privmsg.php
来自「这是php编的论坛的原代码」· PHP 代码 · 共 1,873 行 · 第 1/5 页
PHP
1,873 行
$attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];
$user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : "";
if ( $submit && $mode != 'edit' )
{
//
// Flood control
//
$sql = "SELECT MAX(privmsgs_date) AS last_post_time
FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_from_userid = " . $userdata['user_id'];
if ( $result = $db->sql_query($sql) )
{
$db_row = $db->sql_fetchrow($result);
$last_post_time = $db_row['last_post_time'];
$current_time = time();
if ( ( $current_time - $last_post_time ) < $board_config['flood_interval'])
{
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
}
//
// End Flood control
//
}
if ( $submit )
{
// session id check
if ($sid == '' || $sid != $userdata['session_id'])
{
message_die(GENERAL_ERROR, 'Invalid_session');
}
if ( !empty($HTTP_POST_VARS['username']) )
{
$to_username = $HTTP_POST_VARS['username'];
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\'", "''", $to_username) . "'
AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
$error = TRUE;
$error_msg = $lang['No_such_user'];
}
$to_userdata = $db->sql_fetchrow($result);
}
else
{
$error = TRUE;
$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['No_to_user'];
}
$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
if ( empty($privmsg_subject) )
{
$error = TRUE;
$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_subject'];
}
if ( !empty($HTTP_POST_VARS['message']) )
{
if ( !$error )
{
if ( $bbcode_on )
{
$bbcode_uid = make_bbcode_uid();
}
$privmsg_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
}
}
else
{
$error = TRUE;
$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_message'];
}
}
if ( $submit && !$error )
{
//
// Has admin prevented user from sending PM's?
//
if ( !$userdata['user_allow_pm'] )
{
$message = $lang['Cannot_send_privmsg'];
message_die(GENERAL_MESSAGE, $message);
}
$msg_time = time();
if ( $mode != 'edit' )
{
//
// See if recipient is at their inbox limit
//
$sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time
FROM " . PRIVMSGS_TABLE . "
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND privmsgs_to_userid = " . $to_userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
$sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
if ( $inbox_info = $db->sql_fetchrow($result) )
{
if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] )
{
$sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . "
WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
AND privmsgs_to_userid = " . $to_userdata['user_id'];
if ( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (inbox)', '', __LINE__, __FILE__, $sql);
}
$old_privmsgs_id = $db->sql_fetchrow($result);
$old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
$sql = "DELETE $sql_priority FROM " . PRIVMSGS_TABLE . "
WHERE privmsgs_id = $old_privmsgs_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (inbox)'.$sql, '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE $sql_priority FROM " . PRIVMSGS_TEXT_TABLE . "
WHERE privmsgs_text_id = $old_privmsgs_id";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (inbox)', '', __LINE__, __FILE__, $sql);
}
}
}
$sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)
VALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\'", "''", $privmsg_subject) . "', " . $userdata['user_id'] . ", " . $to_userdata['user_id'] . ", $msg_time, '$user_ip', $html_on, $bbcode_on, $smilies_on, $attach_sig)";
}
else
{
$sql_info = "UPDATE " . PRIVMSGS_TABLE . "
SET privmsgs_type = " . PRIVMSGS_NEW_MAIL . ", privmsgs_subject = '" . str_replace("\'", "''", $privmsg_subject) . "', privmsgs_from_userid = " . $userdata['user_id'] . ", privmsgs_to_userid = " . $to_userdata['user_id'] . ", privmsgs_date = $msg_time, privmsgs_ip = '$user_ip', privmsgs_enable_html = $html_on, privmsgs_enable_bbcode = $bbcode_on, privmsgs_enable_smilies = $smilies_on, privmsgs_attach_sig = $attach_sig
WHERE privmsgs_id = $privmsg_id";
}
if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) )
{
message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);
}
if ( $mode != 'edit' )
{
$privmsg_sent_id = $db->sql_nextid();
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)
VALUES ($privmsg_sent_id, '" . $bbcode_uid . "', '" . str_replace("\'", "''", $privmsg_message) . "')";
}
else
{
$sql = "UPDATE " . PRIVMSGS_TEXT_TABLE . "
SET privmsgs_text = '" . str_replace("\'", "''", $privmsg_message) . "', privmsgs_bbcode_uid = '$bbcode_uid'
WHERE privmsgs_text_id = $privmsg_id";
}
if ( !$db->sql_query($sql, END_TRANSACTION) )
{
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
}
$attachment_mod['pm']->insert_attachment_pm($privmsg_id);
if ( $mode != 'edit' )
{
//
// Add to the users new pm counter
//
$sql = "UPDATE " . USERS_TABLE . "
SET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . "
WHERE user_id = " . $to_userdata['user_id'];
if ( !$status = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql);
}
if ( $to_userdata['user_notify_pm'] && !empty($to_userdata['user_email']) && $to_userdata['user_active'] )
{
$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/privmsg.'.$phpEx : 'privmsg.'.$phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
include($phpbb_root_path . 'includes/emailer.'.$phpEx);
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->use_template('privmsg_notify', $to_userdata['user_lang']);
$emailer->extra_headers($email_headers);
$emailer->email_address($to_userdata['user_email']);
$emailer->set_subject($lang['Notification_subject']);
$emailer->assign_vars(array(
'USERNAME' => $to_username,
'SITENAME' => $board_config['sitename'],
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox')
);
$emailer->send();
$emailer->reset();
}
}
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("privmsg.$phpEx?folder=inbox") . '">')
);
$msg = $lang['Message_sent'] . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '">', '</a> ') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $msg);
}
else if ( $preview || $refresh || $error )
{
//
// If we're previewing or refreshing then obtain the data
// passed to the script, process it a little, do some checks
// where neccessary, etc.
//
$to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
$privmsg_message = preg_replace('#<textarea>#si', '<textarea>', $privmsg_message);
if ( !$preview )
{
$privmsg_message = stripslashes($privmsg_message);
}
//
// Do mode specific things
//
if ( $mode == 'post' )
{
$page_title = $lang['Post_new_pm'];
$user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
}
else if ( $mode == 'reply' )
{
$page_title = $lang['Post_reply_pm'];
$user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : '';
}
else if ( $mode == 'edit' )
{
$page_title = $lang['Edit_pm'];
$sql = "SELECT u.user_id, u.user_sig
FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u
WHERE pm.privmsgs_id = $privmsg_id
AND u.user_id = pm.privmsgs_from_userid";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Could not obtain post and post text", "", __LINE__, __FILE__, $sql);
}
if ( $postrow = $db->sql_fetchrow($result) )
{
if ( $userdata['user_id'] != $postrow['user_id'] )
{
message_die(GENERAL_MESSAGE, $lang['Edit_own_posts']);
}
$user_sig = ( $postrow['user_sig'] != '' && $board_config['allow_sig'] ) ? $postrow['user_sig'] : '';
}
}
}
else
{
if ( !$privmsg_id && ( $mode == 'reply' || $mode == 'edit' || $mode == 'quote' ) )
{
message_die(GENERAL_ERROR, $lang['No_post_id']);
}
if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) )
{
$user_id = intval($HTTP_GET_VARS[POST_USERS_URL]);
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE user_id = $user_id
AND user_id <> " . ANONYMOUS;
if ( !($result = $db->sql_query($sql)) )
{
$error = TRUE;
$error_msg = $lang['No_such_user'];
}
if ( $row = $db->sql_fetchrow($result) )
{
$to_username = $row['username'];
}
}
if ( $mode == 'edit' )
{
$sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig
FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u
WHERE pm.privmsgs_id = $privmsg_id
AND pmt.privmsgs_text_id = pm.privmsgs_id
AND pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
AND u.user_id = pm.privmsgs_to_userid";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
}
if ( !($privmsg = $db->sql_fetchrow($result)) )
{
redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
}
$privmsg_subject = $privmsg['privmsgs_subject'];
$privmsg_message = $privmsg['privmsgs_text'];
$privmsg_bbcode_uid = $privmsg['privmsgs_bbcode_uid'];
$privmsg_bbcode_enabled = ($privmsg['privmsgs_enable_bbcode'] == 1);
if ( $privmsg_bbcode_enabled )
{
$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
}
$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
$privmsg_message = preg_replace('#</textarea>#si', '</textarea>', $privmsg_message);
$user_sig = ( $board_config['allow_sig'] ) ? $privmsg['user_sig'] : '';
$to_username = $privmsg['username'];
$to_userid = $privmsg['user_id'];
}
else if ( $mode == 'reply' || $mode == 'quote' )
{
$sql = "SELECT pm.privmsgs_subject, pm.privmsgs_date, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id
FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u
WHERE pm.privmsgs_id = $privmsg_id
AND pmt.privmsgs_text_id = pm.privmsgs_id
AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND u.user_id = pm.privmsgs_from_userid";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
}
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?