if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . $userdata['user_id'] . "'")) {
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level, mo.pm_email_notify, s.pm_inbox, COUNT(message_id) as message_count\n\t\t\t\tFROM " . DB_USERS . " u\n\t\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " mo USING(user_id)\n\t\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " s ON s.user_id='0'\n\t\t\t\tLEFT JOIN " . DB_MESSAGES . " ON message_to=u.user_id AND message_folder='0'\n\t\t\t\tWHERE u.user_id='" . $_GET['msg_send'] . "' GROUP BY u.user_id");
if (dbrows($result)) {
$data = dbarray($result);
if ($data['user_id'] != $userdata['user_id']) {
if ($data['user_id'] == 1 || $data['user_level'] > 101 || $data['pm_inbox'] == "0" || $data['message_count'] + 1 <= $data['pm_inbox']) {
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('" . $data['user_id'] . "','" . $userdata['user_id'] . "','" . $subject . "','" . $message . "','" . $smileys . "','0','" . time() . "','0')");
$send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify'];
if ($send_email == "1") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
}
} else {
$error = "2";
}
}
} else {
redirect(FUSION_SELF . "?folder=inbox&error=noresult");
}
} else {
}
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
// Dynamics need to develop Captcha. Before that, use method 2.
if ($_CAPTCHA_IS_VALID == FALSE) {
$defender->stop();
addNotice('warning', $locale['424']);
}
if (!defined('FUSION_NULL')) {
require_once INCLUDES . "sendmail_include.php";
$template_result = dbquery("\n\t\t\tSELECT template_key, template_active, template_sender_name, template_sender_email\n\t\t\tFROM " . DB_EMAIL_TEMPLATES . "\n\t\t\tWHERE template_key='CONTACT'\n\t\t\tLIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
if (!sendemail_template("CONTACT", $input['subject'], $input['message'], "", $template_data['template_sender_name'], "", $template_data['template_sender_email'], $input['mailname'], $input['email'])) {
$defender->stop();
addNotice('warning', $locale['425']);
}
} else {
if (!sendemail($settings['siteusername'], $settings['siteemail'], $input['mailname'], $input['email'], $input['subject'], $input['message'])) {
$defender->stop();
addNotice('warning', $locale['425']);
}
}
} else {
if (!sendemail($settings['siteusername'], $settings['siteemail'], $input['mailname'], $input['email'], $input['subject'], $input['message'])) {
$defender->stop();
addNotice('warning', $locale['425']);
}
}
function send_pm($to, $from, $subject, $message, $smileys = "y")
{
global $settings;
include LOCALE . LOCALESET . "messages.php";
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "flood_include.php";
$msg_settings = dbarray(dbquery("SELECT pm_inbox, pm_email_notify FROM " . DB_MESSAGES_OPTIONS . " WHERE user_id='0'"));
$smileys = preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $message) ? "n" : $smileys;
$error = 0;
if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . $from . "'")) {
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level, mo.pm_email_notify, COUNT(message_id) as message_count FROM " . DB_USERS . " u\r\n\t\t\tLEFT JOIN " . DB_MESSAGES_OPTIONS . " mo USING(user_id)\r\n\t\t\tLEFT JOIN " . DB_MESSAGES . " ON message_to=u.user_id AND message_folder='0'\r\n\t\t\tWHERE u.user_id='{$to}' GROUP BY u.user_id");
if (dbrows($result)) {
$data = dbarray($result);
$result = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_id='" . $from . "'");
if (dbrows($result)) {
$userdata = dbarray($result);
if ($to != $from) {
if ($data['user_id'] == 1 || $data['user_level'] > 101 || $msg_settings['pm_inbox'] == "0" || $data['message_count'] + 1 <= $msg_settings['pm_inbox']) {
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('" . $data['user_id'] . "','" . $userdata['user_id'] . "','" . $subject . "','" . $message . "','" . $smileys . "','0','" . time() . "','0')");
$send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify'];
if ($send_email == "1") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'] . $message_content);
}
}
} else {
// Inbox is full
$error = 1;
}
} else {
// Reciever and sender are the same user
$error = 2;
}
} else {
// Sender does not exist in DB
$error = 3;
}
} else {
// Reciever does not exist in DB
$error = 4;
}
} else {
// Floodcontrol exceeded
$error = 5;
}
return $error;
}
redirect("index.php");
}
add_to_head("<meta http-equiv='refresh' content='2; url=viewthread.php?thread_id=" . $_GET['thread_id'] . "&pid=" . $_GET['post_id'] . "#post_" . $_GET['post_id'] . "' />\n");
if ($settings['thread_notify']) {
$result = dbquery("SELECT tn.*, tu.user_id, tu.user_name, tu.user_email, tu.user_level, tu.user_groups\r\n\t\t\t\tFROM " . DB_THREAD_NOTIFY . " tn\r\n\t\t\t\tLEFT JOIN " . DB_USERS . " tu ON tn.notify_user=tu.user_id\r\n\t\t\t\tWHERE thread_id='" . $_GET['thread_id'] . "' AND notify_user!='" . $userdata['user_id'] . "' AND notify_status='1'\r\n\t\t\t");
if (dbrows($result)) {
require_once INCLUDES . "sendmail_include.php";
$data2 = dbarray(dbquery("SELECT tf.forum_access, tt.thread_subject\r\n\t\t\t\t\tFROM " . DB_THREADS . " tt\r\n\t\t\t\t\tINNER JOIN " . DB_FORUMS . " tf ON tf.forum_id=tt.forum_id\r\n\t\t\t\t\tWHERE thread_id='" . $_GET['thread_id'] . "'"));
$link = $settings['siteurl'] . "forum/viewthread.php?forum_id=" . $_GET['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "&pid=" . $_GET['post_id'] . "#post_" . $_GET['post_id'];
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='POST' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
while ($data = dbarray($result)) {
if ($data2['forum_access'] == 0 || in_array($data2['forum_access'], explode(".", $data['user_level'] . "." . $data['user_groups']))) {
sendemail_template("POST", $data2['thread_subject'], "", "", $data['user_name'], $link, $data['user_email']);
}
}
} else {
while ($data = dbarray($result)) {
if ($data2['forum_access'] == 0 || in_array($data2['forum_access'], explode(".", $data['user_level'] . "." . $data['user_groups']))) {
$message_el1 = array("{USERNAME}", "{THREAD_SUBJECT}", "{THREAD_URL}");
$message_el2 = array($data['user_name'], $data2['thread_subject'], $link);
$message_subject = str_replace("{THREAD_SUBJECT}", $data2['thread_subject'], $locale['550']);
$message_content = str_replace($message_el1, $message_el2, $locale['551']);
sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $message_subject, $message_content);
}
}
}
} else {
while ($data = dbarray($result)) {
redirect(FUSION_SELF . $aidlink . "&status=su&template_id=" . $template_id);
}
} elseif (isset($_POST['test_template'])) {
$template_id = form_sanitizer($_POST['template_id'], '', 'template_id');
$template_key = form_sanitizer($_POST['template_key'], '', 'template_key');
$template_format = form_sanitizer($_POST['template_format'], '', 'template_format');
$template_subject = form_sanitizer($_POST['template_subject'], '', 'template_subject');
$template_content = form_sanitizer($_POST['template_content'], '', 'template_content');
$template_active = form_sanitizer($_POST['template_active'], '', 'template_active');
$template_sender_name = form_sanitizer($_POST['template_sender_name'], '', 'template_sender_name');
$template_sender_email = form_sanitizer($_POST['template_sender_email'], '', 'template_sender_email');
$template_language = form_sanitizer($_POST['template_language'], '', 'template_language');
if (!defined('FUSION_NULL')) {
$result = dbquery("UPDATE " . DB_EMAIL_TEMPLATES . " SET\r\n template_subject = '" . $template_subject . "',\r\n template_content = '" . $template_content . "',\r\n template_active = '" . $template_active . "',\r\n template_format = '" . $template_format . "',\r\n template_sender_name = '" . $template_sender_name . "',\r\n template_sender_email = '" . $template_sender_email . "',\r\n template_language = '" . $template_language . "'\r\n WHERE template_id = '" . $template_id . "'\r\n ");
require_once INCLUDES . "sendmail_include.php";
sendemail_template($template_key, $locale['412'], $locale['413'], $locale['414'], $locale['415'], $locale['416'], $userdata['user_email']);
redirect(FUSION_SELF . $aidlink . "&status=snd&template_id=" . $template_id . "&testmail=" . $userdata['user_email']);
}
}
$result = dbquery("SELECT template_id, template_key, template_name, template_language FROM " . DB_EMAIL_TEMPLATES . " " . (multilang_table("ET") ? "WHERE template_language='" . LANGUAGE . "'" : "") . " ORDER BY template_id ASC");
if (dbrows($result) != 0) {
$editlist = array();
while ($data = dbarray($result)) {
$template[$data['template_id']] = $data['template_name'];
}
}
foreach ($template as $id => $tname) {
$tab_title['title'][$id] = $tname;
$tab_title['id'][$id] = $id;
$tab_title['icon'][$id] = '';
}
public static function send_pm($to, $from, $subject, $message, $smileys = 'y', $to_group = FALSE, $save_sent = TRUE)
{
include LOCALE . LOCALESET . "messages.php";
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "flood_include.php";
$strict = FALSE;
$locale = array();
$group_name = getgroupname($to);
$to = isnum($to) || !empty($group_name) ? $to : 0;
$from = isnum($from) ? $from : 0;
$smileys = preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $message) ? "n" : $smileys;
if (!$to_group) {
// send to user
$pmStatus = self::get_pm_settings($to);
$myStatus = self::get_pm_settings($from);
if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='" . intval($from) . "'")) {
// find receipient
$result = dbquery("SELECT u.user_id, u.user_name, u.user_email, u.user_level,\n\t\t\t\tCOUNT(m.message_id) 'message_count'\n\t\t\t\tFROM " . DB_USERS . " u\n\t\t\t\tLEFT JOIN " . DB_MESSAGES . " m ON m.message_user=u.user_id and message_folder='0'\n\t\t\t\tWHERE u.user_id='" . intval($to) . "' GROUP BY u.user_id\n\t\t\t\t");
if (dbrows($result) > 0) {
$data = dbarray($result);
$result2 = dbquery("SELECT user_id, user_name FROM " . DB_USERS . " WHERE user_id='" . intval($from) . "'");
if (dbrows($result2) > 0) {
$userdata = dbarray($result2);
if ($to != $from) {
if ($data['user_id'] == 1 || $data['user_level'] < USER_LEVEL_MEMBER || !$pmStatus['user_inbox'] || $data['message_count'] + 1 <= $pmStatus['user_inbox']) {
$inputData = array("message_id" => 0, "message_to" => $to, "message_user" => $to, "message_from" => $from, "message_subject" => $subject, "message_message" => $message, "message_smileys" => $smileys, "message_read" => 0, "message_datestamp" => time(), "message_folder" => 0);
dbquery_insert(DB_MESSAGES, $inputData, "save");
// this will flood the inbox when message is sent to group. -- fixed
if ($myStatus['user_pm_save_sent'] == '2' && $save_sent == TRUE) {
// user_outbox.
$cdata = dbarray(dbquery("SELECT COUNT(message_id) AS outbox_count, MIN(message_id) AS last_message FROM\n\t\t\t\t\t\t\t\t\t" . DB_MESSAGES . " WHERE message_to='" . $userdata['user_id'] . "' AND message_user='******'user_id'] . "' AND message_folder='1' GROUP BY message_to"));
// check my outbox limit and if surpass, remove oldest message
if ($myStatus['user_outbox'] != "0" && $cdata['outbox_count'] + 1 > $myStatus['user_outbox']) {
dbquery("DELETE FROM " . DB_MESSAGES . " WHERE message_id='" . $cdata['last_message'] . "' AND message_to='" . $userdata['user_id'] . "'");
}
$inputData['message_user'] = $userdata['user_id'];
$inputData['message_folder'] = 1;
$inputData['message_from'] = $to;
$inputData['message_to'] = $userdata['user_id'];
dbquery_insert(DB_MESSAGES, $inputData, "save");
}
$send_email = $pmStatus['user_pm_email_notify'];
if ($send_email == "2") {
$message_content = str_replace("[SUBJECT]", $subject, $locale['626']);
$message_content = str_replace("[USER]", $userdata['user_name'], $message_content);
$template_result = dbquery("SELECT template_key, template_active FROM " . DB_EMAIL_TEMPLATES . " WHERE template_key='PM' LIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
sendemail_template("PM", $subject, trimlink($message, 150), $userdata['user_name'], $data['user_name'], "", $data['user_email']);
} else {
sendemail($data['user_name'], $data['user_email'], fusion_get_settings("siteusername"), fusion_get_settings("siteemail"), $locale['625'], $data['user_name'] . $message_content);
}
} else {
sendemail($data['user_name'], $data['user_email'], fusion_get_settings("siteusername"), fusion_get_settings("siteemail"), $locale['625'], $data['user_name'] . $message_content);
}
}
} else {
// Inbox is full
if ($strict) {
die("User inbox is full. Try delete it or upgrade it to 102 or 103 status");
}
\defender::stop();
addNotice("danger", $locale['628']);
}
}
} else {
// Sender does not exist in DB
if ($strict) {
die("Sender User ID does not exist in DB. Sequence Aborted.");
}
\defender::stop();
addNotice("danger", $locale['482']);
}
} else {
\defender::stop();
if ($strict) {
die("Message Recepient User ID is invalid");
}
addNotice("danger", $locale['482']);
}
} else {
if ($strict) {
die("You are flooding, send_pm halted");
}
\defender::stop();
addNotice("danger", sprintf($locale['487'], fusion_get_settings("flood_interval")));
}
} else {
$result = NULL;
if ($to <= -101 && $to >= -103) {
// -101, -102, -103 only
$result = dbquery("SELECT user_id from " . DB_USERS . " WHERE user_level <='" . intval($to) . "' AND user_status='0'");
} else {
// ## --- deprecate -- WHERE user_groups REGEXP('^\\\.{$to}$|\\\.{$to}\\\.|\\\.{$to}$') #
$result = dbquery("SELECT user_id FROM " . DB_USERS . " WHERE " . in_group("user_groups", $to) . " AND user_status='0'");
}
if (dbrows($result) > 0) {
while ($data = dbarray($result)) {
self::send_pm($data['user_id'], $from, $subject, $message, $smileys, FALSE, FALSE);
}
} else {
\defender::stop();
addNotice("danger", $locale['492']);
}
}
}
}
if ($message == "") {
$error .= " <span class='alt'>" . $locale['423'] . "</span><br />\n";
}
$_CAPTCHA_IS_VALID = false;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if ($_CAPTCHA_IS_VALID == false) {
$error .= " <span class='alt'>" . $locale['424'] . "</span><br />\n";
}
if (!$error) {
require_once INCLUDES . "sendmail_include.php";
$template_result = dbquery("\n\t\t\tSELECT template_key, template_active, template_sender_name, template_sender_email\n\t\t\tFROM " . DB_EMAIL_TEMPLATES . "\n\t\t\tWHERE template_key='CONTACT'\n\t\t\tLIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
if (!sendemail_template("CONTACT", $subject, $message, "", $template_data['template_sender_name'], "", $template_data['template_sender_email'], $mailname, $email)) {
$error .= " <span class='alt'>" . $locale['425'] . "</span><br />\n";
}
} else {
if (!sendemail($settings['siteusername'], $settings['siteemail'], $mailname, $email, $subject, $message)) {
$error .= " <span class='alt'>" . $locale['425'] . "</span><br />\n";
}
}
} else {
if (!sendemail($settings['siteusername'], $settings['siteemail'], $mailname, $email, $subject, $message)) {
$error .= " <span class='alt'>" . $locale['425'] . "</span><br />\n";
}
}
}
if ($error) {
opentable($locale['400']);
