A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

118 lines
3.2 KiB

  1. <?php
  2. /**
  3. * @package uForum
  4. * @file includes/pms/pms_write.php
  5. * @version $Id$
  6. * @copyright 2007-2010 (c) PioDer <pioder@wp.pl>
  7. * @link http://www.pioder.pl/
  8. * @license see LICENSE.txt
  9. **/
  10. if ( !defined('IN_uF') )
  11. {
  12. die('Hacking attempt');
  13. }
  14. $msg ='';
  15. if ((isset($_POST['textedit'])) and (isset($_POST['nmsg'])) and (isset($_POST['username'])))
  16. {
  17. if (($_POST['textedit'] != '') and ($_POST['nmsg']!='') and ($_POST['username']!='') and (strlen($_POST['textedit'])>10) and (strlen($_POST['nmsg'])>5))
  18. {
  19. $nick = strip_tags($_POST['username']);
  20. $sql = "SELECT * FROM `".USERS_TABLE."` WHERE `nick`='$nick'";
  21. $result = DataBase::fetch(DataBase::sql_query($sql, CRITICAL,'Could not obtain user information.'));
  22. if ($result['u_id']!='')
  23. {
  24. $cntu = Pms::PMCnt($result['u_id']);
  25. if ($cntu[0] < $forum_config['pm_inbox_max'])
  26. {
  27. //antiflood lock
  28. if (isset($_COOKIE['antiflood_time']))
  29. {
  30. if ($_COOKIE['antiflood_time']>$_SERVER['REQUEST_TIME'])
  31. {
  32. message_forum($lng['antiflood_enabled'],$_SERVER['REQUEST_URI']);
  33. }
  34. }
  35. else
  36. {
  37. setcookie('antiflood_time',($_SERVER['REQUEST_TIME'] + $forum_config['time_antiflood']));
  38. $_POST['textedit'] = Secure::TagsReplace($_POST['textedit']);
  39. $_POST['nmsg'] = strip_tags($_POST['nmsg']);
  40. Pms::SendMessage($_POST['textedit'],$_POST['nmsg'], $_POST['username']);
  41. message_forum($lng['post_is_saved'],'pms.php');
  42. }
  43. }
  44. else
  45. {
  46. $message = $lng['pm_inbox_full'];
  47. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  48. }
  49. }
  50. else
  51. {
  52. $message = $lng['no_user'];
  53. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  54. }
  55. }
  56. else
  57. {
  58. $message = $lng['perror_1'];
  59. $msg = './skins/'.$default_skin.'/post_error_body.tpl';
  60. }
  61. }
  62. else
  63. {
  64. if (isset($_GET['id']))
  65. {
  66. Secure::user_exists(intval($_GET['id']));
  67. $_POST['username'] = User::UserInformation(intval($_GET['id']), 'nick');
  68. }
  69. else
  70. {
  71. $_POST['username'] = '';
  72. }
  73. $_POST['nmsg']='';
  74. $_POST['textedit']='';
  75. }
  76. $cnt = Pms::PMCnt();
  77. //add skin variables
  78. $skin = array(
  79. 'smiles'=>Post::SmilesShow(),
  80. //labels
  81. 'luser'=>$lng['user'],
  82. 'lsmiles'=>$lng['smiles'],
  83. 'lmsgname'=>$lng['msgname'],
  84. 'lmsg'=>$lng['message'],
  85. 'lsave'=>$lng['save'],
  86. 'lreset'=>$lng['reset'],
  87. 'lwritemsg'=>$lng['write_pm'],
  88. 'action'=>$_SERVER['REQUEST_URI'],
  89. 'lsentbox_full'=>($cnt[1]==$forum_config['pm_sentbox_max']) ? $lng['pm_sentbox_full'] : ''
  90. );
  91. $skin = array_push_assoc($skin, GenerateHeader($lng['lpm'].': '.$lng['write_pm'], '<a href="pms.php" class="navigator">'.$lng['lpm'].' &raquo; <a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['write_pm']));
  92. if ($msg=='')
  93. {
  94. $msg='./skins/'.$default_skin.'/blank.tpl';
  95. }
  96. //do it!
  97. require('./skins/'.$default_skin.'/overall_header.tpl');
  98. require('./skins/'.$default_skin.'/pms_new_body.tpl');
  99. if(RANK=='2')
  100. {
  101. $skin['pa_link']='<a href="admin/index.php" class="fsmall"><b>'.$lng['pa_link'].'</b></a>';
  102. }
  103. else
  104. {
  105. $skin['pa_link']='';
  106. }
  107. $stop = TimeGeneration();
  108. $skin['queries'] = ShowQueries($start, $stop);
  109. require('./skins/'.$default_skin.'/overall_footer.tpl');
  110. ?>