$text = strip_tags($text);
$inboxlink = HTTP_HOST . mklink('user.php?action=pms', 'user,pms.html');
$input = array('USERNAME' => $user->info['username'], 'WEBSITE' => $set['main']['websitename'], 'INBOX' => $inboxlink, 'SUBJECT' => $_POST['subject'], 'TEXT' => $text);
sendmail($email, 'NEWPM', $input);
}
message($apx->lang->get('MSG_OK'), mklink('user.php?action=pms&dir=out', 'user,pms,out.html'));
}
} else {
if ($_POST['preview']) {
$text = $_POST['text'];
if ($set['user']['pm_badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($set['user']['pm_allowsmilies']) {
$text = dbsmilies($text);
}
if ($set['user']['pm_allowcode']) {
$text = dbcodes($text);
}
$apx->tmpl->assign('PREVIEW', $text);
$apx->tmpl->assign('USERNAME', compatible_hsc($_POST['touser']));
$apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('ADDSIG', intval($_POST['addsig']));
} else {
$text = '';
if ($_REQUEST['answer']) {
$res = $db->first("SELECT a.subject,a.text,b.userid,b.username,c.username AS username2 FROM " . PRE . "_user_pms AS a LEFT JOIN " . PRE . "_user AS b ON a.fromuser=b.userid LEFT JOIN " . PRE . "_user AS c ON a.touser=c.userid WHERE ( a.id='" . $_REQUEST['answer'] . "' AND ( a.touser='******'userid'] . "' OR a.fromuser='******'userid'] . "' ) )");
if ($res['userid'] == $user->info['userid']) {
$username = compatible_hsc($res['username2']);
function display()
{
global $db, $apx, $user, $set;
$apx->lang->drop('comments', 'comments');
$page = $this->getpage(array('p'));
//Seitenzahlen
list($count) = $db->first("SELECT count(id) FROM " . PRE . "_comments WHERE ( module='" . addslashes($this->module) . "' AND mid='" . $this->mid . "' AND active='1' )");
pages($page, $count, $this->set['epp'], 'comp', 'COMMENT');
//Sortierreihenfolge
if ($this->set['order'] == 1) {
$order = "a.time ASC";
} else {
$order = "a.time DESC";
}
//Kommentare auslesen
$data = $db->fetch("SELECT a.* FROM " . PRE . "_comments AS a WHERE ( module='" . addslashes($this->module) . "' AND a.mid='" . $this->mid . "' AND a.active='1' ) ORDER BY " . $order . " " . getlimit($this->set['epp'], 'comp'));
if (!count($data)) {
return;
}
//Nummerierungs-Anfang
if ($this->set['epp']) {
if ($this->set['order'] == 0) {
$entrynumber = $count - ($_REQUEST['comp'] - 1) * $this->set['epp'];
} else {
$entrynumber = 1 + ($_REQUEST['comp'] - 1) * $this->set['epp'];
}
} else {
if ($this->set['order'] == 0) {
$entrynumber = $count;
} else {
$entrynumber = 1;
}
}
foreach ($data as $res) {
++$i;
if ($res['userid'] && !isset($userinfo[$res['userid']])) {
$userinfo[$res['userid']] = $user->get_info($res['userid'], 'username,email,pub_hidemail,homepage,avatar,avatar_title,signature,lastactive,pub_invisible,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10');
}
if ($res['userid'] && $userinfo[$res['userid']]) {
$tabledata[$i]['USERID'] = $res['userid'];
$tabledata[$i]['NAME'] = replace($userinfo[$res['userid']]['username']);
$tabledata[$i]['EMAIL'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], $userinfo[$res['userid']]['email']));
$tabledata[$i]['EMAIL_ENCRYPTED'] = replace(iif(!$userinfo[$res['userid']]['pub_hidemail'], cryptMail($userinfo[$res['userid']]['email'])));
$tabledata[$i]['HOMEPAGE'] = replace($userinfo[$res['userid']]['homepage']);
$tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo[$res['userid']]);
$tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo[$res['userid']]);
$tabledata[$i]['SIGNATURE'] = $user->mksig($userinfo[$res['userid']]);
$tabledata[$i]['ONLINE'] = iif(!$userinfo[$res['userid']]['pub_invisible'] && $userinfo[$res['userid']]['lastactive'] + $set['user']['timeout'] * 60 >= time(), 1, 0);
$tabledata[$i]['ISONLINE'] = $tabledata[$i]['ONLINE'];
//Custom-Felder
for ($ii = 1; $ii <= 10; $ii++) {
$tabledata[$i]['CUSTOM' . $ii . '_NAME'] = $set['user']['cusfield_names'][$ii - 1];
$tabledata[$i]['CUSTOM' . $ii] = compatible_hsc($userinfo[$res['userid']]['custom' . $ii]);
}
} else {
$tabledata[$i]['NAME'] = replace($res['username']);
$tabledata[$i]['EMAIL'] = replace($res['email']);
$tabledata[$i]['EMAIL_ENCRYPTED'] = replace(cryptMail($res['email']));
$tabledata[$i]['HOMEPAGE'] = replace($res['homepage']);
}
//Text
$text = $res['text'];
if ($this->set['badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($this->set['breakline']) {
$text = wordwrapHTML($text, $this->set['breakline'], "\n");
}
if ($this->set['allowsmilies']) {
$text = dbsmilies($text);
}
if ($this->set['allowcode']) {
$text = dbcodes($text);
}
//Titel
$title = $res['title'];
if ($this->set['breakline']) {
$title = wordwrap($title, $this->set['breakline'], "\n", 1);
}
if ($this->set['badwords']) {
$title = badwords($title);
}
$title = replace($title);
$tabledata[$i]['TEXT'] = $text;
$tabledata[$i]['TITLE'] = $title;
$tabledata[$i]['TIME'] = $res['time'];
$tabledata[$i]['NUMBER'] = $entrynumber;
//Admin-Links
if ($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'] && $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']) {
$tabledata[$i]['EDITLINK'] = HTTPDIR . 'admin/action.php?action=comments.edit&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1';
$tabledata[$i]['DELETELINK'] = HTTPDIR . 'admin/action.php?action=comments.del&module=' . $this->module . '&mid=' . $this->mid . '&id=' . $res['id'] . '&outer=1';
}
//Melden
$link_report = "javascript:popupwin('misc.php?action=comments_report&id=" . $res['id'] . "&url='+escape(window.location.href),500,300);";
$tabledata[$i]['REPORTLINK'] = $link_report;
//Kommentarnummer
if ($this->set['order'] == 0) {
--$entrynumber;
} else {
++$entrynumber;
}
}
return $tabledata;
}
function mksig($info, $nospacer = false)
{
global $set;
$text = $info['signature'];
if (!$text) {
return '';
}
if ($set['user']['sig_badwords']) {
$text = badwords($text);
}
$text = replace($text, 1);
if ($set['user']['sig_allowsmilies']) {
$text = dbsmilies($text);
}
if ($set['user']['sig_allowcode']) {
$text = dbcodes($text, 1);
}
if (!$nospacer) {
$text = $set['user']['sigspace'] . $text;
}
return $text;
}
function forum_replace($text, $codes = true, $smilies = true)
{
global $set, $apx, $codecache;
//Badwords ersetzen
if ($set['forum']['badwords']) {
$text = badwords($text);
}
//Codes ersetzen
if ($set['forum']['codes'] && $codes) {
//Code und PHP ausschneiden
$codecache = array();
$text = preg_replace_callback('#\\[(PHP|CODE|HTML)\\](.*?)\\[/\\1\\]#si', 'save_code', $text);
//Restliche Codes ersetzen
$text = forum_codes($text);
} else {
$text = replace($text, true);
}
//Smilies ersetzen
if ($set['forum']['smilies'] && $smilies) {
$text = dbsmilies($text);
}
//Code und PHP einfügen
if ($set['forum']['codes'] && $codes) {
$text = strtr($text, $codecache);
}
//Glossar-Links erzeugen
if ($apx->is_module('glossar')) {
$text = glossar_highlight($text, 'forum');
}
return $text;
}
function user_blogs_last($count = 5, $start = 0, $friendsonly = false, $userid = 0, $template = 'lastblogs')
{
global $set, $db, $apx, $user;
$tmpl = new tengine();
$count = (int) $count;
$start = (int) $start;
$userid = (int) $userid;
//Verwendete Variablen auslesen
$parse = $apx->tmpl->used_vars('functions/' . $template, 'user');
//Nach Freunde filtern
$friendfilter = '';
if ($friendsonly) {
$friends = $user->get_buddies();
$friends[] = -1;
$friendfilter = " AND userid IN (" . implode(',', $friends) . ") ";
}
//Nach Benutzer filtern
$userfilter = '';
if ($userid) {
$userfilter = " AND userid='" . $userid . "'";
}
$data = $db->fetch("SELECT * FROM " . PRE . "_user_blog WHERE 1 " . $userfilter . $friendfilter . " ORDER BY time DESC LIMIT " . iif($start, $start . ',') . $count);
if (count($data)) {
//Benutzer-Infos auslesen
$userdata = array();
if (in_template(array('BLOG.USERNAME', 'BLOG.REALNAME', 'BLOG.AVATAR', 'BLOG.AVATER_TITLE'), $parse)) {
$userids = get_ids($data, 'userid');
$userdata = $user->get_info_multi($userids, 'username,realname,avatar,avatar_title');
}
//Blogs auflisten
$tabledata = array();
foreach ($data as $res) {
++$i;
$link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html');
//Text
$text = '';
if (in_array('BLOG.TEXT', $parse)) {
$text = $res['text'];
$text = badwords($text);
$text = replace($text, 1);
$text = dbsmilies($text);
$text = dbcodes($text);
}
$tabledata[$i]['ID'] = $res['id'];
$tabledata[$i]['TITLE'] = replace($res['title']);
$tabledata[$i]['TEXT'] = $res['text'];
$tabledata[$i]['LINK'] = $link;
$tabledata[$i]['TIME'] = $res['time'];
//Userinfo
$userinfo = $userdata[$res['userid']];
$tabledata[$i]['USERID'] = $res['userid'];
$tabledata[$i]['USERNAME'] = replace($userinfo['username']);
$tabledata[$i]['REALNAME'] = replace($userinfo['realname']);
$tabledata[$i]['AVATAR'] = $user->mkavatar($userinfo);
$tabledata[$i]['AVATAR_TITLE'] = $user->mkavtitle($userinfo);
//Kommentare
if ($apx->is_module('comments') && $res['allowcoms']) {
require_once BASEDIR . getmodulepath('comments') . 'class.comments.php';
if (!isset($coms)) {
$coms = new comments('userblog', $res['id']);
} else {
$coms->mid = $res['id'];
}
$link = mklink('user.php?action=blog&id=' . $res['userid'] . '&blogid=' . $res['id'], 'user,blog,' . $res['userid'] . ',id' . $res['id'] . urlformat($res['title']) . '.html');
$tabledata[$i]['COMMENT_COUNT'] = $coms->count();
$tabledata[$i]['COMMENT_LINK'] = $coms->link($link);
$tabledata[$i]['DISPLAY_COMMENTS'] = 1;
if (in_template(array('BLOG.COMMENT_LAST_USERID', 'BLOG.COMMENT_LAST_NAME', 'BLOG.COMMENT_LAST_TIME'), $parse)) {
$tabledata[$i]['COMMENT_LAST_USERID'] = $coms->last_userid();
$tabledata[$i]['COMMENT_LAST_NAME'] = $coms->last_name();
$tabledata[$i]['COMMENT_LAST_TIME'] = $coms->last_time();
}
}
}
}
$tmpl->assign('BLOG', $tabledata);
//Template ausgeben
$tmpl->parse('functions/' . $template, 'user');
}
