$bcclist[$countbcc - 1]['comma'] = '';
}
if ($countcc > 1 or is_array($touser['cc']) and !in_array($vbulletin->userinfo['username'], $touser['cc']) or $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) {
if ($countcc) {
$ccrecipients = $cclist;
}
if ($countbcc and $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) {
if ($countcc) {
$bccrecipients = $bcclist;
} else {
$ccrecipients = $bcclist;
}
}
$show['recipients'] = true;
}
$show['quickreply'] = ($permissions['pmquota'] and $vbulletin->userinfo['receivepm'] and !fetch_privatemessage_throttle_reached($vbulletin->userinfo['userid']));
if ($pm['fromuserid']) {
$recipient = $db->query_first("\n\t\t\tSELECT usertextfield.*, user.*, userlist.type\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=user.userid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON(user.userid = userlist.userid AND userlist.relationid = " . $vbulletin->userinfo['userid'] . " AND userlist.type = 'buddy')\n\t\t\tWHERE user.userid = " . intval($pm['fromuserid']));
if (!empty($recipient)) {
$recipient = array_merge($recipient, convert_bits_to_array($recipient['options'], $vbulletin->bf_misc_useroptions));
cache_permissions($recipient, false);
if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and (!$recipient['receivepm'] or !$recipient['permissions']['pmquota'] or $recipient['receivepmbuddies'] and !can_moderate() and $recipient['type'] != 'buddy')) {
$show['quickreply'] = false;
}
} else {
$show['quickreply'] = false;
}
} else {
$show['quickreply'] = false;
}
if ($vbulletin->GPC['showhistory'] and $pm['parentpmid']) {
function do_send_pm()
{
global $vbulletin, $db, $permissions;
if (!$vbulletin->userinfo['userid']) {
json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
$vbulletin->input->clean_array_gpc('r', array('wysiwyg' => TYPE_BOOL, 'title' => TYPE_NOHTML, 'message' => TYPE_STR, 'parseurl' => TYPE_BOOL, 'savecopy' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'receipt' => TYPE_BOOL, 'preview' => TYPE_STR, 'recipients' => TYPE_STR, 'bccrecipients' => TYPE_STR, 'iconid' => TYPE_UINT, 'forward' => TYPE_BOOL, 'folderid' => TYPE_INT, 'sendanyway' => TYPE_BOOL));
if ($vbulletin->GPC['message']) {
$vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']);
}
if ($vbulletin->GPC['title']) {
$vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']);
}
if ($vbulletin->GPC['recipients']) {
$vbulletin->GPC['recipients'] = prepare_remote_utf8_string($vbulletin->GPC['recipients']);
}
$vbulletin->GPC['savecopy'] = true;
if ($permissions['pmquota'] < 1) {
json_error(ERR_NO_PERMISSION);
} else {
if (!$vbulletin->userinfo['receivepm']) {
json_error(strip_tags(fetch_error('pm_turnedoff')), RV_POST_ERROR);
}
}
if (fetch_privatemessage_throttle_reached($vbulletin->userinfo['userid'])) {
json_error(strip_tags(fetch_error('pm_throttle_reached', $vbulletin->userinfo['permissions']['pmthrottlequantity'], $vbulletin->options['pmthrottleperiod'])), RV_POST_ERROR);
}
// include useful functions
require_once DIR . '/includes/functions_newpost.php';
// parse URLs in message text
if ($vbulletin->options['privallowbbcode'] and $vbulletin->GPC['parseurl']) {
$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
}
$pm['message'] =& $vbulletin->GPC['message'];
$pm['title'] =& $vbulletin->GPC['title'];
$pm['parseurl'] =& $vbulletin->GPC['parseurl'];
$pm['savecopy'] =& $vbulletin->GPC['savecopy'];
$pm['signature'] =& $vbulletin->GPC['signature'];
$pm['disablesmilies'] =& $vbulletin->GPC['disablesmilies'];
$pm['sendanyway'] =& $vbulletin->GPC['sendanyway'];
$pm['receipt'] =& $vbulletin->GPC['receipt'];
$pm['recipients'] =& $vbulletin->GPC['recipients'];
$pm['bccrecipients'] =& $vbulletin->GPC['bccrecipients'];
$pm['pmid'] =& $vbulletin->GPC['pmid'];
$pm['iconid'] =& $vbulletin->GPC['iconid'];
$pm['forward'] =& $vbulletin->GPC['forward'];
$pm['folderid'] =& $vbulletin->GPC['folderid'];
// *************************************************************
// PROCESS THE MESSAGE AND INSERT IT INTO THE DATABASE
$errors = array();
// catches errors
if ($vbulletin->userinfo['pmtotal'] > $permissions['pmquota'] or $vbulletin->userinfo['pmtotal'] == $permissions['pmquota'] and $pm['savecopy']) {
json_error(strip_tags(fetch_error('yourpmquotaexceeded')), RV_POST_ERROR);
}
// create the DM to do error checking and insert the new PM
$pmdm =& datamanager_init('PM', $vbulletin, ERRTYPE_ARRAY);
$pmdm->set_info('savecopy', $pm['savecopy']);
$pmdm->set_info('receipt', $pm['receipt']);
$pmdm->set_info('cantrackpm', $cantrackpm);
$pmdm->set_info('forward', $pm['forward']);
$pmdm->set_info('bccrecipients', $pm['bccrecipients']);
if ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) {
$pmdm->overridequota = true;
}
$pmdm->set('fromuserid', $vbulletin->userinfo['userid']);
$pmdm->set('fromusername', $vbulletin->userinfo['username']);
$pmdm->setr('title', $pm['title']);
$pmdm->set_recipients($pm['recipients'], $permissions, 'cc');
$pmdm->set_recipients($pm['bccrecipients'], $permissions, 'bcc');
$pmdm->setr('message', $pm['message']);
$pmdm->setr('iconid', $pm['iconid']);
$pmdm->set('dateline', TIMENOW);
$pmdm->setr('showsignature', $pm['signature']);
$pmdm->set('allowsmilie', $pm['disablesmilies'] ? 0 : 1);
if (!$pm['forward']) {
$pmdm->set_info('parentpmid', $pm['pmid']);
}
$pmdm->set_info('replypmid', $pm['pmid']);
($hook = vBulletinHook::fetch_hook('private_insertpm_process')) ? eval($hook) : false;
$pmdm->pre_save();
// deal with user using receivepmbuddies sending to non-buddies
if ($vbulletin->userinfo['receivepmbuddies'] and is_array($pmdm->info['recipients'])) {
$users_not_on_list = array();
// get a list of super mod groups
$smod_groups = array();
foreach ($vbulletin->usergroupcache as $ugid => $groupinfo) {
if ($groupinfo['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) {
// super mod group
$smod_groups[] = $ugid;
}
}
// now filter out all moderators (and super mods) from the list of recipients
// to check against the buddy list
$check_recipients = $pmdm->info['recipients'];
$mods = $db->query_read_slave("\n\t\t\tSELECT user.userid\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "moderator AS moderator ON (moderator.userid = user.userid)\n\t\t\tWHERE user.userid IN (" . implode(',', array_keys($check_recipients)) . ")\n\t\t\t\tAND ((moderator.userid IS NOT NULL AND moderator.forumid <> -1)\n\t\t\t\t" . (!empty($smod_groups) ? "OR user.usergroupid IN (" . implode(',', $smod_groups) . ")" : '') . "\n\t\t\t\t)\n\t\t");
while ($mod = $db->fetch_array($mods)) {
unset($check_recipients["{$mod['userid']}"]);
}
if (!empty($check_recipients)) {
// filter those on our buddy list out
$users = $db->query_read_slave("\n\t\t\t\tSELECT userlist.relationid\n\t\t\t\tFROM " . TABLE_PREFIX . "userlist AS userlist\n\t\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\t\tAND userlist.relationid IN(" . implode(array_keys($check_recipients), ',') . ")\n\t\t\t\t\tAND type = 'buddy'\n\t\t\t");
while ($user = $db->fetch_array($users)) {
unset($check_recipients["{$user['relationid']}"]);
}
}
// what's left must be those who are neither mods or on our buddy list
foreach ($check_recipients as $userid => $user) {
$users_not_on_list["{$userid}"] = $user['username'];
}
if (!empty($users_not_on_list) and (!$vbulletin->GPC['sendanyway'] or !empty($errors))) {
$users = '';
foreach ($users_not_on_list as $userid => $username) {
$users .= "<li><a href=\"member.php?" . $vbulletin->session->vars['sessionurl'] . "u={$userid}\" target=\"profile\">{$username}</a></li>";
}
$pmdm->error('pm_non_contacts_cant_reply', $users);
}
}
// check for message flooding
if ($vbulletin->options['pmfloodtime'] > 0 and !$vbulletin->GPC['preview']) {
if (!($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and !can_moderate()) {
$floodcheck = $db->query_first("\n\t\t\t\tSELECT pmtextid, title, dateline\n\t\t\t\tFROM " . TABLE_PREFIX . "pmtext AS pmtext\n\t\t\t\tWHERE fromuserid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tORDER BY dateline DESC\n\t\t\t");
if (($timepassed = TIMENOW - $floodcheck['dateline']) < $vbulletin->options['pmfloodtime']) {
json_error(strip_tags(fetch_error('pmfloodcheck', $vbulletin->options['pmfloodtime'], $vbulletin->options['pmfloodtime'] - $timepassed)), RV_POST_ERROR);
}
}
}
// process errors if there are any
$errors = array_merge($errors, $pmdm->errors);
if (!empty($errors)) {
json_error(strip_tags($errors[0]), RV_POST_ERROR);
} else {
if ($vbulletin->GPC['preview'] != '') {
define('PMPREVIEW', 1);
$foruminfo = array('forumid' => 'privatemessage', 'allowicons' => $vbulletin->options['privallowicons']);
$preview = process_post_preview($pm);
$_REQUEST['do'] = 'newpm';
} else {
// everything's good!
$pmdm->save();
// force pm counters to be rebuilt
$vbulletin->userinfo['pmunread'] = -1;
build_pm_counters();
}
}
return array('success' => 1);
}
