//
//--------------------------------------------------------------------------------------------------
if (!defined('IN_PHPBB') || !defined('IN_PRIVMSG')) {
die('Hacking attempt');
}
//--------------------------
//
// get parameters
//
//--------------------------
_hidden_init();
// vars
$folder_id = _read_var('folder', 1, INBOX);
$search_folder = _read_var('search_folder', 1);
$username = htmlspecialchars(unprepare_message(stripslashes(urldecode(_read_var('username')))));
$words = htmlspecialchars(unprepare_message(stripslashes(urldecode(_read_var('words')))));
// buttons
$submit = _button_var('submit_search');
$cancel = _button_var('cancel');
//-----------------------------
//
// performed some checks
//
//-----------------------------
$error = false;
$error_msg = '';
// folder
if (!isset($folders['data'][$folder_id])) {
$folder_id = INBOX;
}
$folder_main = $folder_id;
function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
global $userdata, $user_ip;
$current_time = time();
if ($mode != 'delete') {
if ($mode == 'reply') {
$sql = "SELECT ban_userid \r\n\t\t\t\tFROM " . BANLIST_TABLE;
if (!($result = $db->sql_query($sql, false, true))) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql);
}
$user_id_sql = '';
while ($row = $db->sql_fetchrow($result)) {
if (isset($row['ban_userid']) && !empty($row['ban_userid'])) {
$user_id_sql .= ', ' . $row['ban_userid'];
}
}
$sql = "SELECT u.user_id, u.user_email, u.user_lang \r\n\t\t\t\tFROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u \r\n\t\t\t\tWHERE tw.topic_id = {$topic_id} \r\n\t\t\t\t\tAND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ") \r\n\t\t\t\t\tAND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " \r\n\t\t\t\t\tAND u.user_id = tw.user_id";
if (!($result = $db->sql_query($sql))) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql);
}
$update_watched_sql = '';
$bcc_list_ary = array();
if ($row = $db->sql_fetchrow($result)) {
// Sixty second limit
@set_time_limit(60);
do {
if ($row['user_email'] != '') {
$bcc_list_ary[$row['user_lang']][] = $row['user_email'];
}
$update_watched_sql .= $update_watched_sql != '' ? ', ' . $row['user_id'] : $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if (preg_match('/[c-z]:\\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) {
$ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
// We are running on windows, force delivery to use our smtp functions
// since php's are broken by default
$board_config['smtp_delivery'] = 1;
$board_config['smtp_host'] = @$ini_val('SMTP');
}
if (sizeof($bcc_list_ary)) {
include $phpbb_root_path . 'includes/emailer.' . $phpEx;
$emailer = new emailer($board_config['smtp_delivery']);
$script_name = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path']));
$script_name = $script_name != '' ? $script_name . '/viewtopic.' . $phpEx : 'viewtopic.' . $phpEx;
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
$topic_title = count($orig_word) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title);
@reset($bcc_list_ary);
while (list($user_lang, $bcc_list) = each($bcc_list_ary)) {
$emailer->use_template('topic_notify', $user_lang);
for ($i = 0; $i < count($bcc_list); $i++) {
$emailer->bcc($bcc_list[$i]);
}
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
// This is a nasty kludge to remove the username var ... till (if?)
// translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
$emailer->assign_vars(array('EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'SITENAME' => $board_config['sitename'], 'TOPIC_TITLE' => $topic_title, 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_POST_URL . "={$post_id}#{$post_id}", 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_TOPIC_URL . "={$topic_id}&unwatch=topic"));
$emailer->send();
$emailer->reset();
}
}
}
$db->sql_freeresult($result);
if ($update_watched_sql != '') {
$sql = "UPDATE " . TOPICS_WATCH_TABLE . "\r\n\t\t\t\t\tSET notify_status = " . TOPIC_WATCH_NOTIFIED . "\r\n\t\t\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\t\t\tAND user_id IN ({$update_watched_sql})";
$db->sql_query($sql);
}
}
$sql = "SELECT topic_id \r\n\t\t\tFROM " . TOPICS_WATCH_TABLE . "\r\n\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\tAND user_id = " . $userdata['user_id'];
if (!($result = $db->sql_query($sql))) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
if (!$notify_user && !empty($row['topic_id'])) {
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "\r\n\t\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\t\tAND user_id = " . $userdata['user_id'];
if (!$db->sql_query($sql)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql);
}
} else {
if ($notify_user && empty($row['topic_id'])) {
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)\r\n\t\t\t\tVALUES (" . $userdata['user_id'] . ", {$topic_id}, 0)";
if (!$db->sql_query($sql)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql);
}
}
}
}
$db->clear_cache('posts_');
}
if ($result['error']) {
$error = true;
$error_msg .= !empty($error_msg) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
}
}
if ($refresh || $preview) {
$message = !empty($HTTP_POST_VARS['message']) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';
if (!empty($message)) {
if ($preview) {
require_once $phpbb_root_path . 'includes/functions_post.' . $phpEx;
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$preview_message = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on, $bbcode_uid));
if ($bbcode_on) {
$preview_message = bbencode_second_pass($preview_message, $bbcode_uid);
}
if (!empty($orig_word)) {
$preview_message = !empty($preview_message) ? preg_replace($orig_word, $replacement_word, $preview_message) : '';
}
$preview_message = make_clickable($preview_message);
if ($smilies_on) {
$preview_message = smilies_pass($preview_message);
}
$preview_message = str_replace("\n", '<br />', $preview_message);
$template->set_filenames(array('preview' => 'posting_preview.tpl'));
$template->assign_vars(array('USERNAME' => $username, 'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']), 'MESSAGE' => $preview_message, 'L_POSTED' => $lang['Posted'], 'L_PREVIEW' => $lang['Preview']));
$template->assign_var_from_handle('POST_PREVIEW_BOX', 'preview');
}
$sql = "UPDATE " . USERS_TABLE . "\n\t\t\tSET user_sig = '" . $db->sql_escape($signature) . "'\n\t\t\tWHERE user_id = {$user_id}";
$result = $db->sql_query($sql);
$save_message = $lang['sig_save_message'];
}
} else {
message_die(GENERAL_MESSAGE, 'An Error occured while submitting Signature');
}
} elseif ($preview) {
$template->assign_block_vars('switch_preview_sig', array());
if (isset($signature)) {
$preview_sig = $signature;
if (strlen($preview_sig) > $config['max_sig_chars']) {
$preview_sig = $lang['Signature_too_long'];
} else {
$preview_sig = htmlspecialchars($preview_sig);
$preview_sig = stripslashes(prepare_message(addslashes(unprepare_message($preview_sig)), $html_on, $bbcode_on, $smilies_on));
if ($preview_sig != '') {
$bbcode->is_sig = true;
$preview_sig = $bbcode->parse($preview_sig);
$bbcode->is_sig = false;
$preview_sig = '<br />' . $config['sig_line'] . '<br />' . $preview_sig;
//$preview_sig = nl2br($preview_sig);
$preview_sig = censor_text($preview_sig);
} else {
$preview_sig = $lang['sig_none'];
}
}
} else {
message_die(GENERAL_MESSAGE, 'An Error occured while submitting Signature');
}
} elseif ($mode) {
// END EMAIL-NOTIFY
}
// BEGIN PM-NOTIFY ON OUTBID
// Check ACP-setting
if ($auction_config_data['auction_pm_notify']) {
$outbid_pm_subject = $lang['outbid'] . " - " . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($auction_corresponding_bids_start_stop_row['auction_offer_title']))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0);
$outbid_pm = $lang['outbid_pm'];
$privmsgs_date = date("U");
$sql = "INSERT INTO " . PRIVMSGS_TABLE . "\r\n (privmsgs_type,\r\n privmsgs_subject,\r\n privmsgs_from_userid,\r\n privmsgs_to_userid,\r\n privmsgs_date,\r\n privmsgs_enable_html,\r\n privmsgs_enable_bbcode,\r\n privmsgs_enable_smilies,\r\n privmsgs_attach_sig)\r\n VALUES ('0',\r\n '" . str_replace("\\'", "''", addslashes(sprintf($outbid_pm_subject, $board_config['sitename']))) . "',\r\n '2',\r\n " . $auction_corresponding_bids_start_stop_row['FK_auction_offer_last_bid_user_id'] . ",\r\n " . $privmsgs_date . ",\r\n '0',\r\n '1',\r\n '1',\r\n '0')";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql);
}
// if
$outbid_sent_id = $db->sql_nextid();
$outbid_text = $lang['outbid_pm_text'];
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . "\r\n (privmsgs_text_id,\r\n privmsgs_text)\r\n VALUES ({$outbid_sent_id},\r\n '" . str_replace("\\'", "''", addslashes(sprintf($outbid_pm, $board_config['sitename']))) . "</br></br><a href=auction_offer_view.php?ao=" . $HTTP_GET_VARS[POST_AUCTION_OFFER_URL] . '>' . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($auction_corresponding_bids_start_stop_row['auction_offer_title']))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0) . '</a></br>' . $board_config['board_email_sig'] . "')";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql);
}
// if
$sql = "UPDATE " . USERS_TABLE . "\r\n SET user_new_privmsg=user_new_privmsg+1,\r\n user_new_privmsg = user_new_privmsg +1\r\n WHERE user_id=" . $auction_corresponding_bids_start_stop_row['FK_auction_offer_last_bid_user_id'];
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not update user table for outbid notification', '', __LINE__, __FILE__, $sql);
}
// if
}
// if
// End pm-notification
}
// if
$message = $lang['auction_room_bid_successful'] . "<br /><br />" . sprintf($lang['Click_return_offer'], "<a href=\"" . append_sid("auction_offer_view.{$phpEx}?ao=" . $HTTP_GET_VARS[POST_AUCTION_OFFER_URL]) . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_auction_index'], "<a href=\"" . append_sid("auction.{$phpEx}") . "\">", "</a>");
/**
* Send user notifications on new topic or reply
*/
function send_notifications($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $config, $lang, $db, $user;
global $bbcode;
$current_time = time();
include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT;
if ($mode != 'delete') {
if ($mode == 'reply') {
// Look for users with notification enabled
$sql = "SELECT u.user_id, u.user_email, u.user_lang, u.username, f.forum_name\n\t\t\t\t\tFROM " . USERS_TABLE . " u, " . TOPICS_WATCH_TABLE . " tw, " . FORUMS_TABLE . " f\n\t\t\t\t\tWHERE tw.topic_id = " . $topic_id . "\n\t\t\t\t\t\tAND " . $db->sql_in_set('tw.user_id', $this->exclude_users, true, true) . "\n\t\t\t\t\t\tAND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "\n\t\t\t\t\t\tAND f.forum_id = " . $forum_id . "\n\t\t\t\t\t\tAND u.user_id = tw.user_id\n\t\t\t\t\t\tAND u.user_active = 1";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!in_array($row['user_id'], $this->notify_userid)) {
if ($row['user_email'] != '') {
$this->notify_userdata[] = array('username' => $row['username'], 'user_email' => $row['user_email'], 'user_lang' => $row['user_lang']);
}
$this->notify_userid[] = $row['user_id'];
$this->notify_forum_name = $row['forum_name'];
}
}
$db->sql_freeresult($result);
}
if ($mode == 'newtopic' || $mode == 'reply') {
// Reply or New Topic forum notification
$sql = "SELECT u.user_id, u.user_email, u.user_lang, f.forum_name\n\t\t\t\t\tFROM " . USERS_TABLE . " u, " . FORUMS_WATCH_TABLE . " fw, " . FORUMS_TABLE . " f\n\t\t\t\t\tWHERE fw.forum_id = " . $forum_id . "\n\t\t\t\t\t\tAND " . $db->sql_in_set('fw.user_id', array_merge($this->exclude_users, $this->notify_userid), true, true) . "\n\t\t\t\t\t\tAND fw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . "\n\t\t\t\t\t\tAND f.forum_id = " . $forum_id . "\n\t\t\t\t\t\tAND f.forum_notify = '1'\n\t\t\t\t\t\tAND u.user_id = fw.user_id\n\t\t\t\t\t\tAND u.user_active = 1";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!in_array($row['user_id'], $this->notify_userid)) {
if ($row['user_email'] != '') {
$this->notify_userdata[] = array('username' => $row['username'], 'user_email' => $row['user_email'], 'user_lang' => $row['user_lang']);
}
$this->notify_userid[] = $row['user_id'];
$this->notify_forum_name = $row['forum_name'];
}
}
$db->sql_freeresult($result);
}
// Users array built, so start sending notifications
if (sizeof($this->notify_userdata) > 0) {
include_once IP_ROOT_PATH . 'includes/emailer.' . PHP_EXT;
$emailer = new emailer();
$server_url = create_server_url();
$topic_title = unprepare_message($topic_title);
$topic_title = censor_text($topic_title);
$post_text = unprepare_message($post_data['message']);
$post_text = censor_text($post_text);
if (!empty($config['html_email'])) {
$bbcode->allow_bbcode = !empty($config['allow_bbcode']) ? $config['allow_bbcode'] : false;
$bbcode->allow_html = !empty($config['allow_html']) ? $config['allow_html'] : false;
$bbcode->allow_smilies = !empty($config['allow_smilies']) ? $config['allow_smilies'] : false;
$post_text = $bbcode->parse($post_text);
} else {
$post_text = $bbcode->plain_message($post_text, '');
}
for ($i = 0; $i < sizeof($this->notify_userdata); $i++) {
$emailer->use_template('topic_notify', $this->notify_userdata[$i]['user_lang']);
$emailer->bcc($this->notify_userdata[$i]['user_email']);
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
// This is a nasty kludge to remove the username var ... till (if?) translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', $this->notify_userdata[$i]['username'], $emailer->msg);
if ($config['url_rw'] == '1') {
$topic_url = $server_url . str_replace('--', '-', make_url_friendly($topic_title) . '-vp' . $post_id . '.html#p' . $post_id);
} else {
$topic_url = $server_url . CMS_PAGE_VIEWTOPIC . '?' . POST_POST_URL . '=' . $post_id . '#p' . $post_id;
}
$email_sig = create_signature($config['board_email_sig']);
$emailer->assign_vars(array('EMAIL_SIG' => $email_sig, 'SITENAME' => $config['sitename'], 'TOPIC_TITLE' => $topic_title, 'POST_TEXT' => $post_text, 'POSTERNAME' => $post_data['username'], 'FORUM_NAME' => $this->notify_forum_name, 'ROOT' => $server_url, 'U_TOPIC' => $topic_url, 'U_STOP_WATCHING_TOPIC' => $server_url . CMS_PAGE_VIEWTOPIC . '?' . POST_TOPIC_URL . '=' . $topic_id . '&unwatch=topic'));
$emailer->send();
$emailer->reset();
}
}
// Emails sent, so set users were notified
$sql = "UPDATE " . TOPICS_WATCH_TABLE . "\n\t\t\t\tSET notify_status = " . TOPIC_WATCH_NOTIFIED . "\n\t\t\t\tWHERE topic_id = " . $topic_id . "\n\t\t\t\tAND " . $db->sql_in_set('user_id', $this->notify_userid, false, true);
$db->sql_query($sql);
$sql = "UPDATE " . FORUMS_WATCH_TABLE . "\n\t\t\t\tSET notify_status = " . TOPIC_WATCH_NOTIFIED . "\n\t\t\t\tWHERE forum_id = " . $forum_id . "\n\t\t\t\tAND " . $db->sql_in_set('user_id', $this->notify_userid, false, true);
$db->sql_query($sql);
// Delete notification for poster if present, or re-activate it if requested
if (!$notify_user && !empty($row['topic_id'])) {
$this->delete_topic_watch($user->data['user_id'], $topic_id);
} elseif ($notify_user && empty($row['topic_id'])) {
$this->delete_topic_watch($user->data['user_id'], $topic_id);
$this->insert_topic_watch($user->data['user_id'], $topic_id, $forum_id, TOPIC_WATCH_UN_NOTIFIED);
}
}
}
function notifyUser($user_id, $notify_type, $offer_id, $offer_title)
{
global $db, $lang, $auction_config_data, $board_config;
if ($auction_config_data['auction_end_notify_email']) {
// BEGIN EMAIL-NOTIFY
$sql = "SELECT user_email,\r\n username\r\n FROM " . USERS_TABLE . "\r\n WHERE user_id=" . $user_id . "";
if (!($result = $db->sql_query($sql))) {
}
// if
$user = $db->sql_fetchrow($result);
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
$username = $user['username'];
$email = $user['user_email'];
$emailer = new emailer($board_config['smtp_delivery']);
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
if ($notify_type == 'WON') {
$emailer->use_template('auction_won', stripslashes($user_lang));
$emailer->set_subject($lang['auction_won']);
$emailer->assign_vars(array('AUCTION_WON' => $lang['auction_offer_won'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
if ($notify_type == 'SOLD') {
$emailer->use_template('auction_sold', stripslashes($user_lang));
$emailer->set_subject($lang['auction_sold']);
$emailer->assign_vars(array('AUCTION_SOLD' => $lang['auction_offer_sold'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
if ($notify_type == 'NOT_SOLD') {
$emailer->use_template('auction_not_sold', stripslashes($user_lang));
$emailer->set_subject($lang['auction_not_sold']);
$emailer->assign_vars(array('AUCTION_NOT_SOLD' => $lang['auction_offer_not_sold'], 'AUCTION_SITENAME' => $board_config['sitename'], 'AUCTION_OFFER' => prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0), 'U_AUCTION_OFFER' => $server_protocol . $server_name . $board_config['script_path'] . 'auction_offer_view.php?ao=' . $offer_id, 'AUCTION_EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : ''));
}
$emailer->email_address($email);
// Try to send email...
$emailer->send();
// $emailer->reset();
}
// END EMAIL-NOTIFY
if ($auction_config_data['auction_end_notify_pm']) {
// BEGIN PM-NOTIFY ON OUTBID
if ($notify_type == 'WON') {
$pm_subject = $lang['auction_won'];
$pm_text = $lang['auction_won_text'];
}
if ($notify_type == 'SOLD') {
$pm_subject = $lang['auction_sold'];
$pm_text = $lang['auction_sold_text'];
}
if ($notify_type == 'NOT_SOLD') {
$pm_subject = $lang['auction_not_sold'];
$pm_text = $lang['auction_not_sold_text'];
}
$privmsgs_date = date("U");
$sql = "INSERT INTO " . PRIVMSGS_TABLE . "\r\n (privmsgs_type,\r\n privmsgs_subject,\r\n privmsgs_from_userid,\r\n privmsgs_to_userid,\r\n privmsgs_date,\r\n privmsgs_enable_html,\r\n privmsgs_enable_bbcode,\r\n privmsgs_enable_smilies,\r\n privmsgs_attach_sig)\r\n VALUES ('0',\r\n '" . str_replace("\\'", "''", addslashes(sprintf($pm_subject, $board_config['sitename']))) . "',\r\n '2',\r\n " . $user_id . ",\r\n " . $privmsgs_date . ",\r\n '0',\r\n '1',\r\n '1',\r\n '0')";
if (!$db->sql_query($sql)) {
}
// if
$outbid_sent_id = $db->sql_nextid();
$sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . "\r\n (privmsgs_text_id,\r\n privmsgs_text)\r\n VALUES (" . $outbid_sent_id . ",\r\n '" . str_replace("\\'", "''", $pm_text . "</br></br><a href=\"auction_offer_view.php?ao=" . $offer_id . "\">" . prepare_message(addslashes(unprepare_message(htmlspecialchars(trim(stripslashes($offer_title))))), $board_config['allow_html'], $board_config['allow_bbcode'], $board_config['allow_smilies'], 0) . "</a></br>" . $board_config['board_email_sig']) . "')";
if (!$db->sql_query($sql)) {
}
// if
$sql = "UPDATE " . USERS_TABLE . "\r\n SET user_new_privmsg=user_new_privmsg+1\r\n WHERE user_id=" . $user_id;
if (!$db->sql_query($sql)) {
}
// if
}
// End pm-notification
}
function send_mail($type, $from_userdata, &$to_user_ids, &$recips, $subject, $message, $time = 0, $copy = true, $parsed_values = array())
{
global $db, $board_config, $lang, $phpbb_root_path, $phpEx, $userdata;
// fix some parameters
$subject = trim($subject);
$message = trim($message);
// check we have a message and a subject
if (empty($subject)) {
return 'Empty_subject';
}
if (empty($message)) {
return 'Empty_message';
}
// recipient is not an array, so make one
if (!is_array($to_user_ids) && !empty($to_user_ids)) {
$to_user_ids = array(intval($to_user_ids));
}
// check if recipients
if (empty($to_user_ids)) {
return 'No_to_user';
}
$s_to_user_ids = implode(', ', $to_user_ids);
// censor words
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
// process some cleaning
$subject = count($orig_word) ? preg_replace($orig_word, $replacement_word, unprepare_message($subject)) : unprepare_message($subject);
$message = count($orig_word) ? preg_replace($orig_word, $replacement_word, unprepare_message($message)) : unprepare_message($message);
// clean any bbcode_uid
$subject = preg_replace('/\\:[0-9a-z\\:]+\\]/si', ']', $subject);
$message = preg_replace('/\\:[0-9a-z\\:]+\\]/si', ']', $message);
// clean HTML
$subject = preg_replace('#(<)([\\/]?.*?)(>)#is', "<\\2>", $subject);
$message = preg_replace('#(<)([\\/]?.*?)(>)#is', "<\\2>", $message);
// from_user_id can be 0 for sys message (sent by the board)
if (empty($from_userdata)) {
$from_userdata['user_id'] = 0;
$from_userdata['user_level'] = ADMIN;
$from_userdata['username'] = $board_config['sitename'];
}
$from_user_id = intval($from_userdata['user_id']);
// get the recipients
$sql_where = "user_email <> '' AND user_email IS NOT NULL";
// this will require enhancement for the pcp ignore/friend list
if (!$copy) {
$sql_where .= " AND user_id <> " . intval($from_userdata['user_id']);
}
if ($userdata['user_level'] != ADMIN) {
$sql_where .= " AND (user_viewemail = 1 OR user_id = " . intval($userdata['user_id']) . ")";
}
//
// Make sure user wánts the mail
//
$notify_sql = '';
$sql_notify = '';
if ($type == 'privmsg_notify') {
$sql_notify = ', user_notify_pm';
$notify_sql = 'AND user_notify_pm != 0';
}
// read the mail recipients
$sql = "SELECT user_id, user_email, user_lang, username" . $sql_notify . "\n FROM " . USERS_TABLE . "\n WHERE user_id IN ({$s_to_user_ids})\n {$notify_sql}\n AND user_id NOT IN (0, " . ANONYMOUS . ")\n AND {$sql_where}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not read recipient mail list', '', __LINE__, __FILE__, $sql);
}
$count = 0;
$bcc_list_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$count++;
$bcc_list_ary[$row['user_lang']][] = array('user_id' => $row['user_id'], 'mail' => $row['user_email'], 'username' => $row['username']);
}
if ($count > 0) {
// read the message recipients
$msg_to = '';
if (!empty($recips)) {
for ($i = 0; $i < count($recips); $i++) {
$username = isset($recips[$i]['privmsg_to_username']) ? $recips[$i]['privmsg_to_username'] : $recips[$i]['username'];
if (!empty($username)) {
$msg_to .= (empty($msg_to) ? '' : ', ') . $username;
}
}
}
//
// Let's do some checking to make sure that mass mail functions
// are working in win32 versions of php.
//
if (preg_match('/[c-z]:\\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery']) {
$ini_val = @phpversion() >= '4.0.0' ? 'ini_get' : 'get_cfg_var';
// We are running on windows, force delivery to use our smtp functions
// since php's are broken by default
$board_config['smtp_delivery'] = 1;
$board_config['smtp_host'] = @$ini_val('SMTP');
}
// init the mailer
$emailer = new emailer($board_config['smtp_delivery']);
// init server vars
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
// sender script
$script_path = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path']));
$script_path = !empty($script_name) ? $server_protocol . $server_name . $server_port . $script_name . '/' : $server_protocol . $server_name . $server_port;
// start the emailer data
$emailer->from($board_config['board_email']);
$emailer->replyto($board_config['board_email']);
// choose template
switch ($type) {
case 'privmsg_notify':
$tpl = 'privmsg_notify';
$mail_subject = _lang('Notification_subject');
break;
case 'save_to_mail':
$tpl = 'admin_send_email';
$mail_subject = _lang('Save_to_mail_subject') . $subject;
break;
default:
$tpl = 'admin_send_email';
$mail_subject = $subject;
break;
}
// send message (coming partially from privmsgs.php) : one per lang
@reset($bcc_list_ary);
while (list($user_lang, $bcc_list) = each($bcc_list_ary)) {
if ($count == 1) {
$emailer->email_address($bcc_list[0]['mail']);
} else {
// affect users mail
for ($i = 0; $i < count($bcc_list); $i++) {
$emailer->bcc($bcc_list[$i]['mail']);
}
}
// remove {USERNAME} from the template if more than one recipient
if ($count > 0) {
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
}
// build message
$msg = _lang('Subject') . ': ' . $subject;
$msg .= "\n" . _lang('From') . ': ' . $from_userdata['username'];
if (!empty($msg_to)) {
$msg .= "\n" . _lang('To') . ': ' . $msg_to;
}
if (!empty($time)) {
$dformat = $board_config['default_dateformat'];
$dtz = $board_config['board_timezone'];
if (count($to_user_ids) == 1) {
$dformat = $userdata['user_dateformat'];
$dtz = $userdata['user_timezone'];
}
$post_date = create_date($dformat, $time, $dtz);
$msg .= "\n" . _lang('Date') . ': ' . $post_date;
}
$msg .= "\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" . $message;
// generic values
$parsed_values['SITENAME'] = $board_config['sitename'];
$parsed_values['EMAIL_SIG'] = !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '';
$parsed_values['MESSAGE'] = $msg;
$parsed_values['FROM'] = $userdata['username'];
$emailer->use_template($tpl, $user_lang);
$emailer->set_subject($mail_subject);
$emailer->assign_vars($parsed_values);
// send
$emailer->send();
$emailer->reset();
}
}
}
function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $config, $lang, $userdata, $user_ip;
$current_time = time();
if ($mode == 'delete')
{
$delete_sql = (!$post_data['first_post'] && !$post_data['last_post']) ? sql_filter(' AND user_id = ? ', $userdata['user_id']) : '';
$sql = 'DELETE FROM _forum_topics_fav WHERE topic_id = ?' . $delete_sql;
sql_query(sql_filter($sql, $topic_id));
}
else
{
if ($mode == 'reply')
{
$sql = 'SELECT ban_userid
FROM _banlist';
$result = sql_rowset($sql);
$user_id_sql = '';
foreach ($result as $row) {
if (isset($row['ban_userid']) && !empty($row['ban_userid'])) {
$user_id_sql .= ', ' . $row['ban_userid'];
}
}
$update_watched_sql = '';
$bcc_list_ary = w();
$usr_list_ary = w();
$sql = 'SELECT DISTINCT u.user_id, u.user_email, u.user_lang
FROM _forum_topics_fav tw
INNER JOIN _members u ON tw.user_id = u.user_id
INNER JOIN _members_group ug ON tw.user_id = ug.user_id
LEFT OUTER JOIN _auth_access aa ON ug.group_id = aa.group_id, _forums f
WHERE tw.topic_id = ?
AND tw.user_id NOT IN (??, ??, ??)
AND tw.notify_status = ?
AND f.forum_id = ?
AND u.user_active = 1
AND (
(aa.forum_id = ? AND aa.auth_read = 1)
OR f.auth_read <= ?
OR (u.user_level = ? AND f.auth_read = ?)
OR u.user_level = ?
)';
if ($result = sql_rowset(sql_filter($sql, $topic_id, $userdata['user_id'], GUEST, $user_id_sql, TOPIC_WATCH_UN_NOTIFIED, $forum_id, $forum_id, AUTH_REG, USER_MOD, AUTH_MOD, USER_ADMIN))) {
@set_time_limit(60);
foreach ($result as $row) {
if ($row['user_email'] != '') {
$bcc_list_ary[$row['user_lang']][] = $row['user_email'];
}
$update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id'];
}
if (sizeof($bcc_list_ary)) {
$emailer = new emailer();
$server_name = trim($config['server_name']);
$server_protocol = ($config['cookie_secure']) ? 'https://' : 'http://';
$post_url = $server_protocol . $server_name . s_link('post', $post_id) . "#$post_id";
$emailer->from($config['board_email']);
$emailer->replyto($config['board_email']);
$topic_title = unprepare_message($topic_title);
@reset($bcc_list_ary);
while (list($user_lang, $bcc_list) = each($bcc_list_ary))
{
$emailer->use_template('topic_notify', $user_lang);
for ($i = 0; $i < count($bcc_list); $i++)
{
$emailer->bcc($bcc_list[$i]);
}
// The Topic_reply_notification lang string below will be used
// if for some reason the mail template subject cannot be read
// ... note it will not necessarily be in the posters own language!
$emailer->set_subject($lang['Topic_reply_notification']);
// This is a nasty kludge to remove the username var ... till (if?)
// translators update their templates
$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);
$emailer->assign_vars(array(
'EMAIL_SIG' => '',
'SITENAME' => $config['sitename'],
'TOPIC_TITLE' => $topic_title,
'U_TOPIC' => $post_url,
'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $script_name . '&' . POST_TOPIC_URL . "=$topic_id&unwatch=topic")
);
$emailer->send();
$emailer->reset();
}
}
}
if ($update_watched_sql != '')
{
$sql = 'UPDATE _forum_topics_fav
SET notify_status = ?
WHERE topic_id = ?
AND user_id IN (??)';
sql_query(sql_filter($sql, TOPIC_WATCH_NOTIFIED, $topic_id, $update_watched_sql));
}
}
$sql = 'SELECT topic_id
FROM _forum_topics_fav
WHERE topic_id = ?
AND user_id = ?';
if ($row = sql_fieldrow(sql_filter($sql, $topic_id, $userdata['user_id']))) {
if (!$notify_user && !empty($row['topic_id'])) {
$sql = 'DELETE FROM _forum_topics_fav
WHERE topic_id = ?
AND user_id = ?';
sql_query(sql_filter($sql, $topic_id, $userdata['user_id']));
} else if ($notify_user && empty($row['topic_id'])) {
$sql = "INSERT INTO _forum_topics_fav (user_id, topic_id, notify_status)
VALUES (" . $userdata['user_id'] . ", $topic_id, 0)";
sql_query($sql);
}
}
}
}
function insert_post($message, $subject, $forum_id, $user_id, $user_name, $user_attach_sig, $topic_id = NULL, $topic_type = POST_NORMAL, $do_notification = false, $notify_user = false, $current_time = 0, $error_die_function = '', $html_on = 0, $bbcode_on = 1, $smilies_on = 1)
{
global $db, $board_config, $user_ip;
// initialise some variables
$topic_vote = 0;
$mode = 'reply';
$bbcode_uid = $bbcode_on ? make_bbcode_uid() : '';
$error_die_function = $error_die_function == '' ? "message_die" : $error_die_function;
$current_time = $current_time == 0 ? time() : $current_time;
// parse the message and the subject (belt & braces :)
$message = addslashes(unprepare_message($message));
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
$subject = addslashes(str_replace('"', '"', trim($subject)));
$username = addslashes(unprepare_message(trim($user_name)));
// fix for \" in username - wineknow.com
$username = str_replace("\\\"", "\"", $username);
// if this is a new topic then insert the topic details
if (is_null($topic_id)) {
$mode = 'newtopic';
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('{$subject}', " . $user_id . ", {$current_time}, {$forum_id}, " . TOPIC_UNLOCKED . ", {$topic_type}, {$topic_vote})";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$topic_id = $db->sql_nextid();
}
// insert the post details using the topic id
$sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ({$topic_id}, {$forum_id}, " . $user_id . ", '{$username}', {$current_time}, '{$user_ip}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$user_attach_sig})";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$post_id = $db->sql_nextid();
// insert the actual post text for our new post
$sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ({$post_id}, '{$subject}', '{$bbcode_uid}', '{$message}')";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the post counts etc.
$newpostsql = $mode == 'newtopic' ? ',forum_topics = forum_topics + 1' : '';
$sql = "UPDATE " . FORUMS_TABLE . " SET \n forum_posts = forum_posts + 1,\n forum_last_post_id = {$post_id}\n {$newpostsql} \t\n WHERE forum_id = {$forum_id}";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the first / last post ids for the topic
$first_post_sql = $mode == 'newtopic' ? ", topic_first_post_id = {$post_id} " : ' , topic_replies=topic_replies+1';
$sql = "UPDATE " . TOPICS_TABLE . " SET \n topic_last_post_id = {$post_id} \n {$first_post_sql}\n WHERE topic_id = {$topic_id}";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// update the user's post count and commit the transaction
$sql = "UPDATE " . USERS_TABLE . " SET \n user_posts = user_posts + 1\n WHERE user_id = {$user_id}";
if (!$db->sql_query($sql, END_TRANSACTION)) {
$error_die_function(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
// add the search words for our new post
switch ($board_config['version']) {
case '.0.0':
case '.0.1':
case '.0.2':
case '.0.3':
add_search_words($post_id, stripslashes($message), stripslashes($subject));
break;
default:
add_search_words('', $post_id, stripslashes($message), stripslashes($subject));
break;
}
// do we need to do user notification
if ($mode == 'reply' && $do_notification) {
// DP bugfix (critical): $userdata['user_id'] must be set; otherwise,
// user_notification() will generate a bad SQL query and die.
global $userdata;
$userdata['user_id'] = $user_id;
// DP bugfix (minor): We should pass the topic title, not the post subject,
// as the third param to user_notification.
$sql = "SELECT topic_title FROM " . TOPICS_TABLE . " WHERE topic_id = {$topic_id}";
if (!($result = $db->sql_query($sql))) {
$error_die_function(GENERAL_ERROR, 'Error getting topic_title', '', __LINE__, __FILE__, $sql);
}
list($topic_title) = $db->sql_fetchrow($result);
$post_data = array();
user_notification($mode, $post_data, $topic_title, $forum_id, $topic_id, $post_id, $notify_user);
}
// if all is well then return the id of our new post
return array('post_id' => $post_id, 'topic_id' => $topic_id);
}
if (!empty($rules_word)) {
$rules_type = 4;
} else {
$rules_type = 3;
}
}
}
}
// get data from form
$rules_folder_id = _read_var('rules_folder_id', 1, $rules_folder_id);
$rules_name = unprepare_message(trim(str_replace("\\'", "''", htmlspecialchars(_read_var('rules_name', 0, $rules_name)))));
$rules_type = _read_var('rules_type', 1, $rules_type);
$rules_group_id = _read_var('rules_group_id', 1, $rules_group_id);
$rules_username = unprepare_message(trim(str_replace("\\'", "''", htmlspecialchars(_read_var('username', 0, $rules_username)))));
$rules_sysuser = _read_var('rules_sysuser', 1, $rules_sysuser);
$rules_word = unprepare_message(trim(str_replace("\\'", "''", htmlspecialchars(_read_var('rules_word', 0, $rules_word)))));
}
if ($pmmode == 'rdelete') {
if ($cancel) {
$pmmode = 'redit';
$cancel = false;
} else {
if ($confirm) {
if ($error) {
$l_link = 'Click_return_folders';
$u_link = append_sid("{$main_pgm}&pmmode=rlist&folder={$folder_id}");
_message_return($error_msg, $l_link, $u_link);
}
if (!$error) {
$sql = "DELETE FROM " . PRIVMSGA_RULES_TABLE . "\n WHERE rules_id = {$rules_id}\n AND rules_user_id = {$view_user_id}";
if (!($result = $db->sql_query($sql))) {
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, "Could not create download stream for post.", '', __LINE__, __FILE__, $sql);
}
$download_file = '';
while ($row = $db->sql_fetchrow($result)) {
$poster_id = $row['user_id'];
$poster = $poster_id == ANONYMOUS ? $lang['Guest'] : $row['username'];
$post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
$post_subject = $row['post_subject'] != '' ? $row['post_subject'] : '';
$bbcode_uid = $row['bbcode_uid'];
$message = $row['post_text'];
$message = strip_tags($message);
$message = preg_replace("/\\[.*?:{$bbcode_uid}:?.*?\\]/si", '', $message);
$message = preg_replace('/\\[url\\]|\\[\\/url\\]/si', '', $message);
$message = preg_replace('/\\:[0-9a-z\\:]+\\]/si', ']', $message);
$message = unprepare_message($message);
$message = preg_replace('/(/', '(', $message);
$message = preg_replace('/)/', ')', $message);
$message = preg_replace('/:/', ':', $message);
if (count($orig_word)) {
$post_subject = preg_replace($orig_word, $replacement_word, $post_subject);
$message = str_replace('\\"', '"', substr(preg_replace('#(\\>(((?>([^><]+|(?R)))*)\\<))#se', "preg_replace(\$orig_word, \$replacement_word, '\\0')", '>' . $message . '<'), 1, -1));
}
$break = "\n";
$line = '-----------------------------------';
$download_file .= $break . $line . $break . $poster . $break . $post_date . $break . $break . $post_subject . $break . $line . $break . $message . $break;
}
$disp_folder = $download == -1 ? 'Topic_' . $topic_id : 'Post_' . $download;
$filename = $board_config['sitename'] . "_" . $disp_folder . "_" . date("Ymd", time()) . ".txt";
header('Content-Type: text/x-delimtext; name="' . $filename . '"');
header('Content-Disposition: attachment;filename=' . $filename);
function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$notify_user)
{
global $board_config, $lang, $db, $phpbb_root_path;
global $userdata, $user_ip;
$current_time = time();
if ($mode == 'delete') {
$delete_sql = !$post_data['first_post'] && !$post_data['last_post'] ? " AND user_id = " . $userdata['user_id'] : '';
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = {$topic_id}" . $delete_sql;
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
}
} else {
if ($mode == 'reply') {
$sql = "SELECT ban_userid \r\n\t\t\t\tFROM " . BANLIST_TABLE;
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql);
}
$user_id_sql = '';
while ($row = $db->sql_fetchrow($result)) {
if (isset($row['ban_userid'])) {
$user_id_sql = ', ' . $row['ban_userid'];
}
}
$sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title \r\n\t\t\t\tFROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u \r\n\t\t\t\tWHERE tw.topic_id = {$topic_id} \r\n\t\t\t\t\tAND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) \r\n\t\t\t\t\tAND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " \r\n\t\t\t\t\tAND t.topic_id = tw.topic_id \r\n\t\t\t\t\tAND u.user_id = tw.user_id";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql);
}
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
include $phpbb_root_path . 'includes/emailer.php';
$emailer = new emailer($board_config['smtp_delivery']);
$script_name = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path']));
$script_name = $script_name != '' ? $script_name . '/viewtopic.php' : 'viewtopic.php';
$server_name = trim($board_config['server_name']);
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://';
$server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/';
$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$update_watched_sql = '';
if ($row = $db->sql_fetchrow($result)) {
@set_time_limit(120);
$topic_title = preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title']));
do {
if ($row['user_email'] != '') {
$emailer->use_template('topic_notify', $row['user_lang']);
$emailer->email_address($row['user_email']);
$emailer->set_subject();
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array('EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 'USERNAME' => $row['username'], 'SITENAME' => $board_config['sitename'], 'TOPIC_TITLE' => $topic_title, 'U_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_POST_URL . "={$post_id}#{$post_id}", 'U_STOP_WATCHING_TOPIC' => $server_protocol . $server_name . $server_port . $script_name . '?' . POST_TOPIC_URL . "={$topic_id}&unwatch=topic"));
$emailer->send();
$emailer->reset();
$update_watched_sql .= $update_watched_sql != '' ? ', ' . $row['user_id'] : $row['user_id'];
}
} while ($row = $db->sql_fetchrow($result));
}
if ($update_watched_sql != '') {
$sql = "UPDATE " . TOPICS_WATCH_TABLE . "\r\n\t\t\t\t\tSET notify_status = " . TOPIC_WATCH_NOTIFIED . "\r\n\t\t\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\t\t\tAND user_id IN ({$update_watched_sql})";
$db->sql_query($sql);
}
}
$sql = "SELECT topic_id \r\n\t\t\tFROM " . TOPICS_WATCH_TABLE . "\r\n\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\tAND user_id = " . $userdata['user_id'];
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
if (!$notify_user && !empty($row['topic_id'])) {
$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "\r\n\t\t\t\tWHERE topic_id = {$topic_id}\r\n\t\t\t\t\tAND user_id = " . $userdata['user_id'];
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql);
}
} else {
if ($notify_user && empty($row['topic_id'])) {
$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)\r\n\t\t\t\tVALUES (" . $userdata['user_id'] . ", {$topic_id}, 0)";
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql);
}
}
}
}
}
function convert_torrent($torrent)
{
$topic_data = array("topic_id" => $torrent['topic_id'], "forum_id" => $torrent['category'], "topic_title" => $torrent['name'], "topic_poster" => $torrent['owner'], "topic_time" => $torrent['added'], "topic_views" => $torrent['views'], "topic_type" => $torrent['sticky'] == 'yes' ? 1 : 0, "topic_first_post_id" => $torrent['id'], "topic_last_post_id" => $torrent['id'], "topic_attachment" => 1, "topic_dl_type" => 1, "topic_last_post_time" => $torrent['added']);
tp_add_topic($topic_data);
$post_text = stripslashes(prepare_message(addslashes(unprepare_message($torrent['descr'])), true, true));
$post_data = array("posts" => array("post_id" => $torrent['post_id'], "topic_id" => $torrent['topic_id'], "forum_id" => $torrent['category'], "poster_id" => $torrent['owner'], "post_time" => $torrent['added'], "post_attachment" => 1), "posts_text" => array("post_id" => $torrent['post_id'], "post_text" => $post_text), "posts_search" => array("post_id" => $torrent['post_id'], "search_words" => $torrent['search_text']));
tp_add_post($post_data);
$attach_data = array("attachments" => array("attach_id" => $torrent['attach_id'], "post_id" => $torrent['post_id'], "user_id_1" => $torrent['owner']), "attachments_desc" => array("attach_id" => $torrent['attach_id'], "physical_filename" => $torrent['id'] . ".torrent", "real_filename" => $torrent['filename'], "extension" => "torrent", "mimetype" => "application/x-bittorrent", "filesize" => @filesize(get_attachments_dir() . '/' . $torrent['id'] . ".torrent"), "filetime" => $torrent['added'], "tracker_status" => 1));
tp_add_attach($attach_data);
//Torrents
if (BDECODE) {
$filename = get_attachments_dir() . '/' . $torrent['id'] . ".torrent";
if (!file_exists($filename)) {
return;
}
if (!function_exists('bdecode_file')) {
include_once './includes/functions_torrent.php';
}
$tor = bdecode_file($filename);
$info = $tor['info'] ? $tor['info'] : array();
$info_hash = pack('H*', sha1(bencode($info)));
$info_hash_sql = rtrim(DB()->escape($info_hash), ' ');
} else {
$info_hash_sql = hex2bin($torrent['info_hash']);
}
$torrent_data = array("info_hash" => $info_hash_sql, "post_id" => $torrent['post_id'], "poster_id" => $torrent['owner'], "topic_id" => $torrent['topic_id'], "forum_id" => $torrent['category'], "attach_id" => $torrent['attach_id'], "size" => $torrent['size'], "reg_time" => $torrent['added'], "complete_count" => $torrent['times_completed'], "seeder_last_seen" => $torrent['lastseed']);
$columns = $values = array();
foreach ($torrent_data as $column => $value) {
$columns[] = $column;
$values[] = "'" . DB()->escape($value) . "'";
}
$sql_columns = implode(', ', $columns);
$sql_values = implode(', ', $values);
DB()->query("INSERT IGNORE INTO " . BB_BT_TORRENTS . " ({$sql_columns}) VALUES({$sql_values});");
return;
}
function main($action)
{
global $db, $cache, $config, $template, $images, $theme, $user, $lang, $bbcode, $bbcode_tpl;
global $html_entities_match, $html_entities_replace, $unhtml_specialchars_match, $unhtml_specialchars_replace;
global $pafiledb_functions, $pafiledb_config, $view_pic_upload, $starttime, $post_image_lang;
@(include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT);
@(include_once IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
@(include_once IP_ROOT_PATH . PA_FILE_DB_PATH . 'functions_comment.' . PHP_EXT);
$file_id = request_var('file_id', 0);
if (empty($file_id)) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
define('IN_PA_POSTING', true);
define('IN_ICYPHOENIX', true);
// BBCBMG - BEGIN
include IP_ROOT_PATH . 'includes/bbcb_mg.' . PHP_EXT;
// BBCBMG - END
// BBCBMG SMILEYS - BEGIN
generate_smilies('inline');
include IP_ROOT_PATH . 'includes/bbcb_smileys_mg.' . PHP_EXT;
// BBCBMG SMILEYS - END
// MX Addon
$cid = request_var('cid', 0);
$delete = request_var('delete', '');
$submit = isset($_POST['submit']) ? true : false;
$preview = isset($_POST['preview']) ? true : false;
$subject = request_post_var('subject', '', true);
$message = request_post_var('message', '', true);
$sql = "SELECT file_name, file_catid\n\t\t\tFROM " . PA_FILES_TABLE . "\n\t\t\tWHERE file_id = '" . $file_id . "'";
$result = $db->sql_query($sql);
if (!($file_data = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$db->sql_freeresult($result);
if (!$this->auth[$file_data['file_catid']]['auth_post_comment']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=post_comment&file_id=' . $file_id, true));
}
$message = sprintf($lang['Sorry_auth_download'], $this->auth[$file_data['file_catid']]['auth_post_comment_type']);
message_die(GENERAL_MESSAGE, $message);
}
$html_on = $user->data['user_allowhtml'] && $pafiledb_config['allow_html'] ? 1 : 0;
$bbcode_on = $user->data['user_allowbbcode'] && $pafiledb_config['allow_bbcode'] ? 1 : 0;
$smilies_on = $user->data['user_allowsmile'] && $pafiledb_config['allow_smilies'] ? 1 : 0;
// =======================================================
// MX Addon
// =======================================================
if ($delete == 'do') {
$sql = 'SELECT *
FROM ' . PA_FILES_TABLE . "\n\t\t\t\tWHERE file_id = {$file_id}";
$result = $db->sql_query($sql);
$file_info = $db->sql_fetchrow($result);
if ($this->auth[$file_info['file_catid']]['auth_delete_comment'] && $file_info['user_id'] == $user->data['user_id'] || $this->auth[$file_info['file_catid']]['auth_mod']) {
$sql = 'DELETE FROM ' . PA_COMMENTS_TABLE . "\n\t\t\t\t\tWHERE comments_id = {$cid}";
$db->sql_query($sql);
$this->_pafiledb();
$message = $lang['Comment_deleted'] . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
} else {
$message = sprintf($lang['Sorry_auth_delete'], $this->auth[$cat_id]['auth_upload_type']);
message_die(GENERAL_MESSAGE, $message);
}
}
if (!$submit) {
// Generate smilies listing for page output
//$pafiledb_functions->pa_generate_smilies('inline');
$html_status = $user->data['user_allowhtml'] && $pafiledb_config['allow_html'] ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
$bbcode_status = $user->data['user_allowbbcode'] && $pafiledb_config['allow_bbcode'] ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
$smilies_status = $user->data['user_allowsmile'] && $pafiledb_config['allow_smilies'] ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
$links_status = $pafiledb_config['allow_comment_links'] ? $lang['Links_are_ON'] : $lang['Links_are_OFF'];
$images_status = $pafiledb_config['allow_comment_images'] ? $lang['Images_are_ON'] : $lang['Images_are_OFF'];
$hidden_form_fields = '<input type="hidden" name="action" value="post_comment" /><input type="hidden" name="file_id" value="' . $file_id . '" /><input type="hidden" name="comment" value="post" />';
// Output the data to the template
$this->generate_category_nav($file_data['file_catid']);
$template->assign_vars(array('HTML_STATUS' => $html_status, 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid('faq.' . PHP_EXT . '?mode=bbcode') . '" target="_blank">', '</a>'), 'SMILIES_STATUS' => $smilies_status, 'LINKS_STATUS' => $links_status, 'IMAGES_STATUS' => $images_status, 'FILE_NAME' => $file_data['file_name'], 'DOWNLOAD' => $pafiledb_config['settings_dbname'], 'MESSAGE_LENGTH' => $pafiledb_config['max_comment_chars'], 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'L_COMMENT_ADD' => $lang['Comment_add'], 'L_COMMENT' => $lang['Message_body'], 'L_COMMENT_TITLE' => $lang['Subject'], 'L_OPTIONS' => $lang['Options'], 'L_COMMENT_EXPLAIN' => sprintf($lang['Comment_explain'], $pafiledb_config['max_comment_chars']), 'L_PREVIEW' => $lang['Preview'], 'L_SUBMIT' => $lang['Submit'], 'L_DOWNLOAD' => $lang['Download'], 'L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_CHECK_MSG_LENGTH' => $lang['Check_message_length'], 'L_MSG_LENGTH_1' => $lang['Msg_length_1'], 'L_MSG_LENGTH_2' => $lang['Msg_length_2'], 'L_MSG_LENGTH_3' => $lang['Msg_length_3'], 'L_MSG_LENGTH_4' => $lang['Msg_length_4'], 'L_MSG_LENGTH_5' => $lang['Msg_length_5'], 'L_MSG_LENGTH_6' => $lang['Msg_length_6'], 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'U_FILE_NAME' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id), 'S_POST_ACTION' => append_sid('dload.' . PHP_EXT), 'S_HIDDEN_FORM_FIELDS' => $hidden_form_fields));
// Show preview stuff if user clicked preview
if ($preview) {
$comments_text = stripslashes(prepare_message(addslashes(unprepare_message($message)), $html_on, $bbcode_on, $smilies_on));
$title = $subject;
$title = censor_text($title);
$comments_text = censor_text($comments_text);
$bbcode->allow_html = $html_on ? true : false;
$bbcode->allow_bbcode = $bbcode_on ? true : false;
$bbcode->allow_smilies = $smilies_on ? true : false;
$comments_text = $bbcode->parse($comments_text);
//bbcode parser End
$comments_text = str_replace("\n", '<br />', $comments_text);
$template->assign_vars(array('PREVIEW' => true, 'COMMENT' => stripslashes($_POST['message']), 'SUBJECT' => stripslashes($_POST['subject']), 'PRE_COMMENT' => $comments_text));
}
}
if ($submit) {
$subject = request_post_var('subject', '', true);
$message = request_post_var('message', '', true);
$message = htmlspecialchars_decode($message, ENT_COMPAT);
$length = strlen($message);
//$comments_text = str_replace('<br />', "\n", $message);
$comments_text = $message;
$poster_id = intval($user->data['user_id']);
$title = $subject;
$time = time();
if ($length > $pafiledb_config['max_comment_chars']) {
message_die(GENERAL_ERROR, 'Your comment is too long!<br />The maximum length allowed in characters is ' . $pafiledb_config['max_comment_chars'] . '');
}
$sql = 'INSERT INTO ' . PA_COMMENTS_TABLE . "(file_id, comments_text, comments_title, comments_time, poster_id)\n\t\t\t\tVALUES({$file_id}, '" . $db->sql_escape($comments_text) . "','" . $db->sql_escape($title) . "', {$time}, {$poster_id})";
$db->sql_query($sql);
$message = $lang['Comment_posted'] . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$this->display($lang['Download'], 'pa_comment_posting.tpl');
}