pm.php

PHP论坛源码（请配合MYSQL和apache安装）

	} else {

		$orderby = isset($orderby) && $orderby == 'msgfrom' ? 'msgfrom' : 'dateline';
		$ascdesc = isset($ascdesc) && $ascdesc == 'asc' ? 'asc' : 'desc';

		if(isset($searchid)) {

			$page = !ispage($page) ? 1 : $page;
			$start_limit = ($page - 1) * $tpp;

			$query = $db->query("SELECT searchstring, keywords, pms, pmids FROM {$tablepre}pmsearchindex WHERE searchid='$searchid'");
			if(!$index = $db->fetch_array($query)) {
				showmessage('search_id_invalid');
			}
			$index['keywords'] = rawurlencode($index['keywords']);
			$index['folder'] = preg_replace("/^([a-z]+)\|.*/", "\\1", $index['searchstring']);

			$pmlist = array();
			$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
				LEFT JOIN {$tablepre}members m ON p.msgtoid=m.uid
				WHERE p.pmid IN ($index[pmids])
				ORDER BY p.$orderby $ascdesc LIMIT $start_limit, $tpp");

			while($pm = $db->fetch_array($query)) {
				$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
				$pm['subject'] = $pm['new'] ? "<b>$pm[subject]</b>" : $pm['subject'];
				$pmlist[] = $pm;
			}

			$multipage = multi($index['pms'], $tpp, $page, "pm.php?action=search&searchid=$searchid&orderby=$orderby&ascdesc=$ascdesc&searchsubmit=yes");

		} else {

			checklowerlimit($creditspolicy['search'], -1);

			$srchtxt = isset($srchtxt) ? trim($srchtxt) : '';
			$srchuname = isset($srchuname) ? trim($srchuname) : '';
			$srchfolder = in_array($srchfolder, array('inbox', 'outbox', 'track')) ? $srchfolder : 'inbox';

			if($allowsearch == 2 && $srchtype == 'fulltext') {
				periodscheck('searchbanperiods');
			} else {
				$srchtype = 'title';
			}

			if(empty($srchread) && empty($srchunread)) {
				$srchread = $srchunread = 1;
			}

			$searchstring = $srchfolder.'|'.$srchtype.'|'.addslashes($srchtxt).'|'.trim($srchuname).'|'.intval($srchread).'|'.intval($srchunread).'|'.intval($srchfrom).'|'.intval($before);
			$searchindex = array('id' => 0, 'dateline' => '0');

			$query = $db->query("SELECT searchid, dateline,
				('$searchctrl'<>'0' AND uid='$discuz_uid' AND $timestamp-dateline<$searchctrl) AS flood,
				(searchstring='$searchstring' AND expiration>'$timestamp') AS indexvalid
				FROM {$tablepre}pmsearchindex
				WHERE ('$searchctrl'<>'0' AND uid='$discuz_uid' AND $timestamp- dateline <$searchctrl) OR (searchstring='$searchstring' AND expiration>'$timestamp')
				ORDER BY flood");

			while($index = $db->fetch_array($query)) {
				if($index['indexvalid'] && $index['dateline'] > $searchindex['dateline']) {
					$searchindex = array('id' => $index['searchid'], 'dateline' => $index['dateline']);
					break;
				} elseif($index['flood']) {
					showmessage('search_ctrl');
				}
			}

			if($searchindex['id']) {

				$searchid = $searchindex['id'];

			} else {

				if(!$srchtxt && !$srchuname) {
					showmessage('search_invalid');
				}

				if($maxspm) {
					$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pmsearchindex WHERE dateline>'$timestamp'-60");
					if(($db->result($query, 0)) >= $maxspm) {
						showmessage('search_toomany');
					}
				}

				$sqlsrch = '';

				if($srchfolder == 'outbox') {
					$sqlsrch .= "msgfromid='$discuz_uid' AND folder='outbox'";
				} elseif($srchfolder == 'track') {
					$sqlsrch .= "msgfromid='$discuz_uid' AND folder='inbox'";
				} else {
					$sqlsrch .= "msgtoid='$discuz_uid' AND folder='inbox'";
				}

				if($srchread == 1 && empty($srchunread)) {
					$sqlsrch .= " AND new='0'";
				}
				if($srchunread == 1 && empty($srchread)) {
					$sqlsrch .= " AND new>'0'";
				}

				$srchuid = '';
				if($srchuname) {
					$comma = '';
					$srchuname = str_replace('*', '%', addcslashes($srchuname, '%_'));
					$query = $db->query("SELECT uid FROM {$tablepre}members WHERE username LIKE '".str_replace('_', '\_', $srchuname)."' LIMIT 50");
					while($member = $db->fetch_array($query)) {
						$srchuid .= "$comma'$member[uid]'";
						$comma = ', ';
					}
					if(!$srchuid) {
						$sqlsrch .= ' AND 0';
					}
				}

				if($srchtxt) {
					if(preg_match("(AND|\+|&|\s)", $srchtxt) && !preg_match("(OR|\|)", $srchtxt)) {
						$andor = ' AND ';
						$sqltxtsrch = '1';
						$srchtxt = preg_replace("/( AND |&| )/is", "+", $srchtxt);
					} else {
						$andor = ' OR ';
						$sqltxtsrch = '0';
						$srchtxt = preg_replace("/( OR |\|)/is", "+", $srchtxt);
					}
					$srchtxt = str_replace('*', '%', addcslashes($srchtxt, '%_'));
					foreach(explode('+', $srchtxt) as $text) {
						$text = trim($text);
						if($text) {
							$sqltxtsrch .= $andor;
							$sqltxtsrch .= $srchtype == 'fulltext' ? "(message LIKE '%".str_replace('_', '\_', $text)."%' OR subject LIKE '%$text%')" : "subject LIKE '%$text%'";
						}
					}
					$sqlsrch .= " AND ($sqltxtsrch)";
				}

				if($srchuid) {
					$sqlsrch .= ' AND '.($srchfolder == 'inbox' ? 'msgfromid' : 'msgtoid')." IN ($srchuid)";
				}

				if(!empty($srchfrom)) {
					$searchfrom = ($before ? '<=' : '>=').($timestamp - $srchfrom);
					$sqlsrch .= " AND dateline$searchfrom";
				}
				$keywords = str_replace('%', '+', $srchtxt).(trim($srchuname) ? '+'.str_replace('%', '+', $srchuname) : '');
				$expiration = $timestamp + $cachelife_text;

				$pmids = 0;
				$query = $db->query("SELECT pmid FROM {$tablepre}pms WHERE $sqlsrch ORDER BY pmid DESC LIMIT $maxsearchresults");
				while($pm = $db->fetch_array($query)) {
					$pmids .= ','.$pm['pmid'];
				}
				$pms = $db->num_rows($query);
				$db->free_result($query);

				$db->query("INSERT INTO {$tablepre}pmsearchindex (keywords, searchstring, uid, dateline, expiration, pms, pmids)
						VALUES ('$keywords', '$searchstring', '$discuz_uid', '$timestamp', '$expiration', '$pms', '$pmids')");
				$searchid = $db->insert_id();

				updatecredits($discuz_uid, $creditspolicy['search'], -1);

			}

			showmessage('search_redirect', "pm.php?action=search&searchid=$searchid&orderby=$orderby&ascdesc=$ascdesc&searchsubmit=yes");

		}

	}

} elseif($action == 'delete' && in_array($folder, array('inbox', 'outbox', 'track'))) {

	$msg_field = $folder == 'inbox' ? 'msgtoid' : 'msgfromid';
	$folderadd = $folder == 'track' ? "AND folder='inbox' AND new>'0'" : "AND folder='$folder'";

	if(!$pmid) {
		if(is_array($delete)) {
			$pmids = 0;
			foreach($delete as $pmid) {
				$pmids .= ','.intval($pmid);
			}
			$db->query("DELETE FROM {$tablepre}pms WHERE $msg_field='$discuz_uid' AND pmid IN ($pmids) $folderadd");
		}
	} else {
		$db->query("DELETE FROM {$tablepre}pms WHERE $msg_field='$discuz_uid' AND pmid='$pmid' $folderadd");
	}

	showmessage('pm_delete_succeed', "pm.php?folder=$folder");

} elseif($action == 'markunread' && !empty($pmid)) {

	$db->query("UPDATE {$tablepre}pms SET new='2' WHERE pmid='$pmid' AND msgtoid='$discuz_uid'");
	showmessage('pm_mark_unread_succeed', "pm.php?folder=$folder");

} elseif($action == 'archive' && (!empty($pmid) || submitcheck('archivesubmit'))) {

	$sql = $limitadd = '';

	if(empty($pmid)) {
		$days = intval($days);
		$amount = intval($amount);
		$sql .= $folder == 'inbox' ? " AND p.folder='inbox' AND p.msgtoid='$discuz_uid'" : " AND p.folder='outbox' AND p.msgfromid='$discuz_uid'";
		$sql .= $days > 0 ? ' AND p.dateline'.($newerolder == 'older' ? '<' : '>').($timestamp - intval($days) * 86400) : '';
		$limitadd = 'LIMIT '.(($amount > 0 AND $amount <= $maxpmnum ) ? $amount : $maxpmnum);
	} else {
		$sql = "AND p.pmid='$pmid' AND ((p.folder='inbox' AND p.msgtoid='$discuz_uid') OR (p.folder='outbox' AND p.msgfromid='$discuz_uid'))";
	}

	$pmids = 0;
	$pmlist = array();
	$query = $db->query("SELECT p.pmid, p.folder, p.msgfrom, p.msgfromid, m.username AS msgto, p.msgtoid, p.subject, p.dateline, p.message
		FROM {$tablepre}pms p LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
		WHERE 1 $sql ORDER BY p.folder, p.dateline DESC $limitadd");

	while($pm = $db->fetch_array($query)) {
		$pmids .= ','.$pm['pmid'];
		$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
		$pm['message'] = discuzcode($pm['message'], 0, 0);
		$pmlist[] = $pm;
	}

	if(!$pmlist) {
		showmessage('pm_nonexistence');
	} elseif($delete) {
		$db->query("DELETE FROM {$tablepre}pms WHERE pmid IN ($pmids)");
	}

	ob_end_clean();
	header('Content-Encoding: none');
	header('Content-Type: '.(strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? 'application/octetstream' : 'application/octet-stream'));
	header('Content-Disposition: attachment; filename="PM_'.$discuz_userss.'_'.gmdate('ymd_Hi', $timestamp + $timeoffset * 3600).'.htm"');
	header('Pragma: no-cache');
	header('Expires: 0');

	include template('pm_archive_html');
	dexit();

} elseif($action == 'ignore') {

	if(!submitcheck('ignoresubmit')) {
		$query = $db->query("SELECT ignorepm FROM {$tablepre}memberfields WHERE uid='$discuz_uid'");
		$ignorepm = $db->result($query, 0);
	} else {
		$db->query("UPDATE {$tablepre}memberfields SET ignorepm='$ignorelist' WHERE uid='$discuz_uid'");
		showmessage('pm_ignore_succeed', 'pm.php');
	}

}

include template('pm');

?>