foreach ($msgs as $msg_id) { $msg_id = intval($msg_id); $pvmsg = new PrivateMsg($msg_id); if ($pvmsg->id && $pvmsg->to_user === $GLOBALS['user']->id) { $pvmsg->delete(); } else { debug_event('UI::access_denied', 'Unknown or unauthorized private message #' . $msg_id . '.', '3'); UI::access_denied(); exit; } } show_confirmation(T_('Messages Deletion'), T_('Messages have been deleted.'), AmpConfig::get('web_path') . "/browse.php?action=pvmsg"); break; case 'show': default: $msg_id = intval($_REQUEST['pvmsg_id']); $pvmsg = new PrivateMsg($msg_id); if ($pvmsg->id && $pvmsg->to_user === $GLOBALS['user']->id) { $pvmsg->format(); if (!$pvmsg->is_read) { $pvmsg->set_is_read(true); } require_once AmpConfig::get('prefix') . UI::find_template('show_pvmsg.inc.php'); } else { debug_event('UI::access_denied', 'Unknown or unauthorized private message #' . $msg_id . '.', '3'); UI::access_denied(); exit; } break; } UI::show_footer();