📄 pm.php
字号:
<?php
/*
[Discuz!] (C)2001-2006 Comsenz Inc.
This is NOT a freeware, use is subject to license terms
$RCSfile: pm.php,v $
$Revision: 1.22.2.2 $
$Date: 2006/09/06 09:41:20 $
*/
define('CURSCRIPT', 'pm');
require_once './include/common.inc.php';
require_once DISCUZ_ROOT.'./include/discuzcode.func.php';
$discuz_action = 101;
if(empty($discuz_uid)) {
showmessage('not_loggedin', NULL, 'HALTED');
} elseif($maxpmnum == 0) {
showmessage('group_nopermission', NULL, 'NOPERM');
}
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgfromid='$discuz_uid' AND folder='outbox'");
$pm_outbox = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox'");
$pm_inbox = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' AND new>0");
$pm_inbox_newpm = $db->result($query, 0);
$pm_total = $pm_outbox + $pm_inbox;
@$storage_percent = round((100 * $pm_total / $maxpmnum) + 1).'%';
$ftdisabled = $allowsearch != 2 ? 'disabled' : '';
if(empty($action)) {
$page = empty($page) || !ispage($page) ? 1 : $page;
$start_limit = ($page - 1) * $tpp;
switch(isset($folder) ? $folder : 'inbox') {
case 'outbox':
$pmnum = $pm_outbox;
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE p.msgfromid='$discuz_uid' AND p.folder='outbox'
ORDER BY p.dateline DESC LIMIT $start_limit, $tpp");
break;
case 'track':
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}pms WHERE msgfromid='$discuz_uid' AND folder='inbox'");
$pmnum = $db->result($query, 0);
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE p.msgfromid='$discuz_uid' AND p.folder='inbox'
ORDER BY p.dateline DESC LIMIT $start_limit, $tpp");
break;
default:
$folder = 'inbox';
if($filter == 'newpm') {
$pmnum = $pm_inbox_newpm;
$filteradd = 'AND new>0';
} else {
$pmnum = $pm_inbox;
$filteradd ='';
}
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE msgtoid='$discuz_uid' AND folder='inbox' $filteradd ORDER BY dateline DESC LIMIT $start_limit, $tpp");
}
$filterurl = ($filter == 'newpm' && $folder == 'inbox') ? 'filter=newpm' :'';
$multipage = multi($pmnum, $tpp, $page, "pm.php?folder=$folder&$filterurl");
$pmlist = array();
while($pm = $db->fetch_array($query)) {
$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
$pm['subject'] = $pm['new'] ? "<b>$pm[subject]</b>" : $pm['subject'];
$pmlist[] = $pm;
}
} elseif($action == 'view') {
if($pm_total > $maxpmnum) {
showmessage('pm_box_isfull', 'pm.php');
}
$codecount = 0;
$query = $db->query("SELECT p.*, m.username AS msgto FROM {$tablepre}pms p
LEFT JOIN {$tablepre}members m ON m.uid=p.msgtoid
WHERE pmid='$pmid' AND (msgtoid='$discuz_uid' OR msgfromid='$discuz_uid')");
if(!$pm = $db->fetch_array($query)) {
showmessage('pm_nonexistence');
}
if($pm['new'] && !($pm['msgfromid'] == $discuz_uid && $pm['msgtoid'] != $discuz_uid && $pm['folder'] == 'inbox')) {
$db->query("UPDATE {$tablepre}pms SET new='0' WHERE pmid='$pmid'");
}
$folder = $folder == 'track' ? $folder : $pm['folder'];
$pm['dateline'] = gmdate("$dateformat $timeformat", $pm['dateline'] + $timeoffset * 3600);
$pm['message'] = discuzcode($pm['message'], 0, 0);
} elseif($action == 'send') {
if(!$adminid && $newbiespan && (!$lastpost || $timestamp - $lastpost < $newbiespan * 3600)) {
$query = $db->query("SELECT regdate FROM {$tablepre}members WHERE uid='$discuz_uid'");
if($timestamp - ($db->result($query, 0)) < $newbiespan * 3600) {
showmessage('pm_newbie_span');
}
}
if($pm_total > $maxpmnum) {
showmessage('pm_box_isfull', 'pm.php');
}
checklowerlimit($creditspolicy['pm'], -1);
$subject = dhtmlspecialchars(censor($subject));
$message = trim(censor(parseurl($message)));
$seccodecheck = substr(sprintf('%05b', $seccodestatus), -4, 1);
if(!submitcheck('pmsubmit', 0, $seccodecheck)) {
$buddylist = array();
$query = $db->query("SELECT b.buddyid, m.username AS buddyname FROM {$tablepre}buddys b
LEFT JOIN {$tablepre}members m ON m.uid=b.buddyid
WHERE b.uid='$discuz_uid'");
while($buddy = $db->fetch_array($query)) {
$buddylist[] = $buddy;
}
$subject = $message = '';
if(isset($pmid)) {
$query = $db->query("SELECT * FROM {$tablepre}pms WHERE pmid='$pmid' AND (msgtoid='$discuz_uid' OR msgfromid='$discuz_uid')");
$pm = $db->fetch_array($query);
$pm['subject'] = $message = preg_replace("/^(Re:|Fw:)\s*/", "", $pm['subject']);
$username = $pm['msgfrom'];
if($do == 'reply') {
$subject = "Re: $pm[subject]";
$message = '[quote]'.dhtmlspecialchars(trim(preg_replace("/(\[quote])(.*)(\[\/quote])/siU", '', $pm['message']))).'[/quote]'."\n";
$touser = $pm['msgfrom'];
} elseif($do == 'forward') {
$pm['dateline'] = gmdate($_DCACHE['settings']['dateformat'].' '.$_DCACHE['settings']['timeformat'], $pm['dateline'] + $timeoffset * 3600);
$subject = "Fw: $pm[subject]";
$message = '[quote]'.dhtmlspecialchars($pm['message']).'[/quote]'."\n";
$touser = '';
}
} elseif(isset($uid)) {
$query = $db->query("SELECT username FROM {$tablepre}members WHERE uid='$uid'");
$touser = dhtmlspecialchars($db->result($query, 0));
} else {
$touser = dhtmlspecialchars($touser);
}
if($seccodecheck) {
$seccode = random(4, 1);
}
$editorid = 'pm';
$smcols = $smcols ? $smcols : 4;
$smileyinsert = $smileyinsert && is_array($_DCACHE['smilies_display']) ? 1 : 0;
$smilies = $smileyinsert ? smiliestable($_DCACHE['smilies_display'], $smcols, 4, $editorid) : '';
$moresmilies = $smileyinsert && count($_DCACHE['smilies_display']) > $smcols * 4 ? 1 : 0;
} else {
$floodctrl = $floodctrl * 2;
if($floodctrl && !$disablepostctrl && $timestamp - $lastpost < $floodctrl) {
showmessage('pm_flood_ctrl');
}
if(empty($msgto) && is_array($msgtobuddys)) {
$msgto = $msgtobuddys;
} else {
$msgtoid = 0;
$query = $db->query("SELECT m.uid, m.username FROM {$tablepre}members m WHERE username='$msgto'");
while($member = $db->fetch_array($query)) {
if(!strcasecmp(addslashes($member['username']), $msgto)) {
$msgtoid = $member['uid'];
break;
}
}
if(!$msgtoid) {
showmessage('pm_send_nonexistence');
}
if(is_array($msgtobuddys)) {
$msgto = array_merge($msgtobuddys, array($msgtoid));
} else {
$msgto = array($msgtoid);
}
}
$subject = cutstr(trim($subject), 75);
$msgto_count = count($msgto);
$maxpmsend = ceil($maxpmnum / 10);
if($msgto_count > $maxpmsend) {
showmessage('pm_send_toomany');
}
if(!$msgto_count || !$subject) {
showmessage('pm_send_invalid');
}
$uids = $comma = '';
foreach($msgto as $uid) {
$uids .= $comma.$uid;
$comma = ',';
}
$ignorenum = 0;
$query = $db->query("SELECT m.username, mf.ignorepm, u.maxpmnum FROM {$tablepre}usergroups u, {$tablepre}members m
LEFT JOIN {$tablepre}memberfields mf USING(uid)
WHERE m.uid IN ($uids) AND m.groupid=u.groupid");
$msgto_count = $db->num_rows($query);
while($member = $db->fetch_array($query)) {
if($member['maxpmnum'] < 1 || preg_match("/(^{ALL}$|(,|^)\s*".preg_quote($discuz_user, '/')."\s*(,|$))/i", $member['ignorepm'])) {
showmessage('pm_send_ignore');
}
}
updatecredits($discuz_uid, $creditspolicy['pm'], -1);
foreach($msgto as $uid) {
$db->query("INSERT INTO {$tablepre}pms (
msgfrom, msgfromid, msgtoid
, folder, new, subject
, dateline, message
)VALUES(
'$discuz_user', '$discuz_uid', '$uid'
, 'inbox', '1', '$subject'
, '$timestamp', '$message'
)");
}
$db->query("UPDATE {$tablepre}members
SET newpm='1'
WHERE uid IN ($uids)", 'UNBUFFERED');
if($supe_status && $xspacestatus) {
$db->query("UPDATE {$supe_tablepre}members SET newpm='1' WHERE uid IN ($uids)", 'UNBUFFERED');
}
if($floodctrl) {
$db->query("UPDATE {$tablepre}members
SET lastpost='$timestamp'
WHERE uid='$discuz_uid'");
}
if($saveoutbox) {
$db->query("INSERT INTO {$tablepre}pms (
msgfrom, msgfromid, msgtoid
, folder, new, subject
, dateline, message
) VALUES (
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -