$too_early = $_SERVER['REQUEST_TIME'] - FLOOD_CONTROL_REPLY;
$res=DB::Execute(sprintf('SELECT 1 FROM {P}PMs WHERE pmFrom = \'%s\' AND pmDateSent > %d',$_SERVER['REMOTE_ADDR'], $too_early));
if($res->RecordCount() > 0)
{
add_error('Wait at least ' . FLOOD_CONTROL_REPLY . ' seconds between each reply. ');
}
//Check inputs
list($_POST['title'],$_POST['body'])=Check4Filtered($_POST['title'],$_POST['body']);
$reply=new PM();
$reply->To = $_POST['to'];
$reply->Thread = intval($_POST['thread']);
$reply->From =$User->ID;
$reply->Title = $_POST['title'];
$reply->Body = $_POST['body'];
$reply->Save();
$_SESSION['notice']='PM sent.';
break;
}
switch(Path::FetchIndex(0))
{
default:
case 'list':
$page_title='List Private Messages';
$_SESSION['LastReadPMs']=time();
$res=DB::Execute("SELECT pmID,pmThread,pmTitle,pmDateSent,pmFrom,pmFlags FROM {P}PMs WHERE pmTo='{$User->ID}' AND (pmFlags&1)=0 ORDER BY pmDateSent DESC");
$pms=array();
while(list($id,$thread,$title,$date,$from,$flags)=$res->FetchRow())
{
if(!array_key_exists($thread,$pms))
