Code Coverage for /data/phpBB/includes/ucp/ucp_pm

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total		n/a	0 / 0	0.00% covered (danger)	0.00%	0 / 2	CRAP	0.00% covered (danger)	0.00%	0 / 318
view_message				0.00% covered (danger)	0.00%	0 / 1	6642.00	0.00% covered (danger)	0.00%	0 / 266
get_user_information				0.00% covered (danger)	0.00%	0 / 1	342.00	0.00% covered (danger)	0.00%	0 / 48

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* View private message
24	*/
25	function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
26	{
27	global $user, $template, $auth, $db, $phpbb_container;
28	global $phpbb_root_path, $request, $phpEx, $config, $phpbb_dispatcher;
29
30	$user->add_lang(array('viewtopic', 'memberlist'));
31
32	$msg_id = (int) $msg_id;
33	$folder_id = (int) $folder_id;
34	$author_id = (int) $message_row['author_id'];
35	$view = $request->variable('view', '');
36
37	/**
38	* Modify private message data before it is prepared to be displayed
39	*
40	* @event core.ucp_pm_view_message_before
41	* @var int folder_id ID of the folder the message is in
42	* @var array folder Array with data of user's message folders
43	* @var int msg_id ID of the private message
44	* @var array message_row Array with message data
45	* @var int author_id ID of the message author
46	* @since 3.2.10-RC1
47	* @since 3.3.1-RC1
48	*/
49	$vars = [
50	'folder_id',
51	'folder',
52	'msg_id',
53	'message_row',
54	'author_id',
55	];
56	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_message_before', compact($vars)));
57
58	// Not able to view message, it was deleted by the sender
59	if ($message_row['pm_deleted'])
60	{
61	$meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id");
62	$message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
63
64	$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
65	send_status_line(403, 'Forbidden');
66	trigger_error($message);
67	}
68
69	// Do not allow hold messages to be seen
70	if ($folder_id == PRIVMSGS_HOLD_BOX)
71	{
72	trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
73	}
74
75	// Load the custom profile fields
76	if ($config['load_cpf_pm'])
77	{
78	/* @var $cp \phpbb\profilefields\manager */
79	$cp = $phpbb_container->get('profilefields.manager');
80
81	$profile_fields = $cp->grab_profile_fields_data($author_id);
82	}
83
84	// Assign TO/BCC Addresses to template
85	write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
86
87	$user_info = get_user_information($author_id, $message_row);
88
89	// Parse the message and subject
90	$parse_flags = ($message_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
91	$message = generate_text_for_display($message_row['message_text'], $message_row['bbcode_uid'], $message_row['bbcode_bitfield'], $parse_flags, true);
92
93	// Replace naughty words such as farty pants
94	$message_row['message_subject'] = censor_text($message_row['message_subject']);
95
96	// Editing information
97	if ($message_row['message_edit_count'] && $config['display_last_edited'])
98	{
99	if (!$message_row['message_edit_user'])
100	{
101	$display_username = get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour']);
102	}
103	else
104	{
105	$edit_user_info = get_user_information($message_row['message_edit_user'], false);
106	$display_username = get_username_string('full', $message_row['message_edit_user'], $edit_user_info['username'], $edit_user_info['user_colour']);
107	}
108	$l_edited_by = '<br /><br />' . $user->lang('EDITED_TIMES_TOTAL', (int) $message_row['message_edit_count'], $display_username, $user->format_date($message_row['message_edit_time'], false, true));
109	}
110	else
111	{
112	$l_edited_by = '';
113	}
114
115	// Pull attachment data
116	$display_notice = false;
117	$attachments = array();
118
119	if ($message_row['message_attachment'] && $config['allow_pm_attach'])
120	{
121	if ($auth->acl_get('u_pm_download'))
122	{
123	$sql = 'SELECT *
124	FROM ' . ATTACHMENTS_TABLE . "
125	WHERE post_msg_id = $msg_id
126	AND in_message = 1
127	ORDER BY filetime DESC, post_msg_id ASC";
128	$result = $db->sql_query($sql);
129
130	while ($row = $db->sql_fetchrow($result))
131	{
132	$attachments[] = $row;
133	}
134	$db->sql_freeresult($result);
135
136	// No attachments exist, but message table thinks they do so go ahead and reset attach flags
137	if (!count($attachments))
138	{
139	$sql = 'UPDATE ' . PRIVMSGS_TABLE . "
140	SET message_attachment = 0
141	WHERE msg_id = $msg_id";
142	$db->sql_query($sql);
143	}
144	}
145	else
146	{
147	$display_notice = true;
148	}
149	}
150
151	// Assign inline attachments
152	if (!empty($attachments))
153	{
154	$update_count = array();
155	parse_attachments(false, $message, $attachments, $update_count);
156
157	// Update the attachment download counts
158	if (count($update_count))
159	{
160	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
161	SET download_count = download_count + 1
162	WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
163	$db->sql_query($sql);
164	}
165	}
166
167	$user_info['sig'] = '';
168
169	$signature = ($message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs')) ? $user_info['user_sig'] : '';
170
171	// End signature parsing, only if needed
172	if ($signature)
173	{
174	$parse_flags = ($user_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
175	$signature = generate_text_for_display($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield'], $parse_flags, true);
176	}
177
178	$url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm');
179
180	// Number of "to" recipients
181	$num_recipients = (int) preg_match_all('/:?(u\|g)_([0-9]+):?/', $message_row['to_address'], $match);
182
183	$bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false;
184
185	// Get the profile fields template data
186	$cp_row = array();
187	if ($config['load_cpf_pm'] && isset($profile_fields[$author_id]))
188	{
189	// Filter the fields we don't want to show
190	foreach ($profile_fields[$author_id] as $used_ident => $profile_field)
191	{
192	if (!$profile_field['data']['field_show_on_pm'])
193	{
194	unset($profile_fields[$author_id][$used_ident]);
195	}
196	}
197
198	if (isset($profile_fields[$author_id]))
199	{
200	$cp_row = $cp->generate_profile_fields_template_data($profile_fields[$author_id]);
201	}
202	}
203
204	$u_pm = $u_jabber = '';
205
206	if ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] \|\| $auth->acl_gets('a_', 'm_') \|\| $auth->acl_getf_global('m_')))
207	{
208	$u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id);
209	}
210
211	if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim'))
212	{
213	$u_jabber = append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=contact&action=jabber&u=' . $author_id);
214	}
215
216	$can_edit_pm = ($message_row['message_time'] > time() - ($config['pm_edit_time'] * 60) \|\| !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit');
217
218	$msg_data = array(
219	'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
220	'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
221	'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
222	'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
223
224	'RANK_TITLE' => $user_info['rank_title'],
225	'RANK_IMG' => $user_info['rank_image'],
226	'AUTHOR_AVATAR' => (isset($user_info['avatar'])) ? $user_info['avatar'] : '',
227	'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']),
228	'AUTHOR_POSTS' => (int) $user_info['user_posts'],
229	'U_AUTHOR_POSTS' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$author_id&sr=posts") : '',
230	'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])),
231
232	'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])),
233	'S_ONLINE' => (!$config['load_onlinetrack']) ? false : ((isset($user_info['online']) && $user_info['online']) ? true : false),
234	'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']),
235	'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']),
236	'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']),
237	'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']),
238	'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']),
239	'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']),
240	'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'),
241	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']),
242	'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']),
243
244	'SENT_DATE' => ($view == 'print') ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']),
245	'SUBJECT' => $message_row['message_subject'],
246	'MESSAGE' => $message,
247	'SIGNATURE' => ($message_row['enable_sig']) ? $signature : '',
248	'EDITED_MESSAGE' => $l_edited_by,
249	'MESSAGE_ID' => $message_row['msg_id'],
250
251	'U_PM' => $u_pm,
252	'U_JABBER' => $u_jabber,
253
254	'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '',
255	'U_EMAIL' => $user_info['email'],
256	'U_REPORT' => ($config['allow_pm_report']) ? $phpbb_container->get('controller.helper')->route('phpbb_report_pm_controller', array('id' => $message_row['msg_id'])) : '',
257	'U_QUOTE' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=quote&f=$folder_id&p=" . $message_row['msg_id'] : '',
258	'U_EDIT' => $can_edit_pm ? "$url&mode=compose&action=edit&f=$folder_id&p=" . $message_row['msg_id'] : '',
259	'U_POST_REPLY_PM' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&p=" . $message_row['msg_id'] : '',
260	'U_POST_REPLY_ALL' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&reply_to_all=1&p=" . $message_row['msg_id'] : '',
261	'U_PREVIOUS_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=previous",
262	'U_NEXT_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=next",
263
264	'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'],
265
266	'S_HAS_ATTACHMENTS' => (count($attachments)) ? true : false,
267	'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'],
268	'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false,
269	'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)),
270	'S_PM_RECIPIENTS' => $num_recipients,
271	'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0,
272	'S_CUSTOM_FIELDS' => (!empty($cp_row['row'])) ? true : false,
273
274	'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '',
275	'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '',
276	);
277
278	/**
279	* Modify pm and sender data before it is assigned to the template
280	*
281	* @event core.ucp_pm_view_messsage
282	* @var mixed id Active module category (can be int or string)
283	* @var string mode Active module
284	* @var int folder_id ID of the folder the message is in
285	* @var int msg_id ID of the private message
286	* @var array folder Array with data of user's message folders
287	* @var array message_row Array with message data
288	* @var array cp_row Array with senders custom profile field data
289	* @var array msg_data Template array with message data
290	* @var array user_info User data of the sender
291	* @since 3.1.0-a1
292	* @changed 3.1.6-RC1 Added user_info into event
293	* @changed 3.2.2-RC1 Deprecated
294	* @deprecated 4.0.0 Event name is misspelled and is replaced with new event with correct name
295	*/
296	$vars = array(
297	'id',
298	'mode',
299	'folder_id',
300	'msg_id',
301	'folder',
302	'message_row',
303	'cp_row',
304	'msg_data',
305	'user_info',
306	);
307	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars)));
308
309	/**
310	* Modify pm and sender data before it is assigned to the template
311	*
312	* @event core.ucp_pm_view_message
313	* @var mixed id Active module category (can be int or string)
314	* @var string mode Active module
315	* @var int folder_id ID of the folder the message is in
316	* @var int msg_id ID of the private message
317	* @var array folder Array with data of user's message folders
318	* @var array message_row Array with message data
319	* @var array cp_row Array with senders custom profile field data
320	* @var array msg_data Template array with message data
321	* @var array user_info User data of the sender
322	* @var array attachments Attachments data
323	* @since 3.2.2-RC1
324	* @changed 3.2.5-RC1 Added attachments
325	*/
326	$vars = array(
327	'id',
328	'mode',
329	'folder_id',
330	'msg_id',
331	'folder',
332	'message_row',
333	'cp_row',
334	'msg_data',
335	'user_info',
336	'attachments',
337	);
338	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_message', compact($vars)));
339
340	$template->assign_vars($msg_data);
341
342	$contact_fields = array(
343	array(
344	'ID' => 'pm',
345	'NAME' => $user->lang['SEND_PRIVATE_MESSAGE'],
346	'U_CONTACT' => $u_pm,
347	),
348	array(
349	'ID' => 'email',
350	'NAME' => $user->lang['SEND_EMAIL'],
351	'U_CONTACT' => $user_info['email'],
352	),
353	array(
354	'ID' => 'jabber',
355	'NAME' => $user->lang['JABBER'],
356	'U_CONTACT' => $u_jabber,
357	),
358	);
359
360	foreach ($contact_fields as $field)
361	{
362	if ($field['U_CONTACT'])
363	{
364	$template->assign_block_vars('contact', $field);
365	}
366	}
367
368	// Display the custom profile fields
369	if (!empty($cp_row['row']))
370	{
371	$template->assign_vars($cp_row['row']);
372
373	foreach ($cp_row['blockrow'] as $cp_block_row)
374	{
375	$template->assign_block_vars('custom_fields', $cp_block_row);
376
377	if ($cp_block_row['S_PROFILE_CONTACT'])
378	{
379	$template->assign_block_vars('contact', array(
380	'ID' => $cp_block_row['PROFILE_FIELD_IDENT'],
381	'NAME' => $cp_block_row['PROFILE_FIELD_NAME'],
382	'U_CONTACT' => $cp_block_row['PROFILE_FIELD_CONTACT'],
383	));
384	}
385	}
386	}
387
388	// Display not already displayed Attachments for this post, we already parsed them. ;)
389	if (isset($attachments) && count($attachments))
390	{
391	foreach ($attachments as $attachment)
392	{
393	$template->assign_block_vars('attachment', array(
394	'DISPLAY_ATTACHMENT' => $attachment)
395	);
396	}
397	}
398
399	if (!isset($_REQUEST['view']) \|\| $request->variable('view', '') != 'print')
400	{
401	// Message History
402	if (message_history($msg_id, $user->data['user_id'], $message_row, $folder))
403	{
404	$template->assign_var('S_DISPLAY_HISTORY', true);
405	}
406	}
407	}
408
409	/**
410	* Get user information (only for message display)
411	*/
412	function get_user_information($user_id, $user_row)
413	{
414	global $db, $auth, $user;
415	global $phpbb_root_path, $phpEx, $config;
416
417	if (!$user_id)
418	{
419	return array();
420	}
421
422	if (empty($user_row))
423	{
424	$sql = 'SELECT *
425	FROM ' . USERS_TABLE . '
426	WHERE user_id = ' . (int) $user_id;
427	$result = $db->sql_query($sql);
428	$user_row = $db->sql_fetchrow($result);
429	$db->sql_freeresult($result);
430	}
431
432	// Some standard values
433	$user_row['online'] = false;
434	$user_row['rank_title'] = $user_row['rank_image'] = $user_row['rank_image_src'] = $user_row['email'] = '';
435
436	// Generate online information for user
437	if ($config['load_onlinetrack'])
438	{
439	$sql = 'SELECT session_user_id, MAX(session_time) as online_time, MIN(session_viewonline) AS viewonline
440	FROM ' . SESSIONS_TABLE . "
441	WHERE session_user_id = $user_id
442	GROUP BY session_user_id";
443	$result = $db->sql_query_limit($sql, 1);
444	$row = $db->sql_fetchrow($result);
445	$db->sql_freeresult($result);
446
447	$update_time = $config['load_online_time'] * 60;
448	if ($row)
449	{
450	$user_row['online'] = (time() - $update_time < $row['online_time'] && ($row['viewonline'] \|\| $auth->acl_get('u_viewonline'))) ? true : false;
451	}
452	}
453
454	$user_row['avatar'] = ($user->optionget('viewavatars')) ? phpbb_get_user_avatar($user_row) : '';
455
456	if (!function_exists('phpbb_get_user_rank'))
457	{
458	include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
459	}
460
461	$user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']);
462	$user_row['rank_title'] = $user_rank_data['title'];
463	$user_row['rank_image'] = $user_rank_data['img'];
464	$user_row['rank_image_src'] = $user_rank_data['img_src'];
465
466	if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) \|\| $auth->acl_get('a_email'))
467	{
468	$user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id") : ((($config['board_hide_emails'] && !$auth->acl_get('a_email')) \|\| empty($user_row['user_email'])) ? '' : 'mailto:' . $user_row['user_email']);
469	}
470
471	return $user_row;
472	}