$status = tag2value('points', $_SESSION['user']['points'], $status);
$content .= $status;
// ressourcen berechnen und ausgeben
$ressis = ressistand($_SESSION[user][omni]);
$content .= $ressis['html'];
if ($_POST['del'] == 1) {
delmsgs($_POST);
}
if ($_GET['action'] == 'inbox') {
$content .= inbox();
$content = tag2value('box', 'Posteingang:', $content);
} elseif ($_GET['action'] == 'outbox') {
$content .= outbox();
$content = tag2value('box', 'Postausgang:', $content);
} else {
$content .= inbox();
$content = tag2value('box', 'Posteingang', $content);
}
function inbox()
{
// mit datenbank verbinden
$dbh = db_connect();
$result = mysql_query("SELECT * FROM `nachrichten` WHERE `to` = '" . $_SESSION['user']['omni'] . "';");
$count = mysql_num_rows($result) / 20;
$count = explode('.', $count);
$c = $count[0];
if ($count[1] != 0) {
$c++;
}
if (!$_GET['page']) {
$_GET['page'] = 1;
function writebody()
{
global $db, $domain, $suserid, $sitename, $cachelife, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid;
if (!isset($suserid)) {
echo '<div class="error">Please login.</div>';
exit;
}
function inbox()
{
global $db, $domain, $userid;
$w = $db->query("SELECT * FROM fas_messages WHERE to_userid='{$userid}' ORDER BY datesent DESC");
echo '<h2>Messages</h2>
<table width="100%" border="0" align="center">
<tr>
<th class="header">#</th>
<th class="header">Details</th>
<th class="header">Status</th>
<th class="header">Options</th>
</tr>
';
while ($iw = $db->fetch_row($w)) {
if ($iw['status'] == 0) {
$status = '<font color="green">Unread</font>';
} else {
$status = '<font color="red">Read</font>';
}
$gr = $db->fetch_row($db->query("SELECT userid, username FROM fas_users WHERE userid='{$iw['from_userid']}'"));
echo ' <tr>
<td class="content"><div align="center">' . $iw['ID'] . '</div></td>
<td class="content"><small>
Subject: ' . $iw['subject'] . '<br />
Date: ' . date('d/m/Y', $iw['datesent']) . '<br />
From: ' . $gr['username'] . '<br />
</small></td>
<td class="content"><div align="center">' . $status . '</div></td>
<td class="content" align="center">
<div align="center">
[<a href="' . $domain . '/index.php?action=messages&case=delete&ID=' . $iw['ID'] . '">Delete</a> -
<a href="' . $domain . '/index.php?action=messages&case=read&ID=' . $iw['ID'] . '">Read</a>]</div></td>
</tr>';
}
echo '</table>
<br />
<div align="center">
<a href="' . $domain . '/index.php?action=messages&case=deleteall">Delete All</a>
</div>';
}
function read()
{
global $db, $domain, $template, $userid;
$ID = abs((int) $_GET['ID']);
$ir = $db->query("SELECT * FROM dd_messages WHERE to_userid='{$userid}' AND ID='{$ID}'");
$or = $db->fetch_row($ir);
if (!$db->num_rows($ir)) {
echo 'Either you do not own that message or it does not exist.';
include 'templates/' . $template . '/footer.php';
exit;
}
$db->query("UPDATE fas_messages SET status='1' WHERE ID='{$ID}'");
$ud = $db->fetch_row($db->query("SELECT username, userid FROM fas_users WHERE userid='{$or['from_userid']}'"));
$message = str_replace('\\n', '<br />', $or['content']);
$replysubject = 'Re: ' . $or['subject'];
echo '<table width="95%" border="0" align="center">
<tr>
<td class="header" width="30%">Message From:</td>
<td class="content">' . $ud['username'] . '</td>
</tr>
<tr>
<td class="header">Subject Details</td>
<td class="content">' . $or['subject'] . '<br /><small>' . date('d/m/Y', $or['datesent']) . '</small></td>
</tr>
<tr>
<td class="header" colspan="2"><div align="center">Message</div></td>
</tr>
<tr>
<td class="content" colspan="2" valign="top">' . $message . '</td>
</tr>
</table>
<table width="95%" border="0" align="center">
<tr>
<td class="header" colspan="2">Quick Reply</td></tr>
<tr>
<td class="content" colspan="2">
<form action="' . $domain . '/index.php?action=messages&case=reply&;ID=' . $or['from_userid'] . '" method="post">
<textarea cols="50" rows="6" name="message"></textarea><br>
<input name="to" value="' . $or['from_userid'] . '" type="hidden">
<input size="37" name="subject" value="' . $replysubject . '" type="hidden">
<input name="submit" value="Send" type="submit">
</form>
</td>
</tr>
<td class="header" colspan="2">Your Conversation with ' . $ud['username'] . '.</td>
</table>
<table width="95%" border="0" align="center">
<tr>
<th class="header">From/Date</th>
<th class="header">Message</th>
</tr>';
$senderid = $or['from_userid'];
$tt = $db->query("SELECT * FROM fas_messages WHERE to_userid='{$userid}' AND from_userid='{$senderid}' ORDER BY datesent DESC") or die(mysql_error());
while ($row = mysql_fetch_array($tt)) {
$op = $db->fetch_row($db->query("select username from fas_users where userid='{$row['from_userid']}'"));
echo ' <tr align="center">
<td class="content">' . $op['username'] . '
<br /><small>On: ' . date('d/m/Y', $row['datesent']) . '</small></td>
<td class="content">' . $row['content'] . '</td>
</tr>';
}
echo '</table>';
}
function reply()
{
global $userid, $domain, $db;
$to = abs((int) $_POST['to']);
$message = clean($_POST['message']);
$subject = clean($_POST['subject']);
if (!$to || !$message) {
echo "All fields must be filled in!";
include 'templates/' . $template . '/footer.php';
exit;
}
$date = time();
$db->query("INSERT INTO dd_messages SET\nfrom_userid='{$userid}',\nto_userid='{$to}',\nsubject='{$subject}',\ncontent = '{$message}',\nstatus = '0',\ndatesent='{$date}'");
echo 'Message sent.';
}
function compose()
{
global $userid, $domain, $db, $template;
if (isset($_POST['submit'])) {
$to = abs((int) $_POST['to']);
$message = clean($_POST['message']);
$subject = clean($_POST['subject']);
if (!$to || !$message) {
echo "All fields must be filled in!";
include 'templates/' . $template . '/footer.php';
exit;
}
$date = time();
$db->query("INSERT INTO fas_messages SET\nfrom_userid='{$userid}',\nto_userid='{$to}',\nsubject='{$subject}',\ncontent = '{$message}',\nstatus = '0',\ndatesent='{$date}'");
echo 'Message sent.';
include 'templates/' . $template . '/footer.php';
exit;
}
if ($to == '') {
$to = '';
} else {
$to = $ID;
}
echo '
<form action="' . $domain . '/index.php?action=messages&case=compose" method="POST">
<table width="95%" border="0" align="center">
<tr>
<td class="header" width="30%">To (Userid#):</td>
<td class="content" width="30%"><input type="text" name="to" value="' . $to . '" size="35"></td>
</tr>
<tr>
<td class="header" width="30%">Subject:</td>
<td class="content" width="30%"><input type="text" name="subject" value="[No Subject]" size="35"></td>
</tr>
<tr>
<td colspan="2" class="header" align="center">Message</td>
</tr>
<tr>
<td colspan="2" class="content">
<textarea cols="65" rows="6" name="message"></textarea>
</td>
</tr>
<tr>
<td colspan="2" align="center" class="content"><input type="submit" name="submit" value="Send"></td>
</tr>
</table>
</form> ';
}
function delete()
{
$ID = abs((int) $_GET['ID']);
global $db, $userid;
$db->query("DELETE FROM fas_messages WHERE ID='{$ID}' AND to_userid='{$userid}'");
echo 'Deleted.';
}
function deleteall()
{
global $db, $userid;
$db->query("DELETE FROM fas_messages WHERE to_userid='{$userid}'");
}
$userid = $suserid;
echo ' <table align="center">
<tr>
<td class="content"><a href="' . $domain . '/index.php?action=messages&case=compose">Compose</a></td>
<td class="content"><a href="' . $domain . '/index.php?action=messages&case=deleteall">Delete All</a></td>
<td class="content"><a href="' . $domain . '/index.php?action=messages">Messages Home</a></td>
</tr>
</table>';
switch ($_GET['case']) {
default:
inbox();
break;
case 'compose':
compose();
break;
case 'reply':
reply();
break;
case 'read':
read();
break;
case 'delete':
delete();
break;
case 'deleteall':
deleteall();
break;
}
}
$userid = $suserid;
echo '
<table align="center">
<tr>
<td class="content"><a href="' . $domain . '/index.php?action=messages&case=compose">Compose</a></td>
<td class="content"><a href="' . $domain . '/index.php?action=messages&case=deleteall">Delete All</a></td>
<td class="content"><a href="' . $domain . '/index.php?action=messages">Messages Home</a></td>
</tr>
</table>';
if (!isset($_GET['case'])) {
$_GET['case'] = NULL;
}
switch ($_GET['case']) {
default:
inbox();
break;
case 'compose':
compose();
break;
case 'reply':
reply();
break;
case 'read':
read();
break;
case 'delete':
delete();
break;
case 'deleteall':
deleteall();
