phpBB

Code Changes

File: includes/functions_privmsgs.php

  Unmodified   Added   Modified   Removed
Line 208Line 208
		);
}


		);
}


	if ($folder_id !== false && !isset($folder[$folder_id]))

	if ($folder_id !== false && $folder_id !== PRIVMSGS_HOLD_BOX && !isset($folder[$folder_id]))

	{
trigger_error('UNKNOWN_FOLDER');
}

	{
trigger_error('UNKNOWN_FOLDER');
}

Line 893Line 893
		break;

case 'delete_marked':

		break;

case 'delete_marked':

 

global $auth;

if (!$auth->acl_get('u_pm_delete'))
{
trigger_error('NO_AUTH_DELETE_MESSAGE');
}


if (confirm_box(true))
{


if (confirm_box(true))
{

Line 1070Line 1077
			WHERE ' . $db->sql_in_set('msg_id', $delete_ids);
$db->sql_query($sql);
}

			WHERE ' . $db->sql_in_set('msg_id', $delete_ids);
$db->sql_query($sql);
}

 

$db->sql_transaction('commit');

return true;
}

/**
* Delete all PM(s) for a given user and delete the ones without references
*
* @param int $user_id ID of the user whose private messages we want to delete
*
* @return boolean False if there were no pms found, true otherwise.
*/
function phpbb_delete_user_pms($user_id)
{
global $db, $user, $phpbb_root_path, $phpEx;

$user_id = (int) $user_id;

if (!$user_id)
{
return false;
}

// Get PM Information for later deleting
// The two queries where split, so we can use our indexes
$undelivered_msg = $delete_ids = array();

// Part 1: get PMs the user received
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))
{
$msg_id = (int) $row['msg_id'];
$delete_ids[$msg_id] = $msg_id;
}
$db->sql_freeresult($result);

// Part 2: get PMs the user sent, but have yet to be received
// We cannot simply delete them. First we have to check,
// whether another user already received and read the message.
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE author_id = ' . $user_id . '
AND folder_id = ' . PRIVMSGS_NO_BOX;
$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))
{
$msg_id = (int) $row['msg_id'];
$undelivered_msg[$msg_id] = $msg_id;
}
$db->sql_freeresult($result);

if (empty($delete_ids) && empty($undelivered_msg))
{
return false;
}

$db->sql_transaction('begin');

if (!empty($undelivered_msg))
{
// A pm is delivered, if for any recipient the message was moved
// from their NO_BOX to another folder. We do not delete such
// messages, but only delete them for users, who have not yet
// received them.
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE author_id = ' . $user_id . '
AND folder_id <> ' . PRIVMSGS_NO_BOX . '
AND folder_id <> ' . PRIVMSGS_OUTBOX . '
AND folder_id <> ' . PRIVMSGS_SENTBOX;
$result = $db->sql_query($sql);

$delivered_msg = array();
while ($row = $db->sql_fetchrow($result))
{
$msg_id = (int) $row['msg_id'];
$delivered_msg[$msg_id] = $msg_id;
unset($undelivered_msg[$msg_id]);
}
$db->sql_freeresult($result);

$undelivered_user = array();

// Count the messages we delete, so we can correct the user pm data
$sql = 'SELECT user_id, COUNT(msg_id) as num_undelivered_privmsgs
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE author_id = ' . $user_id . '
AND folder_id = ' . PRIVMSGS_NO_BOX . '
AND ' . $db->sql_in_set('msg_id', array_merge($undelivered_msg, $delivered_msg)) . '
GROUP BY user_id';
$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))
{
$num_pms = (int) $row['num_undelivered_privmsgs'];
$undelivered_user[$num_pms][] = (int) $row['user_id'];

if (sizeof($undelivered_user[$num_pms]) > 50)
{
// If there are too many users affected the query might get
// too long, so we update the value for the first bunch here.
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_new_privmsg = user_new_privmsg - ' . $num_pms . ',
user_unread_privmsg = user_unread_privmsg - ' . $num_pms . '
WHERE ' . $db->sql_in_set('user_id', $undelivered_user[$num_pms]);
$db->sql_query($sql);
unset($undelivered_user[$num_pms]);
}
}
$db->sql_freeresult($result);

foreach ($undelivered_user as $num_pms => $undelivered_user_set)
{
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_new_privmsg = user_new_privmsg - ' . $num_pms . ',
user_unread_privmsg = user_unread_privmsg - ' . $num_pms . '
WHERE ' . $db->sql_in_set('user_id', $undelivered_user_set);
$db->sql_query($sql);
}

if (!empty($delivered_msg))
{
$sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . '
WHERE folder_id = ' . PRIVMSGS_NO_BOX . '
AND ' . $db->sql_in_set('msg_id', $delivered_msg);
$db->sql_query($sql);
}

if (!empty($undelivered_msg))
{
$sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', $undelivered_msg);
$db->sql_query($sql);

$sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', $undelivered_msg);
$db->sql_query($sql);
}
}

// Reset the user's pm count to 0
$sql = 'UPDATE ' . USERS_TABLE . '
SET user_new_privmsg = 0,
user_unread_privmsg = 0
WHERE user_id = ' . $user_id;
$db->sql_query($sql);

// Delete private message data of the user
$sql = 'DELETE FROM ' . PRIVMSGS_TO_TABLE . '
WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);

if (!empty($delete_ids))
{
// Now we have to check which messages we can delete completely
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', $delete_ids);
$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))
{
unset($delete_ids[$row['msg_id']]);
}
$db->sql_freeresult($result);

if (!empty($delete_ids))
{
// Check if there are any attachments we need to remove
if (!function_exists('delete_attachments'))
{
include($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
}

delete_attachments('message', $delete_ids, false);

$sql = 'DELETE FROM ' . PRIVMSGS_TABLE . '
WHERE ' . $db->sql_in_set('msg_id', $delete_ids);
$db->sql_query($sql);
}
}

// Set the remaining author id to anonymous
// This way users are still able to read messages from users being removed
$sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . '
SET author_id = ' . ANONYMOUS . '
WHERE author_id = ' . $user_id;
$db->sql_query($sql);

$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
SET author_id = ' . ANONYMOUS . '
WHERE author_id = ' . $user_id;
$db->sql_query($sql);


$db->sql_transaction('commit');



$db->sql_transaction('commit');


Line 1145Line 1351
		{
$sql = 'SELECT user_id, username, user_colour
FROM ' . USERS_TABLE . '

		{
$sql = 'SELECT user_id, username, user_colour
FROM ' . USERS_TABLE . '

				WHERE ' . $db->sql_in_set('user_id', $u) . '
AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';

				WHERE ' . $db->sql_in_set('user_id', $u);


			$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))

			$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))

Line 1367Line 1572
			trigger_error('NO_RECIPIENT');
}
}

			trigger_error('NO_RECIPIENT');
}
}

 

// First of all make sure the subject are having the correct length.
$subject = truncate_string($subject);


$db->sql_transaction('begin');



$db->sql_transaction('begin');


Line 1405Line 1613
				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
'bbcode_uid' => $data['bbcode_uid'],
'to_address' => implode(':', $to),

				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
'bbcode_uid' => $data['bbcode_uid'],
'to_address' => implode(':', $to),

				'bcc_address'		=> implode(':', $bcc)


				'bcc_address'		=> implode(':', $bcc),
'message_reported' => 0,

			);
break;


			);
break;


Line 1545Line 1754
			else
{
// insert attachment into db

			else
{
// insert attachment into db

				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))

				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . utf8_basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))

				{
continue;
}

				{
continue;
}

Line 1571Line 1780

if ($space_taken && $files_added)
{


if ($space_taken && $files_added)
{

			set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);
set_config('num_files', $config['num_files'] + $files_added, true);

			set_config_count('upload_dir_size', $space_taken, true);
set_config_count('num_files', $files_added, true);

		}
}


		}
}


Line 1591Line 1800
	// Send Notifications
if ($mode != 'edit')
{

	// Send Notifications
if ($mode != 'edit')
{

		pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message']);

		pm_notification($mode, $data['from_username'], $recipients, $subject, $data['message'], $data['msg_id']);

	}

return $data['msg_id'];

	}

return $data['msg_id'];

Line 1600Line 1809
/**
* PM Notification
*/

/**
* PM Notification
*/

function pm_notification($mode, $author, $recipients, $subject, $message)

function pm_notification($mode, $author, $recipients, $subject, $message, $msg_id)

{
global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;

$subject = censor_text($subject);


{
global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;

$subject = censor_text($subject);


 
	// Exclude guests, current user and banned users from notifications

	unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]);

if (!sizeof($recipients))

	unset($recipients[ANONYMOUS], $recipients[$user->data['user_id']]);

if (!sizeof($recipients))

Line 1613Line 1823
		return;
}


		return;
}


	// Get banned User ID's
$sql = 'SELECT ban_userid
FROM ' . BANLIST_TABLE . '
WHERE ' . $db->sql_in_set('ban_userid', array_map('intval', array_keys($recipients))) . '
AND ban_exclude = 0';
$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))

	if (!function_exists('phpbb_get_banned_user_ids'))








	{

	{

		unset($recipients[$row['ban_userid']]);

		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);

	}

	}

	$db->sql_freeresult($result);


	$banned_users = phpbb_get_banned_user_ids(array_keys($recipients));
$recipients = array_diff(array_keys($recipients), $banned_users);


if (!sizeof($recipients))
{


if (!sizeof($recipients))
{

Line 1633Line 1837

$sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber
FROM ' . USERS_TABLE . '


$sql = 'SELECT user_id, username, user_email, user_lang, user_notify_pm, user_notify_type, user_jabber
FROM ' . USERS_TABLE . '

		WHERE ' . $db->sql_in_set('user_id', array_map('intval', array_keys($recipients)));

		WHERE ' . $db->sql_in_set('user_id', $recipients);

	$result = $db->sql_query($sql);

$msg_list_ary = array();

	$result = $db->sql_query($sql);

$msg_list_ary = array();

Line 1672Line 1876
			'AUTHOR_NAME'	=> htmlspecialchars_decode($author),
'USERNAME' => htmlspecialchars_decode($addr['name']),


			'AUTHOR_NAME'	=> htmlspecialchars_decode($author),
'USERNAME' => htmlspecialchars_decode($addr['name']),


			'U_INBOX'		=> generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox")
);


			'U_INBOX'			=> generate_board_url() . "/ucp.$phpEx?i=pm&folder=inbox",
'U_VIEW_MESSAGE' => generate_board_url() . "/ucp.$phpEx?i=pm&mode=view&p=$msg_id",
));


$messenger->send($addr['method']);
}


$messenger->send($addr['method']);
}

Line 1690Line 1895
function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode = false)
{
global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth, $bbcode;

function message_history($msg_id, $user_id, $message_row, $folder, $in_post_mode = false)
{
global $db, $user, $config, $template, $phpbb_root_path, $phpEx, $auth, $bbcode;

 

// Select all receipts and the author from the pm we currently view, to only display their pm-history
$sql = 'SELECT author_id, user_id
FROM ' . PRIVMSGS_TO_TABLE . "
WHERE msg_id = $msg_id
AND folder_id <> " . PRIVMSGS_HOLD_BOX;
$result = $db->sql_query($sql);

$recipients = array();
while ($row = $db->sql_fetchrow($result))
{
$recipients[] = (int) $row['user_id'];
$recipients[] = (int) $row['author_id'];
}
$db->sql_freeresult($result);
$recipients = array_unique($recipients);


// Get History Messages (could be newer)
$sql = 'SELECT t.*, p.*, u.*
FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . ' t, ' . USERS_TABLE . ' u
WHERE t.msg_id = p.msg_id
AND p.author_id = u.user_id


// Get History Messages (could be newer)
$sql = 'SELECT t.*, p.*, u.*
FROM ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TO_TABLE . ' t, ' . USERS_TABLE . ' u
WHERE t.msg_id = p.msg_id
AND p.author_id = u.user_id

			AND t.folder_id NOT IN (' . PRIVMSGS_NO_BOX . ', ' . PRIVMSGS_HOLD_BOX . ")


			AND t.folder_id NOT IN (' . PRIVMSGS_NO_BOX . ', ' . PRIVMSGS_HOLD_BOX . ')
AND ' . $db->sql_in_set('t.author_id', $recipients, false, true) . "

			AND t.user_id = $user_id";

			AND t.user_id = $user_id";

 

// We no longer need those.
unset($recipients);


if (!$message_row['root_level'])
{


if (!$message_row['root_level'])
{

Line 1717Line 1942
		$db->sql_freeresult($result);
return false;
}

		$db->sql_freeresult($result);
return false;
}

 

$title = $row['message_subject'];


$rowset = array();
$bbcode_bitfield = '';


$rowset = array();
$bbcode_bitfield = '';

Line 1740Line 1967
	}
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);

	}
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);


$title = $row['message_subject'];

 

if (sizeof($rowset) == 1 && !$in_post_mode)
{


if (sizeof($rowset) == 1 && !$in_post_mode)
{

Line 1763Line 1988
	$url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm');
$next_history_pm = $previous_history_pm = $prev_id = 0;


	$url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm');
$next_history_pm = $previous_history_pm = $prev_id = 0;


	foreach ($rowset as $id => $row)




	// Re-order rowset to be able to get the next/prev message rows...
$rowset = array_values($rowset);

for ($i = 0, $size = sizeof($rowset); $i < $size; $i++)

	{

	{

 
		$row = &$rowset[$i];
$id = (int) $row['msg_id'];


		$author_id	= $row['author_id'];
$folder_id = (int) $row['folder_id'];


		$author_id	= $row['author_id'];
$folder_id = (int) $row['folder_id'];


Line 1775Line 2006

$decoded_message = false;



$decoded_message = false;


		if ($in_post_mode && $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS && $author_id != $user->data['user_id'])

		if ($in_post_mode && $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS)

		{
$decoded_message = $message;
decode_message($decoded_message, $row['bbcode_uid']);

		{
$decoded_message = $message;
decode_message($decoded_message, $row['bbcode_uid']);

Line 1795Line 2026

if ($id == $msg_id)
{


if ($id == $msg_id)
{

			$next_history_pm = next($rowset);
$next_history_pm = (sizeof($next_history_pm)) ? (int) $next_history_pm['msg_id'] : 0;

			$next_history_pm = (isset($rowset[$i + 1])) ? (int) $rowset[$i + 1]['msg_id'] : 0;


			$previous_history_pm = $prev_id;
}


			$previous_history_pm = $prev_id;
}


Line 1819Line 2049

'MSG_ID' => $row['msg_id'],
'U_VIEW_MESSAGE' => "$url&amp;f=$folder_id&amp;p=" . $row['msg_id'],


'MSG_ID' => $row['msg_id'],
'U_VIEW_MESSAGE' => "$url&amp;f=$folder_id&amp;p=" . $row['msg_id'],

			'U_QUOTE'			=> (!$in_post_mode && $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS && $author_id != $user->data['user_id']) ? "$url&amp;mode=compose&amp;action=quote&amp;f=" . $folder_id . "&amp;p=" . $row['msg_id'] : '',

			'U_QUOTE'			=> (!$in_post_mode && $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&amp;mode=compose&amp;action=quote&amp;f=" . $folder_id . "&amp;p=" . $row['msg_id'] : '',

			'U_POST_REPLY_PM'	=> ($author_id != $user->data['user_id'] && $author_id != ANONYMOUS && $auth->acl_get('u_sendpm')) ? "$url&amp;mode=compose&amp;action=reply&amp;f=$folder_id&amp;p=" . $row['msg_id'] : '')
);

			'U_POST_REPLY_PM'	=> ($author_id != $user->data['user_id'] && $author_id != ANONYMOUS && $auth->acl_get('u_sendpm')) ? "$url&amp;mode=compose&amp;action=reply&amp;f=$folder_id&amp;p=" . $row['msg_id'] : '')
);

		unset($rowset[$id]);

		unset($rowset[$i]);

		$prev_id = $id;
}


		$prev_id = $id;
}


Line 1856Line 2086
	$db->sql_freeresult($result);

$user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit;

	$db->sql_freeresult($result);

$user->data['message_limit'] = (!$message_limit) ? $config['pm_max_msgs'] : $message_limit;

 
}

/**
* Generates an array of coloured recipient names from a list of PMs - (groups & users)
*
* @param array $pm_by_id An array of rows from PRIVMSGS_TABLE, keys are the msg_ids.
*
* @return array 2D Array: array(msg_id => array('username or group string', ...), ...)
* Usernames are generated with {@link get_username_string get_username_string}
* Groups are coloured and have a link to the membership page
*/
function get_recipient_strings($pm_by_id)
{
global $db, $phpbb_root_path, $phpEx, $user;

$address_list = $recipient_list = $address = array();

$_types = array('u', 'g');

foreach ($pm_by_id as $message_id => $row)
{
$address[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address']));

foreach ($_types as $ug_type)
{
if (isset($address[$message_id][$ug_type]) && sizeof($address[$message_id][$ug_type]))
{
foreach ($address[$message_id][$ug_type] as $ug_id => $in_to)
{
$recipient_list[$ug_type][$ug_id] = array('name' => $user->lang['NA'], 'colour' => '');
}
}
}
}

foreach ($_types as $ug_type)
{
if (!empty($recipient_list[$ug_type]))
{
if ($ug_type == 'u')
{
$sql = 'SELECT user_id as id, username as name, user_colour as colour
FROM ' . USERS_TABLE . '
WHERE ';
}
else
{
$sql = 'SELECT group_id as id, group_name as name, group_colour as colour, group_type
FROM ' . GROUPS_TABLE . '
WHERE ';
}
$sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($recipient_list[$ug_type])));

$result = $db->sql_query($sql);

while ($row = $db->sql_fetchrow($result))
{
if ($ug_type == 'g')
{
$row['name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['name']] : $row['name'];
}

$recipient_list[$ug_type][$row['id']] = array('name' => $row['name'], 'colour' => $row['colour']);
}
$db->sql_freeresult($result);
}
}

foreach ($address as $message_id => $adr_ary)
{
foreach ($adr_ary as $type => $id_ary)
{
foreach ($id_ary as $ug_id => $_id)
{
if ($type == 'u')
{
$address_list[$message_id][] = get_username_string('full', $ug_id, $recipient_list[$type][$ug_id]['name'], $recipient_list[$type][$ug_id]['colour']);
}
else
{
$user_colour = ($recipient_list[$type][$ug_id]['colour']) ? ' style="font-weight: bold; color:#' . $recipient_list[$type][$ug_id]['colour'] . '"' : '';
$link = '<a href="' . append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $ug_id) . '"' . $user_colour . '>';
$address_list[$message_id][] = $link . $recipient_list[$type][$ug_id]['name'] . (($link) ? '</a>' : '');
}
}
}
}

return $address_list;

}

?>

}

?>