3"; $res = db_query($sql,$link); if (db_num_rows($res)==0) error(MSG_e_u_nosuchuser); $tmp = db_fetch_row($res); db_free_result($res); $uid=$tmp[0]; if (!getvar("pm_text") || !getvar("pm_subj")) error(MSG_e_pm_empty); $curtime = $GLOBALS['curtime']; $subj = getvar("pm_subj"); unset($_POST['pm_subj']); $text = getvar("pm_text"); $oldtext = $_POST['pm_text']; unset($_POST['pm_text']); $sqldata = build_sql("pm_"); if (getvar("drafts")) $box=2; else $box=1; $sql = "INSERT INTO ".$GLOBALS['DBprefix']."PersonalMessage SET pm__box=$box, pm__owner=".$GLOBALS['inuserid'].", pm__senddate=$curtime, pm__readdate=0, pm__correspondent=$uid, pm_text=\"$text\", pm_subj=\"$subj\", $sqldata"; $res = db_query($sql,$link); $pair = db_insert_id($res); if (!getvar("drafts")) { $_POST['pm_text']=$oldtext; $sqldata.=", pm_pair=$pair"; $newpair = send_pm($uid,$GLOBALS['inuserid'],$text,$subj,$sqldata); $sql = "UPDATE ".$GLOBALS['DBprefix']."PersonalMessage SET pm_pair=".$newpair." WHERE pm_id=$pair"; $res = db_query($sql,$link); $result = MSG_pm_sended; } else $result = MSG_pm_draft; message($result,1); } function do_move() { if ($GLOBALS['inuserid']<=3) error(MSG_e_pm_noguests); $link = $GLOBALS['link']; $msg = getvar("msg"); $sql = "UPDATE ".$GLOBALS['DBprefix']."PersonalMessage SET pm__box=3 WHERE pm_id=\"$msg\" AND pm__owner=".$GLOBALS['inuserid']; $res = db_query($sql,$link); message(MSG_pm_moved,1); } function do_delete() { if ($GLOBALS['inuserid']<=3) error(MSG_e_pm_noguests); $link = $GLOBALS['link']; $msg = getvar("msg"); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."PersonalMessage WHERE pm_id=\"$msg\" AND pm__owner=".$GLOBALS['inuserid']; $res = db_query($sql,$link); $GLOBALS['refpage']="index.php?m=messages&a=view"; message(MSG_pm_deleted,1); } function do_delall() { if ($GLOBALS['inuserid']<=3) error(MSG_e_pm_noguests); $link = $GLOBALS['link']; $delete = $_POST['delete']; foreach ($delete as $curid=>$curvalue) { if ($sqldata) $sqldata.=" OR "; $sqldata .= "pm_id=\"".db_slashes($curid)."\""; } $sql = "DELETE FROM ".$GLOBALS['DBprefix']."PersonalMessage WHERE pm__owner=".$GLOBALS['inuserid']." AND (".$sqldata.")"; $res = db_query($sql,$link); $sql = "SELECT COUNT(*) FROM ".$GLOBALS['DBprefix']."PersonalMessage WHERE pm__owner=".$GLOBALS['inuserid']." AND pm__box=0 AND pm__readdate=0"; $res = db_query($sql,$link); list($unread)=db_fetch_row($res); db_free_result($res); $sql = "UPDATE ".$GLOBALS['DBprefix']."User SET u__pmcount=".intval($unread)." WHERE u_id=".$GLOBALS['inuserid']; $res=db_query($sql,$link); $sql = "DELETE FROM ".$GLOBALS['DBprefix']."Online" $res=db_query($sql,$link); $GLOBALS['refpage']="index.php?m=messages&a=view"; message(MSG_pm_deleted_all,1); } function locations($locations) { if ($GLOBALS['action']=="view") array_push($locations,MSG_pm); else { array_push($locations,"".MSG_pm.""); if ($GLOBALS['action']=="reply") array_push($locations,MSG_pm_reply); if ($GLOBALS['action']=="viewmsg") array_push($locations,MSG_pm_view); if ($GLOBALS['action']=="viewbox") { if (getvar("box")==0) { array_push($locations,MSG_pm_inbox); } elseif (getvar("box")==1) { array_push($locations,MSG_pm_outbox); } elseif (getvar("box")==2) { array_push($locations,MSG_pm_drafts); } elseif (getvar("box")==3) { array_push($locations,MSG_pm_archive); } } } return $locations; }