echo "Account with such username not found.<br/>";
misc::back();
}
}
}
//lol
echo "<br/><br/>";
}
$myJID = user::accountJIDbyUsername($_SESSION['username']);
$nMsgCount = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}'");
if (isset($_GET['view'])) {
$nMsgID = (int) $_GET['view'];
if (core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and id='{$nMsgID}'") > 0) {
$msgData = core::$sql->fetchArray("select * from srcms_privatemessages where id='{$nMsgID}'");
$msgData['msg'] = security::fromHTML($msgData['msg']);
$msgData['msg'] = misc::applyAttributesToText($msgData['msg']);
$szSender = user::usernamyByJID($msgData['sender']);
echo "<br/><table id='table-3' width='380' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<td>Title</td><td>{$msgData['title']}</td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td>From</td><td><a href='?pg=viewprofile&username={$szSender}'>{$szSender}</a></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td height='50'>Text</td><td width='300' height='50'>{$msgData['msg']}</td>\r\n\t\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t\t ";
core::$sql->exec("update srcms_privatemessages set viewed='1' where id='{$nMsgID}'");
echo "<br/><br/><br/>";
} else {
echo "You can't view message that does not belong to you.<br/>";
}
}
if ($nMsgCount > 0) {
if ($nMsgCount == $core->aConfig['maxPrivMsg']) {
echo "Your inbox is full. <br/>";
}
$hQuery = core::$sql->exec("select * from srcms_privatemessages where receiver='{$myJID}' order by time desc");
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t<td>From</td><td>Title</td><td>Time</td><td>Viewed</td><td>Link to view it</td><td>Delete</td><tr/>";
while ($row = mssql_fetch_array($hQuery)) {
echo "\r\n\t\t<table id='table-3' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t<tbody><tr><td valign='top' style='padding-left:15px'>\r\n\t\tCommenting news : {$getTitle}\r\n\t\t</td>\r\n\t\t</tr></table>\r\n\t\t";
$hGetComments = core::$sql->exec("select * from srcms_newscomments where newsID='{$nID}'");
$commentData = array();
$a = 0;
while ($row = mssql_fetch_array($hGetComments)) {
$commentData[$a] = array($row['id'], $row['text'], $row['author'], $row['time']);
$a++;
}
$_GET['page'] = (int) $_GET['page'];
if (!isset($_GET['page'])) {
$_GET['page'] = 1;
}
for ($i = ($_GET['page'] - 1) * 10; $i < $_GET['page'] * 10; $i++) {
$nCommentID = $commentData[$i][0];
$szText = $commentData[$i][1];
$szText = misc::applyAttributesToText($szText);
$szText = security::fromHTML($szText);
$szAuthor = $commentData[$i][2];
$szTime = $commentData[$i][3];
if (strlen($szText) == 0) {
break;
}
$szAvatar = user::getUserAvatarUrl($szAuthor);
$commentPanelLinks = "";
$isCommentOwner = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szAuthor) . "'");
$isAdmin = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'");
if ($szAuthor == $_SESSION['username'] || $isAdmin == "admin") {
$commentPanelLinks = "<a href='?pg=news&del={$nCommentID}&backid={$nID}'><b>Delete</b></a>";
}
$szRank = user::getRankText($isCommentOwner);
echo "\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t\r\n\t\t\t\t<img src='{$szAvatar}'></img>\r\n\t\t\t\t<table id='table-3' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t<td valign='top' style='padding-left:15px' width='700'>\r\n\t\t\t\t<br/>posted by <a href='?pg=viewprofile&username={$szAuthor}'>[ {$szRank} ] {$szAuthor} </a> at {$szTime} </a>\r\n\t\t\t\t<hr>\r\n\t\t\t\t<br/>{$szText}<br/>\r\n\t\t\t\t<hr>\r\n\t\t\t\t<font align='right'>{$commentPanelLinks}</font>\r\n\t\t\t\t</td>\r\n\t\t\t\t</table>\r\n\t\t\t\t<hr/>\r\n\t\t\t\t";
