\n"; $levels = array(101=>$locale['user1'], $locale['user2'], $locale['user3']); foreach ($levels as $level => $modlevel) { if ($level==$selected_user_class) { $sel = " selected"; } else { $sel=""; } if ($restricted) { $userlevel = iUSER; } else { $userlevel = max(array_keys($levels)); } if ($level<=$userlevel) $user_class_option_list.="\n"; } $groups_qry = dbquery("SELECT group_id,group_name FROM ".DB_PREFIX."user_groups"); if (dbrows($groups_qry) != 0) { $user_class_option_list .= "\n"; while ($user_groups = dbarray($groups_qry)) { $sel = ($user_groups['group_id'] == $selected_user_class ? " selected" : ""); $user_class_option_list.="\n"; } } return $user_class_option_list; } function builduseroptionlist($selected_user_id=1){ global $locale; $user_option_list = ""; $levels = array( 0 => array($locale['user3'], "103"), 1 => array($locale['user2'], "102"), 2 => array($locale['user1'], "101") ); while(list($key, $user_level) = each($levels)) { $uresult = dbquery("SELECT * FROM ".DB_PREFIX."users WHERE user_level='".$user_level['1']."' ORDER BY user_name"); if (dbrows($uresult) > 0) { $user_option_list .= "\n"; while ($udata = dbarray($uresult)) { $sel = ($udata['user_id'] == $selected_user_id ? " selected" : ""); $user_option_list .= "\n"; } $user_option_list .= "\n"; } } return $user_option_list; } function displayMessagePreview($prev_subject,$prev_message,$site_broadcast=false){ global $locale,$settings,$userdata; opentable($locale['438']); if (isset($_POST['chk_sitebroadcast'])) { $prev_recipient = $locale['408']; } else { $prev_recipient = "".$userdata['user_name'].""; } $prev_msgdate=strftime($settings['longdate'], time()+($settings['timeoffset']*3600)); echo "
".$locale['406'].": ".$prev_recipient."
".$locale['407'].": ".$prev_msgdate."
".$locale['405'].": ".$prev_subject."
".$prev_message."
\n"; closetable(); tablebreak(); } $msg_folders = array("inbox" => 0, "sentbox" => 1, "savebox" => 2, "options" => 3); $folder_status = array( array("","","","","","","",""), array("","","","","","","",""), array("","","","","","","",""), array("","","","","","","","") ); // Save user options if (isset($saveoptions)) { $pm_email_notify = isNum($_POST['pm_email_notify']) ? $_POST['pm_email_notify'] : "0"; $pm_save_sent = isNum($_POST['pm_save_sent']) ? $_POST['pm_save_sent'] : "0"; if ($_POST['update_type']=="new") { dbquery("INSERT INTO ".$db_prefix."messages_options VALUES ('".$userdata['user_id']."', '$pm_email_notify', '$pm_save_sent', '0', '0', '0')"); } else { dbquery("UPDATE ".$db_prefix."messages_options SET pm_email_notify='$pm_email_notify', pm_save_sent='$pm_save_sent' WHERE user_id='".$userdata['user_id']."'"); } $message = $locale['624']; } if (!isset($folder)) $folder="inbox"; if (!array_key_exists($folder,$msg_folders)) $folder="inbox"; $folder_stat=$folder_status[$msg_folders[$folder]]; $result_where_message_folder="message_folder=".$msg_folders[$folder]; if (isset($msg_view)) { if (!isNum($msg_view)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_view; } elseif (isset($msg_reply)) { if (!isNum($msg_reply)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_reply; } elseif (isset($_POST['reply_preview'])) { if (!isNum($msg_reply_preview)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_reply_preview; $msg_reply = $msg_reply_preview; } elseif (isset($msg_setread)) { if (!isNum($msg_setread)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_setread; } elseif (isset($msg_setunread)) { if (!isNum($msg_setunread)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_setunread; } elseif (isset($msg_save)) { if (!isNum($msg_save)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_save; $cnt_messages = '1'; } elseif (isset($msg_unsave)) { if (!isNum($msg_unsave)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_unsave; $cnt_messages = '1'; } elseif (isset($msg_delete)) { if (!isNum($msg_delete)) fallback("messages.php"); $result_where_message_id="message_id=".$msg_delete; } elseif (isset($chk_mark)) { if (is_array($chk_mark) && count($chk_mark) > 1) { // Count how many elements (messages) in array $cnt_messages = count($chk_mark); foreach ($chk_mark as $thisnum) { if (!isNum($thisnum)) { fallback("messages.php"); } } $result_where_message_id = "message_id IN(".implode(',',$chk_mark).")"; } else { $cnt_messages = '1'; $result_where_message_id = "message_id=".(isNum($chk_mark[0]) ? $chk_mark[0] : "0"); } } $result_where_message_to="message_to=".$userdata['user_id']; // a double check to make sure the script only operates on the current users messages $sender_id = (isset($_POST['chk_sitebroadcast']) ? 0 : $userdata['user_id']); if (isset($_POST['send_preview']) || isset($_POST['reply_preview'])) { if(isset($_POST['chk_showsig'])) $checked_sig=" checked"; if(isset($_POST['chk_disablesmileys'])) $checked_smileys=" checked"; if(isset($_POST['chk_sendtoall'])) $checked_sendtoall=" checked"; if(isset($_POST['chk_sitebroadcast'])) $checked_sitebroadcast=" checked"; $prev_subject=stripinput($_POST['subject']); $prev_message=stripinput($_POST['message']); if ($checked_sig) $prev_message = $prev_message."\n\n".$userdata['user_sig']; if (!$checked_smileys) $prev_message = parsesmileys($prev_message); $prev_message = nl2br(parseubb($prev_message)); // $msg_send = $msg_to; } if(iGUEST){ // not logged in - display "iMEMBERs only" opentable($locale['400']); echo "

".$locale['483']."

\n"; } elseif ($userdata['user_pm_ban'] == "1"){ // user is banned from pm'ing opentable($locale['400']); echo "

".$locale['484']."

\n"; } elseif (isset($_POST['btn_cancel'])) { // handle cancel button redirect(FUSION_SELF."?folder=".$folder); } elseif (isset($_POST['btn_setread']) || isset($msg_setread)) { // set message as read dbquery("UPDATE ".$db_prefix."messages SET message_read=1 WHERE ".$result_where_message_id." AND ".$result_where_message_to); redirect(FUSION_SELF."?folder=".$folder); } elseif (isset($_POST['btn_setunread']) || isset($msg_setunread)) { // set message as un-read dbquery("UPDATE ".$db_prefix."messages SET message_read=0 WHERE ".$result_where_message_id." AND ".$result_where_message_to); redirect(FUSION_SELF."?folder=".$folder); } elseif (isset($_POST['btn_save']) || isset($msg_save)) { // move message to 'savebox' folder // Count how many messages in archive/savebox $cnt_savebox_qry = dbquery("SELECT COUNT(message_id) cnt_savebox FROM ".$db_prefix."messages WHERE message_to='".$userdata['user_id']."' AND message_folder='2' GROUP BY message_to"); if (dbrows($cnt_savebox_qry) != 0) { $cnt_savebox = dbresult($cnt_savebox_qry,0); } // Get limit $limit_savebox = dbresult(dbquery("SELECT pm_savebox FROM ".$db_prefix."messages_options WHERE user_id='0'"),0); // Check if current + new messages is > limit if ($limit_savebox != '0' && ($cnt_messages + $cnt_savebox) > $limit_savebox) { $error = $locale['629']; } if (isset($error)) { opentable($locale['627']); echo "

".$error."

"; } else { $result = dbquery("UPDATE ".$db_prefix."messages SET message_folder=2 WHERE ".$result_where_message_id." AND ".$result_where_message_to); redirect(FUSION_SELF."?folder=".$folder); } } elseif (isset($_POST['btn_unsave']) || isset($msg_unsave)){ // move message to 'inbox' folder // Count how many messages in inbox $cnt_inbox_qry = dbquery("SELECT COUNT(message_id) cnt_inbox FROM ".$db_prefix."messages WHERE message_to='".$userdata['user_id']."' AND message_folder='0' GROUP BY message_to"); if (dbrows($cnt_inbox_qry) != 0) { $cnt_inbox = dbresult($cnt_inbox_qry,0); } // Get limit $limit_inbox=dbresult(dbquery("SELECT pm_inbox FROM ".$db_prefix."messages_options WHERE user_id='0'"),0); // Check if current + new messages is > limit if ( $limit_inbox != '0' && ($cnt_messages + $cnt_inbox) > $limit_inbox) { $error = $locale['629']; } if (isset($error)) { opentable($locale['627']); echo "

".$error."

"; } else { dbquery("UPDATE ".$db_prefix."messages SET message_folder=0 WHERE ".$result_where_message_id." AND ".$result_where_message_to); redirect(FUSION_SELF."?folder=".$folder); } } elseif (isset($_POST['btn_delete']) || isset($msg_delete)) { // delete message if (!isset($msg_delete) && !isset($chk_mark)) fallback("messages.php"); $result = dbquery("DELETE FROM ".$db_prefix."messages WHERE ".$result_where_message_id." AND ".$result_where_message_to); redirect(FUSION_SELF."?folder=".$folder); } elseif (isset($msg_view)) { // view message $result=dbquery( "SELECT tm.*, user_id, user_name, user_avatar FROM ".$db_prefix."messages tm LEFT JOIN ".$db_prefix."users ". "ON message_from=user_id WHERE ".$result_where_message_id." AND ".$result_where_message_to ); if (dbrows($result) == "1"){ $data=dbarray($result); if (!$data['user_avatar']) { $data['user_avatar'] = 'noimage.gif'; } $avatar = $data['user_avatar']; $subject = $data['message_subject']; $message = parseubb(nl2br($data['message_message'])); if ($data['message_smileys']=="y") $message=parsesmileys($message); $msgdate = strftime($settings['longdate'], $data['message_datestamp']+($settings['timeoffset']*3600)); if ($data['message_read'] == 0) { $result=dbquery("UPDATE ".$db_prefix."messages SET message_read='1' WHERE ".$result_where_message_id." AND ".$result_where_message_to); } $msg_fld_name = array_search($data['message_folder'],$msg_folders); opentable($locale['431']." (".$msg_fld_name.")"); echo "
".($data['message_folder']==1?$locale['421']:$locale['406']).": "; if ($data['message_from'] == 0) { echo $locale['408']; } else { echo "
".$data['user_name'].""; } echo "
".($data['message_folder']==1?$locale['426']:$locale['407']).":".$msgdate."
".$locale['405'].": ".$subject."
".$message."
\n"; if ($data['message_folder'] != "1" && $data['user_id'] != "0") { echo " "; } if ($data['message_folder']== "2") { echo " "; } else { echo " "; } echo "
\n"; } else { opentable($locale['480']); echo "

".$locale['481']."

\n"; } } elseif (isset($msg_send)||isset($_POST['send_preview'])){ // write message if ($msg_send <> "" && (((int)$msg_send) == $msg_send)){ $type = "user"; $uresult=dbquery("SELECT user_name, user_avatar FROM ".$db_prefix."users WHERE user_id='".$msg_send."'"); $rows=dbrows($uresult); if ($rows == 1) $data=dbarray($uresult); if (!$data['user_avatar']) { $data['user_avatar'] = 'noimage.gif'; } $avatar = $data['user_avatar']; } else { $rows = 1; } if ($rows == 1){ if (isset($_POST['send_preview'])) displayMessagePreview($prev_subject,$prev_message); opentable($locale['420']); echo "
".$locale['421'].": "; if (($msg_send <> "") && !isset($prev_message)) { echo "
".$data['user_name'].""; } else { echo ""; if(iSUPERADMIN){ if (!isset($msg_to_class)) $msg_to_class = 1; echo "".$locale['434'].": "; } } echo "
".$locale['405'].":
".$locale['422'].":