<?php
// File: $Id: replypmsg.php,v 1.20 2001/12/04 13:07:45 jgm Exp $ $Name: $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Francisco Burzi
// Purpose of file: Part of phpBB integration
// Copyright (c) 2001 by
// Richard Tirtadji AKA King Richard (hide@address.com)
// Hutdik Hermawan AKA hotFix (hide@address.com)
// http://www.phpnuke.web.id
// ----------------------------------------------------------------------
if (!defined("LOADED_AS_MODULE")) {
die ("You can't access this file directly...");
}
//FTO use quotes fro index name (remove warning)
$ModName = $GLOBALS['name'];
include 'mainfile.php';
include 'modules/'.$ModName.'/functions.php';
modules_get_language();
$forumpage = 1;
// Post-Nuke: smilies setting: 0 = on / 1 = off
// Will be moved to config.php after admin redesign.
$smilies = 1;
global $pntable, $dbconn;
// Post-Nuke: end
//FTO : Remove Warning
if (!isset($db)) $db='';
if (!isset($submit)) $submit='';
if (!isset($cancel)) $cancel='';
if (!isset($reply)) $reply='';
if (!isset($send)) $send='';
if (!isset($allow_html)) $allow_html='';
if (!isset($allow_bbcode)) $allow_bbcode='';
if (!isset($smile)) $smile='';
if (!isset($sig)) $sig='';
if (!isset($image)) $image='';
if (!isset($status)) $status='';
if (!isset($uname)) $uname='';
if (!isset($msg_id)) $msg_id='';
if($cancel) {
pnRedirect('modules.php?op=modload&name='.$ModName.'&file=index');
}
if (!is_user($user)) {
pnRedirect('user.php');
} else {
include('header.php');
$userdata = explode(":", base64_decode($user));
if (!$result = check_user_pw($userdata[1],$userdata[2],$db,$system))
$userdata = get_userdata($userdata[1], $db);
if($submit) {
if($subject == '') {
forumerror("0017");
}
if($smilies==1) {
echo "";
}
else {
if($image == '') {
forumerror("0018");
}
}
if($message == '') {
forumerror("0019");
}
if($allow_html == 0 && isset($html)) {
$message = htmlspecialchars($message);
}
if($allow_bbcode == 1 && !isset($bbcode)) {
$message = pn_bbencode($message);
}
//FTO use quotes for index name
if($sig) {
$message .= "<br>-----------------<br>" . $userdata['user_sig'];
}
$message = str_replace("\n", "<br>", $message);
if(!$smile) {
$message = smile($message);
}
$message = make_clickable($message);
$message = addslashes($message);
$time = date("Y-m-d H:i");
$column = &$pntable['users_column'];
$res = $dbconn->Execute("SELECT $column[uid]
FROM $pntable[users]
WHERE $column[uname]='$to_user'");
//ADODBtag list+row
list($to_userid) = $res->fields;
if ($to_userid == "") {
OpenTable();
echo "<center><font class=\"pn-normal\">"._USERNOTINDB."<br>"
.""._CHECKNAMEANDTRY."<br><br>"
.""._GOBACK."</font></center>";
CloseTable();
include("footer.php");
} else {
$column = &$pntable['priv_msgs_column'];
$nextid = $dbconn->GenId("{$pntable['priv_msgs']}_SEQ");
$sql = "INSERT INTO $pntable[priv_msgs] ($column[msg_id], $column[msg_image], $column[subject], $column[from_userid], $column[to_userid], $column[msg_time], $column[msg_text])
VALUES ($nextid, '$image', '$subject', $userdata[uid], $to_userid, '$time', '$message')";
$res = $dbconn->Execute($sql);
if($dbconn->ErrorNo()<>0) {
error_log("DB Error: " . $dbconn->ErrorMsg());
error_log("SQL was: $sql");
forumerror("0020");
}
OpenTable();
echo "<center><font class=\"pn-normal\"><b>"._MSGPOSTED."<b></font><br><a class=\"pn-normal\" href=\"modules.php?op=modload&name=$ModName&file=index\"><b>"._RETURNTOPMSG."</b></a></center>";
CloseTable();
}
}
if (isset($delete)) {
if (isset($msg_id)) {
if (is_array($msg_id)) {
// delete multiple messages for a list
$column = &$pntable['priv_msgs_column'];
for ($i = 0; $i < $total_messages; $i++) {
if (isset($msg_id[$i])) {
$res = $dbconn->Execute("DELETE FROM $pntable[priv_msgs]
WHERE $column[msg_id]=$msg_id[$i]
AND $column[to_userid]=$userdata[uid]");
if ($dbconn->ErrorNo()<>0) {
error_log("DB Error: " . $dbconn->ErrorMsg());
forumerror("0021");
} else {
$status = 1;
}
}
}
} else {
// delete a single message
$column = &$pntable['priv_msgs_column'];
$res = $dbconn->Execute("DELETE FROM $pntable[priv_msgs]
WHERE $column[msg_id]=$msg_id
AND $column[to_userid]=$userdata[uid]");
if ($dbconn->ErrorNo() != 0) {
error_log("DB Error: " . $dbconn->ErrorMsg());
forumerror("0021");
} else {
$status = 1;
}
}
if ($status) {
OpenTable();
echo "<center><font class=\"pn-normal\"><b>"._MSGDELETED."</b></font><br><a class=\"pn-normal\" href=\"modules.php?op=modload&name=$ModName&file=index\">"._RETURNTOPMSG."</a></center>";
CloseTable();
}
} else {
OpenTable();
echo "<center><font class=\"pn-normal\"><b>"._NO_MESSAGE_SELECTED."</b></font><br><a class=\"pn-normal\" href=\"modules.php?op=modload&name=$ModName&file=index\">"._RETURNTOPMSG."</a></center>";
CloseTable();
}
}
if ($reply || $send) {
if ($reply) {
$column = &$pntable['priv_msgs_column'];
$sql = "SELECT $column[msg_image] AS msg_image, $column[subject] AS subject,
$column[from_userid] AS from_userid, $column[to_userid] AS to_userid
FROM $pntable[priv_msgs]
WHERE $column[msg_id] = $msg_id";
$result = $dbconn->Execute($sql);
if($dbconn->ErrorNo()<>0) {
error_log("DB Error: " . $dbconn->ErrorMsg());
forumerror("0022");
}
//ADODBtag MoveNext ->fet_chrow(DB_FETCHMODE_ASSOC
$row = $result->GetRowAssoc(false);
$result->MoveNext();
if (!$row) {
forumerror("0023");
}
//FTO use quotes fro index name (remove warning)
$fromuserdata = get_userdata_from_id($row['from_userid'], $db);
//FTO use quotes fro index name (remove warning)
$touserdata = get_userdata_from_id($row['to_userid'], $db);
//FTO use quotes fro index name (remove warning)
if ( is_user($user) && ($userdata['uid'] != $touserdata['uid']) ) {
forumerror("0024");
}
}
OpenTable();
print '<center><font class="pn-pagetitle">'._USENDPRIVATEMSG.'</font></center>';
echo "<br>";
CloseTable();
echo "<FORM ACTION=\"modules.php\" METHOD=\"POST\" NAME=\"coolsus\">"
."<input type=\"hidden\" name=\"op\" value=\"modload\">"
."<input type=\"hidden\" name=\"name\" value=\"$ModName\">"
."<input type=\"hidden\" name=\"file\" value=\"replypmsg\">"
."<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"0\" ALIGN=\"CENTER\" VALIGN=\"TOP\" WIDTH=\"100%\"><TR><TD>"
."<TABLE BORDER=\"0\" CELLPADDING=\"3\" CELLSPACING=\"1\" WIDTH=\"100%\">"
."<TR BGCOLOR=\"$bgcolor2\" ALIGN=\"LEFT\">"
."<TD width=\"25%\"><FONT class=\"pn-normal\"><b>"._ABOUTPOSTING.":</b></FONT></TD>"
."<TD><FONT class=\"pn-normal\"><b>"._ALLREGCANPOST."</b></FONT></TD>"
."</TR>"
."<TR ALIGN=\"LEFT\">"
."<TD BGCOLOR=\"$bgcolor3\" width=\"25%\"><font class=\"pn-normal\"><b>"._TO.":</b></font></TD>";
if ($reply) {
echo "<TD BGCOLOR=\"$bgcolor3\"><INPUT TYPE=\"HIDDEN\" NAME=\"to_user\" VALUE=\"$fromuserdata[uname]\"><font class=\"pn-normal\">$fromuserdata[uname]</font></TD>";
} else {
if ($uname) {
echo "<TD BGCOLOR=\"$bgcolor3\"><INPUT NAME=\"to_user\" SIZE=\"26\" maxlength=\"25\" value=\"$uname\">";
} else {
echo "<TD BGCOLOR=\"$bgcolor3\"><INPUT NAME=\"to_user\" SIZE=\"26\" maxlength=\"25\">";
}
echo "</td>";
}
echo "</TR>"
."<TR ALIGN=\"LEFT\">"
."<TD BGCOLOR=\"$bgcolor3\" width=\"25%\"><font class=\"pn-normal\"><b>"._SUBJECT.":</b></font></TD>";
if ($reply) {
echo "<TD BGCOLOR=\"$bgcolor3\"><INPUT TYPE=\"TEXT\" NAME=\"subject\" VALUE=\""._RE.": $row[subject]\" SIZE=\"100\" MAXLENGTH=\"100\"></TD>";
} else {
echo "<TD BGCOLOR=\"$bgcolor3\"><INPUT TYPE=\"TEXT\" NAME=\"subject\" SIZE=\"100\" MAXLENGTH=\"100\"></TD>";
}
echo "</TR>";
// Post-Nuke: remove icons
if($smilies==1) {
echo "";
}
else {
echo "<TR ALIGN=\"LEFT\" VALIGN=\"TOP\">"
."<TD BGCOLOR=\"$bgcolor3\" width=\"25%\"><font class=\"pn-normal\"><b>"._MESSAGEICON.":</b></font></TD>"
."<TD BGCOLOR=\"$bgcolor3\">";
$handle=opendir("images/smilies");
while ($file = readdir($handle)) {
$filelist[] = $file;
}
asort($filelist);
$a = 1;
while (list ($key, $file) = each ($filelist)) {
ereg(".gif|.jpg",$file);
if ($file == "." || $file == "..") {
$a=1;
} else {
if ($file == $row[msg_image] && $row[msg_image] != "") {
echo "<INPUT TYPE='radio' NAME='image' VALUE=\"$file\" checked><IMG SRC=\"images/smilies/$file\" BORDER=\"0\"> ";
} else {
if ($a == 1 && $row[msg_image] == "") {
$sel = "checked";
} else {
$sel = "";
}
echo "<INPUT TYPE='radio' NAME='image' VALUE=\"$file\" $sel><IMG SRC=\"image/smilies/$file\" BORDER=\"0\"> ";
$a++;
}
}
if ($count >= 10) {
$count=1; echo "<br>";
}
$count++;
}
}
// Post-Nuke: end
echo "</TD>"
."</TR>"
."<TR ALIGN=\"LEFT\" VALIGN=\"TOP\">"
."<TD BGCOLOR=\"$bgcolor3\" width=\"25%\"><font class=\"pn-normal\"><b>"._MESSAGE.":</b></font><br><br>"
."<font class=\"pn-sub\"><b>"._HTML."</b> : ";
if($allow_html == 1) {
echo ""._ON."<BR>\n";
} else {
echo ""._OFF."<BR>\n";
}
echo "<a class=\"pn-normal\" href=\"modules/$ModName/bbcode_ref.php\" TARGET=\"blank\"><b>"._BBCODE."</b></a> : ";
if($allow_bbcode == 1) {
echo ""._ON."<br>\n";
} else {
echo ""._OFF."<BR>\n";
}
if ($reply) {
$column = &$pntable['priv_msgs_column'];
$column2 = &$pntable['users_column'];
$result = $dbconn->Execute( "SELECT $column[msg_text] AS msg_text,
$column[msg_time] AS msg_time,
$column2[uname] AS uname
FROM $pntable[priv_msgs], $pntable[users]
WHERE ($column[msg_id] = $msg_id)
AND ($column[from_userid] = $column2[uid])");
if($dbconn->ErrorNo()<>0) {
error_log("DB Error: " . $dbconn->ErrorMsg());
$reply = "Error Contacting database. Please try again.\n";
} else {
//ADODBtag MoveNext ->fet_chrow(DB_FETCHMODE_ASSOC
$row = $result->GetRowAssoc(false);
$result->MoveNext();
//FTO use quotes fro index name (remove warning)
$text = desmile($row['msg_text']);
$text = str_replace("<BR>", "\n", $text);
$text = stripslashes($text);
$text = pn_bbdecode($text);
$reply = "[quote]\n"._ON." $row[msg_time], $row[uname] "._WROTE.":\n$text\n[/quote]";
}
}
echo "</font></TD>"
."<TD BGCOLOR=\"$bgcolor3\"><TEXTAREA NAME=\"message\" ROWS=\"15\" COLS=\"90\" WRAP=\"VIRTUAL\">";
if ($reply) {
echo $reply;
}
echo "</TEXTAREA><BR>";
// Post-Nuke: make this a user set option 0=on / 1=off
if($smilies==1) { echo ""; } else {
putitems();
} // Post-Nuke: end
echo "</TD>"
."</TR>";
// Post-Nuke: remove last of icon/smiley stuff
if($smilies==1) { echo ""; } else {
echo "<TR ALIGN=\"LEFT\">"
."<TD BGCOLOR=\"$bgcolor3\" width=\"25%\"><font class=\"pn-normal\">"._OPTIONS.":</font></TD>"
."<TD BGCOLOR=\"$bgcolor1\">";
if($allow_html == 1) {
echo "<INPUT TYPE=\"CHECKBOX\" NAME=\"html\"><font class=\"pn-normal\">"._HTMLDISSABLE."<font><br>";
}
if($allow_bbcode == 1) {
echo "<INPUT TYPE=\"CHECKBOX\" NAME=\"bbcode\"><font class=\"pn-normal\">"._BBCODEDISSABLE."</font><br>";
}
echo "<INPUT TYPE=\"CHECKBOX\" NAME=\"smile\"><font class=\"pn-normal\">"._SMILEDISSABLE."</font><br>"
."</TD>"
."</TR>";
}
// Post-Nuke: end
echo "<TR>"
."<TD BGCOLOR=\"$bgcolor2\" colspan=\"2\" ALIGN=\"left\">"
."<INPUT TYPE=\"HIDDEN\" NAME=\"msg_id\" VALUE=\"$msg_id\">"
."<INPUT TYPE=\"SUBMIT\" NAME=\"submit\" VALUE=\""._SUBMIT."\"> ";
if ($reply) {
echo " <INPUT TYPE=\"SUBMIT\" NAME=\"cancel\" VALUE=\""._CANCELREPLY."\">";
} else {
echo " <INPUT TYPE=\"SUBMIT\" NAME=\"cancel\" VALUE=\""._CANCELSEND."\">";
}
echo "</TD>"
."</TR>"
."</TABLE></TD></TR></TABLE>"
."</FORM>"
."<BR>";
}
}
include('footer.php');
?>