/**
* Allows the user to report a personal message to an administrator.
*
* - In the first instance requires that the ID of the message to report is passed through $_GET.
* - It allows the user to report to either a particular administrator - or the whole admin team.
* - It will forward on a copy of the original message without allowing the reporter to make changes.
*
* @uses report_message sub-template.
*/
function ReportMessage()
{
global $txt, $context, $scripturl, $sourcedir;
global $user_info, $language, $modSettings, $smcFunc;
// Check that this feature is even enabled!
if (empty($modSettings['enableReportPM']) || empty($_REQUEST['pmsg'])) {
fatal_lang_error('no_access', false);
}
$pmsg = (int) $_REQUEST['pmsg'];
if (!isAccessiblePM($pmsg, 'inbox')) {
fatal_lang_error('no_access', false);
}
$context['pm_id'] = $pmsg;
$context['page_title'] = $txt['pm_report_title'];
// If we're here, just send the user to the template, with a few useful context bits.
if (!isset($_POST['report'])) {
$context['sub_template'] = 'report_message';
// @todo I don't like being able to pick who to send it to. Favoritism, etc. sucks.
// Now, get all the administrators.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name
FROM {db_prefix}members
WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
ORDER BY real_name', array('admin_group' => 1));
$context['admins'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['admins'][$row['id_member']] = $row['real_name'];
}
$smcFunc['db_free_result']($request);
// How many admins in total?
$context['admin_count'] = count($context['admins']);
} else {
// Check the session before proceeding any further!
checkSession('post');
// First, pull out the message contents, and verify it actually went to them!
$request = $smcFunc['db_query']('', '
SELECT pm.subject, pm.body, pm.msgtime, pm.id_member_from, IFNULL(m.real_name, pm.from_name) AS sender_name
FROM {db_prefix}personal_messages AS pm
INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
LEFT JOIN {db_prefix}members AS m ON (m.id_member = pm.id_member_from)
WHERE pm.id_pm = {int:id_pm}
AND pmr.id_member = {int:current_member}
AND pmr.deleted = {int:not_deleted}
LIMIT 1', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id'], 'not_deleted' => 0));
// Can only be a hacker here!
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
list($subject, $body, $time, $memberFromID, $memberFromName) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Remove the line breaks...
$body = preg_replace('~<br ?/?' . '>~i', "\n", $body);
// Get any other recipients of the email.
$request = $smcFunc['db_query']('', '
SELECT mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc
FROM {db_prefix}pm_recipients AS pmr
LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
WHERE pmr.id_pm = {int:id_pm}
AND pmr.id_member != {int:current_member}', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id']));
$recipients = array();
$hidden_recipients = 0;
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// If it's hidden still don't reveal their names - privacy after all ;)
if ($row['bcc']) {
$hidden_recipients++;
} else {
$recipients[] = '[url=' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . ']' . $row['to_name'] . '[/url]';
}
}
$smcFunc['db_free_result']($request);
if ($hidden_recipients) {
$recipients[] = sprintf($txt['pm_report_pm_hidden'], $hidden_recipients);
}
// Now let's get out and loop through the admins.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name, lngfile
FROM {db_prefix}members
WHERE (id_group = {int:admin_id} OR FIND_IN_SET({int:admin_id}, additional_groups) != 0)
' . (empty($_POST['id_admin']) ? '' : 'AND id_member = {int:specific_admin}') . '
ORDER BY lngfile', array('admin_id' => 1, 'specific_admin' => isset($_POST['id_admin']) ? (int) $_POST['id_admin'] : 0));
// Maybe we shouldn't advertise this?
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
$memberFromName = un_htmlspecialchars($memberFromName);
// Prepare the message storage array.
$messagesToSend = array();
// Loop through each admin, and add them to the right language pile...
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Need to send in the correct language!
$cur_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
if (!isset($messagesToSend[$cur_language])) {
loadLanguage('PersonalMessage', $cur_language, false);
// Make the body.
$report_body = str_replace(array('{REPORTER}', '{SENDER}'), array(un_htmlspecialchars($user_info['name']), $memberFromName), $txt['pm_report_pm_user_sent']);
$report_body .= "\n" . '[b]' . $_POST['reason'] . '[/b]' . "\n\n";
if (!empty($recipients)) {
$report_body .= $txt['pm_report_pm_other_recipients'] . ' ' . implode(', ', $recipients) . "\n\n";
}
$report_body .= $txt['pm_report_pm_unedited_below'] . "\n" . '[quote author=' . (empty($memberFromID) ? '"' . $memberFromName . '"' : $memberFromName . ' link=action=profile;u=' . $memberFromID . ' date=' . $time) . ']' . "\n" . un_htmlspecialchars($body) . '[/quote]';
// Plonk it in the array ;)
$messagesToSend[$cur_language] = array('subject' => ($smcFunc['strpos']($subject, $txt['pm_report_pm_subject']) === false ? $txt['pm_report_pm_subject'] : '') . un_htmlspecialchars($subject), 'body' => $report_body, 'recipients' => array('to' => array(), 'bcc' => array()));
}
// Add them to the list.
$messagesToSend[$cur_language]['recipients']['to'][$row['id_member']] = $row['id_member'];
}
$smcFunc['db_free_result']($request);
// Send a different email for each language.
foreach ($messagesToSend as $lang => $message) {
sendpm($message['recipients'], $message['subject'], $message['body']);
}
// Give the user their own language back!
if (!empty($modSettings['userLanguage'])) {
loadLanguage('PersonalMessage', '', false);
}
// Leave them with a template.
$context['sub_template'] = 'report_message_complete';
}
}
/**
* Allows the user to mark a personal message as unread so they remember to come back to it
*/
public function action_markunread()
{
global $context;
checkSession('request');
$pmsg = !empty($_REQUEST['pmsg']) ? (int) $_REQUEST['pmsg'] : null;
// Marking a message as unread, we need a message that was sent to them
// Can't mark your own reply as unread, that would be weird
if (!is_null($pmsg) && checkPMReceived($pmsg)) {
// Make sure this is accessible, should be of course
if (!isAccessiblePM($pmsg, 'inbox')) {
fatal_lang_error('no_access', false);
}
// Well then, you get to hear about it all over again
markMessagesUnread($pmsg);
}
// Back to the folder.
redirectexit($context['current_label_redirect']);
}
