Beispiel #1
0
        while (list($k, $v) = each($deletepms)) {
            $deletepms[$k] = intval($v);
        }
        thwb_query("DELETE FROM " . $pref . "pm WHERE pmtoid={$g_user['userid']} AND pmid IN(" . addslashes(implode(',', $deletepms)) . ")");
        header("Location: " . build_link('pm.php', true));
        exit;
    } else {
        $navpath .= "Private Messages";
        message('Fehler', 'Bitte markieren Sie erst eine oder mehrere Nachricht(en).');
    }
} elseif ($action == "new") {
    if (isset($send) && $send) {
        // http://www.securiteam.com/securitynews/5FP0C204KE.html
        $action = $HTTP_POST_VARS['action'];
        $errmsg = '';
        $pm['pmtext'] = strip_session($pm['pmtext']);
        if (strlen($pm['username']) < 1) {
            $errmsg .= "Bitte geben Sie einen Empf&auml;nger an<br>";
        }
        if (strlen(preg_replace("/^\\s+|&#32;\$/", '', parse_code($pm['pmtopic']))) < 3) {
            $errmsg .= "Betreff ist zu kurz! (mindestens 3 Zeichen)<br>";
        }
        if (strlen(preg_replace("/^\\s+|&#32;\$/", '', parse_code($pm['pmtext']))) < 3) {
            $errmsg .= "Der Text ist zu kurz! (mindestens 3 Zeichen)<br>";
        }
        if (strlen($pm['pmtext']) > $config['pm_maxlength']) {
            $errmsg .= "Der Text ist zu lang! (maximal {$config['pm_maxlength']} Zeichen)<br>";
        }
        $r_user = thwb_query("SELECT userid, useremail, groupids FROM " . $pref . "user WHERE username='******'username']) . "'");
        if (mysql_num_rows($r_user) < 1) {
            $errmsg .= "Der Empf&auml;nger existiert nicht!<br>";
Beispiel #2
0
        ==============================================
          (c) 2000-2004 by ThWboard Development Group
          download the latest version:
            http://www.thwboard.de
          This  program is  free  software;  you can
          redistribute it and/or modify it under the
          terms of the GNU General Public License as
          published by the Free Software Foundation;
          either  version 2 of  the License,  or (at
          your option) any later version.
        ==============================================
*/
include "./inc/header.inc.php";
// http://www.securiteam.com/securitynews/5FP0C204KE.html
$post['posttext'] = isset($HTTP_POST_VARS['post']['posttext']) ? $HTTP_POST_VARS['post']['posttext'] : '';
$post['posttext'] = strip_session($post['posttext']);
if (!isset($post['postcode'])) {
    $post['postcode'] = 0;
}
if (!isset($post['postsmilies'])) {
    $post['postsmilies'] = 0;
}
if (!isset($post['postemailnotify'])) {
    $post['postemailnotify'] = 0;
}
if ($g_user['userid'] == 0 && !$P->has_permission(P_REPLY)) {
    $navpath .= "Neue Antwort";
    message('Fehler', 'Sie m&uuml;ssen registriert sein, um Beitr&auml;ge erstellen zu k&ouml;nnen');
}
requires_permission(P_REPLY);
$msg = '';