0x1949 Team - FAZEMRX - MANAGER
Edit File: ucp_pm_viewfolder.php
<?php /** * * This file is part of the phpBB Forum Software package. * * @copyright (c) phpBB Limited <https://www.phpbb.com> * @license GNU General Public License, version 2 (GPL-2.0) * * For full copyright and license information, please see * the docs/CREDITS.txt file. * */ /** * @ignore */ if (!defined('IN_PHPBB')) { exit; } /** * View message folder * Called from ucp_pm with mode == 'view' && action == 'view_folder' */ function view_folder($id, $mode, $folder_id, $folder) { global $user, $template, $auth, $db, $cache, $request; global $phpbb_root_path, $config, $phpEx; $submit_export = (isset($_POST['submit_export'])) ? true : false; $folder_info = get_pm_from($folder_id, $folder, $user->data['user_id']); add_form_key('ucp_pm_view'); if (!$submit_export) { $user->add_lang('viewforum'); // Grab icons $icons = $cache->obtain_icons(); $color_rows = array('message_reported', 'marked', 'replied'); $_module = new p_master(); $_module->list_modules('ucp'); $_module->set_active('zebra'); $zebra_enabled = ($_module->active_module === false) ? false : true; unset($_module); if ($zebra_enabled) { $color_rows = array_merge($color_rows, array('friend', 'foe')); } foreach ($color_rows as $var) { $template->assign_block_vars('pm_colour_info', array( 'IMG' => $user->img("pm_{$var}", ''), 'CLASS' => "pm_{$var}_colour", 'LANG' => $user->lang[strtoupper($var) . '_MESSAGE']) ); } $mark_options = array('mark_important', 'delete_marked'); // Minimise edits if (!$auth->acl_get('u_pm_delete') && $key = array_search('delete_marked', $mark_options)) { unset($mark_options[$key]); } $s_mark_options = ''; foreach ($mark_options as $mark_option) { $s_mark_options .= '<option value="' . $mark_option . '">' . $user->lang[strtoupper($mark_option)] . '</option>'; } // We do the folder moving options here too, for template authors to use... $s_folder_move_options = ''; if ($folder_id != PRIVMSGS_NO_BOX && $folder_id != PRIVMSGS_OUTBOX) { foreach ($folder as $f_id => $folder_ary) { if ($f_id == PRIVMSGS_OUTBOX || $f_id == PRIVMSGS_SENTBOX || $f_id == $folder_id) { continue; } $s_folder_move_options .= '<option' . (($f_id != PRIVMSGS_INBOX) ? ' class="sep"' : '') . ' value="' . $f_id . '">'; $s_folder_move_options .= sprintf($user->lang['MOVE_MARKED_TO_FOLDER'], $folder_ary['folder_name']); $s_folder_move_options .= (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>'; } } $friend = $foe = array(); // Get friends and foes $sql = 'SELECT * FROM ' . ZEBRA_TABLE . ' WHERE user_id = ' . $user->data['user_id']; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $friend[$row['zebra_id']] = $row['friend']; $foe[$row['zebra_id']] = $row['foe']; } $db->sql_freeresult($result); $template->assign_vars(array( 'S_MARK_OPTIONS' => $s_mark_options, 'S_MOVE_MARKED_OPTIONS' => $s_folder_move_options) ); // Okay, lets dump out the page ... if (count($folder_info['pm_list'])) { $address_list = array(); // Build Recipient List if in outbox/sentbox - max two additional queries if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { $address_list = get_recipient_strings($folder_info['rowset']); } foreach ($folder_info['pm_list'] as $message_id) { $row = &$folder_info['rowset'][$message_id]; $folder_img = ($row['pm_unread']) ? 'pm_unread' : 'pm_read'; $folder_alt = ($row['pm_unread']) ? 'NEW_MESSAGES' : 'NO_NEW_MESSAGES'; // Generate all URIs ... $view_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=view&f=$folder_id&p=$message_id"); $remove_message_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=$id&mode=compose&action=delete&p=$message_id"); $row_indicator = ''; foreach ($color_rows as $var) { if (($var !== 'friend' && $var !== 'foe' && $row[($var === 'message_reported') ? $var : "pm_{$var}"]) || (($var === 'friend' || $var === 'foe') && isset(${$var}[$row['author_id']]) && ${$var}[$row['author_id']])) { $row_indicator = $var; break; } } // Send vars to template $template->assign_block_vars('messagerow', array( 'PM_CLASS' => ($row_indicator) ? 'pm_' . $row_indicator . '_colour' : '', 'MESSAGE_AUTHOR_FULL' => get_username_string('full', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $row['author_id'], $row['username'], $row['user_colour'], $row['username']), 'FOLDER_ID' => $folder_id, 'MESSAGE_ID' => $message_id, 'SENT_TIME' => $user->format_date($row['message_time']), 'SUBJECT' => censor_text($row['message_subject']), 'FOLDER' => (isset($folder[$row['folder_id']])) ? $folder[$row['folder_id']]['folder_name'] : '', 'U_FOLDER' => (isset($folder[$row['folder_id']])) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'folder=' . $row['folder_id']) : '', 'PM_ICON_IMG' => (!empty($icons[$row['icon_id']])) ? '<img src="' . $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] . '" width="' . $icons[$row['icon_id']]['width'] . '" height="' . $icons[$row['icon_id']]['height'] . '" alt="" title="" />' : '', 'PM_ICON_URL' => (!empty($icons[$row['icon_id']])) ? $config['icons_path'] . '/' . $icons[$row['icon_id']]['img'] : '', 'FOLDER_IMG' => $user->img($folder_img, $folder_alt), 'FOLDER_IMG_STYLE' => $folder_img, 'PM_IMG' => ($row_indicator) ? $user->img('pm_' . $row_indicator, '') : '', 'ATTACH_ICON_IMG' => ($auth->acl_get('u_pm_download') && $row['message_attachment'] && $config['allow_pm_attach']) ? $user->img('icon_topic_attach', $user->lang['TOTAL_ATTACHMENTS']) : '', 'S_PM_UNREAD' => ($row['pm_unread']) ? true : false, 'S_PM_DELETED' => ($row['pm_deleted']) ? true : false, 'S_PM_REPORTED' => (isset($row['report_id'])) ? true : false, 'S_AUTHOR_DELETED' => ($row['author_id'] == ANONYMOUS) ? true : false, 'U_VIEW_PM' => ($row['pm_deleted']) ? '' : $view_message_url, 'U_REMOVE_PM' => ($row['pm_deleted']) ? $remove_message_url : '', 'U_MCP_REPORT' => (isset($row['report_id'])) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $row['report_id']) : '', 'RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? implode($user->lang['COMMA_SEPARATOR'], $address_list[$message_id]) : '') ); } unset($folder_info['rowset']); $template->assign_vars(array( 'S_SHOW_RECIPIENTS' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? true : false, 'S_SHOW_COLOUR_LEGEND' => true, 'REPORTED_IMG' => $user->img('icon_topic_reported', 'PM_REPORTED'), 'S_PM_ICONS' => ($config['enable_pm_icons']) ? true : false) ); } } else { $export_type = $request->variable('export_option', ''); $enclosure = $request->variable('enclosure', ''); $delimiter = $request->variable('delimiter', ''); if (!check_form_key('ucp_pm_view')) { trigger_error('FORM_INVALID'); } if ($export_type == 'CSV' && ($delimiter === '' || $enclosure === '')) { $template->assign_var('PROMPT', true); } else { // Build Recipient List if in outbox/sentbox $address_temp = $address = $data = array(); if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { foreach ($folder_info['rowset'] as $message_id => $row) { $address_temp[$message_id] = rebuild_header(array('to' => $row['to_address'], 'bcc' => $row['bcc_address'])); $address[$message_id] = array(); } } foreach ($folder_info['pm_list'] as $message_id) { $row = &$folder_info['rowset'][$message_id]; include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx); $sql = 'SELECT p.message_text, p.bbcode_uid FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u WHERE t.user_id = ' . $user->data['user_id'] . " AND p.author_id = u.user_id AND t.folder_id = $folder_id AND t.msg_id = p.msg_id AND p.msg_id = $message_id"; $result = $db->sql_query_limit($sql, 1); $message_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); $_types = array('u', 'g'); foreach ($_types as $ug_type) { if (isset($address_temp[$message_id][$ug_type]) && count($address_temp[$message_id][$ug_type])) { if (!isset($address[$message_id][$ug_type])) { $address[$message_id][$ug_type] = array(); } if ($ug_type == 'u') { $sql = 'SELECT user_id as id, username as name FROM ' . USERS_TABLE . ' WHERE '; } else { $sql = 'SELECT group_id as id, group_name as name FROM ' . GROUPS_TABLE . ' WHERE '; } $sql .= $db->sql_in_set(($ug_type == 'u') ? 'user_id' : 'group_id', array_map('intval', array_keys($address_temp[$message_id][$ug_type]))); $result = $db->sql_query($sql); while ($info_row = $db->sql_fetchrow($result)) { $address[$message_id][$ug_type][$address_temp[$message_id][$ug_type][$info_row['id']]][] = $info_row['name']; unset($address_temp[$message_id][$ug_type][$info_row['id']]); } $db->sql_freeresult($result); } } // There is the chance that all recipients of the message got deleted. To avoid creating // exports without recipients, we add a bogus "undisclosed recipient". if (!(isset($address[$message_id]['g']) && count($address[$message_id]['g'])) && !(isset($address[$message_id]['u']) && count($address[$message_id]['u']))) { $address[$message_id]['u'] = array(); $address[$message_id]['u']['to'] = array(); $address[$message_id]['u']['to'][] = $user->lang['UNDISCLOSED_RECIPIENT']; } decode_message($message_row['message_text'], $message_row['bbcode_uid']); $data[] = array( 'subject' => censor_text($row['message_subject']), 'sender' => $row['username'], // ISO 8601 date. For PHP4 we are able to hardcode the timezone because $user->format_date() does not set it. 'date' => $user->format_date($row['message_time'], 'c', true), 'to' => ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) ? $address[$message_id] : '', 'message' => $message_row['message_text'] ); } switch ($export_type) { case 'CSV': case 'CSV_EXCEL': $mimetype = 'text/csv'; $filetype = 'csv'; if ($export_type == 'CSV_EXCEL') { $enclosure = '"'; $delimiter = ','; $newline = "\r\n"; } else { $newline = "\n"; } $string = ''; foreach ($data as $value) { $recipients = $value['to']; $value['to'] = $value['bcc'] = ''; if (is_array($recipients)) { foreach ($recipients as $values) { $value['bcc'] .= (isset($values['bcc']) && is_array($values['bcc'])) ? ',' . implode(',', $values['bcc']) : ''; $value['to'] .= (isset($values['to']) && is_array($values['to'])) ? ',' . implode(',', $values['to']) : ''; } // Remove the commas which will appear before the first entry. $value['to'] = substr($value['to'], 1); $value['bcc'] = substr($value['bcc'], 1); } foreach ($value as $tag => $text) { $cell = str_replace($enclosure, $enclosure . $enclosure, $text); if (strpos($cell, $enclosure) !== false || strpos($cell, $delimiter) !== false || strpos($cell, $newline) !== false) { $string .= $enclosure . $text . $enclosure . $delimiter; } else { $string .= $cell . $delimiter; } } $string = substr($string, 0, -1) . $newline; } break; case 'XML': $mimetype = 'application/xml'; $filetype = 'xml'; $string = '<?xml version="1.0"?>' . "\n"; $string .= "<phpbb>\n"; foreach ($data as $value) { $string .= "\t<privmsg>\n"; if (is_array($value['to'])) { foreach ($value['to'] as $key => $values) { foreach ($values as $type => $types) { foreach ($types as $name) { $string .= "\t\t<recipient type=\"$type\" status=\"$key\">$name</recipient>\n"; } } } } unset($value['to']); foreach ($value as $tag => $text) { $string .= "\t\t<$tag>$text</$tag>\n"; } $string .= "\t</privmsg>\n"; } $string .= '</phpbb>'; break; } header('Cache-Control: private, no-cache'); header("Content-Type: $mimetype; name=\"data.$filetype\""); header("Content-disposition: attachment; filename=data.$filetype"); echo $string; exit; } } } /** * Get Messages from folder/user */ function get_pm_from($folder_id, $folder, $user_id) { global $user, $db, $template, $config, $auth, $phpbb_container, $phpbb_root_path, $phpEx, $request, $phpbb_dispatcher; $start = $request->variable('start', 0); // Additional vars later, pm ordering is mostly different from post ordering. :/ $sort_days = $request->variable('st', 0); $sort_key = $request->variable('sk', 't'); $sort_dir = $request->variable('sd', 'd'); /* @var $pagination \phpbb\pagination */ $pagination = $phpbb_container->get('pagination'); // PM ordering options $limit_days = array(0 => $user->lang['ALL_MESSAGES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']); // No sort by Author for sentbox/outbox (already only author available) // Also, sort by msg_id for the time - private messages are not as prone to errors as posts are. if ($folder_id == PRIVMSGS_OUTBOX || $folder_id == PRIVMSGS_SENTBOX) { $sort_by_text = array('t' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); $sort_by_sql = array('t' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); } else { $sort_by_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']); $sort_by_sql = array('a' => array('u.username_clean', 'p.message_time'), 't' => 'p.message_time', 's' => array('p.message_subject', 'p.message_time')); } $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = ''; gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param); $folder_sql = 't.folder_id = ' . (int) $folder_id; // Limit pms to certain time frame, obtain correct pm count if ($sort_days) { $min_post_time = time() - ($sort_days * 86400); if (isset($_POST['sort'])) { $start = 0; } $sql = 'SELECT COUNT(t.msg_id) AS pm_count FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . " p WHERE $folder_sql AND t.user_id = $user_id AND t.msg_id = p.msg_id AND p.message_time >= $min_post_time"; $result = $db->sql_query_limit($sql, 1); $pm_count = (int) $db->sql_fetchfield('pm_count'); $db->sql_freeresult($result); $sql_limit_time = "AND p.message_time >= $min_post_time"; } else { $pm_count = (!empty($folder[$folder_id]['num_messages'])) ? $folder[$folder_id]['num_messages'] : 0; $sql_limit_time = ''; } $base_url = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id&$u_sort_param"); $start = $pagination->validate_start($start, $config['topics_per_page'], $pm_count); $pagination->generate_template_pagination($base_url, 'pagination', 'start', $pm_count, $config['topics_per_page'], $start); $template_vars = array( 'TOTAL_MESSAGES' => $user->lang('VIEW_PM_MESSAGES', (int) $pm_count), 'POST_IMG' => (!$auth->acl_get('u_sendpm')) ? $user->img('button_topic_locked', 'POST_PM_LOCKED') : $user->img('button_pm_new', 'POST_NEW_PM'), 'S_NO_AUTH_SEND_MESSAGE' => !$auth->acl_get('u_sendpm'), 'S_SELECT_SORT_DIR' => $s_sort_dir, 'S_SELECT_SORT_KEY' => $s_sort_key, 'S_SELECT_SORT_DAYS' => $s_limit_days, 'S_TOPIC_ICONS' => ($config['enable_pm_icons']) ? true : false, 'U_POST_NEW_TOPIC' => ($auth->acl_get('u_sendpm')) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose') : '', 'S_PM_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&mode=view&action=view_folder&f=$folder_id" . (($start !== 0) ? "&start=$start" : '')), ); /** * Modify template variables before they are assigned * * @event core.ucp_pm_view_folder_get_pm_from_template * @var int folder_id Folder ID * @var array folder Folder data * @var int user_id User ID * @var string base_url Pagination base URL * @var int start Pagination start * @var int pm_count Count of PMs * @var array template_vars Template variables to be assigned * @since 3.1.11-RC1 */ $vars = array( 'folder_id', 'folder', 'user_id', 'base_url', 'start', 'pm_count', 'template_vars', ); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_folder_get_pm_from_template', compact($vars))); $template->assign_vars($template_vars); // Grab all pm data $rowset = $pm_list = array(); // If the user is trying to reach late pages, start searching from the end $store_reverse = false; $sql_limit = $config['topics_per_page']; if ($start > $pm_count / 2) { $store_reverse = true; // Select the sort order $direction = ($sort_dir == 'd') ? 'ASC' : 'DESC'; $sql_limit = $pagination->reverse_limit($start, $sql_limit, $pm_count); $sql_start = $pagination->reverse_start($start, $sql_limit, $pm_count); } else { // Select the sort order $direction = ($sort_dir == 'd') ? 'DESC' : 'ASC'; $sql_start = $start; } // Sql sort order if (is_array($sort_by_sql[$sort_key])) { $sql_sort_order = implode(' ' . $direction . ', ', $sort_by_sql[$sort_key]) . ' ' . $direction; } else { $sql_sort_order = $sort_by_sql[$sort_key] . ' ' . $direction; } $sql_ary = array( 'SELECT' => 't.*, p.root_level, p.message_time, p.message_subject, p.icon_id, p.to_address, p.message_attachment, p.bcc_address, u.username, u.username_clean, u.user_colour, p.message_reported', 'FROM' => array( PRIVMSGS_TO_TABLE => 't', PRIVMSGS_TABLE => 'p', USERS_TABLE => 'u', ), 'WHERE' => "t.user_id = $user_id AND p.author_id = u.user_id AND $folder_sql AND t.msg_id = p.msg_id $sql_limit_time", 'ORDER_BY' => $sql_sort_order, ); /** * Modify SQL before it is executed * * @event core.ucp_pm_view_folder_get_pm_from_sql * @var array sql_ary SQL array * @var int sql_limit SQL limit * @var int sql_start SQL start * @since 3.1.11-RC1 */ $vars = array( 'sql_ary', 'sql_limit', 'sql_start', ); extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_folder_get_pm_from_sql', compact($vars))); $result = $db->sql_query_limit($db->sql_build_query('SELECT', $sql_ary), $sql_limit, $sql_start); $pm_reported = array(); while ($row = $db->sql_fetchrow($result)) { $rowset[$row['msg_id']] = $row; $pm_list[] = $row['msg_id']; if ($row['message_reported']) { $pm_reported[] = $row['msg_id']; } } $db->sql_freeresult($result); // Fetch the report_ids, if there are any reported pms. if (!empty($pm_reported) && $auth->acl_getf_global('m_report')) { $sql = 'SELECT pm_id, report_id FROM ' . REPORTS_TABLE . ' WHERE report_closed = 0 AND ' . $db->sql_in_set('pm_id', $pm_reported); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $rowset[$row['pm_id']]['report_id'] = $row['report_id']; } $db->sql_freeresult($result); } $pm_list = ($store_reverse) ? array_reverse($pm_list) : $pm_list; return array( 'pm_count' => $pm_count, 'pm_list' => $pm_list, 'rowset' => $rowset ); }