function away_sendpmtoleaders($m, $uid, $a)
{
$q = "SELECT\r\n DISTINCT `prefix_user`.`id` as `uid`\r\n FROM `prefix_user`\r\n LEFT JOIN `prefix_groupusers` ON `prefix_groupusers`.`uid` = " . $uid . "\r\n LEFT JOIN `prefix_groups` ON `prefix_groups`.`id` = `prefix_groupusers`.`gid`\r\n WHERE `recht` <= -7\r\n OR (`mod1` = `prefix_user`.`id` AND `uid` = " . $uid . ")\r\n OR (`mod2` = `prefix_user`.`id` AND `uid` = " . $uid . ")\r\n OR (`mod3` = `prefix_user`.`id` AND `uid` = " . $uid . ")\r\n OR (`mod4` = `prefix_user`.`id` AND `uid` = " . $uid . ")";
$erg = db_query($q);
while ($r = db_fetch_assoc($erg)) {
sendpm($_SESSION['authid'], $r['uid'], 'Away-Anfrage', $m, -1);
}
}
function away_sendpmtoleaders($m, $uid, $a)
{
$q = "SELECT\r\n DISTINCT prefix_user.id as uid\r\n FROM prefix_user\r\n LEFT JOIN prefix_groupusers ON prefix_groupusers.uid = " . $uid . "\r\n LEFT JOIN prefix_groups ON prefix_groups.id = prefix_groupusers.gid\r\n WHERE recht <= -7\r\n OR (`mod1` = prefix_user.id AND uid = " . $uid . ")\r\n OR (`mod2` = prefix_user.id AND uid = " . $uid . ")\r\n OR (`mod3` = prefix_user.id AND uid = " . $uid . ")\r\n OR (`mod4` = prefix_user.id AND uid = " . $uid . ")";
$erg = db_query($q);
while ($r = db_fetch_assoc($erg)) {
sendpm($_SESSION['authid'], $r['uid'], 'Away-Anfrage', $m, -1);
}
}
// eintragen
$name = $xname;
$userreg = $lang['no'];
if (!loggedin() and $allgAr['forum_regist'] != 0) {
$x = user_regist($name, $mail, genkey(8));
$userreg = $lang['yes'];
}
db_query("INSERT INTO `prefix_usercheck` (`check`,`name`,`datime`,`ak`,`groupid`) VALUES ('" . genkey(8) . "','" . $name . "',NOW(),4," . $squad . ")");
$squad = escape($squad, 'integer');
$abf = "SELECT `mod1`, `mod2`, `mod4`, `name` FROM `prefix_groups` WHERE `id` = " . $squad;
$erg = db_query($abf);
$row = db_fetch_assoc($erg);
$rulz = isset($_POST['rules']) ? $_POST['rules'] : $lang['no'];
$skill = $skill_ar[$skill];
// bitte in der richtigen reihenfolge angeben, sonst das nicht gehen tun, kann.
$mailtxt = sprintf($lang['joinusprivmsg'], $name, $row['name'], $skill, $mail, $hometown, $age, $icqnumber, $favmap, $ground, $rulz, $userreg);
// pm an den leader
sendpm($_SESSION['authid'], $row['mod1'], 'Joinus Anfrage', $mailtxt, -1);
// Wenn Co Leader != Leader
if ($row['mod2'] != $row['mod1']) {
sendpm($_SESSION['authid'], $row['mod2'], 'Joinus Anfrage', $mailtxt, -1);
}
if ($row['mod4'] != $row['mod1'] and $row['mod2'] != $row['mod4']) {
sendpm($_SESSION['authid'], $row['mod4'], 'Joinus Anfrage', $mailtxt, -1);
}
if (!loggedin() and $allgAr['forum_regist'] != 0) {
echo $lang['amailhasbeensenttoyouwithmailandpass'] . '<br /><br />';
}
echo sprintf($lang['leaderofxalert'], $row['name']);
}
$design->footer();
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_seller_send_subject', 'trade_seller_send_message', '0', 'System Message');
} elseif ($offlinestatus == STATUS_WAIT_BUYER) {
$user = $tradelog['seller'];
$itemsubject = $tradelog['subject'];
sendpm($tradelog['buyerid'], 'trade_buyer_confirm_subject', 'trade_buyer_confirm_message', '0', 'System Message');
} elseif ($offlinestatus == STATUS_TRADE_SUCCESS) {
$db->query("UPDATE {$tablepre}trades SET lastbuyer='{$tradelog['buyer']}', lastupdate='{$timestamp}', totalitems=totalitems+'{$tradelog['number']}', tradesum=tradesum+'{$tradelog['price']}' WHERE tid='{$tradelog['tid']}' AND pid='{$tradelog['pid']}'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_success_subject', 'trade_success_message', '0', 'System Message');
sendpm($tradelog['buyerid'], 'trade_success_subject', 'trade_success_message', '0', 'System Message');
} elseif ($offlinestatus == STATUS_REFUND_CLOSE) {
$db->query("UPDATE {$tablepre}trades SET amount=amount+'{$tradelog['number']}' WHERE tid='{$tradelog['tid']}' AND pid='{$tradelog['pid']}'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_fefund_success_subject', 'trade_fefund_success_message', '0', 'System Message');
sendpm($tradelog['buyerid'], 'trade_fefund_success_subject', 'trade_fefund_success_message', '0', 'System Message');
}
$message = trim($message);
if ($message) {
$message = daddslashes($tradelog['message'] . "\t\t\t" . $discuz_uid . "\t" . $discuz_user . "\t" . $timestamp . "\t" . nl2br(strip_tags(substr($message, 0, 200))), 1);
} else {
$message = daddslashes($tradelog['message'], 1);
}
$db->query("UPDATE {$tablepre}tradelog SET status='{$offlinestatus}', lastupdate='{$timestamp}', message='{$message}' WHERE orderid='{$orderid}'");
showmessage('trade_orderstatus_updated', 'trade.php?orderid=' . $orderid);
}
if (submitcheck('tradesubmit')) {
if ($tradelog['status'] == 0) {
$update = array();
if ($tradelog['sellerid'] == $discuz_uid) {
$tradelog['baseprice'] = floatval($newprice);
function notifymembers($operation, $variable)
{
extract($GLOBALS, EXTR_SKIP);
if (!empty($current)) {
$subject = $message = '';
if ($settings = $db->result_first("SELECT value FROM {$tablepre}settings WHERE variable='{$variable}'")) {
$settings = unserialize($settings);
$subject = $settings['subject'];
$message = $settings['message'];
}
} else {
$current = 0;
$subject = trim($subject);
$message = trim(str_replace("\t", ' ', $message));
if ($notifymembers && !($subject && $message)) {
cpmsg('members_newsletter_sm_invalid', '', 'error');
}
if ($operation == 'reward') {
$updatesql = '';
if ($updatecredittype == 0) {
if (is_array($addextcredits) && !empty($addextcredits)) {
foreach ($addextcredits as $key => $value) {
$value = intval($value);
if (isset($extcredits[$key]) && !empty($value)) {
$updatesql .= ", extcredits{$key}=extcredits{$key}+({$value})";
}
}
}
} else {
if (is_array($resetextcredits) && !empty($resetextcredits)) {
foreach ($resetextcredits as $key => $value) {
$value = intval($value);
if (isset($extcredits[$key]) && !empty($value)) {
$updatesql .= ", extcredits{$key}=0";
}
}
}
}
if (!empty($updatesql)) {
$db->query("UPDATE {$tablepre}members set uid=uid {$updatesql} WHERE {$conditions}", 'UNBUFFTERED');
} else {
cpmsg('members_reward_invalid', '', 'error');
}
if (!$notifymembers) {
cpmsg('members_reward_succeed', '', 'succeed');
}
} elseif ($operation == 'confermedal') {
$medals = $_POST['medals'];
if (!empty($medals)) {
$medalids = $comma = '';
foreach ($medals as $key => $medalid) {
$medalids .= "{$comma}'{$key}'";
$comma = ',';
}
$medalsnew = $comma = '';
$medalsnewarray = $medalidarray = array();
$query = $db->query("SELECT medalid, expiration FROM {$tablepre}medals WHERE medalid IN ({$medalids}) ORDER BY displayorder");
while ($medal = $db->fetch_array($query)) {
$medal['status'] = empty($medal['expiration']) ? 0 : 1;
$medal['expiration'] = empty($medal['expiration']) ? 0 : $timestamp + $medal['expiration'] * 86400;
$medal['medal'] = $medal['medalid'] . (empty($medal['expiration']) ? '' : '|' . $medal['expiration']);
$medalsnew .= $comma . $medal['medal'];
$medalsnewarray[] = $medal;
$medalidarray[] = $medal['medalid'];
$comma = "\t";
}
$uids = array();
$query = $db->query("SELECT uid FROM {$tablepre}members WHERE {$conditions}");
while ($medaluid = $db->fetch_array($query)) {
$uids[] = $medaluid['uid'];
}
$query = $db->query("SELECT uid, medals FROM {$tablepre}memberfields WHERE uid IN (" . implode(',', $uids) . ")");
while ($medalnew = $db->fetch_array($query)) {
$addmedalnew = '';
if (empty($medalnew['medals'])) {
$addmedalnew = $medalsnew;
} else {
foreach ($medalidarray as $medalid) {
if (!in_array($medalid, explode("\t", $medalnew['medals']))) {
$addmedalnew .= $medalid . "\t";
}
}
$addmedalnew .= $medalnew['medals'];
}
$db->query("UPDATE {$tablepre}memberfields SET medals='" . $addmedalnew . "' WHERE uid='" . $medalnew['uid'] . "'", 'UNBUFFTERED');
foreach ($medalsnewarray as $medalnewarray) {
$db->query("INSERT INTO {$tablepre}medallog (uid, medalid, type, dateline, expiration, status) VALUES ('" . $medalnew['uid'] . "', '" . $medalnewarray['medalid'] . "', '0', '{$timestamp}', '" . $medalnewarray['expiration'] . "', '" . $medalnewarray['status'] . "')");
}
}
}
if (!$notifymembers) {
cpmsg('members_confermedal_succeed', '', 'succeed');
}
}
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('{$variable}', '" . addslashes(serialize(array('subject' => $subject, 'message' => $message))) . "')");
}
$pertask = intval($pertask);
$current = intval($current);
$continue = FALSE;
if (in_array($sendvia, array('pm', 'email'))) {
$query = $db->query("SELECT uid, username, groupid, email FROM {$tablepre}members WHERE {$conditions} LIMIT {$current}, {$pertask}");
while ($member = $db->fetch_array($query)) {
$sendvia == 'pm' ? sendpm($member['uid'], $subject, $message, 0) : sendmail("{$member['username']} <{$member['email']}>", $subject, $message);
$continue = TRUE;
}
}
if ($continue) {
$next = $current + $pertask;
eval("\$lang[members_newsletter_processing] = \"" . $lang['members_newsletter_processing'] . "\";");
cpmsg("{$lang['members_newsletter_send']}: {$lang['members_newsletter_processing']}", "{$BASESCRIPT}?action=members&operation={$operation}&{$operation}submit=yes¤t={$next}&pertask={$pertask}&sendvia=" . rawurlencode($sendvia) . $urladd, 'loading');
} else {
cpmsg('members' . ($operation ? '_' . $operation : '') . '_notify_succeed', '', 'succeed');
}
}
}
$touid =& $_G['collection']['uid'];
$coef = 1;
if ($touid) {
$subject = $message = lang('message', 'collection_recommend_message', array('fromuser' => $_G['username'], 'collectioname' => $_G['collection']['name'], 'url' => $_GET['threadurl']));
if (C::t('home_blacklist')->count_by_uid_buid($touid, $_G['uid'])) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
if ($value = getuserbyuid($touid)) {
require_once libfile('function/friend');
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0);
} else {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
} else {
showmessage('message_bad_touid', '', array(), array('return' => true));
}
} else {
$return = sendpm(0, $subject, $message, '', $pmid, 0);
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED');
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
showmessage('collection_recommend_succ', '', array(), array('alert' => 'right', 'closetime' => true, 'showdialog' => 1));
}
}
}
space_merge($invite, 'field_home');
if (!empty($invite['privacy']['feed']['invite'])) {
require_once libfile('function/feed');
$tite_data = array('username' => '<a href="home.php?mod=space&uid=' . $_G['uid'] . '">' . $_G['username'] . '</a>');
feed_add('friend', 'feed_invite', $tite_data, '', array(), '', array(), array(), '', '', '', 0, 0, '', $invite['uid'], $invite['username']);
}
if ($invite['appid']) {
updatestat('appinvite');
}
}
if ($welcomemsg && !empty($welcomemsgtxt)) {
$welcomtitle = !empty($_G['setting']['welcomemsgtitle']) ? $_G['setting']['welcomemsgtitle'] : "Welcome to " . $_G['setting']['bbname'] . "!";
$welcomtitle = addslashes(replacesitevar($welcomtitle));
$welcomemsgtxt = addslashes(replacesitevar($welcomemsgtxt));
if ($welcomemsg == 1) {
sendpm($uid, $welcomtitle, $welcomemsgtxt, 0);
} elseif ($welcomemsg == 2) {
sendmail_cron($email, $welcomtitle, $welcomemsgtxt);
}
}
if ($fromuid) {
updatecreditbyaction('promotion_register', $fromuid);
dsetcookie('promotion', '');
}
dsetcookie('loginuser', '');
dsetcookie('activationauth', '');
dsetcookie('invite_auth', '');
$regverify = $_G['setting']['regverify'];
loadcache('setting', true);
$_G['setting']['lastmember'] = $username;
save_syscache('setting', $_G['setting']);
/**
* Handles the sending of the forum mailing in batches.
*
* What it does:
* - Called by ?action=admin;area=news;sa=mailingsend
* - Requires the send_mail permission.
* - Redirects to itself when more batches need to be sent.
* - Redirects to ?action=admin after everything has been sent.
*
* @uses the ManageNews template and email_members_send sub template.
* @param bool $clean_only = false; if set, it will only clean the variables, put them in context, then return.
*/
public function action_mailingsend($clean_only = false)
{
global $txt, $context, $scripturl, $modSettings, $user_info;
// A nice successful screen if you did it
if (isset($_REQUEST['success'])) {
$context['sub_template'] = 'email_members_succeeded';
loadTemplate('ManageNews');
return;
}
// If just previewing we prepare a message and return it for viewing
if (isset($_POST['preview'])) {
$context['preview'] = true;
return $this->action_mailingcompose();
}
// How many to send at once? Quantity depends on whether we are queueing or not.
// @todo Might need an interface? (used in Post.controller.php too with different limits)
$num_at_once = empty($modSettings['mail_queue']) ? 60 : 1000;
// If by PM's I suggest we half the above number.
if (!empty($_POST['send_pm'])) {
$num_at_once /= 2;
}
checkSession();
// Where are we actually to?
$context['start'] = isset($_REQUEST['start']) ? (int) $_REQUEST['start'] : 0;
$context['email_force'] = !empty($_POST['email_force']) ? 1 : 0;
$context['send_pm'] = !empty($_POST['send_pm']) ? 1 : 0;
$context['total_emails'] = !empty($_POST['total_emails']) ? (int) $_POST['total_emails'] : 0;
$context['max_id_member'] = !empty($_POST['max_id_member']) ? (int) $_POST['max_id_member'] : 0;
$context['send_html'] = !empty($_POST['send_html']) ? 1 : 0;
$context['parse_html'] = !empty($_POST['parse_html']) ? 1 : 0;
// Create our main context.
$context['recipients'] = array('groups' => array(), 'exclude_groups' => array(), 'members' => array(), 'exclude_members' => array(), 'emails' => array());
// Have we any excluded members?
if (!empty($_POST['exclude_members'])) {
$members = explode(',', $_POST['exclude_members']);
foreach ($members as $member) {
if ($member >= $context['start']) {
$context['recipients']['exclude_members'][] = (int) $member;
}
}
}
// What about members we *must* do?
if (!empty($_POST['members'])) {
$members = explode(',', $_POST['members']);
foreach ($members as $member) {
if ($member >= $context['start']) {
$context['recipients']['members'][] = (int) $member;
}
}
}
// Cleaning groups is simple - although deal with both checkbox and commas.
if (isset($_POST['groups'])) {
if (is_array($_POST['groups'])) {
foreach ($_POST['groups'] as $group => $dummy) {
$context['recipients']['groups'][] = (int) $group;
}
} elseif (trim($_POST['groups']) != '') {
$groups = explode(',', $_POST['groups']);
foreach ($groups as $group) {
$context['recipients']['groups'][] = (int) $group;
}
}
}
// Same for excluded groups
if (isset($_POST['exclude_groups'])) {
if (is_array($_POST['exclude_groups'])) {
foreach ($_POST['exclude_groups'] as $group => $dummy) {
$context['recipients']['exclude_groups'][] = (int) $group;
}
} elseif (trim($_POST['exclude_groups']) != '') {
$groups = explode(',', $_POST['exclude_groups']);
foreach ($groups as $group) {
$context['recipients']['exclude_groups'][] = (int) $group;
}
}
}
// Finally - emails!
if (!empty($_POST['emails'])) {
$addressed = array_unique(explode(';', strtr($_POST['emails'], array("\n" => ';', "\r" => ';', ',' => ';'))));
foreach ($addressed as $curmem) {
$curmem = trim($curmem);
if ($curmem != '') {
$context['recipients']['emails'][$curmem] = $curmem;
}
}
}
// If we're only cleaning drop out here.
if ($clean_only) {
return;
}
// Some functions we will need
require_once SUBSDIR . '/Mail.subs.php';
if ($context['send_pm']) {
require_once SUBSDIR . '/PersonalMessage.subs.php';
}
// We are relying too much on writing to superglobals...
$base_subject = !empty($_POST['subject']) ? $_POST['subject'] : '';
$base_message = !empty($_POST['message']) ? $_POST['message'] : '';
// Save the message and its subject in $context
$context['subject'] = htmlspecialchars($base_subject, ENT_COMPAT, 'UTF-8');
$context['message'] = htmlspecialchars($base_message, ENT_COMPAT, 'UTF-8');
// Prepare the message for sending it as HTML
if (!$context['send_pm'] && !empty($_POST['send_html'])) {
// Prepare the message for HTML.
if (!empty($_POST['parse_html'])) {
$base_message = str_replace(array("\n", ' '), array('<br />' . "\n", ' '), $base_message);
}
// This is here to prevent spam filters from tagging this as spam.
if (preg_match('~\\<html~i', $base_message) == 0) {
if (preg_match('~\\<body~i', $base_message) == 0) {
$base_message = '<html><head><title>' . $base_subject . '</title></head>' . "\n" . '<body>' . $base_message . '</body></html>';
} else {
$base_message = '<html>' . $base_message . '</html>';
}
}
}
if (empty($base_message) || empty($base_subject)) {
$context['preview'] = true;
return $this->action_mailingcompose();
}
// Use the default time format.
$user_info['time_format'] = $modSettings['time_format'];
$variables = array('{$board_url}', '{$current_time}', '{$latest_member.link}', '{$latest_member.id}', '{$latest_member.name}');
// We might need this in a bit
$cleanLatestMember = empty($_POST['send_html']) || $context['send_pm'] ? un_htmlspecialchars($modSettings['latestRealName']) : $modSettings['latestRealName'];
// Replace in all the standard things.
$base_message = str_replace($variables, array(!empty($_POST['send_html']) ? '<a href="' . $scripturl . '">' . $scripturl . '</a>' : $scripturl, standardTime(forum_time(), false), !empty($_POST['send_html']) ? '<a href="' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . '">' . $cleanLatestMember . '</a>' : ($context['send_pm'] ? '[url=' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . ']' . $cleanLatestMember . '[/url]' : $cleanLatestMember), $modSettings['latestMember'], $cleanLatestMember), $base_message);
$base_subject = str_replace($variables, array($scripturl, standardTime(forum_time(), false), $modSettings['latestRealName'], $modSettings['latestMember'], $modSettings['latestRealName']), $base_subject);
$from_member = array('{$member.email}', '{$member.link}', '{$member.id}', '{$member.name}');
// If we still have emails, do them first!
$i = 0;
foreach ($context['recipients']['emails'] as $k => $email) {
// Done as many as we can?
if ($i >= $num_at_once) {
break;
}
// Don't sent it twice!
unset($context['recipients']['emails'][$k]);
// Dammit - can't PM emails!
if ($context['send_pm']) {
continue;
}
$to_member = array($email, !empty($_POST['send_html']) ? '<a href="mailto:' . $email . '">' . $email . '</a>' : $email, '??', $email);
sendmail($email, str_replace($from_member, $to_member, $base_subject), str_replace($from_member, $to_member, $base_message), null, null, !empty($_POST['send_html']), 5);
// Done another...
$i++;
}
// Got some more to send this batch?
$last_id_member = 0;
if ($i < $num_at_once) {
// Need to build quite a query!
$sendQuery = '(';
$sendParams = array();
if (!empty($context['recipients']['groups'])) {
// Take the long route...
$queryBuild = array();
foreach ($context['recipients']['groups'] as $group) {
$sendParams['group_' . $group] = $group;
$queryBuild[] = 'mem.id_group = {int:group_' . $group . '}';
if (!empty($group)) {
$queryBuild[] = 'FIND_IN_SET({int:group_' . $group . '}, mem.additional_groups) != 0';
$queryBuild[] = 'mem.id_post_group = {int:group_' . $group . '}';
}
}
if (!empty($queryBuild)) {
$sendQuery .= implode(' OR ', $queryBuild);
}
}
if (!empty($context['recipients']['members'])) {
$sendQuery .= ($sendQuery == '(' ? '' : ' OR ') . 'mem.id_member IN ({array_int:members})';
$sendParams['members'] = $context['recipients']['members'];
}
$sendQuery .= ')';
// If we've not got a query then we must be done!
if ($sendQuery == '()') {
redirectexit('action=admin');
}
// Anything to exclude?
if (!empty($context['recipients']['exclude_groups']) && in_array(0, $context['recipients']['exclude_groups'])) {
$sendQuery .= ' AND mem.id_group != {int:regular_group}';
}
if (!empty($context['recipients']['exclude_members'])) {
$sendQuery .= ' AND mem.id_member NOT IN ({array_int:exclude_members})';
$sendParams['exclude_members'] = $context['recipients']['exclude_members'];
}
// Force them to have it?
if (empty($context['email_force'])) {
$sendQuery .= ' AND mem.notify_announcements = {int:notify_announcements}';
}
require_once SUBSDIR . '/News.subs.php';
// Get the smelly people - note we respect the id_member range as it gives us a quicker query.
$recipients = getNewsletterRecipients($sendQuery, $sendParams, $context['start'], $num_at_once, $i);
foreach ($recipients as $row) {
$last_id_member = $row['id_member'];
// What groups are we looking at here?
if (empty($row['additional_groups'])) {
$groups = array($row['id_group'], $row['id_post_group']);
} else {
$groups = array_merge(array($row['id_group'], $row['id_post_group']), explode(',', $row['additional_groups']));
}
// Excluded groups?
if (array_intersect($groups, $context['recipients']['exclude_groups'])) {
continue;
}
// We might need this
$cleanMemberName = empty($_POST['send_html']) || $context['send_pm'] ? un_htmlspecialchars($row['real_name']) : $row['real_name'];
// Replace the member-dependant variables
$message = str_replace($from_member, array($row['email_address'], !empty($_POST['send_html']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $cleanMemberName . '</a>' : ($context['send_pm'] ? '[url=' . $scripturl . '?action=profile;u=' . $row['id_member'] . ']' . $cleanMemberName . '[/url]' : $cleanMemberName), $row['id_member'], $cleanMemberName), $base_message);
$subject = str_replace($from_member, array($row['email_address'], $row['real_name'], $row['id_member'], $row['real_name']), $base_subject);
// Send the actual email - or a PM!
if (!$context['send_pm']) {
sendmail($row['email_address'], $subject, $message, null, null, !empty($_POST['send_html']), 5);
} else {
sendpm(array('to' => array($row['id_member']), 'bcc' => array()), $subject, $message);
}
}
}
// If used our batch assume we still have a member.
if ($i >= $num_at_once) {
$last_id_member = $context['start'];
} elseif (empty($last_id_member) && $context['start'] + $num_at_once < $context['max_id_member']) {
$last_id_member = $context['start'] + $num_at_once;
} elseif (empty($last_id_member) && empty($context['recipients']['emails'])) {
// Log this into the admin log.
logAction('newsletter', array(), 'admin');
redirectexit('action=admin;area=news;sa=mailingsend;success');
}
$context['start'] = $last_id_member;
// Working out progress is a black art of sorts.
$percentEmails = $context['total_emails'] == 0 ? 0 : count($context['recipients']['emails']) / $context['total_emails'] * ($context['total_emails'] / ($context['total_emails'] + $context['max_id_member']));
$percentMembers = $context['start'] / $context['max_id_member'] * ($context['max_id_member'] / ($context['total_emails'] + $context['max_id_member']));
$context['percentage_done'] = round(($percentEmails + $percentMembers) * 100, 2);
$context['page_title'] = $txt['admin_newsletters'];
$context['sub_template'] = 'email_members_send';
}
showmessage('task_up_to_limit', 'task.php');
}
require_once DISCUZ_ROOT . './include/tasks/' . $task['scriptname'] . '.inc.php';
$result = task_csc($task);
if ($result === TRUE) {
if ($task['reward']) {
require_once DISCUZ_ROOT . './include/task.func.php';
$rewards = task_reward($task);
if ($task['reward'] == 'magic') {
$magicname = $db->result_first("SELECT name FROM {$tablepre}magics WHERE magicid='{$task['prize']}'");
} elseif ($task['reward'] == 'medal') {
$medalname = $db->result_first("SELECT name FROM {$tablepre}medals WHERE medalid='{$task['prize']}'");
} elseif ($task['reward'] == 'group') {
$grouptitle = $db->result_first("SELECT grouptitle FROM {$tablepre}usergroups WHERE groupid='{$task['prize']}'");
}
sendpm($discuz_uid, 'task_reward_subject', 'task_reward_' . $task['reward'] . '_message', 0);
}
task_sufprocess();
$db->query("UPDATE {$tablepre}mytasks SET status='1', csc='100', dateline='{$timestamp}' WHERE uid='{$discuz_uid}' AND taskid='{$id}'");
$db->query("UPDATE {$tablepre}tasks SET achievers=achievers+1 WHERE taskid='{$id}'", 'UNBUFFERED');
if (!$db->result_first("SELECT COUNT(*) FROM {$tablepre}mytasks WHERE uid='{$discuz_uid}' AND status='0'")) {
$db->query("UPDATE {$tablepre}members SET prompt=prompt^2 WHERE uid='{$discuz_uid}' AND prompt=prompt|2", 'UNBUFFERED');
}
if ($inajax) {
taskmessage('100', $task['reward'] ? 'task_reward_' . $task['reward'] : 'task_completed');
} else {
showmessage('task_completed', 'task.php?item=done');
}
} elseif ($result === FALSE) {
$db->query("UPDATE {$tablepre}mytasks SET status='-1' WHERE uid='{$discuz_uid}' AND taskid='{$id}'", 'UNBUFFERED');
$inajax ? taskmessage('-1', 'task_failed') : showmessage('task_failed', 'task.php?item=failed');
function trade_buy()
{
//Buy An Item available from another user
global $locale, $golddata;
table_top($locale['urg_trade_113']);
if (isset($_POST['id']) && !isNum($_POST['id'])) {
redirect("index.php");
}
//Get information on the item in question
$result = dbquery("SELECT it.*, inv.*, u.user_name as owner_name\n\t\tFROM " . DB_UG3_INVENTORY . " inv\n\t\tLEFT JOIN " . DB_UG3_USAGE . " it ON inv.itemid = it.id\n\t\tLEFT JOIN " . DB_USERS . " u ON inv.ownerid = u.user_id\n\t\tWHERE inv.id = '" . $_GET['id'] . "'\n\t\tLIMIT 1");
if (dbrows($result)) {
$item = dbarray($result);
if ($item['trading'] != 1) {
echo $locale['urg_trade_114'];
print_r($item);
} elseif ($golddata['cash'] < $item['tradecost']) {
echo sprintf($locale['urg_trade_115'], $cost - $golddata['cash']);
} else {
//change item info
$result = dbquery("UPDATE " . DB_UG3_INVENTORY . " SET ownerid = '" . $golddata['owner_id'] . "', amtpaid = '" . $item['tradecost'] . "', trading = '0' WHERE id = '" . $_GET['id'] . "' LIMIT 1");
//decrease user's money
takegold2($golddata['owner_id'], $item['tradecost'], 'cash');
//give money to old owner
payuser($item['owner_id'], $item['tradecost'], 'cash');
//prepare message
$subject = sprintf($locale['urg_trade_116'], $item['name']);
$message = sprintf($locale['urg_trade_117'], $golddata['owner_id'], $golddata['owner_name'], $item['name'], formatMoney($item['tradecost']));
//send
sendpm($item['ownerid'], $subject, $message, $golddata['owner_id'], $golddata['owner_name']);
echo sprintf($locale['urg_trade_118'], $item['name'], $item['owner_name']);
}
} else {
echo $locale['urg_trade_128'];
}
pagerefresh('meta', '2', FUSION_SELF . '?op=trade_start');
closetable();
}
$pmin = 0;
foreach ($_POST['in'] as $k => $v) {
$tmin++;
$pmin += db_result(db_query("SELECT rep FROM prefix_topics WHERE id = " . $k), 0, 0);
db_query("UPDATE `prefix_topics` SET `fid` = " . $_POST['nfid'] . " WHERE id = " . $k);
db_query("UPDATE prefix_posts SET `fid` = " . $_POST['nfid'] . " WHERE tid = " . $k);
# autor benachrichtigen
if (isset($_POST['alertautor']) and $_POST['alertautor'] == 'yes') {
$uid = db_result(db_query("SELECT erstid FROM prefix_posts WHERE tid = " . $k . " ORDER BY id ASC LIMIT 1"), 0);
$top = db_result(db_query("SELECT name FROM prefix_topics WHERE id = " . $k), 0);
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$txt = 'Dein Thema "' . $top . '" wurde von dem Forum "' . $fal . '" in das neue Forum "' . $fne . '" verschoben... ';
$txt .= "\n\n- [url=http://" . $page . "?forum-showposts-" . $k . "]Link zum Thema[/url]";
$txt .= "\n- [url=http://" . $page . "?forum-showtopics-" . $_POST['nfid'] . "]Link zum neuen Forum[/url]";
$txt .= "\n- [url=http://" . $page . "?forum-showtopics-" . $_POST['afid'] . "]Link zum alten Forum[/url]";
sendpm($_SESSION['authid'], $uid, 'Thema verschoben', $txt);
}
}
$pmin = $pmin + $tmin;
$apid = db_result(db_query("SELECT MAX(id) FROM prefix_posts WHERE fid = " . $_POST['afid']), 0);
$npid = db_result(db_query("SELECT MAX(id) FROM prefix_posts WHERE fid = " . $_POST['nfid']), 0);
if (empty($apid)) {
$apid = 0;
}
db_query("UPDATE `prefix_forums` SET last_post_id = " . $apid . ", `posts` = `posts` - " . $pmin . ", `topics` = `topics` - " . $tmin . " WHERE id = " . $_POST['afid']);
db_query("UPDATE `prefix_forums` SET last_post_id = " . $npid . ", `posts` = `posts` + " . $pmin . ", `topics` = `topics` + " . $tmin . " WHERE id = " . $_POST['nfid']);
wd(array('neue Themen Übersicht' => 'index.php?forum-showtopics-' . $_POST['nfid'], 'alte Themen Übersicht' => 'index.php?forum-showtopics-' . $_POST['afid']), 'Thema erfolgreich verschoben', 3);
} elseif ($csrfCheck and (isset($_POST['del']) or isset($_POST['shift']))) {
echo '<form action="index.php?forum-editforum-' . $fid . '" method="POST">';
foreach ($_POST['in'] as $k => $v) {
echo '<input type="hidden" name="in[' . $k . ']" value="' . $v . '" />';
private function _pmSend($res, $data)
{
global $_G;
$touid = (int) $data['toUid'];
$pmid = (int) $data['pmid'];
$_GET['topmuid'] = $touid;
$_POST['message'] = $this->_transMessage($data['msg']);
$_POST['subject'] = '';
$users = array();
$type = 0;
$waittime = interval_check('post');
if ($waittime > 0) {
// showmessage('message_can_not_send_2', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_2'));
}
if (($checkMessage = mobcent_cknewuser()) != '') {
return $this->makeErrorInfo($res, WebUtils::emptyHtml($checkMessage));
}
if (!checkperm('allowsendpm')) {
// showmessage('no_privilege_sendpm', '', array(), array('return' => true));
return $this->makeErrorInfo($res, 'no_privilege_sendpm');
}
if ($touid) {
if (isblacklist($touid)) {
// showmessage('is_blacklist', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'is_blacklist'));
}
}
// !($_G['group']['exempt'] & 1) && checklowerlimit('sendpm', 0, $coef);
$message = (!empty($_POST['messageappend']) ? $_POST['messageappend'] . "\n" : '') . trim($_POST['message']);
if (empty($message)) {
// showmessage('unable_to_send_air_news', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'unable_to_send_air_news'));
}
// $message = censor($message);
loadcache(array('smilies', 'smileytypes'));
foreach ($_G['cache']['smilies']['replacearray'] as $key => $smiley) {
$_G['cache']['smilies']['replacearray'][$key] = '[img]' . $_G['siteurl'] . 'static/image/smiley/' . $_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'] . '/' . $smiley . '[/img]';
}
$message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message);
$subject = '';
if ($type == 1) {
$subject = dhtmlspecialchars(trim($_POST['subject']));
}
include_once libfile('function/friend');
$return = 0;
if ($touid || $pmid) {
if ($touid) {
if ($value = getuserbyuid($touid)) {
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0, $type);
} else {
// showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_onlyfriend'));
}
} else {
// showmessage('message_bad_touid', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_bad_touid'));
}
} else {
$topmuid = intval($_GET['topmuid']);
$return = sendpm($topmuid, $subject, $message, '', $pmid, 0);
}
} elseif ($users) {
$newusers = $uidsarr = $membersarr = array();
if ($users) {
$membersarr = C::t('common_member')->fetch_all_by_username($users);
foreach ($membersarr as $aUsername => $aUser) {
$uidsarr[] = $aUser['uid'];
}
}
if (empty($membersarr)) {
showmessage('message_bad_touser', '', array(), array('return' => true));
}
if (isset($membersarr[$_G['uid']])) {
showmessage('message_can_not_send_to_self', '', array(), array('return' => true));
}
friend_check($uidsarr);
foreach ($membersarr as $key => $value) {
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && $_G['home_friend_' . $value['uid'] . '_' . $_G['uid']]) {
$newusers[$value['uid']] = $value['username'];
unset($users[array_search($value['username'], $users)]);
}
}
if (empty($newusers)) {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
foreach ($newusers as $key => $value) {
if (isblacklist($key)) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
}
$coef = count($newusers);
$return = sendpm(implode(',', $newusers), $subject, $message, '', 0, 1, $type);
} else {
// showmessage('message_can_not_send_9', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_9'));
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP));
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
if (!empty($newusers)) {
if ($type == 1) {
$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
} else {
$returnurl = 'home.php?mod=space&do=pm';
}
showmessage(count($users) ? 'message_send_result' : 'do_success', $returnurl, array('users' => implode(',', $users), 'succeed' => count($newusers)));
} else {
if (!defined('IN_MOBILE')) {
// showmessage('do_success', 'home.php?mod=space&do=pm&subop=view&touid='.$touid, array('pmid' => $return), $_G['inajax'] ? array('msgtype' => 3, 'showmsg' => false) : array());
} else {
// showmessage('do_success', 'home.php?mod=space&do=pm&subop=view'.(intval($_POST['touid']) ? '&touid='.intval($_POST['touid']) : ( intval($_POST['plid']) ? '&plid='.intval($_POST['plid']).'&daterange=1&type=1' : '' )));
}
$res = $this->makeErrorInfo($res, 'do_success', array('noError' => 1, 'alert' => 0));
$msgInfo = uc_pm_viewnode($_G['uid'], $type, $return);
$res['body']['plid'] = (int) $msgInfo['plid'];
$res['body']['pmid'] = (int) $msgInfo['pmid'];
$res['body']['sendTime'] = $msgInfo['dateline'] . '000';
// ios push
UserUtils::pushIOSMessage($touid, 'pm', $_G['username'] . WebUtils::t(' 对 您 说: ') . $message);
}
} else {
if (in_array($return, range(-16, -1))) {
// showmessage('message_can_not_send_'.abs($return));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send_' . abs($return)));
} else {
// showmessage('message_can_not_send', '', array(), array('return' => true));
return $this->makeErrorInfo($res, lang('message', 'message_can_not_send'));
}
}
return $res;
}
include template('forum/collection_recommend');
} else {
if (!$_GET['threadurl']) {
showmessage('collection_recommend_url', '', array(), array('alert' => 'error', 'closetime' => true, 'showdialog' => 1));
}
$touid =& $_G['collection']['uid'];
$coef = 1;
$subject = $message = lang('message', 'collection_recommend_message', array('fromuser' => $_G['username'], 'collectioname' => $_G['collection']['name'], 'url' => $_GET['threadurl']));
if (C::t('home_blacklist')->count_by_uid_buid($touid, $_G['uid'])) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
if ($value = getuserbyuid($touid)) {
require_once libfile('function/friend');
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && friend_check($touid)) {
$return = sendpm($touid, $subject, $message, '', 0, 0);
} else {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
} else {
showmessage('message_bad_touid', '', array(), array('return' => true));
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP), 'UNBUFFERED');
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
showmessage('collection_recommend_succ', '', array(), array('alert' => 'right', 'closetime' => true, 'showdialog' => 1));
}
}
}
function SendMailing($clean_only = false)
{
global $txt, $sourcedir, $context, $smcFunc;
global $scripturl, $modSettings, $user_info;
// How many to send at once? Quantity depends on whether we are queueing or not.
$num_at_once = empty($modSettings['mail_queue']) ? 60 : 1000;
// If by PM's I suggest we half the above number.
if (!empty($_POST['send_pm'])) {
$num_at_once /= 2;
}
checkSession();
// Where are we actually to?
$context['start'] = isset($_REQUEST['start']) ? $_REQUEST['start'] : 0;
$context['email_force'] = !empty($_POST['email_force']) ? 1 : 0;
$context['send_pm'] = !empty($_POST['send_pm']) ? 1 : 0;
$context['total_emails'] = !empty($_POST['total_emails']) ? (int) $_POST['total_emails'] : 0;
$context['max_id_member'] = !empty($_POST['max_id_member']) ? (int) $_POST['max_id_member'] : 0;
$context['send_html'] = !empty($_POST['send_html']) ? '1' : '0';
$context['parse_html'] = !empty($_POST['parse_html']) ? '1' : '0';
// Create our main context.
$context['recipients'] = array('groups' => array(), 'exclude_groups' => array(), 'members' => array(), 'exclude_members' => array(), 'emails' => array());
// Have we any excluded members?
if (!empty($_POST['exclude_members'])) {
$members = explode(',', $_POST['exclude_members']);
foreach ($members as $member) {
if ($member >= $context['start']) {
$context['recipients']['exclude_members'][] = (int) $member;
}
}
}
// What about members we *must* do?
if (!empty($_POST['members'])) {
$members = explode(',', $_POST['members']);
foreach ($members as $member) {
if ($member >= $context['start']) {
$context['recipients']['members'][] = (int) $member;
}
}
}
// Cleaning groups is simple - although deal with both checkbox and commas.
if (!empty($_POST['groups'])) {
if (is_array($_POST['groups'])) {
foreach ($_POST['groups'] as $group => $dummy) {
$context['recipients']['groups'][] = (int) $group;
}
} else {
$groups = explode(',', $_POST['groups']);
foreach ($groups as $group) {
$context['recipients']['groups'][] = (int) $group;
}
}
}
// Same for excluded groups
if (!empty($_POST['exclude_groups'])) {
if (is_array($_POST['exclude_groups'])) {
foreach ($_POST['exclude_groups'] as $group => $dummy) {
$context['recipients']['exclude_groups'][] = (int) $group;
}
} else {
$groups = explode(',', $_POST['exclude_groups']);
foreach ($groups as $group) {
$context['recipients']['exclude_groups'][] = (int) $group;
}
}
}
// Finally - emails!
if (!empty($_POST['emails'])) {
$addressed = array_unique(explode(';', strtr($_POST['emails'], array("\n" => ';', "\r" => ';', ',' => ';'))));
foreach ($addressed as $curmem) {
$curmem = trim($curmem);
if ($curmem != '') {
$context['recipients']['emails'][$curmem] = $curmem;
}
}
}
// If we're only cleaning drop out here.
if ($clean_only) {
return;
}
require_once $sourcedir . '/Subs-Post.php';
// Save the message and its subject in $context
$context['subject'] = htmlspecialchars($_POST['subject']);
$context['message'] = htmlspecialchars($_POST['message']);
// Prepare the message for sending it as HTML
if (!$context['send_pm'] && !empty($_POST['send_html'])) {
// Prepare the message for HTML.
if (!empty($_POST['parse_html'])) {
$_POST['message'] = str_replace(array("\n", ' '), array('<br />' . "\n", ' '), $_POST['message']);
}
// This is here to prevent spam filters from tagging this as spam.
if (preg_match('~\\<html~i', $_POST['message']) == 0) {
if (preg_match('~\\<body~i', $_POST['message']) == 0) {
$_POST['message'] = '<html><head><title>' . $_POST['subject'] . '</title></head>' . "\n" . '<body>' . $_POST['message'] . '</body></html>';
} else {
$_POST['message'] = '<html>' . $_POST['message'] . '</html>';
}
}
}
// Use the default time format.
$user_info['time_format'] = $modSettings['time_format'];
$variables = array('{$board_url}', '{$current_time}', '{$latest_member.link}', '{$latest_member.id}', '{$latest_member.name}');
// We might need this in a bit
$cleanLatestMember = empty($_POST['send_html']) || $context['send_pm'] ? un_htmlspecialchars($modSettings['latestRealName']) : $modSettings['latestRealName'];
// Replace in all the standard things.
$_POST['message'] = str_replace($variables, array(!empty($_POST['send_html']) ? '<a href="' . $scripturl . '">' . $scripturl . '</a>' : $scripturl, timeformat(forum_time(), false), !empty($_POST['send_html']) ? '<a href="' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . '">' . $cleanLatestMember . '</a>' : ($context['send_pm'] ? '[url=' . $scripturl . '?action=profile;u=' . $modSettings['latestMember'] . ']' . $cleanLatestMember . '[/url]' : $cleanLatestMember), $modSettings['latestMember'], $cleanLatestMember), $_POST['message']);
$_POST['subject'] = str_replace($variables, array($scripturl, timeformat(forum_time(), false), $modSettings['latestRealName'], $modSettings['latestMember'], $modSettings['latestRealName']), $_POST['subject']);
$from_member = array('{$member.email}', '{$member.link}', '{$member.id}', '{$member.name}');
// If we still have emails, do them first!
$i = 0;
foreach ($context['recipients']['emails'] as $k => $email) {
// Done as many as we can?
if ($i >= $num_at_once) {
break;
}
// Don't sent it twice!
unset($context['recipients']['emails'][$k]);
// Dammit - can't PM emails!
if ($context['send_pm']) {
continue;
}
$to_member = array($email, !empty($_POST['send_html']) ? '<a href="mailto:' . $email . '">' . $email . '</a>' : $email, '??', $email);
sendmail($email, str_replace($from_member, $to_member, $_POST['subject']), str_replace($from_member, $to_member, $_POST['message']), null, null, !empty($_POST['send_html']), 5);
// Done another...
$i++;
}
// Got some more to send this batch?
$last_id_member = 0;
if ($i < $num_at_once) {
// Need to build quite a query!
$sendQuery = '(';
$sendParams = array();
if (!empty($context['recipients']['groups'])) {
// Take the long route...
$queryBuild = array();
foreach ($context['recipients']['groups'] as $group) {
$sendParams['group_' . $group] = $group;
$queryBuild[] = 'mem.id_group = {int:group_' . $group . '}';
if (!empty($group)) {
$queryBuild[] = 'FIND_IN_SET({int:group_' . $group . '}, mem.additional_groups) != 0';
$queryBuild[] = 'mem.id_post_group = {int:group_' . $group . '}';
}
}
if (!empty($queryBuild)) {
$sendQuery .= implode(' OR ', $queryBuild);
}
}
if (!empty($context['recipients']['members'])) {
$sendQuery .= ($sendQuery == '(' ? '' : ' OR ') . 'mem.id_member IN ({array_int:members})';
$sendParams['members'] = $context['recipients']['members'];
}
$sendQuery .= ')';
// If we've not got a query then we must be done!
if ($sendQuery == '()') {
redirectexit('action=admin');
}
// Anything to exclude?
if (!empty($context['recipients']['exclude_groups']) && in_array(0, $context['recipients']['exclude_groups'])) {
$sendQuery .= ' AND mem.id_group != {int:regular_group}';
}
if (!empty($context['recipients']['exclude_members'])) {
$sendQuery .= ' AND mem.id_member NOT IN ({array_int:exclude_members})';
$sendParams['exclude_members'] = $context['recipients']['exclude_members'];
}
// Force them to have it?
if (empty($context['email_force'])) {
$sendQuery .= ' AND mem.notify_announcements = {int:notify_announcements}';
}
// Get the smelly people - note we respect the id_member range as it gives us a quicker query.
$result = $smcFunc['db_query']('', '
SELECT mem.id_member, mem.email_address, mem.real_name, mem.id_group, mem.additional_groups, mem.id_post_group
FROM {db_prefix}members AS mem
WHERE mem.id_member > {int:min_id_member}
AND mem.id_member < {int:max_id_member}
AND ' . $sendQuery . '
AND mem.is_activated = {int:is_activated}
ORDER BY mem.id_member ASC
LIMIT {int:atonce}', array_merge($sendParams, array('min_id_member' => $context['start'], 'max_id_member' => $context['start'] + $num_at_once - $i, 'atonce' => $num_at_once - $i, 'regular_group' => 0, 'notify_announcements' => 1, 'is_activated' => 1)));
while ($row = $smcFunc['db_fetch_assoc']($result)) {
$last_id_member = $row['id_member'];
// What groups are we looking at here?
if (empty($row['additional_groups'])) {
$groups = array($row['id_group'], $row['id_post_group']);
} else {
$groups = array_merge(array($row['id_group'], $row['id_post_group']), explode(',', $row['additional_groups']));
}
// Excluded groups?
if (array_intersect($groups, $context['recipients']['exclude_groups'])) {
continue;
}
// We might need this
$cleanMemberName = empty($_POST['send_html']) || $context['send_pm'] ? un_htmlspecialchars($row['real_name']) : $row['real_name'];
// Replace the member-dependant variables
$message = str_replace($from_member, array($row['email_address'], !empty($_POST['send_html']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $cleanMemberName . '</a>' : ($context['send_pm'] ? '[url=' . $scripturl . '?action=profile;u=' . $row['id_member'] . ']' . $cleanMemberName . '[/url]' : $cleanMemberName), $row['id_member'], $cleanMemberName), $_POST['message']);
$subject = str_replace($from_member, array($row['email_address'], $row['real_name'], $row['id_member'], $row['real_name']), $_POST['subject']);
// Send the actual email - or a PM!
if (!$context['send_pm']) {
sendmail($row['email_address'], $subject, $message, null, null, !empty($_POST['send_html']), 5);
} else {
sendpm(array('to' => array($row['id_member']), 'bcc' => array()), $subject, $message);
}
}
$smcFunc['db_free_result']($result);
}
// If used our batch assume we still have a member.
if ($i >= $num_at_once) {
$last_id_member = $context['start'];
} elseif (empty($last_id_member) && $context['start'] + $num_at_once < $context['max_id_member']) {
$last_id_member = $context['start'] + $num_at_once;
} elseif (empty($last_id_member) && empty($context['recipients']['emails'])) {
// Log this into the admin log.
logAction('newsletter', array(), 'admin');
redirectexit('action=admin');
}
$context['start'] = $last_id_member;
// Working out progress is a black art of sorts.
$percentEmails = $context['total_emails'] == 0 ? 0 : count($context['recipients']['emails']) / $context['total_emails'] * ($context['total_emails'] / ($context['total_emails'] + $context['max_id_member']));
$percentMembers = $context['start'] / $context['max_id_member'] * ($context['max_id_member'] / ($context['total_emails'] + $context['max_id_member']));
$context['percentage_done'] = round(($percentEmails + $percentMembers) * 100, 2);
$context['page_title'] = $txt['admin_newsletters'];
$context['sub_template'] = 'email_members_send';
}
function issueWarning($memID)
{
global $txt, $scripturl, $modSettings, $user_info, $mbname;
global $context, $cur_profile, $memberContext, $smcFunc, $sourcedir;
// Get all the actual settings.
list($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
// This stores any legitimate errors.
$issueErrors = array();
// Doesn't hurt to be overly cautious.
if (empty($modSettings['warning_enable']) || $context['user']['is_owner'] && !$cur_profile['warning'] || !allowedTo('issue_warning')) {
fatal_lang_error('no_access', false);
}
// Make sure things which are disabled stay disabled.
$modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
$modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
$modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
$context['warning_limit'] = allowedTo('admin_forum') ? 0 : $modSettings['user_limit'];
$context['member']['warning'] = $cur_profile['warning'];
$context['member']['name'] = $cur_profile['real_name'];
// What are the limits we can apply?
$context['min_allowed'] = 0;
$context['max_allowed'] = 100;
if ($context['warning_limit'] > 0) {
// Make sure we cannot go outside of our limit for the day.
$request = $smcFunc['db_query']('', '
SELECT SUM(counter)
FROM {db_prefix}log_comments
WHERE id_recipient = {int:selected_member}
AND id_member = {int:current_member}
AND comment_type = {string:warning}
AND log_time > {int:day_time_period}', array('current_member' => $user_info['id'], 'selected_member' => $memID, 'day_time_period' => time() - 86400, 'warning' => 'warning'));
list($current_applied) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$context['min_allowed'] = max(0, $cur_profile['warning'] - $current_applied - $context['warning_limit']);
$context['max_allowed'] = min(100, $cur_profile['warning'] - $current_applied + $context['warning_limit']);
}
// Defaults.
$context['warning_data'] = array('reason' => '', 'notify' => '', 'notify_subject' => '', 'notify_body' => '');
// Are we saving?
if (isset($_POST['save'])) {
// Security is good here.
checkSession('post');
// This cannot be empty!
$_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : '';
if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) {
$issueErrors[] = 'warning_no_reason';
}
$_POST['warn_reason'] = $smcFunc['htmlspecialchars']($_POST['warn_reason']);
// If the value hasn't changed it's either no JS or a real no change (Which this will pass)
if ($_POST['warning_level'] == 'SAME') {
$_POST['warning_level'] = $_POST['warning_level_nojs'];
}
$_POST['warning_level'] = (int) $_POST['warning_level'];
$_POST['warning_level'] = max(0, min(100, $_POST['warning_level']));
if ($_POST['warning_level'] < $context['min_allowed']) {
$_POST['warning_level'] = $context['min_allowed'];
} elseif ($_POST['warning_level'] > $context['max_allowed']) {
$_POST['warning_level'] = $context['max_allowed'];
}
// Do we actually have to issue them with a PM?
$id_notice = 0;
if (!empty($_POST['warn_notify']) && empty($issueErrors)) {
$_POST['warn_sub'] = trim($_POST['warn_sub']);
$_POST['warn_body'] = trim($_POST['warn_body']);
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
} else {
require_once $sourcedir . '/Subs-Post.php';
$from = array('id' => 0, 'name' => $context['forum_name'], 'username' => $context['forum_name']);
sendpm(array('to' => array($memID), 'bcc' => array()), $_POST['warn_sub'], $_POST['warn_body'], false, $from);
// Log the notice!
$smcFunc['db_insert']('', '{db_prefix}log_member_notices', array('subject' => 'string-255', 'body' => 'string-65534'), array($smcFunc['htmlspecialchars']($_POST['warn_sub']), $smcFunc['htmlspecialchars']($_POST['warn_body'])), array('id_notice'));
$id_notice = $smcFunc['db_insert_id']('{db_prefix}log_member_notices', 'id_notice');
}
}
// Just in case - make sure notice is valid!
$id_notice = (int) $id_notice;
// What have we changed?
$level_change = $_POST['warning_level'] - $cur_profile['warning'];
// No errors? Proceed! Only log if you're not the owner.
if (empty($issueErrors)) {
// Log what we've done!
if (!$context['user']['is_owner']) {
$smcFunc['db_insert']('', '{db_prefix}log_comments', array('id_member' => 'int', 'member_name' => 'string', 'comment_type' => 'string', 'id_recipient' => 'int', 'recipient_name' => 'string-255', 'log_time' => 'int', 'id_notice' => 'int', 'counter' => 'int', 'body' => 'string-65534'), array($user_info['id'], $user_info['name'], 'warning', $memID, $cur_profile['real_name'], time(), $id_notice, $level_change, $_POST['warn_reason']), array('id_comment'));
}
// Make the change.
updateMemberData($memID, array('warning' => $_POST['warning_level']));
// Leave a lovely message.
$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
} else {
// Get the base stuff done.
loadLanguage('Errors');
$context['custom_error_title'] = $txt['profile_warning_errors_occured'];
// Fill in the suite of errors.
$context['post_errors'] = array();
foreach ($issueErrors as $error) {
$context['post_errors'][] = $txt[$error];
}
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '');
}
// Show the new improved warning level.
$context['member']['warning'] = $_POST['warning_level'];
}
$context['page_title'] = $txt['profile_issue_warning'];
// Work our the various levels.
$context['level_effects'] = array(0 => $txt['profile_warning_effect_none'], $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], $modSettings['warning_mute'] => $txt['profile_warning_effect_mute']);
$context['current_level'] = 0;
foreach ($context['level_effects'] as $limit => $dummy) {
if ($context['member']['warning'] >= $limit) {
$context['current_level'] = $limit;
}
}
// Load up all the old warnings - count first!
$context['total_warnings'] = list_getUserWarningCount($memID);
// Make the page index.
$context['start'] = (int) $_REQUEST['start'];
$perPage = (int) $modSettings['defaultMaxMessages'];
$context['page_index'] = constructPageIndex($scripturl . '?action=profile;u=' . $memID . ';area=issuewarning', $context['start'], $context['total_warnings'], $perPage);
// Now do the data itself.
$context['previous_warnings'] = list_getUserWarnings($context['start'], $perPage, 'log_time DESC', $memID);
// Are they warning because of a message?
if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) {
$request = $smcFunc['db_query']('', '
SELECT subject
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
WHERE id_msg = {int:message}
AND {query_see_board}
LIMIT 1', array('message' => (int) $_REQUEST['msg']));
if ($smcFunc['db_num_rows']($request) != 0) {
$context['warning_for_message'] = (int) $_REQUEST['msg'];
list($context['warned_message_subject']) = $smcFunc['db_fetch_row']($request);
}
$smcFunc['db_free_result']($request);
}
// Didn't find the message?
if (empty($context['warning_for_message'])) {
$context['warning_for_message'] = 0;
$context['warned_message_subject'] = '';
}
// Any custom templates?
$context['notification_templates'] = array();
$request = $smcFunc['db_query']('', '
SELECT recipient_name AS template_title, body
FROM {db_prefix}log_comments
WHERE comment_type = {string:warntpl}
AND (id_recipient = {int:generic} OR id_recipient = {int:current_member})', array('warntpl' => 'warntpl', 'generic' => 0, 'current_member' => $user_info['id']));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// If we're not warning for a message skip any that are.
if (!$context['warning_for_message'] && strpos($row['body'], '{MESSAGE}') !== false) {
continue;
}
$context['notification_templates'][] = array('title' => $row['template_title'], 'body' => $row['body']);
}
$smcFunc['db_free_result']($request);
// Setup the "default" templates.
foreach (array('spamming', 'offence', 'insulting') as $type) {
$context['notification_templates'][] = array('title' => $txt['profile_warning_notify_title_' . $type], 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($context['warning_for_message']) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]));
}
// Replace all the common variables in the templates.
foreach ($context['notification_templates'] as $k => $name) {
$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $context['warning_for_message'] . ']' . un_htmlspecialchars($context['warned_message_subject']) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => $txt['regards_team']));
}
}
function ReportMessage()
{
global $txt, $context, $scripturl, $sourcedir, $db_prefix, $ID_MEMBER;
global $user_info, $language, $modSettings, $func;
// Check that this feature is even enabled!
if (empty($modSettings['enableReportPM']) || empty($_REQUEST['pmsg'])) {
fatal_lang_error(1, false);
}
$context['pm_id'] = (int) $_REQUEST['pmsg'];
$context['page_title'] = $txt['pm_report_title'];
// If we're here, just send the user to the template, with a few useful context bits.
if (!isset($_REQUEST['report'])) {
$context['sub_template'] = 'report_message';
// !!! I don't like being able to pick who to send it to. Favoritism, etc. sucks.
// Now, get all the administrators.
$request = db_query("\n\t\t\tSELECT ID_MEMBER, realName\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE ID_GROUP = 1 OR FIND_IN_SET(1, additionalGroups)\n\t\t\tORDER BY realName", __FILE__, __LINE__);
$context['admins'] = array();
while ($row = mysql_fetch_assoc($request)) {
$context['admins'][$row['ID_MEMBER']] = $row['realName'];
}
mysql_free_result($request);
// How many admins in total?
$context['admin_count'] = count($context['admins']);
} else {
// First, pull out the message contents, and verify it actually went to them!
$request = db_query("\n\t\t\tSELECT pm.subject, pm.body, pm.msgtime, pm.ID_MEMBER_FROM, IFNULL(m.realName, pm.fromName) AS senderName\n\t\t\tFROM ({$db_prefix}personal_messages AS pm, {$db_prefix}pm_recipients AS pmr)\n\t\t\t\tLEFT JOIN {$db_prefix}members AS m ON (m.ID_MEMBER = pm.ID_MEMBER_FROM)\n\t\t\tWHERE pm.ID_PM = {$context['pm_id']}\n\t\t\t\tAND pmr.ID_PM = pm.ID_PM\n\t\t\t\tAND pmr.ID_MEMBER = {$ID_MEMBER}\n\t\t\t\tAND pmr.deleted = 0\n\t\t\tLIMIT 1", __FILE__, __LINE__);
// Can only be a hacker here!
if (mysql_num_rows($request) == 0) {
fatal_lang_error(1, false);
}
list($subject, $body, $time, $memberFromID, $memberFromName) = mysql_fetch_row($request);
mysql_free_result($request);
// Remove the line breaks...
$body = preg_replace('~<br( /)?' . '>~i', "\n", $body);
// Get any other recipients of the email.
$request = db_query("\n\t\t\tSELECT mem_to.ID_MEMBER AS ID_MEMBER_TO, mem_to.realName AS toName, pmr.bcc\n\t\t\tFROM {$db_prefix}pm_recipients AS pmr\n\t\t\t\tLEFT JOIN {$db_prefix}members AS mem_to ON (mem_to.ID_MEMBER = pmr.ID_MEMBER)\n\t\t\tWHERE pmr.ID_PM = {$context['pm_id']}\n\t\t\t\tAND pmr.ID_MEMBER != {$ID_MEMBER}", __FILE__, __LINE__);
$recipients = array();
$hidden_recipients = 0;
while ($row = mysql_fetch_assoc($request)) {
// If it's hidden still don't reveal their names - privacy after all ;)
if ($row['bcc']) {
$hidden_recipients++;
} else {
$recipients[] = '[url=' . $scripturl . '?action=profile;u=' . $row['ID_MEMBER_TO'] . ']' . $row['toName'] . '[/url]';
}
}
mysql_free_result($request);
if ($hidden_recipients) {
$recipients[] = sprintf($txt['pm_report_pm_hidden'], $hidden_recipients);
}
// Now let's get out and loop through the admins.
$request = db_query("\n\t\t\tSELECT ID_MEMBER, realName, lngfile\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE (ID_GROUP = 1 OR FIND_IN_SET(1, additionalGroups))\n\t\t\t\t" . (empty($_REQUEST['ID_ADMIN']) ? '' : 'AND ID_MEMBER = ' . (int) $_REQUEST['ID_ADMIN']) . "\n\t\t\tORDER BY lngfile", __FILE__, __LINE__);
// Maybe we shouldn't advertise this?
if (mysql_num_rows($request) == 0) {
fatal_lang_error(1, false);
}
$memberFromName = un_htmlspecialchars($memberFromName);
// Prepare the message storage array.
$messagesToSend = array();
// Loop through each admin, and add them to the right language pile...
while ($row = mysql_fetch_assoc($request)) {
// Need to send in the correct language!
$cur_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
if (!isset($messagesToSend[$cur_language])) {
if (loadLanguage('PersonalMessage', $cur_language, false) === false) {
loadLanguage('InstantMessage', $cur_language);
}
// Make the body.
$report_body = str_replace(array('{REPORTER}', '{SENDER}'), array(un_htmlspecialchars($user_info['name']), $memberFromName), $txt['pm_report_pm_user_sent']);
// !!! I don't think this handles slashes in the reason properly.
$report_body .= stripslashes("\n[b]{$_REQUEST['reason']}[/b]\n\n");
if (!empty($recipients)) {
$report_body .= $txt['pm_report_pm_other_recipients'] . " " . implode(', ', $recipients) . "\n\n";
}
$report_body .= $txt['pm_report_pm_unedited_below'] . "\n[quote author=" . (empty($memberFromID) ? '"' . $memberFromName . '"' : $memberFromName . ' link=action=profile;u=' . $memberFromID . ' date=' . $time) . "]\n" . un_htmlspecialchars($body) . '[/quote]';
// Plonk it in the array ;)
$messagesToSend[$cur_language] = array('subject' => addslashes(($func['strpos']($subject, $txt['pm_report_pm_subject']) === false ? $txt['pm_report_pm_subject'] : '') . $subject), 'body' => addslashes($report_body), 'recipients' => array('to' => array(), 'bcc' => array()));
}
// Add them to the list.
$messagesToSend[$cur_language]['recipients']['to'][$row['ID_MEMBER']] = $row['ID_MEMBER'];
}
mysql_free_result($request);
// Send a different email for each language.
foreach ($messagesToSend as $lang => $message) {
sendpm($message['recipients'], $message['subject'], $message['body']);
}
// Give the user their own language back!
if (!empty($modSettings['userLanguage'])) {
if (loadLanguage('PersonalMessage', '', false) === false) {
loadLanguage('InstantMessage');
}
}
// Leave them with a template.
$context['sub_template'] = 'report_message_complete';
}
}
if (!is_array($ucresult) || $ucresult[0] < 1) {
showmessage('group_demise_password_error');
}
$user = getuserbyuid($suid);
loadcache('usergroup_' . $user['groupid']);
$allowbuildgroup = $_G['cache']['usergroup_' . $user['groupid']]['allowbuildgroup'];
if ($allowbuildgroup > 0) {
$groupnum = DB::result_first("SELECT COUNT(*) FROM " . DB::table('forum_forumfield') . " WHERE founderuid='{$suid}'");
}
if (empty($allowbuildgroup) || $allowbuildgroup - $groupnum < 1) {
showmessage('group_demise_receiver_cannot_do');
}
DB::query("UPDATE " . DB::table('forum_forumfield') . " SET founderuid='{$suid}', foundername='{$user['username']}' WHERE fid='{$_G['fid']}'");
DB::query("UPDATE " . DB::table('forum_groupuser') . " SET level='1' WHERE fid='{$_G['fid']}' AND uid='{$suid}'");
update_groupmoderators($_G['fid']);
sendpm($suid, lang('group/misc', 'group_demise_message_title', array('forum' => $_G['forum']['name'])), lang('group/misc', 'group_demise_message_body', array('forum' => $_G['forum']['name'], 'siteurl' => $_G['siteurl'], 'fid' => $_G['fid'])), $_G['uid']);
showmessage('group_demise_succeed', 'forum.php?mod=group&action=manage&fid=' . $_G['fid']);
}
} else {
showmessage('group_demise_founder_only');
}
} else {
showmessage('undefined_action');
}
include template('diy:group/group:' . $_G['fid']);
} elseif ($action == 'recommend') {
if (!$_G['forum']['ismoderator'] || !in_array($_G['adminid'], array(1, 2))) {
showmessage('group_admin_noallowed');
}
if (submitcheck('grouprecommend')) {
if ($_G['gp_recommend'] != $_G['forum']['recommend']) {
function donate_item_send()
{
global $userdata, $locale, $settings, $golddata;
if (!isset($_POST['giftid'])) {
header("location:" . BASEDIR);
exit;
}
if (!isset($_POST['membername'])) {
header("location:" . BASEDIR);
exit;
}
$giftid = stripinput($_POST['giftid']);
$membername = stripinput($_POST['membername']);
$result = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_name='" . $membername . "' LIMIT 1");
$exist = dbrows($result);
table_top(sprintf($locale['urg_donate_104'], UGLD_GOLDTEXT));
echo "<div>\n";
if ($exist != 0) {
$result = dbquery("SELECT inv.ownerid, inv.itemid, it.name FROM " . DB_UG3_INVENTORY . " AS inv, " . DB_UG3_USAGE . " AS it WHERE inv.id = '" . $giftid . "' AND it.id = inv.itemid");
$rowItem = dbarray($result);
if ($rowItem['ownerid'] !== $userdata['user_id']) {
die($locale['urg_donate_123']);
}
$result = dbquery("SELECT g.owner_id\n\t\t\tFROM " . DB_UG3 . " g\n\t\t\tLEFT JOIN " . DB_USERS . " u ON g.owner_id = u.user_id\n\t\t\tWHERE u.user_name='" . $membername . "'\n\t\t\tLIMIT 1");
//$result = dbquery("SELECT owner_id FROM ".DB_UG3." WHERE owner_name='".$membername."' LIMIT 1");
$rowNewOwner = dbarray($result);
$result = dbquery("SELECT g.owner_id, u.user_name as owner_name\n\t\t\tFROM " . DB_UG3 . " g\n\t\t\tLEFT JOIN " . DB_USERS . " u ON g.owner_id = u.user_id\n\t\t\tWHERE g.owner_id = '" . $userdata['user_id'] . "'\n\t\t\tLIMIT 1");
//$result = dbquery("SELECT owner_name, owner_id FROM ".DB_UG3." WHERE owner_id='".$userdata['user_id']."' LIMIT 1");
$rowCurrOwner = dbarray($result);
if ($rowNewOwner['owner_id'] == $rowCurrOwner['owner_id']) {
echo $locale['urg_donate_124'];
} else {
$result = dbquery("UPDATE " . DB_UG3_INVENTORY . " SET ownerid = '" . $rowNewOwner['owner_id'] . "' WHERE id = '" . $giftid . "' LIMIT 1");
$subject = sprintf($locale['urg_donate_125'], $rowCurrOwner['owner_name']);
$message = sprintf($locale['urg_donate_126'], $rowCurrOwner['owner_name'], $rowItem['name'], stripinput($_POST['message']), $settings['siteusername']);
payuser($golddata['owner_id'], '5', 'karma');
sendpm($rowNewOwner['owner_id'], $subject, $message, $rowCurrOwner['owner_id'], $rowCurrOwner['owner_name']);
echo $locale['urg_donate_127'];
}
} else {
echo $locale['urg_donate_132'];
}
echo "</div>\n";
pagerefresh('meta', 3, FUSION_SELF . '?op=donate_item_start');
closetable();
}
$pid = intval($order['pid']);
$order = daddslashes($order, 1);
$db->query("INSERT INTO {$tablepre}tradecomments (pid, orderid, type, raterid, rater, ratee, rateeid, score, message, dateline) VALUES ('{$pid}', '{$orderid}', '{$type}', '{$discuz_uid}', '{$discuz_user}', '{$order[$ratee]}', '{$order[$rateeid]}', '{$score}', '{$message}', '{$timestamp}')");
if (!$order['offline']) {
if ($db->result_first("SELECT COUNT(score) FROM {$tablepre}tradecomments WHERE raterid='{$discuz_uid}' AND type='{$type}'") < $ec_credit['maxcreditspermonth']) {
updateusercredit($uid, $type ? 'sellercredit' : 'buyercredit', $level);
}
}
if ($type == 0) {
$ratestatus = $order['ratestatus'] == 2 ? 3 : 1;
} else {
$ratestatus = $order['ratestatus'] == 1 ? 3 : 2;
}
$db->query("UPDATE {$tablepre}tradelog SET ratestatus='{$ratestatus}' WHERE orderid='{$order['orderid']}'");
if ($ratestatus != 3) {
sendpm($order[$rateeid], 'eccredit_subject', 'eccredit_message', '0', 'System Message');
}
showmessage('eccredit_succees');
}
} elseif ($action == 'explain' && $id) {
$id = intval($id);
if (!submitcheck('explainsubmit', 1)) {
include template('ec_explain');
} else {
$comment = $db->fetch_first("SELECT explanation, dateline FROM {$tablepre}tradecomments WHERE id='{$id}' AND rateeid='{$discuz_uid}'");
if (!$comment) {
showmessage('eccredit_nofound');
} elseif ($comment['explanation']) {
showmessage('eccredit_reexplanation_repeat');
} elseif ($comment['dateline'] < $timestamp - 30 * 86400) {
showmessage('eccredit_reexplanation_closed');
function admineditmoney()
{
// Saves the changes done to the users account by admin
global $userdata, $locale, $aidlink;
$userid = stripinput($_POST['userid']);
$username = stripinput($_POST['username']);
$money_pocket = stripinput($_POST['money_pocket']);
$money_bank = stripinput($_POST['money_bank']);
$chips = stripinput($_POST['chips']);
$karma = stripinput($_POST['karma']);
$ribbon = stripinput($_POST['ribbon']);
opentable($locale['urg_a_inventry_100'], '');
echo "<div align='center'>\n";
$context['shop_inventory_search'] = 2;
$result = dbquery("UPDATE " . DB_UG3 . " SET cash = '" . $money_pocket . "', bank = '" . $money_bank . "', chips = '" . $chips . "', karma = '" . $karma . "', ribbon = '" . $ribbon . "' WHERE owner_id = '" . $userid . "' LIMIT 1");
echo sprintf($locale['urg_a_inventry_124'], $username, $money_pocket, $money_bank, $chips, $karma, $ribbon);
echo "<form action='index.php" . $aidlink . "&op=viewmember' method='post'>\n";
echo "<input name='searchfor' class='textbox' type='hidden' value='" . $username . "' />\n";
echo "<input type='submit' class='button' value='" . $locale['urg_a_inventry_125'] . "' />\n";
echo "</form>\n";
$subject = $locale['urg_a_inventry_126'];
$message = sprintf($locale['urg_a_inventry_127'], $userdata['user_name'], $money_pocket, $money_bank, $chips, $karma, $ribbon);
sendpm($userid, $subject, $message, ${$userdata}['user_id'], $userdata['user_name']);
echo "</div>\n";
closetable();
}
showmessage('activity_choice_applicant', "viewthread.php?tid={$tid}&do=viewapplylist");
} else {
$uidarray = array();
$ids = implode('\',\'', $applyidarray);
$query = $db->query("SELECT a.uid FROM {$tablepre}activityapplies a RIGHT JOIN {$tablepre}members m USING(uid) WHERE a.applyid IN ('{$ids}')");
while ($uid = $db->fetch_array($query)) {
$uidarray[] = $uid['uid'];
}
$activity_subject = $thread['subject'];
if ($operation == 'delete') {
$db->query("DELETE FROM {$tablepre}activityapplies WHERE applyid IN ('{$ids}')", 'UNBUFFERED');
sendpm(implode(',', $uidarray), 'activity_delete_subject', 'activity_delete_message', $fromid = '0', $from = 'System Message');
showmessage('activity_delete_completion', "viewthread.php?tid={$tid}&do=viewapplylist");
} else {
$db->query("UPDATE {$tablepre}activityapplies SET verified=1 WHERE applyid IN ('{$ids}')", 'UNBUFFERED');
sendpm(implode(',', $uidarray), 'activity_apply_subject', 'activity_apply_message', $fromid = '0', $from = 'System Message');
showmessage('activity_auditing_completion', "viewthread.php?tid={$tid}&do=viewapplylist");
}
}
}
} elseif ($action == 'tradeorder') {
$trades = array();
$query = $db->query("SELECT * FROM {$tablepre}trades WHERE tid='{$tid}' ORDER BY displayorder");
if ($thread['authorid'] != $discuz_uid) {
showmessage('undefined_action', NULL, 'HALTED');
}
if (!submitcheck('tradesubmit')) {
$stickcount = 0;
$trades = $tradesstick = array();
while ($trade = $db->fetch_array($query)) {
$stickcount = $trade['displayorder'] > 0 ? $stickcount + 1 : $stickcount;
$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
if ($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || $value['onlyacceptfriendpm'] == 1 && $_G['home_friend_' . $value['uid'] . '_' . $_G['uid']]) {
$newusers[$value['uid']] = $value['username'];
unset($users[array_search($value['username'], $users)]);
}
}
if (empty($newusers)) {
showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
}
foreach ($newusers as $key => $value) {
if (isblacklist($key)) {
showmessage('is_blacklist', '', array(), array('return' => true));
}
}
$coef = count($newusers);
$return = sendpm(implode(',', $newusers), $subject, $message, '', 0, 1, $type);
} else {
showmessage('message_can_not_send_9', '', array(), array('return' => true));
}
if ($return > 0) {
include_once libfile('function/stat');
updatestat('sendpm', 0, $coef);
C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP));
!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
if (!empty($newusers)) {
if ($type == 1) {
$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
} else {
$returnurl = 'home.php?mod=space&do=pm';
}
showmessage(count($users) ? 'message_send_result' : 'do_success', $returnurl, array('users' => implode(',', $users), 'succeed' => count($newusers)));
if (!defined('IN_DISCUZ')) {
exit('Access Denied');
}
if ($adminid != 1) {
showmessage("您无此权限,请用管理员帐号登陆。");
}
if ($operation) {
##给用户发短信息,通知其爱墙号被删
$query = $db->query("SELECT `uid`, `id` FROM `" . $tablepre . "lovewall` WHERE `id` IN ('" . implode('\',\'', $moderate) . "')");
while ($delrow = $db->fetch_array($query)) {
$duid = $delrow['uid'];
$subject = "被删除祝福的号码";
$message = "您好,您在爱墙发布的祝福因为违规已经被删除。\r\n被删除的祝福号码:" . $delrow['id'];
$fromid = $lovepmid ? $lovepmid : 0;
$from = $lovepmname ? $lovepmname : $bbname;
sendpm($duid, $subject, $message, $fromid, $from);
}
$db->query("DELETE FROM `" . $tablepre . "lovewall` WHERE `id` IN ('" . implode('\',\'', $moderate) . "')");
loveidcache();
for ($i = 1; $i < $lovek; $i++) {
@unlink(DISCUZ_ROOT . "./extend/lovewall/cache_lovewall_{$i}.php");
}
}
$tpp = 25;
$page = empty($page) || !intval($page) ? 1 : $page;
$start_limit = ($page - 1) * $tpp;
$query = $db->query("select COUNT(*) from `" . $tablepre . "lovewall`");
$qcount = $db->result($query, 0);
$multipage = multi($qcount, $tpp, $page, "lovewall.php?index=listmsg", $threadmaxpages);
$query = $db->query("select * FROM `" . $tablepre . "lovewall` ORDER BY `id` desc limit {$start_limit},{$tpp}");
while ($rowlove = $db->fetch_array($query)) {
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_seller_send_subject', 'trade_seller_send_message', 0);
} elseif ($offlinestatus == STATUS_WAIT_BUYER) {
$user = $tradelog['seller'];
$itemsubject = $tradelog['subject'];
sendpm($tradelog['buyerid'], 'trade_buyer_confirm_subject', 'trade_buyer_confirm_message', 0);
} elseif ($offlinestatus == STATUS_TRADE_SUCCESS) {
$db->query("UPDATE {$tablepre}trades SET lastbuyer='{$tradelog['buyer']}', lastupdate='{$timestamp}', totalitems=totalitems+'{$tradelog['number']}', tradesum=tradesum+'{$tradelog['price']}' WHERE tid='{$tradelog['tid']}' AND pid='{$tradelog['pid']}'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_success_subject', 'trade_success_message', 0);
sendpm($tradelog['buyerid'], 'trade_success_subject', 'trade_success_message', 0);
} elseif ($offlinestatus == STATUS_REFUND_CLOSE) {
$db->query("UPDATE {$tablepre}trades SET amount=amount+'{$tradelog['number']}' WHERE tid='{$tradelog['tid']}' AND pid='{$tradelog['pid']}'", 'UNBUFFERED');
$itemsubject = $tradelog['subject'];
sendpm($tradelog['sellerid'], 'trade_fefund_success_subject', 'trade_fefund_success_message', 0);
sendpm($tradelog['buyerid'], 'trade_fefund_success_subject', 'trade_fefund_success_message', 0);
}
$message = trim($message);
if ($message) {
$message = daddslashes($tradelog['message'] . "\t\t\t" . $discuz_uid . "\t" . $discuz_user . "\t" . $timestamp . "\t" . nl2br(strip_tags(substr($message, 0, 200))), 1);
} else {
$message = daddslashes($tradelog['message'], 1);
}
$db->query("UPDATE {$tablepre}tradelog SET status='{$offlinestatus}', lastupdate='{$timestamp}', message='{$message}' WHERE orderid='{$orderid}'");
showmessage('trade_orderstatus_updated', 'trade.php?orderid=' . $orderid);
}
if (submitcheck('tradesubmit')) {
if ($tradelog['status'] == 0) {
$update = array();
if ($tradelog['sellerid'] == $discuz_uid) {
$tradelog['baseprice'] = floatval($newprice);
/**
* Issue/manage an user's warning status.
* @uses ProfileAccount template issueWarning sub template
* @uses Profile template
*/
public function action_issuewarning()
{
global $txt, $scripturl, $modSettings, $mbname, $context, $cur_profile;
$memID = currentMemberID();
// make sure the sub-template is set...
loadTemplate('ProfileAccount');
$context['sub_template'] = 'issueWarning';
// We need this because of template_load_warning_variables
loadTemplate('Profile');
loadJavascriptFile('profile.js');
// jQuery-UI FTW!
$modSettings['jquery_include_ui'] = true;
loadCSSFile('jquery.ui.slider.css');
loadCSSFile('jquery.ui.theme.css');
// Get all the actual settings.
list($modSettings['warning_enable'], $modSettings['user_limit']) = explode(',', $modSettings['warning_settings']);
// This stores any legitimate errors.
$issueErrors = array();
// Doesn't hurt to be overly cautious.
if (empty($modSettings['warning_enable']) || $context['user']['is_owner'] && !$cur_profile['warning'] || !allowedTo('issue_warning')) {
fatal_lang_error('no_access', false);
}
// Get the base (errors related) stuff done.
loadLanguage('Errors');
$context['custom_error_title'] = $txt['profile_warning_errors_occurred'];
// Make sure things which are disabled stay disabled.
$modSettings['warning_watch'] = !empty($modSettings['warning_watch']) ? $modSettings['warning_watch'] : 110;
$modSettings['warning_moderate'] = !empty($modSettings['warning_moderate']) && !empty($modSettings['postmod_active']) ? $modSettings['warning_moderate'] : 110;
$modSettings['warning_mute'] = !empty($modSettings['warning_mute']) ? $modSettings['warning_mute'] : 110;
$context['warning_limit'] = allowedTo('admin_forum') ? 0 : $modSettings['user_limit'];
$context['member']['warning'] = $cur_profile['warning'];
$context['member']['name'] = $cur_profile['real_name'];
// What are the limits we can apply?
$context['min_allowed'] = 0;
$context['max_allowed'] = 100;
if ($context['warning_limit'] > 0) {
require_once SUBSDIR . '/Moderation.subs.php';
$current_applied = warningDailyLimit($memID);
$context['min_allowed'] = max(0, $cur_profile['warning'] - $current_applied - $context['warning_limit']);
$context['max_allowed'] = min(100, $cur_profile['warning'] - $current_applied + $context['warning_limit']);
}
// Defaults.
$context['warning_data'] = array('reason' => '', 'notify' => '', 'notify_subject' => '', 'notify_body' => '');
// Are we saving?
if (isset($_POST['save'])) {
// Security is good here.
checkSession('post');
// This cannot be empty!
$_POST['warn_reason'] = isset($_POST['warn_reason']) ? trim($_POST['warn_reason']) : '';
if ($_POST['warn_reason'] == '' && !$context['user']['is_owner']) {
$issueErrors[] = 'warning_no_reason';
}
$_POST['warn_reason'] = Util::htmlspecialchars($_POST['warn_reason']);
// If the value hasn't changed it's either no JS or a real no change (Which this will pass)
if ($_POST['warning_level'] == 'SAME') {
$_POST['warning_level'] = $_POST['warning_level_nojs'];
}
$_POST['warning_level'] = (int) $_POST['warning_level'];
$_POST['warning_level'] = max(0, min(100, $_POST['warning_level']));
if ($_POST['warning_level'] < $context['min_allowed']) {
$_POST['warning_level'] = $context['min_allowed'];
} elseif ($_POST['warning_level'] > $context['max_allowed']) {
$_POST['warning_level'] = $context['max_allowed'];
}
require_once SUBSDIR . '/Moderation.subs.php';
// Do we actually have to issue them with a PM?
$id_notice = 0;
if (!empty($_POST['warn_notify']) && empty($issueErrors)) {
$_POST['warn_sub'] = trim($_POST['warn_sub']);
$_POST['warn_body'] = trim($_POST['warn_body']);
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
} else {
require_once SUBSDIR . '/PersonalMessage.subs.php';
$from = array('id' => 0, 'name' => $context['forum_name'], 'username' => $context['forum_name']);
sendpm(array('to' => array($memID), 'bcc' => array()), $_POST['warn_sub'], $_POST['warn_body'], false, $from);
// Log the notice.
$id_notice = logWarningNotice($_POST['warn_sub'], $_POST['warn_body']);
}
}
// Just in case - make sure notice is valid!
$id_notice = (int) $id_notice;
// What have we changed?
$level_change = $_POST['warning_level'] - $cur_profile['warning'];
// No errors? Proceed! Only log if you're not the owner.
if (empty($issueErrors)) {
// Log what we've done!
if (!$context['user']['is_owner']) {
logWarning($memID, $cur_profile['real_name'], $id_notice, $level_change, $_POST['warn_reason']);
}
// Make the change.
updateMemberData($memID, array('warning' => $_POST['warning_level']));
// Leave a lovely message.
$context['profile_updated'] = $context['user']['is_owner'] ? $txt['profile_updated_own'] : $txt['profile_warning_success'];
} else {
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '');
}
// Show the new improved warning level.
$context['member']['warning'] = $_POST['warning_level'];
}
// Taking a look first, good idea that one.
if (isset($_POST['preview'])) {
$warning_body = !empty($_POST['warn_body']) ? trim(censorText($_POST['warn_body'])) : '';
$context['preview_subject'] = !empty($_POST['warn_sub']) ? trim(Util::htmlspecialchars($_POST['warn_sub'])) : '';
if (empty($_POST['warn_sub']) || empty($_POST['warn_body'])) {
$issueErrors[] = 'warning_notify_blank';
}
if (!empty($_POST['warn_body'])) {
require_once SUBSDIR . '/Post.subs.php';
preparsecode($warning_body);
$warning_body = parse_bbc($warning_body, true);
}
// Try to remember some bits.
$context['warning_data'] = array('reason' => $_POST['warn_reason'], 'notify' => !empty($_POST['warn_notify']), 'notify_subject' => isset($_POST['warn_sub']) ? $_POST['warn_sub'] : '', 'notify_body' => isset($_POST['warn_body']) ? $_POST['warn_body'] : '', 'body_preview' => $warning_body);
}
if (!empty($issueErrors)) {
// Fill in the suite of errors.
$context['post_errors'] = array();
foreach ($issueErrors as $error) {
$context['post_errors'][] = $txt[$error];
}
}
$context['page_title'] = $txt['profile_issue_warning'];
// Let's use a generic list to get all the current warnings
require_once SUBSDIR . '/GenericList.class.php';
require_once SUBSDIR . '/Profile.subs.php';
// Work our the various levels.
$context['level_effects'] = array(0 => $txt['profile_warning_effect_none'], $modSettings['warning_watch'] => $txt['profile_warning_effect_watch'], $modSettings['warning_moderate'] => $txt['profile_warning_effect_moderation'], $modSettings['warning_mute'] => $txt['profile_warning_effect_mute']);
$context['current_level'] = 0;
foreach ($context['level_effects'] as $limit => $dummy) {
if ($context['member']['warning'] >= $limit) {
$context['current_level'] = $limit;
}
}
// Build a list to view the warnings
$listOptions = array('id' => 'issued_warnings', 'title' => $txt['profile_viewwarning_previous_warnings'], 'items_per_page' => $modSettings['defaultMaxMessages'], 'no_items_label' => $txt['profile_viewwarning_no_warnings'], 'base_href' => $scripturl . '?action=profile;area=issuewarning;sa=user;u=' . $memID, 'default_sort_col' => 'log_time', 'get_items' => array('function' => 'list_getUserWarnings', 'params' => array($memID)), 'get_count' => array('function' => 'list_getUserWarningCount', 'params' => array($memID)), 'columns' => array('issued_by' => array('header' => array('value' => $txt['profile_warning_previous_issued'], 'style' => 'width: 20%;'), 'data' => array('function' => create_function('$warning', '
return $warning[\'issuer\'][\'link\'];
')), 'sort' => array('default' => 'lc.member_name DESC', 'reverse' => 'lc.member_name')), 'log_time' => array('header' => array('value' => $txt['profile_warning_previous_time'], 'style' => 'width: 30%;'), 'data' => array('db' => 'time'), 'sort' => array('default' => 'lc.log_time DESC', 'reverse' => 'lc.log_time')), 'reason' => array('header' => array('value' => $txt['profile_warning_previous_reason']), 'data' => array('function' => create_function('$warning', '
global $scripturl, $txt, $settings;
$ret = \'
<div class="floatleft">
\' . $warning[\'reason\'] . \'
</div>\';
// If a notice was sent, provide a way to view it
if (!empty($warning[\'id_notice\']))
$ret .= \'
<div class="floatright">
<a href="\' . $scripturl . \'?action=moderate;area=notice;nid=\' . $warning[\'id_notice\'] . \'" onclick="window.open(this.href, \\\'\\\', \\\'scrollbars=yes,resizable=yes,width=400,height=250\\\');return false;" target="_blank" class="new_win" title="\' . $txt[\'profile_warning_previous_notice\'] . \'"><img src="\' . $settings[\'images_url\'] . \'/filter.png" alt="" /></a>
</div>\';
return $ret;'))), 'level' => array('header' => array('value' => $txt['profile_warning_previous_level'], 'style' => 'width: 6%;'), 'data' => array('db' => 'counter'), 'sort' => array('default' => 'lc.counter DESC', 'reverse' => 'lc.counter'))));
// Create the list for viewing.
createList($listOptions);
$warning_for_message = isset($_REQUEST['msg']) ? (int) $_REQUEST['msg'] : false;
$warned_message_subject = '';
// Are they warning because of a message?
if (isset($_REQUEST['msg']) && 0 < (int) $_REQUEST['msg']) {
require_once SUBSDIR . '/Messages.subs.php';
$message = basicMessageInfo((int) $_REQUEST['msg']);
if (!empty($message)) {
$warned_message_subject = $message['subject'];
}
}
require_once SUBSDIR . '/Maillist.subs.php';
// Any custom templates?
$context['notification_templates'] = array();
$notification_templates = maillist_templates('warntpl');
foreach ($notification_templates as $row) {
// If we're not warning for a message skip any that are.
if (!$warning_for_message && strpos($row['body'], '{MESSAGE}') !== false) {
continue;
}
$context['notification_templates'][] = array('title' => $row['title'], 'body' => $row['body']);
}
// Setup the "default" templates.
foreach (array('spamming', 'offence', 'insulting') as $type) {
$context['notification_templates'][] = array('title' => $txt['profile_warning_notify_title_' . $type], 'body' => sprintf($txt['profile_warning_notify_template_outline' . (!empty($warning_for_message) ? '_post' : '')], $txt['profile_warning_notify_for_' . $type]));
}
// Replace all the common variables in the templates.
foreach ($context['notification_templates'] as $k => $name) {
$context['notification_templates'][$k]['body'] = strtr($name['body'], array('{MEMBER}' => un_htmlspecialchars($context['member']['name']), '{MESSAGE}' => '[url=' . $scripturl . '?msg=' . $warning_for_message . ']' . un_htmlspecialchars($warned_message_subject) . '[/url]', '{SCRIPTURL}' => $scripturl, '{FORUMNAME}' => $mbname, '{REGARDS}' => replaceBasicActionUrl($txt['regards_team'])));
}
}
/**
* Shows the contact form for the user to fill out
* Needs to be enabled to be used
*/
public function action_contact()
{
global $context, $txt, $user_info, $modSettings;
// Already inside, no need to use this, just send a PM
// Disabled, you cannot enter.
if (!$user_info['is_guest'] || empty($modSettings['enable_contactform']) || $modSettings['enable_contactform'] == 'disabled') {
redirectexit();
}
loadLanguage('Login');
loadTemplate('Register');
if (isset($_REQUEST['send'])) {
checkSession('post');
validateToken('contact');
spamProtection('contact');
// No errors, yet.
$context['errors'] = array();
loadLanguage('Errors');
// Could they get the right send topic verification code?
require_once SUBSDIR . '/VerificationControls.class.php';
require_once SUBSDIR . '/Members.subs.php';
// form validation
require_once SUBSDIR . '/DataValidator.class.php';
$validator = new Data_Validator();
$validator->sanitation_rules(array('emailaddress' => 'trim', 'contactmessage' => 'trim|Util::htmlspecialchars'));
$validator->validation_rules(array('emailaddress' => 'required|valid_email', 'contactmessage' => 'required'));
$validator->text_replacements(array('emailaddress' => $txt['error_email'], 'contactmessage' => $txt['error_message']));
// Any form errors
if (!$validator->validate($_POST)) {
$context['errors'] = $validator->validation_errors();
}
// How about any verification errors
$verificationOptions = array('id' => 'contactform');
$context['require_verification'] = create_control_verification($verificationOptions, true);
if (is_array($context['require_verification'])) {
foreach ($context['require_verification'] as $error) {
$context['errors'][] = $txt['error_' . $error];
}
}
// No errors, then send the PM to the admins
if (empty($context['errors'])) {
$admins = admins();
if (!empty($admins)) {
require_once SUBSDIR . '/PersonalMessage.subs.php';
sendpm(array('to' => array_keys($admins), 'bcc' => array()), $txt['contact_subject'], $_REQUEST['contactmessage'], false, array('id' => 0, 'name' => $validator->emailaddress, 'username' => $validator->emailaddress));
}
// Send the PM
redirectexit('action=contact;sa=done');
} else {
$context['emailaddress'] = $validator->emailaddress;
$context['contactmessage'] = $validator->contactmessage;
}
}
if (isset($_GET['sa']) && $_GET['sa'] == 'done') {
$context['sub_template'] = 'contact_form_done';
} else {
$context['sub_template'] = 'contact_form';
$context['page_title'] = $txt['admin_contact_form'];
require_once SUBSDIR . '/VerificationControls.class.php';
$verificationOptions = array('id' => 'contactform');
$context['require_verification'] = create_control_verification($verificationOptions);
$context['visual_verification_id'] = $verificationOptions['id'];
}
createToken('contact');
}
showmessage('credits_net_amount_iszero');
}
$member = $db->fetch_first("SELECT uid, username FROM {$tablepre}members WHERE username='******'");
if (!$member) {
showmessage('credits_transfer_send_nonexistence');
} elseif ($member['uid'] == $discuz_uid) {
showmessage('credits_transfer_self');
}
$creditsarray[$creditstrans] = -$amount;
updatecredits($discuz_uid, $creditsarray);
$db->query("UPDATE {$tablepre}members SET extcredits{$creditstrans}=extcredits{$creditstrans}+'{$netamount}' WHERE uid='{$member['uid']}'");
$db->query("INSERT INTO {$tablepre}creditslog (uid, fromto, sendcredits, receivecredits, send, receive, dateline, operation)\r\n\t\t\t\t\tVALUES ('{$discuz_uid}', '" . addslashes($member['username']) . "', '{$creditstrans}', '{$creditstrans}', '{$amount}', '0', '{$timestamp}', 'TFR'),\r\n\t\t\t\t\t('{$member['uid']}', '{$discuz_user}', '{$creditstrans}', '{$creditstrans}', '0', '{$netamount}', '{$timestamp}', 'RCV')");
if (!empty($transfermessage)) {
$transfermessage = stripslashes($transfermessage);
$transfertime = gmdate($GLOBALS['_DCACHE']['settings']['dateformat'] . ' ' . $GLOBALS['_DCACHE']['settings']['timeformat'], $timestamp + $timeoffset * 3600);
sendpm($member['uid'], 'transfer_subject', 'transfer_message', 0);
}
showmessage('credits_transaction_succeed', '', 1);
}
} else {
showmessage('action_closed', NULL, 'HALTED');
}
} elseif (submitcheck('exchangesubmit')) {
if (($exchangestatus || $outextcredits) && $outextcredits[$tocredits] || $extcredits[$fromcredits]['ratio'] && $extcredits[$tocredits]['ratio']) {
if (!submitcheck('confirm')) {
$outexange = strexists($tocredits, '|');
if ($outexange) {
$netamount = floor($exchangeamount * $outextcredits[$tocredits]['ratiosrc'][${'fromcredits_' . $outi}] / $outextcredits[$tocredits]['ratiodesc'][${'fromcredits_' . $outi}]);
$fromcredits = ${'fromcredits_' . $outi};
} else {
if ($extcredits[$tocredits]['ratio'] < $extcredits[$fromcredits]['ratio']) {
updatepostcredits('+', $authoridarray, $creditspolicy['post']);
}
$db->query("UPDATE {$tablepre}posts SET invisible='0' WHERE tid IN ({$tids})");
$db->query("UPDATE {$tablepre}threads SET displayorder='0', moderated='1' WHERE tid IN ({$tids})");
$threadsmod = $db->affected_rows();
updateforumcount($fid);
updatemodworks('MOD', $threadsmod);
updatemodlog($tids, 'MOD');
}
}
if ($pmlist) {
foreach ($pmlist as $pm) {
$reason = $pm['reason'];
$threadsubject = $pm['thread'];
$tid = intval($pm['tid']);
sendpm($pm['authorid'], $pm['act'] . 'subject', $pm['act'] . 'message', 0);
}
}
showmessage('modcp_mod_succeed', "{$cpscript}?action={$action}&op={$op}&filter={$filter}&fid={$fid}");
}
$modcount = $db->result_first("SELECT COUNT(*) FROM {$tablepre}threads WHERE " . ($modfidsadd ? " {$modfidsadd} AND " : '') . " displayorder='{$pstat}'");
$multipage = multi($modcount, $tpp, $page, "{$cpscript}?action={$action}&op={$op}&filter={$filter}&fid={$fid}");
if ($modcount) {
$query = $db->query("SELECT t.tid, t.fid, t.author, t.sortid, t.authorid, t.subject as tsubject, t.dateline, t.attachment,\r\n\t\t\tp.pid, p.message, p.useip, p.attachment\r\n\t\t\tFROM {$tablepre}threads t\r\n\t\t\tLEFT JOIN {$tablepre}posts p ON p.tid=t.tid AND p.first = 1\r\n\t\t\tWHERE " . ($modfidsadd ? " t.{$modfidsadd} AND " : '') . " t.displayorder='{$pstat}'\r\n\t\t\tORDER BY t.dateline DESC LIMIT {$start_limit}, {$tpp}");
while ($thread = $db->fetch_array($query)) {
$thread['id'] = $thread['tid'];
if ($thread['authorid'] && $thread['author'] != '') {
$thread['author'] = "<a href=\"space.php?uid={$thread['authorid']}\" target=\"_blank\">{$thread['author']}</a>";
} elseif ($thread['authorid']) {
$thread['author'] = "<a href=\"space.php?uid={$thread['authorid']}\" target=\"_blank\">UID {$thread['uid']}</a>";
} else {
/**
* Allows the user to report a personal message to an administrator.
*
* - In the first instance requires that the ID of the message to report is passed through $_GET.
* - It allows the user to report to either a particular administrator - or the whole admin team.
* - It will forward on a copy of the original message without allowing the reporter to make changes.
*
* @uses report_message sub-template.
*/
function ReportMessage()
{
global $txt, $context, $scripturl, $sourcedir;
global $user_info, $language, $modSettings, $smcFunc;
// Check that this feature is even enabled!
if (empty($modSettings['enableReportPM']) || empty($_REQUEST['pmsg'])) {
fatal_lang_error('no_access', false);
}
$pmsg = (int) $_REQUEST['pmsg'];
if (!isAccessiblePM($pmsg, 'inbox')) {
fatal_lang_error('no_access', false);
}
$context['pm_id'] = $pmsg;
$context['page_title'] = $txt['pm_report_title'];
// If we're here, just send the user to the template, with a few useful context bits.
if (!isset($_POST['report'])) {
$context['sub_template'] = 'report_message';
// @todo I don't like being able to pick who to send it to. Favoritism, etc. sucks.
// Now, get all the administrators.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name
FROM {db_prefix}members
WHERE id_group = {int:admin_group} OR FIND_IN_SET({int:admin_group}, additional_groups) != 0
ORDER BY real_name', array('admin_group' => 1));
$context['admins'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['admins'][$row['id_member']] = $row['real_name'];
}
$smcFunc['db_free_result']($request);
// How many admins in total?
$context['admin_count'] = count($context['admins']);
} else {
// Check the session before proceeding any further!
checkSession('post');
// First, pull out the message contents, and verify it actually went to them!
$request = $smcFunc['db_query']('', '
SELECT pm.subject, pm.body, pm.msgtime, pm.id_member_from, IFNULL(m.real_name, pm.from_name) AS sender_name
FROM {db_prefix}personal_messages AS pm
INNER JOIN {db_prefix}pm_recipients AS pmr ON (pmr.id_pm = pm.id_pm)
LEFT JOIN {db_prefix}members AS m ON (m.id_member = pm.id_member_from)
WHERE pm.id_pm = {int:id_pm}
AND pmr.id_member = {int:current_member}
AND pmr.deleted = {int:not_deleted}
LIMIT 1', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id'], 'not_deleted' => 0));
// Can only be a hacker here!
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
list($subject, $body, $time, $memberFromID, $memberFromName) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
// Remove the line breaks...
$body = preg_replace('~<br ?/?' . '>~i', "\n", $body);
// Get any other recipients of the email.
$request = $smcFunc['db_query']('', '
SELECT mem_to.id_member AS id_member_to, mem_to.real_name AS to_name, pmr.bcc
FROM {db_prefix}pm_recipients AS pmr
LEFT JOIN {db_prefix}members AS mem_to ON (mem_to.id_member = pmr.id_member)
WHERE pmr.id_pm = {int:id_pm}
AND pmr.id_member != {int:current_member}', array('current_member' => $user_info['id'], 'id_pm' => $context['pm_id']));
$recipients = array();
$hidden_recipients = 0;
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// If it's hidden still don't reveal their names - privacy after all ;)
if ($row['bcc']) {
$hidden_recipients++;
} else {
$recipients[] = '[url=' . $scripturl . '?action=profile;u=' . $row['id_member_to'] . ']' . $row['to_name'] . '[/url]';
}
}
$smcFunc['db_free_result']($request);
if ($hidden_recipients) {
$recipients[] = sprintf($txt['pm_report_pm_hidden'], $hidden_recipients);
}
// Now let's get out and loop through the admins.
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name, lngfile
FROM {db_prefix}members
WHERE (id_group = {int:admin_id} OR FIND_IN_SET({int:admin_id}, additional_groups) != 0)
' . (empty($_POST['id_admin']) ? '' : 'AND id_member = {int:specific_admin}') . '
ORDER BY lngfile', array('admin_id' => 1, 'specific_admin' => isset($_POST['id_admin']) ? (int) $_POST['id_admin'] : 0));
// Maybe we shouldn't advertise this?
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_access', false);
}
$memberFromName = un_htmlspecialchars($memberFromName);
// Prepare the message storage array.
$messagesToSend = array();
// Loop through each admin, and add them to the right language pile...
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Need to send in the correct language!
$cur_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
if (!isset($messagesToSend[$cur_language])) {
loadLanguage('PersonalMessage', $cur_language, false);
// Make the body.
$report_body = str_replace(array('{REPORTER}', '{SENDER}'), array(un_htmlspecialchars($user_info['name']), $memberFromName), $txt['pm_report_pm_user_sent']);
$report_body .= "\n" . '[b]' . $_POST['reason'] . '[/b]' . "\n\n";
if (!empty($recipients)) {
$report_body .= $txt['pm_report_pm_other_recipients'] . ' ' . implode(', ', $recipients) . "\n\n";
}
$report_body .= $txt['pm_report_pm_unedited_below'] . "\n" . '[quote author=' . (empty($memberFromID) ? '"' . $memberFromName . '"' : $memberFromName . ' link=action=profile;u=' . $memberFromID . ' date=' . $time) . ']' . "\n" . un_htmlspecialchars($body) . '[/quote]';
// Plonk it in the array ;)
$messagesToSend[$cur_language] = array('subject' => ($smcFunc['strpos']($subject, $txt['pm_report_pm_subject']) === false ? $txt['pm_report_pm_subject'] : '') . un_htmlspecialchars($subject), 'body' => $report_body, 'recipients' => array('to' => array(), 'bcc' => array()));
}
// Add them to the list.
$messagesToSend[$cur_language]['recipients']['to'][$row['id_member']] = $row['id_member'];
}
$smcFunc['db_free_result']($request);
// Send a different email for each language.
foreach ($messagesToSend as $lang => $message) {
sendpm($message['recipients'], $message['subject'], $message['body']);
}
// Give the user their own language back!
if (!empty($modSettings['userLanguage'])) {
loadLanguage('PersonalMessage', '', false);
}
// Leave them with a template.
$context['sub_template'] = 'report_message_complete';
}
}
function BuddyAdd()
{
global $smcFunc, $sourcedir, $txt, $context, $scripturl, $language, $modSettings;
checkSession('get');
$_GET['u'] = (int) $_GET['u'];
$request = $smcFunc['db_query']('', '
SELECT approved
FROM {db_prefix}buddies
WHERE id_member = {int:id_member}
AND buddy_id = {int:buddy_id}', array('id_member' => $context['user']['id'], 'buddy_id' => $_GET['u']));
if ($smcFunc['db_num_rows']($request) > 0) {
fatal_error($txt['buddy_already_added'], false);
}
$request = $smcFunc['db_query']('', '
SELECT real_name
FROM {db_prefix}members
WHERE id_member = {int:id_member}', array('id_member' => $_GET['u']));
if ($smcFunc['db_num_rows']($request) < 1) {
redirectexit();
}
// Find the new position.
$request = $smcFunc['db_query']('', 'SELECT position
FROM {db_prefix}buddies
WHERE id_member = {int:id_member}
ORDER BY position DESC
LIMIT 1', array('id_member' => $context['user']['id']));
list($position) = $smcFunc['db_fetch_row']($request);
$position = $position + 1;
$smcFunc['db_insert']('normal', '{db_prefix}buddies', array('id_member' => 'int', 'buddy_id' => 'int', 'approved' => 'int', 'position' => 'int', 'time_updated' => 'int', 'requested' => 'int'), array('id_member' => $context['user']['id'], 'buddy_id' => $_GET['u'], 'approved' => '0', 'position' => $position, 'time_updated' => time(), 'requested' => $context['user']['id']), array());
$request = $smcFunc['db_query']('', '
SELECT position
FROM {db_prefix}buddies
WHERE id_member = {int:id_member}
ORDER BY position DESC
LIMIT 1', array('id_member' => $_GET['u']));
list($position) = $smcFunc['db_fetch_row']($request);
$position = $position + 1;
$smcFunc['db_insert']('normal', '{db_prefix}buddies', array('buddy_id' => 'int', 'id_member' => 'int', 'approved' => 'int', 'position' => 'int', 'time_updated' => 'int', 'requested' => 'int'), array('buddy_id' => $context['user']['id'], 'id_member' => $_GET['u'], 'approved' => '0', 'position' => $position, 'time_updated' => time(), 'requested' => $context['user']['id']), array());
// Let's notify the user.
$request = $smcFunc['db_query']('', '
SELECT lngfile
FROM {db_prefix}members
WHERE id_member = {int:id_member}', array('id_member' => $_GET['u']));
list($user_language) = $smcFunc['db_fetch_row']($request);
loadLanguage('Maximumprofile', empty($user_language) || empty($modSettings['userLanguage']) ? $language : $user_language, false);
require_once $sourcedir . '/Subs-Post.php';
sendpm(array('to' => array($_GET['u']), 'bcc' => array()), sprintf($txt['buddy_notif_new_subject'], $context['user']['name']), sprintf($txt['buddy_notif_new_body'], $context['user']['name'], $scripturl . '?action=profile;area=lists;sa=buddies;u=' . $_GET['u']), false, array('id' => 0, 'name' => $txt['Maximum_notif_com_user'], 'username' => $txt['Maximum_notif_com_user']));
redirectexit('action=profile;u=' . $_GET['u']);
}
