1) { foreach ($_POST['check_mark'] as $thisnum) { if (isnum($thisnum)) $msg_ids .= ($msg_ids ? "," : "").$thisnum; $check_count++; } } else { if (isnum($_POST['check_mark'][0])) $msg_ids = $_POST['check_mark'][0]; $check_count = 1; } } if (isset($_POST['save_options'])) { $pm_email_notify = isnum($_POST['pm_email_notify']) ? $_POST['pm_email_notify'] : "0"; $pm_save_sent = isnum($_POST['pm_save_sent']) ? $_POST['pm_save_sent'] : "0"; if ($_POST['update_type'] == "insert") { $result = dbquery("INSERT INTO ".DB_MESSAGES_OPTIONS." (user_id, pm_email_notify, pm_save_sent, pm_inbox, pm_savebox, pm_sentbox) VALUES ('".$userdata['user_id']."', '$pm_email_notify', '$pm_save_sent', '0', '0', '0')"); } else { $result = dbquery("UPDATE ".DB_MESSAGES_OPTIONS." SET pm_email_notify='$pm_email_notify', pm_save_sent='$pm_save_sent' WHERE user_id='".$userdata['user_id']."'"); } redirect(FUSION_SELF."?folder=options"); } if (isset($_GET['msg_id']) && isnum($_GET['msg_id'])) { if (isset($_POST['save'])) { $archive_total = dbcount("(message_id)", DB_MESSAGES, "message_to='".$userdata['user_id']."' AND message_folder='2'"); if ($msg_settings['pm_savebox'] == "0" || ($archive_total + 1) <= $msg_settings['pm_savebox']) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_folder='2' WHERE message_id='".$_GET['msg_id']."' AND message_to='".$userdata['user_id']."'"); } else { $error = "1"; } redirect(FUSION_SELF."?folder=archive".($error ? "&error=$error" : "")); } elseif (isset($_POST['unsave'])) { $inbox_total = dbcount("(message_id)", DB_MESSAGES, "message_to='".$userdata['user_id']."' AND message_folder='0'"); if ($msg_settings['pm_inbox'] == "0" || ($inbox_total + 1) <= $msg_settings['pm_inbox']) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_folder='0' WHERE message_id='".$_GET['msg_id']."' AND message_to='".$userdata['user_id']."'"); } else { $error = "1"; } redirect(FUSION_SELF."?folder=archive".($error ? "&error=$error" : "")); } elseif (isset($_POST['delete'])) { $result = dbquery("DELETE FROM ".DB_MESSAGES." WHERE message_id='".$_GET['msg_id']."' AND message_to='".$userdata['user_id']."'"); redirect(FUSION_SELF."?folder=".$_GET['folder']); } } if ($msg_ids && $check_count > 0) { if (isset($_POST['save_msg'])) { $archive_total = dbcount("(message_id)", DB_MESSAGES, "message_to='".$userdata['user_id']."' AND message_folder='2'"); if ($msg_settings['pm_savebox'] == "0" || ($archive_total + $check_count) <= $msg_settings['pm_savebox']) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_folder='2' WHERE message_id IN(".$msg_ids.") AND message_to='".$userdata['user_id']."'"); } else { $error = "1"; } } elseif (isset($_POST['unsave_msg'])) { $inbox_total = dbcount("(message_id)", DB_MESSAGES, "message_to='".$userdata['user_id']."' AND message_folder='0'"); if ($msg_settings['pm_inbox'] == "0" || ($inbox_total + $check_count) <= $msg_settings['pm_inbox']) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_folder='0' WHERE message_id IN(".$msg_ids.") AND message_to='".$userdata['user_id']."'"); } else { $error = "1"; } } elseif (isset($_POST['read_msg'])) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_read='1' WHERE message_id IN(".$msg_ids.") AND message_to='".$userdata['user_id']."'"); } elseif (isset($_POST['unread_msg'])) { $result = dbquery("UPDATE ".DB_MESSAGES." SET message_read='0' WHERE message_id IN(".$msg_ids.") AND message_to='".$userdata['user_id']."'"); } elseif (isset($_POST['delete_msg'])) { $result = dbquery("DELETE FROM ".DB_MESSAGES." WHERE message_id IN(".$msg_ids.") AND message_to='".$userdata['user_id']."'"); } redirect(FUSION_SELF."?folder=".$_GET['folder'].($error ? "&error=$error" : "")); } if (isset($_POST['send_message'])) { $result = dbquery("SELECT * FROM ".DB_MESSAGES_OPTIONS." WHERE user_id='".$userdata['user_id']."'"); if (dbrows($result)) { $my_settings = dbarray($result); } else { $my_settings['pm_save_sent'] = $msg_settings['pm_save_sent']; $my_settings['pm_email_notify'] = $msg_settings['pm_email_notify']; } $subject = stripinput(trim($_POST['subject'])); $message = stripinput(trim($_POST['message'])); if ($subject == "" || $message == "") { redirect(FUSION_SELF."?folder=inbox"); } $smileys = isset($_POST['chk_disablesmileys']) ? "n" : "y"; require_once INCLUDES."sendmail_include.php"; if (iADMIN && isset($_POST['chk_sendtoall']) && isnum($_POST['msg_to_group'])) { $msg_to_group = $_POST['msg_to_group']; if ($msg_to_group == "101" || $msg_to_group == "102" || $msg_to_group == "103") { $result = dbquery( "SELECT u.user_id, u.user_name, u.user_email, mo.pm_email_notify FROM ".DB_USERS." u LEFT JOIN ".DB_MESSAGES_OPTIONS." mo USING(user_id) WHERE user_level>='".$msg_to_group."' AND user_status='0'" ); if (dbrows($result)) { while ($data = dbarray($result)) { if ($data['user_id'] != $userdata['user_id']) { $result2 = dbquery("INSERT INTO ".DB_MESSAGES." (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('".$data['user_id']."','".$userdata['user_id']."','".$subject."','".$message."','".$smileys."','0','".time()."','0')"); $message_content = str_replace("[SUBJECT]", $subject, $locale['626']); $message_content = str_replace("[USER]", $userdata['user_name'], $message_content); $send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify']; if ($send_email == "1") { sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'].$message_content); } } } } else { redirect(FUSION_SELF."?folder=inbox"); } } else { $result = dbquery( "SELECT u.user_id, u.user_name, u.user_email, mo.pm_email_notify FROM ".DB_USERS." u LEFT JOIN ".DB_MESSAGES_OPTIONS." mo USING(user_id) WHERE user_groups REGEXP('^\\\.{$msg_to_group}$|\\\.{$msg_to_group}\\\.|\\\.{$msg_to_group}$') AND user_status='0'" ); if (dbrows($result)) { while ($data = dbarray($result)) { if ($data['user_id'] != $userdata['user_id']) { $result2 = dbquery("INSERT INTO ".DB_MESSAGES." (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('".$data['user_id']."','".$userdata['user_id']."','".$subject."','".$message."','".$smileys."','0','".time()."','0')"); $message_content = str_replace("[SUBJECT]", $subject, $locale['626']); $message_content = str_replace("[USER]", $userdata['user_name'], $message_content); $send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify']; if ($send_email == "1") { sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'].$message_content); } } } } else { redirect(FUSION_SELF."?folder=inbox"); } } } elseif (isnum($_GET['msg_send'])) { require_once INCLUDES."flood_include.php"; if (!flood_control("message_datestamp", DB_MESSAGES, "message_from='".$userdata['user_id']."'")) { $result = dbquery( "SELECT u.user_id, u.user_name, u.user_email, u.user_level, mo.pm_email_notify, s.pm_inbox, COUNT(message_id) as message_count FROM ".DB_USERS." u LEFT JOIN ".DB_MESSAGES_OPTIONS." mo USING(user_id) LEFT JOIN ".DB_MESSAGES_OPTIONS." s ON s.user_id='0' LEFT JOIN ".DB_MESSAGES." ON message_to=u.user_id AND message_folder='0' WHERE u.user_id='".$_GET['msg_send']."' GROUP BY u.user_id" ); if (dbrows($result)) { $data = dbarray($result); if ($data['user_id'] != $userdata['user_id']) { if ($data['user_id'] == 1 || $data['user_level'] > 101 || $data['pm_inbox'] == "0" || ($data['message_count'] + 1) <= $data['pm_inbox']) { $result = dbquery("INSERT INTO ".DB_MESSAGES." (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES('".$data['user_id']."','".$userdata['user_id']."','".$subject."','".$message."','".$smileys."','0','".time()."','0')"); $send_email = isset($data['pm_email_notify']) ? $data['pm_email_notify'] : $msg_settings['pm_email_notify']; if ($send_email == "1") { $message_content = str_replace("[SUBJECT]", $subject, $locale['626']); $message_content = str_replace("[USER]", $userdata['user_name'], $message_content); sendemail($data['user_name'], $data['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['625'], $data['user_name'].$message_content); } } else { $error = "2"; } } } else { redirect(FUSION_SELF."?folder=inbox&error=noresult"); } } else { redirect(FUSION_SELF."?folder=inbox&error=flood"); } } if (!$error) { $cdata = dbarray(dbquery("SELECT COUNT(message_id) AS outbox_count, MIN(message_id) AS last_message FROM ".DB_MESSAGES." WHERE message_to='".$userdata['user_id']."' AND message_folder='1' GROUP BY message_to")); if ($my_settings['pm_save_sent']) { if ($msg_settings['pm_sentbox'] != "0" && ($cdata['outbox_count'] + 1) > $msg_settings['pm_sentbox']) { $result = dbquery("DELETE FROM ".DB_MESSAGES." WHERE message_id='".$cdata['last_message']."' AND message_to='".$userdata['user_id']."'"); } if (isset($_POST['chk_sendtoall']) && isnum($_POST['msg_to_group'])) { $outbox_user = $userdata['user_id']; } elseif (isset($_GET['msg_send']) && isnum($_GET['msg_send'])) { $outbox_user = $_GET['msg_send']; } else { $outbox_user = ""; } if ($outbox_user) { $result = dbquery("INSERT INTO ".DB_MESSAGES." (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('".$userdata['user_id']."','".$outbox_user."','".$subject."','".$message."','".$smileys."','1','".time()."','1')"); } } } redirect(FUSION_SELF."?folder=inbox".($error ? "&error=$error" : "")); } if (isset($_GET['error'])) { if ($_GET['error'] == "1") { $message = $locale['629']; } elseif ($_GET['error'] == "2") { $message = $locale['628']; } else { $message = ""; } add_to_title($locale['global_201'].$locale['627']); opentable($locale['627']); echo "
".nl2br(parseubb($message_preview))." | \n