makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Bigger holes filled with yet more code

Browse source 
git-svn-id: file:///svn/phpbb/trunk@492 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-06-14 00:25:40 +00:00
parent 2aa9f56045
commit 01b5e67342
1 changed files with 40 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
phpBB/privmsg.php
View file

@ -76,16 +76,29 @@ if($mode == "read")
{ {
$user_to_sql = "AND pm.privmsgs_to_userid = " . $userdata['user_id']; $user_to_sql = "AND pm.privmsgs_to_userid = " . $userdata['user_id'];
$user_from_sql = "AND u.user_id = pm.privmsgs_from_userid"; $user_from_sql = "AND u.user_id = pm.privmsgs_from_userid";
$sql_type = "AND (pm.privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . " )";
}
else if($folder == "outbox")
{
$user_to_sql = "AND u.user_id = pm.privmsgs_to_userid";
$user_from_sql = "AND pm.privmsgs_from_userid = " . $userdata['user_id'];
$sql_type = "AND pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL;
}
else if($folder == "sentbox")
{
$user_to_sql = "AND u.user_id = pm.privmsgs_to_userid";
$user_from_sql = "AND pm.privmsgs_from_userid = " . $userdata['user_id'];
$sql_type = "AND pm.privmsgs_type = " . PRIVMSGS_SENT_MAIL;
} }
else if($folder == "savebox") else if($folder == "savebox")
{ {
$user_to_sql = "AND ( (pm.privmsgs_to_userid = " . $userdata['user_id'] . " AND u.user_id = pm.privmsgs_from_userid) "; $user_to_sql = "AND ( (pm.privmsgs_to_userid = " . $userdata['user_id'] . " AND u.user_id = pm.privmsgs_from_userid) ";
$user_from_sql = "OR (u.user_id = pm.privmsgs_to_userid AND pm.privmsgs_from_userid = " . $userdata['user_id'] . ") )"; $user_from_sql = "OR (u.user_id = pm.privmsgs_to_userid AND pm.privmsgs_from_userid = " . $userdata['user_id'] . ") )";
$sql_type = "AND pm.privmsgs_type = " . PRIVMSGS_SAVED_MAIL;
} }
else else
{ {
$user_to_sql = "AND u.user_id = pm.privmsgs_to_userid"; // Error out
$user_from_sql = "AND pm.privmsgs_from_userid = " . $userdata['user_id'];
} }
} }
else else
@ -94,34 +107,24 @@ if($mode == "read")
} }
include('includes/page_header.'.$phpEx);
//
// Load templates
//
$template->set_filenames(array(
"body" => "privmsgs_read_body.tpl",
"jumpbox" => "jumpbox.tpl")
);
$jumpbox = make_jumpbox();
$template->assign_vars(array(
"JUMPBOX_LIST" => $jumpbox,
"SELECT_NAME" => POST_FORUM_URL)
);
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
$sql = "SELECT u.username, u.user_id, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, u.user_viewemail, u.user_sig, u.user_avatar, pm.privmsgs_id, pm.privmsgs_type, pm.privmsgs_subject, pm.privmsgs_from_userid, pm.privmsgs_to_userid, pm.privmsgs_date, pm.privmsgs_ip, pm.privmsgs_bbcode_uid, pmt.privmsgs_text $sql = "SELECT u.username, u.user_id, u.user_website, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, u.user_viewemail, u.user_sig, u.user_avatar, pm.privmsgs_id, pm.privmsgs_type, pm.privmsgs_subject, pm.privmsgs_from_userid, pm.privmsgs_to_userid, pm.privmsgs_date, pm.privmsgs_ip, pm.privmsgs_bbcode_uid, pmt.privmsgs_text
FROM ".PRIVMSGS_TABLE." pm, " . PRIVMSGS_TEXT_TABLE . " pmt, ".USERS_TABLE." u FROM ".PRIVMSGS_TABLE." pm, " . PRIVMSGS_TEXT_TABLE . " pmt, ".USERS_TABLE." u
WHERE pm.privmsgs_id = $privmsgs_id WHERE pm.privmsgs_id = $privmsgs_id
AND pmt.privmsgs_text_id = pm.privmsgs_id AND pmt.privmsgs_text_id = pm.privmsgs_id
$user_to_sql $user_to_sql
$user_from_sql"; $user_from_sql
$sql_type";
if(!$pm_status = $db->sql_query($sql)) if(!$pm_status = $db->sql_query($sql))
{ {
error_die(SQL_QUERY, "Could not query private message post information.", __LINE__, __FILE__); error_die(SQL_QUERY, "Could not query private message post information.", __LINE__, __FILE__);
} }
$privmsg = $db->sql_fetchrow($pm_status); $privmsg = $db->sql_fetchrow($pm_status);
if(!$privmsg['privmsgs_id'])
{
header("Location: " . append_sid("privmsg.$phpEx?folder=$folder"));
}
if($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL && $folder == "inbox") if($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL && $folder == "inbox")
{ {
$sql = "UPDATE " . PRIVMSGS_TABLE . " $sql = "UPDATE " . PRIVMSGS_TABLE . "
@ -176,6 +179,23 @@ if($mode == "read")
$s_hidden_fields = "<input type=\"hidden\" name=\"mark[]\" value=\"$privmsgs_id\">"; $s_hidden_fields = "<input type=\"hidden\" name=\"mark[]\" value=\"$privmsgs_id\">";
include('includes/page_header.'.$phpEx);
//
// Load templates
//
$template->set_filenames(array(
"body" => "privmsgs_read_body.tpl",
"jumpbox" => "jumpbox.tpl")
);
$jumpbox = make_jumpbox();
$template->assign_vars(array(
"JUMPBOX_LIST" => $jumpbox,
"SELECT_NAME" => POST_FORUM_URL)
);
$template->assign_var_from_handle("JUMPBOX", "jumpbox");
$template->assign_vars(array( $template->assign_vars(array(
"INBOX" => $inbox_url, "INBOX" => $inbox_url,
"SENTBOX" => $sentbox_url, "SENTBOX" => $sentbox_url,