1<?php 2/** 3 * XOOPS message detail 4 * 5 * You may not change or alter any portion of this comment or credits 6 * of supporting developers from this source code or any supporting source code 7 * which is considered copyrighted (c) material of the original comment or credit authors. 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 11 * 12 * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) 13 * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) 14 * @package core 15 * @since 2.0.0 16 */ 17 18include __DIR__ . '/mainfile.php'; 19$xoopsPreload = XoopsPreload::getInstance(); 20$xoopsPreload->triggerEvent('core.viewpmsg.start'); 21 22xoops_loadLanguage('pmsg'); 23 24if (!is_object($xoopsUser)) { 25 $errormessage = _PM_SORRY . '<br>' . _PM_PLZREG . ''; 26 redirect_header('user.php', 2, $errormessage); 27} else { 28 $pm_handler = xoops_getHandler('privmessage'); 29 if (isset($_POST['delete_messages']) && (isset($_POST['msg_id']) || isset($_POST['msg_ids']))) { 30 if (!$GLOBALS['xoopsSecurity']->check()) { 31 echo implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()); 32 exit(); 33 } elseif (empty($_REQUEST['ok'])) { 34 include $GLOBALS['xoops']->path('header.php'); 35 xoops_confirm(array( 36 'ok' => 1, 37 'delete_messages' => 1, 38 'msg_ids' => json_encode(array_map('intval', $_POST['msg_id']))), $_SERVER['REQUEST_URI'], _PM_SURE_TO_DELETE); 39 include $GLOBALS['xoops']->path('footer.php'); 40 exit(); 41 } 42 $clean_msg_id = json_decode($_POST['msg_ids'], true, 2); 43 if (!empty($clean_msg_id)) { 44 $clean_msg_id = array_map('intval', $clean_msg_id); 45 } 46 $size = count($clean_msg_id); 47 $msg =& $clean_msg_id; 48 for ($i = 0; $i < $size; ++$i) { 49 $pm = $pm_handler->get((int)$msg[$i]); 50 if ($pm->getVar('to_userid') == $xoopsUser->getVar('uid')) { 51 $pm_handler->delete($pm); 52 } 53 unset($pm); 54 } 55 redirect_header('viewpmsg.php', 1, _PM_DELETED); 56 } 57 include $GLOBALS['xoops']->path('header.php'); 58 $criteria = new Criteria('to_userid', $xoopsUser->getVar('uid')); 59 $criteria->setOrder('DESC'); 60 $pm_arr = $pm_handler->getObjects($criteria); 61 echo "<h4 class='txtcenter'>" . _PM_PRIVATEMESSAGE . "</h4><br><a href='userinfo.php?uid=" . $xoopsUser->getVar('uid') . "'>" . _PM_PROFILE . "</a> <span style='font-weight:bold;'>»</span> " . _PM_INBOX . '<br><br>'; 62 echo "<form name='prvmsg' method='post' action='viewpmsg.php'>"; 63 echo "<table cellspacing='1' cellpadding='4' class='outer width100 bnone'>\n"; 64 echo "<tr align='center' valign='middle'><th><input name='allbox' id='allbox' onclick='xoopsCheckAll(\"prvmsg\", \"allbox\");' type='checkbox' value='Check All' /></th><th><img class'bnone' src='images/download.gif' alt=''/></th><th> </th><th>" . _PM_FROM . '</th><th>' . _PM_SUBJECT . "</th><th class='txtcenter'>" . _PM_DATE . "</th></tr>\n"; 65 $total_messages = count($pm_arr); 66 if ($total_messages == 0) { 67 echo "<tr><td class='even txcenter' colspan='6'>" . _PM_YOUDONTHAVE . '</td></tr> '; 68 $display = 0; 69 } else { 70 $display = 1; 71 } 72 for ($i = 0; $i < $total_messages; ++$i) { 73 $class = ($i % 2 == 0) ? 'even' : 'odd'; 74 echo "<tr class='$class txtleft'><td class='aligntop width2 txtcenter'><input type='checkbox' id='msg_id[]' name='msg_id[]' value='" . $pm_arr[$i]->getVar('msg_id') . "' /></td>\n"; 75 if ($pm_arr[$i]->getVar('read_msg') == 1) { 76 echo "<td class='aligntop width5 txtcenter'><img src='images/email_read.png' alt='" . _PM_READ . "' title='" . _PM_READ . "' /></td>\n"; 77 } else { 78 echo "<td class='aligntop width5 txtcenter'><img src='images/email_notread.png' alt='" . _PM_NOTREAD . "' title='" . _PM_NOTREAD . "' /></td>\n"; 79 } 80 $iconName = htmlspecialchars($pm_arr[$i]->getVar('msg_image', 'E'), ENT_QUOTES); 81 if ($iconName != '') { 82 echo "<td class='aligntop width5 txtcenter'><img src='images/subject/" . $iconName . "' alt='' /></td>\n"; 83 } else { 84 echo "<td class='aligntop width5 txtcenter'></td>\n"; 85 } 86 $postername = XoopsUser::getUnameFromId($pm_arr[$i]->getVar('from_userid')); 87 echo "<td class='alignmiddle width10'>"; 88 // no need to show deleted users 89 if ($postername) { 90 echo "<a href='userinfo.php?uid=" . $pm_arr[$i]->getVar('from_userid') . "' title=''>" . $postername . '</a>'; 91 } else { 92 echo $xoopsConfig['anonymous']; 93 } 94 echo "</td>\n"; 95 echo "<td class='alignmiddle'><a href='readpmsg.php?start=" . ($total_messages - $i - 1), "&total_messages=$total_messages'>" . $pm_arr[$i]->getVar('subject') . '</a></td>'; 96 echo "<td class='alignmiddle txtcenter width20'>" . formatTimestamp($pm_arr[$i]->getVar('msg_time')) . '</td></tr>'; 97 } 98 if ($display == 1) { 99 echo "<tr class='foot txtleft'><td colspan='6' align='left'><input type='button' class='formButton' onclick='openWithSelfMain(\"" . XOOPS_URL . "/pmlite.php?send=1\",\"pmlite\",565,500);' value='" . _PM_SEND . "' /> <input type='submit' class='formButton' name='delete_messages' value='" . _PM_DELETE . "' />" . $GLOBALS['xoopsSecurity']->getTokenHTML() . '</td></tr></table></form>'; 100 } else { 101 echo "<tr class='bg2 txtleft'><td class='txtleft' colspan='6'><input type='button' class='formButton' onclick='openWithSelfMain(\"" . XOOPS_URL . "/pmlite.php?send=1\",\"pmlite\",565,500);' value='" . _PM_SEND . "' /></td></tr></table></form>"; 102 } 103 include $GLOBALS['xoops']->path('footer.php'); 104} 105