Beehive PHP Cross Reference Discussion Forums

Source: /lpm_write.php - 570 lines - 17539 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Bootstrap
  25  require_once  'lboot.php';
  26  
  27  // Required includes
  28  require_once  BH_INCLUDE_PATH . 'attachments.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'email.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'emoticons.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'fixhtml.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  35  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  36  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  37  require_once  BH_INCLUDE_PATH . 'light.inc.php';
  38  require_once  BH_INCLUDE_PATH . 'messages.inc.php';
  39  require_once  BH_INCLUDE_PATH . 'pm.inc.php';
  40  require_once  BH_INCLUDE_PATH . 'post.inc.php';
  41  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  42  require_once  BH_INCLUDE_PATH . 'thread.inc.php';
  43  require_once  BH_INCLUDE_PATH . 'user.inc.php';
  44  // End Required includes
  45  
  46  if (!session::logged_in()) {
  47      light_html_guest_error();
  48  }
  49  
  50  pm_enabled();
  51  
  52  $page_prefs = session::get_post_page_prefs();
  53  
  54  pm_user_prune_folders($_SESSION['UID']);
  55  
  56  $reply_mid = null;
  57  
  58  $forward_mid = null;
  59  
  60  $edit_mid = null;
  61  
  62  $to_logon_array = null;
  63  
  64  $subject = null;
  65  
  66  $reply_all = false;
  67  
  68  if (isset($_GET['reply_to']) && is_numeric($_GET['reply_to'])) {
  69  
  70      $reply_mid = $_GET['reply_to'];
  71  
  72  } else if (isset($_POST['reply_to']) && is_numeric($_POST['reply_to'])) {
  73  
  74      $reply_mid = $_POST['reply_to'];
  75  
  76  } else if (isset($_GET['replyall']) && is_numeric($_GET['replyall'])) {
  77  
  78      $reply_mid = $_GET['replyall'];
  79  
  80      $reply_all = true;
  81  
  82  } else if (isset($_POST['replyall']) && is_numeric($_POST['replyall'])) {
  83  
  84      $reply_mid = $_POST['replyall'];
  85  
  86      $reply_all = true;
  87  
  88  } else if (isset($_GET['fwdmsg']) && is_numeric($_GET['fwdmsg'])) {
  89  
  90      $forward_mid = $_GET['fwdmsg'];
  91  
  92  } else if (isset($_POST['fwdmsg']) && is_numeric($_POST['fwdmsg'])) {
  93  
  94      $forward_mid = $_POST['fwdmsg'];
  95  
  96  } else if (isset($_GET['editmsg']) && is_numeric($_GET['editmsg'])) {
  97  
  98      $edit_mid = $_GET['editmsg'];
  99  
 100  } else if (isset($_POST['editmsg']) && is_numeric($_POST['editmsg'])) {
 101  
 102      $edit_mid = $_POST['editmsg'];
 103  }
 104  
 105  if (isset($_GET['msg']) && validate_msg($_GET['msg'])) {
 106  
 107      list($tid, $pid) = explode('.', $_GET['msg']);
 108  
 109      if (is_numeric($tid) && is_numeric($pid)) {
 110  
 111          if (($thread_data = thread_get($tid)) !== false) {
 112  
 113              $thread_title = trim($thread_data['TITLE']);
 114              $thread_index = "[$tid.$pid]";
 115  
 116              if (mb_strlen($thread_title) > (55 - mb_strlen($thread_index))) {
 117                  $thread_title = mb_substr($thread_title, 0, (55 - mb_strlen($thread_index))) . '...';
 118              }
 119  
 120              $subject = "RE:$thread_title $thread_index";
 121          }
 122      }
 123  }
 124  
 125  if (isset($_POST['return_msg']) && validate_msg($_POST['return_msg'])) {
 126      $return_msg = $_POST['return_msg'];
 127  } else if (isset($_GET['return_msg']) && validate_msg($_GET['return_msg'])) {
 128      $return_msg = $_GET['return_msg'];
 129  }
 130  
 131  $valid = true;
 132  
 133  $error_msg_array = array();
 134  
 135  if (isset($_POST['attachment']) && is_array($_POST['attachment'])) {
 136      $attachments = array_filter($_POST['attachment'], 'is_md5');
 137  } else {
 138      $attachments = array();
 139  }
 140  
 141  if (isset($_POST['emots_toggle'])) {
 142  
 143      if (isset($_POST['subject']) && strlen(trim($_POST['subject'])) > 0) {
 144          $subject = trim($_POST['subject']);
 145      }
 146  
 147      if (isset($_POST['content']) && strlen(trim($_POST['content'])) > 0) {
 148          $content = nl2br(fix_html(emoticons_strip($_POST['content'])));
 149      }
 150  
 151      if (isset($_POST['to_logon']) && strlen(trim($_POST['to_logon'])) > 0) {
 152          $to_logon = trim($_POST['to_logon'], ', ');
 153      } else {
 154          $to_logon = '';
 155      }
 156  
 157      $page_prefs = (double)$page_prefs ^ POST_EMOTICONS_DISPLAY;
 158  
 159      $user_prefs = array(
 160          'POST_PAGE' => $page_prefs
 161      );
 162  
 163      if (!user_update_prefs($_SESSION['UID'], $user_prefs)) {
 164  
 165          $error_msg_array[] = gettext("Some or all of your user account details could not be updated. Please try again later.");
 166          $valid = false;
 167      }
 168  }
 169  
 170  if (isset($_POST['send']) || isset($_POST['preview']) || isset($_POST['save'])) {
 171  
 172      if (isset($_POST['subject']) && strlen(trim($_POST['subject'])) > 0) {
 173  
 174          $subject = trim($_POST['subject']);
 175  
 176      } else {
 177  
 178          $error_msg_array[] = gettext("Enter a subject for the message");
 179          $valid = false;
 180      }
 181  
 182      if (isset($_POST['content']) && strlen(trim($_POST['content'])) > 0) {
 183  
 184          $content = nl2br(fix_html(emoticons_strip($_POST['content'])));
 185  
 186      } else {
 187  
 188          $error_msg_array[] = gettext("Enter some content for the message");
 189          $valid = false;
 190      }
 191  
 192      if (isset($reply_mid) && is_numeric($reply_mid) && $reply_mid > 0) {
 193  
 194          if (($pm_data = pm_message_get($reply_mid)) !== false) {
 195  
 196              $pm_data['CONTENT'] = pm_get_content($reply_mid);
 197  
 198          } else {
 199  
 200              light_pm_error_refuse();
 201          }
 202      }
 203  
 204      if (isset($_POST['to_logon']) && strlen(trim($_POST['to_logon'])) > 0) {
 205  
 206          $to_logon_array = preg_split('/,\s*/u', trim($_POST['to_logon'], ', '));
 207  
 208          $to_logon_array = array_filter(array_map('trim', $to_logon_array), 'strlen');
 209  
 210          foreach ($to_logon_array as $key => $recipient) {
 211  
 212              $to_logon = trim($recipient);
 213  
 214              unset($to_logon_array[$key]);
 215  
 216              if (($to_user = user_get_by_logon($to_logon)) !== false) {
 217  
 218                  $peer_relationship = user_get_peer_relationship($to_user['UID'], $_SESSION['UID']);
 219  
 220                  $to_logon_array[$to_user['UID']] = array(
 221                      'UID' => $to_user['UID'],
 222                      'LOGON' => $to_user['LOGON'],
 223                      'NICKNAME' => $to_user['NICKNAME']
 224                  );
 225  
 226                  if (((($peer_relationship & USER_BLOCK_PM) == 0) && user_allow_pm($to_user['UID'])) || session::check_perm(USER_PERM_FOLDER_MODERATE, 0)) {
 227  
 228                      pm_user_prune_folders($_SESSION['UID']);
 229  
 230                      if (pm_get_free_space($_SESSION['UID']) < sizeof($to_logon_array)) {
 231  
 232                          $error_msg_array[] = gettext("You do not have enough free space to send this message.");
 233                          $valid = false;
 234                      }
 235  
 236                  } else {
 237  
 238                      $error_msg_array[] = sprintf(gettext("%s has opted out of receiving personal messages"), $to_logon);
 239                      $valid = false;
 240                  }
 241  
 242              } else {
 243  
 244                  $error_msg_array[] = sprintf(gettext("User %s not found"), $to_logon);
 245                  $valid = false;
 246              }
 247          }
 248  
 249          $to_logon = implode(', ', array_map('user_get_logon_callback', $to_logon_array));
 250  
 251          if ($valid && sizeof($to_logon_array) > 10) {
 252  
 253              $error_msg_array[] = gettext("There is a limit of 10 recipients per message. Please amend your recipient list.");
 254              $valid = false;
 255          }
 256  
 257          if ($valid && sizeof($to_logon_array) < 1) {
 258  
 259              $error_msg_array[] = gettext("You must specify at least one recipient.");
 260              $valid = false;
 261          }
 262  
 263      } else {
 264  
 265          $error_msg_array[] = gettext("You must specify at least one recipient.");
 266          $valid = false;
 267      }
 268  
 269  } else if (isset($reply_mid) && is_numeric($reply_mid) && $reply_mid > 0) {
 270  
 271      if (($pm_data = pm_message_get($reply_mid)) !== false) {
 272  
 273          $pm_data['CONTENT'] = pm_get_content($reply_mid);
 274  
 275          $subject = preg_replace('/^(RE:)?/iu', 'RE:', $pm_data['SUBJECT']);
 276  
 277          $to_logon_array[$pm_data['FROM_UID']] = array(
 278              'UID' => $pm_data['FROM_UID'],
 279              'LOGON' => $pm_data['FROM_LOGON'],
 280              'NICKNAME' => $pm_data['FROM_NICKNAME']
 281          );
 282  
 283          if ($reply_all && isset($pm_data['RECIPIENTS']) && sizeof($pm_data['RECIPIENTS']) > 0) {
 284  
 285              foreach ($pm_data['RECIPIENTS'] as $recipient) {
 286                  $to_logon_array[$recipient['UID']] = $recipient;
 287              }
 288          }
 289  
 290          $to_logon = implode(', ', array_map('user_get_logon_callback', $to_logon_array));
 291  
 292          if (isset($_SESSION['PM_INCLUDE_REPLY']) && ($_SESSION['PM_INCLUDE_REPLY'] == 'Y')) {
 293  
 294              $message_author = htmlentities_array(format_user_name($pm_data['FROM_LOGON'], $pm_data['FROM_NICKNAME']));
 295  
 296              $content = sprintf(
 297                  '<div class="quotetext"><b>%s:</b> %s</div>
 298                   <div class="quote">%s</div><p>&nbsp;</p>',
 299                  gettext('quote'),
 300                  $message_author,
 301                  fix_html($pm_data['CONTENT'])
 302              );
 303          }
 304  
 305      } else {
 306  
 307          light_pm_error_refuse();
 308      }
 309  
 310  } else if (isset($forward_mid) && is_numeric($forward_mid) && $forward_mid > 0) {
 311  
 312      if (($pm_data = pm_message_get($forward_mid)) !== false) {
 313  
 314          $pm_data['CONTENT'] = pm_get_content($forward_mid);
 315  
 316          $subject = preg_replace('/^(FWD:)?/iu', 'FWD:', $pm_data['SUBJECT']);
 317  
 318          $message_author = htmlentities_array(format_user_name($pm_data['FROM_LOGON'], $pm_data['FROM_NICKNAME']));
 319  
 320          $content = fix_html($pm_data['CONTENT']);
 321  
 322          $attachments = $pm_data['ATTACHMENTS'];
 323  
 324      } else {
 325  
 326          light_pm_error_refuse();
 327      }
 328  
 329  } else if (isset($edit_mid) && is_numeric($edit_mid) && $edit_mid > 0) {
 330  
 331      if (($pm_data = pm_message_get($edit_mid)) !== false) {
 332  
 333          $pm_data['CONTENT'] = pm_get_content($edit_mid);
 334  
 335          $subject = $pm_data['SUBJECT'];
 336  
 337          $parsed_message = new MessageTextParse($pm_data['CONTENT']);
 338  
 339          $content = $parsed_message->getMessage();
 340  
 341          $subject = $pm_data['SUBJECT'];
 342  
 343          $reply_mid = $pm_data['REPLY_TO_MID'];
 344  
 345          $to_logon = implode(', ', array_map('user_get_logon_callback', $pm_data['RECIPIENTS']));
 346  
 347          $attachments = $pm_data['ATTACHMENTS'];
 348  
 349      } else {
 350  
 351          light_pm_error_refuse();
 352      }
 353  }
 354  
 355  if (!isset($content)) $content = "";
 356  
 357  if (mb_strlen($content) >= 65535) {
 358  
 359      $error_msg_array[] = sprintf(
 360          gettext("Message length must be under 65,535 characters (currently: %s)"),
 361          number_format(mb_strlen($content))
 362      );
 363  
 364      $valid = false;
 365  }
 366  
 367  if (isset($_POST['dedupe']) && is_numeric($_POST['dedupe'])) {
 368      $dedupe = $_POST['dedupe'];
 369  } else {
 370      $dedupe = time();
 371  }
 372  
 373  if ($valid && isset($_POST['send'])) {
 374  
 375      if (post_check_ddkey($dedupe)) {
 376  
 377          if (isset($edit_mid) && is_numeric($edit_mid)) {
 378  
 379              $new_mid = pm_send_saved_message($edit_mid, $_SESSION['UID'], $to_logon_array, $subject, $content, $reply_mid);
 380  
 381          } else {
 382  
 383              $new_mid = pm_send_message($_SESSION['UID'], $to_logon_array, $subject, $content, $reply_mid);
 384          }
 385  
 386          if ($new_mid !== false) {
 387  
 388              email_send_pm_notification($new_mid);
 389  
 390              if (sizeof($attachments) > 0 && ($attachments_array = attachments_get($_SESSION['UID'], $attachments))) {
 391  
 392                  foreach ($attachments_array as $attachment) {
 393  
 394                      pm_add_attachment($new_mid, $attachment['aid']);
 395                  }
 396              }
 397  
 398          } else {
 399  
 400              $error_msg_array[] = gettext("Error creating PM! Please try again in a few minutes");
 401              $valid = false;
 402          }
 403      }
 404  
 405      if ($valid) {
 406  
 407          if (isset($return_msg)) {
 408  
 409              header_redirect("lmessages.php?webtag=$webtag&msg=$return_msg&message_sent=true");
 410              exit;
 411  
 412          } else {
 413  
 414              header_redirect("lpm.php?webtag=$webtag&message_sent=true");
 415              exit;
 416          }
 417      }
 418  
 419  } else if ($valid && isset($_POST['save'])) {
 420  
 421      if (isset($edit_mid) && is_numeric($edit_mid)) {
 422  
 423          if (pm_update_saved_message($edit_mid, $_SESSION['UID'], $to_logon_array, $subject, $content, $reply_mid)) {
 424  
 425              if (isset($return_msg)) {
 426  
 427                  header_redirect("lmessages.php?webtag=$webtag&msg=$return_msg&message_saved=true");
 428                  exit;
 429  
 430              } else {
 431  
 432                  header_redirect("lpm.php?webtag=$webtag&mid=$edit_mid&message_saved=true");
 433                  exit;
 434              }
 435  
 436          } else {
 437  
 438              $error_msg_array[] = gettext("Could not save message. Make sure you have enough available free space.");
 439              $valid = false;
 440          }
 441  
 442      } else {
 443  
 444          if (($saved_mid = pm_save_message($_SESSION['UID'], $to_logon_array, $subject, $content, $reply_mid)) !== false) {
 445  
 446              if (sizeof($attachments) > 0 && ($attachments_array = attachments_get($_SESSION['UID'], $attachments)) !== false) {
 447  
 448                  foreach ($attachments_array as $attachment) {
 449  
 450                      pm_add_attachment($saved_mid, $attachment['aid']);
 451                  }
 452              }
 453  
 454              $pm_folder_drafts = PM_FOLDER_DRAFTS;
 455  
 456              if (isset($return_msg)) {
 457  
 458                  header_redirect("lmessages.php?webtag=$webtag&msg=$return_msg&message_saved=true");
 459                  exit;
 460  
 461              } else {
 462  
 463                  header_redirect("lpm.php?webtag=$webtag&folder=$pm_folder_drafts&mid=$saved_mid&message_saved=true");
 464                  exit;
 465              }
 466  
 467          } else {
 468  
 469              $error_msg_array[] = gettext("Could not save message. Make sure you have enough available free space.");
 470              $valid = false;
 471          }
 472      }
 473  }
 474  
 475  light_html_draw_top(sprintf("title=%s", gettext("Send New PM")), "robots=noindex,nofollow", 'js/fineuploader.min.js', 'js/attachments.js');
 476  
 477  if ($valid && isset($_POST['preview'])) {
 478  
 479      echo "<h3>", gettext("Message Preview"), "</h3>\n";
 480  
 481      $pm_preview_array['RECIPIENTS'] = $to_logon_array;
 482  
 483      $preview_from_user = user_get($_SESSION['UID']);
 484  
 485      $pm_preview_array['FROM_LOGON'] = $preview_from_user['LOGON'];
 486      $pm_preview_array['FROM_NICKNAME'] = $preview_from_user['NICKNAME'];
 487      $pm_preview_array['FROM_UID'] = $preview_from_user['UID'];
 488  
 489      $pm_preview_array['SUBJECT'] = $subject;
 490      $pm_preview_array['CREATED'] = time();
 491  
 492      $pm_preview_array['CONTENT'] = $content;
 493      $pm_preview_array['ATTACHMENTS'] = $attachments;
 494  
 495      light_pm_display($pm_preview_array, true);
 496  }
 497  
 498  echo "<form accept-charset=\"utf-8\" name=\"f_post\" action=\"lpm_write.php\" method=\"post\" target=\"_self\">\n";
 499  echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 500  echo "  ", form_input_hidden("dedupe", htmlentities_array($dedupe));
 501  
 502  if (isset($return_msg)) {
 503      echo "  ", form_input_hidden('return_msg', htmlentities_array($return_msg)), "\n";
 504  }
 505  
 506  echo "<div class=\"post\">\n";
 507  echo "<h3>", gettext("Send New PM"), "</h3>\n";
 508  echo "<div class=\"post_inner\">\n";
 509  
 510  if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 511      light_html_display_error_array($error_msg_array);
 512  }
 513  
 514  echo "<div class=\"post_thread_title\">", gettext("Subject"), ":", light_form_input_text("subject", isset($subject) ? htmlentities_array($subject) : null, 30, 64), "</div>\n";
 515  echo "<div class=\"post_to\">", gettext("To"), ":", light_form_input_text("to_logon", isset($to_logon) ? htmlentities_array($to_logon) : null), "</div>\n";
 516  echo "<div class=\"post_content\">", light_form_textarea("content", htmlentities_array(strip_paragraphs($content)), 10, 50, null, 'textarea'), "</div>\n";
 517  
 518  echo "<div class=\"post_buttons\">";
 519  
 520  echo light_form_submit("send", gettext("Send"));
 521  
 522  echo light_form_submit("save", gettext("Save"));
 523  
 524  echo light_form_submit("preview", gettext("Preview"));
 525  
 526  if (isset($edit_mid) && is_numeric($edit_mid) && $edit_mid > 0) {
 527  
 528      echo "<a href=\"lpm.php?webtag=$webtag&mid=$edit_mid\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 529  
 530  } else if (isset($forward_mid) && is_numeric($forward_mid) && $forward_mid > 0) {
 531  
 532      echo "<a href=\"lpm.php?webtag=$webtag&mid=$forward_mid\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 533  
 534  } else {
 535  
 536      echo "<a href=\"lpm.php?webtag=$webtag\" class=\"button\" target=\"_self\"><span>", gettext("Cancel"), "</span></a>\n";
 537  }
 538  
 539  echo "</div>";
 540  
 541  if (isset($reply_mid) && is_numeric($reply_mid) && $reply_mid > 0) {
 542      echo form_input_hidden("reply_to", htmlentities_array($reply_mid)), "\n";
 543  }
 544  
 545  if (isset($forward_mid) && is_numeric($forward_mid) && $forward_mid > 0) {
 546      echo form_input_hidden("fwdmsg", htmlentities_array($forward_mid)), "\n";
 547  }
 548  
 549  if (isset($edit_mid) && is_numeric($edit_mid) && $edit_mid > 0) {
 550      echo form_input_hidden("editmsg", htmlentities_array($edit_mid)), "\n";
 551  }
 552  
 553  if (attachments_check_dir()) {
 554  
 555      echo "<div class=\"attachments post_attachments\">", gettext('Attachments'), ":\n";
 556      echo "  ", attachments_form($_SESSION['UID'], $attachments), "\n";
 557      echo "</div>\n";
 558  }
 559  
 560  echo "</div>";
 561  echo "</div>";
 562  echo "</form>\n";
 563  
 564  if (isset($pm_data) && is_array($pm_data) && isset($reply_mid) && is_numeric($reply_mid) && $reply_mid > 0) {
 565  
 566      echo "<h3>", gettext("In reply to"), ":</h3>\n";
 567      light_pm_display($pm_data, true);
 568  }
 569  
 570  light_html_draw_bottom();

title

Description

title

Description

title

Description

title

title

Body