zijia/source/include/spacecp/spacecp_pm.php

<?php

/**
 *      [Discuz!] (C)2001-2099 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: spacecp_pm.php 35056 2014-11-03 08:01:19Z hypowang $
 */

if(!defined('IN_DISCUZ')) {
	exit('Access Denied');
}

$pmid = empty($_GET['pmid'])?0:floatval($_GET['pmid']);
$uid = empty($_GET['uid'])?0:intval($_GET['uid']);
$plid = empty($_GET['plid'])?0:intval($_GET['plid']);
$opactives['pm'] = 'class="a"';

if($uid) {
	$touid = $uid;
} else {
	$touid = empty($_GET['touid'])?0:intval($_GET['touid']);
}
$daterange = empty($_GET['daterange'])?1:intval($_GET['daterange']);

loaducenter();

if($_GET['op'] == 'checknewpm') {

	header('Content-Type: text/javascript');

	if($_G['uid'] && !getstatus($_G['member']['newpm'], 1)) {
		$ucnewpm = intval(uc_pm_checknew($_G['uid']));
		$newpm = setstatus(1, $ucnewpm ? 1 : 0, $_G['member']['newpm']);
		if($_G['member']['newpm'] != $newpm) {
			C::t('common_member')->update($_G['uid'], array('newpm' => $newpm));
		}
	}
	dsetcookie('checkpm', 1, 30);
	exit();

} elseif($_GET['op'] == 'getpmuser') {
	$otherpm = $json = array();
	$result = uc_pm_list($_G['uid'], 1, 30, 'inbox', 'privatepm');
	foreach($result['data'] as $key => $value) {
		$value['lastauthor'] = daddslashes($value['lastauthor']);
		$value['avatar'] = avatar($value['lastauthorid'], 'small', true);
		if($value['isnew']) {
			$json[$value['lastauthorid']] = "$value[lastauthorid]:{'uid':$value[lastauthorid], 'username':'$value[lastauthor]', 'avatar':'$value[avatar]', 'plid':$value[plid], 'isnew':$value[isnew], 'daterange':$value[daterange]}";
		} else {
			$otherpm[$value['lastauthorid']] = "$value[lastauthorid]:{'uid':$value[lastauthorid], 'username':'$value[lastauthor]', 'avatar':'$value[avatar]', 'plid':$value[plid], 'isnew':$value[isnew], 'daterange':$value[daterange]}";
		}
	}
	if(!empty($otherpm)) {
		$json = array_merge($json, $otherpm);
	}
	$jsstr = "{'userdata':{".implode(',', $json)."}}";

} elseif($_GET['op'] == 'showmsg') {

	$msgonly = empty($_GET['msgonly']) ? 0 : intval($_GET['msgonly']);
	$touid = empty($_GET['touid']) ? 0: intval($_GET['touid']);
	$daterange = empty($_GET['daterange']) ? 1 : intval($_GET['daterange']);
	$result = uc_pm_view($_G['uid'], 0, $touid, $daterange, 0, 0, 0, 0);
	$msglist = array();
	$msguser = $messageappend = '';
	$online = 0;
	foreach($result as $key => $value) {
		if($value['authorid'] != $_G['uid']) {
			$msguser = $value['author'];
		}
		$daykey = dgmdate($value['dateline'], 'Y-m-d');
		$msglist[$daykey][$key] = $value;
	}
	if($touid && empty($msguser)) {
		$member = getuserbyuid($touid);
		$msguser = $member['username'];
	}
	if(!$msgonly) {
		$online = C::app()->session->fetch_by_uid($touid) ? 1 : 0;
		if($_G['member']['newpm']) {
			$newpm = setstatus(1, 0, $_G['member']['newpm']);
			C::t('common_member')->update($_G['uid'], array('newpm' => $newpm));
			uc_pm_ignore($_G['uid']);
		}
	}
	if(!empty($_GET['tradeid'])) {
		$trade = C::t('forum_trade')->fetch_goods(0, $_GET['tradeid']);
		if($trade) {
			$messageappend = dhtmlspecialchars('[url='.$_G['siteurl'].'forum.php?mod=viewthread&tid='.$trade['tid'].'&do=tradeinfo&pid='.$trade['pid'].'][b]'.$trade['subject'].'[/b][/url]');
		}
	} elseif(!empty($_GET['commentid'])) {
		$comment = C::t('forum_postcomment')->fetch($_GET['commentid']);
		if($comment) {
			$comment['comment'] = str_replace(array('[b]', '[/b]', '[/color]'), array(''), preg_replace("/\[color=([#\w]+?)\]/i", '', strip_tags($comment['comment'])));
			$messageappend = dhtmlspecialchars('[url='.$_G['siteurl'].'forum.php?mod=redirect&goto=findpost&pid='.$comment['pid'].'&ptid='.$comment['tid'].'][b]'.lang('spacecp', 'pm_comment').'[/b][/url][quote]'.$comment['comment'].'[/quote]');
		}
	} elseif(!empty($_GET['tid']) && !empty($_GET['pid'])) {
		$thread = C::t('forum_thread')->fetch($_GET['tid']);
		if($thread) {
			$messageappend = dhtmlspecialchars('[url='.$_G['siteurl'].'forum.php?mod=redirect&goto=findpost&pid='.intval($_GET['pid']).'&ptid='.$thread['tid'].'][b]'.lang('spacecp', 'pm_thread_about', array('subject' => $thread['subject'])).'[/b][/url]');
		}
	}

} elseif($_GET['op'] == 'showchatmsg') {
	$perpage = 50;
	$perpage = mob_perpage($perpage);
	$page = empty($_GET['page']) ? ceil($count/$perpage) : intval($_GET['page']);
	$list = uc_pm_view($_G['uid'], 0, $plid, 5, ceil($count/$perpage)-$page+1, $perpage, 1, 1);

} elseif($_GET['op'] == 'delete') {

	if($_GET['formhash'] != formhash()) {
		showmessage('delete_pm_error_option');
	}

	$gpmid = is_array($_GET['deletepm_gpmid']) ? $_GET['deletepm_gpmid'] : 0;
	$deluid = is_array($_GET['deletepm_deluid']) ? $_GET['deletepm_deluid'] : 0;
	$delpmid = is_array($_GET['deletepm_pmid']) ? $_GET['deletepm_pmid'] : 0;
	$delplid = is_array($_GET['deletepm_delplid']) ? $_GET['deletepm_delplid'] : 0;
	$quitplid = is_array($_GET['deletepm_quitplid']) ? $_GET['deletepm_quitplid'] : 0;

	if(empty($gpmid) && empty($deluid) && empty($delpmid) && empty($delplid) && empty($quitplid)) {
		showmessage('delete_pm_error_option');
	}

	if(submitcheck('deletesubmit', 1)) {
		$flag = true;

		if(!empty($gpmid)) {
			$return = C::t('common_member_grouppm')->update($_G['uid'], $gpmid, array('status' => -1));
			$returnurl = 'home.php?mod=space&do=pm&filter=announcepm';
			if(!$return) {
				$flag = false;
			}
		}
		if(!empty($deluid)) {
			$return = uc_pm_deleteuser($_G['uid'], $deluid);
			$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
			if($return <= 0) {
				$flag = false;
			}
		}

		if(!empty($delpmid)) {
			$return = uc_pm_delete($_G['uid'], 'inbox', $delpmid[0]);
			$returnurl = 'home.php?mod=space&do=pm&subop=view&touid='.$touid;
			if($return <= 0) {
				$flag = false;
			}
		}

		if(!empty($delplid)) {
			$return = uc_pm_deletechat($_G['uid'], $delplid, 1);
			$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
			if(!$return) {
				$flag = false;
			}
		}

		if(!empty($quitplid)) {
			$return = uc_pm_deletechat($_G['uid'], $quitplid);
			$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
			if(!$return) {
				$flag = false;
			}
		}

		if($flag) {
			showmessage('delete_pm_success', $returnurl);
		} else {
			showmessage('this_message_could_note_be_option');
		}
	}

} elseif($_GET['op'] == 'send') {

	$waittime = interval_check('post');
	if($waittime > 0) {
		showmessage('message_can_not_send_2', '', array(), array('return' => true));
	}

	cknewuser();

	if(!checkperm('allowsendpm')) {
		showmessage('no_privilege_sendpm', '', array(), array('return' => true));
	}

	if($touid) {
		if(isblacklist($touid)) {
			showmessage('is_blacklist', '', array(), array('return' => true));
		}
	}

	if(submitcheck('pmsubmit')) {
		if(!empty($_POST['username'])) {
			$_POST['users'][] = $_POST['username'];
		}
		$users = empty($_POST['users']) ? array() : $_POST['users'];
		$type = intval($_POST['type']);
		$coef = 1;
		if(!empty($users)) {
			$coef = count($users);
		}

		!($_G['group']['exempt'] & 1) && checklowerlimit('sendpm', 0, $coef);

		$message = (!empty($_POST['messageappend']) ? $_POST['messageappend']."\n" : '').trim($_POST['message']);
		if(empty($message)) {
			showmessage('unable_to_send_air_news', '', array(), array('return' => true));
		}
		$message = censor($message);
		loadcache(array('smilies', 'smileytypes'));
		foreach($_G['cache']['smilies']['replacearray'] AS $key => $smiley) {
			$_G['cache']['smilies']['replacearray'][$key] = '[img]'.$_G['siteurl'].'static/image/smiley/'.$_G['cache']['smileytypes'][$_G['cache']['smilies']['typearray'][$key]]['directory'].'/'.$smiley.'[/img]';
		}
		$message = preg_replace($_G['cache']['smilies']['searcharray'], $_G['cache']['smilies']['replacearray'], $message);
		$subject = '';
		if($type == 1) {
			$subject = dhtmlspecialchars(trim($_POST['subject']));
		}

		include_once libfile('function/friend');
		$return = 0;
		if($touid || $pmid) {
			if($touid) {
				if(($value = getuserbyuid($touid))) {
					$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
					if($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || ($value['onlyacceptfriendpm'] == 1 && friend_check($touid))) {
						$return = sendpm($touid, $subject, $message, '', 0, 0, $type);
					} else {
						showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
					}
				} else {
					showmessage('message_bad_touid', '', array(), array('return' => true));
				}
			} else {
				$topmuid = intval($_GET['topmuid']);
				$return = sendpm($topmuid, $subject, $message, '', $pmid, 0);
			}

		} elseif($users) {
			$newusers = $uidsarr = $membersarr = array();
			if($users) {
				$membersarr = C::t('common_member')->fetch_all_by_username($users);
				foreach($membersarr as $aUsername=>$aUser) {
					$uidsarr[] = $aUser['uid'];
				}
			}
			if(empty($membersarr)) {
				showmessage('message_bad_touser', '', array(), array('return' => true));
			}
			if(isset($membersarr[$_G['uid']])) {
				showmessage('message_can_not_send_to_self', '', array(), array('return' => true));
			}

			friend_check($uidsarr);

			foreach($membersarr as $key => $value) {

				$value['onlyacceptfriendpm'] = $value['onlyacceptfriendpm'] ? $value['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
				if($_G['group']['allowsendallpm'] || $value['onlyacceptfriendpm'] == 2 || ($value['onlyacceptfriendpm'] == 1 && $_G['home_friend_'.$value['uid'].'_'.$_G['uid']])) {
					$newusers[$value['uid']] = $value['username'];
					unset($users[array_search($value['username'], $users)]);
				}
			}

			if(empty($newusers)) {
				showmessage('message_can_not_send_onlyfriend', '', array(), array('return' => true));
			}

			foreach($newusers as $key=>$value) {
				if(isblacklist($key)) {
					showmessage('is_blacklist', '', array(), array('return' => true));
				}
			}
			$coef = count($newusers);
			$return = sendpm(implode(',', $newusers), $subject, $message, '', 0, 1, $type);
		} else {
			showmessage('message_can_not_send_9', '', array(), array('return' => true));
		}

		if($return > 0) {
			include_once libfile('function/stat');
			updatestat('sendpm', 0, $coef);

			C::t('common_member_status')->update($_G['uid'], array('lastpost' => TIMESTAMP));
			!($_G['group']['exempt'] & 1) && updatecreditbyaction('sendpm', 0, array(), '', $coef);
			if(!empty($newusers)) {
				if($type == 1) {
					$returnurl = 'home.php?mod=space&do=pm&filter=privatepm';
				} else {
					$returnurl = 'home.php?mod=space&do=pm';
				}
				showmessage(count($users) ? 'message_send_result' : 'do_success', $returnurl, array('users' => implode(',', $users), 'succeed' => count($newusers)));
			} else {
				if(!defined('IN_MOBILE')) {
					showmessage('do_success', 'home.php?mod=space&do=pm&subop=view&touid='.$touid, array('pmid' => $return), $_G['inajax'] ? array('msgtype' => 3, 'showmsg' => false) : array());
				} else {
					showmessage('do_success', 'home.php?mod=space&do=pm&subop=view'.(intval($_POST['touid']) ? '&touid='.intval($_POST['touid']) : ( intval($_POST['plid']) ? '&plid='.intval($_POST['plid']).'&daterange=1&type=1' : '' )));
				}

			}
		} else {
			if(in_array($return, range(-16, -1))) {
				showmessage('message_can_not_send_'.abs($return));
			} else {
				showmessage('message_can_not_send', '', array(), array('return' => true));
			}
		}
	}

} elseif($_GET['op'] == 'ignore') {

	if(submitcheck('ignoresubmit')) {
		$single = intval($_GET['single']);
		if($single) {
			uc_pm_blackls_add($_G['uid'], $_POST['ignoreuser']);
			showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
		} else {
			uc_pm_blackls_set($_G['uid'], $_POST['ignorelist']);
			showmessage('do_success', 'home.php?mod=space&do=pm&view=ignore', array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
		}
	}

} elseif($_GET['op'] == 'setting') {

	if(submitcheck('settingsubmit')) {
		if(!(intval($_GET['onlyacceptfriendpm']) && intval($_GET['onlyacceptfriendpm']) == $_GET['onlyacceptfriendpm'])) {
			showmessage('pm_onlyacceptfriend_error', 'home.php?mod=space&do=pm&subop=setting');
		}

		uc_pm_blackls_set($_G['uid'], $_POST['ignorelist']);
		$setarr['onlyacceptfriendpm'] = $_GET['onlyacceptfriendpm'];

		C::t('common_member')->update($_G['uid'], $setarr);

		showmessage('do_success_pm', 'home.php?mod=space&do=pm&subop=setting');
	}

} elseif($_GET['op'] == 'pm_report') {

	$waittime = interval_check('post');
	if($waittime > 0) {
		showmessage('operating_too_fast', '', array('waittime' => $waittime), array('return' => true));
	}

	if(!$pmid) {
		showmessage('pm_report_error_nopm');
	}
	if($pmid && submitcheck('pmreportsubmit', 1)) {
		$pms = uc_pm_view($_G['uid'], $pmid);
		$pm = $pms[0];
		if(empty($pm)) {
			showmessage('pm_report_error_nopm');
		}
		if($pm['authorid'] == $_G['uid'] || !$pm['authorid']) {
			showmessage('pm_report_error_nome');
		}
		$pmreportuser = explode(',', $_G['setting']['pmreportuser']);
		if(empty($pmreportuser)) {
			showmessage('pm_report_error_nopmreportuser');
		}

		$pmreportcontent = lang('spacecp', 'pm_report_content', array('reporterid' => $_G['uid'], 'reportername' => $_G['username'], 'uid' => $pm['authorid'], 'username' => $pm['author'], 'message' => $pm['message']));
		foreach($pmreportuser as $key => $value) {
			notification_add($value, 'pmreport', 'pmreportcontent', array('pmreportcontent' => $pmreportcontent), 0);
		}
		showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
	}

} elseif($_GET['op'] == 'pm_ignore') {
	$waittime = interval_check('post');
	if($waittime > 0) {
		showmessage('operating_too_fast', '', array('waittime' => $waittime), array('return' => true));
	}
	$username = $_GET['username'];

	if(!$username || !uc_get_user($username)) {
		showmessage('pm_ignore_error_nopm');
	}

	if(submitcheck('pmignoresubmit')) {
		uc_pm_blackls_add($_G['uid'], addslashes($username));
		showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true));
	}

} elseif($_GET['op'] == 'kickmember') {

	$memberuid = intval($_GET['memberuid']);
	if(!$memberuid) {
		showmessage('pm_kickmember_error_nopm');
	}
	if(submitcheck('pmkickmembersubmit')) {
		uc_pm_kickchatpm($plid, $_G['uid'], $memberuid);
		showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true, 'locationtime' => 3));
	}

} elseif($_GET['op'] == 'appendmember') {

	$memberusername = trim($_GET['memberusername']);
	$members = array();
	if($memberusername) {
		$members = C::t('common_member')->fetch_all_by_username(explode(',', $memberusername));
	}
	if(empty($members)) {
		showmessage('pm_appendkmember_error_nopm');
	}
	if(submitcheck('pmappendmembersubmit')) {
		include_once libfile('function/friend');
		$returns = array();
		foreach($members as $member) {
			$member['onlyacceptfriendpm'] = $member['onlyacceptfriendpm'] ? $member['onlyacceptfriendpm'] : ($_G['setting']['onlyacceptfriendpm'] ? 1 : 2);
			if($_G['group']['allowsendallpm'] || $member['onlyacceptfriendpm'] == 2 || ($member['onlyacceptfriendpm'] == 1 && friend_check($member['uid']))) {
				$return = uc_pm_appendchatpm($plid, $_G['uid'], $member['uid']);
				$returns[] = array('uid' => $member['uid'], 'username' => $member['username'], 'return' => $return);
			} else {
				$returns[] = array('uid' => $member['uid'], 'username' => $member['username'], 'return' => 0);
			}
		}
		$cannotappend = array();
		foreach($returns as $value) {
			if($value['return'] < 0) {
				$cannotappend[] = $value['username'].'('.lang('spacecp', 'message_can_not_send_'.abs($value['return'])).')';
			} elseif($value['return'] == 0) {
				$cannotappend[] = $value['username'].'('.lang('spacecp', 'message_can_not_send_onlyfriend').')';
			}
		}
		if(empty($cannotappend)) {
			showmessage('do_success', dreferer(), array(), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true, 'locationtime' => 3));
		} else {
			showmessage('message_can_not_append_reason', dreferer(), array('cannotappend' => implode('<br />', $cannotappend)), array('showdialog'=>1, 'showmsg' => true, 'closetime' => true, 'locationtime' => 5));
		}
	}

} elseif($_GET['op'] == 'setpmstatus') {

	$gpmids = trim($_GET['gpmids']);
	$plids = trim($_GET['plids']);
	if($gpmids) {
		$gpmidarr = explode(',', $gpmids);
		C::t('common_member_grouppm')->update_to_read_by_unread($_G['uid'], $gpmidarr);
	}
	if($plids) {
		$plidarr = explode(',', $plids);
		uc_pm_readstatus($_G['uid'], array(), $plidarr, 0);
	}
	showmessage('do_success', '', array(), array('msgtype' => 3));

} elseif($_GET['op'] == 'viewpmid') {

	$list = uc_pm_view($_G['uid'], $_GET['pmid']);
	$value = $list[0];
	include template('common/header_ajax');
	include template('home/space_pm_node');
	include template('common/footer_ajax');
	exit;

} elseif($_GET['op'] == 'export') {

	if(!$touid && !$plid) {
		showmessage('pm_export_touser_not_exists');
	}

	if($touid) {
		$list = uc_pm_view($_G['uid'], 0, $touid, 5, 0, 0, 0, 0);
	} else {
		$list = uc_pm_view($_G['uid'], 0, $plid, 5, 0, 0, 1, 1);
		$subject = $list[0]['subject'];
	}

	if(count($list) == 0) {
		showmessage('pm_emport_banned_export');
	}
	$filename = lang('space', 'export_pm').'.html';
	if($touid) {
		if($touser = uc_get_user($touid, 1)) {
			$tousername = $touser[1];
			$filename = $touser[1].'.html';
		}
	}
	$contents = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
	$contents .= '<html xmlns="http://www.w3.org/1999/xhtml">';
	$contents .= '<head><meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'" /><title>'.lang('space', 'pm_export_header').'</title></head>';
	$contents .= '<body>';
	$contents .= lang('space', 'pm_export_header');
	$contents .= "\r\n\r\n================================================================\r\n";
	if($touser) {
		$contents .= lang('space', 'pm_export_touser', array('touser' => '<a href="'.$_G['siteurl'].'home.php?mod=space&uid='.$touser[0].'">'.$touser[1].'</a>'));
		$contents .= "\r\n================================================================\r\n";
	} elseif($subject) {
		$contents .= lang('space', 'pm_export_subject', array('subject' => $subject));
		$contents .= "\r\n================================================================\r\n";
	}
	$contents .= "\r\n";
	foreach($list as $key => $val) {
		$contents .= $val['author']."\t".dgmdate($val['dateline'])."\r\n";
		$contents .= str_replace(array('<br>', '<br />', '&nbsp;'), array("\r\n", "\r\n", ' '), $val['message'])."\r\n\r\n";
	}
	$contents .= '</body></html>';
	$contents = nl2br($contents);

	$filesize = strlen($contents);
	$filename = '"'.(strtolower(CHARSET) == 'utf-8' && strexists($_SERVER['HTTP_USER_AGENT'], 'MSIE') ? urlencode($filename) : $filename).'"';

	dheader('Date: '.gmdate('D, d M Y H:i:s', $val['dateline']).' GMT');
	dheader('Last-Modified: '.gmdate('D, d M Y H:i:s', $val['dateline']).' GMT');
	dheader('Content-Encoding: none');
	dheader('Content-Disposition: attachment; filename='.$filename);

	dheader('Content-Type: application/octet-stream');
	dheader('Content-Length: '.$filesize);

	echo $contents;
	die;

} else {

	cknewuser();

	if(!checkperm('allowsendpm')) {
		showmessage('no_privilege_sendpm');
	}
	$friends = array();
	if($space['friendnum']) {
		$query = C::t('home_friend')->fetch_all_by_uid($_G['uid'], 0, 100, true);
		foreach($query as $value) {
			$value['uid'] = $value['fuid'];
			$value['username'] = daddslashes($value['fusername']);
			$friends[] = $value;
		}
	}
	require_once libfile('function/friend');
	$friendgrouplist = friend_group_list();

	$type = intval($_GET['type']);
}

include_once template("home/spacecp_pm");

?>