function __construct($title)
{
global $site;
global $config;
global $user;
global $tmpl;
if (!isset($site)) {
require_once dirname(dirname(dirname(__FILE__))) . '/site.php';
$site = new site();
}
// no public private message folder
if (user::getCurrentUserId() < 1) {
$tmpl->setTemplate('NoPerm');
$tmpl->assign('errorMsg', 'You need to login to access this content.');
$tmpl->display();
die;
}
// show messages in current mail folder
// inbox is default
$folder = 'inbox';
if (isset($_GET['folder']) && strcmp($_GET['folder'], 'outbox') === 0) {
$folder = 'outbox';
}
if (isset($_GET['add'])) {
require_once dirname(__FILE__) . '/pmAdd.php';
new pmSystemAdd();
die;
/*
} elseif (isset($_GET['edit']))
{
require_once dirname(__FILE__) . '/pmEdit.php';
*/
} elseif (isset($_GET['delete'])) {
require_once dirname(__FILE__) . '/pmDelete.php';
new pmSystemDelete($folder, intval($_GET['delete']));
} else {
require_once dirname(__FILE__) . '/pmDisplay.php';
$display = new pmSystemDisplay();
switch (isset($_GET['view'])) {
case true:
$display->showMail($folder, intval($_GET['view']));
break;
default:
$tmpl->assign('title', $title);
$display->showMails($folder);
break;
}
}
$tmpl->display();
}
function preview($folder, $id)
{
global $site;
global $tmpl;
parent::showMail($folder, $id);
$tmpl->setTemplate('PMDelete');
$tmpl->assign('showPreview', true);
$tmpl->assign('title', 'Delete ' . $tmpl->getTemplateVars('title'));
// protected against cross site injection attempts
$randomKeyName = 'pmDelete_' . microtime();
// convert some special chars to underscores
$randomKeyName = strtr($randomKeyName, array(' ' => '_', '.' => '_'));
$randomkeyValue = $site->setKey($randomKeyName);
$tmpl->assign('keyName', $randomKeyName);
$tmpl->assign('keyValue', htmlent($randomkeyValue));
}