function send_pm($privmsg_id, $from_userdata, &$to_user_ids, $subject, $message, $icon, $html_on = '?', $bbcode_on = '?', $smiley_on = '?', $attach_sig = '?') { global $userdata, $user_ip; global $lang, $board_config, $db, $phpbb_root_path, $phpEx, $bbcode_parse; global $folders; global $s_unread; // get some constants $time = time(); $sql_priority = SQL_LAYER == 'mysql' ? 'LOW_PRIORITY' : ''; $q = "'"; // lists of impacted users $recips = array(); // fix some parameters $privmsg_id = intval(trim($privmsg_id)); $subject = trim($subject); $message = trim($message); $icon = intval($icon); $privmsg_ip = $user_ip; // recipient is not an array, so make one if (!is_array($to_user_ids) && !empty($to_user_ids)) { $to_user_ids = array(intval($to_user_ids)); } // check if recipients if (empty($to_user_ids)) { return 'No_to_user'; } $s_to_user_ids = implode(', ', $to_user_ids); // deleted recip $s_new_delete = ''; $s_unread_delete = ''; $s_new_add = ''; $s_unread_add = ''; $s_read_add = ''; // check we have a message and a subject if (empty($subject)) { return 'Empty_subject'; } if (empty($message)) { return 'Empty_message'; } // from_user_id can be 0 for sys message (sent by the board) if (empty($from_userdata)) { $from_userdata['user_id'] = 0; $from_userdata['username'] = $board_config['sitename']; $from_userdata['user_allowhtml'] = $board_config['allow_html']; $from_userdata['user_allowbbcode'] = $board_config['allow_bbcode']; $from_userdata['user_allowsmile'] = $board_config['allow_smilies']; $from_userdata['user_attachsig'] = $board_config['allow_sig']; } $from_user_id = intval($from_userdata['user_id']); // init message row $bbcode_uid = ''; $html_on = !$board_config['allow_html'] ? false : $html_on == '?' ? intval($from_userdata['user_allowhtml']) : intval($html_on); $bbcode_on = !$board_config['allow_bbcode'] ? false : $bbcode_on == '?' ? intval($from_userdata['user_allowbbcode']) : intval($bbcode_on); $smiley_on = !$board_config['allow_smilies'] ? false : $smiley_on == '?' ? intval($from_userdata['user_allowsmile']) : intval($smiley_on); $attach_sig = !$board_config['allow_sig'] ? false : $attach_sig == '?' ? intval($from_userdata['user_attachsig']) : intval($attach_sig); $create = true; if (!empty($privmsg_id)) { $create = false; } //------------------------------ // edit a message : read the pm and take care of recipients that are no more recipients //------------------------------ if (!$create) { //------------------------------- // read the pm and check if ok to edit by the user (it has to belong to him) //------------------------------- $sql = "SELECT p.*, pr.*\n FROM " . PRIVMSGA_TABLE . " p, " . PRIVMSGA_RECIPS_TABLE . " pr\n WHERE p.privmsg_id = {$privmsg_id}\n AND pr.privmsg_id = p.privmsg_id\n AND pr.privmsg_user_id = {$from_user_id}\n AND pr.privmsg_direct = 0\n AND pr.privmsg_status = " . STS_TRANSIT; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not read message to duplicate', '', __LINE__, __FILE__, $sql); } if (!($privmsg = $db->sql_fetchrow($result))) { return 'No_such_post'; } // get some values from the original message $privmsg_ip = $privmsg['privmsg_ip']; //------------------------------- // manage recipients that are no more //------------------------------- // get users that are no more recipients and haven't read their pms $sql = "SELECT privmsg_user_id\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_status = " . STS_TRANSIT . "\n AND privmsg_read IN ({$s_unread})"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not read users no more recipients having not yet readen the message', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { if ($row['privmsg_read'] == NEW_MAIL) { $s_new_delete .= (empty($s_new_delete) ? '' : ', ') . $row['privmsg_user_ids']; } else { $s_unread_delete .= (empty($s_unread_delete) ? '' : ', ') . $row['privmsg_user_ids']; } } // delete recipients for users who have deleted the message or not yet read and are no more recipients $sql = "DELETE {$sql_priority}\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND ( privmsg_read IN ({$s_unread}) OR privmsg_status = " . STS_DELETED . " )"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete users no more recipients having deleted or not yet readen the message', '', __LINE__, __FILE__, $sql); } // verify recipients that are no more but have read the pm $sql = "SELECT *\n FROM " . PRIVMSGA_RECIPS_TABLE . "\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_read = " . READ_MAIL . "\n AND privmsg_status <> " . STS_DELETED . "\n LIMIT 0, 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not check if copy required', '', __LINE__, __FILE__, $sql); } // if some, duplicate the message and attach them to it if ($db->sql_numrows($result) > 0) { // message $fields = array(); $fields['privmsg_subject'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($privmsg['privmsg_subject'])))) . $q; $fields['privmsg_text'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($privmsg['privmsg_text'])))) . $q; $fields['privmsg_bbcode_uid'] = $q . $privmsg['privmsg_bbcode_uid'] . $q; $fields['privmsg_time'] = intval($privmsg['privmsg_time']); $fields['privmsg_enable_bbcode'] = intval($privmsg['privmsg_enable_bbcode']); $fields['privmsg_enable_html'] = intval($privmsg['privmsg_enable_html']); $fields['privmsg_enable_smilies'] = intval($privmsg['privmsg_enable_smilies']); $fields['privmsg_attach_sig'] = intval($privmsg['privmsg_attach_sig']); $fields['privmsg_icon'] = intval($privmsg['privmsg_icon']); // generate a copy of the pm for recipients that are no more but have readen the pm, and mark it as deleted for the author _sql_statements($fields, $sql_fields, $sql_values, $sql_update); $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not generate a copy of original pm', '', __LINE__, __FILE__, $sql); } // get the copy id $privmsg_copy_id = $db->sql_nextid(); // author $fields_recip = array(); $fields_recip['privmsg_id'] = $privmsg_copy_id; $fields_recip['privmsg_direct'] = 0; $fields_recip['privmsg_user_id'] = intval($privmsg['privmsg_user_id']); $fields_recip['privmsg_ip'] = $q . $privmsg['privmsg_ip'] . $q; $fields_recip['privmsg_folder_id'] = intval($privmsg['privmsg_folder_id']); $fields_recip['privmsg_status'] = STS_DELETED; $fields_recip['privmsg_read'] = READ_PM; $fields_recip['privmsg_distrib'] = 1; // generate the author info _sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update); $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not generate a copy of original pm author', '', __LINE__, __FILE__, $sql); } // attach to the copy recipients that are no more but have readed the pm $sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET privmsg_id = {$privmsg_copy_id}, privmsg_distrib = 1\n WHERE privmsg_user_id NOT IN ({$s_to_user_ids})\n AND privmsg_direct = 1\n AND privmsg_id = {$privmsg_id}\n AND privmsg_read = " . READ_MAIL; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not attach recips to the copied pm', '', __LINE__, __FILE__, $sql); } } //------------------------------- // get the existing recips list //------------------------------- $sql = "SELECT pr.privmsg_user_id, pr.privmsg_read\n FROM " . PRIVMSGA_RECIPS_TABLE . " pr\n WHERE pr.privmsg_id = {$privmsg_id}\n AND pr.privmsg_direct = 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not read recipients', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $recips[$row['privmsg_user_id']] = $row['privmsg_read']; } } //---------------------------- // create or update the message //---------------------------- // get a bbcode uid $bbcode_uid = $bbcode_on ? $bbcode_parse->make_bbcode_uid() : ''; // prepare the message and add bbcode uid to the bbcodes $message = prepare_message($message, $html_on, $bbcode_on, $smiley_on, $bbcode_uid); // message $fields = array(); $fields['privmsg_subject'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($subject)))) . $q; $fields['privmsg_text'] = $q . str_replace("\\'", "''", str_replace('\\"', '"', addslashes(stripslashes($message)))) . $q; $fields['privmsg_bbcode_uid'] = $q . $bbcode_uid . $q; $fields['privmsg_time'] = $time; $fields['privmsg_enable_bbcode'] = $bbcode_on; $fields['privmsg_enable_html'] = $html_on; $fields['privmsg_enable_smilies'] = $smiley_on; $fields['privmsg_attach_sig'] = $attach_sig; $fields['privmsg_icon'] = $icon; // process if ($create) { // message _sql_statements($fields, $sql_fields, $sql_values, $sql_update); $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not create pm', '', __LINE__, __FILE__, $sql); } // store the new privmsg_id $privmsg_id = $db->sql_nextid(); // author $fields_recip = array(); $fields_recip['privmsg_id'] = $privmsg_id; $fields_recip['privmsg_ip'] = $q . $privmsg_ip . $q; $fields_recip['privmsg_status'] = STS_TRANSIT; $fields_recip['privmsg_read'] = NEW_MAIL; $fields_recip['privmsg_distrib'] = 0; $fields_recip['privmsg_folder_id'] = OUTBOX; $fields_recip['privmsg_direct'] = 0; $fields_recip['privmsg_user_id'] = $from_user_id; _sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update); $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields})\n VALUES({$sql_values})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not create pm author', '', __LINE__, __FILE__, $sql); } // recipients $fields_recip['privmsg_direct'] = 1; $fields_recip['privmsg_folder_id'] = INBOX; _sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update, 'privmsg_user_id'); for ($i = 0; $i < count($to_user_ids); $i++) { $privmsg_to_user_id = intval($to_user_ids[$i]); if (!empty($privmsg_to_user_id)) { $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields}, privmsg_user_id)\n VALUES({$sql_values}, {$privmsg_to_user_id})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not create pm recipient', '', __LINE__, __FILE__, $sql); } $s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id; } } } else { // message _sql_statements($fields, $sql_fields, $sql_values, $sql_update); $sql = "UPDATE {$sql_priority} " . PRIVMSGA_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update pm', '', __LINE__, __FILE__, $sql); } // author $fields_recip = array(); $fields_recip['privmsg_id'] = $privmsg_id; $fields_recip['privmsg_ip'] = $q . $privmsg_ip . $q; $fields_recip['privmsg_status'] = STS_TRANSIT; $fields_recip['privmsg_read'] = NEW_MAIL; $fields_recip['privmsg_distrib'] = 0; $fields_recip['privmsg_folder_id'] = OUTBOX; $fields_recip['privmsg_direct'] = 0; $fields_recip['privmsg_user_id'] = $from_user_id; _sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update); $sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}\n AND privmsg_direct = 0"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update pm', '', __LINE__, __FILE__, $sql); } // recipients $fields_recip['privmsg_direct'] = 1; $fields_recip['privmsg_folder_id'] = INBOX; _sql_statements($fields_recip, $sql_fields, $sql_values, $sql_update, 'privmsg_user_id'); for ($i = 0; $i < count($to_user_ids); $i++) { $privmsg_to_user_id = intval($to_user_ids[$i]); if (!empty($privmsg_to_user_id)) { if (!isset($recips[$privmsg_to_user_id])) { // create a new recip $sql = "INSERT {$sql_priority}\n INTO " . PRIVMSGA_RECIPS_TABLE . "\n ({$sql_fields}, privmsg_user_id)\n VALUES({$sql_values}, {$privmsg_to_user_id})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not create pm recipient', '', __LINE__, __FILE__, $sql); } $s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id; } else { // update an existing recip $sql = "UPDATE {$sql_priority} " . PRIVMSGA_RECIPS_TABLE . "\n SET {$sql_update}\n WHERE privmsg_id = {$privmsg_id}\n AND privmsg_user_id = {$privmsg_to_user_id}\n AND privmsg_direct = 1"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update pm recipient', '', __LINE__, __FILE__, $sql); } switch ($recips[$privmsg_to_user_id]) { case READ_MAIL: $s_read_add .= (empty($s_read_add) ? '' : ', ') . $privmsg_to_user_id; break; case UNREAD_MAIL: $s_unread_add .= (empty($s_unread_add) ? '' : ', ') . $privmsg_to_user_id; break; case NEW_MAIL: $s_new_add .= (empty($s_new_add) ? '' : ', ') . $privmsg_to_user_id; break; } } } } } //---------------------------- // adjust the impacted users box //---------------------------- if (!empty($s_new_delete)) { $sql = "UPDATE " . USERS_TABLE . "\n SET user_new_privmsg = user_new_privmsg-1\n WHERE user_id IN ({$s_new_delete})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update users counter - deleted new private messages', '', __LINE__, __FILE__, $sql); } } if (!empty($s_unread_delete) || !empty($s_unread_add)) { $semicol = empty($s_unread_delete) || empty($s_unread_add) ? '' : ','; $sql = "UPDATE " . USERS_TABLE . "\n SET user_unread_privmsg = user_unread_privmsg-1\n WHERE user_id IN ({$s_unread_delete} {$semicol} {$s_unread_add})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update users counter - deleted unread private messages', '', __LINE__, __FILE__, $sql); } } if (!empty($s_read_add) || !empty($s_new_add)) { $semicol = empty($s_read_add) || empty($s_new_add) ? '' : ','; $sql = "UPDATE " . USERS_TABLE . "\n SET user_new_privmsg = user_new_privmsg+1,\n user_last_privmsg = {$time}\n WHERE user_id IN ({$s_read_add} {$semicol} {$s_new_add})"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not update users counter - deleted new private messages', '', __LINE__, __FILE__, $sql); } } // notifications $date = $privmsg['privmsg_time']; $copy = false; // server values $server_name = trim($board_config['server_name']); $server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://'; $server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/'; // sender script $script_name = preg_replace('/^\\/?(.*?)\\/?$/', '\\1', trim($board_config['script_path'])); $script_name = !empty($script_name) ? $script_name . '/privmsga.' . $phpEx : 'privmsga.' . $phpEx; // specific data $parsed_values = array('U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=' . INBOX); $recips = array(); send_mail('privmsg_notify', $from_userdata, $to_user_ids, $recips, $subject, $message, $time, $copy, $parsed_values); if (defined('IN_CASHMOD')) { $pmer = new cash_user($userdata['user_id'], $userdata); $pmer->give_pm_amount(); } return ''; }
$server_protocol = $board_config['cookie_secure'] ? 'https://' : 'http://'; $server_port = $board_config['server_port'] != 80 ? ':' . trim($board_config['server_port']) . '/' : '/'; $emailer = new emailer($board_config['smtp_delivery']); $emailer->from($board_config['board_email']); $emailer->replyto($board_config['board_email']); $emailer->use_template('privmsg_notify', $to_userdata['user_lang']); $emailer->email_address($to_userdata['user_email']); $emailer->set_subject($lang['Notification_subject']); $emailer->assign_vars(array('USERNAME' => stripslashes($to_username), 'SITENAME' => $board_config['sitename'], 'EMAIL_SIG' => !empty($board_config['board_email_sig']) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 'U_INBOX' => $server_protocol . $server_name . $server_port . $script_name . '?folder=inbox')); if (!($emailer_result = $emailer->send(1))) { message_die(GENERAL_ERROR, 'Failed sending email :: ' . $emailer_result, '', __LINE__, __FILE__); } $emailer->reset(); } $pmer = new cash_user($userdata['user_id'], $userdata); $pmer->give_pm_amount(); } } $template->assign_vars(array('META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("privmsg.{$phpEx}?folder=inbox") . '">')); $msg = $lang['Message_sent'] . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid("privmsg.{$phpEx}?folder=inbox") . '">', '</a> ') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.{$phpEx}") . '">', '</a>'); message_die(GENERAL_MESSAGE, $msg); } else { if ($preview || $refresh || $error) { // // If we're previewing or refreshing then obtain the data // passed to the script, process it a little, do some checks // where neccessary, etc. // $to_username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : ''; $privmsg_subject = isset($HTTP_POST_VARS['subject']) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : ''; $privmsg_message = isset($HTTP_POST_VARS['message']) ? trim($HTTP_POST_VARS['message']) : '';