redirect(FUSION_SELF . "?section=pm&folder=inbox");
}
}
if (!$error) {
$result = dbquery("SELECT COUNT(message_id) AS outbox_count, MIN(message_id) AS last_message FROM " . DB_MESSAGES . "\n\t\t\tWHERE message_to='" . $userdata['user_id'] . "' AND message_folder='1' GROUP BY message_to");
$cdata = dbarray($result);
if ($my_settings['pm_save_sent']) {
if ($msg_settings['pm_sentbox'] != "0" && $cdata['outbox_count'] + 1 > $msg_settings['pm_sentbox']) {
$result = dbquery("DELETE FROM " . DB_MESSAGES . " WHERE message_id='" . $cdata['last_message'] . "' AND message_to='" . $userdata['user_id'] . "'");
}
if (isset($_POST['chk_sendtoall']) && isnum($_POST['msg_to_group'])) {
$outbox_user = $userdata['user_id'];
} else {
$outbox_user = $_GET['msg_send'];
}
if (!checkIgnore($_GET['msg_send'])) {
$result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $userdata['user_id'] . "','" . $outbox_user . "','" . $subject . "','" . $message . "','" . $smileys . "','1','" . time() . "','1')");
}
}
}
redirect(FUSION_SELF . "?section=pm&folder=inbox" . ($error ? "&error={$error}" : ""));
}
if (isset($_GET['error'])) {
if ($_GET['error'] == "1") {
$message = $locale['629'];
} elseif ($_GET['error'] == "2") {
$message = $locale['628'];
}
add_to_title($locale['global_201'] . $locale['627']);
openSection($locale['627']);
echo "<div style='text-align:center'>" . $message . "</div>\n";
$data = dbarray($result);
$in_group = dbrows(dbquery("SELECT * FROM " . DB_USERS . " WHERE user_groups REGEXP('^\\\\.{$data['group_id']}\$|\\\\.{$data['group_id']}\\\\.|\\\\.{$data['group_id']}\$') or user_groups='" . $data['group_id'] . "' and user_id='" . $userdata['user_id'] . "'"));
if (isset($_POST['goInvite']) && $in_group) {
foreach ($_POST as $user => $invite) {
if (!ereg("user_", $user)) {
continue;
}
if (!$invite) {
continue;
}
$to = str_replace("user_", "", $user);
$from = $userdata['user_id'];
$group = $data['group_id'];
$already_in_group = dbrows(dbquery("SELECT * FROM " . DB_USERS . " WHERE user_groups REGEXP('^\\\\.{$data['group_id']}\$|\\\\.{$data['group_id']}\\\\.|\\\\.{$data['group_id']}\$') or user_groups='" . $data['group_id'] . "' and user_id='{$to}'"));
$already_invited = dbcount("(invite_to)", DB_PREFIX . "fb_invites", "invite_to='{$to}' and invite_group='{$group}'");
if (!$already_in_group && !$already_invited && !checkIgnore($to)) {
$result = dbquery("insert into " . DB_PREFIX . "fb_invites (invite_to,invite_from,invite_group) VALUES('{$to}', '{$from}', '{$group}')");
$subject = $locale['uc312'] . "\"" . stripslash($data['group_name']) . "\"";
$message = str_replace("{1}", $settings['siteurl'] . "infusions/fusionboard4/usercp.php?section=requests", $locale['uc313']);
sendMessage($to, $from, $subject, $message);
}
}
redirect(FUSION_SELF . "?section=groups&members=" . $_GET['members'] . "&status=sent");
}
if (isset($_GET['status']) && $_GET['status'] == "sent") {
echo "<tr>\n<td class='tbl1' style='padding:20px; text-align:center; font-weight:bold;' colspan='2'>" . $locale['uc314'] . "</td>\n</tr>\n";
}
echo "<tr>\n<td class='forum-caption' style='padding-left:7px;padding-right:7px;'" . (iMEMBER ? " colspan='2'" : "") . "'>\n";
echo "<div style='float:right;font-weight:normal;'><a href='" . FUSION_SELF . "?section=groups&view=" . $data['group_id'] . "'>" . $locale['uc309'] . "</a></div>\n";
echo stripslash($data['group_name']) . "</td>\n</tr>\n";
$total = dbquery("SELECT * FROM " . DB_USERS . " WHERE user_groups REGEXP('^\\\\.{$data['group_id']}\$|\\\\.{$data['group_id']}\\\\.|\\\\.{$data['group_id']}\$') or user_groups='" . $data['group_id'] . "' ORDER BY user_level DESC, user_name limit 10");
/* User CP -> Buddies */
} elseif ($section == "buddies" && $fb4['buddy_enable']) {
if (isset($_POST['username'])) {
$username = stripinput($_POST['username']);
if ($username == $userdata['user_name']) {
redirect(FUSION_SELF . "?section=buddies&status=notfound");
}
$rows = dbcount("(user_id)", DB_USERS, "user_name='{$username}'");
if (!$rows) {
redirect(FUSION_SELF . "?section=buddies&status=notfound");
}
$data = dbarray(dbquery("select * from " . DB_USERS . " where user_name='{$username}'"));
if (dbcount("(buddy_id)", DB_PREFIX . "fb_buddies", "(buddy_user='******'user_id'] . "' and buddy_buddy='" . $data['user_id'] . "') or \n\t\t\t\t(buddy_user='******'user_id'] . "' and buddy_buddy='" . $userdata['user_id'] . "')")) {
redirect(FUSION_SELF . "?section=buddies");
}
if (!checkIgnore($data['user_id'])) {
$result = dbquery("insert into " . DB_PREFIX . "fb_buddies (buddy_user, buddy_buddy, buddy_approved, buddy_request) values('" . $userdata['user_id'] . "', '" . $data['user_id'] . "', '0', '" . time() . "')");
$subject = $locale['uc238'] . $userdata['user_name'];
$message = $locale['uc239'];
$message = str_replace(array("{USER}", "{URL}"), array($userdata['user_name'], $settings['siteurl'] . "infusions/fusionboard4/usercp.php?section=buddies"), $message);
$result = dbquery("insert into " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) \n\t\t\t\t\tVALUES('" . $data['user_id'] . "', '" . $userdata['user_id'] . "', '{$subject}', '{$message}', '0', '0', '" . time() . "', '0')");
}
redirect(FUSION_SELF . "?section=buddies&status=sent");
}
if (isset($_GET['accept']) && isNum($_GET['accept'])) {
$rows = dbcount("(buddy_id)", DB_PREFIX . "fb_buddies", "buddy_id='" . $_GET['accept'] . "' and buddy_buddy='" . $userdata['user_id'] . "'");
if (!$rows) {
redirect(FUSION_SELF . "?section=buddies");
}
$query = dbquery("update " . DB_PREFIX . "fb_buddies set buddy_approved='1', buddy_added='" . time() . "' where buddy_id='" . $_GET['accept'] . "'");
if ($query) {
