function send_pm($user_from_id, $user_to_id, $pm_subject, $pm_message)
{
global $ft_cfg, $lang;
$sql = "SELECT *\r\n\t\tFROM " . USERS_TABLE . " \r\n\t\tWHERE user_id = " . $user_to_id . "\r\n\t\tAND user_id <> " . GUEST_UID;
if (!($result = DB()->sql_query($sql))) {
message_die(GENERAL_ERROR, $lang['non_existing_user'], '', __LINE__, __FILE__, $sql);
}
$usertodata = DB()->sql_fetchrow($result);
// prepare pm message
$bbcode_uid = make_bbcode_uid();
$pm_message = prepare_message($pm_message, 0, 1, 1, $bbcode_uid);
$msg_time = time();
// Do inbox limit stuff
$sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time \r\n\t\tFROM " . PRIVMSGS_TABLE . " \r\n\t\tWHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " \r\n\t\t\tOR privmsgs_type = " . PRIVMSGS_READ_MAIL . " \r\n\t\t\tOR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) \r\n\t\t\tAND privmsgs_to_userid = " . $usertodata['user_id'];
if (!($result = DB()->sql_query($sql))) {
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
$sql_priority = SQL_LAYER == 'mysql' ? 'LOW_PRIORITY' : '';
if ($inbox_info = DB()->sql_fetchrow($result)) {
if ($inbox_info['inbox_items'] >= $ft_cfg['max_inbox_privmsgs']) {
$sql = "DELETE {$sql_priority} FROM " . PRIVMSGS_TABLE . " \r\n\t\t\t\tWHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " \r\n\t\t\t\t\tOR privmsgs_type = " . PRIVMSGS_READ_MAIL . " \r\n\t\t\t\t\tOR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) \r\n\t\t\t\t\tAND privmsgs_date = " . $inbox_info['oldest_post_time'] . " \r\n\t\t\t\t\tAND privmsgs_to_userid = " . $usertodata['user_id'];
if (!DB()->sql_query($sql)) {
message_die(GENERAL_ERROR, $lang['not_delete_pm'], '', __LINE__, __FILE__, $sql);
}
}
}
$sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)\r\n\t\tVALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\\'", "''", $pm_subject) . "', " . $user_from_id . ", " . $usertodata['user_id'] . ", {$msg_time}, '{$user_ip}', 0, 1, 1, 1)";
if (!($result = DB()->sql_query($sql_info, BEGIN_TRANSACTION))) {
message_die(GENERAL_ERROR, $lang['no_sent_pm_insert'], "", __LINE__, __FILE__, $sql_info);
}
$privmsg_sent_id = DB()->sql_nextid();
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)\r\n\t\tVALUES ({$privmsg_sent_id}, '" . $bbcode_uid . "', '" . str_replace("\\'", "''", $pm_message) . "')";
if (!DB()->sql_query($sql, END_TRANSACTION)) {
message_die(GENERAL_ERROR, $lang['no_sent_pm_insert'], "", __LINE__, __FILE__, $sql_info);
}
// Add to the users new pm counter
$sql = "UPDATE " . USERS_TABLE . "\r\n\t\tSET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . "\r\n\t\tWHERE user_id = " . $usertodata['user_id'];
if (!($status = DB()->sql_query($sql))) {
message_die(GENERAL_ERROR, $lang['no_sent_pm_insert'], '', __LINE__, __FILE__, $sql);
}
return;
}
function main($action)
{
global $db, $cache, $config, $template, $images, $theme, $user, $lang, $bbcode, $bbcode_tpl;
global $html_entities_match, $html_entities_replace, $unhtml_specialchars_match, $unhtml_specialchars_replace;
global $pafiledb_functions, $pafiledb_config, $view_pic_upload, $starttime, $post_image_lang;
@(include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
@(include_once IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
@(include_once IP_ROOT_PATH . PA_FILE_DB_PATH . 'functions_comment.' . PHP_EXT);
$file_id = request_var('file_id', 0);
if (empty($file_id)) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
define('IN_PA_POSTING', true);
define('IN_ICYPHOENIX', true);
// BBCBMG - BEGIN
include IP_ROOT_PATH . 'includes/bbcb_mg.' . PHP_EXT;
// BBCBMG - END
// BBCBMG SMILEYS - BEGIN
generate_smilies('inline');
include IP_ROOT_PATH . 'includes/bbcb_smileys_mg.' . PHP_EXT;
// BBCBMG SMILEYS - END
// MX Addon
$cid = request_var('cid', 0);
$delete = request_var('delete', '');
$submit = isset($_POST['submit']) ? true : false;
$preview = isset($_POST['preview']) ? true : false;
$subject = request_post_var('subject', '', true);
$message = request_post_var('message', '', true);
$sql = "SELECT file_name, file_catid\n\t\t\tFROM " . PA_FILES_TABLE . "\n\t\t\tWHERE file_id = '" . $file_id . "'";
$result = $db->sql_query($sql);
if (!($file_data = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$db->sql_freeresult($result);
if (!$this->auth[$file_data['file_catid']]['auth_post_comment']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=post_comment&file_id=' . $file_id, true));
}
$message = sprintf($lang['Sorry_auth_download'], $this->auth[$file_data['file_catid']]['auth_post_comment_type']);
message_die(GENERAL_MESSAGE, $message);
}
$html_on = $user->data['user_allowhtml'] && $pafiledb_config['allow_html'] ? 1 : 0;
$bbcode_on = $user->data['user_allowbbcode'] && $pafiledb_config['allow_bbcode'] ? 1 : 0;
$smilies_on = $user->data['user_allowsmile'] && $pafiledb_config['allow_smilies'] ? 1 : 0;
// =======================================================
// MX Addon
// =======================================================
if ($delete == 'do') {
$sql = 'SELECT *
FROM ' . PA_FILES_TABLE . "\n\t\t\t\tWHERE file_id = {$file_id}";
$result = $db->sql_query($sql);
$file_info = $db->sql_fetchrow($result);
if ($this->auth[$file_info['file_catid']]['auth_delete_comment'] && $file_info['user_id'] == $user->data['user_id'] || $this->auth[$file_info['file_catid']]['auth_mod']) {
$sql = 'DELETE FROM ' . PA_COMMENTS_TABLE . "\n\t\t\t\t\tWHERE comments_id = {$cid}";
$db->sql_query($sql);
$this->_pafiledb();
$message = $lang['Comment_deleted'] . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
} else {
$message = sprintf($lang['Sorry_auth_delete'], $this->auth[$cat_id]['auth_upload_type']);
message_die(GENERAL_MESSAGE, $message);
}
}
if (!$submit) {
// Generate smilies listing for page output
//$pafiledb_functions->pa_generate_smilies('inline');
$html_status = $user->data['user_allowhtml'] && $pafiledb_config['allow_html'] ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
$bbcode_status = $user->data['user_allowbbcode'] && $pafiledb_config['allow_bbcode'] ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
$smilies_status = $user->data['user_allowsmile'] && $pafiledb_config['allow_smilies'] ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
$links_status = $pafiledb_config['allow_comment_links'] ? $lang['Links_are_ON'] : $lang['Links_are_OFF'];
$images_status = $pafiledb_config['allow_comment_images'] ? $lang['Images_are_ON'] : $lang['Images_are_OFF'];
$hidden_form_fields = '<input type="hidden" name="action" value="post_comment" /><input type="hidden" name="file_id" value="' . $file_id . '" /><input type="hidden" name="comment" value="post" />';
// Output the data to the template
$this->generate_category_nav($file_data['file_catid']);
$template->assign_vars(array('HTML_STATUS' => $html_status, 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid('faq.' . PHP_EXT . '?mode=bbcode') . '" target="_blank">', '</a>'), 'SMILIES_STATUS' => $smilies_status, 'LINKS_STATUS' => $links_status, 'IMAGES_STATUS' => $images_status, 'FILE_NAME' => $file_data['file_name'], 'DOWNLOAD' => $pafiledb_config['settings_dbname'], 'MESSAGE_LENGTH' => $pafiledb_config['max_comment_chars'], 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'L_COMMENT_ADD' => $lang['Comment_add'], 'L_COMMENT' => $lang['Message_body'], 'L_COMMENT_TITLE' => $lang['Subject'], 'L_OPTIONS' => $lang['Options'], 'L_COMMENT_EXPLAIN' => sprintf($lang['Comment_explain'], $pafiledb_config['max_comment_chars']), 'L_PREVIEW' => $lang['Preview'], 'L_SUBMIT' => $lang['Submit'], 'L_DOWNLOAD' => $lang['Download'], 'L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_CHECK_MSG_LENGTH' => $lang['Check_message_length'], 'L_MSG_LENGTH_1' => $lang['Msg_length_1'], 'L_MSG_LENGTH_2' => $lang['Msg_length_2'], 'L_MSG_LENGTH_3' => $lang['Msg_length_3'], 'L_MSG_LENGTH_4' => $lang['Msg_length_4'], 'L_MSG_LENGTH_5' => $lang['Msg_length_5'], 'L_MSG_LENGTH_6' => $lang['Msg_length_6'], 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'U_FILE_NAME' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id), 'S_POST_ACTION' => append_sid('dload.' . PHP_EXT), 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields));
// Show preview stuff if user clicked preview
if ($preview) {
$comments_text = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on));
$title = $subject;
$title = censor_text($title);
$comments_text = censor_text($comments_text);
$bbcode->allow_html = $html_on ? true : false;
$bbcode->allow_bbcode = $bbcode_on ? true : false;
$bbcode->allow_smilies = $smilies_on ? true : false;
$comments_text = $bbcode->parse($comments_text);
//bbcode parser End
$comments_text = str_replace("\n", '<br />', $comments_text);
$template->assign_vars(array('PREVIEW' => true, 'COMMENT' => stripslashes($_POST['message']), 'SUBJECT' => stripslashes($_POST['subject']), 'PRE_COMMENT' => $comments_text));
}
}
if ($submit) {
$subject = request_post_var('subject', '', true);
$message = request_post_var('message', '', true);
$message = htmlspecialchars_decode($message, ENT_COMPAT);
$length = strlen($message);
//$comments_text = str_replace('<br />', "\n", $message);
$comments_text = $message;
$poster_id = intval($user->data['user_id']);
$title = $subject;
$time = time();
if ($length > $pafiledb_config['max_comment_chars']) {
message_die(GENERAL_ERROR, 'Your comment is too long!<br />The maximum length allowed in characters is ' . $pafiledb_config['max_comment_chars'] . '');
}
$sql = 'INSERT INTO ' . PA_COMMENTS_TABLE . "(file_id, comments_text, comments_title, comments_time, poster_id)\n\t\t\t\tVALUES({$file_id}, '" . $db->sql_escape($comments_text) . "','" . $db->sql_escape($title) . "', {$time}, {$poster_id})";
$db->sql_query($sql);
$message = $lang['Comment_posted'] . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$this->display($lang['Download'], 'pa_comment_posting.tpl');
}
if (!$password && $password_confirm) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Password_mismatch'];
}
}
}
if ($signature != '') {
$sig_length_check = preg_replace('/(\\[.*?)(=.*?)\\]/is', '\\1]', stripslashes($signature));
if ($allowhtml) {
$sig_length_check = preg_replace('/(\\<.*?)(=.*?)( .*?=.*?)?([ \\/]?\\>)/is', '\\1\\3\\4', $sig_length_check);
}
// Only create a new bbcode_uid when there was no uid yet.
if ($signature_bbcode_uid == '') {
$signature_bbcode_uid = $allowbbcode ? make_bbcode_uid() : '';
}
$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
if (strlen($sig_length_check) > $board_config['max_sig_chars']) {
$error = TRUE;
$error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Signature_too_long'];
}
}
//
// Avatar stuff
//
$avatar_sql = "";
if (isset($HTTP_POST_VARS['avatardel'])) {
if ($this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "") {
if (@file_exists(@phpbb_realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']))) {
@unlink("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
}
}
function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length)
{
global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path;
// Check username
if (!empty($username)) {
$username = trim(strip_tags($username));
if (!$userdata['session_logged_in'] || $userdata['session_logged_in'] && $username != $userdata['username']) {
include "includes/functions_validate.php";
$result = validate_username($username);
if ($result['error']) {
$error_msg .= !empty($error_msg) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
} else {
$username = '';
}
}
// Check subject
if (!empty($subject)) {
$subject = htmlspecialchars(trim($subject));
} else {
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
}
// Check message
if (!empty($message)) {
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
} else {
if ($mode != 'delete' && $mode != 'poll_delete') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
}
//
// Handle poll stuff
//
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$poll_length = isset($poll_length) ? max(0, intval($poll_length)) : 0;
if (!empty($poll_title)) {
$poll_title = htmlspecialchars(trim($poll_title));
}
if (!empty($poll_options)) {
$temp_option_text = array();
while (list($option_id, $option_text) = @each($poll_options)) {
$option_text = trim($option_text);
if (!empty($option_text)) {
$temp_option_text[$option_id] = htmlspecialchars($option_text);
}
}
$option_text = $temp_option_text;
if (count($poll_options) < 2) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
} else {
if (count($poll_options) > $board_config['max_poll_options']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
} else {
if ($poll_title == '') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
}
}
}
}
}
return;
}
{
include(IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT);
$result = validate_username($username);
if ($result['error'])
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
}
$message = request_post_var('message', '', true);
$message = htmlspecialchars_decode($message, ENT_COMPAT);
// insert shout !
if (!empty($message) && $is_auth['auth_post'] && !$error)
{
include_once(IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on);
if ($config['img_shoutbox'] == true)
{
$message = preg_replace ("#\[url=(http://)([^ \"\n\r\t<]*)\]\[img\](http://)([^ \"\n\r\t<]*)\[/img\]\[/url\]#i", '[url=\\1\\2]\\4[/url]', $message);
$message = preg_replace ("#\[img\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
$message = preg_replace ("#\[img align=left\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
$message = preg_replace ("#\[img align=right\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
}
$sql = "INSERT INTO " . SHOUTBOX_TABLE . " (shout_text, shout_session_time, shout_user_id, shout_ip, shout_username, enable_bbcode, enable_html, enable_smilies)
VALUES ('" . $db->sql_escape($message) . "', '" . time() . "', '" . $user->data['user_id'] . "', '$user_ip', '" . $db->sql_escape($username) . "', $bbcode_on, $html_on, $smilies_on)";
$result = $db->sql_query($sql);
// auto prune
if ($config['prune_shouts'])
{
$sql = "DELETE FROM " . SHOUTBOX_TABLE . " WHERE shout_session_time<=" . (time() - (86400 * $config['prune_shouts']));
$poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
}
if ($mode == 'newtopic' || $mode == 'reply') {
$user_sig = $userdata['user_sig'] != '' && $board_config['allow_sig'] ? $userdata['user_sig'] : '';
} else {
if ($mode == 'editpost') {
$user_sig = $post_info['user_sig'] != '' && $board_config['allow_sig'] ? $post_info['user_sig'] : '';
$userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];
}
}
if ($preview) {
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
$preview_subject = $subject;
$preview_username = $username;
//
// Finalise processing as per viewtopic
//
if (!$html_on) {
if ($user_sig != '' || !$userdata['user_allowhtml']) {
$user_sig = preg_replace('#(<)([\\/]?.*?)(>)#is', '<\\2>', $user_sig);
}
}
if ($attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid']) {
$user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
}
if ($bbcode_on) {
$preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
$number_items_current = $number_items;
}
}
}
// user has set a different language as used in cached feed description? Regenerate.
if ($user->data['user_lang'] != $feed_data['lang']) {
generate_feed_details($content, $global, $feed_data);
}
foreach ($feed_data['items'] as $item) {
// apply session id to links if user is logged in
if ($user->data['user_id'] != ANONYMOUS) {
$item_link = append_sid($item['link']);
} else {
$item_link = $item['link'];
}
$template->assign_block_vars('item', array('AUTHOR' => $item['author'], 'TIME' => format_date($item['time'], $syndication_method), 'LINK' => $item_link, 'IDENTIFIER' => $item['identifier'], 'TITLE' => $item['title'], 'TEXT' => prepare_message($item['text'], $syndication_method)));
}
$template->set_filenames(array('body' => 'syndication_' . ($syndication_method == SYNDICATION_ATOM ? 'atom' : 'rss2') . '.html'));
// get time from last item or use current time in case of an empty feed
$last_build_date = $number_items_current ? $feed_data['items'][$number_items_current - 1]['time'] : time();
$template->assign_vars(array('HEADER' => '<?xml version="1.0" encoding="UTF-8"?>' . "\n", 'TITLE' => $feed_data['title'], 'DESCRIPTION' => $feed_data['description'], 'LINK' => $feed_data['source_link'], 'FEED_LINK' => build_feed_url(true), 'LAST_BUILD' => format_date($last_build_date, $syndication_method)));
// gzip compression
if ($config['gzip_compress']) {
if (@extension_loaded('zlib') && !headers_sent()) {
ob_start('ob_gzhandler');
}
}
// text/xml for Internet Explorer
header('Content-Type: text/xml; charset=UTF-8');
header('Last-Modified: ' . date('D, d M Y H:i:s O', $last_build_date));
$template->display('body');
function notifyUser($user_id, $notify_type, $offer_id, $offer_title)
{
global $db, $lang, $auction_config_data, $board_config;
if ($auction_config_data['auction_end_notify_email']) {
// BEGIN EMAIL-NOTIFY
$sql = "SELECT user_email,\r\n username\r\n FROM " . USERS_TABLE . "\r\n WHERE user_id=" . $user_id . "";
if (!($result = $db->sql_query($sql))) {
}
// if
$user = $db->sql_fetchrow($result);
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
$username = $user['username'];
$email = $user['user_email'];
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
if ($notify_type == 'WON') {
$emailer->use_template('auction_won', stripslashes($user_lang));
$emailer->set_subject($lang['auction_won']);
$emailer->assign_vars(array('AUCTION_WON' => $lang['auction_offer_won'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
if ($notify_type == 'SOLD') {
$emailer->use_template('auction_sold', stripslashes($user_lang));
$emailer->set_subject($lang['auction_sold']);
$emailer->assign_vars(array('AUCTION_SOLD' => $lang['auction_offer_sold'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
if ($notify_type == 'NOT_SOLD') {
$emailer->use_template('auction_not_sold', stripslashes($user_lang));
$emailer->set_subject($lang['auction_not_sold']);
$emailer->assign_vars(array('AUCTION_NOT_SOLD' => $lang['auction_offer_not_sold'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
$emailer->email_address($email);
// Try to send email...
$emailer->send();
// $emailer->reset();
}
// END EMAIL-NOTIFY
if ($auction_config_data['auction_end_notify_pm']) {
// BEGIN PM-NOTIFY ON OUTBID
if ($notify_type == 'WON') {
$pm_subject = $lang['auction_won'];
$pm_text = $lang['auction_won_text'];
}
if ($notify_type == 'SOLD') {
$pm_subject = $lang['auction_sold'];
$pm_text = $lang['auction_sold_text'];
}
if ($notify_type == 'NOT_SOLD') {
$pm_subject = $lang['auction_not_sold'];
$pm_text = $lang['auction_not_sold_text'];
}
$privmsgs_date = date("U");
$sql = "INSERT INTO " . PRIVMSGS_TABLE . "\r\n (privmsgs_type,\r\n privmsgs_subject,\r\n privmsgs_from_userid,\r\n privmsgs_to_userid,\r\n privmsgs_date,\r\n privmsgs_enable_html,\r\n privmsgs_enable_bbcode,\r\n privmsgs_enable_smilies,\r\n privmsgs_attach_sig)\r\n VALUES ('0',\r\n '" . str_replace("\\'", "''", addslashes(sprintf($pm_subject, $board_config['sitename']))) . "',\r\n '2',\r\n " . $user_id . ",\r\n " . $privmsgs_date . ",\r\n '0',\r\n '1',\r\n '1',\r\n '0')";
if (!$db->sql_query($sql)) {
}
// if
$outbid_sent_id = $db->sql_nextid();
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . "\r\n (privmsgs_text_id,\r\n privmsgs_text)\r\n VALUES (" . $outbid_sent_id . ",\r\n '" . str_replace("\\'", "''", $pm_text . "</br></br><a href=\"auction_offer_view.php?ao=" . $offer_id . "\">" . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0) . "</a></br>" . $board_config['board_email_sig']) . "')";
if (!$db->sql_query($sql)) {
}
// if
$sql = "UPDATE " . USERS_TABLE . "\r\n SET user_new_privmsg=user_new_privmsg+1\r\n WHERE user_id=" . $user_id;
if (!$db->sql_query($sql)) {
}
// if
}
// End pm-notification
}
<?php
if (!defined('IN_AJAX')) {
die(basename(__FILE__));
}
global $lang, $userdata;
$post_id = (int) $this->request['post_id'];
$mc_type = (int) $this->request['mc_type'];
$mc_text = (string) $this->request['mc_text'];
if (!($mc_text = prepare_message($mc_text))) {
$this->ajax_die($lang['EMPTY_MESSAGE']);
}
$post = DB()->fetch_row("\n\tSELECT\n\t\tp.post_id, p.poster_id\n\tFROM " . BB_POSTS . " p\n\tWHERE p.post_id = {$post_id}\n");
if (!$post) {
$this->ajax_die('not post');
}
$data = array('mc_comment' => $mc_type ? $mc_text : '', 'mc_type' => $mc_type, 'mc_user_id' => $mc_type ? $userdata['user_id'] : 0);
$sql_args = DB()->build_array('UPDATE', $data);
DB()->query("UPDATE " . BB_POSTS . " SET {$sql_args} WHERE post_id = {$post_id}");
if ($mc_type && $post['poster_id'] != $userdata['user_id']) {
$subject = sprintf($lang['MC_COMMENT_PM_SUBJECT'], $lang['MC_COMMENT'][$mc_type]['type']);
$message = sprintf($lang['MC_COMMENT_PM_MSG'], get_username($post['poster_id']), make_url(POST_URL . "{$post_id}#{$post_id}"), $lang['MC_COMMENT'][$mc_type]['type'], $mc_text);
send_pm($post['poster_id'], $subject, $message);
cache_rm_user_sessions($post['poster_id']);
}
switch ($mc_type) {
case 1:
// Комментарий
$mc_class = 'success';
break;
case 2:
function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$subject, &$message, &$poll_title, &$poll_options, &$poll_data, &$reg_active, &$reg_reset, &$reg_max_option1, &$reg_max_option2, &$reg_max_option3, &$reg_length, &$topic_desc, $topic_calendar_time = 0, $topic_calendar_duration = 0)
{
global $config, $user, $lang;
global $topic_id;
global $db;
// Check username
if (!empty($username)) {
$username = phpbb_clean_username($username);
if (!$user->data['session_logged_in'] || $user->data['session_logged_in'] && $username != $user->data['username']) {
include IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT;
$result = validate_username($username);
if ($result['error']) {
$error_msg .= !empty($error_msg) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
} else {
$username = '';
}
}
// Check subject
if (!empty($subject)) {
$subject = trim($subject);
} elseif ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
// Check Topic Desciption
if (!empty($topic_desc)) {
$topic_desc = trim($topic_desc);
}
// Check message
if (!empty($message)) {
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on);
// Mighty Gorgon - TO BE VERIFIED
//$message = addslashes($message);
// Mighty Gorgon - TO BE VERIFIED
} elseif ($mode != 'delete' && $mode != 'poll_delete') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
// check calendar date
if (!empty($topic_calendar_time) && ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post'])) {
$year = intval(gmdate('Y', $topic_calendar_time));
$month = intval(gmdate('m', $topic_calendar_time));
$day = intval(gmdate('d', $topic_calendar_time));
if (!checkdate($month, $day, $year)) {
$error_msg .= (!empty($error_msg) ? '<br />' : '') . sprintf($lang['Date_error'], $day, $month, $year);
}
}
// Check to see if there's a new post while the user is posting
$new_post_while_posting = false;
if (!empty($_POST['post_time']) && ($mode == 'reply' || $mode == 'quote') && $config['show_new_reply_posting']) {
$last_post_time = intval($_POST['post_time']);
if (!empty($topic_id) && $last_post_time) {
$sql = "SELECT post_time FROM " . POSTS_TABLE . " WHERE topic_id = '" . $topic_id . "' ORDER BY post_time DESC LIMIT 0, 1";
$db->sql_return_on_error(true);
$result = $db->sql_query($sql);
$db->sql_return_on_error(false);
if ($result) {
if ($row = $db->sql_fetchrow($result)) {
$last_post_time2 = $row['post_time'];
if ($last_post_time2 > $last_post_time) {
$new_post_while_posting = true;
$error_msg .= (empty($error_msg) ? '' : '<br />') . $lang['Warn_new_post'];
}
}
$db->sql_freeresult($result);
}
}
}
// Check to see if the user is last poster and is bumping
//if(($mode == 'reply' || $mode == 'quote') && ($config['no_bump'] == true) && ($new_post_while_posting == false))
$no_bump = $config['no_bump'] == 1 && $user->data['user_level'] != ADMIN || $config['no_bump'] == 2 && $user->data['user_level'] != ADMIN && $user->data['user_level'] != MOD ? true : false;
if (($mode == 'reply' || $mode == 'quote') && $no_bump == true && $new_post_while_posting == false) {
if (!empty($topic_id)) {
$sql = "SELECT poster_id FROM " . POSTS_TABLE . "\n\t\t\t\t\t\t\tWHERE topic_id = '" . $topic_id . "'\n\t\t\t\t\t\t\tAND post_time > " . (time() - 86400) . "\n\t\t\t\t\t\t\tORDER BY post_time DESC\n\t\t\t\t\t\t\tLIMIT 0, 1";
$db->sql_return_on_error(true);
$result = $db->sql_query($sql);
$db->sql_return_on_error(false);
if ($result) {
if ($row = $db->sql_fetchrow($result)) {
if ($row['poster_id'] == $user->data['user_id']) {
$error_msg .= (empty($error_msg) ? '' : '<br />') . $lang['WARN_NO_BUMP'];
}
}
$db->sql_freeresult($result);
}
}
}
// Handle poll stuff
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$poll_title = !empty($poll_title) ? trim($poll_title) : (isset($poll_data['title']) ? trim($poll_data['title']) : '');
$poll_start = isset($poll_data['start']) ? $poll_data['start'] : time();
$poll_length = isset($poll_data['length']) ? max(0, intval($poll_data['length'])) : 0;
$poll_max_options = isset($poll_data['max_options']) ? max(1, intval($poll_data['max_options'])) : 1;
$poll_change = isset($poll_data['change']) ? $poll_data['change'] : 0;
$poll_data = array('title' => $poll_title, 'start' => $poll_start, 'length' => $poll_length, 'max_options' => $poll_max_options, 'change' => $poll_change);
if (!empty($poll_options)) {
$temp_option_text = array();
while (list($option_id, $option_text) = @each($poll_options)) {
$option_text = trim($option_text);
if (!empty($option_text)) {
$temp_option_text[intval($option_id)] = $option_text;
}
}
$option_text = $temp_option_text;
if (sizeof($poll_options) < 2) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
} elseif (sizeof($poll_options) > $config['max_poll_options']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
} elseif ($poll_title == '') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
}
}
// Event Registration - BEGIN
$reg_active = isset($reg_active) ? max(0, intval($reg_active)) : 0;
$reg_max_option1 = isset($reg_max_option1) ? max(0, intval($reg_max_option1)) : 0;
$reg_max_option2 = isset($reg_max_option2) ? max(0, intval($reg_max_option2)) : 0;
$reg_max_option3 = isset($reg_max_option3) ? max(0, intval($reg_max_option3)) : 0;
$reg_length = isset($reg_length) ? max(0, intval($reg_length)) : 0;
// Event Registration - END
}
return;
}
function cash_pm(&$targetdata, $privmsg_subject, &$message)
{
global $db, $board_config, $lang, $userdata, $phpbb_root_path, $phpEx, $html_entities_match, $html_entities_replace;
//
// It looks like we're sending a PM!
// NOTE: most of the following code is shamelessly "reproduced" from privmsg.php
//
include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
include $phpbb_root_path . 'includes/functions_post.' . $phpEx;
//
// Toggles
//
if (!$board_config['allow_html']) {
$html_on = 0;
} else {
$html_on = $userdata['user_allowhtml'];
}
$bbcode_on = TRUE;
if (!$board_config['allow_smilies']) {
$smilies_on = 0;
} else {
$smilies_on = $userdata['user_allowsmile'];
}
$attach_sig = $userdata['user_attachsig'];
//
// Flood control
//
$sql = "SELECT MAX(privmsgs_date) AS last_post_time\n\t\tFROM " . PRIVMSGS_TABLE . "\n\t\tWHERE privmsgs_from_userid = " . $userdata['user_id'];
if ($result = $db->sql_query($sql)) {
$db_row = $db->sql_fetchrow($result);
$last_post_time = $db_row['last_post_time'];
$current_time = time();
if ($current_time - $last_post_time < $board_config['flood_interval']) {
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
}
//
// End Flood control
//
$msg_time = time();
$bbcode_uid = make_bbcode_uid();
$privmsg_message = prepare_message($message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
//
// See if recipient is at their inbox limit
//
$sql = "SELECT COUNT(privmsgs_id) AS inbox_items, MIN(privmsgs_date) AS oldest_post_time \n\t\tFROM " . PRIVMSGS_TABLE . " \n\t\tWHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " \n\t\t\t\tOR privmsgs_type = " . PRIVMSGS_READ_MAIL . " \n\t\t\t\tOR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) \n\t\t\tAND privmsgs_to_userid = " . $targetdata['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
$sql_priority = SQL_LAYER == 'mysql' ? 'LOW_PRIORITY' : '';
if ($inbox_info = $db->sql_fetchrow($result)) {
if ($inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs']) {
$sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " \n\t\t\t\tWHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " \n\t\t\t\t\t\tOR privmsgs_type = " . PRIVMSGS_READ_MAIL . " \n\t\t\t\t\t\tOR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) \n\t\t\t\t\tAND privmsgs_date = " . $inbox_info['oldest_post_time'] . " \n\t\t\t\t\tAND privmsgs_to_userid = " . $targetdata['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not find oldest privmsgs (inbox)', '', __LINE__, __FILE__, $sql);
}
$old_privmsgs_id = $db->sql_fetchrow($result);
$old_privmsgs_id = $old_privmsgs_id['privmsgs_id'];
$sql = "DELETE {$sql_priority} FROM " . PRIVMSGS_TABLE . " \n\t\t\t\tWHERE privmsgs_id = {$old_privmsgs_id}";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs (inbox)' . $sql, '', __LINE__, __FILE__, $sql);
}
$sql = "DELETE {$sql_priority} FROM " . PRIVMSGS_TEXT_TABLE . " \n\t\t\t\tWHERE privmsgs_text_id = {$old_privmsgs_id}";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs text (inbox)', '', __LINE__, __FILE__, $sql);
}
}
}
$sql_info = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)\n\t\tVALUES (" . PRIVMSGS_NEW_MAIL . ", '" . str_replace("\\'", "''", $privmsg_subject) . "', " . $userdata['user_id'] . ", " . $targetdata['user_id'] . ", {$msg_time}, '{$user_ip}', {$html_on}, {$bbcode_on}, {$smilies_on}, {$attach_sig})";
if (!($result = $db->sql_query($sql_info, BEGIN_TRANSACTION))) {
message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);
}
$privmsg_sent_id = $db->sql_nextid();
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)\n\t\tVALUES ({$privmsg_sent_id}, '" . $bbcode_uid . "', '" . str_replace("\\'", "''", $privmsg_message) . "')";
if (!$db->sql_query($sql, END_TRANSACTION)) {
message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
}
//
// Add to the users new pm counter
//
$sql = "UPDATE " . USERS_TABLE . "\n\t\tSET user_new_privmsg = user_new_privmsg + 1, user_last_privmsg = " . time() . " \n\t\tWHERE user_id = " . $targetdata['user_id'];
if (!($status = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql);
}
if ($targetdata['user_notify_pm'] && !empty($targetdata['user_email']) && $targetdata['user_active']) {
$script_name = preg_replace('/^\\/?(.*?)\\/?$/', "\\1", trim($board_config['script_path']));
$script_name = $script_name != '' ? $script_name . '/privmsg.' . $phpEx : 'privmsg.' . $phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
include $phpbb_root_path . 'includes/emailer.' . $phpEx;
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
$emailer->use_template('privmsg_notify', $targetdata['user_lang']);
$emailer->email_address($targetdata['user_email']);
$emailer->set_subject($lang['Notification_subject']);
$emailer->assign_vars(array('USERNAME' => $to_username, 'SITENAME' => $board_config['sitename'], 'EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox'));
$emailer->send();
$emailer->reset();
}
}
function convert_comment($comment)
{
$post_text = prepare_message($comment['text'], true, true);
$post_data = array("posts" => array("post_id" => $comment['id'], "topic_id" => $comment['torrent'], "forum_id" => $comment['category'], "poster_id" => $comment['user'], "post_time" => $comment['added'], "poster_ip" => encode_ip($comment['ip']), "post_edit_time" => $comment['editedat'], "post_edit_count" => $comment['editedat'] ? 1 : 0), "posts_text" => array("post_id" => $comment['id'], "post_text" => $post_text));
tp_add_post($post_data);
return;
}
$b_group .= ',' . strval($i);
} else {
$b_group .= strval($i);
$not_first = TRUE;
}
}
}
$layout = $l_id;
if ($b_title == "") {
message_die(GENERAL_MESSAGE, $lang['Must_enter_block']);
}
$bbcode_uid = '';
if ($b_type) {
if (!empty($b_content)) {
$bbcode_uid = $bbcode_parse->make_bbcode_uid();
$b_content = prepare_message(trim($b_content), TRUE, TRUE, TRUE, $bbcode_uid);
$b_content = str_replace("\\'", "''", $b_content);
}
}
if ($b_id) {
$sql = "UPDATE " . BLOCKS_TABLE . "\n SET\n title = '" . str_replace("\\'", "''", $b_title) . "',\n bposition = '" . str_replace("\\'", "''", $b_bposition) . "',\n active = '" . $b_active . "',\n type = '" . $b_type . "',\n content = '" . $b_content . "',\n block_bbcode_uid = '" . $bbcode_uid . "',\n blockfile = '" . str_replace("\\'", "''", $b_blockfile) . "',\n layout = '" . $layout . "',\n view = '" . $b_view . "',\n border = '" . $b_border . "',\n titlebar = '" . $b_titlebar . "',\n local = '" . $b_local . "',\n background = '" . $b_background . "',\n groups = '" . $b_group . "'\n WHERE bid = {$b_id}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, "Could not insert data into blocks table", $lang['Error'], __LINE__, __FILE__, $sql);
}
$message = $lang['Block_updated'];
if (!empty($b_blockfile)) {
if (file_exists($phpbb_root_path . '/blocks/' . $b_blockfile . '.cfg')) {
include $phpbb_root_path . '/blocks/' . $b_blockfile . '.cfg';
$message .= '<br /><br />' . $lang['B_BV_added'];
for ($i = 0; $i < $block_count_variables; $i++) {
$sql = "SELECT count(1) existing FROM " . BLOCKS_VARIABLE_TABLE . "\n WHERE config_name = '" . $block_variables[$i][2] . "'";
if ($mode == 'reply' && $post_info['topic_status'] == TOPIC_LOCKED) {
$locked_warn = '
<div class="warnColor1">
<b>' . $lang['LOCKED_WARN'] . '</b>
</div>
<br /><hr /><br />
';
$return_message = $locked_warn . $return_message;
}
bb_die($return_message);
}
}
if ($refresh || $error_msg || $submit && $topic_has_new_posts) {
$username = !empty($_POST['username']) ? clean_username($_POST['username']) : '';
$subject = !empty($_POST['subject']) ? clean_title($_POST['subject']) : '';
$message = !empty($_POST['message']) ? prepare_message($_POST['message']) : '';
if ($preview) {
$preview_subject = $subject;
$preview_username = $username;
$preview_message = htmlCHR($message, false, ENT_NOQUOTES);
$preview_message = bbcode2html($preview_message);
$template->assign_vars(array('TPL_PREVIEW_POST' => true, 'TOPIC_TITLE' => wbr($preview_subject), 'POST_SUBJECT' => $preview_subject, 'POSTER_NAME' => $preview_username, 'POST_DATE' => bb_date(TIMENOW), 'PREVIEW_MSG' => $preview_message));
}
} else {
// User default entry point
if ($mode == 'newtopic') {
$username = $userdata['session_logged_in'] ? $userdata['username'] : '';
$subject = $message = '';
} elseif ($mode == 'reply') {
$username = $userdata['session_logged_in'] ? $userdata['username'] : '';
$subject = $message = '';
function make_post($new_topic_id, $forum_id, $user_id, $post_username, $text, $mode = 'newtopic')
{
global $db;
$current_time = time();
$user_ip = "ac100202";
$bbcode_on = 1;
$html_on = 1;
$smilies_on = 1;
$attach_sig = 1;
$bbcode_uid = make_bbcode_uid();
$post_subject = 'random subject';
$post_message = prepare_message($text, $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
$sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, attach_id, icon_id, post_username, post_time, poster_ip, post_visibility, bbcode_uid, enable_bbcode, enable_html, enable_smilies, enable_sig, post_subject, post_text)\n\t\tVALUES ({$new_topic_id}, {$forum_id}, {$user_id}, 0, 0, '{$post_username}', {$current_time}, '{$user_ip}', 1, '{$bbcode_uid}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$attach_sig}, '{$post_subject}', '{$post_message}')";
$result = $db->sql_query($sql);
if ($result) {
$new_post_id = $db->sql_nextid();
$sql = "UPDATE " . TOPICS_TABLE . "\n\t\t\tSET topic_last_post_id = {$new_post_id}";
if ($mode == "reply") {
$sql .= ", topic_replies = topic_replies + 1 ";
}
$sql .= " WHERE topic_id = {$new_topic_id}";
if ($db->sql_query($sql)) {
$sql = "UPDATE " . FORUMS_TABLE . "\n\t\t\t\tSET forum_last_post_id = {$new_post_id}, forum_posts_approved = forum_posts_approved + 1";
if ($mode == "newtopic") {
$sql .= ", forum_topics_approved = forum_topics_approved + 1";
}
$sql .= " WHERE forum_id = {$forum_id}";
if ($db->sql_query($sql)) {
$sql = "UPDATE " . USERS_TABLE . "\n\t\t\t\t\tSET user_posts = user_posts + 1\n\t\t\t\t\tWHERE user_id = " . $user_id;
if ($db->sql_query($sql, END_TRANSACTION)) {
// SUCCESS.
return true;
} else {
message_die(GENERAL_ERROR, "Error updating users table", "", __LINE__, __FILE__, $sql);
}
} else {
message_die(GENERAL_ERROR, "Error updating forums table", "", __LINE__, __FILE__, $sql);
}
} else {
// Rollback
if ($db->get_sql_layer() == "mysql") {
$sql = "DELETE FROM " . POSTS_TABLE . "\n\t\t\t\t\tWHERE post_id = {$new_post_id}";
$db->sql_query($sql);
}
message_die(GENERAL_ERROR, "Error updating topics table", "", __LINE__, __FILE__, $sql);
}
} else {
message_die(GENERAL_ERROR, "Error inserting data into posts table", "", __LINE__, __FILE__, $sql);
}
}
function insert_post($message, $subject, $forum_id, $user_id, $user_name, $user_attach_sig, $topic_id = NULL, $topic_type = POST_NORMAL, $do_notification = false, $notify_user = false, $current_time = 0, $error_die_function = '', $html_on = 0, $bbcode_on = 1, $smilies_on = 1)
{
global $db, $board_config, $user_ip;
// initialise some variables
$topic_vote = 0;
$mode = 'reply';
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$error_die_function = $error_die_function == '' ? "message_die" : $error_die_function;
$current_time = $current_time == 0 ? time() : $current_time;
// parse the message and the subject (belt & braces :)
$message = addslashes(unprepare_message($message));
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
$subject = addslashes(str_replace('"', '"', trim($subject)));
$username = addslashes(unprepare_message(trim($user_name)));
// fix for \" in username - wineknow.com
$username = str_replace("\\\"", "\"", $username);
// if this is a new topic then insert the topic details
if (is_null($topic_id)) {
$mode = 'newtopic';
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('{$subject}', " . $user_id . ", {$current_time}, {$forum_id}, " . TOPIC_UNLOCKED . ", {$topic_type}, {$topic_vote})";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$topic_id = $db->sql_nextid();
}
// insert the post details using the topic id
$sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ({$topic_id}, {$forum_id}, " . $user_id . ", '{$username}', {$current_time}, '{$user_ip}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$user_attach_sig})";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$post_id = $db->sql_nextid();
// insert the actual post text for our new post
$sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ({$post_id}, '{$subject}', '{$bbcode_uid}', '{$message}')";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the post counts etc.
$newpostsql = $mode == 'newtopic' ? ',forum_topics = forum_topics + 1' : '';
$sql = "UPDATE " . FORUMS_TABLE . " SET \n forum_posts = forum_posts + 1,\n forum_last_post_id = {$post_id}\n {$newpostsql} \t\n WHERE forum_id = {$forum_id}";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the first / last post ids for the topic
$first_post_sql = $mode == 'newtopic' ? ", topic_first_post_id = {$post_id} " : ' , topic_replies=topic_replies+1';
$sql = "UPDATE " . TOPICS_TABLE . " SET \n topic_last_post_id = {$post_id} \n {$first_post_sql}\n WHERE topic_id = {$topic_id}";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the user's post count and commit the transaction
$sql = "UPDATE " . USERS_TABLE . " SET \n user_posts = user_posts + 1\n WHERE user_id = {$user_id}";
if (!$db->sql_query($sql, END_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// add the search words for our new post
switch ($board_config['version']) {
case '.0.0':
case '.0.1':
case '.0.2':
case '.0.3':
add_search_words($post_id, stripslashes($message), stripslashes($subject));
break;
default:
add_search_words('', $post_id, stripslashes($message), stripslashes($subject));
break;
}
// do we need to do user notification
if ($mode == 'reply' && $do_notification) {
// DP bugfix (critical): $userdata['user_id'] must be set; otherwise,
// user_notification() will generate a bad SQL query and die.
global $userdata;
$userdata['user_id'] = $user_id;
// DP bugfix (minor): We should pass the topic title, not the post subject,
// as the third param to user_notification.
$sql = "SELECT topic_title FROM " . TOPICS_TABLE . " WHERE topic_id = {$topic_id}";
if (!($result = $db->sql_query($sql))) {
$error_die_function(GENERAL_ERROR, 'Error getting topic_title', '', __LINE__, __FILE__, $sql);
}
list($topic_title) = $db->sql_fetchrow($result);
$post_data = array();
user_notification($mode, $post_data, $topic_title, $forum_id, $topic_id, $post_id, $notify_user);
}
// if all is well then return the id of our new post
return array('post_id' => $post_id, 'topic_id' => $topic_id);
}
function cash_pm(&$targetdata, $privmsg_subject, &$message)
{
global $db, $cache, $config, $user, $lang, $bbcode, $html_entities_match, $html_entities_replace;
//
// It looks like we're sending a PM!
// NOTE: most of the following code is shamelessly "reproduced" from privmsg.php
//
include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT;
include_once IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT;
$attach_sig = $user->data['user_attachsig'];
$bbcode->allow_html = $user->data['user_allowhtml'] && $config['allow_html'] ? true : false;
$bbcode->allow_bbcode = true;
$bbcode->allow_smilies = $user->data['user_allowsmile'] && $config['allow_smilies'] ? true : false;
$html_status = $bbcode->allow_html;
$bbcode_status = $bbcode->allow_bbcode;
$smilies_status = $bbcode->allow_smilies;
$acro_auto_status = false;
include_once IP_ROOT_PATH . 'includes/class_pm.' . PHP_EXT;
$privmsg_message = prepare_message($message, $html_status, $bbcode_status, $smilies_status);
$privmsg_sender = $user->data['user_id'];
$privmsg_recipient = $targetdata['user_id'];
$privmsg = new class_pm();
if ($user->data['user_level'] != ADMIN && $privmsg->is_flood()) {
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
$privmsg->delete_older_message('PM_INBOX', $privmsg_recipient);
$privmsg->send($privmsg_sender, $privmsg_recipient, $privmsg_subject, $privmsg_message, $attach_sig, $html_status, $bbcode_status, $smilies_status, $acro_auto_status);
if ($targetdata['user_notify_pm'] && !empty($targetdata['user_email']) && $targetdata['user_active']) {
//HTML Message
$clean_tags = $config['html_email'] ? false : true;
$bbcode->allow_bbcode = $config['allow_bbcode'] ? $config['allow_bbcode'] : false;
$bbcode->allow_html = $config['allow_html'] ? $config['allow_html'] : false;
$bbcode->allow_smilies = $config['allow_smilies'] ? $config['allow_smilies'] : false;
$message = $bbcode->parse($privmsg_message, '', false, $clean_tags);
$message = stripslashes($message);
//HTML Message
$privmsg->notification($privmsg_sender, $privmsg_recipient, $targetdata['user_email'], $lang['Notification_subject'], $message, false, $privmsg_subject, $targetdata['username'], $targetdata['user_lang'], false);
}
unset($privmsg);
}
function send_pm($privmsg_id, $from_userdata, &$to_user_ids, $subject, $message, $icon, $html_on = '?', $bbcode_on = '?', $smiley_on = '?', $attach_sig = '?')
{
global $userdata, $user_ip;
global $lang, $board_config, $db, $phpbb_root_path, $phpEx, $bbcode_parse;
global $folders;
global $s_unread;
// get some constants
$time = time();
$sql_priority = SQL_LAYER == 'mysql' ? 'LOW_PRIORITY' : '';
$q = "'";
// lists of impacted users
$recips = array();
// fix some parameters
$privmsg_id = intval(trim($privmsg_id));
$subject = trim($subject);
$message = trim($message);
$icon = intval($icon);
$privmsg_ip = $user_ip;
// recipient is not an array, so make one
if (!is_array($to_user_ids) && !empty($to_user_ids)) {
$to_user_ids = array(intval($to_user_ids));
}
// check if recipients
if (empty($to_user_ids)) {
return 'No_to_user';
}
$s_to_user_ids = implode(', ', $to_user_ids);
// deleted recip
$s_new_delete = '';
$s_unread_delete = '';
$s_new_add = '';
$s_unread_add = '';
$s_read_add = '';
// check we have a message and a subject
if (empty($subject)) {
return 'Empty_subject';
}
if (empty($message)) {
return 'Empty_message';
}
// from_user_id can be 0 for sys message (sent by the board)
if (empty($from_userdata)) {
$from_userdata['user_id'] = 0;
$from_userdata['username'] = $board_config['sitename'];
$from_userdata['user_allowhtml'] = $board_config['allow_html'];
$from_userdata['user_allowbbcode'] = $board_config['allow_bbcode'];
$from_userdata['user_allowsmile'] = $board_config['allow_smilies'];
$from_userdata['user_attachsig'] = $board_config['allow_sig'];
}
$from_user_id = intval($from_userdata['user_id']);
// init message row
$bbcode_uid = '';
$html_on = !$board_config['allow_html'] ? false : $html_on == '?' ? intval($from_userdata['user_allowhtml']) : intval($html_on);
$bbcode_on = !$board_config['allow_bbcode'] ? false : $bbcode_on == '?' ? intval($from_userdata['user_allowbbcode']) : intval($bbcode_on);
$smiley_on = !$board_config['allow_smilies'] ? false : $smiley_on == '?' ? intval($from_userdata['user_allowsmile']) : intval($smiley_on);
$attach_sig = !$board_config['allow_sig'] ? false : $attach_sig == '?' ? intval($from_userdata['user_attachsig']) : intval($attach_sig);
$create = true;
if (!empty($privmsg_id)) {
$create = false;
}
//------------------------------
// edit a message : read the pm and take care of recipients that are no more recipients
//------------------------------
if (!$create) {
//-------------------------------
// read the pm and check if ok to edit by the user (it has to belong to him)
//-------------------------------
$sql = "SELECT p.*, pr.*\n FROM " . PRIVMSGA_TABLE . " p, " . PRIVMSGA_RECIPS_TABLE . " pr\n WHERE p.privmsg_id = {$privmsg_id}\n AND pr.privmsg_id = p.privmsg_id\n AND pr.privmsg_user_id = {$from_user_id}\n AND pr.privmsg_direct = 0\n AND pr.privmsg_status = " . STS_TRANSIT;
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not read message to duplicate', '', __LINE__, __FILE__, $sql);
}
if (!($privmsg = $db->sql_fetchrow($result))) {
return 'No_such_post';
}
// get some values from the original message
$privmsg_ip = $privmsg['privmsg_ip'];
//-------------------------------
// manage recipients that are no more
//-------------------------------
// get users that are no more recipients and haven't read their pms
$sql = "SELECT privmsg_user_id\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_status = " . STS_TRANSIT . "\n AND privmsg_read IN ({$s_unread})";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not read users no more recipients having not yet readen the message', '', __LINE__, __FILE__, $sql);
}
while ($row = $db->sql_fetchrow($result)) {
if ($row['privmsg_read'] == NEW_MAIL) {
$s_new_delete .= (empty($s_new_delete) ? '' : ', ') . $row['privmsg_user_ids'];
} else {
$s_unread_delete .= (empty($s_unread_delete) ? '' : ', ') . $row['privmsg_user_ids'];
}
}
// delete recipients for users who have deleted the message or not yet read and are no more recipients
$sql = "DELETE {$sql_priority}\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND ( privmsg_read IN ({$s_unread}) OR privmsg_status = " . STS_DELETED . " )";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not delete users no more recipients having deleted or not yet readen the message', '', __LINE__, __FILE__, $sql);
}
// verify recipients that are no more but have read the pm
$sql = "SELECT *\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_read = " . READ_MAIL . "\n AND privmsg_status <> " . STS_DELETED . "\n LIMIT 0, 1";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not check if copy required', '', __LINE__, __FILE__, $sql);
}
// if some, duplicate the message and attach them to it
if ($db->sql_numrows($result) > 0) {
// message
$fields = array();
$fields['privmsg_subject'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($privmsg['privmsg_subject'])))) . $q;
$fields['privmsg_text'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($privmsg['privmsg_text'])))) . $q;
$fields['privmsg_bbcode_uid'] = $q . $privmsg['privmsg_bbcode_uid'] . $q;
$fields['privmsg_time'] = intval($privmsg['privmsg_time']);
$fields['privmsg_enable_bbcode'] = intval($privmsg['privmsg_enable_bbcode']);
$fields['privmsg_enable_html'] = intval($privmsg['privmsg_enable_html']);
$fields['privmsg_enable_smilies'] = intval($privmsg['privmsg_enable_smilies']);
$fields['privmsg_attach_sig'] = intval($privmsg['privmsg_attach_sig']);
$fields['privmsg_icon'] = intval($privmsg['privmsg_icon']);
// generate a copy of the pm for recipients that are no more but have readen the pm, and mark it as deleted for the author
_sql_statements($fields, $sql_fields, $sql_values, $sql_update);
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not generate a copy of original pm', '', __LINE__, __FILE__, $sql);
}
// get the copy id
$privmsg_copy_id = $db->sql_nextid();
// author
$fields_recip = array();
$fields_recip['privmsg_id'] = $privmsg_copy_id;
$fields_recip['privmsg_direct'] = 0;
$fields_recip['privmsg_user_id'] = intval($privmsg['privmsg_user_id']);
$fields_recip['privmsg_ip'] = $q . $privmsg['privmsg_ip'] . $q;
$fields_recip['privmsg_folder_id'] = intval($privmsg['privmsg_folder_id']);
$fields_recip['privmsg_status'] = STS_DELETED;
$fields_recip['privmsg_read'] = READ_PM;
$fields_recip['privmsg_distrib'] = 1;
// generate the author info
_sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update);
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not generate a copy of original pm author', '', __LINE__, __FILE__, $sql);
}
// attach to the copy recipients that are no more but have readed the pm
$sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET privmsg_id = {$privmsg_copy_id}, privmsg_distrib = 1\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_read = " . READ_MAIL;
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not attach recips to the copied pm', '', __LINE__, __FILE__, $sql);
}
}
//-------------------------------
// get the existing recips list
//-------------------------------
$sql = "SELECT pr.privmsg_user_id, pr.privmsg_read\n FROM " . PRIVMSGA_RECIPS_TABLE . " pr\n WHERE pr.privmsg_id = {$privmsg_id}\n AND pr.privmsg_direct = 1";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not read recipients', '', __LINE__, __FILE__, $sql);
}
while ($row = $db->sql_fetchrow($result)) {
$recips[$row['privmsg_user_id']] = $row['privmsg_read'];
}
}
//----------------------------
// create or update the message
//----------------------------
// get a bbcode uid
$bbcode_uid = $bbcode_on ? $bbcode_parse->make_bbcode_uid() : '';
// prepare the message and add bbcode uid to the bbcodes
$message = prepare_message($message, $html_on, $bbcode_on, $smiley_on, $bbcode_uid);
// message
$fields = array();
$fields['privmsg_subject'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($subject)))) . $q;
$fields['privmsg_text'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($message)))) . $q;
$fields['privmsg_bbcode_uid'] = $q . $bbcode_uid . $q;
$fields['privmsg_time'] = $time;
$fields['privmsg_enable_bbcode'] = $bbcode_on;
$fields['privmsg_enable_html'] = $html_on;
$fields['privmsg_enable_smilies'] = $smiley_on;
$fields['privmsg_attach_sig'] = $attach_sig;
$fields['privmsg_icon'] = $icon;
// process
if ($create) {
// message
_sql_statements($fields, $sql_fields, $sql_values, $sql_update);
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not create pm', '', __LINE__, __FILE__, $sql);
}
// store the new privmsg_id
$privmsg_id = $db->sql_nextid();
// author
$fields_recip = array();
$fields_recip['privmsg_id'] = $privmsg_id;
$fields_recip['privmsg_ip'] = $q . $privmsg_ip . $q;
$fields_recip['privmsg_status'] = STS_TRANSIT;
$fields_recip['privmsg_read'] = NEW_MAIL;
$fields_recip['privmsg_distrib'] = 0;
$fields_recip['privmsg_folder_id'] = OUTBOX;
$fields_recip['privmsg_direct'] = 0;
$fields_recip['privmsg_user_id'] = $from_user_id;
_sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update);
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not create pm author', '', __LINE__, __FILE__, $sql);
}
// recipients
$fields_recip['privmsg_direct'] = 1;
$fields_recip['privmsg_folder_id'] = INBOX;
_sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update, 'privmsg_user_id');
for ($i = 0; $i < count($to_user_ids); $i++) {
$privmsg_to_user_id = intval($to_user_ids[$i]);
if (!empty($privmsg_to_user_id)) {
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields}, privmsg_user_id)\n VALUES({$sql_values}, {$privmsg_to_user_id})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not create pm recipient', '', __LINE__, __FILE__, $sql);
}
$s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id;
}
}
} else {
// message
_sql_statements($fields, $sql_fields, $sql_values, $sql_update);
$sql = "UPDATE {$sql_priority} " . PRIVMSGA_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update pm', '', __LINE__, __FILE__, $sql);
}
// author
$fields_recip = array();
$fields_recip['privmsg_id'] = $privmsg_id;
$fields_recip['privmsg_ip'] = $q . $privmsg_ip . $q;
$fields_recip['privmsg_status'] = STS_TRANSIT;
$fields_recip['privmsg_read'] = NEW_MAIL;
$fields_recip['privmsg_distrib'] = 0;
$fields_recip['privmsg_folder_id'] = OUTBOX;
$fields_recip['privmsg_direct'] = 0;
$fields_recip['privmsg_user_id'] = $from_user_id;
_sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update);
$sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}\n AND privmsg_direct = 0";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update pm', '', __LINE__, __FILE__, $sql);
}
// recipients
$fields_recip['privmsg_direct'] = 1;
$fields_recip['privmsg_folder_id'] = INBOX;
_sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update, 'privmsg_user_id');
for ($i = 0; $i < count($to_user_ids); $i++) {
$privmsg_to_user_id = intval($to_user_ids[$i]);
if (!empty($privmsg_to_user_id)) {
if (!isset($recips[$privmsg_to_user_id])) {
// create a new recip
$sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields}, privmsg_user_id)\n VALUES({$sql_values}, {$privmsg_to_user_id})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not create pm recipient', '', __LINE__, __FILE__, $sql);
}
$s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id;
} else {
// update an existing recip
$sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}\n AND privmsg_user_id = {$privmsg_to_user_id}\n AND privmsg_direct = 1";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update pm recipient', '', __LINE__, __FILE__, $sql);
}
switch ($recips[$privmsg_to_user_id]) {
case READ_MAIL:
$s_read_add .= (empty($s_read_add) ? '' : ', ') . $privmsg_to_user_id;
break;
case UNREAD_MAIL:
$s_unread_add .= (empty($s_unread_add) ? '' : ', ') . $privmsg_to_user_id;
break;
case NEW_MAIL:
$s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id;
break;
}
}
}
}
}
//----------------------------
// adjust the impacted users box
//----------------------------
if (!empty($s_new_delete)) {
$sql = "UPDATE " . USERS_TABLE . "\n SET user_new_privmsg = user_new_privmsg-1\n WHERE user_id IN ({$s_new_delete})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update users counter - deleted new private messages', '', __LINE__, __FILE__, $sql);
}
}
if (!empty($s_unread_delete) || !empty($s_unread_add)) {
$semicol = empty($s_unread_delete) || empty($s_unread_add) ? '' : ',';
$sql = "UPDATE " . USERS_TABLE . "\n SET user_unread_privmsg = user_unread_privmsg-1\n WHERE user_id IN ({$s_unread_delete} {$semicol} {$s_unread_add})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update users counter - deleted unread private messages', '', __LINE__, __FILE__, $sql);
}
}
if (!empty($s_read_add) || !empty($s_new_add)) {
$semicol = empty($s_read_add) || empty($s_new_add) ? '' : ',';
$sql = "UPDATE " . USERS_TABLE . "\n SET user_new_privmsg = user_new_privmsg+1,\n user_last_privmsg = {$time}\n WHERE user_id IN ({$s_read_add} {$semicol} {$s_new_add})";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update users counter - deleted new private messages', '', __LINE__, __FILE__, $sql);
}
}
// notifications
$date = $privmsg['privmsg_time'];
$copy = false;
// server values
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
// sender script
$script_name = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path']));
$script_name = !empty($script_name) ? $script_name . '/privmsga.' . $phpEx : 'privmsga.' . $phpEx;
// specific data
$parsed_values = array('U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=' . INBOX);
$recips = array();
send_mail('privmsg_notify', $from_userdata, $to_user_ids, $recips, $subject, $message, $time, $copy, $parsed_values);
if (defined('IN_CASHMOD')) {
$pmer = new cash_user($userdata['user_id'], $userdata);
$pmer->give_pm_amount();
}
return '';
}
}
elseif ($mode == 'edit')
{
$link_name = $lang['Edit_message'];
}
$nav_server_url = create_server_url();
$breadcrumbs['address'] = $lang['Nav_Separator'] . '<a href="' . $nav_server_url . append_sid(CMS_PAGE_PRIVMSG . '?folder=inbox') . '"' . (!empty($link_name) ? '' : ' class="nav-current"') . '>' . $lang['Private_Messaging'] . '</a>' . (!empty($link_name) ? ($lang['Nav_Separator'] . '<a class="nav-current" href="#">' . $link_name . '</a>') : '');
$skip_nav_cat = true;
include_once(IP_ROOT_PATH . 'includes/users_zebra_block.' . PHP_EXT);
if ($preview && !$error)
{
$privmsg_message = !empty($draft_message) ? $draft_message : $privmsg_message;
$privmsg_subject = !empty($draft_subject) ? $draft_subject : $privmsg_subject;
$preview_message = prepare_message($privmsg_message, $html_on, $bbcode_on, $smilies_on);
$privmsg_message = preg_replace($html_entities_match, $html_entities_replace, $privmsg_message);
// Finalise processing as per viewtopic
if (!$html_on)
{
if ($user_sig != '' || !$user->data['user_allowhtml'])
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
}
$preview_subject = censor_text($privmsg_subject);
$preview_message = censor_text($preview_message);
if ($attach_sig && ($user_sig != ''))
// END EMAIL-NOTIFY
}
// BEGIN PM-NOTIFY ON OUTBID
// Check ACP-setting
if ($auction_config_data['auction_pm_notify']) {
$outbid_pm_subject = $lang['outbid'] . " - " . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($auction_corresponding_bids_start_stop_row['auction_offer_title']))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0);
$outbid_pm = $lang['outbid_pm'];
$privmsgs_date = date("U");
$sql = "INSERT INTO " . PRIVMSGS_TABLE . "\r\n (privmsgs_type,\r\n privmsgs_subject,\r\n privmsgs_from_userid,\r\n privmsgs_to_userid,\r\n privmsgs_date,\r\n privmsgs_enable_html,\r\n privmsgs_enable_bbcode,\r\n privmsgs_enable_smilies,\r\n privmsgs_attach_sig)\r\n VALUES ('0',\r\n '" . str_replace("\\'", "''", addslashes(sprintf($outbid_pm_subject, $board_config['sitename']))) . "',\r\n '2',\r\n " . $auction_corresponding_bids_start_stop_row['FK_auction_offer_last_bid_user_id'] . ",\r\n " . $privmsgs_date . ",\r\n '0',\r\n '1',\r\n '1',\r\n '0')";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql);
}
// if
$outbid_sent_id = $db->sql_nextid();
$outbid_text = $lang['outbid_pm_text'];
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . "\r\n (privmsgs_text_id,\r\n privmsgs_text)\r\n VALUES ({$outbid_sent_id},\r\n '" . str_replace("\\'", "''", addslashes(sprintf($outbid_pm, $board_config['sitename']))) . "</br></br><a href=auction_offer_view.php?ao=" . $HTTP_GET_VARS[POST_AUCTION_OFFER_URL] . '>' . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($auction_corresponding_bids_start_stop_row['auction_offer_title']))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0) . '</a></br>' . $board_config['board_email_sig'] . "')";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql);
}
// if
$sql = "UPDATE " . USERS_TABLE . "\r\n SET user_new_privmsg=user_new_privmsg+1,\r\n user_new_privmsg = user_new_privmsg +1\r\n WHERE user_id=" . $auction_corresponding_bids_start_stop_row['FK_auction_offer_last_bid_user_id'];
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update user table for outbid notification', '', __LINE__, __FILE__, $sql);
}
// if
}
// if
// End pm-notification
}
// if
$message = $lang['auction_room_bid_successful'] . "<br /><br />" . sprintf($lang['Click_return_offer'], "<a href=\"" . append_sid("auction_offer_view.{$phpEx}?ao=" . $HTTP_GET_VARS[POST_AUCTION_OFFER_URL]) . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_auction_index'], "<a href=\"" . append_sid("auction.{$phpEx}") . "\">", "</a>");
$emailer->assign_vars(array('USERNAME' => html_entity_decode($to_username), 'NAME_FROM' => $userdata['username'], 'MSG_SUBJECT' => html_entity_decode($privmsg_subject), 'SITENAME' => $bb_cfg['sitename'], 'U_INBOX' => make_url(PM_URL . "?folder=inbox&mode=read&p={$privmsg_sent_id}")));
$emailer->send();
$emailer->reset();
}
}
pm_die($lang['MESSAGE_SENT']);
} else {
if ($preview || $refresh || $error) {
//
// If we're previewing or refreshing then obtain the data
// passed to the script, process it a little, do some checks
// where neccessary, etc.
//
$to_username = isset($_POST['username']) ? clean_username($_POST['username']) : '';
$privmsg_subject = isset($_POST['subject']) ? clean_title($_POST['subject']) : '';
$privmsg_message = isset($_POST['message']) ? prepare_message($_POST['message']) : '';
//
// Do mode specific things
//
if ($mode == 'post') {
$page_title = $lang['POST_NEW_PM'];
} else {
if ($mode == 'reply') {
$page_title = $lang['POST_REPLY_PM'];
} else {
if ($mode == 'edit') {
$page_title = $lang['EDIT_PM'];
$sql = "SELECT u.user_id\n\t\t\t\tFROM " . BB_PRIVMSGS . " pm, " . BB_USERS . " u\n\t\t\t\tWHERE pm.privmsgs_id = {$privmsg_id}\n\t\t\t\t\tAND u.user_id = pm.privmsgs_from_userid";
if (!($result = DB()->sql_query($sql))) {
bb_die('Could not obtain post and post text');
}
$sql = "UPDATE " . USERS_TABLE . "\n\t\t\tSET user_sig = '" . $db->sql_escape($signature) . "'\n\t\t\tWHERE user_id = {$user_id}";
$result = $db->sql_query($sql);
$save_message = $lang['sig_save_message'];
}
} else {
message_die(GENERAL_MESSAGE, 'An Error occured while submitting Signature');
}
} elseif ($preview) {
$template->assign_block_vars('switch_preview_sig', array());
if (isset($signature)) {
$preview_sig = $signature;
if (strlen($preview_sig) > $config['max_sig_chars']) {
$preview_sig = $lang['Signature_too_long'];
} else {
$preview_sig = htmlspecialchars($preview_sig);
$preview_sig = stripslashes(prepare_message(addslashes(unprepare_message($preview_sig)), $html_on, $bbcode_on, $smilies_on));
if ($preview_sig != '') {
$bbcode->is_sig = true;
$preview_sig = $bbcode->parse($preview_sig);
$bbcode->is_sig = false;
$preview_sig = '<br />' . $config['sig_line'] . '<br />' . $preview_sig;
//$preview_sig = nl2br($preview_sig);
$preview_sig = censor_text($preview_sig);
} else {
$preview_sig = $lang['sig_none'];
}
}
} else {
message_die(GENERAL_MESSAGE, 'An Error occured while submitting Signature');
}
} elseif ($mode) {
}
}
} else {
$error = TRUE;
$error_msg .= (!empty($error_msg) ? '<br />' : '') . $lang['No_to_user'];
}
$instant_subject = trim(strip_tags($_REQUEST['subject']));
if (empty($instant_subject)) {
$instant_subject = $default_im_subject;
}
if (!empty($_REQUEST['message'])) {
if (!$error) {
if ($bbcode_on) {
$bbcode_uid = $bbcode_parse->make_bbcode_uid();
}
$instant_message = prepare_message($_REQUEST['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
}
} else {
$error = TRUE;
$error_msg .= (!empty($error_msg) ? '<br />' : '') . $lang['Empty_message'];
}
}
if ($submit && !$error && !$site_id) {
$msg_time = time();
if ($prill_config['enable_im_limit']) {
//
// See if recipient is at their IM box limit
// If so, don't send the message
//
$sql = 'SELECT COUNT(instmsgs_id) AS im_box_items, MIN(instmsgs_date) AS oldest_post_time
FROM ' . INSTMSGS_TABLE . '
//
// Custom Title MOD
//
$custom_title = stripslashes($custom_title);
//
// Custom Title MOD End
//
if ($signature != '') {
if (strlen($signature) > $board_config['max_sig_chars']) {
$error = true;
$error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Signature_too_long'];
}
if ($signature_bbcode_uid == '') {
$signature_bbcode_uid = $view_userdata['user_allowbbcode'] ? $bbcode_parse->make_bbcode_uid() : '';
}
$signature = prepare_message($signature, $view_userdata['user_allowhtml'], $view_userdata['user_allowbbcode'], $view_userdata['user_allowsmile'], $signature_bbcode_uid);
$view_userdata['user_sig'] = $signature;
$view_userdata['user_sig_bbcode_uid'] = $signature_bbcode_uid;
}
if ($error) {
//
// Custom Title MOD
//
$custom_title = stripslashes($custom_title);
//
// Custom Title MOD End
//
message_die(GENERAL_ERROR, $error_msg);
}
if (!$error && !$preview) {
//
$this->response['post_id'] = $post_id;
break;
case 'add':
if (!isset($this->request['topic_id'])) {
$this->ajax_die('empty topic_id');
}
if (bf($userdata['user_opt'], 'user_opt', 'dis_post')) {
$this->ajax_die(strip_tags($lang['RULES_REPLY_CANNOT']));
} elseif (!$is_auth['auth_reply']) {
$this->ajax_die(sprintf($lang['SORRY_AUTH_REPLY'], strip_tags($is_auth['auth_reply_type'])));
}
if ($post['topic_status'] == TOPIC_LOCKED && !$is_auth['auth_mod']) {
$this->ajax_die($lang['TOPIC_LOCKED']);
}
$message = (string) $this->request['message'];
$message = prepare_message($message);
// Flood control
$where_sql = IS_GUEST ? "p.poster_ip = '" . USER_IP . "'" : "p.poster_id = {$userdata['user_id']}";
$sql = "SELECT MAX(p.post_time) AS last_post_time FROM " . BB_POSTS . " p WHERE {$where_sql}";
if ($row = DB()->fetch_row($sql) and $row['last_post_time']) {
if ($userdata['user_level'] == USER) {
if (TIMENOW - $row['last_post_time'] < $bb_cfg['flood_interval']) {
$this->ajax_die($lang['FLOOD_ERROR']);
}
}
}
// Double Post Control
if (!empty($row['last_post_time']) && !IS_AM) {
$sql = "\n\t\t\t\tSELECT pt.post_text\n\t\t\t\tFROM " . BB_POSTS . " p, " . BB_POSTS_TEXT . " pt\n\t\t\t\tWHERE {$where_sql}\n\t\t\t\t\tAND p.post_time = " . (int) $row['last_post_time'] . "\n\t\t\t\t\tAND pt.post_id = p.post_id\n\t\t\t\tLIMIT 1\n\t\t\t";
if ($row = DB()->fetch_row($sql)) {
$last_msg = DB()->escape($row['post_text']);
function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$poll_title, &$poll_options, &$poll_length, &$max_vote, &$hide_vote, &$tothide_vote)
{
global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path;
// Check username
if (!empty($username)) {
$username = phpbb_clean_username($username);
if (!$userdata['session_logged_in'] || $userdata['session_logged_in'] && $username != $userdata['username']) {
include $phpbb_root_path . 'includes/functions_validate.' . $phpEx;
$result = validate_username($username);
if ($result['error']) {
$error_msg .= !empty($error_msg) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
} else {
$username = '';
}
}
// Check subject
if (!empty($subject)) {
$subject = htmlspecialchars(trim($subject));
} else {
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
}
// Start Smilies Invasion Mod
// Check Smiley Count
if ($userdata['user_level'] != ADMIN) {
// -~= { Start User Configuration } =~- \\
$smilies_limit = 3;
// -~= { End User Configuration { =~- \\
$smilies_count = smilies_count($subject);
if ($smilies_count > $smilies_limit) {
$error_msg .= !empty($error_msg) ? '<br />' . sprintf($lang['Smilies_invasion_error_count'], $smilies_count, $smilies_limit) : sprintf($lang['Smilies_invasion_error_count'], $smilies_count, $smilies_limit);
}
}
// End Smilies Invasion Mod
// Check message
if (!empty($message)) {
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
} else {
if ($mode != 'delete' && $mode != 'poll_delete') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
}
//
// Handle poll stuff
//
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$poll_length = isset($poll_length) ? max(0, $poll_length + $poll_length_h / 24) : 0;
${$max_vote} = isset($max_vote) ? max(0, intval($max_vote)) : 0;
${$hide_vote} = isset($hide_vote) ? max(0, intval($hide_vote)) : 0;
${$tothide_vote} = isset($tothide_vote) ? max(0, intval($tothide_vote)) : 0;
if (!empty($poll_title)) {
$poll_title = htmlspecialchars(trim($poll_title));
}
if (!empty($poll_options)) {
$temp_option_text = array();
while (list($option_id, $option_text) = @each($poll_options)) {
$option_text = trim($option_text);
if (!empty($option_text)) {
$temp_option_text[intval($option_id)] = htmlspecialchars($option_text);
}
}
$option_text = $temp_option_text;
if (count($poll_options) < 2) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
} else {
if (count($poll_options) > $board_config['max_poll_options']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
} else {
if ($poll_title == '') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
}
}
}
}
}
return;
}
if ($submit && $from != $pr_data['user_from']) {
$pr_data['user_from'] = $from;
$db_data['user_from'] = (string) $from;
}
$tp_data['USER_FROM'] = $pr_data['user_from'];
break;
/**
* Подпись (edit)
*/
/**
* Подпись (edit)
*/
case 'user_sig':
$sig = isset($_POST['user_sig']) ? (string) $_POST['user_sig'] : $pr_data['user_sig'];
if ($submit && $sig != $pr_data['user_sig']) {
$sig = prepare_message($sig);
if (mb_strlen($sig, 'UTF-8') > $bb_cfg['max_sig_chars']) {
$errors[] = $lang['SIGNATURE_TOO_LONG'];
} else {
if (preg_match('#<(a|b|i|u|table|tr|td|img) #i', $sig) || preg_match('#(href|src|target|title)=#i', $sig)) {
$errors[] = $lang['SIGNATURE_ERROR_HTML'];
}
}
$pr_data['user_sig'] = $sig;
$db_data['user_sig'] = (string) $sig;
}
$tp_data['USER_SIG'] = $pr_data['user_sig'];
break;
/**
* Род занятий (edit)
*/
// Start output, first preview, then errors then post form
//
$page_title = $lang['Send_private_message'];
include $phpbb_root_path . 'includes/page_header.' . $phpEx;
//-- mod : bbcode box reloaded -------------------------------------------------
//-- add
include $phpbb_root_path . 'includes/bbc_box_tags.' . $phpEx;
//-- fin mod : bbcode box reloaded ---------------------------------------------
if ($preview && !$error) {
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
if ($bbcode_on) {
$bbcode_uid = make_bbcode_uid();
}
$preview_message = stripslashes(prepare_message($privmsg_message, $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
$privmsg_message = stripslashes(preg_replace($html_entities_match, $html_entities_replace, $privmsg_message));
//
// Finalise processing as per viewtopic
//
if (!$html_on || !$board_config['allow_html'] || !$userdata['user_allowhtml']) {
if ($user_sig != '') {
$user_sig = preg_replace('#(<)([\\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
}
if ($attach_sig && $user_sig != '' && $userdata['user_sig_bbcode_uid']) {
$user_sig = bbencode_second_pass($user_sig, $userdata['user_sig_bbcode_uid']);
}
if ($bbcode_on) {
$preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
}
function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on, &$error_msg, &$username, &$bbcode_uid, &$subject, &$message, &$nowplaying, &$poll_title, &$poll_options, &$poll_length)
{
global $config, $userdata, $lang;
// Check subject
if (!empty($subject))
{
$subject = htmlspecialchars(trim($subject));
}
else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
}
// Check message
if (!empty($message))
{
$message = prepare_message($message, $html_on, $bbcode_on, $smilies_on);
}
else if ($mode != 'delete' && $mode != 'poll_delete')
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
}
//
// Handle poll stuff
//
if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
{
$poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0;
if (!empty($poll_title))
{
$poll_title = htmlspecialchars(trim($poll_title));
}
if(!empty($poll_options))
{
$temp_option_text = w();
while(list($option_id, $option_text) = @each($poll_options))
{
$option_text = trim($option_text);
if (!empty($option_text))
{
$temp_option_text[$option_id] = htmlspecialchars($option_text);
}
}
$option_text = $temp_option_text;
if (count($poll_options) < 2)
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
}
else if (count($poll_options) > $config['max_poll_options'])
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
}
else if ($poll_title == '')
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
}
}
}
return;
}
