-
Notifications
You must be signed in to change notification settings - Fork 1
/
privmsgbyid.php
83 lines (65 loc) · 3.33 KB
/
privmsgbyid.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<?php
/**************************************************************************************************
* nullBB - Light CMS forum *
* Copyright (C) 2009, BlackLight *
* *
* This program is free software: you can redistribute it and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software Foundation, either version 3 of *
* the License, or (at your option) any later version. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
**************************************************************************************************/
require_once ('./config.ini');
require_once (ABSOLUTE_BASEPATH.'/languages/'.BOARD_LANGUAGE.'.lang');
require_once (ABSOLUTE_BASEPATH.'/utils.'.PHPEXT);
require_once (ABSOLUTE_BASEPATH.'/db.'.PHPEXT);
require_once (ABSOLUTE_BASEPATH.'/session.'.PHPEXT);
if (!$_GET['msg_id'] || !$session->logged) {
print "Invalid request";
die();
}
if ($_GET['del']) {
$db = new nullBB_Database ($_CONF, $_LANG);
$res = $db->query('select * from '.$_CONF['dbprefix'].'privmsgs '.
"where privmsg_id=".getInt($_GET['msg_id'])." and privmsg_to=".getInt($userinfo['user_id']));
$db->freeResult();
if (empty($res)) {
require_once (ABSOLUTE_BASEPATH.'/header.'.PHPEXT);
notification ($_LANG['privmsg_not_found'], $_SERVER['HTTP_REFERER'], 3);
die();
}
$db->query('delete from '.$_CONF['dbprefix'].'privmsgs where privmsg_id='.getInt($_GET['msg_id']).' '.
'and privmsg_to='.getInt($userinfo['user_id']));
require_once (ABSOLUTE_BASEPATH.'/header.'.PHPEXT);
notification ($_LANG['delete_privmsg_ok'], $_SERVER['HTTP_REFERER'], 3);
die();
}
$db = new nullBB_Database ($_CONF, $_LANG);
$res = $db->query('select * from '.$_CONF['dbprefix'].'privmsgs '.
"where privmsg_id=".getInt($_GET['msg_id'])." and privmsg_to=".getInt($userinfo['user_id']));
$db->freeResult();
if (empty($res)) {
print $_LANG['privmsg_not_found'];
die();
}
$res = $res[0];
if ($res['privmsg_seen'] == false)
$db->query('update '.$_CONF['dbprefix'].'privmsgs set privmsg_seen=1 '.
'where privmsg_id='.getInt($_GET['msg_id']).' and privmsg_to='.getInt($userinfo['user_id']));
$from = $db->query('select username from '.$_CONF['dbprefix'].'users where user_id='.getInt($res['privmsg_from']));
$db->freeResult();
$from = sanitizeHTML($from[0]['username']);
$to = sanitizeHTML($userinfo['username']);
$content = bb2html($res['privmsg_content']);
print '<li class="privmsgHead">'.$_LANG['from'].': '.
'<a href="'.BASEDIR.'user/'.getInt($res['privmsg_from']).'">'.
$from."</a></li>\n";
print '<li class="privmsgHead">'.$_LANG['to'].': '.
'<a href="'.BASEDIR.'user/'.getInt($res['privmsg_to']).'">'.
$to."</a></li><br>\n";
print '<div class="privmsgContent">'.$content."</div><br>\n";
unset($res);
$db->close();
?>