$too_early = $_SERVER['REQUEST_TIME'] - FLOOD_CONTROL_REPLY; $res=DB::Execute(sprintf('SELECT 1 FROM {P}PMs WHERE pmFrom = \'%s\' AND pmDateSent > %d',$_SERVER['REMOTE_ADDR'], $too_early)); if($res->RecordCount() > 0) { add_error('Wait at least ' . FLOOD_CONTROL_REPLY . ' seconds between each reply. '); } //Check inputs list($_POST['title'],$_POST['body'])=Check4Filtered($_POST['title'],$_POST['body']); $reply=new PM(); $reply->To = $_POST['to']; $reply->Thread = intval($_POST['thread']); $reply->From =$User->ID; $reply->Title = $_POST['title']; $reply->Body = $_POST['body']; $reply->Save(); $_SESSION['notice']='PM sent.'; break; } switch(Path::FetchIndex(0)) { default: case 'list': $page_title='List Private Messages'; $_SESSION['LastReadPMs']=time(); $res=DB::Execute("SELECT pmID,pmThread,pmTitle,pmDateSent,pmFrom,pmFlags FROM {P}PMs WHERE pmTo='{$User->ID}' AND (pmFlags&1)=0 ORDER BY pmDateSent DESC"); $pms=array(); while(list($id,$thread,$title,$date,$from,$flags)=$res->FetchRow()) { if(!array_key_exists($thread,$pms))