📄 pm.php
字号:
<?php
/*
[Discuz!] (C)2001-2006 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: pm.php,v $
$Revision: 1.7 $
$Date: 2006/03/02 02:19:32 $
*/
require_once './include/common.inc.php';
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$discuz_action = 101;
if(empty($discuz_uid)) {
showmessage('not_loggedin', NULL, 'HALTED');
} elseif($maxpmnum == 0) {
showmessage('group_nopermission', NULL, 'NOPERM');
}
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgfromid='$discuz_uid' AND folder='outbox'");
$pm_outbox = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox'");
$pm_inbox = $db->result($query, 0);
$pm_total = $pm_outbox + $pm_inbox;
@$storage_percent = round((100 * $pm_total / $maxpmnum) + 1).'%';
if(empty($action)) {
$page = empty($page) || !ispage($page) ? 1 : $page;
$start_limit = ($page - 1) * $tpp;
switch(isset($folder) ? $folder : 'inbox') {
case 'outbox':
$pmnum = $pm_outbox;
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE p.msgfromid='$discuz_uid' AND p.folder='outbox'
ORDER BY p.dateline DESC LIMIT $start_limit, $tpp");
break;
case 'track':
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgfromid='$discuz_uid' AND folder='inbox'");
$pmnum = $db->result($query, 0);
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE p.msgfromid='$discuz_uid' AND p.folder='inbox'
ORDER BY p.dateline DESC LIMIT $start_limit, $tpp");
break;
default:
$folder = 'inbox';
$pmnum = $pm_inbox;
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' ORDER BY dateline DESC LIMIT $start_limit, $tpp");
}
$multipage = multi($pmnum, $tpp, $page, "pm.php?folder=$folder");
$pmlist = array();
while($pm = $db->fetch_array($query)) {
$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
$pm['subject'] = $pm['new'] ? "<b>$pm[subject]</b>" : $pm['subject'];
$pmlist[] = $pm;
}
} elseif($action == 'view') {
if($pm_total > $maxpmnum) {
showmessage('pm_box_isfull', 'pm.php');
}
$codecount = 0;
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE pmid='$pmid' AND (msgtoid='$discuz_uid' OR msgfromid='$discuz_uid')");
if(!$pm = $db->fetch_array($query)) {
showmessage('pm_nonexistence');
}
if($pm['new'] && !($pm['msgfromid'] == $discuz_uid && $pm['msgtoid'] != $discuz_uid && $pm['folder'] == 'inbox')) {
$db->query("UPDATE {$tablepre}pms SET new='0' WHERE pmid='$pmid'");
}
$folder = $folder == 'track' ? $folder : $pm['folder'];
$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
$pm['message'] = discuzcode($pm['message'], 0, 0);
} elseif($action == 'send') {
if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) {
$query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) {
showmessage('pm_newbie_span');
}
}
if($pm_total > $maxpmnum) {
showmessage('pm_box_isfull', 'pm.php');
}
checklowerlimit($creditspolicy['pm'], -1);
$subject = dhtmlspecialchars(censor($subject));
$message = trim(censor(parseurl($message)));
//get secure code checking status (pos. -4)
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -4, 1);
if(!submitcheck('pmsubmit', 0, $seccodecheck)) {
$buddylist = array();
$query = $db->query("SELECT b.buddyid, m.username AS buddyname FROM {$tablepre}buddys b
LEFT JOIN {$tablepre}members m ON m.uid=b.buddyid
WHERE b.uid='$discuz_uid'");
while($buddy = $db->fetch_array($query)) {
$buddylist[] = $buddy;
}
$subject = $message = '';
if(isset($pmid)) {
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE pmid='$pmid' AND (msgtoid='$discuz_uid' OR msgfromid='$discuz_uid')");
$pm = $db->fetch_array($query);
$pm['subject'] = $message = preg_replace("/^(Re:|Fw:)\s*/", "", $pm['subject']);
$username = $pm['msgfrom'];
if($do == 'reply') {
$subject = "Re: $pm[subject]";
$message = '[quote]'.dhtmlspecialchars(trim(preg_replace("/(\[quote])(.*)(\[\/quote])/siU", '', $pm['message']))).'[/quote]'."\n";
$touser = $pm['msgfrom'];
} elseif($do == 'forward') {
$pm['dateline'] = gmdate($_DCACHE['settings']['dateformat'].' '.$_DCACHE['settings']['timeformat'], $pm['dateline'] + $timeoffset * 3600);
$subject = "Fw: $pm[subject]";
$message = '[quote]'.dhtmlspecialchars($pm['message']).'[/quote]'."\n";
$touser = '';
}
} elseif(isset($uid)) {
$query = $db->query("SELECT username FROM {$tablepre}members WHERE uid='$uid'");
$touser = dhtmlspecialchars($db->result($query, 0));
} else {
$touser = dhtmlspecialchars($touser);
}
if($seccodecheck) {
$seccode = random(4, 1);
}
} else {
$floodctrl = $floodctrl * 2;
if($floodctrl && !$disablepostctrl && $timestamp - $lastpost < $floodctrl) {
showmessage('pm_flood_ctrl');
}
if(empty($msgto)) {
$msgto = array_merge($msgtobuddys, array());
} else {
$msgtoid = 0;
$query = $db->query("SELECT uid, username FROM {$tablepre}members WHERE username='$msgto'");
while($member = $db->fetch_array($query)) {
if(!strcasecmp(addslashes($member['username']), $msgto)) {
$msgtoid = $member['uid'];
break;
}
}
if(!$msgtoid) {
showmessage('pm_send_nonexistence');
}
if(is_array($msgtobuddys)) {
$msgto = array_merge($msgtobuddys, array($msgtoid));
} else {
$msgto = array($msgtoid);
}
}
$subject = cutstr(trim($subject), 75);
$msgto_count = count($msgto);
$maxpmsend = ceil($maxpmnum / 10);
if($msgto_count > $maxpmsend) {
showmessage('pm_send_toomany');
}
if(!$msgto_count || !$subject) {
showmessage('pm_send_invalid');
}
$uids = $comma = '';
foreach($msgto as $uid) {
$uids .= $comma.$uid;
$comma = ',';
}
$ignorenum = 0;
$query = $db->query("SELECT m.username, mf.ignorepm FROM {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf USING(uid)
WHERE m.uid IN ($uids)");
$msgto_count = $db->num_rows($query);
while($member = $db->fetch_array($query)) {
if(preg_match("/(^{ALL}$|(,|^)\s*".preg_quote($discuz_user, '/')."\s*(,|$))/i", $member['ignorepm'])) {
showmessage('pm_send_ignore');
}
}
updatecredits($discuz_uid, $creditspolicy['pm'], -1);
foreach($msgto as $uid) {
$db->query("INSERT INTO {$tablepre}pms (msgfrom, msgfromid, msgtoid, folder, new, subject, dateline, message)
VALUES('$discuz_user', '$discuz_uid', '$uid', 'inbox', '1', '$subject', '$timestamp', '$message')");
}
$db->query("UPDATE {$tablepre}members SET newpm='1' WHERE uid IN ($uids)", 'UNBUFFERED');
if($floodctrl) {
$db->query("UPDATE {$tablepre}members SET lastpost='$timestamp' WHERE uid='$discuz_uid'");
}
if($saveoutbox) {
$db->query("INSERT INTO {$tablepre}pms (msgfrom, msgfromid, msgtoid, folder, new, subject, dateline, message)
VALUES('$discuz_user', '$discuz_uid', '$msgto[0]', 'outbox', '1', '$subject', '$timestamp', '$message')");
}
showmessage('pm_send_succeed', 'pm.php');
}
} elseif($action == 'search') {
$cachelife_text = 3600; // Life span for cache of text searching
if(!$allowsearch) {
showmessage('group_nopermission', NULL, 'NOPERM');
}
if(!submitcheck('searchsubmit', 1) && empty($page)) {
$ftdisabled = $allowsearch != 2 ? 'disabled' : '';
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -