Code Coverage for /data/phpBB/includes/ucp/ucp_pm

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 231	0.00% covered (danger)	0.00%	0 / 2	CRAP		n/a	0 / 0
view_message	0.00% covered (danger)	0.00%	0 / 194	0.00% covered (danger)	0.00%	0 / 1	6162
get_user_information	0.00% covered (danger)	0.00%	0 / 35	0.00% covered (danger)	0.00%	0 / 1	342

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* View private message
24	*/
25	function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
26	{
27	global $user, $template, $auth, $db, $phpbb_container;
28	global $phpbb_root_path, $request, $phpEx, $config, $phpbb_dispatcher;
29
30	$user->add_lang(array('viewtopic', 'memberlist'));
31
32	$msg_id = (int) $msg_id;
33	$folder_id = (int) $folder_id;
34	$author_id = (int) $message_row['author_id'];
35	$view = $request->variable('view', '');
36
37	/**
38	* Modify private message data before it is prepared to be displayed
39	*
40	* @event core.ucp_pm_view_message_before
41	* @var int folder_id ID of the folder the message is in
42	* @var array folder Array with data of user's message folders
43	* @var int msg_id ID of the private message
44	* @var array message_row Array with message data
45	* @var int author_id ID of the message author
46	* @since 3.2.10-RC1
47	* @since 3.3.1-RC1
48	*/
49	$vars = [
50	'folder_id',
51	'folder',
52	'msg_id',
53	'message_row',
54	'author_id',
55	];
56	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_message_before', compact($vars)));
57
58	// Not able to view message, it was deleted by the sender
59	if ($message_row['pm_deleted'])
60	{
61	$meta_info = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&folder=$folder_id");
62	$message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
63
64	$message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
65	send_status_line(403, 'Forbidden');
66	trigger_error($message);
67	}
68
69	// Do not allow hold messages to be seen
70	if ($folder_id == PRIVMSGS_HOLD_BOX)
71	{
72	trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
73	}
74
75	// Load the custom profile fields
76	if ($config['load_cpf_pm'])
77	{
78	/* @var $cp \phpbb\profilefields\manager */
79	$cp = $phpbb_container->get('profilefields.manager');
80
81	$profile_fields = $cp->grab_profile_fields_data($author_id);
82	}
83
84	// Assign TO/BCC Addresses to template
85	write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
86
87	$user_info = get_user_information($author_id, $message_row);
88
89	// Parse the message and subject
90	$parse_flags = ($message_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
91	$message = generate_text_for_display($message_row['message_text'], $message_row['bbcode_uid'], $message_row['bbcode_bitfield'], $parse_flags, true);
92
93	// Replace naughty words such as farty pants
94	$message_row['message_subject'] = censor_text($message_row['message_subject']);
95
96	// Editing information
97	if ($message_row['message_edit_count'] && $config['display_last_edited'])
98	{
99	if (!$message_row['message_edit_user'])
100	{
101	$display_username = get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour']);
102	}
103	else
104	{
105	$edit_user_info = get_user_information($message_row['message_edit_user'], false);
106	$display_username = get_username_string('full', $message_row['message_edit_user'], $edit_user_info['username'], $edit_user_info['user_colour']);
107	}
108	$l_edited_by = '<br /><br />' . $user->lang('EDITED_TIMES_TOTAL', (int) $message_row['message_edit_count'], $display_username, $user->format_date($message_row['message_edit_time'], false, true));
109	}
110	else
111	{
112	$l_edited_by = '';
113	}
114
115	// Pull attachment data
116	$display_notice = false;
117	$attachments = array();
118
119	if ($message_row['message_attachment'] && $config['allow_pm_attach'])
120	{
121	if ($auth->acl_get('u_pm_download'))
122	{
123	$sql = 'SELECT *
124	FROM ' . ATTACHMENTS_TABLE . "
125	WHERE post_msg_id = $msg_id
126	AND in_message = 1
127	ORDER BY filetime DESC, post_msg_id ASC";
128	$result = $db->sql_query($sql);
129
130	while ($row = $db->sql_fetchrow($result))
131	{
132	$attachments[] = $row;
133	}
134	$db->sql_freeresult($result);
135
136	// No attachments exist, but message table thinks they do so go ahead and reset attach flags
137	if (!count($attachments))
138	{
139	$sql = 'UPDATE ' . PRIVMSGS_TABLE . "
140	SET message_attachment = 0
141	WHERE msg_id = $msg_id";
142	$db->sql_query($sql);
143	}
144	}
145	else
146	{
147	$display_notice = true;
148	}
149	}
150
151	// Assign inline attachments
152	if (!empty($attachments))
153	{
154	$update_count = array();
155	parse_attachments(false, $message, $attachments, $update_count);
156
157	// Update the attachment download counts
158	if (count($update_count))
159	{
160	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
161	SET download_count = download_count + 1
162	WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
163	$db->sql_query($sql);
164	}
165	}
166
167	$user_info['sig'] = '';
168
169	$signature = ($message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs')) ? $user_info['user_sig'] : '';
170
171	// End signature parsing, only if needed
172	if ($signature)
173	{
174	$parse_flags = ($user_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) \| OPTION_FLAG_SMILIES;
175	$signature = generate_text_for_display($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield'], $parse_flags, true);
176	}
177
178	$url = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm');
179
180	// Number of "to" recipients
181	$num_recipients = (int) preg_match_all('/:?(u\|g)_([0-9]+):?/', $message_row['to_address'], $match);
182
183	$bbcode_status = ($config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode')) ? true : false;
184
185	// Get the profile fields template data
186	$cp_row = array();
187	if ($config['load_cpf_pm'] && isset($profile_fields[$author_id]))
188	{
189	// Filter the fields we don't want to show
190	foreach ($profile_fields[$author_id] as $used_ident => $profile_field)
191	{
192	if (!$profile_field['data']['field_show_on_pm'])
193	{
194	unset($profile_fields[$author_id][$used_ident]);
195	}
196	}
197
198	if (isset($profile_fields[$author_id]))
199	{
200	$cp_row = $cp->generate_profile_fields_template_data($profile_fields[$author_id]);
201	}
202	}
203
204	$u_pm = '';
205
206	if ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] \|\| $auth->acl_gets('a_', 'm_') \|\| $auth->acl_getf_global('m_')))
207	{
208	$u_pm = append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&mode=compose&u=' . $author_id);
209	}
210
211	$can_edit_pm = ($message_row['message_time'] > time() - ($config['pm_edit_time'] * 60) \|\| !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit');
212
213	$msg_data = array(
214	'MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
215	'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
216	'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
217	'MESSAGE_AUTHOR_ID' => $author_id,
218	'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']),
219
220	'RANK_TITLE' => $user_info['rank_title'],
221	'RANK_IMG' => $user_info['rank_image'],
222	'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']),
223	'AUTHOR_POSTS' => (int) $user_info['user_posts'],
224	'U_AUTHOR_POSTS' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id=$author_id&sr=posts") : '',
225	'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])),
226
227	'ONLINE_IMG' => (!$config['load_onlinetrack']) ? '' : ((isset($user_info['online']) && $user_info['online']) ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])),
228	'S_ONLINE' => (!$config['load_onlinetrack']) ? false : ((isset($user_info['online']) && $user_info['online']) ? true : false),
229	'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']),
230	'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']),
231	'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']),
232	'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']),
233	'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']),
234	'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']),
235	'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'),
236	'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']),
237	'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']),
238
239	'SENT_DATE' => ($view == 'print') ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']),
240	'SUBJECT' => $message_row['message_subject'],
241	'MESSAGE' => $message,
242	'SIGNATURE' => ($message_row['enable_sig']) ? $signature : '',
243	'EDITED_MESSAGE' => $l_edited_by,
244	'MESSAGE_ID' => $message_row['msg_id'],
245
246	'U_PM' => $u_pm,
247
248	'U_DELETE' => ($auth->acl_get('u_pm_delete')) ? "$url&mode=compose&action=delete&f=$folder_id&p=" . $message_row['msg_id'] : '',
249	'U_EMAIL' => $user_info['email'],
250	'U_REPORT' => ($config['allow_pm_report']) ? $phpbb_container->get('controller.helper')->route('phpbb_report_pm_controller', array('id' => $message_row['msg_id'])) : '',
251	'U_QUOTE' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=quote&f=$folder_id&p=" . $message_row['msg_id'] : '',
252	'U_EDIT' => $can_edit_pm ? "$url&mode=compose&action=edit&f=$folder_id&p=" . $message_row['msg_id'] : '',
253	'U_POST_REPLY_PM' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&p=" . $message_row['msg_id'] : '',
254	'U_POST_REPLY_ALL' => ($auth->acl_get('u_sendpm') && $author_id != ANONYMOUS) ? "$url&mode=compose&action=reply&f=$folder_id&reply_to_all=1&p=" . $message_row['msg_id'] : '',
255	'U_PREVIOUS_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=previous",
256	'U_NEXT_PM' => "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=next",
257
258	'U_PM_ACTION' => $url . '&mode=compose&f=' . $folder_id . '&p=' . $message_row['msg_id'],
259
260	'S_HAS_ATTACHMENTS' => (count($attachments)) ? true : false,
261	'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'],
262	'S_AUTHOR_DELETED' => ($author_id == ANONYMOUS) ? true : false,
263	'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)),
264	'S_PM_RECIPIENTS' => $num_recipients,
265	'S_BBCODE_ALLOWED' => ($bbcode_status) ? 1 : 0,
266	'S_CUSTOM_FIELDS' => (!empty($cp_row['row'])) ? true : false,
267
268	'U_PRINT_PM' => ($config['print_pm'] && $auth->acl_get('u_pm_printpm')) ? "$url&f=$folder_id&p=" . $message_row['msg_id'] . "&view=print" : '',
269	'U_FORWARD_PM' => ($config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward')) ? "$url&mode=compose&action=forward&f=$folder_id&p=" . $message_row['msg_id'] : '',
270	);
271
272	if (!empty($user_info['avatar']))
273	{
274	/** @var \phpbb\avatar\helper $avatar_helper */
275	$avatar_helper = $phpbb_container->get('avatar.helper');
276
277	$avatar_data = $avatar_helper->get_template_vars($user_info['avatar'], 'AUTHOR_');
278	$msg_data = array_merge($msg_data, $avatar_data);
279	}
280
281	/**
282	* Modify pm and sender data before it is assigned to the template
283	*
284	* @event core.ucp_pm_view_messsage
285	* @var mixed id Active module category (can be int or string)
286	* @var string mode Active module
287	* @var int folder_id ID of the folder the message is in
288	* @var int msg_id ID of the private message
289	* @var array folder Array with data of user's message folders
290	* @var array message_row Array with message data
291	* @var array cp_row Array with senders custom profile field data
292	* @var array msg_data Template array with message data
293	* @var array user_info User data of the sender
294	* @since 3.1.0-a1
295	* @changed 3.1.6-RC1 Added user_info into event
296	* @changed 3.2.2-RC1 Deprecated
297	* @deprecated 4.0.0 Event name is misspelled and is replaced with new event with correct name
298	*/
299	$vars = array(
300	'id',
301	'mode',
302	'folder_id',
303	'msg_id',
304	'folder',
305	'message_row',
306	'cp_row',
307	'msg_data',
308	'user_info',
309	);
310	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars)));
311
312	/**
313	* Modify pm and sender data before it is assigned to the template
314	*
315	* @event core.ucp_pm_view_message
316	* @var mixed id Active module category (can be int or string)
317	* @var string mode Active module
318	* @var int folder_id ID of the folder the message is in
319	* @var int msg_id ID of the private message
320	* @var array folder Array with data of user's message folders
321	* @var array message_row Array with message data
322	* @var array cp_row Array with senders custom profile field data
323	* @var array msg_data Template array with message data
324	* @var array user_info User data of the sender
325	* @var array attachments Attachments data
326	* @since 3.2.2-RC1
327	* @changed 3.2.5-RC1 Added attachments
328	*/
329	$vars = array(
330	'id',
331	'mode',
332	'folder_id',
333	'msg_id',
334	'folder',
335	'message_row',
336	'cp_row',
337	'msg_data',
338	'user_info',
339	'attachments',
340	);
341	extract($phpbb_dispatcher->trigger_event('core.ucp_pm_view_message', compact($vars)));
342
343	$template->assign_vars($msg_data);
344
345	$contact_fields = array(
346	array(
347	'ID' => 'pm',
348	'NAME' => $user->lang['SEND_PRIVATE_MESSAGE'],
349	'U_CONTACT' => $u_pm,
350	),
351	array(
352	'ID' => 'email',
353	'NAME' => $user->lang['SEND_EMAIL'],
354	'U_CONTACT' => $user_info['email'],
355	),
356	);
357
358	foreach ($contact_fields as $field)
359	{
360	if ($field['U_CONTACT'])
361	{
362	$template->assign_block_vars('contact', $field);
363	}
364	}
365
366	// Display the custom profile fields
367	if (!empty($cp_row['row']))
368	{
369	$template->assign_vars($cp_row['row']);
370
371	foreach ($cp_row['blockrow'] as $cp_block_row)
372	{
373	$template->assign_block_vars('custom_fields', $cp_block_row);
374
375	if ($cp_block_row['S_PROFILE_CONTACT'])
376	{
377	$template->assign_block_vars('contact', array(
378	'ID' => $cp_block_row['PROFILE_FIELD_IDENT'],
379	'NAME' => $cp_block_row['PROFILE_FIELD_NAME'],
380	'U_CONTACT' => $cp_block_row['PROFILE_FIELD_CONTACT'],
381	));
382	}
383	}
384	}
385
386	// Display not already displayed Attachments for this post, we already parsed them. ;)
387	if (isset($attachments) && count($attachments))
388	{
389	foreach ($attachments as $attachment)
390	{
391	$template->assign_block_vars('attachment', array(
392	'DISPLAY_ATTACHMENT' => $attachment)
393	);
394	}
395	}
396
397	if (!isset($_REQUEST['view']) \|\| $request->variable('view', '') != 'print')
398	{
399	// Message History
400	if (message_history($msg_id, $user->data['user_id'], $message_row, $folder))
401	{
402	$template->assign_var('S_DISPLAY_HISTORY', true);
403	}
404	}
405	}
406
407	/**
408	* Get user information (only for message display)
409	*/
410	function get_user_information($user_id, $user_row)
411	{
412	global $db, $auth, $user, $phpbb_container;
413	global $phpbb_root_path, $phpEx, $config;
414
415	if (!$user_id)
416	{
417	return array();
418	}
419
420	if (empty($user_row))
421	{
422	$sql = 'SELECT *
423	FROM ' . USERS_TABLE . '
424	WHERE user_id = ' . (int) $user_id;
425	$result = $db->sql_query($sql);
426	$user_row = $db->sql_fetchrow($result);
427	$db->sql_freeresult($result);
428	}
429
430	// Some standard values
431	$user_row['online'] = false;
432	$user_row['rank_title'] = $user_row['rank_image'] = $user_row['rank_image_src'] = $user_row['email'] = '';
433
434	// Generate online information for user
435	if ($config['load_onlinetrack'])
436	{
437	$sql = 'SELECT session_user_id, MAX(session_time) as online_time, MIN(session_viewonline) AS viewonline
438	FROM ' . SESSIONS_TABLE . "
439	WHERE session_user_id = $user_id
440	GROUP BY session_user_id";
441	$result = $db->sql_query_limit($sql, 1);
442	$row = $db->sql_fetchrow($result);
443	$db->sql_freeresult($result);
444
445	$update_time = $config['load_online_time'] * 60;
446	if ($row)
447	{
448	$user_row['online'] = (time() - $update_time < $row['online_time'] && ($row['viewonline'] \|\| $auth->acl_get('u_viewonline'))) ? true : false;
449	}
450	}
451
452	/** @var \phpbb\avatar\helper $avatar_helper */
453	$avatar_helper = $phpbb_container->get('avatar.helper');
454
455	$user_row['avatar'] = ($user->optionget('viewavatars')) ? $avatar_helper->get_user_avatar($user_row) : [];
456
457	if (!function_exists('phpbb_get_user_rank'))
458	{
459	include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
460	}
461
462	$user_rank_data = phpbb_get_user_rank($user_row, $user_row['user_posts']);
463	$user_row['rank_title'] = $user_rank_data['title'];
464	$user_row['rank_image'] = $user_rank_data['img'];
465	$user_row['rank_image_src'] = $user_rank_data['img_src'];
466
467	if ((!empty($user_row['user_allow_viewemail']) && $auth->acl_get('u_sendemail')) \|\| $auth->acl_get('a_email'))
468	{
469	$user_row['email'] = ($config['board_email_form'] && $config['email_enable']) ? append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=email&u=$user_id") : ((($config['board_hide_emails'] && !$auth->acl_get('a_email')) \|\| empty($user_row['user_email'])) ? '' : 'mailto:' . $user_row['user_email']);
470	}
471
472	return $user_row;
473	}