<div style="margin-top:32px;margin-bottom:62px;">This is the information that will displayed after X minutes.</div>
<?php
$field_name = "oh_announcements_config";
if (isset($_POST["a_saved"]) and isset($_POST["a_time"])) {
$time = (int) strip_tags(trim($_POST["a_time"]));
if (!is_numeric($time)) {
$time = 30;
}
if ($time < 0 or $time > 60 * 24) {
$time = 30;
}
$lobby = strip_tags(trim($_POST["a_lobby"]));
$data = "repeat\t{$time}\tlobby\t{$lobby}";
OS_add_custom_field(1, $field_name, $data);
$saved = 1;
OS_AddLog($_SESSION["username"], "[os_announcements] Edited Announcements Config");
}
$config = OS_get_custom_field(1, $field_name);
$cfg = explode("\t", $config);
if (isset($cfg[1])) {
$time = $cfg[1];
} else {
$time = 30;
}
if (isset($cfg[3])) {
$lby = $cfg[3];
} else {
$lby = 0;
}
function OS_ForgotPassword()
{
$errors = "";
global $db;
global $mail;
global $lang;
if (isset($_POST["reset_password"]) and isset($_POST["reset_password_submit"])) {
global $lang;
$email = EscapeStr(trim($_POST["reset_password"]));
if (isset($_SESSION["password_send"])) {
$errors .= "<h4>You have already sent a request to reset the password. Please check your mail.</h4>";
}
if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}\$/i", $email)) {
$errors .= "<h4>Invalid Email address</h4>";
}
if (empty($errors)) {
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_email = :email LIMIT 1 ");
$sth->bindValue(':email', $email, PDO::PARAM_STR);
$result = $sth->execute();
if ($sth->rowCount() <= 0) {
$errors .= "<h4>Email address does not exist in our database.</h4>";
}
if (empty($errors)) {
$code = generate_hash(16);
OS_add_custom_field(0, 'reset_password|' . $email, $code);
require "inc/class.phpmailer.php";
$message = "You have requested a password reset.<br />";
$message .= "Click on the link below to reset your password:<br /><br />";
$message .= OS_HOME . "?action=reset_password&e=" . $email . "&c=" . $code . "<br /><br />";
$message .= "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />";
$message .= "If you did not request a password reset just ignore this email and delete it.<br />";
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->ContentType = 'text/plain';
$mail->IsHTML(true);
$mail->SetFrom($lang["email_from"], $lang["email_from_full"]);
//$mail->AddReplyTo( $lang["email_from"], $lang["email_from_full"] );
$mail->AddAddress($email, "");
$mail->Subject = "Password reset!";
$mail->MsgHTML($message);
$mail->AltBody = "This is the body in plain text for non-HTML mail clients";
$mail->Send();
$_SESSION["password_send"] = time();
//Not error, just a message
$errors = "<h4>You have successfully submitted a request to reset your password. Please check your mail.</h4>";
}
}
}
?>
<div id="content" class="s-c-x">
<div class="wrapper">
<div id="main-column">
<div class="padding">
<div class="inner">
<h2>Reset password</h2>
<div class="padTop"></div>
<?php
if (isset($errors) and !empty($errors)) {
echo $errors;
}
?>
<?php
if (!isset($_GET["c"]) and !isset($_GET["e"])) {
?>
<form action="" method="post">
<table style="width:800px;">
<tr class="row">
<td></td>
<td>
<b>You can't retrieve your password, but you can set a new one by following a link sent to you by email.</b>
<div>- This is the email address you used to register on the site.</div>
<div>- If you do not receive an email, check your "Spam" folder.</div>
</td>
</tr>
<tr class="row">
<td width="120" class="padLeft">Email address:</td>
<td class="padLeft">
<input type="text" name="reset_password" size="39" value="" style="height:26px;" />
</td>
</tr>
<tr class="row">
<td width="120" class="padLeft"></td>
<td class="padLeft"><input type="submit" name="reset_password_submit" class="menuButtons" value="Send" />
<div class="padBottom"></div>
</td>
</tr>
</table>
</form>
<?php
} else {
if (isset($_GET["e"])) {
$email = EscapeStr(trim($_GET["e"]));
} else {
$email = generate_hash(12);
}
if (isset($_GET["c"])) {
$code = EscapeStr(trim($_GET["c"]));
} else {
$code = generate_hash(12);
}
if (!preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}\$/i", $email)) {
$errors .= "<h4>Invalid Email address</h4>";
}
if (empty($errors)) {
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_email = :email LIMIT 1 ");
$sth->bindValue(':email', $email, PDO::PARAM_STR);
$result = $sth->execute();
if ($sth->rowCount() <= 0) {
$errors .= "<h4>Email address does not exist in our database.</h4>";
}
}
if (empty($errors)) {
$value = OS_get_custom_field(0, 'reset_password|' . $email);
if ($code != $value or strlen($code) <= 5) {
$errors .= "<h4>Link has expired, or the password has already been reset</h4>";
}
}
//FINALLY RESET
if (empty($errors) and isset($_POST["reset_1"]) and isset($_POST["reset_2"])) {
$p1 = strip_tags($_POST["reset_1"]);
$p2 = strip_tags($_POST["reset_2"]);
if ($p1 != $p2) {
$errors .= "<h4>Both passwords are not the same</h4>";
} else {
$hash = generate_hash(16, 1);
$password_db = generate_password($p1, $hash);
$result = $db->update(OSDB_USERS, array("user_password" => $password_db, "password_hash" => $hash), "user_email = '" . $email . "'");
//OS_delete_custom_field( 0, 'reset_password|'.$email , $code);
$delete = $db->exec("DELETE FROM " . OSDB_CUSTOM_FIELDS . " \n\t\t WHERE field_value='" . $code . "' AND field_name = 'reset_password|" . $email . "' LIMIT 1");
$PasswordReset = 1;
}
}
if (isset($errors) and !empty($errors)) {
echo $errors;
} else {
if (isset($PasswordReset) and $PasswordReset == 1) {
?>
<h2>Password has been successfully changed. Now you can log in.</h2>
<?php
} else {
?>
<form action="" method="post">
<table style="width:600px;">
<tr class="row">
<td class="padLeft">New password:</td>
<td class="padLeft"><input type="password" name="reset_1" size="6" value="" /></td>
</tr>
<tr class="row">
<td class="padLeft">Repeat password:</td>
<td class="padLeft"><input type="password" name="reset_2" size="6" value="" /></td>
</tr>
<tr class="row">
<td width="120" class="padLeft"></td>
<td class="padLeft"><input type="submit" name="reset_pw" class="menuButtons" value="Reset your password" />
<div class="padBottom"></div>
</td>
</tr>
</table>
</form>
<?php
}
}
}
?>
<div style="height:260px;"></div>
</div>
</div>
</div>
</div>
</div>
<?php
}
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$field_name = "oh_badwords";
if (isset($_POST["submit_wf"]) and isset($_POST["bad_words"])) {
$words = strip_tags(trim($_POST["bad_words"]));
OS_add_custom_field(1, $field_name, $words);
$saved = 1;
OS_AddLog($_SESSION["username"], "[os_badwords] Edited Bad words");
}
$badwords = OS_get_custom_field(1, $field_name);
?>
<div align="center">
<h2>Word Filter</h2>
<form action="" method="post">
<textarea rows="10" cols="60" name="bad_words"><?php
echo $badwords;
?>
</textarea>
<div>
<input type="submit" value="Save word filter" name="submit_wf" class="menuButtons" />
</div>
</form>
<?php
if (isset($saved)) {
?>
function OS_UpdateCustomField()
{
//Update data
if (isset($_POST["change_profile"]) and isset($_POST["realm_un"]) and is_logged()) {
global $db;
$realm_un = safeEscape($_POST["realm_un"]);
$dd = safeEscape($_POST["birthday_day"]);
$mm = safeEscape($_POST["birthday_month"]);
$yy = safeEscape($_POST["birthday_year"]);
if ($dd <= 0 or $dd > 31) {
$dd = "";
} else {
$dd = $dd . '-';
}
if ($mm <= 0 or $mm > 12) {
$mm = "";
} else {
$mm = $mm . '-';
}
if ($yy <= 1930 or $yy > date("Y")) {
$yy = "";
} else {
$yy = $yy . '';
}
$user_birth = $dd . $mm . $yy;
$uid = (int) $_SESSION["user_id"];
//Check if data already exists
OS_add_custom_field($uid, "realm_username", $realm_un);
if ($dd == "" or $mm == "" or $yy == "") {
OS_delete_custom_field($uid, "user_birthday");
} else {
OS_add_custom_field($uid, "user_birthday", $user_birth);
}
}
}
function OS_PMSystem()
{
if (OS_GetAction("pm")) {
global $db;
$sth = $db->prepare("SET NAMES 'utf8'");
$result = $sth->execute();
global $lang;
global $DateFormat;
$errors = "";
?>
<div class="clr"></div>
<div class="ct-wrapper" id="content" class="s-c-x">
<div class="outer-wrapper wrapper">
<div class="content section" id="main-column">
<div class="widget Blog padding">
<div class="blog-posts hfeed padLeft padTop padBottom inner">
<h2>Private Messages</h2>
<div>
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&inbox">INBOX</a>
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&sent_items">SENT ITEMS</a>
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&new_message">NEW MESSAGE</a>
</div>
<?php
//NEW MESSAGE
if (isset($_GET["new_message"])) {
$PMName = "";
$PMText = "";
if (isset($_POST["pm_message"]) and isset($_POST["pm_name"]) and isset($_SESSION["code"]) and isset($_POST["code"])) {
$PMText = $_POST['pm_message'];
$PMText = strip_tags($PMText);
$PMName = safeEscape(trim($_POST["pm_name"]));
if ($_SESSION["code"] != $_POST["code"]) {
$errors .= "<h4>Form is not valid. Try again.</h4>";
}
if (strlen($PMText) <= 2) {
$errors .= "<h4>There are not enough characters in the message</h4>";
}
if (strlen($PMName) <= 2) {
$errors .= "<h4>Please, write a valid username</h4>";
}
if (strtolower($PMName) == $_SESSION["username"]) {
$errors .= "<h4>You can not send messages to yourself</h4>";
}
if (empty($errors)) {
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " \n\t\t\tWHERE LOWER(user_name) = ? LIMIT 1");
$sth->bindValue(1, strtolower($PMName), PDO::PARAM_STR);
$result = $sth->execute();
if ($sth->rowCount() <= 0) {
$errors .= "<h4>User not found</h4>";
} else {
$row = $sth->fetch(PDO::FETCH_ASSOC);
$userID = $row["user_id"];
}
}
if (!empty($errors)) {
echo $errors;
} else {
if (isset($userID) and is_numeric($userID) and $userID != OS_GetUserID()) {
OS_add_custom_field($userID, time() . "|" . OS_GetUserID() . "||p.m.0", $PMText);
$MailText = $PMText;
$PMName = "";
$PMText = "";
?>
<h4>Message was sent successfully</h4><?php
//SEND EMAIL NOTIFICATION
if (!isset($_SESSION["mail_sent"])) {
//$row = $sth->fetch(PDO::FETCH_ASSOC);
$_SESSION["mail_sent"] = 1;
global $lang;
global $mail;
global $DefaultHomeTitle;
$message = "You have just received a private message from " . $_SESSION["username"] . "<br />";
$message .= "Click on the following link to read the message<br />";
$message .= "" . OS_HOME . "?action=pm&inbox";
$message .= "<br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />";
$message .= convEnt($MailText);
$message .= "<br />~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />{$DefaultHomeTitle}";
require "inc/class.phpmailer.php";
$mail = new PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->SetFrom($lang["email_from"], $lang["email_from_full"]);
$mail->AddReplyTo($lang["email_from"], $lang["email_from_full"]);
$mail->AddAddress($row["user_email"], "");
$mail->Subject = "New Private Message";
$mail->MsgHTML($message);
$mail->AltBody = "This is the body in plain text for non-HTML mail clients";
$mail->Send();
}
} else {
?>
<h4>The message could not be sent</h4><?php
}
}
}
$code = generate_hash(8);
$_SESSION["code"] = $code;
?>
<form action="" method="post" accept-charset="UTF-8">
<table>
<tr class="row">
<td width="70" class="padLeft"><b>To:</b></td>
<td><input type="text" value="<?php
echo $PMName;
?>
" size="65" name="pm_name" /></td>
</tr>
<tr class="row">
<td width="70" class="padLeft"><b>Message:</b></td>
<td><textarea name="pm_message" rows="9" cols="80" ><?php
echo $PMText;
?>
</textarea></td>
</tr>
<tr class="row">
<td width="70" class="padLeft"></td>
<td><input type="submit" value="Send PM" class="menuButtons" /></td>
</tr>
</table>
<input type="hidden" name="code" value="<?php
echo $code;
?>
" />
</form>
<?php
}
//SEND MESSAGE (USER ID)
if (isset($_GET["send"]) and is_numeric($_GET["send"])) {
$uid = safeEscape((int) $_GET["send"]);
if (OS_GetUserID() == $uid) {
?>
<h4>You can not send messages to yourself</h4>
<?php
} else {
if (isset($_POST["pm_message"]) and isset($_SESSION["code"]) and isset($_POST["code"])) {
if ($_SESSION["code"] != $_POST["code"]) {
$errors .= "<div>Form is not valid. Try again.</div>";
}
$PMText = strip_tags($_POST['pm_message']);
if (strlen($PMText) <= 2) {
$errors .= "<div>There are not enough characters in the message</div>";
}
if (!empty($errors)) {
?>
<h4><?php
echo $errors;
?>
</h4><?php
} else {
//ADD MESSAGE
//ARG: TO - user ID, FROM - time_UserID, message
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_id = ? LIMIT 1");
$sth->bindValue(1, $uid, PDO::PARAM_INT);
$result = $sth->execute();
if ($sth->rowCount() >= 1) {
OS_add_custom_field($uid, time() . "|" . OS_GetUserID() . "||p.m.0", $PMText);
}
?>
<h4>Message was sent successfully</h4><?php
}
}
$code = generate_hash(8);
$_SESSION["code"] = $code;
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_id = ? LIMIT 1");
$sth->bindValue(1, $uid, PDO::PARAM_INT);
$result = $sth->execute();
if ($sth->rowCount() >= 1) {
$row = $sth->fetch(PDO::FETCH_ASSOC);
$sendTo = $row["user_name"];
?>
<form action="" method="post" accept-charset="UTF-8">
<table>
<tr class="row">
<td width="120" class="padLeft"><b>Send to:</b></td>
<td><?php
echo $sendTo;
?>
</td>
</tr>
<tr class="row">
<td width="120" class="padLeft"><b>Message:</b></td>
<td><textarea name="pm_message" rows="9" cols="80" ></textarea></td>
</tr>
<tr class="row">
<td width="120" class="padLeft"></td>
<td><input type="submit" value="Send PM" class="menuButtons" /></td>
</tr>
</table>
<input type="hidden" name="code" value="<?php
echo $code;
?>
" />
</form>
<?php
if (isset($_GET["m"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_CUSTOM_FIELDS . " WHERE field_name = ? ");
$sth->bindValue(1, safeEscape($_GET["m"]), PDO::PARAM_STR);
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$dateFor = explode("|", $row["field_name"]);
$date = (int) $dateFor[0];
//print_r($dateFor);
?>
<div class="padTop"></div>
<table>
<tr class="row">
<td class="padLeft"><b><?php
echo $sendTo;
?>
</b>, <?php
echo date($DateFormat, $date);
?>
</td>
</tr>
<tr>
<td><?php
echo convEnt($row["field_value"]);
?>
</td>
</tr>
</table>
<?php
}
} else {
?>
<h4>User not found</h4><?php
}
}
}
//SENT ITEMS
if (isset($_GET["sent_items"]) and is_logged()) {
?>
<h4>Sent items</h4><?php
//GET ALL MESSAGES
if (!empty($_GET["sent_items"]) and is_numeric($_GET["sent_items"]) and isset($_GET["m"])) {
$id = safeEscape((int) $_GET["sent_items"]);
$field = safeEscape($_GET["m"]);
$sql = "AND c.field_name = ? ";
} else {
$sql = "";
}
$sth = $db->prepare("SELECT COUNT(*) FROM " . OSDB_CUSTOM_FIELDS . " as c\n\t\tWHERE c.field_name LIKE ? {$sql}");
$sth->bindValue(1, "%|" . (int) $_SESSION["user_id"] . "||p.m.%", PDO::PARAM_STR);
if (!empty($sql)) {
$sth->bindValue(2, $field, PDO::PARAM_STR);
}
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = 10;
$offset = os_offset($numrows, $result_per_page);
$sth = $db->prepare("SELECT c.field_id, c.field_name, c.field_value, u.user_name, u.user_avatar\n\t\tFROM " . OSDB_CUSTOM_FIELDS . " as c\n\t\tLEFT JOIN " . OSDB_USERS . " as u ON u.user_id = c.field_id\n\t\tWHERE c.field_name LIKE ? {$sql}\n\t\tORDER BY c.field_name DESC\n\t\tLIMIT {$offset}, {$result_per_page}");
$sth->bindValue(1, "%|" . OS_GetUserID() . "||p.m.%", PDO::PARAM_STR);
if (!empty($sql)) {
$sth->bindValue(2, $field, PDO::PARAM_STR);
}
$result = $sth->execute();
?>
<table>
<?php
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$dateFor = explode("|", $row["field_name"]);
$date = $dateFor[0];
if (!isset($_GET["m"])) {
$text = limit_words(convEnt($row["field_value"]), 40);
} else {
$text = AutoLinkShort(convEnt($row["field_value"]));
}
?>
<tr class="row">
<td width="140"><a href="<?php
echo OS_HOME;
?>
?action=pm&sent_items=<?php
echo $row["field_id"];
?>
&m=<?php
echo $row["field_name"];
?>
"><b><?php
echo $row["user_name"];
?>
</b>, <?php
echo date($DateFormat, $date);
?>
</a></td>
<td><?php
echo $text;
?>
<?php
if (isset($_GET["m"])) {
?>
<div class="padTop">
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&send=<?php
echo $row["field_id"];
?>
&m=<?php
echo $_GET["m"];
?>
">[SEND MESSAGE]</a>
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&sent_items">« Back</a>
</div>
<?php
} else {
?>
<a href="<?php
echo OS_HOME;
?>
?action=pm&sent_items=<?php
echo $row["field_id"];
?>
&m=<?php
echo $row["field_name"];
?>
">more » </a>
<?php
}
?>
</td>
</tr>
<?php
}
if ($sth->rowCount() <= 0) {
?>
<tr><td>No new messages</td></tr><?php
}
?>
</table>
<?php
os_pagination($numrows, $result_per_page, 5, 1, '&sent_items');
}
//INBOX MESSAGES
if (isset($_GET["inbox"]) and is_logged()) {
?>
<h4>Inbox</h4><?php
if (!empty($_GET["inbox"]) and is_numeric($_GET["inbox"]) and isset($_GET["m"])) {
$id = safeEscape((int) $_GET["inbox"]);
$field = safeEscape($_GET["m"]);
$sql = "AND c.field_name = :field_name ";
$field_name = substr($field, 0, -1) . "1";
} else {
$sql = "";
}
$sth = $db->prepare("SELECT COUNT(*) FROM " . OSDB_CUSTOM_FIELDS . " as c\n\t\tWHERE c.field_id = '" . OS_GetUserID() . "' {$sql}");
//$sth->bindValue(':field_id', "%_".OS_GetUserID()."__p.m.%", PDO::PARAM_STR);
//$sth->bindValue(1, "%_".OS_GetUserID()."__p.m.%", PDO::PARAM_STR);
if (!empty($sql)) {
$sth->bindValue(':field_name', $field, PDO::PARAM_STR);
}
//$sth->bindValue(2, $field, PDO::PARAM_STR);
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = 10;
$offset = os_offset($numrows, $result_per_page);
$sth = $db->prepare("SELECT c.field_id, c.field_name, c.field_value, u.user_name, u.user_avatar\n\t\tFROM " . OSDB_CUSTOM_FIELDS . " as c\n\t\tLEFT JOIN " . OSDB_USERS . " as u ON u.user_id = c.field_id\n\t\tWHERE c.field_id = '" . OS_GetUserID() . "'\n\t\tAND field_name LIKE('%||p.m.%')\n\t\t{$sql}\n\t\tORDER BY c.field_name DESC\n\t\tLIMIT {$offset}, {$result_per_page}");
//$sth->bindValue(':field_id', "%_".OS_GetUserID()."__p.m.%", PDO::PARAM_STR);
if (!empty($sql)) {
$sth->bindValue(':field_name', $field, PDO::PARAM_STR);
}
$result = $sth->execute();
//UPDATE "read" message
if (!empty($_GET["inbox"]) and is_numeric($_GET["inbox"]) and isset($_GET["m"])) {
$field = safeEscape($_GET["m"]);
$field_name = substr($field, 0, -1) . "1";
$result = $db->update(OSDB_CUSTOM_FIELDS, array("field_name" => $field_name), "field_name = '" . $field . "'");
}
?>
<table>
<?php
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$dateFor = explode("|", $row["field_name"]);
$date = $dateFor[0];
$FromID = $dateFor[1];
$read = substr($row["field_name"], strlen($row["field_name"]) - 1, 1);
if ($read == 1) {
$col = '686A6B';
$readTxt = 'read';
} else {
$col = 'A41600';
$readTxt = '<b>new</b>';
}
if (!isset($_GET["m"])) {
$text = limit_words(convEnt($row["field_value"]), 12);
if ($read == 0) {
$text = '<span style="color: #000;"><b>' . convEnt($text) . '<b/></span>';
}
if ($read == 1) {
$text = '<span style="color: #686A6B;">' . convEnt($text) . '</span>';
}
} else {
$text = AutoLinkShort(convEnt($row["field_value"]));
}
?>
<?php
if (!isset($_GET["m"])) {
?>
<tr class="row">
<td width="120" class="padLeft">
<a href="<?php
echo OS_HOME;
?>
?action=pm&inbox=<?php
echo $FromID;
?>
&m=<?php
echo $row["field_name"];
?>
"><span style="color: #<?php
echo $col;
?>
"><b><?php
echo OS_GetUsernameByUserID($FromID);
?>
</b></span></a>
</td>
<td width="600"><a href="<?php
echo OS_HOME;
?>
?action=pm&inbox=<?php
echo $FromID;
?>
&m=<?php
echo $row["field_name"];
?>
"><?php
echo $text;
?>
</a></td>
<td><?php
echo date($DateFormat, $date);
?>
</td>
</tr>
<?php
} else {
?>
<tr class="row">
<td class="padLeft"><span style="color: #<?php
echo $col;
?>
"><b><?php
echo OS_GetUsernameByUserID($FromID);
?>
</b>, <?php
echo date($DateFormat, $date);
?>
</span></td>
</tr>
<tr>
<td><?php
echo $text;
?>
</td>
</tr>
<tr>
<td><div class="padTop padBottom">
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&send=<?php
echo $FromID;
?>
&m=<?php
echo $_GET["m"];
?>
">[SEND MESSAGE]</a>
<a class="menuButtons" href="<?php
echo OS_HOME;
?>
?action=pm&inbox">« Back</a>
</div></td>
</tr>
<?php
}
?>
<?php
}
if ($sth->rowCount() <= 0) {
?>
<tr><td>No new messages</td></tr><?php
}
?>
</table>
<?php
os_pagination($numrows, $result_per_page, 5, 1, '&inbox');
}
?>
<div class="padTop" style="margin-top:124px;"></div>
</div>
</div>
</div>
</div>
</div>
<?php
}
}
