Location: PHPKode > projects > raSMP > rasmp/admin/messages.php
<?php

/*******************************************************************

 Name		: raSMP 2.0
 Copyright	: 2002, Adam Alkins
 Website	: http://www.rasmp.com
 email		: hide@address.com
 $Id: messages.php,v 1.14 2003/03/21 01:24:43 rasadam Exp $:

*******************************************************************/

/*******************************************************************

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the 
Free Software Foundation Inc., 59 Temple Place, Suite 330,
Boston, MA  02111-1307  USA

*******************************************************************/

/*

Message Centre

*/

define('RASMP',true);
define('RASMP_ADMIN',true);
define('SCRIPT_PATH','../');
include SCRIPT_PATH.'common/extension.inc';
include SCRIPT_PATH.'common/admin_common.'.FILE_EXT;

global $config;

// Check authentication
check_auth('messages');

function do_header($title)
{
	global $config;
?>
<head>
<title><?php echo $title; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style>
a.menulink:link { COLOR: #FFFFFF; TEXT-DECORATION: none }
a.menulink:visited { COLOR: #FFFFFF; TEXT-DECORATION: none }
a.menulink:hover { COLOR: #666666 }

.copyright {
	font-size: 12px;
	font-color: #000000;
}

a.copyright:link { COLOR: #000000; TEXT-DECORATION: none }
a.copyright:visited { COLOR: #000000; TEXT-DECORATION: none }
a.copyright:hover { COLOR: #000FFF }
</style>
</head>

<body>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td align="left" valign="top"><font color="#666666" size="5"><?php echo stripslashes($config['site_name']); ?></font></td>
    <td align="right" valign="bottom"><font color="#666666" size="5">Message Centre</font></td>
  </tr>
</table>
<table width="95%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC" bgcolor="#333333">
  <tr>
    <td align="center" valign="middle"><font color="#FFFFFF" size="3"><a class="menulink" href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"); ?>">Inbox</a> 
      | <a class="menulink" href="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose"); ?>">Compose Message</a> | <a class="menulink" href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewsent"); ?>">Sentbox</a> | <a class="menulink" href="<?php echo attach_sid("index.".FILE_EXT); ?>">Return to the Index</a></font></td>
  </tr>
</table>
<?php
}

//
// Function to generate list of folders. Isn't as simple as querying the folders table
// as the Outbox and Sendbox table are "Make-Believe"
//
function generate_folder_list()
{
	global $user_data;
?>
        <tr> 
          <td bgcolor="#0033CC"><div align="center"><strong><font color="#FFFFFF">Folders</font></strong></div></td>
        </tr>
        <tr> 
          <td><div align="center"><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"); ?>">Inbox</a><?php 
		  		// Let's query to find the total messages in the Inbox		
				$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE in_folder = 1 AND message_to = ".$user_data['user_id'];
				$numrows = db_fetchassoc('',$query,'Could not get folder stats for Inbox');
				echo '&nbsp;('.$numrows['numrows'].')';
			?></div></td>
        </tr>
        <tr> 
          <td><div align="center"><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=outbox"); ?>">Outbox</a><?php 
		  		// Query to check total for "Outbox", i.e. sent but not read by recipient
		  		$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE message_from = ".$user_data['user_id']." AND is_read = 0 AND in_folder <> -1";
				$numrows = db_fetchassoc('',$query,'Could not get folder stats for Outbox');
				echo '&nbsp;('.$numrows['numrows'].')';
			?></div></td>
        </tr>
        <tr> 
          <td><div align="center"><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewsent"); ?>">Sentbox</a><?php 
		  		// Query to check all messages in sentbox, sent and read		
				$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE message_from = ".$user_data['user_id']." AND in_folder = -1";
				$numrows = db_fetchassoc('',$query,'Could not get folder stats for Sentbox');
				echo '&nbsp;('.$numrows['numrows'].')';
			?></div></td>
        </tr>
<?php
		// Get list of custom folders
		$query = "SELECT folder_id, folder_name FROM ".MFOLDERS_TABLE." WHERE folder_creator = ".$user_data['user_id']." ORDER BY folder_name ASC";
		$result = db_query($query,'Could not select folder list');
		$rows = db_fetchrows($result);
		// If there are custom folders
		if(db_numrows($result)!=0)
		{
?>
        <tr> 
          <td><div align="center">&nbsp;</div></td>
        </tr>
<?php
			for($i=0;$i<count($rows);$i++)
			{
				echo '
        <tr> 
          <td><div align="center"><a href="'.attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=".$rows[$i]['folder_id']).'">'.stripslashes($rows[$i]['folder_name']);
		  		// Count messages in these folders		
				$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE in_folder = ".$rows[$i]['folder_id']." AND message_to = ".$user_data['user_id'];
				$numrows = db_fetchassoc('',$query,'Could not get folder stats for Inbox');
				echo '</a>&nbsp;('.$numrows['numrows'].')';
				echo '</div></td>
        </tr>';
			}
		}
?>
        <tr> 
          <td><div align="center">&nbsp;</div></td>
        </tr>        <tr>
          <td><div align="center"><em><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=createfolder"); ?>">Create New Folder</a></em></div></td>
        </tr>
        <tr>
          <td><div align="center"><em><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=managefolders"); ?>">Manage Your Folders</a></em></div></td>
        </tr>
      </table>
<?php
}

switch($_GET['mode'])
{
	case 'compose':
		if(!isset($_POST['dosend']))
		{
			do_header("Admin Panel >> Messages >> New Message");
?>
<p align="center"><font color="#0033CC" size="5">Compose New Message</font></p>
<form name="form1" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose"); ?>">
  <table width="98%" border="0" align="center" cellpadding="3" cellspacing="0">
    <tr> 
      <td>To:&nbsp; 
      	<select name="user_id" id="user_id">
<?php
			// Generate user list for recipient selection
			$query = "SELECT user_id, user_name FROM ".ACCOUNTS_TABLE." ORDER BY user_name";
			$rowset = db_fetchrows('',$query,'Could not select accounts list');
			
			for($i=0;$i < count($rowset);$i++)
			{
				// If the user was passed in the url, we'll make it selected by default
				if($_GET['user_id']==$rowset[$i]['user_id'])
				{
					echo '<option value="'.$rowset[$i]['user_id'].'" selected>'.stripslashes($rowset[$i]['user_name']).'</option>';
				}
				else
				{
					echo '<option value="'.$rowset[$i]['user_id'].'">'.stripslashes($rowset[$i]['user_name']).'</option>';
				}
			}
?>
        </select></td>
    </tr>
    <tr> 
      <td>Subject:&nbsp; 
        <input name="title" type="text" id="title" size="50" maxlength="255" value="<?php echo htmlentities(urldecode($_GET['title'])); ?>" /></td>
    </tr>
    <tr> 
      <td>Body:<br>
        <textarea name="body" cols="70" rows="10"><?php echo htmlentities(urldecode($_GET['body'])); ?></textarea> </td>
    </tr>
    <tr>
      <td><div align="center">
          <input type="submit" name="dosend" value="Send" />
        </div></td>
    </tr>
  </table>
</form>
<p>&nbsp; </p>
<?php
			display_footer();
		}
		else
		{
			if(!isset($_POST['user_id']))
			{
				redirect_page('No recipient specified',attach_sid("messages.".FILE_EXT."?mode=compose&title=".urlencode($_POST['title'])."&body=".urlencode($_POST['body'])));
			}
			
			$recipient = intval($_POST['user_id']);
			
			// Check to see if the recipient exists
			$query = "SELECT COUNT(*) as numrows FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$recipient;
			$row = db_fetchassoc('',$query,'Could not select account');
			
			if($row['numrows']==0)
			{
				redirect_page('Recipient Invalid',attach_sid("messages.".FILE_EXT."?mode=compose&title=".urlencode($_POST['title'])."&body=".urlencode($_POST['body'])));
			}
			
			if(!isset($_POST['title'])||$_POST['title']==''||$_POST['title']==' '||$_POST['title']=='  ')
			{
				redirect_page('Subject must contain text',attach_sid("messages.".FILE_EXT."?mode=compose&body=".urlencode($_POST['body'])));
			}
			
			if(!isset($_POST['body']))
			{
				redirect_page('Body Invalid',attach_sid("messages.".FILE_EXT."?mode=compose&title=".urlencode($_POST['title'])));
			}
			
			$title = addslashes($_POST['title']);
			$body = addslashes($_POST['body']);
			
			$query = "INSERT INTO ".MESSAGES_TABLE." (message_from, message_to, title, body, is_read, in_folder, date_sent, date_read) VALUES(".$user_data['user_id'].",".$recipient.",'".$title."','".$body."',0,1,".time().",'')";
			db_query($query, 'Could not send message');
			
			$query = "UPDATE ".ACCOUNTS_TABLE." SET message_popup = 1 WHERE user_id = ".$recipient;
			db_query($query, 'Could not update popup flag');
			
			redirect_page('Successfully sent message',attach_sid("messages.".FILE_EXT));
		}
		break;
	case 'createfolder':
		if(!isset($_POST['docreate']))
		{
			do_header("Admin Panel >> Messages >> Create New Folder");
?>
<p>&nbsp;</p>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr> 
    <td bgcolor="#CCCCCC"><div align="center"><strong>Create New Folder</strong></div></td>
  </tr>
  <tr>
    <td><div align="center">
        <form name="form" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=createfolder"); ?>">
          <input name="folder_name" type="text" size="25" maxlength="255" />
      </div></td>
  </tr>
  <tr>
    <td bgcolor="#CCCCCC"><div align="center">
          <input type="submit" name="docreate" value="Create" />
        </form>
      </div></td>
  </tr>
</table>
<p>&nbsp; </p>
<?php
			display_footer();
		}
		else
		{
			if(!isset($_POST['folder_name'])||$_POST['folder_name']==''||$_POST['folder_name']=='Sentbox'||$_POST['folder_name']=='Outbox')
			{
				redirect_page("Folder name invalid",attach_sid("messages.".FILE_EXT."?mode=createfolder"));
			}

			$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_name = '".addslashes(htmlentities($_POST['folder_name']))."' AND ( folder_creator = ".$user_data['user_id']." OR folder_creator = -1)";
			$row = db_fetchassoc('',$query,'Could not look for existing folder');
				
			if($row['numrows']!=0)
			{
				redirect_page('Folder Already Exists',attach_sid("messages.".FILE_EXT."?mode=createfolder"));
			}
			
			// Insert new folder record.. simple
			$query = "INSERT INTO ".MFOLDERS_TABLE." (folder_name, folder_creator) VALUES('".addslashes(htmlentities($_POST['folder_name']))."',".$user_data['user_id'].")";
			db_query($query,'Could not insert new folder');
			
			redirect_page("Folder successfully created",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
		}	
		break;
	case 'delete':
		if(!isset($_GET['m']))
		{
			redirect_page("No message specified",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		$messageid = intval($_GET['m']);
		
		// Let's see if this message exists
		$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE message_to = ".$user_data['user_id']." AND message_id = ".$messageid;
		$row = db_fetchassoc('',$query,'Could not see if message exists');
		
		if($row['numrows']==0)
		{
			redirect_page("Message does not exist",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		// Delete it
		$query = "DELETE FROM ".MESSAGES_TABLE." WHERE message_id = ".$messageid;
		db_query($query,'Could not delete message');
		
		redirect_page("Message successfully deleted",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"),3);
		break;	
	case 'managefolders':
		switch($_GET['action'])
		{
			case 'delete':
				if(!isset($_GET['f']))
				{
					redirect_page("No folder specified",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
				
				$folderid = intval($_GET['f']);

				// Check if folder exists
				$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folderid." AND folder_creator = ".$user_data['user_id'];
				$row = db_fetchassoc('',$query,'Could not select folder info');

				if($row['numrows']==0)
				{
					redirect_page("Folder does not exist",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
				
				// See if there are messages in this folder
				$query = "SELECT COUNT(*) as numrows FROM ".MESSAGES_TABLE." WHERE in_folder = ".$folderid;
				$row = db_fetchassoc('',$query,'Could not select folder info');
				
				// If there aren't we can go ahead and delete the folder
				if($row['numrows']==0)
				{
					$query = "DELETE FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folderid;
					db_query($query,'Could not delete folder');
					
					redirect_page("Folder successfully deleted",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
				
				// From here on, we need to determine where the messages in this folder should
				// go. We give the user the option to delete them or move them to another folder.
				if(!isset($_POST['dodelete']))
				{
					do_header("Admin Panel >> Messages >> Manage Folders >> Delete");
		?>
		<div align="center">
  <p>&nbsp;</p>
  <p>There are messages in this folder. Select a folder to move those messages 
    to or select to delete them. </p>
</div>
<form name="form1" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=managefolders&action=delete&f=".$folderid); ?>">
  <table width="50%" border="0" align="center" cellpadding="0" cellspacing="3">
    <tr>
      <td><div align="center">
          <select name="folder_id">
            <option value="1">Inbox</option>
<?php
					// Get list of folders, except one to be deleted
					$query = "SELECT folder_id, folder_name FROM ".MFOLDERS_TABLE." WHERE folder_creator = ".$user_data['user_id']." AND folder_id <> ".$folderid." ORDER BY folder_name ASC";
					$rowset = db_fetchrows('',$query,'Could not select folder list');
					
					for($i = 0; $i < count($rowset); $i++)
					{
						echo '<option value="'.$rowset[$i]['folder_id'].'">'.stripslashes($rowset[$i]['folder_name']).'</option>';
					}
?>
            <option value="-1">-- Delete Messages --</option>
          </select>
        </div></td>
    </tr>
    <tr>
      <td align="center"><input type="submit" name="dodelete" value="Move" /></td>
    </tr>
  </table>
</form>
<p>&nbsp;</p>
<?php
			
					display_footer();
				}
				else
				{
					if(!isset($_POST['folder_id']))
					{
						redirect_page("No folder selected", attach_sid("messages.".FILE_EXT."?mode=managefolders&action=delete&f=".$folderid));
					}
					
					$movefolderid = intval($_POST['folder_id']);
					
					// If the user decided to actually move it to another custom folder, we need to make
					// sure this custom folder actually exists
					if($movefolderid != 1 && $movefolderid != -1)
					{
						$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$movefolderid." AND folder_creator = ".$user_data['user_id'];
						$row = db_fetchassoc('',$query,'Could not select folder info');
						
						if($row['numrows']==0)
						{ 
							redirect_page("Invalid Folder selected", attach_sid("messages.".FILE_EXT."?mode=managefolders&action=delete&f=".$folderid));
						}
					}
					
					// If the destination folder is the same as the folder to be deleted
					// (Shouldn't happen via the form but incase someone sneaky is trying something)
					if($movefolderid == $folderid)
					{
						redirect_page("Cannot move to the same Folder", attach_sid("messages.".FILE_EXT."?mode=managefolders&action=delete&f=".$folderid));					
					}
					
					// If they specified to delete the message
					if($movefolderid == -1)
					{
						// Zap em
						$query = "DELETE FROM ".MESSAGES_TABLE." WHERE in_folder = ".$folderid;
					}
					else
					{
						// Or just change the folder :P
						$query = "UPDATE ".MESSAGES_TABLE." SET in_folder = ".$movefolderid." WHERE in_folder = ".$folderid;
					}
					
					db_query($query,'Could not update messages');
					
					// And now we can delete this folder
					$query = "DELETE FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folderid;
					db_query($query,'Could not delete folder');
					
					redirect_page("Successfully deleted folder", attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}													
			case 'rename':
				if(!isset($_GET['f']))
				{
					redirect_page("No folder specified",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
				
				$folderid = intval($_GET['f']);
				
				// Does this folder exist?
				$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folderid." AND folder_creator = ".$user_data['user_id'];
				$row = db_fetchassoc('',$query,'Could not select folder info');
				
				if($row['numrows']==0)
				{
					redirect_page("Folder does not exist",attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
				
				$query = "SELECT folder_name FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folderid;
				$data = db_fetchassoc('',$query,'Could not get folder data');
				
				if(!isset($_POST['dorename']))
				{
					do_header("Admin Panel >> Messages >> Manage Folders >> Rename");
?>
		<div align="center">
  <p>&nbsp;</p>
  <p>Change the name of the folder in the box below. Click the rename button to make the changes. (Note: No two folders can have the same name)</p>
</div>
<form name="form1" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=managefolders&action=rename&f=".$folderid); ?>">
  <table width="50%" border="0" align="center" cellpadding="0" cellspacing="3">
    <tr>
      <td><div align="center">
	  <input name="folder_name" type="text" size="25" maxlength="255" value="<?php echo stripslashes($data['folder_name']); ?>" />
        </div></td>
    </tr>
    <tr>
      <td align="center"><input type="submit" name="dorename" value="Rename" /></td>
    </tr>
  </table>
</form>
<p>&nbsp;</p>
<?php
			
					display_footer();
				}
				else
				{
					if(!isset($_POST['folder_name'])||$_POST['folder_name']==''||$_POST['folder_name']=='Sentbox'||$_POST['folder_name']=='Outbox')
					{
						redirect_page('Folder Name Invalid',attach_sid("messages.".FILE_EXT."?mode=managefolders&action=rename&f=".$folderid));
					}
					
					$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_name = '".addslashes(htmlentities($_POST['folder_name']))."' AND ( folder_creator = ".$user_data['user_id']." OR folder_creator = -1) AND folder_id <> ".$folderid;
					$row = db_fetchassoc('',$query,'Could not look for existing folder');
					
					if($row['numrows']!=0)
					{
						redirect_page('Folder Already Exists',attach_sid("messages.".FILE_EXT."?mode=managefolders&action=rename&f=".$folderid));
					}
					
					$query = "UPDATE ".MFOLDERS_TABLE." SET folder_name = '".addslashes(htmlentities($_POST['folder_name']))."' WHERE folder_id = ".$folderid;
					db_query($query,'Could not rename folder');
					
					redirect_page('Folder Renamed Successfully',attach_sid("messages.".FILE_EXT."?mode=managefolders"));
				}
			case 'index':
			default:
				do_header("Admin Panel >> Messages >> Manage Folders");

?>
<p align="center"><font color="#0066CC" size="5">Folder Management</font></p>
<table width="75%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
  <tr>
    <td bgcolor="#0099CC"><strong><font color="#FFFFFF">&nbsp;Folder Name</font></strong></td>
    <td width="65" bgcolor="#0099CC">&nbsp;</td>
    <td width="65" bgcolor="#0099CC">&nbsp;</td>
  </tr>
<?php
				// Get list of custom folders
				$query = "SELECT folder_id, folder_name FROM ".MFOLDERS_TABLE." WHERE folder_id <> 1 AND folder_creator = ".$user_data['user_id']." ORDER BY folder_name";
				$result = db_query($query, 'Could not select folders');
				
				while($row_data = db_fetchassoc($result))
				{
?>
  <tr>
    <td><?php echo stripslashes($row_data['folder_name']); ?></td>
    <td><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=managefolders&action=rename&f=".$row_data['folder_id']); ?>">Rename</a></td>
    <td><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=managefolders&action=delete&f=".$row_data['folder_id']); ?>">Delete</a></td>
  </tr>
<?php
				}
?>
</table>
<div align="center"><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=createfolder"); ?>">Create New Folder</a>
<p>&nbsp;</p>
<?php
				display_footer();
		}
	case 'outbox':
		// Lets get the messages for this fake folder. All message sent and not read will show up
		$query = "SELECT message_id, message_to, title, is_read, date_sent FROM ".MESSAGES_TABLE." WHERE message_from = ".$user_data['user_id']." AND is_read = 0 ORDER BY date_sent ASC";
		$result = db_query($query,'Could not select messages');
		$numrows = db_numrows($result);
		$row_data = db_fetchrows($result);
		do_header("Admin Panel >> Messages >> Outbox");
?>
<p align="center"><font color="#3399CC" size="5"><strong>Outbox</strong></font></p>
<table width="99%" border="0" cellspacing="0" cellpadding="0">
  <tr>
        <td width="20%" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"><?php generate_folder_list(); ?></td>
    <td width="87%" align="center" valign="top"><table width="98%" border="1" cellpadding="0" cellspacing="0" bordercolor="#CBDCED">
        <tr>
          <td bgcolor="#336699"><div align="center"><strong><font color="#FFFF00">Date</font></strong></div></td>
          <td bgcolor="#336699"><div align="center"><strong><font color="#FFFF00">Recipient</font></strong></div></td>
          <td bgcolor="#336699"><div align="center"><strong><font color="#FFFF00">Title</font></strong></div></td>
        </tr>
<?php
		if($numrows==0)
		{
			echo '</table>
      <table width="98%" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td><div align="center"><em>No Messages</em></div></td>
        </tr>
      </table>';
	  	}
		else
		{
			$colour = "#FFFFFF";
			for($i = 0;$i < $numrows;$i++)
			{			
				echo '
       <tr>
          <td bgcolor="'.$colour.'">'.date("M dS, Y g:iA", $row_data[$i]['date_sent']).'</td>
          <td bgcolor="'.$colour.'">';
		  		// Query to get user name from ID
				$query = "SELECT user_name FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$row_data[$i]['message_to'];
				$row = db_fetchassoc('',$query,'Could not select account data');
				
				echo stripslashes($row['user_name']);
				
				echo '		
				</td>
          <td bgcolor="'.$colour.'"><a href="'.attach_sid("messages.".FILE_EXT."?mode=outmessage&m=".$row_data[$i]['message_id']).'">'.stripslashes($row_data[$i]['title']).'</a></td>
        </tr>';
				// Alternating colour of rows
				if($colour == "#FFFFFF")
				{
					$colour = "#80AAD5";
				}
				else
				{
					$colour = "#FFFFFF";
				}
			}
?>
      </table>
<?php
		}
?>
<p><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose"); ?>">Compose New Message</a></p></td>
<?php
		display_footer();
		break;
	case 'outmessage':
		//
		// Outmessage is for editing of messages in the outbox, before they're read
		//
		
		if(!isset($_GET['m']))
		{
			redirect_page("No Message Specified", attach_sid("messages.".FILE_EXT."?mode=outbox"));
		}
		
		$messageid = intval($_GET['m']);
		
		$query = "SELECT message_to, title, body FROM ".MESSAGES_TABLE." WHERE message_id = $messageid AND message_from = ".$user_data['user_id']." AND is_read = 0";
		$result = db_query($query,'Could not select message');
		
		if(db_numrows($result)==0)
		{
			redirect_page("Invalid Message Specified", attach_sid("messages.".FILE_EXT."?mode=outbox"));
		}
			
		$message_data = db_fetchassoc($result);

		// If the person decided to delete the message entirely
		if($_GET['action']=='delete')
		{
			$query = "DELETE FROM ".MESSAGES_TABLE." WHERE message_id = ".$messageid;
			db_query($query, 'Could not delete message');
			
			$query = "SELECT message_popup FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$message_data['message_to'];
			$row = db_fetchassoc('',$query,'Could not check popup column');
			
			// Ok, if the person still has their message popup flagged to popup, we will take
			// it off. I am aware that if the person received a subsequent message, the flag
			// will be removed. But fixing this would mean adding another column, its a minor
			// issue to leave, IMO.
			if($row['message_popup']==1)
			{
				$query = "UPDATE ".ACCOUNTS_TABLE." SET message_popup = 0 WHERE user_id = ".$message_data['message_to'];
				db_query($query,'Could not update accounts table');
			}
			
			redirect_page('Message Successfully Deleted',attach_sid("messages.".FILE_EXT));			
		}
		
		if(isset($_GET['user_id']))
		{
			$message_to = intval($_GET['user_id']);
		}
		else
		{
			$message_to = $message_data['message_to'];
		}
		
		if(isset($_GET['title']))
		{
			$title = htmlentities(urldecode($_GET['title']));
		}
		else
		{
			$title = htmlentities(stripslashes($message_data['title']));
		}
		
		if(isset($_GET['body']))
		{
			$body = htmlentities(urldecode($_GET['body']));
		}
		else
		{
			$body = htmlentities(stripslashes($message_data['body']));
		}	
	
		if(!isset($_POST['doupdate']))
		{
			do_header("Admin Panel >> Messages >> Outbox");
?>
  <p>&nbsp;</p>
<form name="form1" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=outmessage&m=".$messageid); ?>">
  <table width="98%" border="0" align="center" cellpadding="3" cellspacing="0">
    <tr> 
      <td>To:&nbsp; 
      	<select name="user_id" id="user_id">
<?php
			$query = "SELECT user_id, user_name FROM ".ACCOUNTS_TABLE." ORDER BY user_name";
			$rowset = db_fetchrows('',$query,'Could not select accounts list');
			
			for($i=0;$i < count($rowset);$i++)
			{
				if($rowset[$i]['user_id']==$message_to)
				{
					echo '<option value="'.$rowset[$i]['user_id'].'" selected>'.stripslashes($rowset[$i]['user_name']).'</option>';
				}
				else
				{
					echo '<option value="'.$rowset[$i]['user_id'].'">'.stripslashes($rowset[$i]['user_name']).'</option>';				
				}
			}
?>
        </select></td>
    </tr>
    <tr> 
      <td>Subject:&nbsp; 
        <input name="title" type="text" id="title" size="50" maxlength="255" value="<?php echo $title; ?>" /></td>
    </tr>
    <tr> 
      <td>Body:<br>
        <textarea name="body" cols="70" rows="10"><?php echo $body; ?></textarea> </td>
    </tr>
    <tr>
      <td><div align="center">
          <input type="submit" name="doupdate" value="Update Message" />
        </div></td>
    </tr>
  </table>
</form>
<p align="center">(<a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=outmessage&m=$messageid&action=delete"); ?>">Delete this Message</a>)</p></td>
<p>&nbsp; </p>
<?php
			display_footer();
		}
		else
		{
			if(!isset($_POST['user_id']))
			{
				redirect_page('No recipient specified',attach_sid("messages.".FILE_EXT."?mode=outmessage&m=$messageid&title=".urlencode($_POST['title'])."&body=".urlencode($_POST['body'])));
			}
			
			$recipient = intval($_POST['user_id']);
			
			// Validate username
			$query = "SELECT COUNT(*) as numrows FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$recipient;
			$row = db_fetchassoc('',$query,'Could not select account');
			
			if($row['numrows']==0)
			{
				redirect_page('Recipient Invalid',attach_sid("messages.".FILE_EXT."?mode=outmessage&m=$messageid&title=".urlencode($_POST['title'])."&body=".urlencode($_POST['body'])));
			}
			
			if(!isset($_POST['title'])||$_POST['title']==''||$_POST['title']==' '||$_POST['title']=='  ')
			{
				redirect_page('Subject must contain text',attach_sid("messages.".FILE_EXT."?mode=outmessage&m=$messageid&body=".urlencode($_POST['body'])));
			}
			
			if(!isset($_POST['body']))
			{
				redirect_page('Body Invalid',attach_sid("messages.".FILE_EXT."?mode=outmessage&m=$messageid&title=".urlencode($_POST['title'])));
			}
			
			$title = addslashes($_POST['title']);
			$body = addslashes($_POST['body']);
			
			// Update this message
			$query = "UPDATE ".MESSAGES_TABLE." SET message_to = ".$recipient.", title = '".$title."', body = '".$body."', date_sent = ".time()." WHERE message_id = ".$messageid;
			db_query($query, 'Could not update message');
			
			redirect_page('Message Successfully Updated',attach_sid("messages.".FILE_EXT));
		}
		break;
	case 'move':
		if(!isset($_GET['m']))
		{
			redirect_page("No message specified",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		$messageid = intval($_GET['m']);
		
		// Check if message exists
		$query = "SELECT COUNT(*) as numrows, in_folder FROM ".MESSAGES_TABLE." WHERE message_to = ".$user_data['user_id']." AND message_id = ".$messageid." GROUP BY message_id";
		$row = db_fetchassoc('',$query,'Could not see if message exists');
		
		if($row['numrows']==0)
		{
			redirect_page("Message does not exist",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		if(!isset($_POST['fid']))
		{
			redirect_page("Message does not exist",attach_sid("messages.".FILE_EXT."?mode=viewmessage&m=".$messageid));			
		}
		
		$folderid = intval($_POST['fid']);
		
		// If the folder we are moving to is invalid
		if($folderid != 1)
		{
			$query = "SELECT COUNT(*) as numrows FROM ".MFOLDERS_TABLE." WHERE folder_creator = ".$user_data['user_id']." AND folder_id = ".$folderid;
			$data = db_fetchassoc('',$query,'Could not select folder data');
			
			if($data['numrows']==0)
			{
				redirect_page("Destination Folder does not exist",attach_sid("messages.".FILE_EXT."?mode=viewmessage&m=".$messageid));
			}
		}
		
		// If moving to the same folder
		if($row['in_folder']==$folderid)
		{
			redirect_page("Message is already in that folder",attach_sid("messages.".FILE_EXT."?mode=viewmessage&m=".$messageid));
		}
		
		$query = "UPDATE ".MESSAGES_TABLE." SET in_folder = ".$folderid." WHERE message_id = ".$messageid;
		db_query($query,'Could not update message');
		
		redirect_page("Message moved successfully",attach_sid("messages.".FILE_EXT."?mode=viewmessage&m=".$messageid));
		break;
	case 'sentmessage':
		if(!isset($_GET['m']))
		{
			redirect_page("No message specified",attach_sid("messages.".FILE_EXT."?mode=viewsent"));
		}
		
		$messageid = intval($_GET['m']);
		
		$query = "SELECT message_to, title, body, in_folder, date_sent, date_read FROM ".MESSAGES_TABLE." WHERE message_from = ".$user_data['user_id']." AND in_folder = -1 AND message_id = ".$messageid;
		$result = db_query($query, 'Could not select message');
		
		if(db_numrows($result)==0)
		{
			redirect_page("Message does not exist",attach_sid("messages.".FILE_EXT."?mode=viewsent"));
		}
		
		if($_GET['action']=='delete')
		{
			$query = "DELETE FROM ".MESSAGES_TABLE." WHERE message_id = ".$messageid;
			db_query($query, 'Could not delete sent message');
			
			redirect_page("Message Successfully Deleted",attach_sid("messages".FILE_EXT."?mode=viewsent"));
		}
		
		$message_data = db_fetchassoc($result);
		
		do_header("Admin Panel >> Messages >> ".stripslashes($message_data['title']));
?>
<p>&nbsp;</p><p align="center"><font color="#3399CC" size="5"><strong>Sent Message</strong></font></p><table width="98%" border="0" align="center" cellpadding="1" cellspacing="0">
    <tr><td bgcolor="#E4E4E4"><strong>To:</strong></td>
    <td align="center" bgcolor="#E4E4E4"><?php
			$query = "SELECT user_name FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$message_data['message_to'];
			$row = db_fetchassoc('',$query,'Could not select user data');
			
			echo stripslashes($row['user_name']);
	?></td></tr>
  <tr> 
    <td><strong>Date Sent:</strong></td>
    <td align="center"><?php echo date("M dS, Y g:iA", $message_data['date_sent']); ?></td>
  </tr>
  <tr> 
    <td bgcolor="#E4E4E4"><strong>Date Read:</strong></td>
    <td align="center" bgcolor="#E4E4E4"><?php echo date("M dS, Y g:iA", $message_data['date_read']); ?></td>
  </tr>
  <tr> 
    <td><strong>Title:</strong></td>
    <td align="center"><?php echo stripslashes(strip_tags(htmlentities($message_data['title']))); ?></td>
  </tr>
  <tr> 
    <td width="200" bgcolor="#E4E4E4"><strong>Message:</strong></td>
    <td align="left" bgcolor="#E4E4E4"><blockquote><?php echo stripslashes(nl2br(strip_tags(htmlentities($message_data['body'])))); ?></blockquote></td>
  </tr>
</table>
<p align="center"><font size="2">(<a href="<?php echo attach_sid("messages".FILE_EXT."?mode=sentmessage&action=delete&m=".$messageid); ?>">Delete this Message</a></font>)</p>
<p>&nbsp;</p>
<?php
		display_footer();
		break;
	case 'viewmessage':
		if(!isset($_GET['m']))
		{
			redirect_page("No message specified",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		$messageid = intval($_GET['m']);
		
		$query = "SELECT message_from, title, body, is_read, in_folder, date_sent FROM ".MESSAGES_TABLE." WHERE message_to = ".$user_data['user_id']." AND in_folder <> -1 AND message_id = ".$messageid;
		$result = db_query($query, 'Could not select message');
		
		if(db_numrows($result)==0)
		{
			redirect_page("Message does not exist",attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
		}
		
		$message_data = db_fetchassoc($result);
		
		do_header("Admin Panel >> Messages >> ".stripslashes($message_data['title']));
?>
<p>&nbsp;</p><table width="98%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td align="right"><form name="folderlist" method="post" action="<?php echo attach_sid("messages.".FILE_EXT."?mode=move&m=".$messageid); ?>">
        Folder: &nbsp; 
        <select name="fid">
<?php
		// For the Move dropdown box, since the inbox isn't going to be pulled in the query below,
		// if its in the inbox, lets make it selected and display it regardless
		if($message_data['in_folder']==1)
		{
        	echo '<option value="1" selected>Inbox</option>';
		}
		else
		{
        	echo '<option value="1">Inbox</option>';
		}
		
		// Select all custom folders
		$query = "SELECT folder_id, folder_name FROM ".MFOLDERS_TABLE." WHERE folder_creator = ".$user_data['user_id']." ORDER BY folder_name ASC";
		$rowset = db_fetchrows('',$query,'Could not select folder list');
		
		for($i = 0; $i < count($rowset); $i++)
		{
			// If the message is in this folder, make it selected by default
			if($message_data['in_folder'] == $rowset[$i]['folder_id'])
			{
				$selected = ' selected';
			}
			else
			{
				$selected = '';
			}
			
			echo '<option value="'.$rowset[$i]['folder_id'].'"'.$selected.'>'.stripslashes($rowset[$i]['folder_name']).'</option>';
		}
?> 		
        </select>
        <input type="submit" name="Submit" value="Move">
      </form></td>
  </tr>
</table>
<table width="98%" border="0" align="center" cellpadding="1" cellspacing="0">
  <tr> 
    <td width="1%" bgcolor="#E4E4E4"><strong>Date:</strong></td>
    <td width="100%" align="center" bgcolor="#E4E4E4"><?php echo date("M dS, Y g:iA", $message_data['date_sent']); ?></td>
  </tr>
  <tr> 
    <td width="1%"><strong>From:</strong></td>
    <td width="100%" align="center"><?php
			$query = "SELECT user_name FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$message_data['message_from'];
			$row = db_fetchassoc('',$query,'Could not select user data');
			
			echo stripslashes($row['user_name']);
	?></td>
  </tr>
  <tr> 
    <td bgcolor="#E4E4E4"><strong>Title:</strong></td>
    <td align="center" bgcolor="#E4E4E4"><?php echo strip_tags(htmlentities(stripslashes($message_data['title']))); ?></td>
  </tr>
  <tr> 
    <td><strong>Message:</strong></td>
    <td align="left"><blockquote><?php echo stripslashes(nl2br(strip_tags(htmlentities($message_data['body'])))); ?></blockquote></td>
  </tr>
</table>
<table width="98%" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td><div align="center"><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose&user_id=".$message_data['message_from']."&title=".urlencode("RE: ".$message_data['title'])); ?>">Reply to Sender</a> .::. <a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=delete&m=".$messageid); ?>">Delete this message</a></div></td>
  </tr>
</table>
<p>&nbsp; </p>
<?php
		// If the message hasn't been read before, lets mark it as being read, and log the time
		// and create a new message for the sentbox
		if($message_data['is_read'] == 0)
		{
			$query = "UPDATE ".MESSAGES_TABLE." SET is_read = 1, date_read = ".time()." WHERE message_id = ".$messageid;
			db_query($query, 'Could not update message data');
			
			$query = "INSERT INTO ".MESSAGES_TABLE." (message_from, message_to, title, body, is_read, in_folder, date_sent, date_read) VALUES(".$message_data['message_from'].",".$user_data['user_id'].",'".$message_data['title']."','".$message_data['body']."',1,-1,".$message_data['date_sent'].",".time().")";
			db_query($query, 'Could not insert sent message');
		}
		
		display_footer();
		break;
	case 'viewsent':
		if($_GET['action']=='clear')
		{
			$query = "DELETE FROM ".MESSAGES_TABLE." WHERE in_folder = -1 AND message_from = ".$user_data['user_id'];
			db_query($query,'Could not clear messages');
		}
		
		//
		// Messages sent and have been read by the recipient (Fake folder)
		//
		
		$query = "SELECT message_id, message_to, title, is_read, date_sent, date_read FROM ".MESSAGES_TABLE." WHERE message_from = ".$user_data['user_id']." AND in_folder = -1 ORDER BY date_sent ASC";
		$result = db_query($query,'Could not select messages');
		$numrows = db_numrows($result);
		$row_data = db_fetchrows($result);
		do_header("Admin Panel >> Messages >> Sentbox");
?>
<p align="center"><font color="#3399CC" size="5"><strong>Sentbox</strong></font></p>
<table width="99%" border="0" cellspacing="0" cellpadding="0">
  <tr>
        <td width="20%" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"><?php generate_folder_list(); ?></td>
    <td width="87%" align="center" valign="top"><table width="98%" border="1" cellpadding="0" cellspacing="0" bordercolor="#CBDCED">
        <tr>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Date Sent</font></strong></div></td>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Date Read</font></strong></div></td>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Recipient</font></strong></div></td>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Title</font></strong></div></td>
        </tr>
<?php
		if($numrows==0)
		{
			echo '</table>
      <table width="98%" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td><div align="center"><em>No Messages</em></div></td>
        </tr>
      </table>';
	  	}
		else
		{
			$colour = "#FFFFFF";
			for($i = 0;$i < $numrows;$i++)
			{			
				echo '
       <tr>
          <td bgcolor="'.$colour.'">'.date("M dS, Y g:iA", $row_data[$i]['date_sent']).'</td>
          <td bgcolor="'.$colour.'">'.date("M dS, Y g:iA", $row_data[$i]['date_read']).'</td>
          <td bgcolor="'.$colour.'">';
		  		$query = "SELECT user_name FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$row_data[$i]['message_to'];
				$row = db_fetchassoc('',$query,'Could not select account data');
				
				echo stripslashes($row['user_name']);
				
				echo '		
				</td>
          <td bgcolor="'.$colour.'"><a href="'.attach_sid("messages.".FILE_EXT."?mode=sentmessage&m=".$row_data[$i]['message_id']).'">'.strip_tags(htmlentities(stripslashes($row_data[$i]['title']))).'</a></td>
        </tr>';
				// Alternate colour of rows
				if($colour == "#FFFFFF")
				{
					$colour = "#80AAD5";
				}
				else
				{
					$colour = "#FFFFFF";
				}
			}
?>
      </table>
	  <table width="98%" border="0" cellpadding="0" cellspacing="0">
	  <tr><td align="right" valign="top"><font size="2">(<a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewsent&action=clear"); ?>">Clear all messages</a>)</font></td></tr></table>
<?php
		}
?>
<p><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose"); ?>">Compose New Message</a></p></td>
<?php
		display_footer();
		break;
	case 'viewfolder':
	default:
		// If no folderid is specified, assume is inbox... or if its inbox self
		if(!isset($_GET['f'])||$_GET['f']==1)
		{
			$folder = 1;
			$folder_data['folder_name'] = 'Inbox';
			
			if($user_data['message_popup']==1)
			{
				$query = "UPDATE ".ACCOUNTS_TABLE." SET message_popup = 0 WHERE user_id = ".$user_data['user_id'];
				db_query($query, 'Could not update message popup data');
			}
		}
		else
		{
			$folder = intval($_GET['f']);
			// Select the folder
			$query = "SELECT folder_name FROM ".MFOLDERS_TABLE." WHERE folder_id = ".$folder." AND folder_creator = ".$user_data['user_id'];
			$result = db_query($query,'Could not select folder data');
			// If it doesn't exist
			if(db_numrows($result)==0)
			{
				redirect_page('Folder does not exist',attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=1"));
			}
			else
			{
				$folder_data = db_fetchassoc($result);
			}
		}		
		
		if($_GET['action']=='clear')
		{
			$query = "DELETE FROM ".MESSAGES_TABLE." WHERE in_folder = ".$folder." AND message_to = ".$user_data['user_id'];
			db_query($query,'Could not clear messages');
		}
		
		// Select messages within this folder
		$query = "SELECT message_id, message_from, title, is_read, date_sent FROM ".MESSAGES_TABLE." WHERE in_folder = ".$folder." AND message_to = ".$user_data['user_id']." ORDER BY date_sent ASC";
		$result = db_query($query,'Could not select messages');
		$numrows = db_numrows($result);
		$row_data = db_fetchrows($result);	
		do_header("Admin Panel >> Messages >> ".stripslashes($folder_data['folder_name']));
?>
<p align="center"><font color="#3399CC" size="5"><strong><?php echo stripslashes($folder_data['folder_name']); ?></strong></font></p>
<table width="99%" border="0" cellspacing="0" cellpadding="0">
  <tr>
        <td width="20%" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"><?php generate_folder_list(); ?></td>
    <td width="87%" align="center" valign="top"><table width="98%" border="1" cellpadding="0" cellspacing="0" bordercolor="#CBDCED">
        <tr>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Date</font></strong></div></td>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Sender</font></strong></div></td>
          <td bgcolor="#336699" valign="top"><div align="center"><strong><font color="#FFFF00">Title</font></strong></div></td>
        </tr>
<?php
		// If there are no messages
		if($numrows==0)
		{
			echo '</table>
      <table width="98%" border="0" cellspacing="0" cellpadding="0">
        <tr>
          <td><div align="center"><em>No Messages</em></div></td>
        </tr>
      </table>';
	  	}
		else
		{
			$colour = "#FFFFFF";
			for($i = 0;$i < $numrows;$i++)
			{
				// If a message hasn't been read, lets bold it
				if($row_data[$i]['is_read']==0)
				{
					$st = "<strong>";
					$stn = "</strong>";
				}
				else
				{
					$st = '';
					$stn = '';
				}
				
				echo '
       <tr>
          <td bgcolor="'.$colour.'">'.$st.date("M dS, Y g:iA", $row_data[$i]['date_sent']).$stn.'</td>
          <td bgcolor="'.$colour.'">';
		  		$query = "SELECT user_name FROM ".ACCOUNTS_TABLE." WHERE user_id = ".$row_data[$i]['message_from'];
				$row = db_fetchassoc('',$query,'Could not select account data');
				
				echo $st.stripslashes($row['user_name']).$stn;
				
				echo '		
				</td>
          <td bgcolor="'.$colour.'">'.$st.'<a href="'.attach_sid("messages.".FILE_EXT."?mode=viewmessage&m=".$row_data[$i]['message_id']).'">'.strip_tags(htmlentities(stripslashes($row_data[$i]['title']))).'</a>'.$stn.'</td>
        </tr>';
				// Alternate colour of rows
				if($colour == "#FFFFFF")
				{
					$colour = "#80AAD5";
				}
				else
				{
					$colour = "#FFFFFF";
				}
			}
?>
      </table>
	  <table width="98%" border="0" cellpadding="0" cellspacing="0">
	  <tr><td align="right" valign="top"><font size="2">(<a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=viewfolder&f=".$folder."&action=clear"); ?>">Clear all messages</a>)</font></td></tr></table>
<?php
		}
?>
<p><a href="<?php echo attach_sid("messages.".FILE_EXT."?mode=compose"); ?>">Compose New Message</a></p></td>
<?php
		display_footer();	
}

?>
Return current item: raSMP