 636 if (!$buddy_user['hide_activity']) { 637 $buddy["date_last_active"] = phorum_date($PHORUM["short_date"], $buddy_user["date_last_active"]); 638 } else { 639 $buddy["date_last_active"] = "-"; 640 } 641 $buddies[$id] = $buddy; 642 } 643 644 $PHORUM["DATA"]["USERTRACK"] = $PHORUM["track_user_activity"]; 645 $PHORUM["DATA"]["BUDDIES"] = $buddies; 646 $PHORUM["DATA"]["BUDDYCOUNT"] = count($buddies); 647 648 $PHORUM["DATA"]["PMLOCATION"] = $PHORUM["DATA"]["LANG"]["Buddies"]; 649 650 $template = "pm_buddies"; 651 break; 652 653 654 // Show a listing of messages in a folder. 655 case "list": 656 657 // Check if the folder exists for the user. 658 if (! isset($pm_folders[$folder_id])) { 659 $PHORUM["DATA"]["BLOCK_CONTENT"] = $PHORUM["DATA"]["LANG"]["PMFolderNotAvailable"]; 660 $template = "stdblock"; 661 } else { 662 663 $list = phorum_db_pm_list($folder_id); 664 665 // Prepare data for the templates (formatting and XSS prevention). 666 $list = phorum_pm_format($list); 667 foreach ($list as $message_id => $message) 668 { 669 $list[$message_id]["from_profile_url"] = phorum_get_url(PHORUM_PROFILE_URL, $message["from_user_id"]); 670 $list[$message_id]["read_url"]=phorum_get_url(PHORUM_PM_URL, "page=read", "folder_id=$folder_id", "pm_id=$message_id"); 671 $list[$message_id]["date"] = phorum_date($PHORUM["short_date"], $message["datestamp"]); 672 $list[$message_id]["recipient_count"] = count($message["recipients"]); 673 $receive_count = 0; 674 foreach ($message["recipients"] as $rcpt_id => $rcpt) { 675 if ($rcpt["read_flag"]) $receive_count++; 676 $list[$message_id]["recipients"][$rcpt_id]["username"] = htmlspecialchars($rcpt["username"]); 677 $list[$message_id]["recipients"][$rcpt_id]["to_profile_url"] = phorum_get_url(PHORUM_PROFILE_URL, $rcpt_id); 678 } 679 $list[$message_id]["receive_count"] = $receive_count; 680 } 681 682 // Setup template variables. 683 $PHORUM["DATA"]["MESSAGECOUNT"] = count($list); 684 $PHORUM["DATA"]["MESSAGES"] = $list; 685 $PHORUM["DATA"]["PMLOCATION"] = $pm_folders[$folder_id]["name"]; 686 687 $template = "pm_list"; 688 } 689 690 break; 691 692 693 // Read a single private message. 694 case "read": 695 696 if (($message=phorum_db_pm_get($pm_id, $folder_id))) { 697 698 // Mark the message read. 699 if (! $message['read_flag']) { 700 phorum_db_pm_setflag($message["pm_message_id"], PHORUM_PM_READ_FLAG, true); 701 702 // Invalidate user cache, to update message counts. 703 phorum_cache_remove('user',$user_id); 704 } 705 706 // Run the message through the default message formatting. 707 list($message) = phorum_pm_format(array($message)); 708 709 // Setup data for recipients. 710 foreach ($message["recipients"] as $rcpt_id => $rcpt) { 711 $message["recipients"][$rcpt_id]["username"] = htmlspecialchars($rcpt["username"]); 712 $message["recipients"][$rcpt_id]["to_profile_url"] = phorum_get_url(PHORUM_PROFILE_URL, $rcpt_id); 713 } 714 $message["recipient_count"] = count($message["recipients"]); 715 716 // Setup URL's and format date. 717 $message["from_profile_url"]=phorum_get_url(PHORUM_PROFILE_URL, $message["from_user_id"]); 718 $message["date"]=phorum_date($PHORUM["short_date"], $message["datestamp"]); 719 720 $PHORUM["DATA"]["MESSAGE"] = $message; 721 $PHORUM["DATA"]["PMLOCATION"] = $PHORUM["DATA"]["LANG"]["PMRead"]; 722 723 // re-init folder list to account for change in read flags 724 $pm_folders = phorum_db_pm_getfolders(NULL, true); 725 726 // Set folder id to the right folder for this message. 727 $folder_id = $message["pm_folder_id"]; 728 if ($folder_id == 0) { 729 $folder_id = $message["special_folder"]; 730 } 731 732 $template = "pm_read"; 733 734 } else { 735 736 // The message was not found. Show an error. 737 $PHORUM["DATA"]["BLOCK_CONTENT"] = $PHORUM["DATA"]["LANG"]["PMNotAvailable"]; 738 $template = "stdblock"; 739 } 740 741 break; 742 743 744 // Post a new private message. 745 case "send": 746 747 // Setup the default array with the message data. 748 $msg = array( 749 "from_user_id" => $PHORUM["user"]["user_id"], 750 "from_username" => $PHORUM["user"]["username"], 751 "keep" => isset($_POST["keep"]) && $_POST["keep"] ? 1 : 0, 752 "subject" => isset($_POST["subject"]) ? $_POST["subject"] : '', 753 "message" => isset($_POST["message"]) ? $_POST["message"] : '', 754 "preview" => isset($_POST["preview"]) ? 1 : 0, 755 "recipients" => $recipients, 756 ); 757 758 // Data initialization for posting messages on first request. 759 if ($action == NULL || $action != 'post') 760 { 761 // Setup data for sending a private message to specified recipients. 762 // Recipients are passed on as a standard phorum argument "to_id" 763 // containing a colon separated list of users. 764 if (isset($PHORUM["args"]["to_id"])) { 765 foreach (explode(":", $PHORUM["args"]["to_id"]) as $rcpt_id) { 766 settype($rcpt_id, "int"); 767 $user = phorum_user_get($rcpt_id, false); 768 if ($user) { 769 $msg["recipients"][$rcpt_id] = array( 770 "username" => $user["username"], 771 "user_id" => $user["user_id"] 772 ); 773 } 774 } 775 776 $hide_userselect = 1; 777 778 // Setup data for replying to a private message. 779 } elseif (isset($pm_id)) { 780 781 $message = phorum_db_pm_get($pm_id); 782 $msg["subject"] = $message["subject"]; 783 $msg["message"] = $message["message"]; 784 $msg["recipients"][$message["from_user_id"]] = array( 785 "username" => $message["from_username"], 786 "user_id" => $message["from_user_id"] 787 ); 788 $msg = phorum_pm_quoteformat($message["from_username"], $msg); 789 790 // Include the other recipient, excecpt the active 791 // user himself, when replying to all. 792 if (isset($_POST["reply_to_all"])) { 793 foreach($message["recipients"] as $rcpt) { 794 if ($user_id == $rcpt["user_id"]) continue; 795 $msg["recipients"][$rcpt["user_id"]] = array( 796 "username" => $rcpt["username"], 797 "user_id" => $rcpt["user_id"], 798 ); 799 } 800 } 801 802 $hide_userselect = 1; 803 804 // Setup data for replying privately to a forum post. 805 } elseif (isset($PHORUM["args"]["message_id"])) { 806 807 $message = phorum_db_get_message($PHORUM["args"]["message_id"], "message_id", true); 808 809 if (phorum_user_access_allowed(PHORUM_USER_ALLOW_READ) && ($PHORUM["forum_id"]==$message["forum_id"] || $message["forum_id"] == 0)) { 810 811 // get url to the message board thread 812 $origurl = phorum_get_url(PHORUM_READ_URL, $message["thread"], $message["message_id"]); 813 814 // Find the real username, because some mods rewrite the 815 // username in the message table. There will be a better solution 816 // for selecting recipients, but for now this will fix some 817 // of the problems. 818 $user = phorum_user_get($message["user_id"], false); 819 820 $msg["subject"] = $message["subject"]; 821 $msg["message"] = $message["body"]; 822 $msg["recipients"][$message["user_id"]] = array( 823 'username' => $user["username"], 824 'user_id' => $user["user_id"] 825 ); 826 $msg = phorum_pm_quoteformat($user["username"], $msg, $origurl); 827 } 828 829 $hide_userselect = 1; 830 } 831 } 832 833 // Setup data for previewing a message. 834 if ($msg["preview"]) { 835 list($preview) = phorum_pm_format(array($msg)); 836 foreach ($preview["recipients"] as $id => $rcpt) { 837 $preview["recipients"][$id]["username"] = 838 htmlspecialchars($rcpt["username"]); 839 } 840 $PHORUM["DATA"]["PREVIEW"] = $preview; 841 } 842 843 // XSS prevention. 844 foreach ($msg as $key => $val) { 845 switch ($key) { 846 case "recipients": { 847 foreach ($val as $id => $data) { 848 $msg[$key][$id]["username"] = htmlspecialchars($data["username"]); 849 } 850 break; 851 } 852 default: { 853 $msg[$key] = htmlspecialchars($val); 854 break; 855 } 856 } 857 } 858 859 860 $PHORUM["DATA"]["MESSAGE"] = $msg; 861 $PHORUM["DATA"]["RECIPIENT_COUNT"] = count($msg["recipients"]); 862 $PHORUM["DATA"]["SHOW_USERSELECTION"] = true; 863 864 // Determine what input element gets the focus. 865 $focus_id = 'userselection'; 866 if ($PHORUM["DATA"]["RECIPIENT_COUNT"]) $focus_id = 'subject'; 867 if (!empty($msg["subject"])) $focus_id = 'message'; 868 $PHORUM["DATA"]["FOCUS_TO_ID"] = $focus_id; 869 870 // Create data for a user dropdown list, if configured. 871 if ($PHORUM["DATA"]["SHOW_USERSELECTION"] && $PHORUM["enable_dropdown_userlist"]) 872 { 873 $allusers = array(); 874 $userlist = phorum_user_get_list(1); 875 foreach ($userlist as $user_id => $userinfo){ 876 if (isset($msg["recipients"][$user_id])) continue; 877 $userinfo["displayname"] = htmlspecialchars($userinfo["displayname"]); 878 $userinfo["username"] = htmlspecialchars($userinfo["username"]); 879 $userinfo["user_id"] = $user_id; 880 $allusers[] = $userinfo; 881 } 882 $PHORUM["DATA"]["USERS"] = $allusers; 883 if (count($allusers) == 0) $PHORUM["DATA"]["SHOW_USERSELECTION"] = false; 884 } 885 886 $PHORUM["DATA"]["PMLOCATION"] = $PHORUM["DATA"]["LANG"]["SendPM"]; 887 $template = "pm_post"; 888 break; 889 890 default: 891 892 die("Illegal page requested: " . htmlspecialchars($page)); 893 } 894 895 if ($hide_userselect) { 896 $PHORUM["DATA"]["SHOW_USERSELECTION"] = 0; 897 } 898 899 // Make message count and quota information available in the templates. 900 $PHORUM['DATA']['MAX_PM_MESSAGECOUNT'] = 0; 901 if (! $PHORUM['user']['admin'] && isset($PHORUM['max_pm_messagecount']) && $PHORUM['max_pm_messagecount']) { 902 $PHORUM['DATA']['MAX_PM_MESSAGECOUNT'] = $PHORUM['max_pm_messagecount']; 903 if ($PHORUM['max_pm_messagecount']) 904 { 905 $current_count = phorum_db_pm_messagecount(PHORUM_PM_ALLFOLDERS); 906 $PHORUM['DATA']['PM_MESSAGECOUNT'] = $current_count['total']; 907 $space_left = $PHORUM['max_pm_messagecount'] - $current_count['total']; 908 if ($space_left < 0) $space_left = 0; 909 $PHORUM['DATA']['PM_SPACE_LEFT'] = $space_left; 910 $PHORUM['DATA']['LANG']['PMSpaceLeft'] = str_replace('%pm_space_left%', $space_left, $PHORUM['DATA']['LANG']['PMSpaceLeft']); 911 } 912 } 913 914 // Make a list of folders for use in the menu and a list of folders that 915 // the user created. The latter will be set to zero if no user folders 916 // are available. 917 918 $pm_userfolders = array(); 919 foreach($pm_folders as $id => $data) 920 { 921 $pm_folders[$id]["is_special"] = is_numeric($id) ? 0 : 1; 922 $pm_folders[$id]["is_outgoing"] = $id == PHORUM_PM_OUTBOX; 923 $pm_folders[$id]["id"] = $id; 924 $pm_folders[$id]["name"] = htmlspecialchars($data["name"]); 925 $pm_folders[$id]["url"] = phorum_get_url(PHORUM_PM_URL, "page=list", "folder_id=$id"); 926 927 if (!$pm_folders[$id]["is_special"]) { 928 $pm_userfolders[$id] = $pm_folders[$id]; 929 } 930 } 931 932 $PHORUM["DATA"]["URL"]["PM_FOLDERS"] = phorum_get_url(PHORUM_PM_URL, "page=folders"); 933 $PHORUM["DATA"]["URL"]["PM_SEND"] = phorum_get_url(PHORUM_PM_URL, "page=send"); 934 $PHORUM["DATA"]["URL"]["BUDDIES"] = phorum_get_url(PHORUM_PM_URL, "page=buddies"); 935 936 $PHORUM["DATA"]["PM_FOLDERS"] = $pm_folders; 937 $PHORUM["DATA"]["PM_USERFOLDERS"] = count($pm_userfolders) ? $pm_userfolders : 0; 938 939 940 // Set some default template data. 941 $PHORUM["DATA"]["ACTION"]=phorum_get_url( PHORUM_PM_ACTION_URL ); 942 $PHORUM["DATA"]["FOLDER_ID"] = $folder_id; 943 $PHORUM["DATA"]["FOLDER_IS_INCOMING"] = $folder_id == PHORUM_PM_OUTBOX ? 0 : 1; 944 $PHORUM["DATA"]["PM_PAGE"] = $page; 945 $PHORUM["DATA"]["HIDE_USERSELECT"] = $hide_userselect; 946 947 include phorum_get_template("header"); 948 phorum_hook("after_header"); 949 if ($error_msg) { 950 $PHORUM["DATA"]["ERROR"] = $error_msg; 951 unset($PHORUM["DATA"]["MESSAGE"]); 952 include phorum_get_template("message"); 953 } else { 954 include phorum_get_template("pm"); 955 } 956 phorum_hook("before_footer"); 957 include phorum_get_template("footer"); 958 959 // ------------------------------------------------------------------------ 960 // Utility functions 961 // ------------------------------------------------------------------------ 962 963 // Apply the default forum message formatting to a private message. 964 function phorum_pm_format($messages) 965 { 966 include_once ("./include/format_functions.php"); 967 968 // Reformat message so it looks like a forum message. 969 foreach ($messages as $id => $message) 970 { 971 $messages[$id]["author"] = $message["from_username"]; 972 $messages[$id]["body"] = isset($message["message"]) ? $message["message"] : ""; 973 $messages[$id]["email"] = ""; 974 } 975 976 // Run the messages through the formatting code. 977 $messages = phorum_format_messages($messages); 978 979 // Reformat message back to a private message. 980 foreach ($messages as $id => $message) 981 { 982 $messages[$id]["message"] = $message["body"]; 983 $messages[$id]["from_username"] = $message["author"]; 984 unset($messages[$id]["body"]); 985 unset($messages[$id]["author"]); 986 } 987 988 return $messages; 989 } 990 991 // Apply message reply quoting to a private message. 992 function phorum_pm_quoteformat($orig_author, $message, $inreplyto = NULL) 993 { 994 $PHORUM = $GLOBALS["PHORUM"]; 995 996 // Build the reply subject. 997 if (substr($message["subject"], 0, 3) != "Re:") { 998 $message["subject"] = "Re: ".$message["subject"]; 999 } 1000 1001 $quote = phorum_hook("quote", array($orig_author, $message["message"])); 1002 1003 if (empty($quote) || is_array($quote)) 1004 { 1005 // Build a quoted version of the message body. 1006 $quote = phorum_strip_body($message["message"]); 1007 $quote = str_replace("\n", "\n> ", $quote); 1008 $quote = wordwrap(trim($quote), 50, "\n> ", true); 1009 $quote = "$orig_author {$PHORUM['DATA']['LANG']['Wrote']}:\n" . 1010 str_repeat("-", 55)."\n> {$quote}\n\n\n"; 1011 } 1012 1013 $quote = ($inreplyto != NULL ? "{$PHORUM['DATA']['LANG']['InReplyTo']} {$inreplyto}\n\n" : '') . $quote; 1014 1015 $message["message"] = $quote; 1016 1017 return $message; 1018 } 1019 1020 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Thu Nov 29 12:22:27 2007 | par Balluche grâce à PHPXref 0.7 |
|
|