function sendphpbbpm($pmmessage, $groupid, $pmsubject) { include_once 'forum/includes/functions_privmsgs.php'; $message = utf8_normalize_nfc($pmmessage); $uid = $bitfield = $options = ''; $allow_bbcode = $allow_smilies = true; $allow_urls = true; generate_text_for_storage($message, $uid, $bitfield, $options, $allow_bbcode, $allow_urls, $allow_smilies); $pm_data = array('from_user_id' => 2, 'from_user_ip' => "127.0.0.1", 'from_username' => "Raid Admin", 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'message' => $message, 'address_list' => array('g' => array($groupid => 'to'))); submit_pm('post', $pmsubject, $pm_data, false); }
/** User PM welcome message */ private function user_welcome($user_to, $user_id, $subject, $text) { $m_flags = 3; // 1 is bbcode, 2 is smiles, 4 is urls (add together to turn on more than one) $uid = $bitfield = ''; $allow_bbcode = $allow_urls = $allow_smilies = true; $text = str_replace('{USERNAME}', $this->user->data['username'], $text); generate_text_for_storage($text, $uid, $bitfield, $m_flags, $allow_bbcode, $allow_urls, $allow_smilies); include_once $this->phpbb_root_path . 'includes/functions_privmsgs.' . $this->php_ext; $pm_data = array('address_list' => array('u' => array($user_to => 'to')), 'from_user_id' => $user_id, 'from_user_ip' => $this->user->ip, 'enable_sig' => false, 'enable_bbcode' => $allow_bbcode, 'enable_smilies' => $allow_smilies, 'enable_urls' => $allow_urls, 'icon_id' => 0, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'message' => utf8_normalize_nfc($text)); submit_pm('post', utf8_normalize_nfc($subject), $pm_data, false); }
/** * Run the tool */ function run_tool() { global $cache, $config, $db, $user; // Prevent some errors from missing language strings. $user->add_lang('posting'); // Define some vars that we'll need $last_batch = false; $reparse_id = request_var('reparseids', ''); $reparse_pm_id = request_var('reparsepms', ''); $reparse_forum_ids = request_var('reparseforums', array(0)); $create_backup = request_var('create_backup', false); $all = request_var('reparseall', false); $mode = request_var('mode', BBCODE_REPARSE_POSTS); $step = request_var('step', 0); $start = $step * $this->step_size; $cnt = 0; if (sizeof($reparse_forum_ids)) { $reparse_id = ''; $sql_forum_where = ' WHERE ' . $db->sql_in_set('forum_id', $reparse_forum_ids); } if (!sizeof($reparse_forum_ids) && !$reparse_id && !$reparse_pm_id && !$all && $step == 0) { trigger_error('REPARSE_IDS_EMPTY', E_USER_WARNING); } // If post IDs or PM IDs were specified, we need to make sure the list is valid. $reparse_posts = array(); $reparse_pms = array(); if (!empty($reparse_id)) { $reparse_posts = explode(',', $reparse_id); $reparse_forum_ids = array(); if (!sizeof($reparse_posts)) { trigger_error('REPARSE_IDS_INVALID', E_USER_WARNING); } // Make sure there's no extra whitespace array_walk($reparse_posts, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_posts', $reparse_posts); } else { if ($mode == BBCODE_REPARSE_POSTS) { if (($result = $cache->get('_stk_reparse_posts')) !== false) { $reparse_posts = $result; } } } if (!empty($reparse_pm_id)) { $reparse_pms = explode(',', $reparse_pm_id); if (!sizeof($reparse_pms)) { trigger_error('REPARSE_IDS_INVALID'); } if (!$all) { $mode = BBCODE_REPARSE_PMS; } // Again, make sure the format is okay array_walk($reparse_pms, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_pms', $reparse_pms); } else { if ($mode == BBCODE_REPARSE_PMS) { if (($result = $cache->get('_stk_reparse_pms')) !== false) { $reparse_pms = $result; } } } // The message parser if (!class_exists('parse_message')) { global $phpbb_root_path, $phpEx; // required! include PHPBB_ROOT_PATH . 'includes/message_parser.' . PHP_EXT; } // Posting helper functions if ($mode == BBCODE_REPARSE_POSTS && !function_exists('submit_post')) { include PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT; } // PM helper function if ($mode == BBCODE_REPARSE_PMS && !function_exists('submit_pm')) { include PHPBB_ROOT_PATH . 'includes/functions_privmsgs.' . PHP_EXT; } // First step? Prepare the backup if ($create_backup && $step == 0 && $mode == BBCODE_REPARSE_POSTS) { $this->_prepare_backup(); } // Greb our batch $bitfield = $all ? true : false; // The MSSQL DBMS doesn't break correctly out of the loop // when it is finished reparsing the last post. Therefore // we'll have to find out manually whether the tool is // finished, and if not how many objects it can select // if ($this->step_size * $step > 'maxrows') // #62822 // First the easiest, the user selected certain posts/pms if (!empty($reparse_posts) || !empty($reparse_pms)) { $this->step_size = !empty($reparse_posts) ? sizeof($reparse_posts) : sizeof($reparse_pms); // This is always done in one go $last_batch = true; } else { // Get the total $this->max = request_var('rowsmax', 0); if ($this->max == 0) { switch ($mode) { case BBCODE_REPARSE_POSTS: $ccol = 'post_id'; $ctab = POSTS_TABLE; $bbf = 'bbcode_bitfield'; break; case BBCODE_REPARSE_PMS: $ccol = 'msg_id'; $ctab = PRIVMSGS_TABLE; $bbf = 'bbcode_bitfield'; break; case BBCODE_REPARSE_SIGS: $ccol = 'user_id'; $ctab = USERS_TABLE; $bbf = 'user_sig_bbcode_bitfield'; break; } $sql_where = $bitfield === false ? '' : "WHERE {$bbf} <> ''"; $sql = "SELECT COUNT({$ccol}) AS cnt\n\t\t\t\t\tFROM {$ctab}\n\t\t\t\t\t{$sql_where}{$sql_forum_where}"; $result = $db->sql_query($sql); $this->max = $db->sql_fetchfield('cnt', false, $result); $db->sql_freeresult($result); } // Change step_size if needed if ($start + $this->step_size > $this->max) { $this->step_size = $this->max - $start; // Make sure that the loop is finished $last_batch = true; if (!$reparse_id) { // Done! $cache->destroy('_stk_reparse_posts'); $cache->destroy('_stk_reparse_pms'); trigger_error($user->lang['REPARSE_BBCODE_COMPLETE']); } } } switch ($mode) { case BBCODE_REPARSE_POSTS: if (sizeof($reparse_forum_ids)) { $sql_where = ' AND ' . $db->sql_in_set('f.forum_id', $reparse_forum_ids); } else { if (sizeof($reparse_posts)) { $sql_where = ' AND ' . $db->sql_in_set('p.post_id', $reparse_posts); } else { $sql_where = ''; } } $sql_ary = array('SELECT' => 'f.forum_id, f.enable_indexing, f.forum_name, p.post_id, p.poster_id, p.icon_id, p.post_text, p.post_subject, p.post_username, p.post_time, p.post_edit_reason, p.bbcode_uid, p. bbcode_bitfield, p.post_checksum, p.enable_sig, p.post_edit_locked, p.enable_bbcode, p.enable_magic_url, p.enable_smilies, p.post_attachment, p.post_edit_user, t.topic_id, t.topic_first_post_id, t.topic_last_post_id, t.topic_type, t.topic_status, t.topic_title, t.poll_title, t.topic_time_limit, t.poll_start, t.poll_length, t.poll_max_options, t.poll_last_vote, t.poll_vote_change, t.topic_posts_approved, topic_posts_unapproved, topic_posts_softdeleted, u.username', 'FROM' => array(FORUMS_TABLE => 'f', POSTS_TABLE => 'p', TOPICS_TABLE => 't', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "p.bbcode_bitfield <> '' AND " : '') . 't.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id' . $sql_where . ''); break; case BBCODE_REPARSE_PMS: $sql_ary = array('SELECT' => 'pm.*, u.username AS author_name', 'FROM' => array(PRIVMSGS_TABLE => 'pm', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "pm.bbcode_bitfield <> '' AND " : '') . 'u.user_id = pm.author_id' . (sizeof($reparse_pms) ? ' AND ' . $db->sql_in_set('pm.msg_id', $reparse_pms) : '')); break; case BBCODE_REPARSE_SIGS: $sql_ary = array('SELECT' => 'u.*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => $bitfield ? "u.user_sig_bbcode_bitfield <> ''" : ''); break; } $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query_limit($sql, $this->step_size, $start); $batch = $db->sql_fetchrowset($result); $db->sql_freeresult($result); // Backup if ($create_backup && $mode == BBCODE_REPARSE_POSTS) { $this->_backup($batch); } // User object used to store a second user object used when parsing signatures. (#62451) $_user2 = new \phpbb\user(''); // Walk through the batch foreach ($batch as $this->data) { // The flags for signatures are hidden inside the user options. if ($mode == BBCODE_REPARSE_SIGS) { // Set the options $this->data['enable_bbcode'] = $_user2->optionget('sig_bbcode', $this->data['user_options']); $this->data['enable_magic_url'] = $_user2->optionget('sig_links', $this->data['user_options']); $this->data['enable_smilies'] = $_user2->optionget('sig_smilies', $this->data['user_options']); } // Update the post flags $this->flags['enable_bbcode'] = $config['allow_bbcode'] ? $this->data['enable_bbcode'] : false; $this->flags['enable_magic_url'] = $config['allow_post_links'] ? $this->data['enable_magic_url'] : false; $this->flags['enable_smilies'] = $this->data['enable_smilies'] ? true : false; $this->flags['img_status'] = $config['allow_bbcode'] ? true : false; $this->flags['flash_status'] = $config['allow_bbcode'] && $config['allow_post_flash'] ? true : false; $this->flags['enable_urls'] = $config['allow_post_links'] ? true : false; // Reparse them! $pm_data = $post_data = $sig_data = array(); switch ($mode) { case BBCODE_REPARSE_POSTS: // Setup the parser $this->message_parser = new parse_message($this->data['post_text']); unset($this->data['post_text']); // Reparse the post $this->_reparse_post($post_data); // Set post_username // post_username is either empty or contains guest username. // If empty post username and if p.poster_id is not ANONYMOUS, use u.username else leave as it is. // Bug #62889 $username = ''; if ($this->data['poster_id'] == ANONYMOUS) { $username = !empty($this->data['post_username']) ? trim($this->data['post_username']) : ''; } else { $username = $this->data['username']; } // Re-submit the post through API submit_post('edit', $this->data['post_subject'], $username, $this->data['topic_type'], $this->poll, $post_data, true, true); break; case BBCODE_REPARSE_PMS: // Setup the parser $this->message_parser = new parse_message($this->data['message_text']); unset($this->data['post_text']); // Reparse the pm $this->_reparse_pm($pm_data); // Re-submit the pm through the API submit_pm('edit', $this->data['message_subject'], $pm_data, false); break; case BBCODE_REPARSE_SIGS: // SEtup the parser $this->message_parser = new parse_message($this->data['user_sig']); unset($this->data['user_sig']); // Reparse the sig $this->_reparse_sig($sig_data); // Insert back into the db $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sig_data) . ' WHERE user_id = ' . (int) $this->data['user_id']; $db->sql_query($sql); break; } // Unset some vars so the next round starts clean $this->message_parser = null; $this->poll_parser = null; unset($this->poll, $post_data, $pm_data); $this->flags = array_fill_keys(array_keys($this->flags), false); $_user2->keyvalues = array(); } // Finished? if ($last_batch && ($mode == BBCODE_REPARSE_SIGS || !$all)) { // Done! $cache->destroy('_stk_reparse_posts'); $cache->destroy('_stk_reparse_pms'); trigger_error($user->lang['REPARSE_BBCODE_COMPLETE']); } else { if ($last_batch) { // Move to the next type $this->_next_step(0, $mode, true); } } // Next step $this->_next_step($step, $mode); }
/** * Insert the warning into the database */ function add_warning($user_row, $warning, $send_pm = true, $post_id = 0) { global $phpEx, $phpbb_root_path, $config; global $template, $db, $user, $auth; if ($send_pm) { include_once($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx); include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx); $user_row['user_lang'] = (file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mcp.$phpEx")) ? $user_row['user_lang'] : $config['default_lang']; include($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp.$phpEx"); $message_parser = new parse_message(); $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning); $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array( 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($user_row['user_id'] => 'to')), ); submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false); } add_log('admin', 'LOG_USER_WARNING', $user_row['username']); $log_id = add_log('user', $user_row['user_id'], 'LOG_USER_WARNING_BODY', $warning); $sql_ary = array( 'user_id' => $user_row['user_id'], 'post_id' => $post_id, 'log_id' => $log_id, 'warning_time' => time(), ); $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_warnings = user_warnings + 1, user_last_warning = ' . time() . ' WHERE user_id = ' . $user_row['user_id']; $db->sql_query($sql); // We add this to the mod log too for moderators to see that a specific user got warned. $sql = 'SELECT forum_id, topic_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); add_log('mod', $row['forum_id'], $row['topic_id'], 'LOG_USER_WARNING', $user_row['username']); }
/** * Compose private message * Called from ucp_pm with mode == 'compose' */ function compose_pm($id, $mode, $action, $user_folders = array()) { global $template, $db, $auth, $user, $cache; global $phpbb_root_path, $phpEx, $config; global $request, $phpbb_dispatcher, $phpbb_container; // Damn php and globals - i know, this is horrible // Needed for handle_message_list_actions() global $refresh, $submit, $preview; include $phpbb_root_path . 'includes/functions_posting.' . $phpEx; include $phpbb_root_path . 'includes/functions_display.' . $phpEx; include $phpbb_root_path . 'includes/message_parser.' . $phpEx; if (!$action) { $action = 'post'; } add_form_key('ucp_pm_compose'); // Grab only parameters needed here $to_user_id = request_var('u', 0); $to_group_id = request_var('g', 0); $msg_id = request_var('p', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); // Reply to all triggered (quote/reply) $reply_to_all = request_var('reply_to_all', 0); $address_list = $request->variable('address_list', array('' => array(0 => ''))); $submit = isset($_POST['post']) ? true : false; $preview = isset($_POST['preview']) ? true : false; $save = isset($_POST['save']) ? true : false; $load = isset($_POST['load']) ? true : false; $cancel = isset($_POST['cancel']) && !isset($_POST['save']) ? true : false; $delete = isset($_POST['delete']) ? true : false; $remove_u = isset($_REQUEST['remove_u']) ? true : false; $remove_g = isset($_REQUEST['remove_g']) ? true : false; $add_to = isset($_REQUEST['add_to']) ? true : false; $add_bcc = isset($_REQUEST['add_bcc']) ? true : false; $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; $action = $delete && !$preview && !$refresh && $submit ? 'delete' : $action; $select_single = $config['allow_mass_pm'] && $auth->acl_get('u_masspm') ? false : true; $error = array(); $current_time = time(); // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || $current_time - $lastclick < 2 && $submit) { if ($msg_id) { redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); } redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm')); } // Since viewtopic.php language entries are used in several modes, // we include the language file here $user->add_lang('viewtopic'); /** * Modify the default vars before composing a PM * * @event core.ucp_pm_compose_modify_data * @var int msg_id post_id in the page request * @var int to_user_id The id of whom the message is to * @var int to_group_id The id of the group the message is to * @var bool submit Whether the form has been submitted * @var bool preview Whether the user is previewing the PM or not * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies * @var bool delete Whether the user is deleting the PM * @var int reply_to_all Value of reply_to_all request variable. * @since 3.1.4-RC1 */ $vars = array('msg_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all'); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_modify_data', compact($vars))); // Output PM_TO box if message composing if ($action != 'edit') { // Add groups to PM box if ($config['allow_mass_pm'] && $auth->acl_get('u_masspm_group')) { $sql = 'SELECT g.group_id, g.group_name, g.group_type FROM ' . GROUPS_TABLE . ' g'; if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON ( g.group_id = ug.group_id AND ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 ) WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; } $sql .= $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? ' WHERE ' : ' AND '; $sql .= 'g.group_receive_pm = 1 ORDER BY g.group_type DESC, g.group_name ASC'; $result = $db->sql_query($sql); $group_options = ''; while ($row = $db->sql_fetchrow($result)) { $group_options .= '<option' . ($row['group_type'] == GROUP_SPECIAL ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . ($row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; } $db->sql_freeresult($result); } $template->assign_vars(array('S_SHOW_PM_BOX' => true, 'S_ALLOW_MASS_PM' => $config['allow_mass_pm'] && $auth->acl_get('u_masspm') ? true : false, 'S_GROUP_OPTIONS' => $config['allow_mass_pm'] && $auth->acl_get('u_masspm_group') ? $group_options : '', 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=searchuser&form=postform&field=username_list&select_single={$select_single}"))); } $sql = ''; $folder_id = 0; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. switch ($action) { case 'post': if (!$auth->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } break; case 'reply': case 'quote': case 'forward': case 'quotepost': if (!$msg_id) { trigger_error('NO_MESSAGE'); } if (!$auth->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } if ($action == 'quotepost') { $sql = 'SELECT p.post_id as msg_id, p.forum_id, p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username FROM ' . POSTS_TABLE . ' p, ' . TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.post_id = {$msg_id}\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND u.user_id = p.poster_id"; } else { $sql = 'SELECT t.folder_id, p.*, u.username as quote_username FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\tAND p.msg_id = {$msg_id}"; } break; case 'edit': if (!$msg_id) { trigger_error('NO_MESSAGE'); } // check for outbox (not read) status, we do not allow editing if one user already having the message $sql = 'SELECT p.*, t.folder_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $user->data['user_id'] . ' AND t.folder_id = ' . PRIVMSGS_OUTBOX . "\n\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\tAND t.msg_id = p.msg_id"; break; case 'delete': if (!$auth->acl_get('u_pm_delete')) { trigger_error('NO_AUTH_DELETE_MESSAGE'); } if (!$msg_id) { trigger_error('NO_MESSAGE'); } $sql = 'SELECT msg_id, pm_unread, pm_new, author_id, folder_id FROM ' . PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\tAND msg_id = {$msg_id}"; break; case 'smilies': generate_smilies('window', 0); break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) { trigger_error('NO_AUTH_FORWARD_MESSAGE'); } if ($action == 'edit' && !$auth->acl_get('u_pm_edit')) { trigger_error('NO_AUTH_EDIT_MESSAGE'); } if ($sql) { /** * Alter sql query to get message for user to write the PM * * @event core.ucp_pm_compose_compose_pm_basic_info_query_before * @var string sql String with the query to be executed * @var array forum_list List of forums that contain the posts * @var int visibility_const Integer with one of the possible ITEM_* constant values * @var int msg_id topic_id in the page request * @var int to_user_id The id of whom the message is to * @var int to_group_id The id of the group whom the message is to * @var bool submit Whether the user is sending the PM or not * @var bool preview Whether the user is previewing the PM or not * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies * @var bool delete Whether the user is deleting the PM * @var int reply_to_all Value of reply_to_all request variable. * @var string limit_time_sql String with the SQL code to limit the time interval of the post (Note: May be empty string) * @var string sort_order_sql String with the ORDER BY SQL code used in this query * @since 3.1.0-RC5 */ $vars = array('sql', 'forum_list', 'visibility_const', 'msg_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all', 'limit_time_sql', 'sort_order_sql'); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_compose_pm_basic_info_query_before', compact($vars))); $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post) { // If editing it could be the recipient already read the message... if ($action == 'edit') { $sql = 'SELECT p.*, t.folder_id FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $user->data['user_id'] . "\n\t\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\t\tAND t.msg_id = p.msg_id"; $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($post) { trigger_error('NO_EDIT_READ_MESSAGE'); } } trigger_error('NO_MESSAGE'); } if ($action == 'quotepost') { if ($post['forum_id'] && !$auth->acl_get('f_read', $post['forum_id']) || !$post['forum_id'] && !$auth->acl_getf_global('f_read')) { trigger_error('NOT_AUTHORISED'); } /** * Get the result of querying for the post to be quoted in the pm message * * @event core.ucp_pm_compose_quotepost_query_after * @var string sql The original SQL used in the query * @var array post Associative array with the data of the quoted post * @var array msg_id The post_id that was searched to get the message for quoting * @var int visibility_const Visibility of the quoted post (one of the possible ITEM_* constant values) * @var int topic_id Topic ID of the quoted post * @var int to_user_id Users the message is sent to * @var int to_group_id Groups the message is sent to * @var bool submit Whether the user is sending the PM or not * @var bool preview Whether the user is previewing the PM or not * @var string action One of: post, reply, quote, forward, quotepost, edit, delete, smilies * @var bool delete If deleting message * @var int reply_to_all Value of reply_to_all request variable. * @since 3.1.0-RC5 */ $vars = array('sql', 'post', 'msg_id', 'visibility_const', 'topic_id', 'to_user_id', 'to_group_id', 'submit', 'preview', 'action', 'delete', 'reply_to_all'); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_compose_quotepost_query_after', compact($vars))); // Passworded forum? if ($post['forum_id']) { $sql = 'SELECT forum_id, forum_name, forum_password FROM ' . FORUMS_TABLE . ' WHERE forum_id = ' . (int) $post['forum_id']; $result = $db->sql_query($sql); $forum_data = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!empty($forum_data['forum_password'])) { login_forum_box($forum_data); } } } $msg_id = (int) $post['msg_id']; $folder_id = isset($post['folder_id']) ? $post['folder_id'] : 0; $message_text = isset($post['message_text']) ? $post['message_text'] : ''; if ((!$post['author_id'] || $post['author_id'] == ANONYMOUS && $action != 'delete') && $msg_id) { trigger_error('NO_AUTHOR'); } if ($action == 'quotepost') { // Decode text for message display decode_message($message_text, $post['bbcode_uid']); } if ($action != 'delete') { $enable_urls = $post['enable_magic_url']; $enable_sig = isset($post['enable_sig']) ? $post['enable_sig'] : 0; $message_attachment = isset($post['message_attachment']) ? $post['message_attachment'] : 0; $message_subject = $post['message_subject']; $message_time = $post['message_time']; $bbcode_uid = $post['bbcode_uid']; $quote_username = isset($post['quote_username']) ? $post['quote_username'] : ''; $icon_id = isset($post['icon_id']) ? $post['icon_id'] : 0; if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !sizeof($address_list) && !$refresh && !$submit && !$preview) { // Add the original author as the recipient if quoting a post or only replying and not having checked "reply to all" if ($action == 'quotepost' || !$reply_to_all) { $address_list = array('u' => array($post['author_id'] => 'to')); } else { // We try to include every previously listed member from the TO Header - Reply to all $address_list = rebuild_header(array('to' => $post['to_address'])); // Add the author (if he is already listed then this is no shame (it will be overwritten)) $address_list['u'][$post['author_id']] = 'to'; // Now, make sure the user itself is not listed. ;) if (isset($address_list['u'][$user->data['user_id']])) { unset($address_list['u'][$user->data['user_id']]); } } } else { if ($action == 'edit' && !sizeof($address_list) && !$refresh && !$submit && !$preview) { // Rebuild TO and BCC Header $address_list = rebuild_header(array('to' => $post['to_address'], 'bcc' => $post['bcc_address'])); } } if ($action == 'quotepost') { $check_value = 0; } else { $check_value = ($post['enable_bbcode'] + 1 << 8) + ($post['enable_smilies'] + 1 << 4) + ($enable_urls + 1 << 2) + ($post['enable_sig'] + 1 << 1); } } } else { $message_attachment = 0; $message_text = $message_subject = ''; if ($to_user_id && $to_user_id != ANONYMOUS && $action == 'post') { $address_list['u'][$to_user_id] = 'to'; } else { if ($to_group_id && $action == 'post') { $address_list['g'][$to_group_id] = 'to'; } } $check_value = 0; } if (($to_group_id || isset($address_list['g'])) && (!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group'))) { trigger_error('NO_AUTH_GROUP_MESSAGE'); } if ($action == 'edit' && !$refresh && !$preview && !$submit) { if (!($message_time > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time'])) { trigger_error('CANNOT_EDIT_MESSAGE_TIME'); } } if ($action == 'post') { $template->assign_var('S_NEW_MESSAGE', true); } if (!isset($icon_id)) { $icon_id = 0; } $message_parser = new parse_message(); $plupload = $phpbb_container->get('plupload'); $message_parser->set_plupload($plupload); $message_parser->message = $action == 'reply' ? '' : $message_text; unset($message_text); $s_action = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i={$id}&mode={$mode}&action={$action}", true, $user->session_id); $s_action .= ($folder_id ? "&f={$folder_id}" : '') . ($msg_id ? "&p={$msg_id}" : ''); // Delete triggered ? if ($action == 'delete') { // Folder id has been determined by the SQL Statement // $folder_id = request_var('f', PRIVMSGS_NO_BOX); // Do we need to confirm ? if (confirm_box(true)) { delete_pm($user->data['user_id'], $msg_id, $folder_id); // jump to next message in "history"? nope, not for the moment. But able to be included later. $meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&folder={$folder_id}"); $message = $user->lang['MESSAGE_DELETED']; meta_refresh(3, $meta_info); $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>'); trigger_error($message); } else { $s_hidden_fields = array('p' => $msg_id, 'f' => $folder_id, 'action' => 'delete'); // "{$phpbb_root_path}ucp.$phpEx?i=pm&mode=compose" confirm_box(false, 'DELETE_MESSAGE', build_hidden_fields($s_hidden_fields)); } redirect(append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&action=view_message&p=' . $msg_id)); } // Get maximum number of allowed recipients $sql = 'SELECT MAX(g.group_max_recipients) as max_recipients FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 AND ug.group_id = g.group_id'; $result = $db->sql_query($sql); $max_recipients = (int) $db->sql_fetchfield('max_recipients'); $db->sql_freeresult($result); $max_recipients = !$max_recipients ? $config['pm_max_recipients'] : $max_recipients; // If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients if (($action == 'reply' || $action == 'quote') && $max_recipients && $reply_to_all) { // We try to include every previously listed member from the TO Header $list = rebuild_header(array('to' => $post['to_address'])); // Can be an empty array too ;) $list = !empty($list['u']) ? $list['u'] : array(); $list[$post['author_id']] = 'to'; if (isset($list[$user->data['user_id']])) { unset($list[$user->data['user_id']]); } $max_recipients = $max_recipients < sizeof($list) ? sizeof($list) : $max_recipients; unset($list); } // Handle User/Group adding/removing handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc); // Check mass pm to group permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) { $address_list = array(); $error[] = $user->lang['NO_AUTH_GROUP_MESSAGE']; } // Check mass pm to users permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) { $address_list = get_recipients($address_list, 1); $error[] = $user->lang('TOO_MANY_RECIPIENTS', 1); } // Check for too many recipients if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) { $address_list = get_recipients($address_list, $max_recipients); $error[] = $user->lang('TOO_MANY_RECIPIENTS', $max_recipients); } // Always check if the submitted attachment data is valid and belongs to the user. // Further down (especially in submit_post()) we do not check this again. $message_parser->get_submitted_attachment_data(); if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') { // Do not change to SELECT * $sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename, filesize FROM ' . ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\tAND in_message = 1\n\t\t\t\tAND is_orphan = 0\n\t\t\tORDER BY filetime DESC"; $result = $db->sql_query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result)); $db->sql_freeresult($result); } if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) { $enable_sig = $config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig') && $user->optionget('attachsig'); $enable_smilies = $config['allow_smilies'] && $auth->acl_get('u_pm_smilies') && $user->optionget('smilies'); $enable_bbcode = $config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') && $user->optionget('bbcode'); $enable_urls = true; } $enable_magic_url = $drafts = false; // User own some drafts? if ($auth->acl_get('u_savedrafts') && $action != 'delete') { $sql = 'SELECT draft_id FROM ' . DRAFTS_TABLE . ' WHERE forum_id = 0 AND topic_id = 0 AND user_id = ' . $user->data['user_id'] . ($draft_id ? " AND draft_id <> {$draft_id}" : ''); $result = $db->sql_query_limit($sql, 1); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($row) { $drafts = true; } } if ($action == 'edit') { $message_parser->bbcode_uid = $bbcode_uid; } $bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false; $smilies_status = $config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies') ? true : false; $img_status = $config['auth_img_pm'] && $auth->acl_get('u_pm_img') ? true : false; $flash_status = $config['auth_flash_pm'] && $auth->acl_get('u_pm_flash') ? true : false; $url_status = $config['allow_post_links'] ? true : false; // Save Draft if ($save && $auth->acl_get('u_savedrafts')) { $subject = utf8_normalize_nfc(request_var('subject', '', true)); $subject = !$subject && $action != 'post' ? $user->lang['NEW_MESSAGE'] : $subject; $message = utf8_normalize_nfc(request_var('message', '', true)); if ($subject && $message) { if (confirm_box(true)) { $sql = 'INSERT INTO ' . DRAFTS_TABLE . ' ' . $db->sql_build_array('INSERT', array('user_id' => $user->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, 'draft_message' => $message)); $db->sql_query($sql); $redirect_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&mode={$mode}"); meta_refresh(3, $redirect_url); $message = $user->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $redirect_url . '">', '</a>'); trigger_error($message); } else { $s_hidden_fields = build_hidden_fields(array('mode' => $mode, 'action' => $action, 'save' => true, 'subject' => $subject, 'message' => $message, 'u' => $to_user_id, 'g' => $to_group_id, 'p' => $msg_id)); $s_hidden_fields .= build_address_field($address_list); confirm_box(false, 'SAVE_DRAFT', $s_hidden_fields); } } else { if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } if (utf8_clean_string($message) === '') { $error[] = $user->lang['TOO_FEW_CHARS']; } } unset($subject, $message); } // Load Draft if ($draft_id && $auth->acl_get('u_savedrafts')) { $sql = 'SELECT draft_subject, draft_message FROM ' . DRAFTS_TABLE . "\n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND topic_id = 0\n\t\t\t\tAND forum_id = 0\n\t\t\t\tAND user_id = " . $user->data['user_id']; $result = $db->sql_query_limit($sql, 1); if ($row = $db->sql_fetchrow($result)) { $message_parser->message = $row['draft_message']; $message_subject = $row['draft_subject']; $template->assign_var('S_DRAFT_LOADED', true); } else { $draft_id = 0; } $db->sql_freeresult($result); } // Load Drafts if ($load && $drafts) { load_drafts(0, 0, $id, $action, $msg_id); } if ($submit || $preview || $refresh) { if (($submit || $preview) && !check_form_key('ucp_pm_compose')) { $error[] = $user->lang['FORM_INVALID']; } $subject = utf8_normalize_nfc(request_var('subject', '', true)); $message_parser->message = utf8_normalize_nfc(request_var('message', '', true)); $icon_id = request_var('icon', 0); $enable_bbcode = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $enable_smilies = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $enable_urls = isset($_POST['disable_magic_url']) ? 0 : 1; $enable_sig = !$config['allow_sig'] || !$config['allow_sig_pm'] ? false : (isset($_POST['attach_sig']) ? true : false); if ($submit) { $status_switch = ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1); $status_switch = $status_switch != $check_value; } else { $status_switch = 1; } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); if (sizeof($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = implode('<br />', $message_parser->warn_msg); $message_parser->warn_msg = array(); } // Parse message $message_parser->parse($enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']); // On a refresh we do not care about message parsing errors if (sizeof($message_parser->warn_msg) && !$refresh) { $error[] = implode('<br />', $message_parser->warn_msg); } if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood')) { // Flood check $last_post_time = $user->data['user_lastpost_time']; if ($last_post_time) { if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { $error[] = $user->lang['FLOOD_ERROR']; } } } // Subject defined if ($submit) { if (utf8_clean_string($subject) === '') { $error[] = $user->lang['EMPTY_MESSAGE_SUBJECT']; } if (!sizeof($address_list)) { $error[] = $user->lang['NO_RECIPIENT']; } } // Store message, sync counters if (!sizeof($error) && $submit) { $pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => isset($post['root_level']) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list); // ((!$message_subject) ? $subject : $message_subject) $msg_id = submit_pm($action, $subject, $pm_data); $return_message_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&mode=view&p=' . $msg_id); $inbox_folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=inbox'); $outbox_folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=outbox'); $folder_url = ''; if ($folder_id > 0 && isset($user_folders[$folder_id])) { $folder_url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&folder=' . $folder_id); } $return_box_url = $action === 'post' || $action === 'edit' ? $outbox_folder_url : $inbox_folder_url; $return_box_lang = $action === 'post' || $action === 'edit' ? 'PM_OUTBOX' : 'PM_INBOX'; $save_message = $action === 'edit' ? $user->lang['MESSAGE_EDITED'] : $user->lang['MESSAGE_STORED']; $message = $save_message . '<br /><br />' . $user->lang('VIEW_PRIVATE_MESSAGE', '<a href="' . $return_message_url . '">', '</a>'); $last_click_type = 'CLICK_RETURN_FOLDER'; if ($folder_url) { $message .= '<br /><br />' . sprintf($user->lang['CLICK_RETURN_FOLDER'], '<a href="' . $folder_url . '">', '</a>', $user_folders[$folder_id]['folder_name']); $last_click_type = 'CLICK_GOTO_FOLDER'; } $message .= '<br /><br />' . sprintf($user->lang[$last_click_type], '<a href="' . $return_box_url . '">', '</a>', $user->lang[$return_box_lang]); meta_refresh(3, $return_message_url); trigger_error($message); } $message_subject = $subject; } // Preview if (!sizeof($error) && $preview) { $preview_message = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false); $preview_signature = $user->data['user_sig']; $preview_signature_uid = $user->data['user_sig_bbcode_uid']; $preview_signature_bitfield = $user->data['user_sig_bbcode_bitfield']; // Signature if ($enable_sig && $config['allow_sig'] && $preview_signature) { $parse_sig = new parse_message($preview_signature); $parse_sig->bbcode_uid = $preview_signature_uid; $parse_sig->bbcode_bitfield = $preview_signature_bitfield; $parse_sig->format_display($config['allow_sig_bbcode'], $config['allow_sig_links'], $config['allow_sig_smilies']); $preview_signature = $parse_sig->message; unset($parse_sig); } else { $preview_signature = ''; } // Attachment Preview if (sizeof($message_parser->attachment_data)) { $template->assign_var('S_HAS_ATTACHMENTS', true); $update_count = array(); $attachment_data = $message_parser->attachment_data; parse_attachments(false, $preview_message, $attachment_data, $update_count, true); foreach ($attachment_data as $i => $attachment) { $template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment)); } unset($attachment_data); } $preview_subject = censor_text($subject); if (!sizeof($error)) { $template->assign_vars(array('PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true)); } unset($message_text); } // Decode text for message display $bbcode_uid = ($action == 'quote' || $action == 'forward') && !$preview && !$refresh && (!sizeof($error) || sizeof($error) && !$submit) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); if (($action == 'quote' || $action == 'quotepost') && !$preview && !$refresh && !$submit) { if ($action == 'quotepost') { $post_id = request_var('p', 0); if ($config['allow_post_links']) { $message_link = "[url=" . generate_board_url() . "/viewtopic.{$phpEx}?p={$post_id}#p{$post_id}]{$user->lang['SUBJECT']}{$user->lang['COLON']} {$message_subject}[/url]\n\n"; } else { $message_link = $user->lang['SUBJECT'] . $user->lang['COLON'] . ' ' . $message_subject . " (" . generate_board_url() . "/viewtopic.{$phpEx}?p={$post_id}#p{$post_id})\n\n"; } } else { $message_link = ''; } $message_parser->message = $message_link . '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; } if (($action == 'reply' || $action == 'quote' || $action == 'quotepost') && !$preview && !$refresh) { $message_subject = (!preg_match('/^Re:/', $message_subject) ? 'Re: ' : '') . censor_text($message_subject); } if ($action == 'forward' && !$preview && !$refresh && !$submit) { $fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true); if ($config['allow_post_links']) { $quote_username_text = '[url=' . generate_board_url() . "/memberlist.{$phpEx}?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]"; } else { $quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.{$phpEx}?mode=viewprofile&u={$post['author_id']})"; } $forward_text = array(); $forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE']; $forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject)); $forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time, false, true)); $forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text); $forward_text[] = sprintf($user->lang['FWD_TO'], implode($user->lang['COMMA_SEPARATOR'], $fwd_to_field['to'])); $message_parser->message = implode("\n", $forward_text) . "\n\n[quote="{$quote_username}"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; $message_subject = (!preg_match('/^Fwd:/', $message_subject) ? 'Fwd: ' : '') . censor_text($message_subject); } $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $message_text = $message_parser->message; // MAIN PM PAGE BEGINS HERE // Generate smiley listing generate_smilies('inline', 0); // Generate PM Icons $s_pm_icons = false; if ($config['enable_pm_icons']) { $s_pm_icons = posting_gen_topic_icons($action, $icon_id); } // Generate inline attachment select box posting_gen_inline_attachments($attachment_data); // Build address list for display // array('u' => array($author_id => 'to')); if (sizeof($address_list)) { // Get Usernames and Group Names $result = array(); if (!empty($address_list['u'])) { $sql = 'SELECT user_id as id, username as name, user_colour as colour FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($address_list['u']))) . ' ORDER BY username_clean ASC'; $result['u'] = $db->sql_query($sql); } if (!empty($address_list['g'])) { $sql = 'SELECT g.group_id AS id, g.group_name AS name, g.group_colour AS colour, g.group_type FROM ' . GROUPS_TABLE . ' g'; if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) { $sql .= ' LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON ( g.group_id = ug.group_id AND ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 ) WHERE (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $user->data['user_id'] . ')'; } $sql .= $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? ' WHERE ' : ' AND '; $sql .= 'g.group_receive_pm = 1 AND ' . $db->sql_in_set('g.group_id', array_map('intval', array_keys($address_list['g']))) . ' ORDER BY g.group_name ASC'; $result['g'] = $db->sql_query($sql); } $u = $g = array(); $_types = array('u', 'g'); foreach ($_types as $type) { if (isset($result[$type]) && $result[$type]) { while ($row = $db->sql_fetchrow($result[$type])) { if ($type == 'g') { $row['name'] = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['name']] : $row['name']; } ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']); } $db->sql_freeresult($result[$type]); } } // Now Build the address list $plain_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { if (!isset(${$type}[$id])) { unset($address_list[$type][$id]); continue; } $field = $field == 'to' ? 'to' : 'bcc'; $type = $type == 'u' ? 'u' : 'g'; $id = (int) $id; $tpl_ary = array('IS_GROUP' => $type == 'g' ? true : false, 'IS_USER' => $type == 'u' ? true : false, 'UG_ID' => $id, 'NAME' => ${$type}[$id]['name'], 'COLOUR' => ${$type}[$id]['colour'] ? '#' . ${$type}[$id]['colour'] : '', 'TYPE' => $type); if ($type == 'u') { $tpl_ary = array_merge($tpl_ary, array('U_VIEW' => get_username_string('profile', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']), 'NAME_FULL' => get_username_string('full', $id, ${$type}[$id]['name'], ${$type}[$id]['colour']))); } else { $tpl_ary = array_merge($tpl_ary, array('U_VIEW' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $id))); } $template->assign_block_vars($field . '_recipient', $tpl_ary); } } } // Build hidden address list $s_hidden_address_field = build_address_field($address_list); $bbcode_checked = isset($enable_bbcode) ? !$enable_bbcode : ($config['allow_bbcode'] && $auth->acl_get('u_pm_bbcode') ? !$user->optionget('bbcode') : 1); $smilies_checked = isset($enable_smilies) ? !$enable_smilies : ($config['allow_smilies'] && $auth->acl_get('u_pm_smilies') ? !$user->optionget('smilies') : 1); $urls_checked = isset($enable_urls) ? !$enable_urls : 0; $sig_checked = $enable_sig; switch ($action) { case 'post': $page_title = $user->lang['POST_NEW_PM']; break; case 'quote': $page_title = $user->lang['POST_QUOTE_PM']; break; case 'quotepost': $page_title = $user->lang['POST_PM_POST']; break; case 'reply': $page_title = $user->lang['POST_REPLY_PM']; break; case 'edit': $page_title = $user->lang['POST_EDIT_PM']; break; case 'forward': $page_title = $user->lang['POST_FORWARD_PM']; break; default: trigger_error('NO_ACTION_MODE', E_USER_ERROR); break; } $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= isset($check_value) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : ''; $s_hidden_fields .= $draft_id || isset($_REQUEST['draft_loaded']) ? '<input type="hidden" name="draft_loaded" value="' . (isset($_REQUEST['draft_loaded']) ? $request->variable('draft_loaded', 0) : $draft_id) . '" />' : ''; $form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach') ? '' : ' enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $template->assign_vars(array('L_POST_A' => $page_title, 'L_ICON' => $user->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => $user->lang('MESSAGE_BODY_EXPLAIN', (int) $config['max_post_chars']), 'SUBJECT' => isset($message_subject) ? $message_subject : '', 'MESSAGE' => $message_text, 'BBCODE_STATUS' => $bbcode_status ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.{$phpEx}", 'mode=bbcode') . '">', '</a>'), 'IMG_STATUS' => $img_status ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'], 'URL_STATUS' => $url_status ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'], 'MAX_FONT_SIZE' => (int) $config['max_post_font_size'], 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'ERROR' => sizeof($error) ? implode('<br />', $error) : '', 'MAX_RECIPIENTS' => $config['allow_mass_pm'] && ($auth->acl_get('u_masspm') || $auth->acl_get('u_masspm_group')) ? $max_recipients : 0, 'S_COMPOSE_PM' => true, 'S_EDIT_POST' => $action == 'edit', 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_BBCODE_ALLOWED' => $bbcode_status ? 1 : 0, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $config['allow_sig'] && $config['allow_sig_pm'] && $auth->acl_get('u_sig'), 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_LINKS_ALLOWED' => $url_status, 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $auth->acl_get('u_savedrafts') && $action != 'edit' ? true : false, 'S_HAS_DRAFTS' => $auth->acl_get('u_savedrafts') && $drafts, 'S_FORM_ENCTYPE' => $form_enctype, 'S_ATTACH_DATA' => json_encode($message_parser->attachment_data), 'S_BBCODE_IMG' => $img_status, 'S_BBCODE_FLASH' => $flash_status, 'S_BBCODE_QUOTE' => true, 'S_BBCODE_URL' => $url_status, 'S_POST_ACTION' => $s_action, 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_CLOSE_PROGRESS_WINDOW' => isset($_POST['add_file']), 'U_PROGRESS_BAR' => append_sid("{$phpbb_root_path}posting.{$phpEx}", 'f=0&mode=popup'), 'UA_PROGRESS_BAR' => addslashes(append_sid("{$phpbb_root_path}posting.{$phpEx}", 'f=0&mode=popup')))); // Build custom bbcodes array display_custom_bbcodes(); // Show attachment box for adding attachments if true $allowed = $auth->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype; if ($allowed) { $max_files = $auth->acl_gets('a_', 'm_') ? 0 : (int) $config['max_attachments_pm']; $plupload->configure($cache, $template, $s_action, false, $max_files); } // Attachment entry posting_gen_attachment_entry($attachment_data, $filename_data, $allowed); // Message History if ($action == 'reply' || $action == 'quote' || $action == 'forward') { if (message_history($msg_id, $user->data['user_id'], $post, array(), true)) { $template->assign_var('S_DISPLAY_HISTORY', true); } } }
function main($id, $mode) { global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $ultimate_points, $points_config, $points_values, $auth, $checked_user, $check_auth; add_form_key('transfer_user'); // Grab the message variable $message = request_var('comment', '', true); // Check, if transferring is allowed if (!$points_config['transfer_enable']) { $message = $user->lang['TRANSFER_REASON_TRANSFER'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if user is allowed to use the transfer module if (!$auth->acl_get('u_use_transfer')) { $message = $user->lang['NOT_AUTHORISED'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Add part to bar $template->assign_block_vars('navlinks', array('U_VIEW_FORUM' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'FORUM_NAME' => sprintf($user->lang['TRANSFER_TITLE'], $config['points_name']))); if (isset($_POST['submit'])) { if (!check_form_key('transfer_user')) { trigger_error('FORM_INVALID'); } // Grab need variables for the transfer $am = round(request_var('amount', 0.0), 2); $comment = request_var('comment', '', true); $username1 = request_var('username', '', true); $username = strtolower($username1); // Select the user data to transfer to $sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'\n\t\t\t\t\tAND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $transfer_user = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($transfer_user == NULL) { $message = $user->lang['TRANSFER_NO_USER_RETURN'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Select the old user_points from user_id to transfer to $sql_array = array('SELECT' => 'user_points', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $transfer_user_old_points = (int) $db->sql_fetchfield('user_points'); $db->sql_freeresult($result); // Check, if the sender has enough cash if ($user->data['user_points'] < $am) { $message = sprintf($user->lang['TRANSFER_REASON_MINPOINTS'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if the amount is 0 or below if ($am <= 0) { $message = sprintf($user->lang['TRANSFER_REASON_UNDERZERO'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if user is trying to send to himself if ($user->data['user_id'] == $transfer_user['user_id']) { $message = sprintf($user->lang['TRANSFER_REASON_YOURSELF'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Add cash to receiver add_points($transfer_user['user_id'], $am); // Remove cash from sender substract_points($user->data['user_id'], $am); // Get current time for log $current_time = time(); // Add transferring information to the log $text = utf8_normalize_nfc($message); $sql = 'INSERT INTO ' . POINTS_LOG_TABLE . ' ' . $db->sql_build_array('INSERT', array('point_send' => (int) $user->data['user_id'], 'point_recv' => (int) $transfer_user['user_id'], 'point_amount' => $am, 'point_sendold' => $user->data['user_points'], 'point_recvold' => $transfer_user_old_points, 'point_comment' => $text, 'point_type' => '1', 'point_date' => $current_time)); $db->sql_query($sql); // Send pm to receiver, if PM is enabled if (!$points_config['transfer_pm_enable'] == 0 && $transfer_user['user_allow_pm']) { // Select the receiver language $transfer_user['user_lang'] = file_exists($phpbb_root_path . 'language/' . $transfer_user['user_lang'] . "/mods/points.{$phpEx}") ? $transfer_user['user_lang'] : $config['default_lang']; // load receivers language include $phpbb_root_path . 'language/' . basename($transfer_user['user_lang']) . "/mods/points.{$phpEx}"; $points_name = $config['points_name']; $comment = $db->sql_escape($comment); $pm_subject = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_SUBJECT'])); $pm_text = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_BODY'], $am, $points_name, $text)); $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); $pm_data = array('address_list' => array('u' => array($transfer_user['user_id'] => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); } // Change $username back to regular username $sql_array = array('SELECT' => 'username', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $show_user = $db->sql_fetchfield('username'); $db->sql_freeresult($result); // Add log entry to inform the admin too add_log('user', $user->data['username'], 'LOG_USER_TRANSFER', $user->data['username'], $show_user, number_format_points($am), $config['points_name']); // Show the successful transfer message $message = sprintf($user->lang['TRANSFER_REASON_TRANSUCC'], number_format_points($am), $config['points_name'], $show_user) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); $template->assign_vars(array('U_ACTION' => $this->u_action)); } $template->assign_vars(array('USER_POINTS' => sprintf(number_format_points($checked_user['user_points'])), 'POINTS_NAME' => $config['points_name'], 'POINTS_COMMENTS' => $points_config['comments_enable'] ? true : false, 'LOTTERY_NAME' => $points_values['lottery_name'], 'BANK_NAME' => $points_values['bank_name'], 'L_TRANSFER_DESCRIPTION' => sprintf($user->lang['TRANSFER_DESCRIPTION'], $config['points_name']), 'U_TRANSFER_USER' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'U_LOGS' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=logs"), 'U_LOTTERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=lottery"), 'U_BANK' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank"), 'U_ROBBERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery"), 'U_INFO' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=info"), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=searchuser&form=post&field=username&select_single=true"), 'U_USE_TRANSFER' => $auth->acl_get('u_use_transfer'), 'U_USE_LOGS' => $auth->acl_get('u_use_logs'), 'U_USE_LOTTERY' => $auth->acl_get('u_use_lottery'), 'U_USE_BANK' => $auth->acl_get('u_use_bank'), 'U_USE_ROBBERY' => $auth->acl_get('u_use_robbery'), 'S_ALLOW_SEND_PM' => $auth->acl_get('u_sendpm'))); // Generate the page page_header(sprintf($user->lang['TRANSFER_TITLE'], $config['points_name'])); // Generate the page template $template->set_filenames(array('body' => 'points/points_transfer_user.html')); page_footer(); }
/** * Submits the pm to the database. */ function submit() { global $user, $db; if (!$this->msg_id) { //new message, set some default values if not set yet if (!$this->author_id) { $this->author_id = $user->data['user_id']; } if (!$this->author_ip) { $this->author_ip = $user->ip; } if (!$this->message_time) { $this->message_time = time(); } } $this->message_subject = truncate_string($this->message_subject); if ($user->data['user_id'] == $this->author_id) { $author_username = $user->data['username']; } else { $sql = 'SELECT username FROM ' . USERS_TABLE . ' WHERE user_id=' . $this->author_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); if (!$row) { trigger_error('NO_USER', E_USER_ERROR); } $author_username = $row['username']; } $message = $this->message_text; $bbcode_uid = $bbcode_bitfield = $options = ''; generate_text_for_storage($message, $bbcode_uid, $bbcode_bitfield, $options, $this->enable_bbcode, $this->enable_magic_url, $this->enable_smilies); $data = array('msg_id' => (int) $this->msg_id, 'from_user_id' => (int) $this->author_id, 'from_user_ip' => $this->author_ip, 'from_username' => $author_username, 'reply_from_root_level' => $this->root_level, 'reply_from_msg_id' => $this->reply_from_msg_id, 'icon_id' => (int) $this->icon_id, 'enable_sig' => (bool) $this->enable_sig, 'enable_bbcode' => (bool) $this->enable_bbcode, 'enable_smilies' => (bool) $this->enable_smilies, 'enable_urls' => (bool) $this->enable_magic_url, 'bbcode_bitfield' => $bbcode_bitfield, 'bbcode_uid' => $bbcode_uid, 'message' => $message, 'attachment_data' => false, 'filename_data' => false, 'address_list' => $this->address_list); $mode = $this->msg_id ? 'edit' : ($this->reply_from_msg_id ? 'reply' : 'post'); submit_pm($mode, $this->message_subject, $data); $this->msg_id = $data['msg_id']; }
/** * handles sending subscription notices for blogs or replies * * Sends a PM or Email to each user in the subscription list, depending on what they want * * @param string $mode The mode (new_blog, or new_reply) * @param string $post_subject The subject of the post made * @param int|bool $uid The user_id of the user who made the new blog (if there is one). If this is left as 0 it will grab the global value of $user_id. * @param int|bool $bid The blog_id of the blog. If this is left as 0 it will grab the global value of $blog_id. * @param int|bool $rid The reply_id of the new reply (if there is one). If this is left as 0 it will grab the global value of $reply_id. */ function handle_subscription($mode, $post_subject, $uid = 0, $bid = 0, $rid = 0) { global $db, $user, $phpbb_root_path, $phpEx, $config; global $user_id, $blog_id, $reply_id; global $blog_data, $blog_urls; // if $uid, $bid, or $rid are not set, use the globals $uid = $uid != 0 ? $uid : $user_id; $bid = $bid != 0 ? $bid : $blog_id; $rid = $rid != 0 ? $rid : $reply_id; // make sure that subscriptions are enabled and that a blog_id is sent if (!$config['user_blog_subscription_enabled'] || $bid == 0) { return; } if (!isset($user->lang['BLOG_SUBSCRIPTION_NOTICE'])) { $user->add_lang('mods/blog/posting'); } // This will hold all the send info, all ones that will be sent via PM would be $send[1], or Email would be $send[2], next would be $send[4], etc. $send = array(); $subscribe_modes = get_blog_subscription_types(); $temp = compact('mode', 'post_subject', 'uid', 'bid', 'rid', 'send'); blog_plugins::plugin_do_ref('function_handle_subscription', $temp); extract($temp); // Fix the URLs... if (isset($config['user_blog_seo']) && $config['user_blog_seo']) { $view_url = $rid ? blog_url($uid, $bid, $rid) : blog_url($uid, $bid); $unsubscribe_url = $rid ? blog_url($uid, $bid, false, array('page' => 'unsubscribe')) : blog_url($uid, false, false, array('page' => 'unsubscribe')); } else { $view_url = redirect($rid ? blog_url($uid, $bid, $rid) : blog_url($uid, $bid), true); $unsubscribe_url = redirect($rid ? blog_url($uid, $bid, false, array('page' => 'unsubscribe')) : blog_url($uid, false, false, array('page' => 'unsubscribe')), true); } if ($mode == 'new_reply' && $rid != 0) { $sql = 'SELECT * FROM ' . BLOGS_SUBSCRIPTION_TABLE . ' WHERE blog_id = ' . intval($bid) . ' AND sub_user_id != ' . $user->data['user_id']; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!array_key_exists($row['sub_type'], $send)) { $send[$row['sub_type']] = array($row['sub_user_id']); } else { $send[$row['sub_type']][] = $row['sub_user_id']; } } $db->sql_freeresult($result); $message = sprintf($user->lang['BLOG_SUBSCRIPTION_NOTICE'], $view_url, $user->data['username'], $unsubscribe_url); } else { if ($mode == 'new_blog' && $uid != 0) { $sql = 'SELECT * FROM ' . BLOGS_SUBSCRIPTION_TABLE . ' WHERE user_id = ' . intval($uid) . ' AND sub_user_id != ' . $user->data['user_id']; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!array_key_exists($row['sub_type'], $send)) { $send[$row['sub_type']] = array($row['sub_user_id']); } else { $send[$row['sub_type']][] = $row['sub_user_id']; } } $db->sql_freeresult($result); $message = sprintf($user->lang['USER_SUBSCRIPTION_NOTICE'], $user->data['username'], $view_url, $unsubscribe_url); } } $blog_data->get_user_data($config['user_blog_message_from']); // Send the PM if (isset($send[1]) && sizeof($send[1])) { if (!function_exists('submit_pm')) { // include the private messages functions page include "{$phpbb_root_path}includes/functions_privmsgs.{$phpEx}"; } if (!class_exists('parse_message')) { include "{$phpbb_root_path}includes/message_parser.{$phpEx}"; } $message_parser = new parse_message(); $message_parser->message = $message; $message_parser->parse(true, true, true); // setup out to address list $address_list = array(); foreach ($send[1] as $id) { $address_list[$id] = 'to'; } $pm_data = array('from_user_id' => $config['user_blog_message_from'], 'from_username' => blog_data::$user[$config['user_blog_message_from']]['username'], 'address_list' => array('u' => $address_list), 'icon_id' => 10, 'from_user_ip' => '0.0.0.0', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $message_parser->message, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid); submit_pm('post', $user->lang['SUBSCRIPTION_NOTICE'], $pm_data, false); unset($message_parser, $address_list, $pm_data); } // Send the email if (isset($send[2]) && sizeof($send[2]) && $config['email_enable']) { if (!class_exists('messenger')) { include "{$phpbb_root_path}includes/functions_messenger.{$phpEx}"; } $messenger = new messenger(false); $blog_data->get_user_data($send[2]); $reply_url_var = $rid ? "r={$rid}#r{$rid}" : ''; foreach ($send[2] as $uid) { $messenger->template('blog_notify', $config['default_lang']); $messenger->replyto($config['board_contact']); $messenger->to(blog_data::$user[$uid]['user_email'], blog_data::$user[$uid]['username']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . blog_data::$user[$config['user_blog_message_from']]['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . blog_data::$user[$config['user_blog_message_from']]['username']); $messenger->headers('X-AntiAbuse: User IP - ' . blog_data::$user[$config['user_blog_message_from']]['user_ip']); $messenger->assign_vars(array('BOARD_CONTACT' => $config['board_contact'], 'SUBJECT' => $user->lang['SUBSCRIPTION_NOTICE'], 'TO_USERNAME' => blog_data::$user[$uid]['username'], 'TYPE' => $rid ? $user->lang['REPLY'] : $user->lang['BLOG'], 'NAME' => $post_subject, 'BY_USERNAME' => $user->data['username'], 'U_VIEW' => $view_url, 'U_UNSUBSCRIBE' => $unsubscribe_url)); $messenger->send(NOTIFY_EMAIL); } // save the queue if we must $messenger->save_queue(); unset($messenger); } blog_plugins::plugin_do('function_handle_subscription_end'); }
/** * Run Lottery */ function run_lottery() { $current_time = time(); /** * Read out config values */ $sql = 'SELECT * FROM ' . $this->points_values_table; $result = $this->db->sql_query($sql); $points_values = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); // Count number of tickets $sql_array = array('SELECT' => 'COUNT(ticket_id) AS num_tickets', 'FROM' => array($this->points_lottery_tickets_table => 'l')); $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); $total_tickets = (int) $this->db->sql_fetchfield('num_tickets'); $this->db->sql_freeresult($result); // Select a random user from tickets table $sql_layer = $this->db->get_sql_layer(); switch ($sql_layer) { case 'postgres': $order_by = 'RANDOM()'; break; case 'mssql': case 'mssql_odbc': $order_by = 'NEWID()'; break; default: $order_by = 'RAND()'; break; } $sql_array = array('SELECT' => '*', 'FROM' => array($this->points_lottery_tickets_table => 'l'), 'ORDER_BY' => $order_by); $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query_limit($sql, 1); $random_user_by_tickets = (int) $this->db->sql_fetchfield('user_id'); $this->db->sql_freeresult($result); if ($total_tickets > 0) { // Genarate a random number $rand_base = $points_values['lottery_chance']; $rand_value = rand(0, 100); // Decide, if the user really wins if ($rand_value <= $rand_base) { $winning_number = $random_user_by_tickets; // Select a winner from ticket table $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . $winning_number); $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); $winner = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); // Check if lottery is enabled and prepare winner informations $sql = 'SELECT lottery_enable FROM ' . $this->points_config_table; $result = $this->db->sql_query($result); $lottery_enabled = $this->db->sql_fetchfield('lottery_enable'); $this->db->sql_freeresult($result); if ($lottery_enabled != 0) { $winnings_update = $winner['user_points'] + $this->points_values('lottery_jackpot'); $this->set_points($winner['user_id'], $winnings_update); $winner_notification = $this->number_format_points($points_values['lottery_jackpot']) . ' ' . $this->config['points_name'] . ' '; $winner_deposit = $this->user->lang['LOTTERY_PM_CASH_ENABLED']; $amount_won = $points_values['lottery_jackpot']; } else { $winner_notification = ''; $winner_deposit = ''; $amount_won = ''; } // Update previous winner information $this->set_points_values('lottery_prev_winner', "'" . $winner['username'] . "'"); $this->set_points_values('lottery_prev_winner_id', $winner['user_id']); // Check, if user wants to be informed by PM if ($winner['user_allow_pm'] == 1) { $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . $points_values['lottery_pm_from']); $sql = $this->db->sql_build_query('SELECT', $sql_array); $result = $this->db->sql_query($sql); $pm_sender = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); // Notify the lucky winner by PM $pm_subject = utf8_normalize_nfc($this->user->lang['LOTTERY_PM_SUBJECT']); $pm_text = utf8_normalize_nfc(sprintf($this->user->lang['LOTTERY_PM_BODY'], $winner_notification, $winner_deposit)); $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); $pm_data = array('address_list' => array('u' => array($winner['user_id'] => 'to')), 'from_user_id' => $points_values['lottery_pm_from'] == 0 ? $winner['user_id'] : $pm_sender['user_id'], 'from_username' => $points_values['lottery_pm_from'] == 0 ? $this->user->lang['LOTTERY_PM_COMMISION'] : $pm_sender['username'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); } // Add new winner to lottery history $sql = 'INSERT INTO ' . $this->points_lottery_history_table . ' ' . $this->db->sql_build_array('INSERT', array('user_id' => (int) $winner['user_id'], 'user_name' => $winner['username'], 'time' => $current_time, 'amount' => $points_values['lottery_jackpot'])); $this->db->sql_query($sql); // Update winners total $this->set_points_values('lottery_winners_total', $points_values['lottery_winners_total'] + 1); // Add jackpot to winner $this->add_points((int) $winner['user_id'], $points_values['lottery_jackpot']); // Reset jackpot $this->set_points_values('lottery_jackpot', $points_values['lottery_base_amount']); } else { $this->set_points_values('lottery_jackpot', $points_values['lottery_jackpot'] + $points_values['lottery_base_amount']); $no_winner = 0; $sql = 'INSERT INTO ' . $this->points_lottery_history_table . ' ' . $this->db->sql_build_array('INSERT', array('user_id' => 0, 'user_name' => $no_winner, 'time' => $current_time, 'amount' => 0)); $this->db->sql_query($sql); // Update previous winner information $this->set_points_values('lottery_prev_winner', "'" . $no_winner . "'"); $this->set_points_values('lottery_prev_winner_id', 0); } } // Reset lottery // Delete all tickets $sql = 'DELETE FROM ' . $this->points_lottery_tickets_table; $this->db->sql_query($sql); // Reset last draw time $check_time = $points_values['lottery_last_draw_time'] + $points_values['lottery_draw_period']; $current_time = time(); if ($current_time > $check_time) { while ($check_time < $current_time) { $check_time = $check_time + $points_values['lottery_draw_period']; $check_time++; } if ($check_time > $current_time) { $check_time = $check_time - $points_values['lottery_draw_period']; $this->set_points_values('lottery_last_draw_time', $check_time); } } else { $this->set_points_values('lottery_last_draw_time', $points_values['lottery_last_draw_time'] + $points_values['lottery_draw_period']); } }
function main($id, $mode) { global $db, $user, $auth, $template, $cache, $request, $table_prefix, $points_config, $config, $phpbb_root_path, $phpbb_admin_path, $phpEx, $phpbb_container; $this->config_text = $phpbb_container->get('config_text'); $this->request = $request; $user->add_lang('acp/common'); $this->page_title = $user->lang('ACP_POINTS_SETTINGS'); add_form_key('acp_points'); $points_config = $cache->get('points_config'); $points_values = $cache->get('points_values'); define('CONFIG_TEXT_TABLE', $table_prefix . 'config_text'); $data = $this->config_text->get_array(array('points_name', 'ultimate_points_version')); if ($request->is_set_post('submit_config')) { if (!check_form_key('vipaka/points')) { trigger_error('FORM_INVALID'); } $data['points_name'] = $this->request->variable('points_name', '', true); $data['ultimate_points_version'] = $this->request->variable('ultimate_points_version', '', true); $config->set('points_enable', $request->variable('points_enable', 0)); $this->config_text->set_array(array('points_name' => $data['points_name'], 'ultimate_points_version' => $data['ultimate_points_version'])); trigger_error($user->lang('ACP_POINTS_SETTING_SAVED') . adm_back_link($this->u_action)); } define('POINTS_TABLE', $table_prefix . 'points_values'); switch ($mode) { case 'points': $this->page_title = $user->lang('ACP_POINTS_INDEX_TITLE'); $this->tpl_name = 'acp_points_main'; $submit = request_var('submit', ''); if ($submit) { if (!check_form_key('acp_points')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Values for phpbb_config $points_name = utf8_normalize_nfc(request_var('points_name', '', true)); $points_enable = request_var('points_enable', 0); // Values for phpbb_points_config $points_disablemsg = utf8_normalize_nfc(request_var('points_disablemsg', '', true)); $transfer_enable = request_var('transfer_enable', 0); $transfer_pm_enable = request_var('transfer_pm_enable', 0); $comments_enable = request_var('comments_enable', 0); $stats_enable = request_var('stats_enable', 0); $logs_enable = request_var('logs_enable', 0); $images_topic_enable = request_var('images_topic_enable', 0); $images_memberlist_enable = request_var('images_memberlist_enable', 0); $gallery_deny_view = request_var('gallery_deny_view', 0); // Values for phpbb_points_values $sql_ary = array('number_show_per_page' => request_var('number_show_per_page', 0), 'number_show_top_points' => request_var('number_show_top_points', 0), 'points_per_attach' => round(request_var('points_per_attach', 0.0), 2), 'points_per_attach_file' => round(request_var('points_per_attach_file', 0.0), 2), 'points_per_poll' => round(request_var('points_per_poll', 0.0), 2), 'points_per_poll_option' => round(request_var('points_per_poll_option', 0.0), 2), 'points_per_topic_word' => round(request_var('points_per_topic_word', 0.0), 2), 'points_per_topic_character' => round(request_var('points_per_topic_character', 0.0), 2), 'points_per_post_word' => round(request_var('points_per_post_word', 0.0), 2), 'points_per_post_character' => round(request_var('points_per_post_character', 0.0), 2), 'reg_points_bonus' => round(request_var('reg_points_bonus', 0.0), 2), 'points_per_warn' => round(request_var('points_per_warn', 0.0), 2), 'gallery_upload' => round(request_var('gallery_upload', 0.0), 2), 'gallery_remove' => round(request_var('gallery_remove', 0.0), 2), 'gallery_view' => round(request_var('gallery_view', 0.0), 2)); // Check if number_show_per_page is at least 5 $per_page_check = request_var('number_show_per_page', 0); if ($per_page_check < 5) { trigger_error($user->lang['POINTS_SHOW_PER_PAGE_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Update values in phpbb_config if ($points_name != $config['points_name']) { set_config('points_name', $points_name); } if ($points_enable != $config['points_enable']) { set_config('points_enable', $points_enable); } // Update values in phpbb_points_config if ($points_disablemsg != $points_config['points_disablemsg']) { set_points_config('points_disablemsg', $points_disablemsg); } if ($transfer_enable != $points_config['transfer_enable']) { set_points_config('transfer_enable', $transfer_enable); } if ($transfer_pm_enable != $points_config['transfer_pm_enable']) { set_points_config('transfer_pm_enable', $transfer_pm_enable); } if ($comments_enable != $points_config['comments_enable']) { set_points_config('comments_enable', $comments_enable); } if ($stats_enable != $points_config['stats_enable']) { set_points_config('stats_enable', $stats_enable); } if ($logs_enable != $points_config['logs_enable']) { set_points_config('logs_enable', $logs_enable); } if ($images_topic_enable != $points_config['images_topic_enable']) { set_points_config('images_topic_enable', $images_topic_enable); } if ($images_memberlist_enable != $points_config['images_memberlist_enable']) { set_points_config('images_memberlist_enable', $images_memberlist_enable); } if ($gallery_deny_view != $points_config['gallery_deny_view']) { set_points_config('gallery_deny_view', $gallery_deny_view); } // Update values in phpbb_points_values $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary); $db->sql_query($sql); // Add logs add_log('admin', 'LOG_MOD_POINTS_SETTINGS'); trigger_error($user->lang['POINTS_CONFIG_SUCCESS'] . adm_back_link($this->u_action)); } else { $template->assign_vars(array('POINTS_DISABLEMSG' => $points_config['points_disablemsg'], 'TRANSFER_ENABLE' => $points_config['transfer_enable'], 'TRANSFER_PM_ENABLE' => $points_config['transfer_pm_enable'], 'COMMENTS_ENABLE' => $points_config['comments_enable'], 'STATS_ENABLE' => $points_config['stats_enable'], 'LOGS_ENABLE' => $points_config['logs_enable'], 'IMAGES_TOPIC_ENABLE' => $points_config['images_topic_enable'], 'IMAGES_MEMBERLIST_ENABLE' => $points_config['images_memberlist_enable'], 'GALLERY_DENY_VIEW' => $points_values['gallery_deny_view'], 'POINTS_NAME' => $config['points_name'], 'POINTS_PER_ATTACH' => $points_values['points_per_attach'], 'POINTS_PER_ATTACH_FILE' => $points_values['points_per_attach_file'], 'POINTS_PER_POLL' => $points_values['points_per_poll'], 'POINTS_PER_POLL_OPTION' => $points_values['points_per_poll_option'], 'POINTS_PER_TOPIC_WORD' => $points_values['points_per_topic_word'], 'POINTS_PER_TOPIC_CHARACTER' => $points_values['points_per_topic_character'], 'POINTS_PER_POST_WORD' => $points_values['points_per_post_word'], 'POINTS_PER_POST_CHARACTER' => $points_values['points_per_post_character'], 'POINTS_PER_WARN' => $points_values['points_per_warn'], 'REG_POINTS_BONUS' => $points_values['reg_points_bonus'], 'NUMBER_SHOW_TOP_POINTS' => $points_values['number_show_top_points'], 'NUMBER_SHOW_PER_PAGE' => $points_values['number_show_per_page'], 'POINTS_ENABLE' => $config['points_enable'] ? true : false, 'GALLERY_UPLOAD' => $points_values['gallery_upload'], 'GALLERY_REMOVE' => $points_values['gallery_remove'], 'GALLERY_VIEW' => $points_values['gallery_view'])); } // Delete all userlogs $reset_pointslogs = isset($_POST['action_points_logs']) ? true : false; if ($reset_pointslogs) { if (confirm_box(true)) { define('POINTS_LOG_TABLE', $table_prefix . 'points_log'); if (!$auth->acl_get('a_points')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($db->sql_layer) { case 'sqlite': case 'firebird': $db->sql_query('DELETE FROM ' . POINTS_LOG_TABLE); break; default: $db->sql_query('TRUNCATE TABLE ' . POINTS_LOG_TABLE); break; } add_log('admin', 'LOG_RESYNC_POINTSLOGSCOUNTS'); trigger_error($user->lang['LOG_RESYNC_POINTSLOGSCOUNTS'] . adm_back_link($this->u_action)); } else { $s_hidden_fields = build_hidden_fields(array('action_points_logs' => true)); // Display mode confirm_box(false, $user->lang['RESYNC_POINTSLOGS_CONFIRM'], $s_hidden_fields); } } // Delete all userpoints $reset_points_user = isset($_POST['action_points']) ? true : false; if ($reset_points_user) { if (confirm_box(true)) { if (!$auth->acl_get('a_points')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } $db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_points = 0'); add_log('admin', 'LOG_RESYNC_POINTSCOUNTS'); trigger_error($user->lang['LOG_RESYNC_POINTSCOUNTS'] . adm_back_link($this->u_action)); } else { $s_hidden_fields = build_hidden_fields(array('action_points' => true)); // Display mode confirm_box(false, $user->lang['RESYNC_POINTS_CONFIRM'], $s_hidden_fields); } } // Transfer or set points for groups $group_transfer = isset($_POST['group_transfer']) ? true : false; $group_transfer_points = request_var('group_transfer_points', 0.0); $func = request_var('func', ''); $group_id = request_var('group_id', 0); $pm_subject = utf8_normalize_nfc(request_var('pm_subject', '', true)); $pm_text = utf8_normalize_nfc(request_var('pm_text', '', true)); $sql_array = array('SELECT' => 'group_id, group_name, group_type', 'FROM' => array(GROUPS_TABLE => 'g'), 'ORDER_BY' => 'group_name'); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $total_groups = $db->sql_affectedrows($result); $db->sql_freeresult($result); $template->assign_vars(array('U_SMILIES' => append_sid("{$phpbb_root_path}posting.{$phpEx}", 'mode=smilies'), 'S_GROUP_OPTIONS' => group_select_options($total_groups), 'U_ACTION' => $this->u_action)); // Update the points if ($group_transfer) { if (!check_form_key('acp_points')) { // trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_array = array('SELECT' => 'group_type, group_name', 'FROM' => array(GROUPS_TABLE => 'g'), 'WHERE' => 'group_id = ' . (int) $group_id); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $group_name = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; // Check if we try transfering to BOTS or GUESTS if ($row['group_name'] == 'BOTS' || $row['group_name'] == 'GUESTS') { trigger_error($user->lang['POINTS_GROUP_TRANSFER_SEL_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql_array = array('SELECT' => 'user_id', 'FROM' => array(USER_GROUP_TABLE => 'g'), 'WHERE' => 'user_pending <> ' . TRUE . ' AND group_id = ' . (int) $group_id); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $user_ids = array(); while ($row = $db->sql_fetchrow($result)) { $user_ids[] = $row['user_id']; } $db->sql_freeresult($result); if (sizeof($user_ids)) { if ($func == 'add') { $sql = "UPDATE " . USERS_TABLE . "\n SET user_points = user_points + {$group_transfer_points}\n WHERE " . $db->sql_in_set('user_id', $user_ids); add_log('admin', 'LOG_GROUP_TRANSFER_ADD'); } if ($func == 'substract') { $sql = "UPDATE " . USERS_TABLE . "\n SET user_points = user_points - {$group_transfer_points}\n WHERE " . $db->sql_in_set('user_id', $user_ids); add_log('admin', 'LOG_GROUP_TRANSFER_ADD'); } if ($func == 'set') { $sql = "UPDATE " . USERS_TABLE . "\n SET user_points = {$group_transfer_points}\n WHERE " . $db->sql_in_set('user_id', $user_ids); add_log('admin', 'LOG_GROUP_TRANSFER_SET'); } $result = $db->sql_query($sql); // Send PM, if pm subject and pm comment is entered if ($pm_subject != '' || $pm_text != '') { if ($pm_subject == '' || $pm_text == '') { trigger_error($user->lang['POINTS_GROUP_TRANSFER_PM_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } else { $sql_array = array('SELECT' => 'user_id, group_id', 'FROM' => array(USER_GROUP_TABLE => 'g'), 'WHERE' => 'user_pending <> ' . TRUE . ' AND group_id = ' . (int) $group_id); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $group_to = array(); while ($row = $db->sql_fetchrow($result)) { $group_to[$row['group_id']] = 'to'; } $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; $pm_data = array('address_list' => array('g' => $group_to), 'from_user_id' => $user->data['user_id'], 'from_username' => 'Points Transfer', 'icon_id' => 0, 'from_user_ip' => $user->data['user_ip'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); $db->sql_freeresult($result); } $message = $user->lang['POINTS_GROUP_TRANSFER_PM_SUCCESS'] . adm_back_link($this->u_action); trigger_error($message); } else { $message = $user->lang['POINTS_GROUP_TRANSFER_SUCCESS'] . adm_back_link($this->u_action); trigger_error($message); } } } // phpBB Gallery integration if (isset($config['gallery_total_images'])) { $template->assign_vars(array('S_GALLERY_EXIST' => true, 'POINTS_NAME' => $config['points_name'])); } $template->assign_vars(array('S_POINTS_MAIN' => true, 'S_POINTS_ACTIVATED' => $config['points_enable'] ? true : false, 'U_ACTION' => $this->u_action)); break; case 'lottery': $this->page_title = 'ACP_POINTS_LOTTERY_TITLE'; $this->tpl_name = 'acp_points_lottery'; $action = request_var('action', ''); $submit = request_var('submit', ''); $lottery_data = $errors = array(); if ($submit) { if (!check_form_key('acp_points')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Get current lottery_base_amount $current_lottery_jackpot = $points_values['lottery_jackpot']; $current_lottery_base_amount = $points_values['lottery_base_amount']; // Values for phpbb_points_config $lottery_enable = request_var('lottery_enable', 0); $lottery_multi_ticket_enable = request_var('lottery_multi_ticket_enable', 0); $display_lottery_stats = request_var('display_lottery_stats', 0); // Values for phpbb_points_values $lottery_base_amount = round(request_var('lottery_base_amount', 0.0), 2); $lottery_draw_period = request_var('lottery_draw_period', 0) * 3600; $lottery_ticket_cost = round(request_var('lottery_ticket_cost', 0.0), 2); $lottery_name = utf8_normalize_nfc(request_var('lottery_name', '', true)); $lottery_chance = round(request_var('lottery_chance', 0.0), 2); $lottery_max_tickets = round(request_var('lottery_max_tickets', 0.0), 2); $lottery_pm_from = request_var('lottery_pm_from', 0); $lottery_current_jackpot = round(request_var('lottery_current_jackpot', 0.0), 2); $lottery_calc = request_var('lottery_last_draw_time', 0); // Calculate next lottery time $lottery_last_draw_time = $lottery_calc - $lottery_draw_period; // Check entered lottery chance - has to be max 100 if ($lottery_chance > 100) { trigger_error($user->lang['LOTTERY_CHANCE_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // If base amount increases, increase jackpot if ($lottery_base_amount > $current_lottery_base_amount) { $this->set_points_values('lottery_jackpot', $current_lottery_jackpot + $lottery_base_amount - $current_lottery_base_amount); } // Update values in phpbb_points_config if ($lottery_enable != $points_config['lottery_enable']) { set_points_config('lottery_enable', $lottery_enable); } if ($lottery_multi_ticket_enable != $points_config['lottery_multi_ticket_enable']) { set_points_config('lottery_multi_ticket_enable', $lottery_multi_ticket_enable); } if ($lottery_last_draw_time > 0) { $this->set_points_values('lottery_last_draw_time', $lottery_last_draw_time); } if ($display_lottery_stats != $points_config['display_lottery_stats']) { set_points_config('display_lottery_stats', $display_lottery_stats); } // Update values in phpbb_points_values $this->set_points_values('lottery_base_amount', $lottery_base_amount); // Check if 0 is entered. Must be > 0 if ($lottery_draw_period < 0) { trigger_error($user->lang['LOTTERY_DRAW_PERIOD_SHORT'] . adm_back_link($this->u_action), E_USER_WARNING); } else { $this->set_points_values('lottery_draw_period', $lottery_draw_period); } $this->set_points_values('lottery_ticket_cost', $lottery_ticket_cost); $this->set_points_values('lottery_name', $lottery_name); $this->set_points_values('lottery_chance', $lottery_chance); $this->set_points_values('lottery_max_tickets', $lottery_max_tickets); $this->set_points_values('lottery_jackpot', $lottery_current_jackpot); // Check, if the entered user_id really exists $sql_array = array('SELECT' => 'user_id', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $lottery_pm_from); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $id_exist = $db->sql_fetchfield('user_id'); $db->sql_freeresult($result); if ($lottery_pm_from == 0) { $this->set_points_values('lottery_pm_from', $lottery_pm_from); } else { if (empty($id_exist)) { trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING); } else { $this->set_points_values('lottery_pm_from', $lottery_pm_from); } } // Set last draw time to current time, if draw period activated if ($points_values['lottery_last_draw_time'] == 0 && $points_values['lottery_draw_period'] != 0) { $this->set_points_values('lottery_last_draw_time', time()); } // Set last draw time to 0, if draw period deactivated if ($points_values['lottery_draw_period'] == 0) { $this->set_points_values('lottery_last_draw_time', 0); } // Add logs add_log('admin', 'LOG_MOD_POINTS_LOTTERY'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } // Delete lottery history $reset_lottery_history = isset($_POST['action_lottery_history']) ? true : false; if ($reset_lottery_history) { if (confirm_box(true)) { if (!$auth->acl_get('a_points')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($db->sql_layer) { case 'sqlite': case 'firebird': $db->sql_query('DELETE FROM ' . POINTS_LOTTERY_HISTORY_TABLE); break; default: $db->sql_query('TRUNCATE TABLE ' . POINTS_LOTTERY_HISTORY_TABLE); break; } add_log('admin', 'LOG_RESYNC_LOTTERY_HISTORY'); trigger_error($user->lang['LOG_RESYNC_LOTTERY_HISTORY'] . adm_back_link($this->u_action)); } else { $s_hidden_fields = build_hidden_fields(array('action_lottery_history' => true)); // Display mode confirm_box(false, $user->lang['RESYNC_LOTTERY_HISTORY_CONFIRM'], $s_hidden_fields); } } $template->assign_vars(array('LOTTERY_BASE_AMOUNT' => $points_values['lottery_base_amount'], 'LOTTERY_CURRENT_JACKPOT' => $points_values['lottery_jackpot'], 'LOTTERY_DRAW_PERIOD' => $points_values['lottery_draw_period'] == 0 ? $points_values['lottery_draw_period'] : $points_values['lottery_draw_period'] / 3600, 'LOTTERY_NEXT_DRAWING' => $user->format_date($points_values['lottery_last_draw_time'] + $points_values['lottery_draw_period'], false, true), 'LOTTERY_TICKET_COST' => $points_values['lottery_ticket_cost'], 'LOTTERY_CASH_NAME' => $config['points_name'], 'LOTTERY_NAME' => $points_values['lottery_name'], 'LOTTERY_CHANCE' => $points_values['lottery_chance'], 'LOTTERY_MAX_TICKETS' => $points_values['lottery_max_tickets'], 'LOTTERY_PM_FROM' => $points_values['lottery_pm_from'], 'S_LOTTERY_ENABLE' => $points_config['lottery_enable'] ? true : false, 'S_LOTTERY_MULTI_TICKET_ENABLE' => $points_config['lottery_multi_ticket_enable'] ? true : false, 'S_DISPLAY_LOTTERY_STATS' => $points_config['display_lottery_stats'] ? true : false, 'S_LOTTERY' => true, 'U_ACTION' => $this->u_action)); break; case 'bank': $this->page_title = 'ACP_POINTS_BANK_TITLE'; $this->tpl_name = 'acp_points_bank'; $action = request_var('action', ''); $submit = request_var('submit', ''); $bank_data = $errors = array(); if ($submit) { if (!check_form_key('acp_points')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Values for phpbb_points_config $bank_enable = request_var('bank_enable', 0); // Values for phpbb_points_values $bank_interest = round(request_var('bank_interest', 0.0), 2); $bank_fees = round(request_var('bank_fees', 0.0), 2); $bank_pay_period = round(request_var('bank_pay_period', 0.0), 2) * 86400; $bank_min_withdraw = round(request_var('bank_min_withdraw', 0.0), 2); $bank_min_deposit = round(request_var('bank_min_deposit', 0.0), 2); $bank_interestcut = round(request_var('bank_interestcut', 0.0), 2); $bank_cost = round(request_var('bank_cost', 0.0), 2); $bank_name = utf8_normalize_nfc(request_var('bank_name', '', true)); // Check entered bank interesst - has to be max 100 and cannot be below 0 if ($bank_interest > 100 || $bank_interest < 0) { trigger_error($user->lang['BANK_INTEREST_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check entered bank fees - has to be max 100 and cannot be below 0 if ($bank_fees > 100 || $bank_fees < 0) { trigger_error($user->lang['BANK_FEES_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check the bank period if ($bank_pay_period < 0) { trigger_error($user->lang['BANK_PAY_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Update values in phpbb_points_config if ($bank_enable != $points_config['bank_enable']) { set_points_config('bank_enable', $bank_enable); } // Update values in phpbb_points_values $this->set_points_values('bank_interest', $bank_interest); $this->set_points_values('bank_fees', $bank_fees); $this->set_points_values('bank_pay_period', $bank_pay_period); $this->set_points_values('bank_min_withdraw', $bank_min_withdraw); $this->set_points_values('bank_min_deposit', $bank_min_deposit); $this->set_points_values('bank_interestcut', $bank_interestcut); $this->set_points_values('bank_cost', $bank_cost); $this->set_points_values('bank_name', $bank_name); // Add logs add_log('admin', 'LOG_MOD_POINTS_BANK'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } // Delete all bank accounts $delete_bank_accounts = isset($_POST['action_bank_points']) ? true : false; if ($delete_bank_accounts) { define('POINTS_BANK_TABLE', $table_prefix . 'points_bank'); if (confirm_box(true)) { if (!$auth->acl_get('a_points')) { trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING); } switch ($db->sql_layer) { case 'sqlite': case 'firebird': $db->sql_query('DELETE FROM ' . POINTS_BANK_TABLE); break; default: $db->sql_query('TRUNCATE TABLE ' . POINTS_BANK_TABLE); break; } add_log('admin', 'LOG_RESYNC_BANK_ACCOUNTS'); trigger_error($user->lang['LOG_RESYNC_BANK_ACCOUNTS'] . adm_back_link($this->u_action)); } else { $s_hidden_fields = build_hidden_fields(array('action_bank_points' => true)); // Display mode confirm_box(false, $user->lang['RESYNC_BANK_ACCOUNTS_CONFIRM'], $s_hidden_fields); } } $template->assign_vars(array('BANK_PAY_PERIOD' => $points_values['bank_pay_period'] == 0 ? $points_values['bank_pay_period'] : $points_values['bank_pay_period'] / 86400, 'BANK_POINTS_NAME' => $config['points_name'], 'BANK_FEES' => $points_values['bank_fees'], 'BANK_INTEREST' => $points_values['bank_interest'], 'BANK_MIN_WITHDRAW' => $points_values['bank_min_withdraw'], 'BANK_MIN_DEPOSIT' => $points_values['bank_min_deposit'], 'BANK_INTERESTCUT' => $points_values['bank_interestcut'], 'BANK_COST' => $points_values['bank_cost'], 'BANK_NAME' => $points_values['bank_name'], 'S_BANK_ENABLE' => $points_config['bank_enable'] ? true : false, 'S_POINTS_BANK' => true, 'U_ACTION' => $this->u_action)); break; case 'robbery': $this->page_title = 'ACP_POINTS_ROBBERY_TITLE'; $this->tpl_name = 'acp_points_robbery'; $action = request_var('action', ''); $submit = request_var('submit', ''); $robbery_data = $errors = array(); if ($submit) { if (!check_form_key('acp_points')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Values for phpbb_points_config $robbery_enable = request_var('robbery_enable', 0); $robbery_sendpm = request_var('robbery_sendpm', 0); $robbery_usage = request_var('robbery_usage', 0); // Values for phpbb_points_values $robbery_chance = round(request_var('robbery_chance', 0.0), 2); $robbery_loose = round(request_var('robbery_loose', 0.0), 2); $robbery_max_rob = round(request_var('robbery_max_rob', 0.0), 2); // Check, if entered robbery chance is 0 or below if ($robbery_chance <= 0) { trigger_error($user->lang['ROBBERY_CHANCE_MINIMUM'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check entered robbery chance - has to be max 100 if ($robbery_chance > 100) { trigger_error($user->lang['ROBBERY_CHANCE_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check, if entered robbery loose is 0 or below if ($robbery_loose <= 0) { trigger_error($user->lang['ROBBERY_LOOSE_MINIMUM'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check entered robbery loose - has to be max 100 if ($robbery_loose > 100) { trigger_error($user->lang['ROBBERY_LOOSE_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check, if entered robbery is 0 or below if ($robbery_max_rob <= 0) { trigger_error($user->lang['ROBBERY_MAX_ROB_MINIMUM'] . adm_back_link($this->u_action), E_USER_WARNING); } // Check entered robbery max rob value - has to be max 100 if ($robbery_max_rob > 100) { trigger_error($user->lang['ROBBERY_MAX_ROB_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING); } // Update values in phpbb_points_config if ($robbery_enable != $points_config['robbery_enable']) { set_points_config('robbery_enable', $robbery_enable); } if ($robbery_sendpm != $points_config['robbery_sendpm']) { set_points_config('robbery_sendpm', $robbery_sendpm); } if ($robbery_usage != $points_config['robbery_usage']) { set_points_config('robbery_usage', $robbery_usage); } // Update values in phpbb_points_values $this->set_points_values('robbery_chance', $robbery_chance); $this->set_points_values('robbery_loose', $robbery_loose); $this->set_points_values('robbery_max_rob', $robbery_max_rob); // Add logs add_log('admin', 'LOG_MOD_POINTS_ROBBERY'); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } $template->assign_vars(array('ROBBERY_CHANCE' => $points_values['robbery_chance'], 'ROBBERY_LOOSE' => $points_values['robbery_loose'], 'ROBBERY_MAX_ROB' => $points_values['robbery_max_rob'], 'ROBBERY_USAGE' => $points_config['robbery_usage'] ? true : false, 'S_ROBBERY_ENABLE' => $points_config['robbery_enable'] ? true : false, 'S_ROBBERY_SENDPM' => $points_config['robbery_sendpm'] ? true : false, 'S_ROBBERY' => true, 'U_ACTION' => $this->u_action)); break; case 'userguide': $this->page_title = 'ACP_POINTS_USERGUIDE_TITLE'; $this->tpl_name = 'acp_points_userguide'; $template->assign_vars(array('S_IN_POINTS_USERGUIDE' => true, 'L_BACK_TO_TOP' => $user->lang['BACK_TO_TOP'], 'ICON_BACK_TO_TOP' => '<img src="' . $phpbb_admin_path . 'images/icon_up.gif" style="vertical-align: middle;" alt="' . $user->lang['BACK_TO_TOP'] . '" title="' . $user->lang['BACK_TO_TOP'] . '" />')); $user->add_lang_ext('points', false, true); // Pull the array data from the lang pack foreach ($user->help as $help_ary) { if ($help_ary[0] == '--') { $template->assign_block_vars('userguide_block', array('BLOCK_TITLE' => $help_ary[1])); continue; } $template->assign_block_vars('userguide_block.userguide_row', array('USERGUIDE_QUESTION' => $help_ary[0], 'USERGUIDE_ANSWER' => $help_ary[1])); } break; case 'forumpoints': $this->page_title = 'ACP_POINTS_FORUM_TITLE'; $this->tpl_name = 'acp_points_forum'; $action = request_var('action', ''); $submit = request_var('submit', ''); $forum_data = $errors = array(); $extension_points_list = request_var('points_extension', array(0)); $extension_points_costs = request_var('points_extension_costs', array(0.0)); $set_point_switches = request_var('action_point_switches', ''); $set_point_values = request_var('action_point_values', ''); // Update forum points switches if ($set_point_switches) { if (!check_form_key('acp_points')) { trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } // Get config values $pertopic_enable = request_var('pertopic_enable', 0); $perpost_enable = request_var('perpost_enable', 0); $peredit_enable = request_var('peredit_enable', 0); // Update config values if ($pertopic_enable != $points_config['pertopic_enable']) { set_points_config('pertopic_enable', $pertopic_enable); } if ($perpost_enable != $points_config['perpost_enable']) { set_points_config('perpost_enable', $perpost_enable); } if ($peredit_enable != $points_config['peredit_enable']) { set_points_config('peredit_enable', $peredit_enable); } // Add logs add_log('admin', 'LOG_MOD_POINTS_FORUM_SWITCH'); trigger_error($user->lang['FORUM_POINT_SETTINGS_UPDATED'] . adm_back_link($this->u_action)); } // Update forum points values if ($set_point_values) { if (confirm_box(true)) { $forum_topic = round(request_var('forum_topic', 0.0), 2); $forum_post = round(request_var('forum_post', 0.0), 2); $forum_edit = round(request_var('forum_edit', 0.0), 2); $forum_costs = request_var('forum_costs', 1); // Update values in phpbb_points_values $this->set_points_values('forum_topic', $forum_topic); $this->set_points_values('forum_post', $forum_post); $this->set_points_values('forum_edit', $forum_edit); // Update all forum points and attachment costs $data = array('forum_pertopic' => $forum_topic, 'forum_perpost' => $forum_post, 'forum_peredit' => $forum_edit, 'forum_costs' => $forum_costs); $sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $data); $db->sql_query($sql); // Add logs add_log('admin', 'LOG_MOD_POINTS_FORUM'); trigger_error($user->lang['FORUM_POINT_SETTINGS_UPDATED'] . adm_back_link($this->u_action)); } else { $s_hidden_fields = build_hidden_fields(array('forum_topic' => request_var('forum_topic', 0.0), 'forum_post' => request_var('forum_post', 0.0), 'forum_edit' => request_var('forum_edit', 0.0), 'forum_costs' => request_var('forum_costs', 1), 'mode' => $mode, 'action' => $action, 'action_point_values' => true)); confirm_box(false, 'FORUM_POINT_UPDATE', $s_hidden_fields); } } $add_extension_points = request_var('points_extension', 0); $add_extension_points_costs = request_var('points_extension_costs', 0.0); $template->assign_vars(array('FORUM_POINTS_NAME' => $config['points_name'], 'FORUM_TOPIC' => $points_values['forum_topic'], 'FORUM_POST' => $points_values['forum_post'], 'FORUM_EDIT' => $points_values['forum_edit'], 'PERTOPIC_ENABLE' => $points_config['pertopic_enable'], 'PERPOST_ENABLE' => $points_config['perpost_enable'], 'PEREDIT_ENABLE' => $points_config['peredit_enable'], 'S_FORUMPOINTS' => true, 'FORUM_COSTS' => false, 'ADD_EXTENSION_POINTS' => isset($add_extension_points) ? $add_extension_points : '', 'ADD_EXTENSION_POINTS_COSTS' => isset($add_extension_points_costs) ? $add_extension_points_costs : '', 'POINTS_NAME' => $config['points_name'], 'U_ACTION' => $this->u_action)); $sql = 'SELECT points_extension, points_extension_costs FROM ' . EXTENSIONS_TABLE; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($set_point_values) { if (confirm_box(true)) { $extension_points_list = request_var('points_extension', array(0)); $extension_points_costs = request_var('points_extension_costs', 0); $extensions_points = array(); for ($i = 0, $size = sizeof($extension_points_list); $i < $size; $i++) { $extensions_points[$extension_points_list[$i]] = true; } print_r($extension_points_cost); $new_extension_points = isset($extensions_points[$row['extension_id']]) ? 1 : 0; if ($row['points_extension'] != $new_extension_points) { $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' SET points_extension = ' . (int) $new_extension_points . ' WHERE extension_id = ' . $row['extension_id']; $db->sql_query($sql); add_log('admin', 'LOG_ATTACH_POINTS_EXT_UPDATE', $row['extension']); } if ($row['points_extension_costs'] != $extension_points_costs[$row['extension_id']]) { $sql = 'UPDATE ' . EXTENSIONS_TABLE . ' SET points_extension_costs = ' . (double) $extension_points_costs[$row['extension_id']] . ' WHERE extension_id = ' . $row['extension_id']; $db->sql_query($sql); add_log('admin', 'LOG_ATTACH_POINTS_EXT_UPDATE', $row['extension']); } } } $template->assign_vars(array('EXTENSION_POINTS' => $row['points_extension'], 'EXTENSION_POINTS_COSTS' => $row['points_extension_costs'])); } break; } $template->assign_vars(array('U_ACTION' => $this->u_action, 'VIPAKA_POINTS_ENABLE' => $config['points_enable'])); }
private function award_medal($medals, $medal_id, $user_id, $message, $time, $points = 0, $update = 0) { generate_text_for_storage($message, $this->uid, $this->bitfield, $this->m_flags, $this->allow_bbcode, $this->allow_urls, $this->allow_smilies); if ($update > 0) { $sql_ary = array('medal_id' => $medal_id, 'user_id' => $user_id, 'nominated' => 0, 'nominated_reason' => $message, 'points' => $points, 'time' => $time, 'bitfield' => $this->bitfield, 'bbuid' => $this->uid); $sql = "UPDATE " . $this->tb_medals_awarded . " SET " . $this->db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\t\t\tWHERE id = {$update}\n\t\t\t\t\tLIMIT 1"; $this->db->sql_query($sql); $sql = "SELECT awarder_id, awarder_un, awarder_color\n\t\t\t\t\tFROM " . $this->tb_medals_awarded . "\n\t\t\t\t\tWHERE id = {$update}\n\t\t\t\t\tLIMIT 1"; $result = $this->db->sql_query($sql); $row = $this->db->sql_fetchrow($result); $this->db->sql_freeresult($result); $color = $row['awarder_color'] != "" ? '[color=#' . $row['awarder_color'] . ']' . $row['awarder_un'] . '[/color]' : $row['awarder_un']; } else { $sql_ary = array('medal_id' => $medal_id, 'user_id' => $user_id, 'awarder_id' => $this->user->data['user_id'], 'awarder_un' => $this->user->data['username'], 'awarder_color' => $this->user->data['user_colour'], 'nominated' => 0, 'nominated_reason' => $message, 'points' => $points, 'time' => $time, 'bitfield' => $this->bitfield, 'bbuid' => $this->uid); $sql = "INSERT INTO " . $this->tb_medals_awarded . " " . $this->db->sql_build_array('INSERT', $sql_ary); $color = $this->user->data['user_colour'] ? '[color=#' . $this->user->data['user_colour'] . ']' . $this->user->data['username'] . '[/color]' : $this->user->data['username']; } $result = $this->db->sql_query($sql); $message = generate_text_for_edit($message, $this->uid, $this->m_flags); $message = isset($message['text']) ? $message['text'] : ''; if ($result && $this->config['points_enable'] == 1) { $sql = "UPDATE " . USERS_TABLE . " \n\t\t\t\tSET medal_user_points = user_points + {$points}\n\t\t\t\tWHERE user_id = {$user_id}"; $this->db->sql_query($sql); } $message2 = sprintf($this->user->lang['PM_MESSAGE'], '[img]' . $medals[$medal_id]['image'] . '[/img]', $medals[$medal_id]['name'], $color); $message2 .= $message; if ($this->config['points_enable'] == 1) { if ($points < 0) { $plural = $points < -1 ? 's' : ''; $message2 .= sprintf($this->user->lang['PM_MESSAGE_POINTS_DEDUCT'], $points * -1, $plural); } else { if ($points > 0) { $plural = $points > 1 ? 's' : ''; $message2 .= sprintf($this->user->lang['PM_MESSAGE_POINTS_EARN'], $points, $plural); } } } generate_text_for_storage($message2, $this->uid, $this->bitfield, $this->m_flags, $this->allow_bbcode, $this->allow_urls, $this->allow_smilies); $this->user->add_lang('ucp'); include_once $this->phpbb_root_path . 'includes/functions_privmsgs.' . $this->php_ext; $pm_data = array('address_list' => array('u' => array($user_id => 'to')), 'from_user_id' => $this->user->data['user_id'], 'from_user_ip' => $this->user->data['user_ip'], 'from_username' => $this->user->data['username'], 'enable_sig' => false, 'enable_bbcode' => $this->allow_bbcode, 'enable_smilies' => $this->allow_smilies, 'enable_urls' => $this->allow_urls, 'icon_id' => 0, 'bbcode_bitfield' => $this->bitfield, 'bbcode_uid' => $this->uid, 'message' => $message2); $subject = sprintf($this->user->lang['PM_MSG_SUBJECT'], $this->user->data['username']); submit_pm('post', $subject, $pm_data, false); return; }
public function send_notify_edit_meeting($meeting_region, $meeting_subject, $id, $text, $checkfield = false, $checkfield_new = false) { global $user, $db, $phpEx, $phpbb_root_path; include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; $meeting_users_sql = ''; $change = $this->check_notify_field($checkfield, $checkfield_new); if ($change) { // variables to hold the parameters for submit_pm $poll = $uid = $bitfield = $options = ''; $subject = $user->lang['MEETING_EDIT_AUTHOR']; $text = sprintf($user->lang['MEETING_EDIT_TEXT'], $id, $meeting_subject, $change, $id); generate_text_for_storage($subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($text, $uid, $bitfield, $options, true, true, true); $sql = "SELECT m.user_id, u.username FROM " . MEETING_USER_TABLE . " m, " . USERS_TABLE . " u \n\t\t\t\tWHERE m.user_id = u.user_id\n\t\t\t\t\tAND m.meeting_id = {$id}\n\t\t\t\t\tAND u.user_id <> " . $user->data['user_id'] . "\n\t\t\t\tORDER BY u.username"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $arry_user = $row['user_id']; $meeting_users .= $arry_user . ', '; $data = array('address_list' => array('u' => array($arry_user => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 8, 'from_user_ip' => $user->data['user_ip'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => false, 'message' => $text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $subject, $data, false); } $db->sql_freeresult($result); } return; }
/** * Send user a private message. * * @param int $senderId The sender's user ID. * @param string $senderIp The sender's IP address. * @param string $senderUsername The sender's username. * @param int $recipientId Recipient ID. * @param string $subject Message subject. * @param string $message Message body. * @param boolean $enableSignature Attach user signature? * @param boolean $enableBBcode Enable BB code? * @param boolean $enableSmilies Enable smiles? * @param boolean $enableUrls Enable URLs (automatically wrap URLs in <a> tag)? */ public function sendPrivateMessage($senderId, $senderIp = '127.0.0.1', $senderUsername, $recipientId, $subject, $message, $enableSignature = FALSE, $enableBBcode = TRUE, $enableSmilies = TRUE, $enableUrls = TRUE) { $uid = $bitfield = $options = ''; generate_text_for_storage($message, $uid, $bitfield, $options, $enableBBcode, $enableUrls, $enableSmilies); $data = array('from_user_id' => $senderId, 'from_user_ip' => $senderIp, 'from_username' => $senderUsername, 'enable_sig' => $enableSignature, 'enable_bbcode' => $enableBBcode, 'enable_smilies' => $enableSmilies, 'enable_urls' => $enableUrls, 'icon_id' => 0, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid, 'message' => $message, 'address_list' => array('u' => array($recipientId => 'to'))); submit_pm('post', $subject, $data, FALSE); }
function compose_pm($id, $mode, $action) { global $_CLASS, $site_file_root, $config; if (!$action) { $action = 'post'; } $_CLASS['core_template']->assign(array('S_DISPLAY_FORM' => false, 'S_DRAFT_LOADED' => false, 'S_SHOW_DRAFTS' => false, 'S_POST_REVIEW' => false, 'S_INLINE_ATTACHMENT_OPTIONS' => false, 'S_EDIT_REASON' => false, 'S_HAS_ATTACHMENTS' => false, 'to_recipient' => false, 'bcc_recipient' => false, 'S_DISPLAY_HISTORY' => false, 'S_DISPLAY_PREVIEW' => false)); // Grab only parameters needed here $to_user_id = request_var('u', 0); $to_group_id = request_var('g', 0); $msg_id = request_var('p', 0); $quote_post = request_var('q', 0); $draft_id = request_var('d', 0); $lastclick = request_var('lastclick', 0); $message_text = $subject = ''; // Do NOT use request_var or specialchars here $address_list = isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array(); $submit = isset($_POST['post']); $preview = isset($_POST['preview']); $save = isset($_POST['save']); $load = isset($_POST['load']); $cancel = isset($_POST['cancel']); $confirm = isset($_POST['confirm']); $delete = isset($_POST['delete']); $remove_u = isset($_REQUEST['remove_u']); $remove_g = isset($_REQUEST['remove_g']); $add_to = isset($_REQUEST['add_to']); $add_bcc = isset($_REQUEST['add_bcc']); $refresh = isset($_POST['add_file']) || isset($_POST['delete_file']) || isset($_POST['edit_comment']) || $save || $load || $remove_u || $remove_g || $add_to || $add_bcc; $action = $delete && !$preview && !$refresh && $submit ? 'delete' : $action; $error = array(); $current_time = gmtime(); // Was cancel pressed? If so then redirect to the appropriate page if ($cancel || $current_time - $lastclick < 2 && $submit) { $redirect = generate_link("Control_Panel&i={$id}&mode=view_messages&action=view_message" . ($msg_id ? "&p={$msg_id}" : '')); redirect($redirect); } if ($action == 'forward' && (!$config['forward_pm'] || !$_CLASS['auth']->acl_get('u_pm_forward'))) { trigger_error('NO_AUTH_FORWARD_MESSAGE'); } if ($action == 'edit' && !$_CLASS['auth']->acl_get('u_pm_edit')) { trigger_error('NO_AUTH_EDIT_MESSAGE'); } $sql = ''; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. switch ($action) { case 'post': if (!$_CLASS['auth']->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } break; case 'reply': case 'quote': case 'forward': if (!$msg_id) { trigger_error('NO_MESSAGE'); } if (!$_CLASS['auth']->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } if ($quote_post) { $sql = 'SELECT p.post_text as message_text, p.poster_id as author_id, p.post_time as message_time, p.bbcode_bitfield, p.bbcode_uid, p.enable_sig, p.enable_html, p.enable_smilies, p.enable_magic_url, t.topic_title as message_subject, u.username as quote_username FROM ' . FORUMS_POSTS_TABLE . ' p, ' . FORUMS_TOPICS_TABLE . ' t, ' . USERS_TABLE . " u\n\t\t\t\t\tWHERE p.post_id = {$msg_id}\n\t\t\t\t\t\tAND t.topic_id = p.topic_id\n\t\t\t\t\t\tAND u.user_id = p.poster_id"; } else { $sql = 'SELECT t.*, p.*, u.username as quote_username FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\t\tAND p.author_id = u.user_id\n\t\t\t\t\t\tAND t.msg_id = p.msg_id\n\t\t\t\t\t\tAND p.msg_id = {$msg_id}"; } break; case 'edit': if (!$msg_id) { trigger_error('NO_MESSAGE'); } // check for outbox (not read) status, we do not allow editing if one user already having the message $sql = 'SELECT p.*, t.* FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' t, ' . FORUMS_PRIVMSGS_TABLE . ' p WHERE t.user_id = ' . $_CLASS['core_user']->data['user_id'] . ' AND t.folder_id = ' . PRIVMSGS_OUTBOX . "\n\t\t\t\t\tAND t.msg_id = {$msg_id}\n\t\t\t\t\tAND t.msg_id = p.msg_id"; break; case 'delete': if (!$_CLASS['auth']->acl_get('u_pm_delete')) { trigger_error('NO_AUTH_DELETE_MESSAGE'); } if (!$msg_id) { trigger_error('NO_MESSAGE'); } $sql = 'SELECT msg_id, unread, new, author_id, folder_id FROM ' . FORUMS_PRIVMSGS_TO_TABLE . ' WHERE user_id = ' . $_CLASS['core_user']->data['user_id'] . "\n\t\t\t\t\tAND msg_id = {$msg_id}"; break; case 'smilies': require_once $site_file_root . 'includes/forums/functions_posting.php'; generate_smilies('window', 0); script_close(false); break; default: trigger_error('NO_ACTION_MODE'); break; } if ($sql) { $result = $_CLASS['core_db']->query_limit($sql, 1); if (!($row = $_CLASS['core_db']->fetch_row_assoc($result))) { trigger_error('NO_MESSAGE'); } extract($row); $_CLASS['core_db']->free_result($result); $msg_id = (int) $msg_id; $enable_urls = $enable_magic_url; if (!$author_id && $msg_id) { trigger_error('NO_AUTHOR'); } if (($action == 'reply' || $action == 'quote') && empty($address_list) && !$refresh && !$submit && !$preview) { $address_list = array('u' => array($author_id => 'to')); } elseif ($action == 'edit' && empty($address_list) && !$refresh && !$submit && !$preview) { // Rebuild TO and BCC Header $address_list = rebuild_header(array('to' => $to_address, 'bcc' => $bcc_address)); } $check_value = ($enable_html + 1 << 16) + ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1); } else { $message_attachment = 0; if ($to_user_id && $action == 'post') { $address_list['u'][$to_user_id] = 'to'; } else { if ($to_group_id && $action == 'post') { $address_list['g'][$to_group_id] = 'to'; } } $check_value = 0; } if (($to_group_id || isset($address_list['g'])) && !$config['allow_mass_pm']) { trigger_error('NO_AUTH_GROUP_MESSAGE'); } if ($action == 'edit' && !$refresh && !$preview && !$submit) { if (!($message_time > time() - $config['pm_edit_time'] || !$config['pm_edit_time'])) { trigger_error('CANNOT_EDIT_MESSAGE_TIME'); } } if (!isset($icon_id)) { $icon_id = 0; } require_once $site_file_root . 'includes/forums/functions_admin.php'; require_once $site_file_root . 'includes/forums/functions_posting.php'; require_once $site_file_root . 'includes/forums/message_parser.php'; $message_parser = new parse_message(); $message_subject = isset($message_subject) ? $message_subject : ''; $message_parser->message = $action == 'reply' ? '' : (isset($message_text) ? $message_text : ''); unset($message_text); $s_action = "Control_Panel&i={$id}&mode={$mode}&action={$action}"; $s_action .= $msg_id ? "&p={$msg_id}" : ''; $s_action .= $quote_post ? "&q=1" : ''; // Delete triggered ? if ($action == 'delete') { // Folder id has been determined by the SQL Statement // $folder_id = request_var('f', PRIVMSGS_NO_BOX); $s_hidden_fields = '<input type="hidden" name="p" value="' . $msg_id . '" /><input type="hidden" name="f" value="' . $folder_id . '" /><input type="hidden" name="action" value="delete" />'; // Do we need to confirm ? if (confirm_box(true)) { delete_pm($_CLASS['core_user']->data['user_id'], $msg_id, $folder_id); // TODO - jump to next message in "history"? $meta_info = generate_link('Control_Panel&i=pm&folder=' . $folder_id); $message = $_CLASS['core_user']->lang['MESSAGE_DELETED']; meta_refresh(3, $meta_info); $message .= '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>'); trigger_error($message); } else { confirm_box(false, 'DELETE_MESSAGE', $s_hidden_fields); } } // Handle User/Group adding/removing handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc); // Check for too many recipients if (!$config['allow_mass_pm'] && num_recipients($address_list) > 1) { $address_list = get_recipient_pos($address_list, 1); $error[] = $_CLASS['core_user']->lang['TOO_MANY_RECIPIENTS']; } $message_parser->get_submitted_attachment_data(); if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit') { $sql = 'SELECT attach_id, physical_filename, comment, real_filename, extension, mimetype, filesize, filetime, thumbnail FROM ' . FORUMS_ATTACHMENTS_TABLE . "\n\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime " . (!$config['display_order'] ? 'DESC' : 'ASC'); $result = $_CLASS['core_db']->query($sql); $message_parser->attachment_data = array_merge($message_parser->attachment_data, $_CLASS['core_db']->fetch_row_assocset($result)); $_CLASS['core_db']->free_result($result); } if (!in_array($action, array('quote', 'edit', 'delete', 'forward'))) { $enable_sig = $config['allow_sig'] && $_CLASS['auth']->acl_get('u_sig') && $_CLASS['core_user']->optionget('attachsig'); $enable_smilies = $config['allow_smilies'] && $_CLASS['auth']->acl_get('u_pm_smilies') && $_CLASS['core_user']->optionget('smilies'); $enable_bbcode = $config['allow_bbcode'] && $_CLASS['auth']->acl_get('u_pm_bbcode') && $_CLASS['core_user']->optionget('bbcode'); $enable_urls = true; } $enable_magic_url = $drafts = false; // User own some drafts? if ($_CLASS['auth']->acl_get('u_savedrafts') && $action != 'delete') { $sql = 'SELECT draft_id FROM ' . FORUMS_DRAFTS_TABLE . ' WHERE (forum_id = 0 AND topic_id = 0) AND user_id = ' . $_CLASS['core_user']->data['user_id'] . ($draft_id ? " AND draft_id <> {$draft_id}" : ''); $result = $_CLASS['core_db']->query_limit($sql, 1); if ($_CLASS['core_db']->fetch_row_assoc($result)) { $drafts = true; } $_CLASS['core_db']->free_result($result); } if ($action == 'edit' || $action == 'forward') { $message_parser->bbcode_uid = $bbcode_uid; } $config['auth_bbcode_pm'] = true; $html_status = $config['allow_html'] && $config['auth_html_pm'] && $_CLASS['auth']->acl_get('u_pm_html'); $bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $_CLASS['auth']->acl_get('u_pm_bbcode'); $smilies_status = $config['allow_smilies'] && $config['auth_smilies_pm'] && $_CLASS['auth']->acl_get('u_pm_smilies'); $img_status = $config['auth_img_pm'] && $_CLASS['auth']->acl_get('u_pm_img'); $flash_status = $config['auth_flash_pm'] && $_CLASS['auth']->acl_get('u_pm_flash'); // Save Draft if ($save && $_CLASS['auth']->acl_get('u_savedrafts')) { $subject = request_var('subject', '', true); $subject = !$subject && $action != 'post' ? $_CLASS['core_user']->lang['NEW_MESSAGE'] : $subject; $message = request_var('message', '', true); if ($subject && $message) { $sql = 'INSERT INTO ' . FORUMS_DRAFTS_TABLE . ' ' . $_CLASS['core_db']->sql_build_array('INSERT', array('user_id' => $_CLASS['core_user']->data['user_id'], 'topic_id' => 0, 'forum_id' => 0, 'save_time' => $current_time, 'draft_subject' => $subject, 'draft_message' => $message)); $_CLASS['core_db']->query($sql); $_CLASS['core_display']->meta_refresh(3, generate_link('Control_Panel&i=pm&mode=' . $mode)); $message = $_CLASS['core_user']->lang['DRAFT_SAVED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['RETURN_UCP'], '<a href="' . generate_link('Control_Panel&i=pm&mode=' . $mode) . '">', '</a>'); trigger_error($message); } unset($subject); unset($message); } // Load Draft if ($draft_id && $_CLASS['auth']->acl_get('u_savedrafts')) { $sql = 'SELECT draft_subject, draft_message FROM ' . FORUMS_DRAFTS_TABLE . " \n\t\t\tWHERE draft_id = {$draft_id}\n\t\t\t\tAND topic_id = 0\n\t\t\t\tAND forum_id = 0\n\t\t\t\tAND user_id = " . $_CLASS['core_user']->data['user_id']; $result = $_CLASS['core_db']->query_limit($sql, 1); if ($row = $_CLASS['core_db']->fetch_row_assoc($result)) { $_REQUEST['subject'] = $row['draft_subject']; $_REQUEST['message'] = $row['draft_message']; $refresh = true; $_CLASS['core_template']->assign('S_DRAFT_LOADED', true); } else { $draft_id = 0; } } // Load Drafts if ($load && $drafts) { load_drafts(0, 0, $id); } if ($submit || $preview || $refresh) { $subject = mb_strtolower(get_variable('subject', 'POST', '')); $message_parser->message = request_var('message', '', true); $icon_id = request_var('icon', 0); $enable_html = !$html_status || isset($_POST['disable_html']) ? false : true; $enable_bbcode = !$bbcode_status || isset($_POST['disable_bbcode']) ? false : true; $enable_smilies = !$smilies_status || isset($_POST['disable_smilies']) ? false : true; $enable_urls = isset($_POST['disable_magic_url']) ? 0 : 1; $enable_sig = !$config['allow_sig'] ? false : (isset($_POST['attach_sig']) ? true : false); if ($submit) { $status_switch = ($enable_html + 1 << 16) + ($enable_bbcode + 1 << 8) + ($enable_smilies + 1 << 4) + ($enable_urls + 1 << 2) + ($enable_sig + 1 << 1); $status_switch = $status_switch != $check_value; } else { $status_switch = 1; } // Parse Attachments - before checksum is calculated $message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true); // Grab md5 'checksum' of new message $message_md5 = md5($message_parser->message); // Check checksum ... don't re-parse message if the same $update_message = $action != 'edit' || $message_md5 != $post_checksum || $status_switch || $preview ? true : false; if ($update_message) { $message_parser->parse($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, $img_status, $flash_status, true); } else { $message_parser->bbcode_bitfield = $bbcode_bitfield; } if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$_CLASS['auth']->acl_get('u_ignoreflood')) { // Flood check $last_post_time = $_CLASS['core_user']->data['user_last_post_time']; if ($last_post_time) { if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { $error[] = $_CLASS['core_user']->lang['FLOOD_ERROR']; } } } // Subject defined if (!$subject && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = $_CLASS['core_user']->lang['EMPTY_SUBJECT']; } if (empty($address_list)) { $error[] = $_CLASS['core_user']->lang['NO_RECIPIENT']; } if (!empty($message_parser->warn_msg) && !($remove_u || $remove_g || $add_to || $add_bcc)) { $error[] = implode('<br />', $message_parser->warn_msg); } // Store message, sync counters if (empty($error) && $submit) { $pm_data = array('msg_id' => (int) $msg_id, 'reply_from_root_level' => isset($root_level) ? (int) $root_level : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_html' => (bool) $enable_html, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'message_md5' => (int) $message_md5, 'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list); unset($message_parser); // ((!$message_subject) ? $subject : $message_subject) $msg_id = submit_pm($action, $subject, $pm_data, $update_message); $return_message_url = generate_link('Control_Panel&i=pm&mode=view_messages&action=view_message&p=' . $msg_id); $return_folder_url = generate_link('Control_Panel&i=pm&folder=outbox'); $_CLASS['core_display']->meta_refresh(3, $return_message_url); $message = $_CLASS['core_user']->lang['MESSAGE_STORED'] . '<br /><br />' . sprintf($_CLASS['core_user']->lang['VIEW_MESSAGE'], '<a href="' . $return_message_url . '">', '</a>') . '<br /><br />' . sprintf($_CLASS['core_user']->lang['CLICK_RETURN_FOLDER'], '<a href="' . $return_folder_url . '">', '</a>', $_CLASS['core_user']->lang['PM_OUTBOX']); trigger_error($message); } $message_subject = stripslashes($subject); } if (empty($error) && $preview) { $post_time = $action == 'edit' ? $post_time : $current_time; $preview_message = $message_parser->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies, false); $preview_signature = $_CLASS['core_user']->data['user_sig']; $preview_signature_uid = $_CLASS['core_user']->data['user_sig_bbcode_uid']; $preview_signature_bitfield = $_CLASS['core_user']->data['user_sig_bbcode_bitfield']; // Signature if ($enable_sig && $config['allow_sig'] && $preview_signature) { $parse_sig = new parse_message($preview_signature); $parse_sig->bbcode_uid = $preview_signature_uid; $parse_sig->bbcode_bitfield = $preview_signature_bitfield; $parse_sig->format_display($enable_html, $enable_bbcode, $enable_urls, $enable_smilies); $preview_signature = $parse_sig->message; unset($parse_sig); } else { $preview_signature = ''; } // Attachment Preview if (!empty($message_parser->attachment_data)) { require $site_file_root . 'includes/forums/functions_display.php'; $extensions = $update_count = array(); $_CLASS['core_template']->assign('S_HAS_ATTACHMENTS', true); display_attachments(0, 'attachment', $message_parser->attachment_data, $update_count, true); } $preview_subject = censor_text($subject); if (empty($error)) { $_CLASS['core_template']->assign(array('POST_DATE' => $_CLASS['core_user']->format_date($post_time), 'PREVIEW_SUBJECT' => $preview_subject, 'PREVIEW_MESSAGE' => $preview_message, 'PREVIEW_SIGNATURE' => $preview_signature, 'S_DISPLAY_PREVIEW' => true)); } unset($message_text); } // Decode text for message display $bbcode_uid = ($action == 'quote' || $action == 'forward') && !$preview && !$refresh && empty($error) ? $bbcode_uid : $message_parser->bbcode_uid; $message_parser->decode_message($bbcode_uid); if ($action == 'quote' && !$preview && !$refresh) { $message_parser->message = '[quote="' . $quote_username . '"]' . censor_text(trim($message_parser->message)) . "[/quote]\n"; } if (($action == 'reply' || $action == 'quote') && !$preview && !$refresh) { $message_subject = (!preg_match('/^Re:/', $message_subject) ? 'Re: ' : '') . censor_text($message_subject); } if ($action == 'forward' && !$preview && !$refresh) { $fwd_to_field = write_pm_addresses(array('to' => $to_address), 0, true); $forward_text = array(); $forward_text[] = $_CLASS['core_user']->lang['FWD_ORIGINAL_MESSAGE']; $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_SUBJECT'], censor_text($message_subject)); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_DATE'], $_CLASS['core_user']->format_date($message_time)); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_FROM'], $quote_username); $forward_text[] = sprintf($_CLASS['core_user']->lang['FWD_TO'], implode(', ', $fwd_to_field['to'])); $message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"[url=" . generate_link("Members_List&mode=viewprofile&u={$author_id}]{$quote_username}") . "[/url]\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]"; $message_subject = (!preg_match('/^Fwd:/', $message_subject) ? 'Fwd: ' : '') . censor_text($message_subject); } $attachment_data = $message_parser->attachment_data; $filename_data = $message_parser->filename_data; $message_text = $message_parser->message; unset($message_parser); // MAIN PM PAGE BEGINS HERE // Generate smiley listing generate_smilies('inline', 0); // Generate PM Icons $s_pm_icons = false; if ($config['enable_pm_icons']) { $s_pm_icons = posting_gen_topic_icons($action, $icon_id); } // Generate inline attachment select box posting_gen_inline_attachments($attachment_data); // Build address list for display // array('u' => array($author_id => 'to')); if (!empty($address_list)) { // Get Usernames and Group Names $result = array(); if (isset($address_list['u']) && !empty($address_list['u'])) { $result['u'] = $_CLASS['core_db']->query('SELECT user_id as id, username as name, user_colour as colour FROM ' . USERS_TABLE . ' WHERE user_id IN (' . implode(', ', array_map('intval', array_keys($address_list['u']))) . ')'); } if (isset($address_list['g']) && !empty($address_list['g'])) { $result['g'] = $_CLASS['core_db']->query('SELECT group_id as id, group_name as name, group_colour as colour FROM ' . GROUPS_TABLE . ' WHERE group_receive_pm = 1 AND group_id IN (' . implode(', ', array_map('intval', array_keys($address_list['g']))) . ')'); } $u = $g = array(); foreach (array('u', 'g') as $type) { if (isset($result[$type]) && $result[$type]) { while ($row = $_CLASS['core_db']->fetch_row_assoc($result[$type])) { ${$type}[$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']); } $_CLASS['core_db']->free_result($result[$type]); } } // Now Build the address list $plain_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { if (!isset(${$type}[$id])) { unset($address_list[$type][$id]); continue; } $field = $field == 'to' ? 'to' : 'bcc'; $type = $type == 'u' ? 'u' : 'g'; $id = (int) $id; $_CLASS['core_template']->assign_vars_array($field . '_recipient', array('NAME' => ${$type}[$id]['name'], 'IS_GROUP' => $type == 'g', 'IS_USER' => $type == 'u', 'COLOUR' => ${$type}[$id]['colour'] ? ${$type}[$id]['colour'] : '', 'UG_ID' => $id, 'U_VIEW' => $type == 'u' ? generate_link('Members_List&mode=viewprofile&u=' . $id) : generate_link('Members_List&mode=group&g=' . $id), 'TYPE' => $type)); } } } // Build hidden address list $s_hidden_address_field = ''; foreach ($address_list as $type => $adr_ary) { foreach ($adr_ary as $id => $field) { $s_hidden_address_field .= '<input type="hidden" name="address_list[' . ($type == 'u' ? 'u' : 'g') . '][' . (int) $id . ']" value="' . ($field == 'to' ? 'to' : 'bcc') . '" />'; } } $html_checked = isset($enable_html) ? !$enable_html : ($config['allow_html'] && $_CLASS['auth']->acl_get('u_pm_html') ? !$_CLASS['core_user']->optionget('html') : 1); $bbcode_checked = isset($enable_bbcode) ? !$enable_bbcode : ($config['allow_bbcode'] && $_CLASS['auth']->acl_get('u_pm_bbcode') ? !$_CLASS['core_user']->optionget('bbcode') : 1); $smilies_checked = isset($enable_smilies) ? !$enable_smilies : ($config['allow_smilies'] && $_CLASS['auth']->acl_get('u_pm_smilies') ? !$_CLASS['core_user']->optionget('smilies') : 1); $urls_checked = isset($enable_urls) ? !$enable_urls : 0; $sig_checked = $enable_sig; switch ($action) { case 'post': $page_title = $_CLASS['core_user']->lang['POST_NEW_PM']; break; case 'quote': $page_title = $_CLASS['core_user']->lang['POST_QUOTE_PM']; break; case 'reply': $page_title = $_CLASS['core_user']->lang['POST_REPLY_PM']; break; case 'edit': $page_title = $_CLASS['core_user']->lang['POST_EDIT_PM']; break; case 'forward': $page_title = $_CLASS['core_user']->lang['POST_FORWARD_PM']; break; default: trigger_error('NO_ACTION_MODE'); } $s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />'; $s_hidden_fields .= isset($check_value) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : ''; $s_hidden_fields .= $draft_id || isset($_REQUEST['draft_loaded']) ? '<input type="hidden" name="draft_loaded" value="' . (isset($_REQUEST['draft_loaded']) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : ''; $form_enctype = @ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || @ini_get('file_uploads') == '0' || !$config['allow_pm_attach'] || !$_CLASS['auth']->acl_get('u_pm_attach') ? '' : ' enctype="multipart/form-data"'; // Start assigning vars for main posting page ... $_CLASS['core_template']->assign(array('L_POST_A' => $page_title, 'L_ICON' => $_CLASS['core_user']->lang['PM_ICON'], 'L_MESSAGE_BODY_EXPLAIN' => intval($config['max_post_chars']) ? sprintf($_CLASS['core_user']->lang['MESSAGE_BODY_EXPLAIN'], intval($config['max_post_chars'])) : '', 'SUBJECT' => isset($message_subject) ? $message_subject : '', 'MESSAGE' => $message_text, 'HTML_STATUS' => $html_status ? $_CLASS['core_user']->lang['HTML_IS_ON'] : $_CLASS['core_user']->lang['HTML_IS_OFF'], 'BBCODE_STATUS' => $bbcode_status ? sprintf($_CLASS['core_user']->lang['BBCODE_IS_ON'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>') : sprintf($_CLASS['core_user']->lang['BBCODE_IS_OFF'], '<a href="' . generate_link('Forums&file=faq&mode=bbcode') . '" target="_phpbbcode">', '</a>'), 'IMG_STATUS' => $img_status ? $_CLASS['core_user']->lang['IMAGES_ARE_ON'] : $_CLASS['core_user']->lang['IMAGES_ARE_OFF'], 'FLASH_STATUS' => $flash_status ? $_CLASS['core_user']->lang['FLASH_IS_ON'] : $_CLASS['core_user']->lang['FLASH_IS_OFF'], 'SMILIES_STATUS' => $smilies_status ? $_CLASS['core_user']->lang['SMILIES_ARE_ON'] : $_CLASS['core_user']->lang['SMILIES_ARE_OFF'], 'MINI_POST_IMG' => $_CLASS['core_user']->img('icon_post', $_CLASS['core_user']->lang['PM']), 'ERROR' => empty($error) ? '' : implode('<br />', $error), 'S_EDIT_POST' => $action == 'edit', 'S_SHOW_PM_ICONS' => $s_pm_icons, 'S_HTML_ALLOWED' => $html_status, 'S_HTML_CHECKED' => $html_checked ? ' checked="checked"' : '', 'S_BBCODE_ALLOWED' => $bbcode_status, 'S_BBCODE_CHECKED' => $bbcode_checked ? ' checked="checked"' : '', 'S_SMILIES_ALLOWED' => $smilies_status, 'S_SMILIES_CHECKED' => $smilies_checked ? ' checked="checked"' : '', 'S_SIG_ALLOWED' => $config['allow_sig'] && $_CLASS['auth']->acl_get('u_sig'), 'S_SIGNATURE_CHECKED' => $sig_checked ? ' checked="checked"' : '', 'S_MAGIC_URL_CHECKED' => $urls_checked ? ' checked="checked"' : '', 'S_SAVE_ALLOWED' => $_CLASS['auth']->acl_get('u_savedrafts'), 'S_HAS_DRAFTS' => $_CLASS['auth']->acl_get('u_savedrafts') && $drafts, 'S_FORM_ENCTYPE' => $form_enctype, 'S_POST_ACTION' => generate_link($s_action), 'S_HIDDEN_ADDRESS_FIELD' => $s_hidden_address_field, 'S_HIDDEN_FIELDS' => $s_hidden_fields)); // Attachment entry if ($_CLASS['auth']->acl_get('u_pm_attach') && $config['allow_pm_attach'] && $form_enctype) { posting_gen_attachment_entry($attachment_data, $filename_data); } }
/** * Notify moderators of pending items. Notification is via options configured in ACP ie. Email/Jabber/Private message * * @param string &$mcp_mode_to_approve mode used in URL sent to notify of pending item * */ function pending_notification($mcp_mode_to_approve) { global $user, $phpEx, $auth, $garage_config, $config, $garage, $phpbb_root_path; //Get All Users With The Rights To Approve Items If We Need To if ($garage_config['enable_email_pending_notify'] || $garage_config['enable_pm_pending_notify']) { $garage_moderators = $auth->acl_get_list(false, array('m_garage_approve_vehicle', 'm_garage_approve_make', 'm_garage_approve_model', 'm_garage_approve_business', 'm_garage_approve_quartermile', 'm_garage_approve_dynorun', 'm_garage_approve_guestbook', 'm_garage_approve_lap', 'm_garage_approve_track', 'm_garage_approve_product'), false); //Merge All Moderators With Permissions & Unique Them. $moderators = array_unique(array_merge($garage_moderators[0]['m_garage_approve_vehicle'], $garage_moderators[0]['m_garage_approve_make'], $garage_moderators[0]['m_garage_approve_model'], $garage_moderators[0]['m_garage_approve_business'], $garage_moderators[0]['m_garage_approve_quartermile'], $garage_moderators[0]['m_garage_approve_dynorun'], $garage_moderators[0]['m_garage_approve_guestbook'], $garage_moderators[0]['m_garage_approve_lap'], $garage_moderators[0]['m_garage_approve_track'], $garage_moderators[0]['m_garage_approve_product'])); } //Do We Send Email && Jabber Notifications On Pending Items? if ($garage_config['enable_email_pending_notify']) { //Get All Garage Moderators To Notify Via Email $moderators_to_email = $garage->moderators_requiring_email($moderators, $garage_config['enable_email_pending_notify_optout']); //Process All Moderator Returned And Send Them Notification Via There Perferred Methods (Email/Jabber) for ($i = 0, $count = sizeof($moderators_to_email); $i < $count; $i++) { include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $messenger->template('garage_pending', $moderators_to_email[$i]['user_lang']); $messenger->replyto($config['board_contact']); $messenger->to($moderators_to_email[$i]['user_email'], $moderators_to_email[$i]['username']); $messenger->im($moderators_to_email[$i]['user_jabber'], $moderators_to_email[$i]['username']); $messenger->assign_vars(array('U_MCP' => generate_board_url() . "/mcp.{$phpEx}?i=garage&mode={$mcp_mode_to_approve}")); //Send Them The Actual Notification $messenger->send($moderators_to_email[$i]['user_notify_type']); } } //Do We Send Private Message Notifications On Pending Items? if ($garage_config['enable_pm_pending_notify']) { //Get All Garage Moderators To Notify Via PM $moderators_to_pm = $garage->moderators_requiring_pm($moderators, $garage_config['enable_pm_pending_notify_optout']); //Process All Moderator Returned And Send Them Notification Via Private Message for ($i = 0, $count = sizeof($moderators_to_pm); $i < $count; $i++) { include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; $message_parser = new parse_message(); $message_parser->message = sprintf($user->lang['PENDING_NOTIFY_TEXT'], '<a href="mcp.' . $phpEx . '?i=garage&mode=' . $mcp_mode_to_approve . '">' . $user->lang['HERE'] . '</a>'); $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array('from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->data['user_ip'], 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($moderators_to_pm[$i]['user_id'] => 'to'))); //Now We Have All Data Lets Send The PM!! submit_pm('post', $user->lang['PENDING_ITEMS'], $pm_data, false, false); } } return; }
/** * Run the tool */ function run_tool() { global $cache, $config, $db, $user; // Prevent some errors from missing language strings. $user->add_lang('posting'); // Define some vars that we'll need $reparse_id = request_var('reparseids', ''); $reparse_pm_id = request_var('reparsepms', ''); $mode = request_var('mode', BBCODE_REPARSE_POSTS); $step = request_var('step', 0); $start = $step * $this->step_size; $cnt = 0; // If post IDs or PM IDs were specified, we need to make sure the list is valid. $reparse_posts = array(); $reparse_pms = array(); if (!empty($reparse_id)) { $reparse_posts = explode(',', $reparse_id); if (!sizeof($reparse_posts)) { trigger_error('REPARSE_IDS_INVALID'); } // Make sure there's no extra whitespace array_walk($reparse_posts, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_posts', $reparse_posts); } else { if ($mode == BBCODE_REPARSE_POSTS) { if (($result = $cache->get('_stk_reparse_posts')) !== false) { $reparse_posts = $result; } } } if (!empty($reparse_pm_id)) { $reparse_pms = explode(',', $reparse_pm_id); if (!sizeof($reparse_pms)) { trigger_error('REPARSE_IDS_INVALID'); } // Again, make sure the format is okay array_walk($reparse_pms, array($this, '_trim_post_ids')); $cache->put('_stk_reparse_pms', $reparse_pms); } else { if ($mode == BBCODE_REPARSE_PMS) { if (($result = $cache->get('_stk_reparse_pms')) !== false) { $reparse_pms = $result; } } } // The message parser if (!class_exists('parse_message')) { global $phpbb_root_path, $phpEx; // required! include PHPBB_ROOT_PATH . 'includes/message_parser.' . PHP_EXT; } // Posting helper functions if ($mode == BBCODE_REPARSE_POSTS && !function_exists('submit_post')) { include PHPBB_ROOT_PATH . 'includes/functions_posting.' . PHP_EXT; } // PM helper function if ($mode == BBCODE_REPARSE_PMS && !function_exists('submit_pm')) { include PHPBB_ROOT_PATH . 'includes/functions_privmsgs.' . PHP_EXT; } // First step? Prepare the backup // For now disabled. Have to see how to implement this with regards to sigs and pms // if ($step == 0) // { // $this->_prepare_backup(); // $this->_next_step($step); // } // Greb our batch $bitfield = isset($_POST['reparseall']) ? true : false; switch ($mode) { case BBCODE_REPARSE_POSTS: $sql_ary = array('SELECT' => 'f.*, p.*, t.*, u.username', 'FROM' => array(FORUMS_TABLE => 'f', POSTS_TABLE => 'p', TOPICS_TABLE => 't', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "p.bbcode_bitfield != '' AND " : '') . 't.topic_id = p.topic_id AND u.user_id = p.poster_id AND f.forum_id = t.forum_id' . (sizeof($reparse_posts) ? ' AND ' . $db->sql_in_set('p.post_id', $reparse_posts) : '')); break; case BBCODE_REPARSE_PMS: $sql_ary = array('SELECT' => 'pm.*, u.username AS author_name', 'FROM' => array(PRIVMSGS_TABLE => 'pm', USERS_TABLE => 'u'), 'WHERE' => ($bitfield ? "pm.bbcode_bitfield != '' AND " : '') . 'u.user_id = pm.author_id' . (sizeof($reparse_pms) ? ' AND ' . $db->sql_in_set('pm.msg_id', $reparse_pms) : '')); break; case BBCODE_REPARSE_SIGS: $sql_ary = array('SELECT' => 'u.*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => $bitfield ? "u.user_sig_bbcode_bitfield != ''" : ''); break; } $sql = $db->sql_build_query('SELECT', $sql_ary); $result = $db->sql_query_limit($sql, $this->step_size, $start); $batch = $db->sql_fetchrowset($result); $db->sql_freeresult($result); // Finished? if (!$batch && $mode == BBCODE_REPARSE_SIGS) { // Done! $cache->destroy('_stk_reparse_posts'); $cache->destroy('_stk_reparse_pms'); trigger_error($user->lang['REPARSE_BBCODE_COMPLETE']); } else { if (!$batch) { // Move to the next type $this->_next_step(0, $mode, true); } } // Backup // For now disabled. Have to see how to implement this with regards to sigs and pms // $this->_backup($batch); // User object used to store a second user object used when parsing signatures. (#62451) $_user2 = new user(); // Walk through the batch foreach ($batch as $this->data) { // The flags for signatures are hidden inside the user options. if ($mode == BBCODE_REPARSE_SIGS) { // Set the options $this->data['enable_bbcode'] = $_user2->optionget('sig_bbcode', $this->data['user_options']); $this->data['enable_magic_url'] = $_user2->optionget('sig_links', $this->data['user_options']); $this->data['enable_smilies'] = $_user2->optionget('sig_smilies', $this->data['user_options']); } // Update the post flags $this->flags['enable_bbcode'] = $config['allow_bbcode'] ? $this->data['enable_bbcode'] : false; $this->flags['enable_magic_url'] = $config['allow_post_links'] ? $this->data['enable_magic_url'] : false; $this->flags['enable_smilies'] = $this->data['enable_smilies'] ? true : false; $this->flags['img_status'] = $config['allow_bbcode'] ? true : false; $this->flags['flash_status'] = $config['allow_bbcode'] && $config['allow_post_flash'] ? true : false; $this->flags['enable_urls'] = $config['allow_post_links'] ? true : false; // Reparse them! $pm_data = $post_data = $sig_data = array(); switch ($mode) { case BBCODE_REPARSE_POSTS: // Setup the parser $this->message_parser = new parse_message($this->data['post_text']); unset($this->data['post_text']); // Reparse the post $this->_reparse_post($post_data); // Re-submit the post through API submit_post('edit', $this->data['post_subject'], $this->data['username'], $this->data['topic_type'], $this->poll, $post_data, true, true); break; case BBCODE_REPARSE_PMS: // Setup the parser $this->message_parser = new parse_message($this->data['message_text']); unset($this->data['post_text']); // Reparse the pm $this->_reparse_pm($pm_data); // Re-submit the pm through the API submit_pm('edit', $this->data['message_subject'], $pm_data, false); break; case BBCODE_REPARSE_SIGS: // SEtup the parser $this->message_parser = new parse_message($this->data['user_sig']); unset($this->data['user_sig']); // Reparse the sig $this->_reparse_sig($sig_data); // Insert back into the db $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sig_data) . ' WHERE user_id = ' . (int) $this->data['user_id']; $db->sql_query($sql); break; } // Unset some vars so the next round starts clean $this->message_parser = null; $this->poll_parser = null; unset($this->poll, $post_data, $pm_data); $this->flags = array_fill_keys(array_keys($this->flags), false); $_user2->keyvalues = array(); } // Next step $this->_next_step($step, $mode); }
/** * Insert the warning into the database */ function add_warning($user_row, $warning, $warn_len, $warn_len_other, $warn_type = WARNING, $send_pm = true, $post_id = 0) { global $phpEx, $phpbb_root_path, $config, $phpbb_log; global $template, $db, $user, $auth, $cache; if (!in_array($warn_type, array(WARNING, BAN))) { $warn_type = WARNING; } $warn_end = $this->get_warning_end($warn_len, $warn_len_other); if ($send_pm) { require $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; require $phpbb_root_path . 'includes/message_parser.' . $phpEx; $user_row['user_lang'] = file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mcp.{$phpEx}") ? $user_row['user_lang'] : $config['default_lang']; include $phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp.{$phpEx}"; $message_parser = new \parse_message(); $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning); $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array('from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($user_row['user_id'] => 'to'))); submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false); } $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', time(), array('username' => $user_row['username'])); $log_id = $phpbb_log->add('user', $user->data['user_id'], $user_row['user_ip'], 'LOG_USER_WARNING_BODY', time(), array($warning, 'reportee_id' => $user_row['user_id'])); $sql_ary = array('user_id' => $user_row['user_id'], 'post_id' => $post_id, 'log_id' => $log_id, 'warning_time' => time(), 'warning_end' => (int) $warn_end, 'warning_type' => $warn_type, 'warning_status' => 1); $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_warnings = user_warnings + 1, user_last_warning = ' . time() . ' WHERE user_id = ' . $user_row['user_id']; $db->sql_query($sql); $cache->destroy('sql', WARNINGS_TABLE); // We add this to the mod log too for moderators to see that a specific user got warned. $sql = 'SELECT forum_id, topic_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', time(), array('forum_id' => $row['forum_id'], 'topic_id' => $row['topic_id'], 'username' => $user_row['username'])); }
/** * Insert the warning into the database */ function add_warning($user_row, $warning, $send_pm = true, $post_id = 0) { global $phpEx, $phpbb_root_path, $config, $phpbb_log; global $db, $user; if ($send_pm) { include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; // Attempt to translate warning to language of user being warned if user's language differs from issuer's language if ($user_row['user_lang'] != $user->lang_name) { $lang = array(); $user_row['user_lang'] = file_exists($phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp." . $phpEx) ? $user_row['user_lang'] : $config['default_lang']; include $phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mcp." . $phpEx; $warn_pm_subject = $lang['WARNING_PM_SUBJECT']; $warn_pm_body = sprintf($lang['WARNING_PM_BODY'], $warning); unset($lang); } else { $warn_pm_subject = $user->lang('WARNING_PM_SUBJECT'); $warn_pm_body = $user->lang('WARNING_PM_BODY', $warning); } $message_parser = new parse_message(); $message_parser->message = $warn_pm_body; $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array('from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($user_row['user_id'] => 'to'))); submit_pm('post', $warn_pm_subject, $pm_data, false); } $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', false, array($user_row['username'])); $log_id = $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING_BODY', false, array('reportee_id' => $user_row['user_id'], $warning)); $sql_ary = array('user_id' => $user_row['user_id'], 'post_id' => $post_id, 'log_id' => $log_id, 'warning_time' => time()); $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_warnings = user_warnings + 1, user_last_warning = ' . time() . ' WHERE user_id = ' . $user_row['user_id']; $db->sql_query($sql); // We add this to the mod log too for moderators to see that a specific user got warned. $sql = 'SELECT forum_id, topic_id FROM ' . POSTS_TABLE . ' WHERE post_id = ' . $post_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $phpbb_log->add('mod', $user->data['user_id'], $user->ip, 'LOG_USER_WARNING', false, array('forum_id' => $row['forum_id'], 'topic_id' => $row['topic_id'], 'post_id' => $post_id, $user_row['username'])); }
/** * function messenger */ function messenger($data, $method) { global $config, $user, $phpbb_root_path, $phpEx; if (!class_exists('messenger')) { include $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; } if (!function_exists('submit_pm')) { include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; } $template_file = array_search($data['message_type'], $this->INVITE_MESSAGE_TYPE) . '_message'; $subject = $this->get_template(array_search($data['message_type'], $this->INVITE_MESSAGE_TYPE) . '_subject.txt', $data['invite_language']); $message = $this->get_template("{$template_file}.txt", $data['invite_language']); // Set up subject and message wildcards $this->vars['USER_SUBJECT'] = !empty($data['subject']) ? htmlspecialchars_decode($data['subject']) : ''; $this->vars['USER_MESSAGE'] = !empty($data['message']) ? htmlspecialchars_decode($data['message']) : ''; // Use user specified subject and message if the template is empty $subject = empty($subject) ? $this->vars['USER_SUBJECT'] : $subject; $message = empty($message) ? $this->vars['USER_MESSAGE'] : $message; // Parse subject wildcards (message wildcards will be parsed later) foreach ($this->vars as $wildcard => $value) { $subject = str_replace('{' . $wildcard . '}', $value, $subject); } switch ($method) { case EMAIL: $messenger = new messenger(false); // Use false so send the e-mail immediately $username = isset($data['register_real_name']) ? $data['register_real_name'] : $this->register_user['username']; $messenger->to($data['register_email'], $username); $messenger->template($template_file, $data['invite_language']); $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $data['method_user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $this->user_return_data($data['method_user_id'], 'user_id', 'username')); $messenger->headers('X-AntiAbuse: User IP - ' . $this->user_return_data($data['method_user_id'], 'user_id', 'user_ip')); $messenger->subject($subject); $messenger->set_mail_priority($data['priority']); $messenger->assign_vars($this->vars); $messenger->assign_vars(array('CONTACT_EMAIL' => $config['board_contact'])); if (!$messenger->send()) { $errored = true; return false; } break; case PM: // We can use invite_user_id here, because we are just going to send confirmations $address_list = array(); $address_list['u'][$data['invite_user_id']] = 'to'; // Replace all placeholders foreach ($this->vars as $replace => $value) { $message = str_replace('{' . $replace . '}', $value, $message); } $pm_data = array('from_user_id' => $this->register_user['user_id'], 'from_user_ip' => $this->register_user['user_ip'], 'from_username' => $this->register_user['username'], 'icon_id' => 0, 'enable_sig' => true, 'enable_bbcode' => false, 'enable_smilies' => false, 'enable_urls' => false, 'bbcode_bitfield' => '', 'bbcode_uid' => '', 'message' => $message, 'attachment_data' => '', 'filename_data' => '', 'address_list' => $address_list); submit_pm('post', $subject, $pm_data); break; } return true; }
/** * Notify users about karma's changes (via PM/email/jabber) */ function user_notification($data) { global $user, $db; $forum_id = $data['forum_id']; $topic_id = $data['topic_id']; $post_id = $data['post_id']; $user_id = $data['user_id']; $sql = 'SELECT user_karma_notify_pm, user_karma_notify_email, user_karma_notify_jabber FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $to_user = $db->sql_fetchrow($result); $notifications['pm'] = $this->config['notify_pm'] && $to_user['user_karma_notify_pm']; $notifications['email'] = $this->config['notify_email'] && $to_user['user_karma_notify_email']; $notifications['jabber'] = $this->config['notify_jabber'] && $to_user['user_karma_notify_jabber']; $from_user_id = $user->data['user_id']; $from_username = $user->data['username']; // Select template for messenger, subject and message if ($data['action'] == 'increase') { $subject = 'KARMA_NOTIFY_INCREASE_SUBJECT'; $message = 'KARMA_NOTIFY_INCREASE_MESSAGE'; $notify_tpl = 'karma_notify_increase'; if ($this->config['anonym_increase']) { $message .= '_ANONYM'; $notify_tpl .= '_anonym'; $from_user_id = $data['user_id']; $from_username = $user->lang['KARMA_NOTIFY_HIDDEN_SENDER']; } } else { $subject = 'KARMA_NOTIFY_DECREASE_SUBJECT'; $message = 'KARMA_NOTIFY_DECREASE_MESSAGE'; $notify_tpl = 'karma_notify_decrease'; if ($this->config['anonym_decrease']) { $message .= '_ANONYM'; $notify_tpl .= '_anonym'; $from_user_id = $data['user_id']; $from_username = $user->lang['KARMA_NOTIFY_HIDDEN_SENDER']; } } if ($this->config['power_show']) { $message .= '_POWERED'; $notify_tpl .= '_powered'; } if ($notifications['pm']) { global $config, $phpbb_root_path, $phpEx; $subject = $user->lang[$subject]; $message = sprintf($user->lang[$message], $user->data['username'], $data['karma_power']); $message .= !empty($data['comment']) ? "\r\n" . sprintf($user->lang['KARMA_NOTIFY_MESSAGE_COMMENTS'], $user->data['username']) . "\r\n\r\n" . $data['comment'] : ''; $message .= "\r\n\r\n" . $this->generate_backlink($forum_id, $topic_id, $post_id, $user_id); include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; $message_parser = new parse_message(); $message = utf8_normalize_nfc($message); $options = ''; generate_text_for_storage($message, $data['bbcode_uid'], $data['bbcode_bitfield'], $options, true, true, true); $icon_id = $data['icon_id']; // Always attach signature status $enable_sig = !$config['allow_sig'] || !$config['allow_sig_pm'] ? false : ($user->optionget('attachsig') ? true : false); // Store message, sync counters $pm_data = array('from_user_id' => $from_user_id, 'from_user_ip' => $user->data['user_ip'], 'from_username' => $from_username, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => $data['enable_bbcode'], 'enable_smilies' => $data['enable_smilies'], 'enable_urls' => $data['enable_urls'], 'bbcode_bitfield' => $data['bbcode_bitfield'], 'bbcode_uid' => $data['bbcode_uid'], 'author_id' => $user->data['user_id'], 'message' => $message, 'address_list' => array('u' => array($data['user_id'] => 'to'))); unset($message_parser); submit_pm('post', $subject, $pm_data, false); } if ($notifications['email'] || $notifications['jabber']) { if ($notifications['email'] && $notifications['jabber'] && $config['email_enable'] && $config['jab_enable']) { $method = NOTIFY_BOTH; } else { if ($notifications['email'] && $config['email_enable']) { $method = NOTIFY_EMAIL; } else { if ($notifications['jabber'] && $config['jab_enable']) { $method = NOTIFY_IM; } else { return; } } } $comment = ''; if ($this->config['comments'] && $data['comment']) { $comment = $data['comment']; // make list items visible as such if ($data['bbcode_uid']) { $comment = str_replace('[*:' . $data['bbcode_uid'] . ']', '⋅ ', $comment); // no BBCode in comment strip_bbcode($comment, $data['bbcode_uid']); } $comment = "\r\n" . $user->lang['KARMA_NOTIFY_MESSAGE_COMMENTS'] . "\r\n" . $comment . "\r\n"; } // Now, we are able to really send out notifications global $db, $phpbb_root_path, $phpEx; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; $messenger = new messenger(); $messenger->template($notify_tpl, $user->data['user_lang']); $messenger->to($user->data['user_email'], $user->data['username']); $messenger->im($user->data['user_jabber'], $user->data['username']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($data['username']), 'AUTHOR_NAME' => htmlspecialchars_decode($user->data['username']), 'POWER' => $data['karma_power'], 'BACKLINK' => $this->generate_backlink($forum_id, $topic_id, $post_id, $user_id), 'COMMENT' => $comment)); $messenger->send($method); $messenger->save_queue(); } }
while ($row = $db->sql_fetchrow($result)) { for ($i = 0; $i < count($to); $i++) { if ($row['username'] == $to[$i]) { $address_list['u'][$row['user_id']] = 'to'; } } } $db->sql_freeresult($result); $enable_bbcode = true; $enable_smilies = true; $enable_urls = true; $message_parser->parse($enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']); // data to pass $pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => isset($post['root_level']) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => (int) $icon_id, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list); // send the private message $msg_id = submit_pm('post', $title, $pm_data); // send success $output = clean('1'); } else { // send failure $output = clean('0'); } } // *************************** // ********** LOGIN ********** // *************************** if ($username && $password) { $autologin = true; $viewonline = 1; $admin = 0; // v1.1 added base64 encoding to passwords. Simple encoding is used and not encryption.
/** * Insert the warning into the database */ function add_warning($userrow, $warning, $send_pm = true, $post_id = 0) { global $phpEx, $phpbb_root_path, $config; global $template, $db, $user, $auth; if ($send_pm) { include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; $userrow['user_lang'] = file_exists($phpbb_root_path . 'language/' . $userrow['user_lang'] . "/mcp.{$phpEx}") ? $userrow['user_lang'] : $config['default_lang']; include $phpbb_root_path . 'language/' . basename($userrow['user_lang']) . "/mcp.{$phpEx}"; $message_parser = new parse_message(); $message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning); $message_parser->parse(true, true, true, false, false, true); $pm_data = array('from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->data['user_ip'], 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => (int) $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($userrow['user_id'] => 'to'))); submit_pm('post', $lang['WARNING_PM_SUBJECT'], $pm_data, false, false); } add_log('admin', 'LOG_USER_WARNING', $userrow['username']); $log_id = add_log('user', $userrow['user_id'], 'LOG_USER_WARNING_BODY', $warning); $sql_ary = array('user_id' => $userrow['user_id'], 'post_id' => $post_id, 'log_id' => $log_id, 'warning_time' => time()); $db->sql_query('INSERT INTO ' . WARNINGS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $sql = 'UPDATE ' . USERS_TABLE . ' SET user_warnings = user_warnings + 1, user_last_warning = ' . time() . ' WHERE user_id = ' . $userrow['user_id']; $db->sql_query($sql); }
/** * Send the approve/deny notification */ private function send_approve_deny_notification($approve = true) { $this->user->add_lang_ext('phpbb/titania', 'manage'); phpbb::_include('functions_privmsgs', 'submit_pm'); // Need some stuff $contrib = new titania_contribution(); $contrib->load((int) $this->contrib_id); $revision = new titania_revision($contrib, $this->revision_id); $revision->load(); // Generate the authors list to send it to $authors = array($contrib->contrib_user_id => 'to'); $sql = 'SELECT user_id FROM ' . TITANIA_CONTRIB_COAUTHORS_TABLE . ' WHERE contrib_id = ' . (int) $this->contrib_id . ' AND active = 1'; $result = phpbb::$db->sql_query($sql); while ($row = phpbb::$db->sql_fetchrow($result)) { $authors[$row['user_id']] = 'to'; } phpbb::$db->sql_freeresult($result); // Subject $subject = sprintf(phpbb::$user->lang[$contrib->type->validation_subject], $contrib->contrib_name, $revision->revision_version); // Message $notes = $this->validation_notes; message::decode($notes, $this->validation_notes_uid); if ($approve) { $message = $contrib->type->validation_message_approve; } else { $message = $contrib->type->validation_message_deny; } $message = sprintf(phpbb::$user->lang[$message], $notes); // Replace empty quotes if there are no notes if (!$notes) { $message = str_replace('[quote][/quote]', phpbb::$user->lang['NO_NOTES'], $message); } // Parse the message $message_uid = $message_bitfield = $message_options = false; generate_text_for_storage($message, $message_uid, $message_bitfield, $message_options, true, true, true); $data = array('address_list' => array('u' => $authors), 'from_user_id' => phpbb::$user->data['user_id'], 'from_username' => phpbb::$user->data['username'], 'icon_id' => 0, 'from_user_ip' => phpbb::$user->ip, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $message, 'bbcode_bitfield' => $message_bitfield, 'bbcode_uid' => $message_uid); // Hooks titania::$hook->call_hook_ref(array(__CLASS__, __FUNCTION__), $data, $this); // Submit Plz submit_pm('post', $subject, $data, true); }
* Get vehicle & user notification data from DB */ $data = $garage_vehicle->get_vehicle($vid); $notify_data = $garage_guestbook->notify_on_comment($data['user_id']); /** * Perform user PM notification if required */ if ($notify_data['user_garage_guestbook_pm_notify']) { include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; $data['vehicle_link'] = '<a href="garage_vehicle.' . $phpEx . '?mode=view_vehicle&VID=' . $vid . '#guestbook">' . $user->lang['HERE'] . '</a>'; $message_parser = new parse_message(); $message_parser->message = sprintf($user->lang['GUESTBOOK_NOTIFY_TEXT'], $data['vehicle_link']); $message_parser->parse(true, true, true, false, false, true, true); $pm_data = array('from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->data['user_ip'], 'from_username' => $user->data['username'], 'enable_sig' => false, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => false, 'icon_id' => 0, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'address_list' => array('u' => array($data['user_id'] => 'to'))); submit_pm('post', $user->lang['GUESTBOOK_NOTIFY_SUBJECT'], $pm_data, false, false); } /** * Perform user email/jabber notification if required */ if ($notify_data['user_garage_guestbook_email_notify']) { //Guess we need some code here at some point soon ;) } /** * Perform moderator notification if required */ if ($garage_config['enable_guestbooks_comment_approval']) { $garage->pending_notification('unapproved_guestbook_comments'); } /** * All work complete for mode, so redirect to correct page
// Select the receiver language $user_row['user_lang'] = file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mods/points.{$phpEx}") ? $user_row['user_lang'] : $config['default_lang']; // load receivers language include $phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mods/points.{$phpEx}"; // Send PM $pm_subject = utf8_normalize_nfc($lang['ROBBERY_PM_BAD_SUBJECT']); if ($robbery_pm_info == 1) { $pm_text = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_BAD_BODY_1'], $user_namepoints, $attacked_amount, $config['points_name'], sprintf(number_format_points($lose)))); } else { $pm_text = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_BAD_BODY'], $user_namepoints, $attacked_amount, $config['points_name'])); } $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); $pm_data = array('address_list' => array('u' => array($user_id => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->lang['ROBBERY_PM_SENDER'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); } $message = $user->lang['ROBBERY_BAD'] . '<br /><br />' . $robbery_usage_info . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } } $template->assign_vars(array('USER_NAME' => get_username_string('full', $checked_user['user_id'], $points_config['username'], $points_config['user_colour']), 'U_ACTION' => $this->u_action, 'S_HIDDEN_FIELDS' => $hidden_fields)); } // If Robbery PN is enabled, show option to disable for the users if ($points_config['robbery_sendpm']) { if (isset($_POST['robbery_pm'])) { if (!check_form_key('robbery_attack')) { trigger_error('FORM_INVALID'); } $user_robbery_pm = request_var('user_robbery_pm', 0); $sql = 'UPDATE ' . USERS_TABLE . '
/** * sends a personal message with the contents of the form * @todo make this work */ private function pm_sendform($message, $user_id = 2, $sender_id = 2) { global $user, $config; global $phpEx, $phpbb_root_path; global $messenger; include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; $sender = $this->get_user_info($sender_id); $message_parser = new parse_message(); $data = array(); //$messenger->template('raidplan_delete', $row['user_lang']); $subject = '[' . $user->lang['RAIDPLANNER'] . '] ' . $user->lang['DELRAID'] . ': ' . $this->eventlist->events[$this->event_type]['event_name'] . ' ' . $user->format_date($this->start_time, $config['rp_date_time_format'], true); $userids = array($this->poster); $rlname = array(); user_get_id_name($userids, $rlname); $messenger->assign_vars(array('RAIDLEADER' => $rlname[$this->poster], 'USERNAME' => htmlspecialchars_decode($row['username']), 'EVENT_SUBJECT' => $subject, 'EVENT' => $this->eventlist->events[$this->event_type]['event_name'], 'INVITE_TIME' => $user->format_date($this->invite_time, $config['rp_date_time_format'], true), 'START_TIME' => $user->format_date($this->start_time, $config['rp_date_time_format'], true), 'END_TIME' => $user->format_date($this->end_time, $config['rp_date_time_format'], true), 'TZ' => $user->lang['tz'][(int) $user->data['user_timezone']], 'U_RAIDPLAN' => generate_board_url() . "/dkp.{$phpEx}?page=planner&view=raidplan&raidplanid=" . $this->id)); $messenger->msg = trim($messenger->tpl_obj->assign_display('body')); $messenger->msg = str_replace("\r\n", "\n", $messenger->msg); $messenger->msg = utf8_normalize_nfc($messenger->msg); $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage $allow_bbcode = $allow_smilies = $allow_urls = true; generate_text_for_storage($messenger->msg, $uid, $bitfield, $options, $allow_bbcode, $allow_urls, $allow_smilies); $messenger->msg = generate_text_for_display($messenger->msg, $uid, $bitfield, $options); $data = array('address_list' => array('u' => array($row['user_id'] => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 0, 'from_user_ip' => $user->data['user_ip'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $messenger->msg, 'bbcode_bitfield' => $this->bbcode['bitfield'], 'bbcode_uid' => $this->bbcode['uid']); if ($config['rp_pm_rpchange'] == 1 && (int) $row['user_allow_pm'] == 1) { // send a PM submit_pm('post', $subject, $data, false); } }
function create_message_func($xmlrpc_params) { global $db, $user, $auth, $config, $phpbb_root_path, $phpEx; $user->setup('ucp'); include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx; if (!$user->data['is_registered']) { trigger_error('LOGIN_EXPLAIN_UCP'); } if (!$config['allow_privmsg']) { trigger_error('Module not accessible'); } // Flood check $current_time = time(); $last_post_time = $user->data['user_lastpost_time']; if ($last_post_time && $current_time - $last_post_time < intval($config['flood_interval'])) { trigger_error('FLOOD_ERROR'); } $params = php_xmlrpc_decode($xmlrpc_params); if (!is_array($params[0]) || empty($params[0]) || !isset($params[1]) || utf8_clean_string($params[1]) === '' || !isset($params[2])) { trigger_error('Required paramerter missing'); } else { $user_name = $params[0]; $_REQUEST['subject'] = $params[1]; $_REQUEST['message'] = $params[2]; $subject = utf8_normalize_nfc(request_var('subject', '', true)); $text_body = utf8_normalize_nfc(request_var('message', '', true)); require_once 'include/emoji.php'; $text_body = emoji_unified_to_names($text_body); } $action = 'post'; // default action if (isset($params[3])) { if ($params[3] == 1) { $action = 'reply'; $msg_id = intval($params[4]); } else { if ($params[3] == 2) { $action = 'forword'; $msg_id = intval($params[4]); } } if (!$msg_id) { trigger_error('NO_MESSAGE'); } } if (($action == 'post' || $action == 'reply') && !$auth->acl_get('u_sendpm')) { trigger_error('NO_AUTH_SEND_MESSAGE'); } if ($action == 'forward' && (!$config['forward_pm'] || !$auth->acl_get('u_pm_forward'))) { trigger_error('NO_AUTH_FORWARD_MESSAGE'); } // Do NOT use request_var or specialchars here $address_list = array('u' => array()); foreach ($user_name as $msg_to_name) { $user_id = get_user_id_by_name(trim($msg_to_name)); if ($user_id) { $address_list['u'][$user_id] = 'to'; } else { trigger_error('PM_NO_USERS'); } } $sql = ''; // What is all this following SQL for? Well, we need to know // some basic information in all cases before we do anything. if ($action != 'post') { $sql = 'SELECT t.folder_id, p.*, u.username as quote_username FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . "\n AND p.author_id = u.user_id\n AND t.msg_id = p.msg_id\n AND p.msg_id = {$msg_id}"; } if ($sql) { $result = $db->sql_query($sql); $post = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$post) { trigger_error('NO_MESSAGE'); } if (!$post['author_id'] || $post['author_id'] == ANONYMOUS) { trigger_error('NO_AUTHOR'); } } include $phpbb_root_path . 'includes/message_parser.' . $phpEx; $message_parser = new parse_message(); // Get maximum number of allowed recipients if ($config['version'] > '3.0.3') { $sql = 'SELECT MAX(g.group_max_recipients) as max_recipients FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug WHERE ug.user_id = ' . $user->data['user_id'] . ' AND ug.user_pending = 0 AND ug.group_id = g.group_id'; $result = $db->sql_query($sql); $max_recipients = (int) $db->sql_fetchfield('max_recipients'); $db->sql_freeresult($result); $max_recipients = !$max_recipients ? $config['pm_max_recipients'] : $max_recipients; } else { $max_recipients = 10; } // If this is a quote/reply "to all"... we may increase the max_recpients to the number of original recipients if (($action == 'reply' || $action == 'quote') && $max_recipients) { // We try to include every previously listed member from the TO Header $list = rebuild_header(array('to' => $post['to_address'])); // Can be an empty array too ;) $list = !empty($list['u']) ? $list['u'] : array(); $list[$post['author_id']] = 'to'; if (isset($list[$user->data['user_id']])) { unset($list[$user->data['user_id']]); } $max_recipients = $max_recipients < sizeof($list) ? sizeof($list) : $max_recipients; unset($list); } // Handle User/Group adding/removing handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc); if ($error) { $error_msg = trim(strip_tags(implode("\n", $error))); trigger_error($error_msg); } // Check mass pm to group permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm_group')) && !empty($address_list['g'])) { $address_list = array(); trigger_error('NO_AUTH_GROUP_MESSAGE'); } // Check mass pm to users permission if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1) { $address_list = get_recipients($address_list, 1); trigger_error('TOO_MANY_RECIPIENTS'); } // Check for too many recipients if (!empty($address_list['u']) && $max_recipients && sizeof($address_list['u']) > $max_recipients) { $address_list = get_recipients($address_list, $max_recipients); trigger_error('TOO_MANY_RECIPIENTS'); } $enable_bbcode = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false; $enable_smilies = $config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies') ? true : false; $img_status = $config['auth_img_pm'] && $auth->acl_get('u_pm_img') ? true : false; $flash_status = $config['auth_flash_pm'] && $auth->acl_get('u_pm_flash') ? true : false; $enable_urls = true; $enable_sig = false; $message_parser->message = $text_body; // Parse message $message_parser->parse($enable_bbcode, $config['allow_post_links'] ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_post_links']); $pm_data = array('msg_id' => (int) $msg_id, 'from_user_id' => $user->data['user_id'], 'from_user_ip' => $user->ip, 'from_username' => $user->data['username'], 'reply_from_root_level' => isset($post['root_level']) ? (int) $post['root_level'] : 0, 'reply_from_msg_id' => (int) $msg_id, 'icon_id' => 0, 'enable_sig' => (bool) $enable_sig, 'enable_bbcode' => (bool) $enable_bbcode, 'enable_smilies' => (bool) $enable_smilies, 'enable_urls' => (bool) $enable_urls, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid, 'message' => $message_parser->message, 'attachment_data' => $message_parser->attachment_data, 'filename_data' => $message_parser->filename_data, 'address_list' => $address_list); $msg_id = submit_pm($action, $subject, $pm_data); $result = new xmlrpcval(array('result' => new xmlrpcval($msg_id ? true : false, 'boolean'), 'msg_id' => new xmlrpcval($msg_id, 'string')), 'struct'); return new xmlrpcresp($result); }
/** * Run Lottery */ function run_lottery() { global $db, $config, $user, $table_prefix, $phpbb_root_path, $phpEx; define('POINTS_LOTTERY_HISTORY_TABLE', $table_prefix . 'points_lottery_history'); define('POINTS_VALUES_TABLE', $table_prefix . 'points_values'); define('POINTS_LOTTERY_TICKETS_TABLE', $table_prefix . 'points_lottery_tickets'); $current_time = time(); // Count number of tickets $sql_array = array('SELECT' => 'COUNT(ticket_id) AS num_tickets', 'FROM' => array(POINTS_LOTTERY_TICKETS_TABLE => 'l')); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $total_tickets = (int) $db->sql_fetchfield('num_tickets'); $db->sql_freeresult($result); // Select a random user from tickets table switch ($db->sql_layer) { case 'postgres': $order_by = 'RANDOM()'; break; case 'mssql': case 'mssql_odbc': $order_by = 'NEWID()'; break; default: $order_by = 'RAND()'; break; } $sql_array = array('SELECT' => '*', 'FROM' => array(POINTS_LOTTERY_TICKETS_TABLE => 'l'), 'ORDER_BY' => $order_by); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query_limit($sql, 1); $random_user_by_tickets = (int) $db->sql_fetchfield('user_id'); $db->sql_freeresult($result); if ($total_tickets > 0) { // Genarate a random number $rand_base = $points_values['lottery_chance']; $rand_value = rand(0, 100); // Decide, if the user really wins if ($rand_value <= $rand_base) { $winning_number = $random_user_by_tickets; // Select a winner from ticket table $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $winning_number); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $winner = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Check if lottery is enabled and prepare winner informations if ($points_config['lottery_enable'] != 0) { // Select the receiver language $winner['user_lang'] = file_exists($phpbb_root_path . 'language/' . $winner['user_lang'] . "/mods/points.{$phpEx}") ? $winner['user_lang'] : $config['default_lang']; // load receivers language include $phpbb_root_path . 'language/' . basename($winner['user_lang']) . "/mods/points.{$phpEx}"; $winnings_update = $winner['user_points'] + $points_values['lottery_jackpot']; set_points($winner['user_id'], $winnings_update); $winner_notification = sprintf(number_format_points($points_values['lottery_jackpot'])) . ' ' . $config['points_name'] . ' '; $winner_deposit = $lang['LOTTERY_PM_CASH_ENABLED']; $amount_won = $points_values['lottery_jackpot']; } else { $winner_notification = ''; $winner_deposit = ''; $amount_won = ''; } // Update previous winner information $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_prev_winner = "' . $db->sql_escape($winner['username']) . '", lottery_prev_winner_id = ' . intval($winner['user_id']); $db->sql_query($sql); // Check, if user wants to be informed by PM if ($winner['user_allow_pm'] == 1) { $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $points_values['lottery_pm_from']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $pm_sender = $db->sql_fetchrow($result); $db->sql_freeresult($result); // Notify the lucky winner by PM $pm_subject = utf8_normalize_nfc($lang['LOTTERY_PM_SUBJECT']); $pm_text = utf8_normalize_nfc(sprintf($lang['LOTTERY_PM_BODY'], $winner_notification, $winner_deposit)); $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); $pm_data = array('address_list' => array('u' => array($winner['user_id'] => 'to')), 'from_user_id' => $points_values['lottery_pm_from'] == 0 ? $winner['user_id'] : $pm_sender['user_id'], 'from_username' => $points_values['lottery_pm_from'] == 0 ? $user->lang['LOTTERY_PM_COMMISION'] : $pm_sender['username'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); } // Add new winner to lottery history $sql = 'INSERT INTO ' . POINTS_LOTTERY_HISTORY_TABLE . ' ' . $db->sql_build_array('INSERT', array('user_id' => (int) $winner['user_id'], 'user_name' => $winner['username'], 'time' => $current_time, 'amount' => $points_values['lottery_jackpot'])); $db->sql_query($sql); // Update winners total $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_winners_total = lottery_winners_total + 1'; $db->sql_query($sql); // Reset jackpot $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_jackpot = lottery_base_amount'; $db->sql_query($sql); } else { $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_jackpot = lottery_jackpot + lottery_base_amount'; $db->sql_query($sql); $no_winner = 0; $sql = 'INSERT INTO ' . POINTS_LOTTERY_HISTORY_TABLE . ' ' . $db->sql_build_array('INSERT', array('user_id' => 0, 'user_name' => $no_winner, 'time' => $current_time, 'amount' => 0)); $db->sql_query($sql); // Update previous winner information $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_prev_winner = "' . $no_winner . '"'; $db->sql_query($sql); $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_prev_winner_id = 0'; $db->sql_query($sql); } } // Reset lottery // Delete all tickets $sql = 'DELETE FROM ' . POINTS_LOTTERY_TICKETS_TABLE; $db->sql_query($sql); // Reset last draw time $check_time = $points_values['lottery_last_draw_time'] + $points_values['lottery_draw_period']; $current_time = time(); if ($current_time > $check_time) { //this will *near* infinite loop if the check_time is significantly far behind the current time! while ($check_time < $current_time) { $check_time = $check_time + $points_values['lottery_draw_period']; $check_time++; } if ($check_time > $current_time) { $check_time = $check_time - $points_values['lottery_draw_period']; $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_last_draw_time = ' . $check_time; $db->sql_query($sql); } } else { $sql = 'UPDATE ' . POINTS_VALUES_TABLE . ' SET lottery_last_draw_time = lottery_last_draw_time + lottery_draw_period'; $db->sql_query($sql); } }
/** * Sends user(s) notification via PM * */ private function send_pm($to_id) { global $phpbb_root_path, $phpEx, $user; if (!class_exists('parse_message')) { include $phpbb_root_path . 'includes/message_parser.' . $phpEx; } if (!function_exists('submit_pm')) { include $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; } // Setup the PM message parser. $message_parser = new parse_message(); $message_parser->message = $this->message_text; $message_parser->parse(true, true, true, true, true, true, true); // setup the PM data... $pm_data = array('from_user_id' => 2, 'from_username' => 'Site Notifications', 'address_list' => array('u' => array($to_id => 'to')), 'icon_id' => 0, 'from_user_ip' => $user->ip, 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => false, 'message' => $message_parser->message, 'bbcode_bitfield' => $message_parser->bbcode_bitfield, 'bbcode_uid' => $message_parser->bbcode_uid); // Send the PM to the founders. submit_pm('post', $this->message_title, $pm_data, false); }
/** * raidmessenger * * eventhandler for * raidplan add send to all who have a dkp member with points * raidplan update send to raidplan participants * raidplan delete send to raidplan participants * * @param $trigger */ public function raidmessenger($trigger) { global $user, $config; global $phpEx, $phpbb_root_path; include_once $phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx; include_once $phpbb_root_path . 'includes/functions.' . $phpEx; include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx; include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx; $rpm = new \bbdkp\controller\raidplanner\Raidmessenger(); $rpm->get_notifiable_users($trigger, $this->id); $emailrecipients = array(); $messenger = new \messenger(); foreach ($rpm->send_user_data as $id => $row) { $data = array(); // get template switch ($trigger) { case 1: $messenger->template('raidplan_add', $row['user_lang']); $subject = '[' . $user->lang['RAIDPLANNER'] . '] ' . $user->lang['NEWRAID'] . ': ' . $this->eventlist[$this->event_type]['event_name'] . ' ' . $user->format_date($this->start_time, $config['rp_date_time_format'], true); break; case 2: $messenger->template('raidplan_update', $row['user_lang']); $subject = '[' . $user->lang['RAIDPLANNER'] . '] ' . $user->lang['UPDRAID'] . ': ' . $this->eventlist[$this->event_type]['event_name'] . ' ' . $user->format_date($this->start_time, $config['rp_date_time_format'], true); break; case 3: $messenger->template('raidplan_delete', $row['user_lang']); $subject = '[' . $user->lang['RAIDPLANNER'] . '] ' . $user->lang['DELRAID'] . ': ' . $this->eventlist[$this->event_type]['event_name'] . ' ' . $user->format_date($this->start_time, $config['rp_date_time_format'], true); break; } $userids = array($this->poster); $rlname = array(); user_get_id_name($userids, $rlname); $messenger->assign_vars(array('RAIDLEADER' => $rlname[$this->poster], 'USERNAME' => htmlspecialchars_decode($row['username']), 'EVENT_SUBJECT' => $subject, 'EVENT' => $this->eventlist[$this->event_type]['event_name'], 'INVITE_TIME' => $user->format_date($this->invite_time, $config['rp_date_time_format'], true), 'START_TIME' => $user->format_date($this->start_time, $config['rp_date_time_format'], true), 'END_TIME' => $user->format_date($this->end_time, $config['rp_date_time_format'], true), 'TZ' => $user->lang['tz'][(int) $user->data['user_timezone']], 'U_RAIDPLAN' => generate_board_url() . "/dkp.{$phpEx}?page=planner&view=raidplan&raidplanid=" . $this->id)); $messenger->msg = trim($messenger->tpl_obj->assign_display('body')); $messenger->msg = str_replace("\r\n", "\n", $messenger->msg); $messenger->msg = utf8_normalize_nfc($messenger->msg); $uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage $allow_bbcode = $allow_smilies = $allow_urls = true; generate_text_for_storage($messenger->msg, $uid, $bitfield, $options, $allow_bbcode, $allow_urls, $allow_smilies); $messenger->msg = generate_text_for_display($messenger->msg, $uid, $bitfield, $options); $data = array('address_list' => array('u' => array($row['user_id'] => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 0, 'from_user_ip' => $user->data['user_ip'], 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $messenger->msg, 'bbcode_bitfield' => $this->bbcode['bitfield'], 'bbcode_uid' => $this->bbcode['uid']); if ($config['rp_pm_rpchange'] == 1 && (int) $row['user_allow_pm'] == 1) { // send a PM submit_pm('post', $subject, $data, false); } if ($config['rp_email_rpchange'] == 1 && $row['user_email'] != '') { //send email, reuse messenger object $email = $messenger; $emailrecipients[] = $row['username']; $email->to($row['user_email'], $row['username']); $email->anti_abuse_headers($config, $user); $email->send(0); } } if ($config['rp_email_rpchange'] == 1 && isset($email)) { $email->save_queue(); $emailrecipients = implode(', ', $emailrecipients); add_log('admin', 'LOG_MASS_EMAIL', $emailrecipients); } }