Location: PHPKode > projects > PBBoard > PBBoard_v2.1.4/Upload/modules/pm_send.module.php
<?php

(!defined('IN_PowerBB')) ? die() : '';

$CALL_SYSTEM					=	array();
$CALL_SYSTEM['PM'] 				= 	true;
$CALL_SYSTEM['ICONS'] 			= 	true;
$CALL_SYSTEM['TOOLBOX'] 		= 	true;
$CALL_SYSTEM['FILESEXTENSION'] 	= 	true;
$CALL_SYSTEM['ATTACH'] 			= 	true;

define('JAVASCRIPT_PowerCode',true);

include('common.php');

define('CLASS_NAME','PowerBBPrivateMassegeSendMOD');

class PowerBBPrivateMassegeSendMOD
{
	function run()
	{
		global $PowerBB;

		if (!$PowerBB->_CONF['info_row']['pm_feature'])
		{
            $PowerBB->functions->ShowHeader();
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['no_pm']);
		}

		/** Can't use the private massege system **/
		if (!$PowerBB->_CONF['rows']['group_info']['use_pm'])
		{
        	$PowerBB->functions->ShowHeader();
		     /** Visitor can't use the private massege system **/
			if (!$PowerBB->_CONF['member_permission'])
			{
				  $PowerBB->template->display('login');
	              $PowerBB->functions->error_stop();
			 }
		    else
            {
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Cant_use_pm']);
	        }
		}
		/** **/

			$SendPmArr 				= 	array();
			$SendPmArr['where']		=	array('username',$PowerBB->_CONF['member_row']['username']);

			$GetSendPmInfo = $PowerBB->member->GetMemberInfo($SendPmArr);

		$GroupInfo 				= 	array();
		$GroupInfo['where'] 	= 	array('id',$GetSendPmInfo['usergroup']);

		$GetMemberOptions = $PowerBB->group->GetGroupInfo($GroupInfo);

		/** Can't use the private massege system **/
		if ($GetSendPmInfo['posts']  < $GetMemberOptions['min_send_pm'])
		{
			$PowerBB->functions->ShowHeader($PowerBB->_CONF['template']['lang']['Send_PM']);
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['error_min_send_pm_1'].' ('.$GetMemberOptions['min_send_pm'].') '.$PowerBB->_CONF['template']['lang']['error_min_send_pm_2'].' ('.$GetSendPmInfo['posts'].')');
		}

		/** Action to send the masseges **/
		if ($PowerBB->_GET['send'])
		{
			/** Show a nice form :) **/
			if ($PowerBB->_GET['index'])
			{
				$this->_SendForm();
			}
			/** **/

			/** Start send the massege **/
			elseif ($PowerBB->_GET['start'])
			{
				$this->_StartSend();
			}
			/** **/

		$PowerBB->functions->GetFooter();

		}
			/** ADD A New attach in New Pm :) **/
			if ($PowerBB->_GET['add_attach_pm'])
			{
				$this->_Add_attach_Pm();
			}
			/** Start uplud and Add attach in New pm **/
			elseif ($PowerBB->_GET['add_start_pm'])
			{
				$this->_Star_Add_pm();
			}
			/** Start delete attach In Pm **/
			elseif ($PowerBB->_GET['delete_attach_pm'])
			{
				$this->_Delete_Attach_Pm();
			}
		  /** **/
		/** **/

	}



	function _preview()
	{
		global $PowerBB;

		$PowerBB->functions->GetEditorTools();

		if (isset($PowerBB->_GET['username']))
		{
			$ToArr 				= 	array();
			$ToArr['get'] 		= 	'usergroup,username,pm_senders,pm_senders_msg,away,away_msg';
			$ToArr['where']		=	array('username',$PowerBB->_GET['username']);

			$GetToInfo = $PowerBB->member->GetMemberInfo($ToArr);

			if (!$GetToInfo)
			{
				$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_does_not_exist']);
			}
           $GetToInfo['away_msg'] = $PowerBB->functions->CleanVariable($GetToInfo['away_msg'],'html');

			$PowerBB->template->assign('SHOW_MSG',$GetToInfo['pm_senders']);
			$PowerBB->template->assign('SHOW_MSG1',$GetToInfo['away']);
			$PowerBB->template->assign('MSG',$GetToInfo['pm_senders_msg']);
			$PowerBB->template->assign('MSG1',$GetToInfo['away_msg']);
			$PowerBB->template->assign('to',$GetToInfo['username']);
		}
         //////////////////////
        $ExArr 						= 	array();
		$ExArr['order']				=	array();
		$ExArr['order']['field']	=	'id';
		$ExArr['order']['type']		=	'DESC';
		$ExArr['proc'] 				= 	array();
		$ExArr['proc']['*'] 		= 	array('method'=>'clean','param'=>'html');

		$PowerBB->_CONF['template']['while']['ExList'] = $PowerBB->extension->GetExtensionList($ExArr);
		// Finally , show the form :)
		$PowerBB->template->display('pm_send');
	}

	/**
	 * Show send form for the sender , Get the colors , fonts , icons and smiles list
	 */
	function _SendForm()
	{
		global $PowerBB;



		$PowerBB->functions->ShowHeader($PowerBB->_CONF['template']['lang']['Send_PM']);

		$PowerBB->functions->GetEditorTools();

		if (isset($PowerBB->_GET['username']))
		{
			$ToArr 				= 	array();
			$ToArr['get'] 		= 	'usergroup,username,pm_senders,pm_senders_msg,away,away_msg';
			$ToArr['where']		=	array('username',$PowerBB->_GET['username']);

			$GetToInfo = $PowerBB->member->GetMemberInfo($ToArr);

			if (!$GetToInfo)
			{
				$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_does_not_exist']);
			}

           //
			$SendPmArr 				= 	array();
			$SendPmArr['where']		=	array('username',$PowerBB->_GET['username']);

			$GetSendPm = $PowerBB->member->GetMemberInfo($SendPmArr);

			$GroupInfo 				= 	array();
			$GroupInfo['where'] 	= 	array('id',$GetSendPm['usergroup']);

			$GetMemberGroup = $PowerBB->group->GetGroupInfo($GroupInfo);
			$user_name = $PowerBB->_GET['username'];
			$PrivateMassegeNumber = $PowerBB->DB->sql_num_rows($PowerBB->DB->sql_query("SELECT * FROM " . $PowerBB->table['pm'] . " WHERE user_to = '$user_name' and user_read = '' and folder = 'inbox'"));
			if (!$GetMemberGroup['max_pm']== '0')
            {
				if ($PrivateMassegeNumber > $GetMemberGroup['max_pm'])
				{
				$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Sorry_Consumed_this_member_limit_messages']);
				}
           }

         // replace away msg
		   $GetToInfo['away_msg'] = $PowerBB->Powerparse->replace($GetToInfo['away_msg']);
           $PowerBB->Powerparse->replace_smiles($GetToInfo['away_msg']);

		// feltr away msg
		   $GetToInfo['away_msg'] = str_ireplace('{39}',"'",$GetToInfo['away_msg']);
	       $GetToInfo['away_msg'] = str_ireplace('cookie','**',$GetToInfo['away_msg']);
	       $censorwords = preg_split('#[ \r\n\t]+#', $PowerBB->_CONF['info_row']['censorwords'], -1, PREG_SPLIT_NO_EMPTY);
	       $GetToInfo['away_msg'] = str_ireplace($censorwords,'**', $GetToInfo['away_msg']);
	       $GetToInfo['away_msg'] = str_replace('&amp;','&',$GetToInfo['away_msg']);
	       //
          $GetToInfo['away_msg'] = $PowerBB->functions->CleanVariable($GetToInfo['away_msg'],'html');

			$PowerBB->template->assign('SHOW_MSG',$GetToInfo['pm_senders']);
			$PowerBB->template->assign('SHOW_MSG1',$GetToInfo['away']);
			$PowerBB->template->assign('MSG',$GetToInfo['pm_senders_msg']);
			$PowerBB->template->assign('MSG1',$GetToInfo['away_msg']);
			$PowerBB->template->assign('to',$GetToInfo['username']);
		}
         //////////////////////
        $ExArr 						= 	array();
		$ExArr['order']				=	array();
		$ExArr['order']['field']	=	'id';
		$ExArr['order']['type']		=	'DESC';
		$ExArr['proc'] 				= 	array();
		$ExArr['proc']['*'] 		= 	array('method'=>'clean','param'=>'html');

		$PowerBB->_CONF['template']['while']['ExList'] = $PowerBB->extension->GetExtensionList($ExArr);

        // show Custom_bbcode List
		$Custom_bbcodeArr 					= 	array();
		$Custom_bbcodeArr['order']			=	array();
		$Custom_bbcodeArr['order']['field']	=	'id';
		$Custom_bbcodeArr['order']['type']	=	'DESC';
		$Custom_bbcodeArr['proc'] 			= 	array();
		$Custom_bbcodeArr['proc']['*'] 		= 	array('method'=>'clean','param'=>'html');

		$PowerBB->_CONF['template']['while']['Custom_bbcodesList'] = $PowerBB->custom_bbcode->GetCustom_bbcodeList($Custom_bbcodeArr);


		// Finally , show the form :)
		$PowerBB->template->display('pm_send');

	}

	/**
	 * Check if the necessary informations is not empty ,
	 * and some checks about the sender and resiver then send the massege .
	 */
	function _StartSend()
	{
		global $PowerBB;

$PowerBB->_POST['text'] 	= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['text'],'sql');
$PowerBB->_POST['title'] 	= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['title'],'sql');
$PowerBB->_POST['to'][0] 	= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['to'][0],'sql');

	   if ($PowerBB->_POST['preview'])
       {

    	    $PowerBB->functions->ShowHeader($PowerBB->_CONF['template']['lang']['Send_PM']);
            $previewtext = $PowerBB->_POST['text'];
            $previewtext = $PowerBB->Powerparse->replace($previewtext);
            $PowerBB->Powerparse->replace_smiles($previewtext);
            $PowerBB->template->assign('prev',stripslashes($PowerBB->_POST['text']));
            $PowerBB->template->assign('to',$PowerBB->_POST['to'][0]);
            $PowerBB->template->assign('send_title',stripslashes($PowerBB->_POST['title']));
            $PowerBB->template->assign('preview',stripslashes($previewtext));
       	    $PowerBB->template->assign('view_preview',stripslashes($PowerBB->_POST['text']));

			$this->_preview();


        }
      else
       {

				$PowerBB->functions->ShowHeader();

                $PowerBB->functions->AddressBar('<a href="index.php?page=pm_list&list=1&folder=inbox"> ' .$PowerBB->_CONF['template']['lang']['Private_Messages'] .'</a>'. $PowerBB->_CONF['info_row']['adress_bar_separate'] . $PowerBB->_CONF['template']['lang']['execution_add_pm']);
				if (empty($PowerBB->_POST['to'][0]))
				{
					$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_must_type_username']);
				}

				if (empty($PowerBB->_POST['title']))
				{
					$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_must_type_pm_title']);
				}

				if (empty($PowerBB->_POST['text']))
				{
					$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_must_type_pm_text']);
				}

				$size = sizeof($PowerBB->_POST['to']);

				$success 	= 	array();
				$fail		=	array();

		     	if ($size > 0)
		     	{
		     		$x = 0;

		     		while ($x < $size)
		     		{
		     			// Ensure there is no repeat
		     			if (in_array($PowerBB->_POST['to'][$x],$success)
		     				or in_array($PowerBB->_POST['to'][$x],$fail))
		     			{
		     				$x += 1;

		     				continue;
		     			}

						$ToArr 				= 	array();
						$ToArr['get'] 		= 	'usergroup,username,autoreply,autoreply_title,autoreply_msg';
						$ToArr['where']		=	array('username',$PowerBB->_POST['to'][$x]);

						$GetToInfo = $PowerBB->member->GetMemberInfo($ToArr);

						if (!$GetToInfo
							and $size > 1)
						{
							$fail[] = $PowerBB->_POST['to'][$x];

							unset($GetToInfo,$GetMemberOptions);

							$x += 1;

							continue;
						}
						elseif (!$GetToInfo
								and $size == 1)
						{
							$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_does_not_exist']);
						}

                         // Report mail .. New Massege
						$MemberArr 			= 	array();
						$MemberArr['where'] 	= 	array('username',$PowerBB->_POST['to'][$x]);

						$MemberInfo = $PowerBB->member->GetMemberInfo($MemberArr);


						$MemberFormArr 			= 	array();
						$MemberFormArr['where'] 	= 	array('username',$PowerBB->_CONF['member_row']['username']);

						$MemberFormInfo = $PowerBB->member->GetMemberInfo($MemberFormArr);

                		$Adress = 	$PowerBB->functions->GetForumAdress();

						if ($MemberInfo['pm_emailed'] == '1')
						{
						 $title = $PowerBB->_CONF['template']['lang']['you_have_new_pm'];
						 $username = $PowerBB->_CONF['template']['lang']['hello_your']  . $PowerBB->_POST['to'][$x].'<br>';
 			         	 $Form_Massege =  $PowerBB->_CONF['member_row']['username'].$PowerBB->_CONF['template']['lang']['Has_written_a_new_Pm'] .
                         $PowerBB->_CONF['template']['lang']['Please_login_on_the_following_link_to_access_the_pm'].'<a target="_blank" href="'. $Adress . 'index.php?page=pm_list&list=1&folder=inbox">'. $Adress . 'index.php?page=pm_list&list=1&folder=inbox</a>'. $PowerBB->_CONF['template']['lang']['greetings_Management_Forum']  . $PowerBB->_CONF['info_row']['title'] .'<br>' . $Adress . 'index.php';

				         	if ($PowerBB->_CONF['info_row']['mailer']=='phpmail')
							{
							 $send_mail = $PowerBB->functions->mail($MemberInfo['email'],$title,$username . $Form_Massege,$PowerBB->_CONF['info_row']['send_email']);
				            }
							elseif ($PowerBB->_CONF['info_row']['mailer']=='smtp')
							{
							$to = $MemberInfo['email'];
							$fromname = $PowerBB->_CONF['info_row']['title'];
							$message = $username . $Form_Massege;
							$subject = $title;
							$from = $PowerBB->_CONF['info_row']['send_email'];
                            $Send = $PowerBB->functions->send_this_smtp($to,$fromname,$message,$subject,$from);
							}

                        }

						$GroupInfo 				= 	array();
						$GroupInfo['where'] 	= 	array('id',$GetToInfo['usergroup']);

						$GetMemberOptions = $PowerBB->group->GetGroupInfo($GroupInfo);

						if (!$GetMemberOptions['resive_pm']
							and $size > 1)
						{
							$fail[] = $PowerBB->_POST['to'][$x];

							unset($GetToInfo,$GetMemberOptions);

							$x += 1;

							continue;
						}
						elseif (!$GetMemberOptions['resive_pm']
								and $size == 1)
						{
							$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Sorry_this_member_can_not_receive_private_messages']);
						}

						if ($GetMemberOptions['max_pm'] > 0)
						{
							  $user_name = $GetToInfo['username'];
                              $PrivateMassegeNumber = $PowerBB->DB->sql_num_rows($PowerBB->DB->sql_query("SELECT * FROM " . $PowerBB->table['pm'] . " WHERE user_to = '$user_name' and user_read = '' and folder = 'inbox'"));

							if ($PrivateMassegeNumber > $GetMemberOptions['max_pm']
								and $size > 1)
							{
								$fail[] = $PowerBB->_POST['to'][$x];

								unset($GetToInfo,$GetMemberOptions);

								$x += 1;

								continue;
							}
							elseif ($PrivateMassegeNumber > $GetMemberOptions['max_pm']
									and $size == 1)
							{
								$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Sorry_Consumed_this_member_limit_messages']);
							}
						}

						// Filter Words
			     	   $censorwords = preg_split('#[ \r\n\t]+#', $PowerBB->_CONF['info_row']['censorwords'], -1, PREG_SPLIT_NO_EMPTY);
	                   $PowerBB->_POST['title'] = str_ireplace($censorwords,'**', $PowerBB->_POST['title']);
	                   $PowerBB->_POST['text'] = str_ireplace($censorwords,'**', $PowerBB->_POST['text']);
		               $PowerBB->_POST['text'] = str_replace('&amp;','&',$PowerBB->_POST['text']);
		               $PowerBB->_POST['text'] = str_ireplace('{39}',"'",$PowerBB->_POST['text']);
                       $PowerBB->_POST['text'] = str_ireplace('cookie','**',$PowerBB->_POST['text']);


	                   //

						$MsgArr 				= 	array();
						$MsgArr['get_id']		=	true;
						$MsgArr['field']		=	array();

						$MsgArr['field']['user_from'] 	= 	$PowerBB->_CONF['member_row']['username'];
						$MsgArr['field']['user_to'] 	= 	$GetToInfo['username'];
						$MsgArr['field']['title'] 		= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['title'],'html');
						$MsgArr['field']['text'] 		= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['text'],'html');
						$MsgArr['field']['date'] 		= 	$PowerBB->_CONF['now'];
						$MsgArr['field']['icon'] 		= 	$PowerBB->_POST['icon'];
						$MsgArr['field']['folder'] 		= 	'inbox';

						$Send = $PowerBB->pm->InsertMassege($MsgArr);

						if ($Send)
						{
				     		// Upload files
						   $GetAttachArr 					= 	array();
						   $GetAttachArr['where'] 			= 	array('pm_id','-'.$PowerBB->_CONF['member_row']['id']);
						   $Attachinfo = $PowerBB->attach->GetAttachInfo($GetAttachArr);

				     		if ($Attachinfo)
				     		{

								$SubjectArr 							= 	array();
								$SubjectArr['field'] 					= 	array();
								$SubjectArr['field']['attach_subject'] 	= 	'1';
								$SubjectArr['where'] 					= 	array('id',$PowerBB->subject->id);

								$update = $PowerBB->subject->UpdateSubject($SubjectArr);

							//	Update All Attach
							 $member_id_Attach = '-'.$PowerBB->_CONF['member_row']['id'];
		                     $getAttach = $PowerBB->DB->sql_query("SELECT  *   FROM " . $PowerBB->table['attach'] . " WHERE pm_id = '$member_id_Attach' ");
		                     while ($getAttach_row = $PowerBB->DB->sql_fetch_array($getAttach))
		                      {
								// Count a new download
								$UpdateArr 						= 	array();
								$UpdateArr['field'] 			= 	array();
								$UpdateArr['field']['pm_id'] 	= 	$PowerBB->pm->id;
								$UpdateArr['where'] 			= 	array('id',$getAttach_row['id']);

		                 		$update = $PowerBB->attach->UpdateAttach($UpdateArr);
		                     }
		     		      }

		     		//////////

		     				//////////

							$MsgArr 				= 	array();
							$MsgArr['field']		=	array();

						    $MsgArr['field']['user_from'] 	= $PowerBB->_CONF['member_row']['username'];
						    $MsgArr['field']['user_to'] 	= $GetToInfo['username'];
							$MsgArr['field']['title'] 		= $PowerBB->_POST['title'];
							$MsgArr['field']['text'] 		= $PowerBB->_POST['text'];
							$MsgArr['field']['date'] 		= $PowerBB->_CONF['now'];
							$MsgArr['field']['icon'] 		= $PowerBB->_POST['icon'];
							$MsgArr['field']['folder'] 		= 'sent';

							$SentBox = $PowerBB->pm->InsertMassege($MsgArr);

							if ($SentBox)
							{
								/** Auto reply **/
								if ($GetToInfo['autoreply'])
								{
									$MsgArr 			= 	array();
									$MsgArr['field'] 	= 	array();

									$MsgArr['field']['user_from'] 	= 	$GetToInfo['username'];
									$MsgArr['field']['user_to'] 	= 	$PowerBB->_CONF['member_row']['username'];
									$MsgArr['field']['title'] 		= 	$PowerBB->_CONF['template']['lang']['_IVR_'] . $GetToInfo['autoreply_title'];
									$MsgArr['field']['text'] 		= 	$GetToInfo['autoreply_msg'];
									$MsgArr['field']['date'] 		= 	$PowerBB->_CONF['now'];
									$MsgArr['field']['folder'] 		= 	'inbox';

									$AutoReply = $PowerBB->pm->InsertMassege($MsgArr);
								}

								$NumberArr 				= 	array();
								$NumberArr['username'] 	= 	$GetToInfo['username'];

								$Number = $PowerBB->pm->NewMessageNumber($NumberArr);

								$CacheArr 					= 	array();
								$CacheArr['field']			=	array();

								$CacheArr['field']['unread_pm'] 	= 	$Number;
								$CacheArr['where'] 					= 	array('username',$GetToInfo['username']);

								$Cache = $PowerBB->member->UpdateMember($CacheArr);

								if ($Cache)
								{
									$success[] = $PowerBB->_POST['to'][$x];
								}
							}
						}

						unset($GetToInfo,$GetMemberOptions);

						$x += 1;
					}
		     	}
		     	else
		     	{
		     		$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['path_not_true']);
		     	}

		     	$sucess_number 	= 	sizeof($success);
		     	$fail_numer		=	sizeof($fail);

		     	if ($sucess_number == $size)
		     	{
		     		$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['pm_send_successfully']);
		     	}
		     	elseif ($fail_number == $size)
		     	{
		     		$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['no_send_pm']);
		     	}
		     	elseif ($sucess_number < $size)
		     	{
		     		$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['pm_send_successfully_to_some']);
		     	}
                $PowerBB->functions->redirect('index.php?page=pm_list&amp;list=1&amp;folder=inbox');

     	}
	}

    function _Add_attach_Pm()
	{
		global $PowerBB;

		// Get the attachment information

			$AttachArr 							= 	array();
			$AttachArr['where']					= 	array();
			$AttachArr['where'][0] 				=	array();
			$AttachArr['where'][0]['name'] 		=	'pm_id';
			$AttachArr['where'][0]['oper'] 		=	'=';
			$AttachArr['where'][0]['value'] 	=	'-'.$PowerBB->_CONF['member_row']['id'];

			$PowerBB->_CONF['template']['while']['PmAttachList'] = $PowerBB->attach->GetAttachList($AttachArr);

		////////

		$ExArr 						= 	array();
		$ExArr['order']				=	array();
		$ExArr['order']['field']	=	'id';
		$ExArr['order']['type']		=	'DESC';
		$ExArr['proc'] 				= 	array();
		$ExArr['proc']['*'] 		= 	array('method'=>'clean','param'=>'html');

		$PowerBB->_CONF['template']['while']['ExList'] = $PowerBB->extension->GetExtensionList($ExArr);

		// Finally , show the form :)
		$PowerBB->template->assign('section',$PowerBB->_GET['section']);
		$PowerBB->template->display('add_attach_pm');


	}

	function _Star_Add_pm()
	{
		global $PowerBB;


         if (empty($PowerBB->_FILES['files']['name']))
		{
			$PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['You_do_not_choose_any_file']);
		}

			// Check if the extenstion is allowed or not
			$ext = $PowerBB->functions->GetFileExtension($PowerBB->_FILES['files']['name']);

	        // Get the extension of the file
			$ExtArr 			= 	array();
			$ExtArr['where'] 	= 	array('Ex',$ext);

			$extension = $PowerBB->extension->GetExtensionInfo($ExtArr);

	        // Check if the extenstion max size is allowed or not
	        $size = ceil(($PowerBB->_FILES['files']['size'] / 1024));

			if ($size > $extension['max_size'])
			{
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['max_size_extension1'].'('. $ext .')'.$PowerBB->_CONF['template']['lang']['max_size_extension2'].$extension['max_size'].$PowerBB->_CONF['template']['lang']['max_size_extension3']);
			}

			if (!$PowerBB->extension->IsExtension(array('where' => array('Ex',$ext))))
			{
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension'].'('. $ext .')');
			}

            if ( stristr($PowerBB->_FILES['files']['name'],'.php') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.php3') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.phtml') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.pl') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.cgi') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.asp') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}
			if ( stristr($PowerBB->_FILES['files']['name'],'.3gp') )
             {
              $PowerBB->functions->error_no_foot($PowerBB->_CONF['template']['lang']['Can_you_raise_file_extension']);
			}



             $Random = $PowerBB->functions->RandomCode() .$PowerBB->_FILES['files']['name'];

                     $ext = str_replace('.','',$ext);

                // Insert attachment to the database
				$AttachArr 							= 	array();
				$AttachArr['field'] 				= 	array();
				$AttachArr['field']['filename'] 	= 	$PowerBB->_FILES['files']['name'];
				$AttachArr['field']['filepath'] 	= 	$PowerBB->_CONF['info_row']['download_path'] . '/' . $Random;
				$AttachArr['field']['filesize'] 	= 	$PowerBB->_FILES['files']['size'];
				$AttachArr['field']['pm_id'] 	= 	'-'.$PowerBB->_CONF['member_row']['id'];
				$AttachArr['field']['extension'] 	= 	$ext;
				$AttachArr['field']['u_id']		    =	$PowerBB->_CONF['member_row']['id'];

				$InsertAttach = $PowerBB->attach->InsertAttach($AttachArr);

				if ($InsertAttach)
				{

					// Kill XSS
					$PowerBB->functions->CleanVariable($InsertAttach,'html');
					// Kill SQL Injection
					$PowerBB->functions->CleanVariable($InsertAttach,'sql');


			         move_uploaded_file($PowerBB->_FILES['files']['tmp_name'] , $PowerBB->_CONF['info_row']['download_path'] . '/' . $Random);


                }


		$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['File_was_downloaded_successfully']);
		$PowerBB->functions->redirect('index.php?page=pm_send&amp;add_attach_pm=1');


	 }

	 function _Delete_Attach_Pm()
	{
		global $PowerBB;

       	$PowerBB->_GET['id'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');

		if (empty($PowerBB->_GET['id']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['path_not_true']);
		}

		  $GetAttachArr 					= 	array();
		  $GetAttachArr['where'] 			= 	array('id',$PowerBB->_GET['id']);
		   $Attachinfo = $PowerBB->attach->GetAttachInfo($GetAttachArr);

		   	if (file_exists($Attachinfo['filepath']))
		      {
			   $del = unlink($Attachinfo['filepath']);
              }


	        // Delete attachment to the database
			$AttachArr 							= 	array();
			$AttachArr['name'] 	        		=  	'id';
	        $AttachArr['where'] 		    	= 	array('id',$PowerBB->_GET['id']);

			$DeleteAttach = $PowerBB->attach->DeleteAttach($AttachArr);

		 if($DeleteAttach)
		  {
			// Finally , Delete the Attach
	        $PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['File_was_deleted_successfully']);
		    $PowerBB->functions->redirect('index.php?page=pm_send&amp;add_attach_pm=1');
		  }

	}


}

?>

Return current item: PBBoard