Code Coverage for /data/phpBB/includes/ucp/ucp

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 313
ucp_pm	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	5112	0.00% covered (danger)	0.00%	0 / 309
main				0.00% covered (danger)	0.00%	0 / 1	5112	0.00% covered (danger)	0.00%	0 / 309

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* Private Message Class
24	*
25	* $_REQUEST['folder'] display folder with the id used
26	* $_REQUEST['folder'] inbox\|outbox\|sentbox display folder with the associated name
27	*
28	* Display Messages (default to inbox) - mode=view
29	* Display single message - mode=view&p=[msg_id] or &p=[msg_id] (short linkage)
30	*
31	* if the folder id with (&f=[folder_id]) is used when displaying messages, one query will be saved. If it is not used, phpBB needs to grab
32	* the folder id first in order to display the input boxes and folder names and such things. ;) phpBB always checks this against the database to make
33	* sure the user is able to view the message.
34	*
35	* Composing Messages (mode=compose):
36	* To specific user (u=[user_id])
37	* To specific group (g=[group_id])
38	* Quoting a post (action=quotepost&p=[post_id])
39	* Quoting a PM (action=quote&p=[msg_id])
40	* Forwarding a PM (action=forward&p=[msg_id])
41	*/
42	class ucp_pm
43	{
44	var $u_action;
45
46	function main($id, $mode)
47	{
48	global $user, $template, $phpbb_root_path, $auth, $phpEx, $db, $config, $request;
49
50	if (!$user->data['is_registered'])
51	{
52	trigger_error('NO_MESSAGE');
53	}
54
55	// Is PM disabled?
56	if (!$config['allow_privmsg'])
57	{
58	trigger_error('PM_DISABLED');
59	}
60
61	$user->add_lang('posting');
62	$template->assign_var('S_PRIVMSGS', true);
63
64	// Folder directly specified?
65	$folder_specified = $request->variable('folder', '');
66
67	if (!in_array($folder_specified, array('inbox', 'outbox', 'sentbox')))
68	{
69	$folder_specified = (int) $folder_specified;
70	}
71	else
72	{
73	$folder_specified = ($folder_specified == 'inbox') ? PRIVMSGS_INBOX : (($folder_specified == 'outbox') ? PRIVMSGS_OUTBOX : PRIVMSGS_SENTBOX);
74	}
75
76	if (!$folder_specified)
77	{
78	$mode = (!$mode) ? $request->variable('mode', 'view') : $mode;
79	}
80	else
81	{
82	$mode = 'view';
83	}
84
85	if (!function_exists('get_folder'))
86	{
87	include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
88	}
89
90	switch ($mode)
91	{
92	// Compose message
93	case 'compose':
94	$action = $request->variable('action', 'post');
95
96	$user_folders = get_folder($user->data['user_id']);
97
98	if ($action != 'delete' && !$auth->acl_get('u_sendpm'))
99	{
100	// trigger_error('NO_AUTH_SEND_MESSAGE');
101	$template->assign_vars(array(
102	'S_NO_AUTH_SEND_MESSAGE' => true,
103	'S_COMPOSE_PM_VIEW' => true,
104	));
105
106	$tpl_file = 'ucp_pm_viewfolder';
107	break;
108	}
109
110	if (!function_exists('compose_pm'))
111	{
112	include($phpbb_root_path . 'includes/ucp/ucp_pm_compose.' . $phpEx);
113	}
114	compose_pm($id, $mode, $action, $user_folders);
115
116	$tpl_file = 'posting_body';
117	break;
118
119	case 'options':
120	set_user_message_limit();
121	get_folder($user->data['user_id']);
122
123	if (!function_exists('message_options'))
124	{
125	include($phpbb_root_path . 'includes/ucp/ucp_pm_options.' . $phpEx);
126	}
127	message_options($id, $mode, $global_privmsgs_rules, $global_rule_conditions);
128
129	$tpl_file = 'ucp_pm_options';
130	break;
131
132	case 'drafts':
133
134	get_folder($user->data['user_id']);
135	$this->p_name = 'pm';
136
137	if (!class_exists('ucp_main'))
138	{
139	include($phpbb_root_path . 'includes/ucp/ucp_main.' . $phpEx);
140	}
141
142	$module = new ucp_main($this);
143	$module->u_action = $this->u_action;
144	$module->main($id, $mode);
145
146	$this->tpl_name = $module->tpl_name;
147	$this->page_title = 'UCP_PM_DRAFTS';
148
149	unset($module);
150	return;
151
152	break;
153
154	case 'view':
155
156	set_user_message_limit();
157
158	if ($folder_specified)
159	{
160	$folder_id = $folder_specified;
161	$action = 'view_folder';
162	}
163	else
164	{
165	$folder_id = $request->variable('f', PRIVMSGS_NO_BOX);
166	$action = $request->variable('action', 'view_folder');
167	}
168
169	$msg_id = $request->variable('p', 0);
170	$view = $request->variable('view', '');
171
172	// View message if specified
173	if ($msg_id)
174	{
175	$action = 'view_message';
176	}
177
178	if (!$auth->acl_get('u_readpm'))
179	{
180	send_status_line(403, 'Forbidden');
181	trigger_error('NO_AUTH_READ_MESSAGE');
182	}
183
184	if ($view == 'print' && (!$config['print_pm'] \|\| !$auth->acl_get('u_pm_printpm')))
185	{
186	send_status_line(403, 'Forbidden');
187	trigger_error('NO_AUTH_PRINT_MESSAGE');
188	}
189
190	// Do not allow hold messages to be seen
191	if ($folder_id == PRIVMSGS_HOLD_BOX)
192	{
193	trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
194	}
195
196	add_form_key('ucp_pm_view');
197
198	// First Handle Mark actions and moving messages
199	$submit_mark = (isset($_POST['submit_mark'])) ? true : false;
200	$move_pm = (isset($_POST['move_pm'])) ? true : false;
201	$mark_option = $request->variable('mark_option', '');
202	$dest_folder = $request->variable('dest_folder', PRIVMSGS_NO_BOX);
203
204	// Is moving PM triggered through mark options?
205	if (!in_array($mark_option, array('mark_important', 'delete_marked')) && $submit_mark)
206	{
207	$move_pm = true;
208	$dest_folder = (int) $mark_option;
209	$submit_mark = false;
210	}
211
212	// Move PM
213	if ($move_pm)
214	{
215	if (!check_form_key('ucp_pm_view'))
216	{
217	trigger_error('FORM_INVALID');
218	}
219
220	$move_msg_ids = (isset($_POST['marked_msg_id'])) ? $request->variable('marked_msg_id', array(0)) : array();
221	$cur_folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX);
222
223	if (move_pm($user->data['user_id'], $user->data['message_limit'], $move_msg_ids, $dest_folder, $cur_folder_id))
224	{
225	// Return to folder view if single message moved
226	if ($action == 'view_message')
227	{
228	$msg_id = 0;
229	$folder_id = $request->variable('cur_folder_id', PRIVMSGS_NO_BOX);
230	$action = 'view_folder';
231	}
232	}
233	}
234
235	// Message Mark Options
236	if ($submit_mark)
237	{
238	handle_mark_actions($user->data['user_id'], $mark_option);
239	}
240
241	// If new messages arrived, place them into the appropriate folder
242	$num_not_moved = $num_removed = 0;
243	$release = $request->variable('release', 0);
244
245	if ($user->data['user_new_privmsg'] && ($action == 'view_folder' \|\| $action == 'view_message'))
246	{
247	$return = place_pm_into_folder($global_privmsgs_rules, $release);
248	$num_not_moved = $return['not_moved'];
249	$num_removed = $return['removed'];
250	}
251
252	if (!$msg_id && $folder_id == PRIVMSGS_NO_BOX)
253	{
254	$folder_id = PRIVMSGS_INBOX;
255	}
256	else if ($msg_id && $folder_id == PRIVMSGS_NO_BOX)
257	{
258	$sql = 'SELECT folder_id
259	FROM ' . PRIVMSGS_TO_TABLE . "
260	WHERE msg_id = $msg_id
261	AND folder_id <> " . PRIVMSGS_NO_BOX . '
262	AND user_id = ' . $user->data['user_id'];
263	$result = $db->sql_query($sql);
264	$row = $db->sql_fetchrow($result);
265	$db->sql_freeresult($result);
266
267	if (!$row)
268	{
269	trigger_error('NO_MESSAGE');
270	}
271	$folder_id = (int) $row['folder_id'];
272	}
273
274	if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read'))
275	{
276	mark_folder_read($user->data['user_id'], $folder_id);
277
278	meta_refresh(3, $this->u_action);
279	$message = $user->lang['PM_MARK_ALL_READ_SUCCESS'];
280
281	if ($request->is_ajax())
282	{
283	$json_response = new \phpbb\json_response();
284	$json_response->send(array(
285	'MESSAGE_TITLE' => $user->lang['INFORMATION'],
286	'MESSAGE_TEXT' => $message,
287	'success' => true,
288	));
289	}
290	$message .= '<br /><br />' . $user->lang('RETURN_UCP', '<a href="' . $this->u_action . '">', '</a>');
291
292	trigger_error($message);
293	}
294
295	$message_row = array();
296	if ($action == 'view_message' && $msg_id)
297	{
298	// Get Message user want to see
299	if ($view == 'next' \|\| $view == 'previous')
300	{
301	$sql_condition = ($view == 'next') ? '>' : '<';
302	$sql_ordering = ($view == 'next') ? 'ASC' : 'DESC';
303
304	$sql = 'SELECT t.msg_id
305	FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . PRIVMSGS_TABLE . " p2
306	WHERE p2.msg_id = $msg_id
307	AND t.folder_id = $folder_id
308	AND t.user_id = " . $user->data['user_id'] . "
309	AND t.msg_id = p.msg_id
310	AND p.message_time $sql_condition p2.message_time
311	ORDER BY p.message_time $sql_ordering";
312	$result = $db->sql_query_limit($sql, 1);
313	$row = $db->sql_fetchrow($result);
314	$db->sql_freeresult($result);
315
316	if (!$row)
317	{
318	$message = ($view == 'next') ? 'NO_NEWER_PM' : 'NO_OLDER_PM';
319	trigger_error($message);
320	}
321	else
322	{
323	$msg_id = $row['msg_id'];
324	}
325	}
326
327	$sql = 'SELECT t., p., u.*
328	FROM ' . PRIVMSGS_TO_TABLE . ' t, ' . PRIVMSGS_TABLE . ' p, ' . USERS_TABLE . ' u
329	WHERE t.user_id = ' . $user->data['user_id'] . "
330	AND p.author_id = u.user_id
331	AND t.folder_id = $folder_id
332	AND t.msg_id = p.msg_id
333	AND p.msg_id = $msg_id";
334	$result = $db->sql_query($sql);
335	$message_row = $db->sql_fetchrow($result);
336	$db->sql_freeresult($result);
337
338	if (!$message_row)
339	{
340	trigger_error('NO_MESSAGE');
341	}
342
343	// Update unread status
344	update_unread_status($message_row['pm_unread'], $message_row['msg_id'], $user->data['user_id'], $folder_id);
345	}
346
347	$folder = get_folder($user->data['user_id'], $folder_id);
348
349	$s_folder_options = $s_to_folder_options = '';
350	foreach ($folder as $f_id => $folder_ary)
351	{
352	$option = '<option' . ((!in_array($f_id, array(PRIVMSGS_INBOX, PRIVMSGS_OUTBOX, PRIVMSGS_SENTBOX))) ? ' class="sep"' : '') . ' value="' . $f_id . '"' . (($f_id == $folder_id) ? ' selected="selected"' : '') . '>' . $folder_ary['folder_name'] . (($folder_ary['unread_messages']) ? ' [' . $folder_ary['unread_messages'] . '] ' : '') . '</option>';
353
354	$s_to_folder_options .= ($f_id != PRIVMSGS_OUTBOX && $f_id != PRIVMSGS_SENTBOX) ? $option : '';
355	$s_folder_options .= $option;
356	}
357	clean_sentbox($folder[PRIVMSGS_SENTBOX]['num_messages']);
358
359	// Header for message view - folder and so on
360	$folder_status = get_folder_status($folder_id, $folder);
361
362	$template->assign_vars(array(
363	'CUR_FOLDER_ID' => $folder_id,
364	'CUR_FOLDER_NAME' => $folder_status['folder_name'],
365	'NUM_NOT_MOVED' => $num_not_moved,
366	'NUM_REMOVED' => $num_removed,
367	'RELEASE_MESSAGE_INFO' => sprintf($user->lang['RELEASE_MESSAGES'], '<a href="' . $this->u_action . '&folder=' . $folder_id . '&release=1">', '</a>'),
368	'NOT_MOVED_MESSAGES' => $user->lang('NOT_MOVED_MESSAGES', (int) $num_not_moved),
369	'RULE_REMOVED_MESSAGES' => $user->lang('RULE_REMOVED_MESSAGES', (int) $num_removed),
370
371	'S_FOLDER_OPTIONS' => $s_folder_options,
372	'S_TO_FOLDER_OPTIONS' => $s_to_folder_options,
373	'S_FOLDER_ACTION' => $this->u_action . '&action=view_folder',
374	'S_PM_ACTION' => $this->u_action . '&action=' . $action,
375
376	'U_INBOX' => $this->u_action . '&folder=inbox',
377	'U_OUTBOX' => $this->u_action . '&folder=outbox',
378	'U_SENTBOX' => $this->u_action . '&folder=sentbox',
379	'U_CREATE_FOLDER' => $this->u_action . '&mode=options',
380	'U_CURRENT_FOLDER' => $this->u_action . '&folder=' . $folder_id,
381	'U_MARK_ALL' => $this->u_action . '&folder=' . $folder_id . '&mark=all&token=' . generate_link_hash('mark_all_pms_read'),
382
383	'S_IN_INBOX' => ($folder_id == PRIVMSGS_INBOX) ? true : false,
384	'S_IN_OUTBOX' => ($folder_id == PRIVMSGS_OUTBOX) ? true : false,
385	'S_IN_SENTBOX' => ($folder_id == PRIVMSGS_SENTBOX) ? true : false,
386
387	'FOLDER_STATUS' => $folder_status['message'],
388	'FOLDER_MAX_MESSAGES' => $folder_status['max'],
389	'FOLDER_CUR_MESSAGES' => $folder_status['cur'],
390	'FOLDER_REMAINING_MESSAGES' => $folder_status['remaining'],
391	'FOLDER_PERCENT' => $folder_status['percent'])
392	);
393
394	if ($action == 'view_folder')
395	{
396	if (!function_exists('view_folder'))
397	{
398	include($phpbb_root_path . 'includes/ucp/ucp_pm_viewfolder.' . $phpEx);
399	}
400	view_folder($id, $mode, $folder_id, $folder);
401
402	$tpl_file = 'ucp_pm_viewfolder';
403	}
404	else if ($action == 'view_message')
405	{
406	$template->assign_vars(array(
407	'S_VIEW_MESSAGE' => true,
408	'L_RETURN_TO_FOLDER' => $user->lang('RETURN_TO', $folder_status['folder_name']),
409	'MSG_ID' => $msg_id,
410	));
411
412	if (!$msg_id)
413	{
414	trigger_error('NO_MESSAGE');
415	}
416
417	if (!function_exists('view_message'))
418	{
419	include($phpbb_root_path . 'includes/ucp/ucp_pm_viewmessage.' . $phpEx);
420	}
421	view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row);
422
423	$tpl_file = ($view == 'print') ? 'ucp_pm_viewmessage_print' : 'ucp_pm_viewmessage';
424	}
425
426	break;
427
428	default:
429	trigger_error('NO_ACTION_MODE', E_USER_ERROR);
430	break;
431	}
432
433	$template->assign_vars(array(
434	'L_TITLE' => $user->lang['UCP_PM_' . strtoupper($mode)],
435	'S_UCP_ACTION' => $this->u_action . ((isset($action)) ? "&action=$action" : ''))
436	);
437
438	// Set desired template
439	$this->tpl_name = $tpl_file;
440	$this->page_title = 'UCP_PM_' . strtoupper($mode);
441	}
442	}