Chris@76: <?php
Chris@76: 
Chris@76: /**
Chris@76:  * Simple Machines Forum (SMF)
Chris@76:  *
Chris@76:  * @package SMF
Chris@76:  * @author Simple Machines http://www.simplemachines.org
Chris@76:  * @copyright 2011 Simple Machines
Chris@76:  * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76:  *
Chris@76:  * @version 2.0
Chris@76:  */
Chris@76: 
Chris@76: if (!defined('SMF'))
Chris@76: 	die('Hacking attempt...');
Chris@76: 
Chris@76: /*	This file contains those functions pertaining to posting, and other such
Chris@76: 	operations, including sending emails, ims, blocking spam, preparsing posts,
Chris@76: 	spell checking, and the post box.  This is done with the following:
Chris@76: 
Chris@76: 	void preparsecode(string &message, boolean previewing = false)
Chris@76: 		- takes a message and parses it, returning nothing.
Chris@76: 		- cleans up links (javascript, etc.) and code/quote sections.
Chris@76: 		- won't convert \n's and a few other things if previewing is true.
Chris@76: 
Chris@76: 	string un_preparsecode(string message)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	void fixTags(string &message)
Chris@76: 		- used by preparsecode, fixes links in message and returns nothing.
Chris@76: 
Chris@76: 	void fixTag(string &message, string myTag, string protocol,
Chris@76: 			bool embeddedUrl = false, bool hasEqualSign = false,
Chris@76: 			bool hasExtra = false)
Chris@76: 		- used by fixTags, fixes a specific tag's links.
Chris@76: 		- myTag is the tag, protocol is http of ftp, embeddedUrl is whether
Chris@76: 		  it *can* be set to something, hasEqualSign is whether it *is*
Chris@76: 		  set to something, and hasExtra is whether it can have extra
Chris@76: 		  cruft after the begin tag.
Chris@76: 
Chris@76: 	bool sendmail(array to, string subject, string message,
Chris@76: 			string message_id = auto, string from = webmaster,
Chris@76: 			bool send_html = false, int priority = 3, bool hotmail_fix = null)
Chris@76: 		- sends an email to the specified recipient.
Chris@76: 		- uses the mail_type setting and the webmaster_email global.
Chris@76: 		- to is he email(s), string or array, to send to.
Chris@76: 		- subject and message are those of the email - expected to have
Chris@76: 		  slashes but not be parsed.
Chris@76: 		- subject is expected to have entities, message is not.
Chris@76: 		- from is a string which masks the address for use with replies.
Chris@76: 		- if message_id is specified, uses that as the local-part of the
Chris@76: 		  Message-ID header.
Chris@76: 		- send_html indicates whether or not the message is HTML vs. plain
Chris@76: 		  text, and does not add any HTML.
Chris@76: 		- returns whether or not the email was sent properly.
Chris@76: 
Chris@76: 	bool AddMailQueue(bool flush = true, array to_array = array(), string subject = '', string message = '',
Chris@76: 		string headers = '', bool send_html = false, int priority = 3)
Chris@76: 		//!!
Chris@76: 
Chris@76: 	array sendpm(array recipients, string subject, string message,
Chris@76: 			bool store_outbox = false, array from = current_member, int pm_head = 0)
Chris@76: 		- sends an personal message from the specified person to the
Chris@76: 		  specified people. (from defaults to the user.)
Chris@76: 		- recipients should be an array containing the arrays 'to' and 'bcc',
Chris@76: 		  both containing id_member's.
Chris@76: 		- subject and message should have no slashes and no html entities.
Chris@76: 		- pm_head is the ID of the chain being replied to - if any.
Chris@76: 		- from is an array, with the id, name, and username of the member.
Chris@76: 		- returns an array with log entries telling how many recipients were
Chris@76: 		  successful and which recipients it failed to send to.
Chris@76: 
Chris@76: 	string mimespecialchars(string text, bool with_charset = true,
Chris@76: 			hotmail_fix = false, string custom_charset = null)
Chris@76: 		- prepare text strings for sending as email.
Chris@76: 		- in case there are higher ASCII characters in the given string, this
Chris@76: 		  function will attempt the transport method 'quoted-printable'.
Chris@76: 		  Otherwise the transport method '7bit' is used.
Chris@76: 		- with hotmail_fix set all higher ASCII characters are converted to
Chris@76: 		  HTML entities to assure proper display of the mail.
Chris@76: 		- uses character set custom_charset if set.
Chris@76: 		- returns an array containing the character set, the converted string
Chris@76: 		  and the transport method.
Chris@76: 
Chris@76: 	bool smtp_mail(array mail_to_array, string subject, string message,
Chris@76: 			string headers)
Chris@76: 		- sends mail, like mail() but over SMTP.  Used internally.
Chris@76: 		- takes email addresses, a subject and message, and any headers.
Chris@76: 		- expects no slashes or entities.
Chris@76: 		- returns whether it sent or not.
Chris@76: 
Chris@76: 	bool server_parse(string message, resource socket, string response)
Chris@76: 		- sends the specified message to the server, and checks for the
Chris@76: 		  expected response. (used internally.)
Chris@76: 		- takes the message to send, socket to send on, and the expected
Chris@76: 		  response code.
Chris@76: 		- returns whether it responded as such.
Chris@76: 
Chris@76: 	void SpellCheck()
Chris@76: 		- spell checks the post for typos ;).
Chris@76: 		- uses the pspell library, which MUST be installed.
Chris@76: 		- has problems with internationalization.
Chris@76: 		- is accessed via ?action=spellcheck.
Chris@76: 
Chris@76: 	void sendNotifications(array topics, string type, array exclude = array(), array members_only = array())
Chris@76: 		- sends a notification to members who have elected to receive emails
Chris@76: 		  when things happen to a topic, such as replies are posted.
Chris@76: 		- uses the Post langauge file.
Chris@76: 		- topics represents the topics the action is happening to.
Chris@76: 		- the type can be any of reply, sticky, lock, unlock, remove, move,
Chris@76: 		  merge, and split.  An appropriate message will be sent for each.
Chris@76: 		- automatically finds the subject and its board, and checks permissions
Chris@76: 		  for each member who is "signed up" for notifications.
Chris@76: 		- will not send 'reply' notifications more than once in a row.
Chris@76: 		- members in the exclude array will not be processed for the topic with the same key.
Chris@76: 		- members_only are the only ones that will be sent the notification if they have it on.
Chris@76: 
Chris@76: 	bool createPost(&array msgOptions, &array topicOptions, &array posterOptions)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	bool createAttachment(&array attachmentOptions)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	bool modifyPost(&array msgOptions, &array topicOptions, &array posterOptions)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	bool approvePosts(array msgs, bool approve)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	array approveTopics(array topics, bool approve)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	void sendApprovalNotifications(array topicData)
Chris@76: 		// !!!
Chris@76: 
Chris@76: 	void updateLastMessages(array id_board's, int id_msg)
Chris@76: 		- takes an array of board IDs and updates their last messages.
Chris@76: 		- if the board has a parent, that parent board is also automatically
Chris@76: 		  updated.
Chris@76: 		- columns updated are id_last_msg and lastUpdated.
Chris@76: 		- note that id_last_msg should always be updated using this function,
Chris@76: 		  and is not automatically updated upon other changes.
Chris@76: 
Chris@76: 	void adminNotify(string type, int memberID, string member_name = null)
Chris@76: 		- sends all admins an email to let them know a new member has joined.
Chris@76: 		- types supported are 'approval', 'activation', and 'standard'.
Chris@76: 		- called by registerMember() function in Subs-Members.php.
Chris@76: 		- email is sent to all groups that have the moderate_forum permission.
Chris@76: 		- uses the Login language file.
Chris@76: 		- the language set by each member is being used (if available).
Chris@76: 
Chris@76: 	Sending emails from SMF:
Chris@76: 	---------------------------------------------------------------------------
Chris@76: 		// !!!
Chris@76: */
Chris@76: 
Chris@76: // Parses some bbc before sending into the database...
Chris@76: function preparsecode(&$message, $previewing = false)
Chris@76: {
Chris@76: 	global $user_info, $modSettings, $smcFunc, $context;
Chris@76: 
Chris@76: 	// This line makes all languages *theoretically* work even with the wrong charset ;).
Chris@76: 	$message = preg_replace('~&amp;#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $message);
Chris@76: 
Chris@76: 	// Clean up after nobbc ;).
Chris@76: 	$message = preg_replace('~\[nobbc\](.+?)\[/nobbc\]~ie', '\'[nobbc]\' . strtr(\'$1\', array(\'[\' => \'&#91;\', \']\' => \'&#93;\', \':\' => \'&#58;\', \'@\' => \'&#64;\')) . \'[/nobbc]\'', $message);
Chris@76: 
Chris@76: 	// Remove \r's... they're evil!
Chris@76: 	$message = strtr($message, array("\r" => ''));
Chris@76: 
Chris@76: 	// You won't believe this - but too many periods upsets apache it seems!
Chris@76: 	$message = preg_replace('~\.{100,}~', '...', $message);
Chris@76: 
Chris@76: 	// Trim off trailing quotes - these often happen by accident.
Chris@76: 	while (substr($message, -7) == '[quote]')
Chris@76: 		$message = substr($message, 0, -7);
Chris@76: 	while (substr($message, 0, 8) == '[/quote]')
Chris@76: 		$message = substr($message, 8);
Chris@76: 
Chris@76: 	// Find all code blocks, work out whether we'd be parsing them, then ensure they are all closed.
Chris@76: 	$in_tag = false;
Chris@76: 	$had_tag = false;
Chris@76: 	$codeopen = 0;
Chris@76: 	if (preg_match_all('~(\[(/)*code(?:=[^\]]+)?\])~is', $message, $matches))
Chris@76: 		foreach ($matches[0] as $index => $dummy)
Chris@76: 		{
Chris@76: 			// Closing?
Chris@76: 			if (!empty($matches[2][$index]))
Chris@76: 			{
Chris@76: 				// If it's closing and we're not in a tag we need to open it...
Chris@76: 				if (!$in_tag)
Chris@76: 					$codeopen = true;
Chris@76: 				// Either way we ain't in one any more.
Chris@76: 				$in_tag = false;
Chris@76: 			}
Chris@76: 			// Opening tag...
Chris@76: 			else
Chris@76: 			{
Chris@76: 				$had_tag = true;
Chris@76: 				// If we're in a tag don't do nought!
Chris@76: 				if (!$in_tag)
Chris@76: 					$in_tag = true;
Chris@76: 			}
Chris@76: 		}
Chris@76: 
Chris@76: 	// If we have an open tag, close it.
Chris@76: 	if ($in_tag)
Chris@76: 		$message .= '[/code]';
Chris@76: 	// Open any ones that need to be open, only if we've never had a tag.
Chris@76: 	if ($codeopen && !$had_tag)
Chris@76: 		$message = '[code]' . $message;
Chris@76: 
Chris@76: 	// Now that we've fixed all the code tags, let's fix the img and url tags...
Chris@76: 	$parts = preg_split('~(\[/code\]|\[code(?:=[^\]]+)?\])~i', $message, -1, PREG_SPLIT_DELIM_CAPTURE);
Chris@76: 
Chris@76: 	// The regular expression non breaking space has many versions.
Chris@76: 	$non_breaking_space = $context['utf8'] ? ($context['server']['complex_preg_chars'] ? '\x{A0}' : "\xC2\xA0") : '\xA0';
Chris@76: 
Chris@76: 	// Only mess with stuff outside [code] tags.
Chris@76: 	for ($i = 0, $n = count($parts); $i < $n; $i++)
Chris@76: 	{
Chris@76: 		// It goes 0 = outside, 1 = begin tag, 2 = inside, 3 = close tag, repeat.
Chris@76: 		if ($i % 4 == 0)
Chris@76: 		{
Chris@76: 			fixTags($parts[$i]);
Chris@76: 
Chris@76: 			// Replace /me.+?\n with [me=name]dsf[/me]\n.
Chris@76: 			if (strpos($user_info['name'], '[') !== false || strpos($user_info['name'], ']') !== false || strpos($user_info['name'], '\'') !== false || strpos($user_info['name'], '"') !== false)
Chris@76: 				$parts[$i] = preg_replace('~(\A|\n)/me(?: |&nbsp;)([^\n]*)(?:\z)?~i', '$1[me=&quot;' . $user_info['name'] . '&quot;]$2[/me]', $parts[$i]);
Chris@76: 			else
Chris@76: 				$parts[$i] = preg_replace('~(\A|\n)/me(?: |&nbsp;)([^\n]*)(?:\z)?~i', '$1[me=' . $user_info['name'] . ']$2[/me]', $parts[$i]);
Chris@76: 
Chris@76: 			if (!$previewing && strpos($parts[$i], '[html]') !== false)
Chris@76: 			{
Chris@76: 				if (allowedTo('admin_forum'))
Chris@76: 					$parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ise', '\'[html]\' . strtr(un_htmlspecialchars(\'$1\'), array("\n" => \'&#13;\', \'  \' => \' &#32;\', \'[\' => \'&#91;\', \']\' => \'&#93;\')) . \'[/html]\'', $parts[$i]);
Chris@76: 
Chris@76: 				// We should edit them out, or else if an admin edits the message they will get shown...
Chris@76: 				else
Chris@76: 				{
Chris@76: 					while (strpos($parts[$i], '[html]') !== false)
Chris@76: 						$parts[$i] = preg_replace('~\[[/]?html\]~i', '', $parts[$i]);
Chris@76: 				}
Chris@76: 			}
Chris@76: 
Chris@76: 			// Let's look at the time tags...
Chris@76: 			$parts[$i] = preg_replace('~\[time(?:=(absolute))*\](.+?)\[/time\]~ie', '\'[time]\' . (is_numeric(\'$2\') || @strtotime(\'$2\') == 0 ? \'$2\' : strtotime(\'$2\') - (\'$1\' == \'absolute\' ? 0 : (($modSettings[\'time_offset\'] + $user_info[\'time_offset\']) * 3600))) . \'[/time]\'', $parts[$i]);
Chris@76: 
Chris@76: 			// Change the color specific tags to [color=the color].
Chris@76: 			$parts[$i] = preg_replace('~\[(black|blue|green|red|white)\]~', '[color=$1]', $parts[$i]);  // First do the opening tags.
Chris@76: 			$parts[$i] = preg_replace('~\[/(black|blue|green|red|white)\]~', '[/color]', $parts[$i]);   // And now do the closing tags
Chris@76: 
Chris@76: 			// Make sure all tags are lowercase.
Chris@76: 			$parts[$i] = preg_replace('~\[([/]?)(list|li|table|tr|td)((\s[^\]]+)*)\]~ie', '\'[$1\' . strtolower(\'$2\') . \'$3]\'', $parts[$i]);
Chris@76: 
Chris@76: 			$list_open = substr_count($parts[$i], '[list]') + substr_count($parts[$i], '[list ');
Chris@76: 			$list_close = substr_count($parts[$i], '[/list]');
Chris@76: 			if ($list_close - $list_open > 0)
Chris@76: 				$parts[$i] = str_repeat('[list]', $list_close - $list_open) . $parts[$i];
Chris@76: 			if ($list_open - $list_close > 0)
Chris@76: 				$parts[$i] = $parts[$i] . str_repeat('[/list]', $list_open - $list_close);
Chris@76: 
Chris@76: 			$mistake_fixes = array(
Chris@76: 				// Find [table]s not followed by [tr].
Chris@76: 				'~\[table\](?![\s' . $non_breaking_space . ']*\[tr\])~s' . ($context['utf8'] ? 'u' : '') => '[table][tr]',
Chris@76: 				// Find [tr]s not followed by [td].
Chris@76: 				'~\[tr\](?![\s' . $non_breaking_space . ']*\[td\])~s' . ($context['utf8'] ? 'u' : '') => '[tr][td]',
Chris@76: 				// Find [/td]s not followed by something valid.
Chris@76: 				'~\[/td\](?![\s' . $non_breaking_space . ']*(?:\[td\]|\[/tr\]|\[/table\]))~s' . ($context['utf8'] ? 'u' : '') => '[/td][/tr]',
Chris@76: 				// Find [/tr]s not followed by something valid.
Chris@76: 				'~\[/tr\](?![\s' . $non_breaking_space . ']*(?:\[tr\]|\[/table\]))~s' . ($context['utf8'] ? 'u' : '') => '[/tr][/table]',
Chris@76: 				// Find [/td]s incorrectly followed by [/table].
Chris@76: 				'~\[/td\][\s' . $non_breaking_space . ']*\[/table\]~s' . ($context['utf8'] ? 'u' : '') => '[/td][/tr][/table]',
Chris@76: 				// Find [table]s, [tr]s, and [/td]s (possibly correctly) followed by [td].
Chris@76: 				'~\[(table|tr|/td)\]([\s' . $non_breaking_space . ']*)\[td\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_td_]',
Chris@76: 				// Now, any [td]s left should have a [tr] before them.
Chris@76: 				'~\[td\]~s' => '[tr][td]',
Chris@76: 				// Look for [tr]s which are correctly placed.
Chris@76: 				'~\[(table|/tr)\]([\s' . $non_breaking_space . ']*)\[tr\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_tr_]',
Chris@76: 				// Any remaining [tr]s should have a [table] before them.
Chris@76: 				'~\[tr\]~s' => '[table][tr]',
Chris@76: 				// Look for [/td]s followed by [/tr].
Chris@76: 				'~\[/td\]([\s' . $non_breaking_space . ']*)\[/tr\]~s' . ($context['utf8'] ? 'u' : '') => '[/td]$1[_/tr_]',
Chris@76: 				// Any remaining [/tr]s should have a [/td].
Chris@76: 				'~\[/tr\]~s' => '[/td][/tr]',
Chris@76: 				// Look for properly opened [li]s which aren't closed.
Chris@76: 				'~\[li\]([^\[\]]+?)\[li\]~s' => '[li]$1[_/li_][_li_]',
Chris@76: 				'~\[li\]([^\[\]]+?)\[/list\]~s' => '[_li_]$1[_/li_][/list]',
Chris@76: 				'~\[li\]([^\[\]]+?)$~s' => '[li]$1[/li]',
Chris@76: 				// Lists - find correctly closed items/lists.
Chris@76: 				'~\[/li\]([\s' . $non_breaking_space . ']*)\[/list\]~s' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[/list]',
Chris@76: 				// Find list items closed and then opened.
Chris@76: 				'~\[/li\]([\s' . $non_breaking_space . ']*)\[li\]~s' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[_li_]',
Chris@76: 				// Now, find any [list]s or [/li]s followed by [li].
Chris@76: 				'~\[(list(?: [^\]]*?)?|/li)\]([\s' . $non_breaking_space . ']*)\[li\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_li_]',
Chris@76: 				// Allow for sub lists.
Chris@76: 				'~\[/li\]([\s' . $non_breaking_space . ']*)\[list\]~' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[list]',
Chris@76: 				'~\[/list\]([\s' . $non_breaking_space . ']*)\[li\]~' . ($context['utf8'] ? 'u' : '') => '[/list]$1[_li_]',
Chris@76: 				// Any remaining [li]s weren't inside a [list].
Chris@76: 				'~\[li\]~' => '[list][li]',
Chris@76: 				// Any remaining [/li]s weren't before a [/list].
Chris@76: 				'~\[/li\]~' => '[/li][/list]',
Chris@76: 				// Put the correct ones back how we found them.
Chris@76: 				'~\[_(li|/li|td|tr|/tr)_\]~' => '[$1]',
Chris@76: 				// Images with no real url.
Chris@76: 				'~\[img\]https?://.{0,7}\[/img\]~' => '',
Chris@76: 			);
Chris@76: 
Chris@76: 			// Fix up some use of tables without [tr]s, etc. (it has to be done more than once to catch it all.)
Chris@76: 			for ($j = 0; $j < 3; $j++)
Chris@76: 				$parts[$i] = preg_replace(array_keys($mistake_fixes), $mistake_fixes, $parts[$i]);
Chris@76: 
Chris@76: 			// Now we're going to do full scale table checking...
Chris@76: 			$table_check = $parts[$i];
Chris@76: 			$table_offset = 0;
Chris@76: 			$table_array = array();
Chris@76: 			$table_order = array(
Chris@76: 				'table' => 'td',
Chris@76: 				'tr' => 'table',
Chris@76: 				'td' => 'tr',
Chris@76: 			);
Chris@76: 			while (preg_match('~\[(/)*(table|tr|td)\]~', $table_check, $matches) != false)
Chris@76: 			{
Chris@76: 				// Keep track of where this is.
Chris@76: 				$offset = strpos($table_check, $matches[0]);
Chris@76: 				$remove_tag = false;
Chris@76: 
Chris@76: 				// Is it opening?
Chris@76: 				if ($matches[1] != '/')
Chris@76: 				{
Chris@76: 					// If the previous table tag isn't correct simply remove it.
Chris@76: 					if ((!empty($table_array) && $table_array[0] != $table_order[$matches[2]]) || (empty($table_array) && $matches[2] != 'table'))
Chris@76: 						$remove_tag = true;
Chris@76: 					// Record this was the last tag.
Chris@76: 					else
Chris@76: 						array_unshift($table_array, $matches[2]);
Chris@76: 				}
Chris@76: 				// Otherwise is closed!
Chris@76: 				else
Chris@76: 				{
Chris@76: 					// Only keep the tag if it's closing the right thing.
Chris@76: 					if (empty($table_array) || ($table_array[0] != $matches[2]))
Chris@76: 						$remove_tag = true;
Chris@76: 					else
Chris@76: 						array_shift($table_array);
Chris@76: 				}
Chris@76: 
Chris@76: 				// Removing?
Chris@76: 				if ($remove_tag)
Chris@76: 				{
Chris@76: 					$parts[$i] = substr($parts[$i], 0, $table_offset + $offset) . substr($parts[$i], $table_offset + strlen($matches[0]) + $offset);
Chris@76: 					// We've lost some data.
Chris@76: 					$table_offset -= strlen($matches[0]);
Chris@76: 				}
Chris@76: 
Chris@76: 				// Remove everything up to here.
Chris@76: 				$table_offset += $offset + strlen($matches[0]);
Chris@76: 				$table_check = substr($table_check, $offset + strlen($matches[0]));
Chris@76: 			}
Chris@76: 
Chris@76: 			// Close any remaining table tags.
Chris@76: 			foreach ($table_array as $tag)
Chris@76: 				$parts[$i] .= '[/' . $tag . ']';
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Put it back together!
Chris@76: 	if (!$previewing)
Chris@76: 		$message = strtr(implode('', $parts), array('  ' => '&nbsp; ', "\n" => '<br />', $context['utf8'] ? "\xC2\xA0" : "\xA0" => '&nbsp;'));
Chris@76: 	else
Chris@76: 		$message = strtr(implode('', $parts), array('  ' => '&nbsp; ', $context['utf8'] ? "\xC2\xA0" : "\xA0" => '&nbsp;'));
Chris@76: 
Chris@76: 	// Now let's quickly clean up things that will slow our parser (which are common in posted code.)
Chris@76: 	$message = strtr($message, array('[]' => '&#91;]', '[&#039;' => '&#91;&#039;'));
Chris@76: }
Chris@76: 
Chris@76: // This is very simple, and just removes things done by preparsecode.
Chris@76: function un_preparsecode($message)
Chris@76: {
Chris@76: 	global $smcFunc;
Chris@76: 
Chris@76: 	$parts = preg_split('~(\[/code\]|\[code(?:=[^\]]+)?\])~i', $message, -1, PREG_SPLIT_DELIM_CAPTURE);
Chris@76: 
Chris@76: 	// We're going to unparse only the stuff outside [code]...
Chris@76: 	for ($i = 0, $n = count($parts); $i < $n; $i++)
Chris@76: 	{
Chris@76: 		// If $i is a multiple of four (0, 4, 8, ...) then it's not a code section...
Chris@76: 		if ($i % 4 == 0)
Chris@76: 		{
Chris@76: 			$parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ie', '\'[html]\' . strtr(htmlspecialchars(\'$1\', ENT_QUOTES), array(\'\\&quot;\' => \'&quot;\', \'&amp;#13;\' => \'<br />\', \'&amp;#32;\' => \' \', \'&amp;#91;\' => \'[\', \'&amp;#93;\' => \']\')) . \'[/html]\'', $parts[$i]);
Chris@76: 			// $parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ie', '\'[html]\' . strtr(htmlspecialchars(\'$1\', ENT_QUOTES), array(\'\\&quot;\' => \'&quot;\', \'&amp;#13;\' => \'<br />\', \'&amp;#32;\' => \' \', \'&amp;#38;\' => \'&#38;\', \'&amp;#91;\' => \'[\', \'&amp;#93;\' => \']\')) . \'[/html]\'', $parts[$i]);
Chris@76: 
Chris@76: 			// Attempt to un-parse the time to something less awful.
Chris@76: 			$parts[$i] = preg_replace('~\[time\](\d{0,10})\[/time\]~ie', '\'[time]\' . timeformat(\'$1\', false) . \'[/time]\'', $parts[$i]);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Change breaks back to \n's and &nsbp; back to spaces.
Chris@76: 	return preg_replace('~<br( /)?' . '>~', "\n", str_replace('&nbsp;', ' ', implode('', $parts)));
Chris@76: }
Chris@76: 
Chris@76: // Fix any URLs posted - ie. remove 'javascript:'.
Chris@76: function fixTags(&$message)
Chris@76: {
Chris@76: 	global $modSettings;
Chris@76: 
Chris@76: 	// WARNING: Editing the below can cause large security holes in your forum.
Chris@76: 	// Edit only if you are sure you know what you are doing.
Chris@76: 
Chris@76: 	$fixArray = array(
Chris@76: 		// [img]http://...[/img] or [img width=1]http://...[/img]
Chris@76: 		array(
Chris@76: 			'tag' => 'img',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => false,
Chris@76: 			'hasEqualSign' => false,
Chris@76: 			'hasExtra' => true,
Chris@76: 		),
Chris@76: 		// [url]http://...[/url]
Chris@76: 		array(
Chris@76: 			'tag' => 'url',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => false,
Chris@76: 		),
Chris@76: 		// [url=http://...]name[/url]
Chris@76: 		array(
Chris@76: 			'tag' => 'url',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => true,
Chris@76: 		),
Chris@76: 		// [iurl]http://...[/iurl]
Chris@76: 		array(
Chris@76: 			'tag' => 'iurl',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => false,
Chris@76: 		),
Chris@76: 		// [iurl=http://...]name[/iurl]
Chris@76: 		array(
Chris@76: 			'tag' => 'iurl',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => true,
Chris@76: 		),
Chris@76: 		// [ftp]ftp://...[/ftp]
Chris@76: 		array(
Chris@76: 			'tag' => 'ftp',
Chris@76: 			'protocols' => array('ftp', 'ftps'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => false,
Chris@76: 		),
Chris@76: 		// [ftp=ftp://...]name[/ftp]
Chris@76: 		array(
Chris@76: 			'tag' => 'ftp',
Chris@76: 			'protocols' => array('ftp', 'ftps'),
Chris@76: 			'embeddedUrl' => true,
Chris@76: 			'hasEqualSign' => true,
Chris@76: 		),
Chris@76: 		// [flash]http://...[/flash]
Chris@76: 		array(
Chris@76: 			'tag' => 'flash',
Chris@76: 			'protocols' => array('http', 'https'),
Chris@76: 			'embeddedUrl' => false,
Chris@76: 			'hasEqualSign' => false,
Chris@76: 			'hasExtra' => true,
Chris@76: 		),
Chris@76: 	);
Chris@76: 
Chris@76: 	// Fix each type of tag.
Chris@76: 	foreach ($fixArray as $param)
Chris@76: 		fixTag($message, $param['tag'], $param['protocols'], $param['embeddedUrl'], $param['hasEqualSign'], !empty($param['hasExtra']));
Chris@76: 
Chris@76: 	// Now fix possible security problems with images loading links automatically...
Chris@76: 	$message = preg_replace('~(\[img.*?\])(.+?)\[/img\]~eis', '\'$1\' . preg_replace(\'~action(=|%3d)(?!dlattach)~i\', \'action-\', \'$2\') . \'[/img]\'', $message);
Chris@76: 
Chris@76: 	// Limit the size of images posted?
Chris@76: 	if (!empty($modSettings['max_image_width']) || !empty($modSettings['max_image_height']))
Chris@76: 	{
Chris@76: 		// Find all the img tags - with or without width and height.
Chris@76: 		preg_match_all('~\[img(\s+width=\d+)?(\s+height=\d+)?(\s+width=\d+)?\](.+?)\[/img\]~is', $message, $matches, PREG_PATTERN_ORDER);
Chris@76: 
Chris@76: 		$replaces = array();
Chris@76: 		foreach ($matches[0] as $match => $dummy)
Chris@76: 		{
Chris@76: 			// If the width was after the height, handle it.
Chris@76: 			$matches[1][$match] = !empty($matches[3][$match]) ? $matches[3][$match] : $matches[1][$match];
Chris@76: 
Chris@76: 			// Now figure out if they had a desired height or width...
Chris@76: 			$desired_width = !empty($matches[1][$match]) ? (int) substr(trim($matches[1][$match]), 6) : 0;
Chris@76: 			$desired_height = !empty($matches[2][$match]) ? (int) substr(trim($matches[2][$match]), 7) : 0;
Chris@76: 
Chris@76: 			// One was omitted, or both.  We'll have to find its real size...
Chris@76: 			if (empty($desired_width) || empty($desired_height))
Chris@76: 			{
Chris@76: 				list ($width, $height) = url_image_size(un_htmlspecialchars($matches[4][$match]));
Chris@76: 
Chris@76: 				// They don't have any desired width or height!
Chris@76: 				if (empty($desired_width) && empty($desired_height))
Chris@76: 				{
Chris@76: 					$desired_width = $width;
Chris@76: 					$desired_height = $height;
Chris@76: 				}
Chris@76: 				// Scale it to the width...
Chris@76: 				elseif (empty($desired_width) && !empty($height))
Chris@76: 					$desired_width = (int) (($desired_height * $width) / $height);
Chris@76: 				// Scale if to the height.
Chris@76: 				elseif (!empty($width))
Chris@76: 					$desired_height = (int) (($desired_width * $height) / $width);
Chris@76: 			}
Chris@76: 
Chris@76: 			// If the width and height are fine, just continue along...
Chris@76: 			if ($desired_width <= $modSettings['max_image_width'] && $desired_height <= $modSettings['max_image_height'])
Chris@76: 				continue;
Chris@76: 
Chris@76: 			// Too bad, it's too wide.  Make it as wide as the maximum.
Chris@76: 			if ($desired_width > $modSettings['max_image_width'] && !empty($modSettings['max_image_width']))
Chris@76: 			{
Chris@76: 				$desired_height = (int) (($modSettings['max_image_width'] * $desired_height) / $desired_width);
Chris@76: 				$desired_width = $modSettings['max_image_width'];
Chris@76: 			}
Chris@76: 
Chris@76: 			// Now check the height, as well.  Might have to scale twice, even...
Chris@76: 			if ($desired_height > $modSettings['max_image_height'] && !empty($modSettings['max_image_height']))
Chris@76: 			{
Chris@76: 				$desired_width = (int) (($modSettings['max_image_height'] * $desired_width) / $desired_height);
Chris@76: 				$desired_height = $modSettings['max_image_height'];
Chris@76: 			}
Chris@76: 
Chris@76: 			$replaces[$matches[0][$match]] = '[img' . (!empty($desired_width) ? ' width=' . $desired_width : '') . (!empty($desired_height) ? ' height=' . $desired_height : '') . ']' . $matches[4][$match] . '[/img]';
Chris@76: 		}
Chris@76: 
Chris@76: 		// If any img tags were actually changed...
Chris@76: 		if (!empty($replaces))
Chris@76: 			$message = strtr($message, $replaces);
Chris@76: 	}
Chris@76: }
Chris@76: 
Chris@76: // Fix a specific class of tag - ie. url with =.
Chris@76: function fixTag(&$message, $myTag, $protocols, $embeddedUrl = false, $hasEqualSign = false, $hasExtra = false)
Chris@76: {
Chris@76: 	global $boardurl, $scripturl;
Chris@76: 
Chris@76: 	if (preg_match('~^([^:]+://[^/]+)~', $boardurl, $match) != 0)
Chris@76: 		$domain_url = $match[1];
Chris@76: 	else
Chris@76: 		$domain_url = $boardurl . '/';
Chris@76: 
Chris@76: 	$replaces = array();
Chris@76: 
Chris@76: 	if ($hasEqualSign)
Chris@76: 		preg_match_all('~\[(' . $myTag . ')=([^\]]*?)\](?:(.+?)\[/(' . $myTag . ')\])?~is', $message, $matches);
Chris@76: 	else
Chris@76: 		preg_match_all('~\[(' . $myTag . ($hasExtra ? '(?:[^\]]*?)' : '') . ')\](.+?)\[/(' . $myTag . ')\]~is', $message, $matches);
Chris@76: 
Chris@76: 	foreach ($matches[0] as $k => $dummy)
Chris@76: 	{
Chris@76: 		// Remove all leading and trailing whitespace.
Chris@76: 		$replace = trim($matches[2][$k]);
Chris@76: 		$this_tag = $matches[1][$k];
Chris@76: 		$this_close = $hasEqualSign ? (empty($matches[4][$k]) ? '' : $matches[4][$k]) : $matches[3][$k];
Chris@76: 
Chris@76: 		$found = false;
Chris@76: 		foreach ($protocols as $protocol)
Chris@76: 		{
Chris@76: 			$found = strncasecmp($replace, $protocol . '://', strlen($protocol) + 3) === 0;
Chris@76: 			if ($found)
Chris@76: 				break;
Chris@76: 		}
Chris@76: 
Chris@76: 		if (!$found && $protocols[0] == 'http')
Chris@76: 		{
Chris@76: 			if (substr($replace, 0, 1) == '/')
Chris@76: 				$replace = $domain_url . $replace;
Chris@76: 			elseif (substr($replace, 0, 1) == '?')
Chris@76: 				$replace = $scripturl . $replace;
Chris@76: 			elseif (substr($replace, 0, 1) == '#' && $embeddedUrl)
Chris@76: 			{
Chris@76: 				$replace = '#' . preg_replace('~[^A-Za-z0-9_\-#]~', '', substr($replace, 1));
Chris@76: 				$this_tag = 'iurl';
Chris@76: 				$this_close = 'iurl';
Chris@76: 			}
Chris@76: 			else
Chris@76: 				$replace = $protocols[0] . '://' . $replace;
Chris@76: 		}
Chris@76: 		elseif (!$found && $protocols[0] == 'ftp')
Chris@76: 			$replace = $protocols[0] . '://' . preg_replace('~^(?!ftps?)[^:]+://~', '', $replace);
Chris@76: 		elseif (!$found)
Chris@76: 			$replace = $protocols[0] . '://' . $replace;
Chris@76: 
Chris@76: 		if ($hasEqualSign && $embeddedUrl)
Chris@76: 			$replaces[$matches[0][$k]] = '[' . $this_tag . '=' . $replace . ']' . (empty($matches[4][$k]) ? '' : $matches[3][$k] . '[/' . $this_close . ']');
Chris@76: 		elseif ($hasEqualSign)
Chris@76: 			$replaces['[' . $matches[1][$k] . '=' . $matches[2][$k] . ']'] = '[' . $this_tag . '=' . $replace . ']';
Chris@76: 		elseif ($embeddedUrl)
Chris@76: 			$replaces['[' . $matches[1][$k] . ']' . $matches[2][$k] . '[/' . $matches[3][$k] . ']'] = '[' . $this_tag . '=' . $replace . ']' . $matches[2][$k] . '[/' . $this_close . ']';
Chris@76: 		else
Chris@76: 			$replaces['[' . $matches[1][$k] . ']' . $matches[2][$k] . '[/' . $matches[3][$k] . ']'] = '[' . $this_tag . ']' . $replace . '[/' . $this_close . ']';
Chris@76: 	}
Chris@76: 
Chris@76: 	foreach ($replaces as $k => $v)
Chris@76: 	{
Chris@76: 		if ($k == $v)
Chris@76: 			unset($replaces[$k]);
Chris@76: 	}
Chris@76: 
Chris@76: 	if (!empty($replaces))
Chris@76: 		$message = strtr($message, $replaces);
Chris@76: }
Chris@76: 
Chris@76: // Send off an email.
Chris@76: function sendmail($to, $subject, $message, $from = null, $message_id = null, $send_html = false, $priority = 3, $hotmail_fix = null, $is_private = false)
Chris@76: {
Chris@76: 	global $webmaster_email, $context, $modSettings, $txt, $scripturl;
Chris@76: 	global $smcFunc;
Chris@76: 
Chris@76: 	// Use sendmail if it's set or if no SMTP server is set.
Chris@76: 	$use_sendmail = empty($modSettings['mail_type']) || $modSettings['smtp_host'] == '';
Chris@76: 
Chris@76: 	// Line breaks need to be \r\n only in windows or for SMTP.
Chris@76: 	$line_break = $context['server']['is_windows'] || !$use_sendmail ? "\r\n" : "\n";
Chris@76: 
Chris@76: 	// So far so good.
Chris@76: 	$mail_result = true;
Chris@76: 
Chris@76: 	// If the recipient list isn't an array, make it one.
Chris@76: 	$to_array = is_array($to) ? $to : array($to);
Chris@76: 
Chris@76: 	// Once upon a time, Hotmail could not interpret non-ASCII mails.
Chris@76: 	// In honour of those days, it's still called the 'hotmail fix'.
Chris@76: 	if ($hotmail_fix === null)
Chris@76: 	{
Chris@76: 		$hotmail_to = array();
Chris@76: 		foreach ($to_array as $i => $to_address)
Chris@76: 		{
Chris@76: 			if (preg_match('~@(att|comcast|bellsouth)\.[a-zA-Z\.]{2,6}$~i', $to_address) === 1)
Chris@76: 			{
Chris@76: 				$hotmail_to[] = $to_address;
Chris@76: 				$to_array = array_diff($to_array, array($to_address));
Chris@76: 			}
Chris@76: 		}
Chris@76: 
Chris@76: 		// Call this function recursively for the hotmail addresses.
Chris@76: 		if (!empty($hotmail_to))
Chris@76: 			$mail_result = sendmail($hotmail_to, $subject, $message, $from, $message_id, $send_html, $priority, true);
Chris@76: 
Chris@76: 		// The remaining addresses no longer need the fix.
Chris@76: 		$hotmail_fix = false;
Chris@76: 
Chris@76: 		// No other addresses left? Return instantly.
Chris@76: 		if (empty($to_array))
Chris@76: 			return $mail_result;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Get rid of entities.
Chris@76: 	$subject = un_htmlspecialchars($subject);
Chris@76: 	// Make the message use the proper line breaks.
Chris@76: 	$message = str_replace(array("\r", "\n"), array('', $line_break), $message);
Chris@76: 
Chris@76: 	// Make sure hotmail mails are sent as HTML so that HTML entities work.
Chris@76: 	if ($hotmail_fix && !$send_html)
Chris@76: 	{
Chris@76: 		$send_html = true;
Chris@76: 		$message = strtr($message, array($line_break => '<br />' . $line_break));
Chris@76: 		$message = preg_replace('~(' . preg_quote($scripturl, '~') . '(?:[?/][\w\-_%\.,\?&;=#]+)?)~', '<a href="$1">$1</a>', $message);
Chris@76: 	}
Chris@76: 
Chris@76: 	list (, $from_name) = mimespecialchars(addcslashes($from !== null ? $from : $context['forum_name'], '<>()\'\\"'), true, $hotmail_fix, $line_break);
Chris@76: 	list (, $subject) = mimespecialchars($subject, true, $hotmail_fix, $line_break);
Chris@76: 
Chris@76: 	// Construct the mail headers...
Chris@76: 	$headers = 'From: "' . $from_name . '" <' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . '>' . $line_break;
Chris@76: 	$headers .= $from !== null ? 'Reply-To: <' . $from . '>' . $line_break : '';
Chris@76: 	$headers .= 'Return-Path: ' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . $line_break;
Chris@76: 	$headers .= 'Date: ' . gmdate('D, d M Y H:i:s') . ' -0000' . $line_break;
Chris@76: 
Chris@76: 	if ($message_id !== null && empty($modSettings['mail_no_message_id']))
Chris@76: 		$headers .= 'Message-ID: <' . md5($scripturl . microtime()) . '-' . $message_id . strstr(empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from'], '@') . '>' . $line_break;
Chris@76: 	$headers .= 'X-Mailer: SMF' . $line_break;
Chris@76: 
Chris@76: 	// Pass this to the integration before we start modifying the output -- it'll make it easier later.
Chris@76: 	if (in_array(false, call_integration_hook('integrate_outgoing_email', array(&$subject, &$message, &$headers)), true))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	// Save the original message...
Chris@76: 	$orig_message = $message;
Chris@76: 
Chris@76: 	// The mime boundary separates the different alternative versions.
Chris@76: 	$mime_boundary = 'SMF-' . md5($message . time());
Chris@76: 
Chris@76: 	// Using mime, as it allows to send a plain unencoded alternative.
Chris@76: 	$headers .= 'Mime-Version: 1.0' . $line_break;
Chris@76: 	$headers .= 'Content-Type: multipart/alternative; boundary="' . $mime_boundary . '"' . $line_break;
Chris@76: 	$headers .= 'Content-Transfer-Encoding: 7bit' . $line_break;
Chris@76: 
Chris@76: 	// Sending HTML?  Let's plop in some basic stuff, then.
Chris@76: 	if ($send_html)
Chris@76: 	{
Chris@76: 		$no_html_message = un_htmlspecialchars(strip_tags(strtr($orig_message, array('</title>' => $line_break))));
Chris@76: 
Chris@76: 		// But, then, dump it and use a plain one for dinosaur clients.
Chris@76: 		list(, $plain_message) = mimespecialchars($no_html_message, false, true, $line_break);
Chris@76: 		$message = $plain_message . $line_break . '--' . $mime_boundary . $line_break;
Chris@76: 
Chris@76: 		// This is the plain text version.  Even if no one sees it, we need it for spam checkers.
Chris@76: 		list($charset, $plain_charset_message, $encoding) = mimespecialchars($no_html_message, false, false, $line_break);
Chris@76: 		$message .= 'Content-Type: text/plain; charset=' . $charset . $line_break;
Chris@76: 		$message .= 'Content-Transfer-Encoding: ' . $encoding . $line_break . $line_break;
Chris@76: 		$message .= $plain_charset_message . $line_break . '--' . $mime_boundary . $line_break;
Chris@76: 
Chris@76: 		// This is the actual HTML message, prim and proper.  If we wanted images, they could be inlined here (with multipart/related, etc.)
Chris@76: 		list($charset, $html_message, $encoding) = mimespecialchars($orig_message, false, $hotmail_fix, $line_break);
Chris@76: 		$message .= 'Content-Type: text/html; charset=' . $charset . $line_break;
Chris@76: 		$message .= 'Content-Transfer-Encoding: ' . ($encoding == '' ? '7bit' : $encoding) . $line_break . $line_break;
Chris@76: 		$message .= $html_message . $line_break . '--' . $mime_boundary . '--';
Chris@76: 	}
Chris@76: 	// Text is good too.
Chris@76: 	else
Chris@76: 	{
Chris@76: 		// Send a plain message first, for the older web clients.
Chris@76: 		list(, $plain_message) = mimespecialchars($orig_message, false, true, $line_break);
Chris@76: 		$message = $plain_message . $line_break . '--' . $mime_boundary . $line_break;
Chris@76: 
Chris@76: 		// Now add an encoded message using the forum's character set.
Chris@76: 		list ($charset, $encoded_message, $encoding) = mimespecialchars($orig_message, false, false, $line_break);
Chris@76: 		$message .= 'Content-Type: text/plain; charset=' . $charset . $line_break;
Chris@76: 		$message .= 'Content-Transfer-Encoding: ' . $encoding . $line_break . $line_break;
Chris@76: 		$message .= $encoded_message . $line_break . '--' . $mime_boundary . '--';
Chris@76: 	}
Chris@76: 
Chris@76: 	// Are we using the mail queue, if so this is where we butt in...
Chris@76: 	if (!empty($modSettings['mail_queue']) && $priority != 0)
Chris@76: 		return AddMailQueue(false, $to_array, $subject, $message, $headers, $send_html, $priority, $is_private);
Chris@76: 
Chris@76: 	// If it's a priority mail, send it now - note though that this should NOT be used for sending many at once.
Chris@76: 	elseif (!empty($modSettings['mail_queue']) && !empty($modSettings['mail_limit']))
Chris@76: 	{
Chris@76: 		list ($last_mail_time, $mails_this_minute) = @explode('|', $modSettings['mail_recent']);
Chris@76: 		if (empty($mails_this_minute) || time() > $last_mail_time + 60)
Chris@76: 			$new_queue_stat = time() . '|' . 1;
Chris@76: 		else
Chris@76: 			$new_queue_stat = $last_mail_time . '|' . ((int) $mails_this_minute + 1);
Chris@76: 
Chris@76: 		updateSettings(array('mail_recent' => $new_queue_stat));
Chris@76: 	}
Chris@76: 
Chris@76: 	// SMTP or sendmail?
Chris@76: 	if ($use_sendmail)
Chris@76: 	{
Chris@76: 		$subject = strtr($subject, array("\r" => '', "\n" => ''));
Chris@76: 		if (!empty($modSettings['mail_strip_carriage']))
Chris@76: 		{
Chris@76: 			$message = strtr($message, array("\r" => ''));
Chris@76: 			$headers = strtr($headers, array("\r" => ''));
Chris@76: 		}
Chris@76: 
Chris@76: 		foreach ($to_array as $to)
Chris@76: 		{
Chris@76: 			if (!mail(strtr($to, array("\r" => '', "\n" => '')), $subject, $message, $headers))
Chris@76: 			{
Chris@76: 				log_error(sprintf($txt['mail_send_unable'], $to));
Chris@76: 				$mail_result = false;
Chris@76: 			}
Chris@76: 
Chris@76: 			// Wait, wait, I'm still sending here!
Chris@76: 			@set_time_limit(300);
Chris@76: 			if (function_exists('apache_reset_timeout'))
Chris@76: 				@apache_reset_timeout();
Chris@76: 		}
Chris@76: 	}
Chris@76: 	else
Chris@76: 		$mail_result = $mail_result && smtp_mail($to_array, $subject, $message, $headers);
Chris@76: 
Chris@76: 	// Everything go smoothly?
Chris@76: 	return $mail_result;
Chris@76: }
Chris@76: 
Chris@76: // Add an email to the mail queue.
Chris@76: function AddMailQueue($flush = false, $to_array = array(), $subject = '', $message = '', $headers = '', $send_html = false, $priority = 3, $is_private = false)
Chris@76: {
Chris@76: 	global $context, $modSettings, $smcFunc;
Chris@76: 
Chris@76: 	static $cur_insert = array();
Chris@76: 	static $cur_insert_len = 0;
Chris@76: 
Chris@76: 	if ($cur_insert_len == 0)
Chris@76: 		$cur_insert = array();
Chris@76: 
Chris@76: 	// If we're flushing, make the final inserts - also if we're near the MySQL length limit!
Chris@76: 	if (($flush || $cur_insert_len > 800000) && !empty($cur_insert))
Chris@76: 	{
Chris@76: 		// Only do these once.
Chris@76: 		$cur_insert_len = 0;
Chris@76: 
Chris@76: 		// Dump the data...
Chris@76: 		$smcFunc['db_insert']('',
Chris@76: 			'{db_prefix}mail_queue',
Chris@76: 			array(
Chris@76: 				'time_sent' => 'int', 'recipient' => 'string-255', 'body' => 'string-65534', 'subject' => 'string-255',
Chris@76: 				'headers' => 'string-65534', 'send_html' => 'int', 'priority' => 'int', 'private' => 'int',
Chris@76: 			),
Chris@76: 			$cur_insert,
Chris@76: 			array('id_mail')
Chris@76: 		);
Chris@76: 
Chris@76: 		$cur_insert = array();
Chris@76: 		$context['flush_mail'] = false;
Chris@76: 	}
Chris@76: 
Chris@76: 	// If we're flushing we're done.
Chris@76: 	if ($flush)
Chris@76: 	{
Chris@76: 		$nextSendTime = time() + 10;
Chris@76: 
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}settings
Chris@76: 			SET value = {string:nextSendTime}
Chris@76: 			WHERE variable = {string:mail_next_send}
Chris@76: 				AND value = {string:no_outstanding}',
Chris@76: 			array(
Chris@76: 				'nextSendTime' => $nextSendTime,
Chris@76: 				'mail_next_send' => 'mail_next_send',
Chris@76: 				'no_outstanding' => '0',
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		return true;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Ensure we tell obExit to flush.
Chris@76: 	$context['flush_mail'] = true;
Chris@76: 
Chris@76: 	foreach ($to_array as $to)
Chris@76: 	{
Chris@76: 		// Will this insert go over MySQL's limit?
Chris@76: 		$this_insert_len = strlen($to) + strlen($message) + strlen($headers) + 700;
Chris@76: 
Chris@76: 		// Insert limit of 1M (just under the safety) is reached?
Chris@76: 		if ($this_insert_len + $cur_insert_len > 1000000)
Chris@76: 		{
Chris@76: 			// Flush out what we have so far.
Chris@76: 			$smcFunc['db_insert']('',
Chris@76: 				'{db_prefix}mail_queue',
Chris@76: 				array(
Chris@76: 					'time_sent' => 'int', 'recipient' => 'string-255', 'body' => 'string-65534', 'subject' => 'string-255',
Chris@76: 					'headers' => 'string-65534', 'send_html' => 'int', 'priority' => 'int', 'private' => 'int',
Chris@76: 				),
Chris@76: 				$cur_insert,
Chris@76: 				array('id_mail')
Chris@76: 			);
Chris@76: 
Chris@76: 			// Clear this out.
Chris@76: 			$cur_insert = array();
Chris@76: 			$cur_insert_len = 0;
Chris@76: 		}
Chris@76: 
Chris@76: 		// Now add the current insert to the array...
Chris@76: 		$cur_insert[] = array(time(), (string) $to, (string) $message, (string) $subject, (string) $headers, ($send_html ? 1 : 0), $priority, (int) $is_private);
Chris@76: 		$cur_insert_len += $this_insert_len;
Chris@76: 	}
Chris@76: 
Chris@76: 	// If they are using SSI there is a good chance obExit will never be called.  So lets be nice and flush it for them.
Chris@76: 	if (SMF === 'SSI')
Chris@76: 		return AddMailQueue(true);
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // Send off a personal message.
Chris@76: function sendpm($recipients, $subject, $message, $store_outbox = false, $from = null, $pm_head = 0)
Chris@76: {
Chris@76: 	global $scripturl, $txt, $user_info, $language;
Chris@76: 	global $modSettings, $smcFunc;
Chris@76: 
Chris@76: 	// Make sure the PM language file is loaded, we might need something out of it.
Chris@76: 	loadLanguage('PersonalMessage');
Chris@76: 
Chris@76: 	$onBehalf = $from !== null;
Chris@76: 
Chris@76: 	// Initialize log array.
Chris@76: 	$log = array(
Chris@76: 		'failed' => array(),
Chris@76: 		'sent' => array()
Chris@76: 	);
Chris@76: 
Chris@76: 	if ($from === null)
Chris@76: 		$from = array(
Chris@76: 			'id' => $user_info['id'],
Chris@76: 			'name' => $user_info['name'],
Chris@76: 			'username' => $user_info['username']
Chris@76: 		);
Chris@76: 	// Probably not needed.  /me something should be of the typer.
Chris@76: 	else
Chris@76: 		$user_info['name'] = $from['name'];
Chris@76: 
Chris@76: 	// This is the one that will go in their inbox.
Chris@76: 	$htmlmessage = $smcFunc['htmlspecialchars']($message, ENT_QUOTES);
Chris@76: 	$htmlsubject = $smcFunc['htmlspecialchars']($subject);
Chris@76: 	preparsecode($htmlmessage);
Chris@76: 
Chris@76: 	// Integrated PMs
Chris@76: 	call_integration_hook('integrate_personal_message', array($recipients, $from['username'], $subject, $message));
Chris@76: 
Chris@76: 	// Get a list of usernames and convert them to IDs.
Chris@76: 	$usernames = array();
Chris@76: 	foreach ($recipients as $rec_type => $rec)
Chris@76: 	{
Chris@76: 		foreach ($rec as $id => $member)
Chris@76: 		{
Chris@76: 			if (!is_numeric($recipients[$rec_type][$id]))
Chris@76: 			{
Chris@76: 				$recipients[$rec_type][$id] = $smcFunc['strtolower'](trim(preg_replace('/[<>&"\'=\\\]/', '', $recipients[$rec_type][$id])));
Chris@76: 				$usernames[$recipients[$rec_type][$id]] = 0;
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 	if (!empty($usernames))
Chris@76: 	{
Chris@76: 		$request = $smcFunc['db_query']('pm_find_username', '
Chris@76: 			SELECT id_member, member_name
Chris@76: 			FROM {db_prefix}members
Chris@76: 			WHERE ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name') . ' IN ({array_string:usernames})',
Chris@76: 			array(
Chris@76: 				'usernames' => array_keys($usernames),
Chris@76: 			)
Chris@76: 		);
Chris@76: 		while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 			if (isset($usernames[$smcFunc['strtolower']($row['member_name'])]))
Chris@76: 				$usernames[$smcFunc['strtolower']($row['member_name'])] = $row['id_member'];
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 		// Replace the usernames with IDs. Drop usernames that couldn't be found.
Chris@76: 		foreach ($recipients as $rec_type => $rec)
Chris@76: 			foreach ($rec as $id => $member)
Chris@76: 			{
Chris@76: 				if (is_numeric($recipients[$rec_type][$id]))
Chris@76: 					continue;
Chris@76: 
Chris@76: 				if (!empty($usernames[$member]))
Chris@76: 					$recipients[$rec_type][$id] = $usernames[$member];
Chris@76: 				else
Chris@76: 				{
Chris@76: 					$log['failed'][$id] = sprintf($txt['pm_error_user_not_found'], $recipients[$rec_type][$id]);
Chris@76: 					unset($recipients[$rec_type][$id]);
Chris@76: 				}
Chris@76: 			}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Make sure there are no duplicate 'to' members.
Chris@76: 	$recipients['to'] = array_unique($recipients['to']);
Chris@76: 
Chris@76: 	// Only 'bcc' members that aren't already in 'to'.
Chris@76: 	$recipients['bcc'] = array_diff(array_unique($recipients['bcc']), $recipients['to']);
Chris@76: 
Chris@76: 	// Combine 'to' and 'bcc' recipients.
Chris@76: 	$all_to = array_merge($recipients['to'], $recipients['bcc']);
Chris@76: 
Chris@76: 	// Check no-one will want it deleted right away!
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT
Chris@76: 			id_member, criteria, is_or
Chris@76: 		FROM {db_prefix}pm_rules
Chris@76: 		WHERE id_member IN ({array_int:to_members})
Chris@76: 			AND delete_pm = {int:delete_pm}',
Chris@76: 		array(
Chris@76: 			'to_members' => $all_to,
Chris@76: 			'delete_pm' => 1,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$deletes = array();
Chris@76: 	// Check whether we have to apply anything...
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		$criteria = unserialize($row['criteria']);
Chris@76: 		// Note we don't check the buddy status, cause deletion from buddy = madness!
Chris@76: 		$delete = false;
Chris@76: 		foreach ($criteria as $criterium)
Chris@76: 		{
Chris@76: 			$match = false;
Chris@76: 			if (($criterium['t'] == 'mid' && $criterium['v'] == $from['id']) || ($criterium['t'] == 'gid' && in_array($criterium['v'], $user_info['groups'])) || ($criterium['t'] == 'sub' && strpos($subject, $criterium['v']) !== false) || ($criterium['t'] == 'msg' && strpos($message, $criterium['v']) !== false))
Chris@76: 				$delete = true;
Chris@76: 			// If we're adding and one criteria don't match then we stop!
Chris@76: 			elseif (!$row['is_or'])
Chris@76: 			{
Chris@76: 				$delete = false;
Chris@76: 				break;
Chris@76: 			}
Chris@76: 		}
Chris@76: 		if ($delete)
Chris@76: 			$deletes[$row['id_member']] = 1;
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	// Load the membergrounp message limits.
Chris@76: 	//!!! Consider caching this?
Chris@76: 	static $message_limit_cache = array();
Chris@76: 	if (!allowedTo('moderate_forum') && empty($message_limit_cache))
Chris@76: 	{
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_group, max_messages
Chris@76: 			FROM {db_prefix}membergroups',
Chris@76: 			array(
Chris@76: 			)
Chris@76: 		);
Chris@76: 		while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 			$message_limit_cache[$row['id_group']] = $row['max_messages'];
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Load the groups that are allowed to read PMs.
Chris@76: 	$allowed_groups = array();
Chris@76: 	$disallowed_groups = array();
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_group, add_deny
Chris@76: 		FROM {db_prefix}permissions
Chris@76: 		WHERE permission = {string:read_permission}',
Chris@76: 		array(
Chris@76: 			'read_permission' => 'pm_read',
Chris@76: 		)
Chris@76: 	);
Chris@76: 
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		if (empty($row['add_deny']))
Chris@76: 			$disallowed_groups[] = $row['id_group'];
Chris@76: 		else
Chris@76: 			$allowed_groups[] = $row['id_group'];
Chris@76: 	}
Chris@76: 
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	if (empty($modSettings['permission_enable_deny']))
Chris@76: 		$disallowed_groups = array();
Chris@76: 
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT
Chris@76: 			member_name, real_name, id_member, email_address, lngfile,
Chris@76: 			pm_email_notify, instant_messages,' . (allowedTo('moderate_forum') ? ' 0' : '
Chris@76: 			(pm_receive_from = {int:admins_only}' . (empty($modSettings['enable_buddylist']) ? '' : ' OR
Chris@76: 			(pm_receive_from = {int:buddies_only} AND FIND_IN_SET({string:from_id}, buddy_list) = 0) OR
Chris@76: 			(pm_receive_from = {int:not_on_ignore_list} AND FIND_IN_SET({string:from_id}, pm_ignore_list) != 0)') . ')') . ' AS ignored,
Chris@76: 			FIND_IN_SET({string:from_id}, buddy_list) != 0 AS is_buddy, is_activated,
Chris@76: 			additional_groups, id_group, id_post_group
Chris@76: 		FROM {db_prefix}members
Chris@76: 		WHERE id_member IN ({array_int:recipients})
Chris@76: 		ORDER BY lngfile
Chris@76: 		LIMIT {int:count_recipients}',
Chris@76: 		array(
Chris@76: 			'not_on_ignore_list' => 1,
Chris@76: 			'buddies_only' => 2,
Chris@76: 			'admins_only' => 3,
Chris@76: 			'recipients' => $all_to,
Chris@76: 			'count_recipients' => count($all_to),
Chris@76: 			'from_id' => $from['id'],
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$notifications = array();
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		// Don't do anything for members to be deleted!
Chris@76: 		if (isset($deletes[$row['id_member']]))
Chris@76: 			continue;
Chris@76: 
Chris@76: 		// We need to know this members groups.
Chris@76: 		$groups = explode(',', $row['additional_groups']);
Chris@76: 		$groups[] = $row['id_group'];
Chris@76: 		$groups[] = $row['id_post_group'];
Chris@76: 
Chris@76: 		$message_limit = -1;
Chris@76: 		// For each group see whether they've gone over their limit - assuming they're not an admin.
Chris@76: 		if (!in_array(1, $groups))
Chris@76: 		{
Chris@76: 			foreach ($groups as $id)
Chris@76: 			{
Chris@76: 				if (isset($message_limit_cache[$id]) && $message_limit != 0 && $message_limit < $message_limit_cache[$id])
Chris@76: 					$message_limit = $message_limit_cache[$id];
Chris@76: 			}
Chris@76: 
Chris@76: 			if ($message_limit > 0 && $message_limit <= $row['instant_messages'])
Chris@76: 			{
Chris@76: 				$log['failed'][$row['id_member']] = sprintf($txt['pm_error_data_limit_reached'], $row['real_name']);
Chris@76: 				unset($all_to[array_search($row['id_member'], $all_to)]);
Chris@76: 				continue;
Chris@76: 			}
Chris@76: 
Chris@76: 			// Do they have any of the allowed groups?
Chris@76: 			if (count(array_intersect($allowed_groups, $groups)) == 0 || count(array_intersect($disallowed_groups, $groups)) != 0)
Chris@76: 			{
Chris@76: 				$log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
Chris@76: 				unset($all_to[array_search($row['id_member'], $all_to)]);
Chris@76: 				continue;
Chris@76: 			}
Chris@76: 		}
Chris@76: 
Chris@76: 		// Note that PostgreSQL can return a lowercase t/f for FIND_IN_SET
Chris@76: 		if (!empty($row['ignored']) && $row['ignored'] != 'f' && $row['id_member'] != $from['id'])
Chris@76: 		{
Chris@76: 			$log['failed'][$row['id_member']] = sprintf($txt['pm_error_ignored_by_user'], $row['real_name']);
Chris@76: 			unset($all_to[array_search($row['id_member'], $all_to)]);
Chris@76: 			continue;
Chris@76: 		}
Chris@76: 
Chris@76: 		// If the receiving account is banned (>=10) or pending deletion (4), refuse to send the PM.
Chris@76: 		if ($row['is_activated'] >= 10 || ($row['is_activated'] == 4 && !$user_info['is_admin']))
Chris@76: 		{
Chris@76: 			$log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
Chris@76: 			unset($all_to[array_search($row['id_member'], $all_to)]);
Chris@76: 			continue;
Chris@76: 		}
Chris@76: 
Chris@76: 		// Send a notification, if enabled - taking the buddy list into account.
Chris@76: 		if (!empty($row['email_address']) && ($row['pm_email_notify'] == 1 || ($row['pm_email_notify'] > 1 && (!empty($modSettings['enable_buddylist']) && $row['is_buddy']))) && $row['is_activated'] == 1)
Chris@76: 			$notifications[empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']][] = $row['email_address'];
Chris@76: 
Chris@76: 		$log['sent'][$row['id_member']] = sprintf(isset($txt['pm_successfully_sent']) ? $txt['pm_successfully_sent'] : '', $row['real_name']);
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	// Only 'send' the message if there are any recipients left.
Chris@76: 	if (empty($all_to))
Chris@76: 		return $log;
Chris@76: 
Chris@76: 	// Insert the message itself and then grab the last insert id.
Chris@76: 	$smcFunc['db_insert']('',
Chris@76: 		'{db_prefix}personal_messages',
Chris@76: 		array(
Chris@76: 			'id_pm_head' => 'int', 'id_member_from' => 'int', 'deleted_by_sender' => 'int',
Chris@76: 			'from_name' => 'string-255', 'msgtime' => 'int', 'subject' => 'string-255', 'body' => 'string-65534',
Chris@76: 		),
Chris@76: 		array(
Chris@76: 			$pm_head, $from['id'], ($store_outbox ? 0 : 1),
Chris@76: 			$from['username'], time(), $htmlsubject, $htmlmessage,
Chris@76: 		),
Chris@76: 		array('id_pm')
Chris@76: 	);
Chris@76: 	$id_pm = $smcFunc['db_insert_id']('{db_prefix}personal_messages', 'id_pm');
Chris@76: 
Chris@76: 	// Add the recipients.
Chris@76: 	if (!empty($id_pm))
Chris@76: 	{
Chris@76: 		// If this is new we need to set it part of it's own conversation.
Chris@76: 		if (empty($pm_head))
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				UPDATE {db_prefix}personal_messages
Chris@76: 				SET id_pm_head = {int:id_pm_head}
Chris@76: 				WHERE id_pm = {int:id_pm_head}',
Chris@76: 				array(
Chris@76: 					'id_pm_head' => $id_pm,
Chris@76: 				)
Chris@76: 			);
Chris@76: 
Chris@76: 		// Some people think manually deleting personal_messages is fun... it's not. We protect against it though :)
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			DELETE FROM {db_prefix}pm_recipients
Chris@76: 			WHERE id_pm = {int:id_pm}',
Chris@76: 			array(
Chris@76: 				'id_pm' => $id_pm,
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		$insertRows = array();
Chris@76: 		foreach ($all_to as $to)
Chris@76: 		{
Chris@76: 			$insertRows[] = array($id_pm, $to, in_array($to, $recipients['bcc']) ? 1 : 0, isset($deletes[$to]) ? 1 : 0, 1);
Chris@76: 		}
Chris@76: 
Chris@76: 		$smcFunc['db_insert']('insert',
Chris@76: 			'{db_prefix}pm_recipients',
Chris@76: 			array(
Chris@76: 				'id_pm' => 'int', 'id_member' => 'int', 'bcc' => 'int', 'deleted' => 'int', 'is_new' => 'int'
Chris@76: 			),
Chris@76: 			$insertRows,
Chris@76: 			array('id_pm', 'id_member')
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	censorText($message);
Chris@76: 	censorText($subject);
Chris@76: 	$message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc(htmlspecialchars($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
Chris@76: 
Chris@76: 	foreach ($notifications as $lang => $notification_list)
Chris@76: 	{
Chris@76: 		// Make sure to use the right language.
Chris@76: 		loadLanguage('index+PersonalMessage', $lang, false);
Chris@76: 
Chris@76: 		// Replace the right things in the message strings.
Chris@76: 		$mailsubject = str_replace(array('SUBJECT', 'SENDER'), array($subject, un_htmlspecialchars($from['name'])), $txt['new_pm_subject']);
Chris@76: 		$mailmessage = str_replace(array('SUBJECT', 'MESSAGE', 'SENDER'), array($subject, $message, un_htmlspecialchars($from['name'])), $txt['pm_email']);
Chris@76: 		$mailmessage .= "\n\n" . $txt['instant_reply'] . ' ' . $scripturl . '?action=pm;sa=send;f=inbox;pmsg=' . $id_pm . ';quote;u=' . $from['id'];
Chris@76: 
Chris@76: 		// Off the notification email goes!
Chris@76: 		sendmail($notification_list, $mailsubject, $mailmessage, null, 'p' . $id_pm, false, 2, null, true);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Back to what we were on before!
Chris@76: 	loadLanguage('index+PersonalMessage');
Chris@76: 
Chris@76: 	// Add one to their unread and read message counts.
Chris@76: 	foreach ($all_to as $k => $id)
Chris@76: 		if (isset($deletes[$id]))
Chris@76: 			unset($all_to[$k]);
Chris@76: 	if (!empty($all_to))
Chris@76: 		updateMemberData($all_to, array('instant_messages' => '+', 'unread_messages' => '+', 'new_pm' => 1));
Chris@76: 
Chris@76: 	return $log;
Chris@76: }
Chris@76: 
Chris@76: // Prepare text strings for sending as email body or header.
Chris@76: function mimespecialchars($string, $with_charset = true, $hotmail_fix = false, $line_break = "\r\n", $custom_charset = null)
Chris@76: {
Chris@76: 	global $context;
Chris@76: 
Chris@76: 	$charset = $custom_charset !== null ? $custom_charset : $context['character_set'];
Chris@76: 
Chris@76: 	// This is the fun part....
Chris@76: 	if (preg_match_all('~&#(\d{3,8});~', $string, $matches) !== 0 && !$hotmail_fix)
Chris@76: 	{
Chris@76: 		// Let's, for now, assume there are only &#021;'ish characters.
Chris@76: 		$simple = true;
Chris@76: 
Chris@76: 		foreach ($matches[1] as $entity)
Chris@76: 			if ($entity > 128)
Chris@76: 				$simple = false;
Chris@76: 		unset($matches);
Chris@76: 
Chris@76: 		if ($simple)
Chris@76: 			$string = preg_replace('~&#(\d{3,8});~e', 'chr(\'$1\')', $string);
Chris@76: 		else
Chris@76: 		{
Chris@76: 			// Try to convert the string to UTF-8.
Chris@76: 			if (!$context['utf8'] && function_exists('iconv'))
Chris@76: 			{
Chris@76: 				$newstring = @iconv($context['character_set'], 'UTF-8', $string);
Chris@76: 				if ($newstring)
Chris@76: 					$string = $newstring;
Chris@76: 			}
Chris@76: 
Chris@76: 			$fixchar = create_function('$n', '
Chris@76: 				if ($n < 128)
Chris@76: 					return chr($n);
Chris@76: 				elseif ($n < 2048)
Chris@76: 					return chr(192 | $n >> 6) . chr(128 | $n & 63);
Chris@76: 				elseif ($n < 65536)
Chris@76: 					return chr(224 | $n >> 12) . chr(128 | $n >> 6 & 63) . chr(128 | $n & 63);
Chris@76: 				else
Chris@76: 					return chr(240 | $n >> 18) . chr(128 | $n >> 12 & 63) . chr(128 | $n >> 6 & 63) . chr(128 | $n & 63);');
Chris@76: 
Chris@76: 			$string = preg_replace('~&#(\d{3,8});~e', '$fixchar(\'$1\')', $string);
Chris@76: 
Chris@76: 			// Unicode, baby.
Chris@76: 			$charset = 'UTF-8';
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Convert all special characters to HTML entities...just for Hotmail :-\
Chris@76: 	if ($hotmail_fix && ($context['utf8'] || function_exists('iconv') || $context['character_set'] === 'ISO-8859-1'))
Chris@76: 	{
Chris@76: 		if (!$context['utf8'] && function_exists('iconv'))
Chris@76: 		{
Chris@76: 			$newstring = @iconv($context['character_set'], 'UTF-8', $string);
Chris@76: 			if ($newstring)
Chris@76: 				$string = $newstring;
Chris@76: 		}
Chris@76: 
Chris@76: 		$entityConvert = create_function('$c', '
Chris@76: 			if (strlen($c) === 1 && ord($c[0]) <= 0x7F)
Chris@76: 				return $c;
Chris@76: 			elseif (strlen($c) === 2 && ord($c[0]) >= 0xC0 && ord($c[0]) <= 0xDF)
Chris@76: 				return "&#" . (((ord($c[0]) ^ 0xC0) << 6) + (ord($c[1]) ^ 0x80)) . ";";
Chris@76: 			elseif (strlen($c) === 3 && ord($c[0]) >= 0xE0 && ord($c[0]) <= 0xEF)
Chris@76: 				return "&#" . (((ord($c[0]) ^ 0xE0) << 12) + ((ord($c[1]) ^ 0x80) << 6) + (ord($c[2]) ^ 0x80)) . ";";
Chris@76: 			elseif (strlen($c) === 4 && ord($c[0]) >= 0xF0 && ord($c[0]) <= 0xF7)
Chris@76: 				return "&#" . (((ord($c[0]) ^ 0xF0) << 18) + ((ord($c[1]) ^ 0x80) << 12) + ((ord($c[2]) ^ 0x80) << 6) + (ord($c[3]) ^ 0x80)) . ";";
Chris@76: 			else
Chris@76: 				return "";');
Chris@76: 
Chris@76: 		// Convert all 'special' characters to HTML entities.
Chris@76: 		return array($charset, preg_replace('~([\x80-' . ($context['server']['complex_preg_chars'] ? '\x{10FFFF}' : "\xF7\xBF\xBF\xBF") . '])~eu', '$entityConvert(\'\1\')', $string), '7bit');
Chris@76: 	}
Chris@76: 
Chris@76: 	// We don't need to mess with the subject line if no special characters were in it..
Chris@76: 	elseif (!$hotmail_fix && preg_match('~([^\x09\x0A\x0D\x20-\x7F])~', $string) === 1)
Chris@76: 	{
Chris@76: 		// Base64 encode.
Chris@76: 		$string = base64_encode($string);
Chris@76: 
Chris@76: 		// Show the characterset and the transfer-encoding for header strings.
Chris@76: 		if ($with_charset)
Chris@76: 			$string = '=?' . $charset . '?B?' . $string . '?=';
Chris@76: 
Chris@76: 		// Break it up in lines (mail body).
Chris@76: 		else
Chris@76: 			$string = chunk_split($string, 76, $line_break);
Chris@76: 
Chris@76: 		return array($charset, $string, 'base64');
Chris@76: 	}
Chris@76: 
Chris@76: 	else
Chris@76: 		return array($charset, $string, '7bit');
Chris@76: }
Chris@76: 
Chris@76: // Send an email via SMTP.
Chris@76: function smtp_mail($mail_to_array, $subject, $message, $headers)
Chris@76: {
Chris@76: 	global $modSettings, $webmaster_email, $txt;
Chris@76: 
Chris@76: 	$modSettings['smtp_host'] = trim($modSettings['smtp_host']);
Chris@76: 
Chris@76: 	// Try POP3 before SMTP?
Chris@76: 	// !!! There's no interface for this yet.
Chris@76: 	if ($modSettings['mail_type'] == 2 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
Chris@76: 	{
Chris@76: 		$socket = fsockopen($modSettings['smtp_host'], 110, $errno, $errstr, 2);
Chris@76: 		if (!$socket && (substr($modSettings['smtp_host'], 0, 5) == 'smtp.' || substr($modSettings['smtp_host'], 0, 11) == 'ssl://smtp.'))
Chris@76: 			$socket = fsockopen(strtr($modSettings['smtp_host'], array('smtp.' => 'pop.')), 110, $errno, $errstr, 2);
Chris@76: 
Chris@76: 		if ($socket)
Chris@76: 		{
Chris@76: 			fgets($socket, 256);
Chris@76: 			fputs($socket, 'USER ' . $modSettings['smtp_username'] . "\r\n");
Chris@76: 			fgets($socket, 256);
Chris@76: 			fputs($socket, 'PASS ' . base64_decode($modSettings['smtp_password']) . "\r\n");
Chris@76: 			fgets($socket, 256);
Chris@76: 			fputs($socket, 'QUIT' . "\r\n");
Chris@76: 
Chris@76: 			fclose($socket);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Try to connect to the SMTP server... if it doesn't exist, only wait three seconds.
Chris@76: 	if (!$socket = fsockopen($modSettings['smtp_host'], empty($modSettings['smtp_port']) ? 25 : $modSettings['smtp_port'], $errno, $errstr, 3))
Chris@76: 	{
Chris@76: 		// Maybe we can still save this?  The port might be wrong.
Chris@76: 		if (substr($modSettings['smtp_host'], 0, 4) == 'ssl:' && (empty($modSettings['smtp_port']) || $modSettings['smtp_port'] == 25))
Chris@76: 		{
Chris@76: 			if ($socket = fsockopen($modSettings['smtp_host'], 465, $errno, $errstr, 3))
Chris@76: 				log_error($txt['smtp_port_ssl']);
Chris@76: 		}
Chris@76: 
Chris@76: 		// Unable to connect!  Don't show any error message, but just log one and try to continue anyway.
Chris@76: 		if (!$socket)
Chris@76: 		{
Chris@76: 			log_error($txt['smtp_no_connect'] . ': ' . $errno . ' : ' . $errstr);
Chris@76: 			return false;
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Wait for a response of 220, without "-" continuer.
Chris@76: 	if (!server_parse(null, $socket, '220'))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	if ($modSettings['mail_type'] == 1 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
Chris@76: 	{
Chris@76: 		// !!! These should send the CURRENT server's name, not the mail server's!
Chris@76: 
Chris@76: 		// EHLO could be understood to mean encrypted hello...
Chris@76: 		if (server_parse('EHLO ' . $modSettings['smtp_host'], $socket, null) == '250')
Chris@76: 		{
Chris@76: 			if (!server_parse('AUTH LOGIN', $socket, '334'))
Chris@76: 				return false;
Chris@76: 			// Send the username and password, encoded.
Chris@76: 			if (!server_parse(base64_encode($modSettings['smtp_username']), $socket, '334'))
Chris@76: 				return false;
Chris@76: 			// The password is already encoded ;)
Chris@76: 			if (!server_parse($modSettings['smtp_password'], $socket, '235'))
Chris@76: 				return false;
Chris@76: 		}
Chris@76: 		elseif (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
Chris@76: 			return false;
Chris@76: 	}
Chris@76: 	else
Chris@76: 	{
Chris@76: 		// Just say "helo".
Chris@76: 		if (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
Chris@76: 			return false;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Fix the message for any lines beginning with a period! (the first is ignored, you see.)
Chris@76: 	$message = strtr($message, array("\r\n" . '.' => "\r\n" . '..'));
Chris@76: 
Chris@76: 	// !! Theoretically, we should be able to just loop the RCPT TO.
Chris@76: 	$mail_to_array = array_values($mail_to_array);
Chris@76: 	foreach ($mail_to_array as $i => $mail_to)
Chris@76: 	{
Chris@76: 		// Reset the connection to send another email.
Chris@76: 		if ($i != 0)
Chris@76: 		{
Chris@76: 			if (!server_parse('RSET', $socket, '250'))
Chris@76: 				return false;
Chris@76: 		}
Chris@76: 
Chris@76: 		// From, to, and then start the data...
Chris@76: 		if (!server_parse('MAIL FROM: <' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . '>', $socket, '250'))
Chris@76: 			return false;
Chris@76: 		if (!server_parse('RCPT TO: <' . $mail_to . '>', $socket, '250'))
Chris@76: 			return false;
Chris@76: 		if (!server_parse('DATA', $socket, '354'))
Chris@76: 			return false;
Chris@76: 		fputs($socket, 'Subject: ' . $subject . "\r\n");
Chris@76: 		if (strlen($mail_to) > 0)
Chris@76: 			fputs($socket, 'To: <' . $mail_to . '>' . "\r\n");
Chris@76: 		fputs($socket, $headers . "\r\n\r\n");
Chris@76: 		fputs($socket, $message . "\r\n");
Chris@76: 
Chris@76: 		// Send a ., or in other words "end of data".
Chris@76: 		if (!server_parse('.', $socket, '250'))
Chris@76: 			return false;
Chris@76: 
Chris@76: 		// Almost done, almost done... don't stop me just yet!
Chris@76: 		@set_time_limit(300);
Chris@76: 		if (function_exists('apache_reset_timeout'))
Chris@76: 			@apache_reset_timeout();
Chris@76: 	}
Chris@76: 	fputs($socket, 'QUIT' . "\r\n");
Chris@76: 	fclose($socket);
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // Parse a message to the SMTP server.
Chris@76: function server_parse($message, $socket, $response)
Chris@76: {
Chris@76: 	global $txt;
Chris@76: 
Chris@76: 	if ($message !== null)
Chris@76: 		fputs($socket, $message . "\r\n");
Chris@76: 
Chris@76: 	// No response yet.
Chris@76: 	$server_response = '';
Chris@76: 
Chris@76: 	while (substr($server_response, 3, 1) != ' ')
Chris@76: 		if (!($server_response = fgets($socket, 256)))
Chris@76: 		{
Chris@76: 			// !!! Change this message to reflect that it may mean bad user/password/server issues/etc.
Chris@76: 			log_error($txt['smtp_bad_response']);
Chris@76: 			return false;
Chris@76: 		}
Chris@76: 
Chris@76: 	if ($response === null)
Chris@76: 		return substr($server_response, 0, 3);
Chris@76: 
Chris@76: 	if (substr($server_response, 0, 3) != $response)
Chris@76: 	{
Chris@76: 		log_error($txt['smtp_error'] . $server_response);
Chris@76: 		return false;
Chris@76: 	}
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: function SpellCheck()
Chris@76: {
Chris@76: 	global $txt, $context, $smcFunc;
Chris@76: 
Chris@76: 	// A list of "words" we know about but pspell doesn't.
Chris@76: 	$known_words = array('smf', 'php', 'mysql', 'www', 'gif', 'jpeg', 'png', 'http', 'smfisawesome', 'grandia', 'terranigma', 'rpgs');
Chris@76: 
Chris@76: 	loadLanguage('Post');
Chris@76: 	loadTemplate('Post');
Chris@76: 
Chris@76: 	// Okay, this looks funny, but it actually fixes a weird bug.
Chris@76: 	ob_start();
Chris@76: 	$old = error_reporting(0);
Chris@76: 
Chris@76: 	// See, first, some windows machines don't load pspell properly on the first try.  Dumb, but this is a workaround.
Chris@76: 	pspell_new('en');
Chris@76: 
Chris@76: 	// Next, the dictionary in question may not exist. So, we try it... but...
Chris@76: 	$pspell_link = pspell_new($txt['lang_dictionary'], $txt['lang_spelling'], '', strtr($context['character_set'], array('iso-' => 'iso', 'ISO-' => 'iso')), PSPELL_FAST | PSPELL_RUN_TOGETHER);
Chris@76: 
Chris@76: 	// Most people don't have anything but English installed... So we use English as a last resort.
Chris@76: 	if (!$pspell_link)
Chris@76: 		$pspell_link = pspell_new('en', '', '', '', PSPELL_FAST | PSPELL_RUN_TOGETHER);
Chris@76: 
Chris@76: 	error_reporting($old);
Chris@76: 	ob_end_clean();
Chris@76: 
Chris@76: 	if (!isset($_POST['spellstring']) || !$pspell_link)
Chris@76: 		die;
Chris@76: 
Chris@76: 	// Construct a bit of Javascript code.
Chris@76: 	$context['spell_js'] = '
Chris@76: 		var txt = {"done": "' . $txt['spellcheck_done'] . '"};
Chris@76: 		var mispstr = window.opener.document.forms[spell_formname][spell_fieldname].value;
Chris@76: 		var misps = Array(';
Chris@76: 
Chris@76: 	// Get all the words (Javascript already separated them).
Chris@76: 	$alphas = explode("\n", strtr($_POST['spellstring'], array("\r" => '')));
Chris@76: 
Chris@76: 	$found_words = false;
Chris@76: 	for ($i = 0, $n = count($alphas); $i < $n; $i++)
Chris@76: 	{
Chris@76: 		// Words are sent like 'word|offset_begin|offset_end'.
Chris@76: 		$check_word = explode('|', $alphas[$i]);
Chris@76: 
Chris@76: 		// If the word is a known word, or spelled right...
Chris@76: 		if (in_array($smcFunc['strtolower']($check_word[0]), $known_words) || pspell_check($pspell_link, $check_word[0]) || !isset($check_word[2]))
Chris@76: 			continue;
Chris@76: 
Chris@76: 		// Find the word, and move up the "last occurance" to here.
Chris@76: 		$found_words = true;
Chris@76: 
Chris@76: 		// Add on the javascript for this misspelling.
Chris@76: 		$context['spell_js'] .= '
Chris@76: 			new misp("' . strtr($check_word[0], array('\\' => '\\\\', '"' => '\\"', '<' => '', '&gt;' => '')) . '", ' . (int) $check_word[1] . ', ' . (int) $check_word[2] . ', [';
Chris@76: 
Chris@76: 		// If there are suggestions, add them in...
Chris@76: 		$suggestions = pspell_suggest($pspell_link, $check_word[0]);
Chris@76: 		if (!empty($suggestions))
Chris@76: 		{
Chris@76: 			// But first check they aren't going to be censored - no naughty words!
Chris@76: 			foreach ($suggestions as $k => $word)
Chris@76: 				if ($suggestions[$k] != censorText($word))
Chris@76: 					unset($suggestions[$k]);
Chris@76: 
Chris@76: 			if (!empty($suggestions))
Chris@76: 				$context['spell_js'] .= '"' . implode('", "', $suggestions) . '"';
Chris@76: 		}
Chris@76: 
Chris@76: 		$context['spell_js'] .= ']),';
Chris@76: 	}
Chris@76: 
Chris@76: 	// If words were found, take off the last comma.
Chris@76: 	if ($found_words)
Chris@76: 		$context['spell_js'] = substr($context['spell_js'], 0, -1);
Chris@76: 
Chris@76: 	$context['spell_js'] .= '
Chris@76: 		);';
Chris@76: 
Chris@76: 	// And instruct the template system to just show the spellcheck sub template.
Chris@76: 	$context['template_layers'] = array();
Chris@76: 	$context['sub_template'] = 'spellcheck';
Chris@76: }
Chris@76: 
Chris@76: // Notify members that something has happened to a topic they marked!
Chris@76: function sendNotifications($topics, $type, $exclude = array(), $members_only = array())
Chris@76: {
Chris@76: 	global $txt, $scripturl, $language, $user_info;
Chris@76: 	global $modSettings, $sourcedir, $context, $smcFunc;
Chris@76: 
Chris@76: 	// Can't do it if there's no topics.
Chris@76: 	if (empty($topics))
Chris@76: 		return;
Chris@76: 	// It must be an array - it must!
Chris@76: 	if (!is_array($topics))
Chris@76: 		$topics = array($topics);
Chris@76: 
Chris@76: 	// Get the subject and body...
Chris@76: 	$result = $smcFunc['db_query']('', '
Chris@76: 		SELECT mf.subject, ml.body, ml.id_member, t.id_last_msg, t.id_topic,
Chris@76: 			IFNULL(mem.real_name, ml.poster_name) AS poster_name
Chris@76: 		FROM {db_prefix}topics AS t
Chris@76: 			INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_first_msg)
Chris@76: 			INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)
Chris@76: 			LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = ml.id_member)
Chris@76: 		WHERE t.id_topic IN ({array_int:topic_list})
Chris@76: 		LIMIT 1',
Chris@76: 		array(
Chris@76: 			'topic_list' => $topics,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$topicData = array();
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($result))
Chris@76: 	{
Chris@76: 		// Clean it up.
Chris@76: 		censorText($row['subject']);
Chris@76: 		censorText($row['body']);
Chris@76: 		$row['subject'] = un_htmlspecialchars($row['subject']);
Chris@76: 		$row['body'] = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($row['body'], false, $row['id_last_msg']), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
Chris@76: 
Chris@76: 		$topicData[$row['id_topic']] = array(
Chris@76: 			'subject' => $row['subject'],
Chris@76: 			'body' => $row['body'],
Chris@76: 			'last_id' => $row['id_last_msg'],
Chris@76: 			'topic' => $row['id_topic'],
Chris@76: 			'name' => $user_info['name'],
Chris@76: 			'exclude' => '',
Chris@76: 		);
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($result);
Chris@76: 
Chris@76: 	// Work out any exclusions...
Chris@76: 	foreach ($topics as $key => $id)
Chris@76: 		if (isset($topicData[$id]) && !empty($exclude[$key]))
Chris@76: 			$topicData[$id]['exclude'] = (int) $exclude[$key];
Chris@76: 
Chris@76: 	// Nada?
Chris@76: 	if (empty($topicData))
Chris@76: 		trigger_error('sendNotifications(): topics not found', E_USER_NOTICE);
Chris@76: 
Chris@76: 	$topics = array_keys($topicData);
Chris@76: 	// Just in case they've gone walkies.
Chris@76: 	if (empty($topics))
Chris@76: 		return;
Chris@76: 
Chris@76: 	// Insert all of these items into the digest log for those who want notifications later.
Chris@76: 	$digest_insert = array();
Chris@76: 	foreach ($topicData as $id => $data)
Chris@76: 		$digest_insert[] = array($data['topic'], $data['last_id'], $type, (int) $data['exclude']);
Chris@76: 	$smcFunc['db_insert']('',
Chris@76: 		'{db_prefix}log_digest',
Chris@76: 		array(
Chris@76: 			'id_topic' => 'int', 'id_msg' => 'int', 'note_type' => 'string', 'exclude' => 'int',
Chris@76: 		),
Chris@76: 		$digest_insert,
Chris@76: 		array()
Chris@76: 	);
Chris@76: 
Chris@76: 	// Find the members with notification on for this topic.
Chris@76: 	$members = $smcFunc['db_query']('', '
Chris@76: 		SELECT
Chris@76: 			mem.id_member, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile,
Chris@76: 			ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started,
Chris@76: 			ln.id_topic
Chris@76: 		FROM {db_prefix}log_notify AS ln
Chris@76: 			INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ln.id_member)
Chris@76: 			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = ln.id_topic)
Chris@76: 			INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
Chris@76: 		WHERE ln.id_topic IN ({array_int:topic_list})
Chris@76: 			AND mem.notify_types < {int:notify_types}
Chris@76: 			AND mem.notify_regularity < {int:notify_regularity}
Chris@76: 			AND mem.is_activated = {int:is_activated}
Chris@76: 			AND ln.id_member != {int:current_member}' .
Chris@76: 			(empty($members_only) ? '' : ' AND ln.id_member IN ({array_int:members_only})') . '
Chris@76: 		ORDER BY mem.lngfile',
Chris@76: 		array(
Chris@76: 			'current_member' => $user_info['id'],
Chris@76: 			'topic_list' => $topics,
Chris@76: 			'notify_types' => $type == 'reply' ? '4' : '3',
Chris@76: 			'notify_regularity' => 2,
Chris@76: 			'is_activated' => 1,
Chris@76: 			'members_only' => is_array($members_only) ? $members_only : array($members_only),
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$sent = 0;
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($members))
Chris@76: 	{
Chris@76: 		// Don't do the excluded...
Chris@76: 		if ($topicData[$row['id_topic']]['exclude'] == $row['id_member'])
Chris@76: 			continue;
Chris@76: 
Chris@76: 		// Easier to check this here... if they aren't the topic poster do they really want to know?
Chris@76: 		if ($type != 'reply' && $row['notify_types'] == 2 && $row['id_member'] != $row['id_member_started'])
Chris@76: 			continue;
Chris@76: 
Chris@76: 		if ($row['id_group'] != 1)
Chris@76: 		{
Chris@76: 			$allowed = explode(',', $row['member_groups']);
Chris@76: 			$row['additional_groups'] = explode(',', $row['additional_groups']);
Chris@76: 			$row['additional_groups'][] = $row['id_group'];
Chris@76: 			$row['additional_groups'][] = $row['id_post_group'];
Chris@76: 
Chris@76: 			if (count(array_intersect($allowed, $row['additional_groups'])) == 0)
Chris@76: 				continue;
Chris@76: 		}
Chris@76: 
Chris@76: 		$needed_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
Chris@76: 		if (empty($current_language) || $current_language != $needed_language)
Chris@76: 			$current_language = loadLanguage('Post', $needed_language, false);
Chris@76: 
Chris@76: 		$message_type = 'notification_' . $type;
Chris@76: 		$replacements = array(
Chris@76: 			'TOPICSUBJECT' => $topicData[$row['id_topic']]['subject'],
Chris@76: 			'POSTERNAME' => un_htmlspecialchars($topicData[$row['id_topic']]['name']),
Chris@76: 			'TOPICLINK' => $scripturl . '?topic=' . $row['id_topic'] . '.new;topicseen#new',
Chris@76: 			'UNSUBSCRIBELINK' => $scripturl . '?action=notify;topic=' . $row['id_topic'] . '.0',
Chris@76: 		);
Chris@76: 
Chris@76: 		if ($type == 'remove')
Chris@76: 			unset($replacements['TOPICLINK'], $replacements['UNSUBSCRIBELINK']);
Chris@76: 		// Do they want the body of the message sent too?
Chris@76: 		if (!empty($row['notify_send_body']) && $type == 'reply' && empty($modSettings['disallow_sendBody']))
Chris@76: 		{
Chris@76: 			$message_type .= '_body';
Chris@76: 			$replacements['MESSAGE'] = $topicData[$row['id_topic']]['body'];
Chris@76: 		}
Chris@76: 		if (!empty($row['notify_regularity']) && $type == 'reply')
Chris@76: 			$message_type .= '_once';
Chris@76: 
Chris@76: 		// Send only if once is off or it's on and it hasn't been sent.
Chris@76: 		if ($type != 'reply' || empty($row['notify_regularity']) || empty($row['sent']))
Chris@76: 		{
Chris@76: 			$emaildata = loadEmailTemplate($message_type, $replacements, $needed_language);
Chris@76: 			sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, 'm' . $topicData[$row['id_topic']]['last_id']);
Chris@76: 			$sent++;
Chris@76: 		}
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($members);
Chris@76: 
Chris@76: 	if (isset($current_language) && $current_language != $user_info['language'])
Chris@76: 		loadLanguage('Post');
Chris@76: 
Chris@76: 	// Sent!
Chris@76: 	if ($type == 'reply' && !empty($sent))
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}log_notify
Chris@76: 			SET sent = {int:is_sent}
Chris@76: 			WHERE id_topic IN ({array_int:topic_list})
Chris@76: 				AND id_member != {int:current_member}',
Chris@76: 			array(
Chris@76: 				'current_member' => $user_info['id'],
Chris@76: 				'topic_list' => $topics,
Chris@76: 				'is_sent' => 1,
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 	// For approvals we need to unsend the exclusions (This *is* the quickest way!)
Chris@76: 	if (!empty($sent) && !empty($exclude))
Chris@76: 	{
Chris@76: 		foreach ($topicData as $id => $data)
Chris@76: 			if ($data['exclude'])
Chris@76: 				$smcFunc['db_query']('', '
Chris@76: 					UPDATE {db_prefix}log_notify
Chris@76: 					SET sent = {int:not_sent}
Chris@76: 					WHERE id_topic = {int:id_topic}
Chris@76: 						AND id_member = {int:id_member}',
Chris@76: 					array(
Chris@76: 						'not_sent' => 0,
Chris@76: 						'id_topic' => $id,
Chris@76: 						'id_member' => $data['exclude'],
Chris@76: 					)
Chris@76: 				);
Chris@76: 	}
Chris@76: }
Chris@76: 
Chris@76: // Create a post, either as new topic (id_topic = 0) or in an existing one.
Chris@76: // The input parameters of this function assume:
Chris@76: // - Strings have been escaped.
Chris@76: // - Integers have been cast to integer.
Chris@76: // - Mandatory parameters are set.
Chris@76: function createPost(&$msgOptions, &$topicOptions, &$posterOptions)
Chris@76: {
Chris@76: 	global $user_info, $txt, $modSettings, $smcFunc, $context;
Chris@76: 
Chris@76: 	// Set optional parameters to the default value.
Chris@76: 	$msgOptions['icon'] = empty($msgOptions['icon']) ? 'xx' : $msgOptions['icon'];
Chris@76: 	$msgOptions['smileys_enabled'] = !empty($msgOptions['smileys_enabled']);
Chris@76: 	$msgOptions['attachments'] = empty($msgOptions['attachments']) ? array() : $msgOptions['attachments'];
Chris@76: 	$msgOptions['approved'] = isset($msgOptions['approved']) ? (int) $msgOptions['approved'] : 1;
Chris@76: 	$topicOptions['id'] = empty($topicOptions['id']) ? 0 : (int) $topicOptions['id'];
Chris@76: 	$topicOptions['poll'] = isset($topicOptions['poll']) ? (int) $topicOptions['poll'] : null;
Chris@76: 	$topicOptions['lock_mode'] = isset($topicOptions['lock_mode']) ? $topicOptions['lock_mode'] : null;
Chris@76: 	$topicOptions['sticky_mode'] = isset($topicOptions['sticky_mode']) ? $topicOptions['sticky_mode'] : null;
Chris@76: 	$posterOptions['id'] = empty($posterOptions['id']) ? 0 : (int) $posterOptions['id'];
Chris@76: 	$posterOptions['ip'] = empty($posterOptions['ip']) ? $user_info['ip'] : $posterOptions['ip'];
Chris@76: 
Chris@76: 	// We need to know if the topic is approved. If we're told that's great - if not find out.
Chris@76: 	if (!$modSettings['postmod_active'])
Chris@76: 		$topicOptions['is_approved'] = true;
Chris@76: 	elseif (!empty($topicOptions['id']) && !isset($topicOptions['is_approved']))
Chris@76: 	{
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT approved
Chris@76: 			FROM {db_prefix}topics
Chris@76: 			WHERE id_topic = {int:id_topic}
Chris@76: 			LIMIT 1',
Chris@76: 			array(
Chris@76: 				'id_topic' => $topicOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 		list ($topicOptions['is_approved']) = $smcFunc['db_fetch_row']($request);
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	// If nothing was filled in as name/e-mail address, try the member table.
Chris@76: 	if (!isset($posterOptions['name']) || $posterOptions['name'] == '' || (empty($posterOptions['email']) && !empty($posterOptions['id'])))
Chris@76: 	{
Chris@76: 		if (empty($posterOptions['id']))
Chris@76: 		{
Chris@76: 			$posterOptions['id'] = 0;
Chris@76: 			$posterOptions['name'] = $txt['guest_title'];
Chris@76: 			$posterOptions['email'] = '';
Chris@76: 		}
Chris@76: 		elseif ($posterOptions['id'] != $user_info['id'])
Chris@76: 		{
Chris@76: 			$request = $smcFunc['db_query']('', '
Chris@76: 				SELECT member_name, email_address
Chris@76: 				FROM {db_prefix}members
Chris@76: 				WHERE id_member = {int:id_member}
Chris@76: 				LIMIT 1',
Chris@76: 				array(
Chris@76: 					'id_member' => $posterOptions['id'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 			// Couldn't find the current poster?
Chris@76: 			if ($smcFunc['db_num_rows']($request) == 0)
Chris@76: 			{
Chris@76: 				trigger_error('createPost(): Invalid member id ' . $posterOptions['id'], E_USER_NOTICE);
Chris@76: 				$posterOptions['id'] = 0;
Chris@76: 				$posterOptions['name'] = $txt['guest_title'];
Chris@76: 				$posterOptions['email'] = '';
Chris@76: 			}
Chris@76: 			else
Chris@76: 				list ($posterOptions['name'], $posterOptions['email']) = $smcFunc['db_fetch_row']($request);
Chris@76: 			$smcFunc['db_free_result']($request);
Chris@76: 		}
Chris@76: 		else
Chris@76: 		{
Chris@76: 			$posterOptions['name'] = $user_info['name'];
Chris@76: 			$posterOptions['email'] = $user_info['email'];
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// It's do or die time: forget any user aborts!
Chris@76: 	$previous_ignore_user_abort = ignore_user_abort(true);
Chris@76: 
Chris@76: 	$new_topic = empty($topicOptions['id']);
Chris@76: 
Chris@76: 	// Insert the post.
Chris@76: 	$smcFunc['db_insert']('',
Chris@76: 		'{db_prefix}messages',
Chris@76: 		array(
Chris@76: 			'id_board' => 'int', 'id_topic' => 'int', 'id_member' => 'int', 'subject' => 'string-255', 'body' => (!empty($modSettings['max_messageLength']) && $modSettings['max_messageLength'] > 65534 ? 'string-' . $modSettings['max_messageLength'] : 'string-65534'),
Chris@76: 			'poster_name' => 'string-255', 'poster_email' => 'string-255', 'poster_time' => 'int', 'poster_ip' => 'string-255',
Chris@76: 			'smileys_enabled' => 'int', 'modified_name' => 'string', 'icon' => 'string-16', 'approved' => 'int',
Chris@76: 		),
Chris@76: 		array(
Chris@76: 			$topicOptions['board'], $topicOptions['id'], $posterOptions['id'], $msgOptions['subject'], $msgOptions['body'],
Chris@76: 			$posterOptions['name'], $posterOptions['email'], time(), $posterOptions['ip'],
Chris@76: 			$msgOptions['smileys_enabled'] ? 1 : 0, '', $msgOptions['icon'], $msgOptions['approved'],
Chris@76: 		),
Chris@76: 		array('id_msg')
Chris@76: 	);
Chris@76: 	$msgOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}messages', 'id_msg');
Chris@76: 
Chris@76: 	// Something went wrong creating the message...
Chris@76: 	if (empty($msgOptions['id']))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	// Fix the attachments.
Chris@76: 	if (!empty($msgOptions['attachments']))
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}attachments
Chris@76: 			SET id_msg = {int:id_msg}
Chris@76: 			WHERE id_attach IN ({array_int:attachment_list})',
Chris@76: 			array(
Chris@76: 				'attachment_list' => $msgOptions['attachments'],
Chris@76: 				'id_msg' => $msgOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 	// Insert a new topic (if the topicID was left empty.)
Chris@76: 	if ($new_topic)
Chris@76: 	{
Chris@76: 		$smcFunc['db_insert']('',
Chris@76: 			'{db_prefix}topics',
Chris@76: 			array(
Chris@76: 				'id_board' => 'int', 'id_member_started' => 'int', 'id_member_updated' => 'int', 'id_first_msg' => 'int',
Chris@76: 				'id_last_msg' => 'int', 'locked' => 'int', 'is_sticky' => 'int', 'num_views' => 'int',
Chris@76: 				'id_poll' => 'int', 'unapproved_posts' => 'int', 'approved' => 'int',
Chris@76: 			),
Chris@76: 			array(
Chris@76: 				$topicOptions['board'], $posterOptions['id'], $posterOptions['id'], $msgOptions['id'],
Chris@76: 				$msgOptions['id'], $topicOptions['lock_mode'] === null ? 0 : $topicOptions['lock_mode'], $topicOptions['sticky_mode'] === null ? 0 : $topicOptions['sticky_mode'], 0,
Chris@76: 				$topicOptions['poll'] === null ? 0 : $topicOptions['poll'], $msgOptions['approved'] ? 0 : 1, $msgOptions['approved'],
Chris@76: 			),
Chris@76: 			array('id_topic')
Chris@76: 		);
Chris@76: 		$topicOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}topics', 'id_topic');
Chris@76: 
Chris@76: 		// The topic couldn't be created for some reason.
Chris@76: 		if (empty($topicOptions['id']))
Chris@76: 		{
Chris@76: 			// We should delete the post that did work, though...
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				DELETE FROM {db_prefix}messages
Chris@76: 				WHERE id_msg = {int:id_msg}',
Chris@76: 				array(
Chris@76: 					'id_msg' => $msgOptions['id'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 
Chris@76: 			return false;
Chris@76: 		}
Chris@76: 
Chris@76: 		// Fix the message with the topic.
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}messages
Chris@76: 			SET id_topic = {int:id_topic}
Chris@76: 			WHERE id_msg = {int:id_msg}',
Chris@76: 			array(
Chris@76: 				'id_topic' => $topicOptions['id'],
Chris@76: 				'id_msg' => $msgOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		// There's been a new topic AND a new post today.
Chris@76: 		trackStats(array('topics' => '+', 'posts' => '+'));
Chris@76: 
Chris@76: 		updateStats('topic', true);
Chris@76: 		updateStats('subject', $topicOptions['id'], $msgOptions['subject']);
Chris@76: 
Chris@76: 		// What if we want to export new topics out to a CMS?
Chris@76: 		call_integration_hook('integrate_create_topic', array($msgOptions, $topicOptions, $posterOptions));
Chris@76: 	}
Chris@76: 	// The topic already exists, it only needs a little updating.
Chris@76: 	else
Chris@76: 	{
Chris@76: 		$countChange = $msgOptions['approved'] ? 'num_replies = num_replies + 1' : 'unapproved_posts = unapproved_posts + 1';
Chris@76: 
Chris@76: 		// Update the number of replies and the lock/sticky status.
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}topics
Chris@76: 			SET
Chris@76: 				' . ($msgOptions['approved'] ? 'id_member_updated = {int:poster_id}, id_last_msg = {int:id_msg},' : '') . '
Chris@76: 				' . $countChange . ($topicOptions['lock_mode'] === null ? '' : ',
Chris@76: 				locked = {int:locked}') . ($topicOptions['sticky_mode'] === null ? '' : ',
Chris@76: 				is_sticky = {int:is_sticky}') . '
Chris@76: 			WHERE id_topic = {int:id_topic}',
Chris@76: 			array(
Chris@76: 				'poster_id' => $posterOptions['id'],
Chris@76: 				'id_msg' => $msgOptions['id'],
Chris@76: 				'locked' => $topicOptions['lock_mode'],
Chris@76: 				'is_sticky' => $topicOptions['sticky_mode'],
Chris@76: 				'id_topic' => $topicOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		// One new post has been added today.
Chris@76: 		trackStats(array('posts' => '+'));
Chris@76: 	}
Chris@76: 
Chris@76: 	// Creating is modifying...in a way.
Chris@76: 	//!!! Why not set id_msg_modified on the insert?
Chris@76: 	$smcFunc['db_query']('', '
Chris@76: 		UPDATE {db_prefix}messages
Chris@76: 		SET id_msg_modified = {int:id_msg}
Chris@76: 		WHERE id_msg = {int:id_msg}',
Chris@76: 		array(
Chris@76: 			'id_msg' => $msgOptions['id'],
Chris@76: 		)
Chris@76: 	);
Chris@76: 
Chris@76: 	// Increase the number of posts and topics on the board.
Chris@76: 	if ($msgOptions['approved'])
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}boards
Chris@76: 			SET num_posts = num_posts + 1' . ($new_topic ? ', num_topics = num_topics + 1' : '') . '
Chris@76: 			WHERE id_board = {int:id_board}',
Chris@76: 			array(
Chris@76: 				'id_board' => $topicOptions['board'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 	else
Chris@76: 	{
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}boards
Chris@76: 			SET unapproved_posts = unapproved_posts + 1' . ($new_topic ? ', unapproved_topics = unapproved_topics + 1' : '') . '
Chris@76: 			WHERE id_board = {int:id_board}',
Chris@76: 			array(
Chris@76: 				'id_board' => $topicOptions['board'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		// Add to the approval queue too.
Chris@76: 		$smcFunc['db_insert']('',
Chris@76: 			'{db_prefix}approval_queue',
Chris@76: 			array(
Chris@76: 				'id_msg' => 'int',
Chris@76: 			),
Chris@76: 			array(
Chris@76: 				$msgOptions['id'],
Chris@76: 			),
Chris@76: 			array()
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Mark inserted topic as read (only for the user calling this function).
Chris@76: 	if (!empty($topicOptions['mark_as_read']) && !$user_info['is_guest'])
Chris@76: 	{
Chris@76: 		// Since it's likely they *read* it before replying, let's try an UPDATE first.
Chris@76: 		if (!$new_topic)
Chris@76: 		{
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				UPDATE {db_prefix}log_topics
Chris@76: 				SET id_msg = {int:id_msg}
Chris@76: 				WHERE id_member = {int:current_member}
Chris@76: 					AND id_topic = {int:id_topic}',
Chris@76: 				array(
Chris@76: 					'current_member' => $posterOptions['id'],
Chris@76: 					'id_msg' => $msgOptions['id'],
Chris@76: 					'id_topic' => $topicOptions['id'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 
Chris@76: 			$flag = $smcFunc['db_affected_rows']() != 0;
Chris@76: 		}
Chris@76: 
Chris@76: 		if (empty($flag))
Chris@76: 		{
Chris@76: 			$smcFunc['db_insert']('ignore',
Chris@76: 				'{db_prefix}log_topics',
Chris@76: 				array('id_topic' => 'int', 'id_member' => 'int', 'id_msg' => 'int'),
Chris@76: 				array($topicOptions['id'], $posterOptions['id'], $msgOptions['id']),
Chris@76: 				array('id_topic', 'id_member')
Chris@76: 			);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// If there's a custom search index, it needs updating...
Chris@76: 	if (!empty($modSettings['search_custom_index_config']))
Chris@76: 	{
Chris@76: 		$customIndexSettings = unserialize($modSettings['search_custom_index_config']);
Chris@76: 
Chris@76: 		$inserts = array();
Chris@76: 		foreach (text2words($msgOptions['body'], $customIndexSettings['bytes_per_word'], true) as $word)
Chris@76: 			$inserts[] = array($word, $msgOptions['id']);
Chris@76: 
Chris@76: 		if (!empty($inserts))
Chris@76: 			$smcFunc['db_insert']('ignore',
Chris@76: 				'{db_prefix}log_search_words',
Chris@76: 				array('id_word' => 'int', 'id_msg' => 'int'),
Chris@76: 				$inserts,
Chris@76: 				array('id_word', 'id_msg')
Chris@76: 			);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Increase the post counter for the user that created the post.
Chris@76: 	if (!empty($posterOptions['update_post_count']) && !empty($posterOptions['id']) && $msgOptions['approved'])
Chris@76: 	{
Chris@76: 		// Are you the one that happened to create this post?
Chris@76: 		if ($user_info['id'] == $posterOptions['id'])
Chris@76: 			$user_info['posts']++;
Chris@76: 		updateMemberData($posterOptions['id'], array('posts' => '+'));
Chris@76: 	}
Chris@76: 
Chris@76: 	// They've posted, so they can make the view count go up one if they really want. (this is to keep views >= replies...)
Chris@76: 	$_SESSION['last_read_topic'] = 0;
Chris@76: 
Chris@76: 	// Better safe than sorry.
Chris@76: 	if (isset($_SESSION['topicseen_cache'][$topicOptions['board']]))
Chris@76: 		$_SESSION['topicseen_cache'][$topicOptions['board']]--;
Chris@76: 
Chris@76: 	// Update all the stats so everyone knows about this new topic and message.
Chris@76: 	updateStats('message', true, $msgOptions['id']);
Chris@76: 
Chris@76: 	// Update the last message on the board assuming it's approved AND the topic is.
Chris@76: 	if ($msgOptions['approved'])
Chris@76: 		updateLastMessages($topicOptions['board'], $new_topic || !empty($topicOptions['is_approved']) ? $msgOptions['id'] : 0);
Chris@76: 
Chris@76: 	// Alright, done now... we can abort now, I guess... at least this much is done.
Chris@76: 	ignore_user_abort($previous_ignore_user_abort);
Chris@76: 
Chris@76: 	// Success.
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // !!!
Chris@76: function createAttachment(&$attachmentOptions)
Chris@76: {
Chris@76: 	global $modSettings, $sourcedir, $smcFunc, $context;
Chris@76: 
Chris@76: 	require_once($sourcedir . '/Subs-Graphics.php');
Chris@76: 
Chris@76: 	// We need to know where this thing is going.
Chris@76: 	if (!empty($modSettings['currentAttachmentUploadDir']))
Chris@76: 	{
Chris@76: 		if (!is_array($modSettings['attachmentUploadDir']))
Chris@76: 			$modSettings['attachmentUploadDir'] = unserialize($modSettings['attachmentUploadDir']);
Chris@76: 
Chris@76: 		// Just use the current path for temp files.
Chris@76: 		$attach_dir = $modSettings['attachmentUploadDir'][$modSettings['currentAttachmentUploadDir']];
Chris@76: 		$id_folder = $modSettings['currentAttachmentUploadDir'];
Chris@76: 	}
Chris@76: 	else
Chris@76: 	{
Chris@76: 		$attach_dir = $modSettings['attachmentUploadDir'];
Chris@76: 		$id_folder = 1;
Chris@76: 	}
Chris@76: 
Chris@76: 	$attachmentOptions['errors'] = array();
Chris@76: 	if (!isset($attachmentOptions['post']))
Chris@76: 		$attachmentOptions['post'] = 0;
Chris@76: 	if (!isset($attachmentOptions['approved']))
Chris@76: 		$attachmentOptions['approved'] = 1;
Chris@76: 
Chris@76: 	$already_uploaded = preg_match('~^post_tmp_' . $attachmentOptions['poster'] . '_\d+$~', $attachmentOptions['tmp_name']) != 0;
Chris@76: 	$file_restricted = @ini_get('open_basedir') != '' && !$already_uploaded;
Chris@76: 
Chris@76: 	if ($already_uploaded)
Chris@76: 		$attachmentOptions['tmp_name'] = $attach_dir . '/' . $attachmentOptions['tmp_name'];
Chris@76: 
Chris@76: 	// Make sure the file actually exists... sometimes it doesn't.
Chris@76: 	if ((!$file_restricted && !file_exists($attachmentOptions['tmp_name'])) || (!$already_uploaded && !is_uploaded_file($attachmentOptions['tmp_name'])))
Chris@76: 	{
Chris@76: 		$attachmentOptions['errors'] = array('could_not_upload');
Chris@76: 		return false;
Chris@76: 	}
Chris@76: 
Chris@76: 	// These are the only valid image types for SMF.
Chris@76: 	$validImageTypes = array(
Chris@76: 		1 => 'gif',
Chris@76: 		2 => 'jpeg',
Chris@76: 		3 => 'png',
Chris@76: 		5 => 'psd',
Chris@76: 		6 => 'bmp',
Chris@76: 		7 => 'tiff',
Chris@76: 		8 => 'tiff',
Chris@76: 		9 => 'jpeg',
Chris@76: 		14 => 'iff'
Chris@76: 	);
Chris@76: 
Chris@76: 	if (!$file_restricted || $already_uploaded)
Chris@76: 	{
Chris@76: 		$size = @getimagesize($attachmentOptions['tmp_name']);
Chris@76: 		list ($attachmentOptions['width'], $attachmentOptions['height']) = $size;
Chris@76: 
Chris@76: 		// If it's an image get the mime type right.
Chris@76: 		if (empty($attachmentOptions['mime_type']) && $attachmentOptions['width'])
Chris@76: 		{
Chris@76: 			// Got a proper mime type?
Chris@76: 			if (!empty($size['mime']))
Chris@76: 				$attachmentOptions['mime_type'] = $size['mime'];
Chris@76: 			// Otherwise a valid one?
Chris@76: 			elseif (isset($validImageTypes[$size[2]]))
Chris@76: 				$attachmentOptions['mime_type'] = 'image/' . $validImageTypes[$size[2]];
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Get the hash if no hash has been given yet.
Chris@76: 	if (empty($attachmentOptions['file_hash']))
Chris@76: 		$attachmentOptions['file_hash'] = getAttachmentFilename($attachmentOptions['name'], false, null, true);
Chris@76: 
Chris@76: 	// Is the file too big?
Chris@76: 	if (!empty($modSettings['attachmentSizeLimit']) && $attachmentOptions['size'] > $modSettings['attachmentSizeLimit'] * 1024)
Chris@76: 		$attachmentOptions['errors'][] = 'too_large';
Chris@76: 
Chris@76: 	if (!empty($modSettings['attachmentCheckExtensions']))
Chris@76: 	{
Chris@76: 		$allowed = explode(',', strtolower($modSettings['attachmentExtensions']));
Chris@76: 		foreach ($allowed as $k => $dummy)
Chris@76: 			$allowed[$k] = trim($dummy);
Chris@76: 
Chris@76: 		if (!in_array(strtolower(substr(strrchr($attachmentOptions['name'], '.'), 1)), $allowed))
Chris@76: 			$attachmentOptions['errors'][] = 'bad_extension';
Chris@76: 	}
Chris@76: 
Chris@76: 	if (!empty($modSettings['attachmentDirSizeLimit']))
Chris@76: 	{
Chris@76: 		// Make sure the directory isn't full.
Chris@76: 		$dirSize = 0;
Chris@76: 		$dir = @opendir($attach_dir) or fatal_lang_error('cant_access_upload_path', 'critical');
Chris@76: 		while ($file = readdir($dir))
Chris@76: 		{
Chris@76: 			if ($file == '.' || $file == '..')
Chris@76: 				continue;
Chris@76: 
Chris@76: 			if (preg_match('~^post_tmp_\d+_\d+$~', $file) != 0)
Chris@76: 			{
Chris@76: 				// Temp file is more than 5 hours old!
Chris@76: 				if (filemtime($attach_dir . '/' . $file) < time() - 18000)
Chris@76: 					@unlink($attach_dir . '/' . $file);
Chris@76: 				continue;
Chris@76: 			}
Chris@76: 
Chris@76: 			$dirSize += filesize($attach_dir . '/' . $file);
Chris@76: 		}
Chris@76: 		closedir($dir);
Chris@76: 
Chris@76: 		// Too big!  Maybe you could zip it or something...
Chris@76: 		if ($attachmentOptions['size'] + $dirSize > $modSettings['attachmentDirSizeLimit'] * 1024)
Chris@76: 			$attachmentOptions['errors'][] = 'directory_full';
Chris@76: 		// Soon to be too big - warn the admins...
Chris@76: 		elseif (!isset($modSettings['attachment_full_notified']) && $modSettings['attachmentDirSizeLimit'] > 4000 && $attachmentOptions['size'] + $dirSize > ($modSettings['attachmentDirSizeLimit'] - 2000) * 1024)
Chris@76: 		{
Chris@76: 			require_once($sourcedir . '/Subs-Admin.php');
Chris@76: 			emailAdmins('admin_attachments_full');
Chris@76: 			updateSettings(array('attachment_full_notified' => 1));
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Check if the file already exists.... (for those who do not encrypt their filenames...)
Chris@76: 	if (empty($modSettings['attachmentEncryptFilenames']))
Chris@76: 	{
Chris@76: 		// Make sure they aren't trying to upload a nasty file.
Chris@76: 		$disabledFiles = array('con', 'com1', 'com2', 'com3', 'com4', 'prn', 'aux', 'lpt1', '.htaccess', 'index.php');
Chris@76: 		if (in_array(strtolower(basename($attachmentOptions['name'])), $disabledFiles))
Chris@76: 			$attachmentOptions['errors'][] = 'bad_filename';
Chris@76: 
Chris@76: 		// Check if there's another file with that name...
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_attach
Chris@76: 			FROM {db_prefix}attachments
Chris@76: 			WHERE filename = {string:filename}
Chris@76: 			LIMIT 1',
Chris@76: 			array(
Chris@76: 				'filename' => strtolower($attachmentOptions['name']),
Chris@76: 			)
Chris@76: 		);
Chris@76: 		if ($smcFunc['db_num_rows']($request) > 0)
Chris@76: 			$attachmentOptions['errors'][] = 'taken_filename';
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	if (!empty($attachmentOptions['errors']))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	if (!is_writable($attach_dir))
Chris@76: 		fatal_lang_error('attachments_no_write', 'critical');
Chris@76: 
Chris@76: 	// Assuming no-one set the extension let's take a look at it.
Chris@76: 	if (empty($attachmentOptions['fileext']))
Chris@76: 	{
Chris@76: 		$attachmentOptions['fileext'] = strtolower(strrpos($attachmentOptions['name'], '.') !== false ? substr($attachmentOptions['name'], strrpos($attachmentOptions['name'], '.') + 1) : '');
Chris@76: 		if (strlen($attachmentOptions['fileext']) > 8 || '.' . $attachmentOptions['fileext'] == $attachmentOptions['name'])
Chris@76: 			$attachmentOptions['fileext'] = '';
Chris@76: 	}
Chris@76: 
Chris@76: 	$smcFunc['db_insert']('',
Chris@76: 		'{db_prefix}attachments',
Chris@76: 		array(
Chris@76: 			'id_folder' => 'int', 'id_msg' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8',
Chris@76: 			'size' => 'int', 'width' => 'int', 'height' => 'int',
Chris@76: 			'mime_type' => 'string-20', 'approved' => 'int',
Chris@76: 		),
Chris@76: 		array(
Chris@76: 			$id_folder, (int) $attachmentOptions['post'], $attachmentOptions['name'], $attachmentOptions['file_hash'], $attachmentOptions['fileext'],
Chris@76: 			(int) $attachmentOptions['size'], (empty($attachmentOptions['width']) ? 0 : (int) $attachmentOptions['width']), (empty($attachmentOptions['height']) ? '0' : (int) $attachmentOptions['height']),
Chris@76: 			(!empty($attachmentOptions['mime_type']) ? $attachmentOptions['mime_type'] : ''), (int) $attachmentOptions['approved'],
Chris@76: 		),
Chris@76: 		array('id_attach')
Chris@76: 	);
Chris@76: 	$attachmentOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}attachments', 'id_attach');
Chris@76: 
Chris@76: 	if (empty($attachmentOptions['id']))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	// If it's not approved add to the approval queue.
Chris@76: 	if (!$attachmentOptions['approved'])
Chris@76: 		$smcFunc['db_insert']('',
Chris@76: 			'{db_prefix}approval_queue',
Chris@76: 			array(
Chris@76: 				'id_attach' => 'int', 'id_msg' => 'int',
Chris@76: 			),
Chris@76: 			array(
Chris@76: 				$attachmentOptions['id'], (int) $attachmentOptions['post'],
Chris@76: 			),
Chris@76: 			array()
Chris@76: 		);
Chris@76: 
Chris@76: 	$attachmentOptions['destination'] = getAttachmentFilename(basename($attachmentOptions['name']), $attachmentOptions['id'], $id_folder, false, $attachmentOptions['file_hash']);
Chris@76: 
Chris@76: 	if ($already_uploaded)
Chris@76: 		rename($attachmentOptions['tmp_name'], $attachmentOptions['destination']);
Chris@76: 	elseif (!move_uploaded_file($attachmentOptions['tmp_name'], $attachmentOptions['destination']))
Chris@76: 		fatal_lang_error('attach_timeout', 'critical');
Chris@76: 
Chris@76: 	// Attempt to chmod it.
Chris@76: 	@chmod($attachmentOptions['destination'], 0644);
Chris@76: 
Chris@76: 	$size = @getimagesize($attachmentOptions['destination']);
Chris@76: 	list ($attachmentOptions['width'], $attachmentOptions['height']) = empty($size) ? array(null, null, null) : $size;
Chris@76: 
Chris@76: 	// We couldn't access the file before...
Chris@76: 	if ($file_restricted)
Chris@76: 	{
Chris@76: 		// Have a go at getting the right mime type.
Chris@76: 		if (empty($attachmentOptions['mime_type']) && $attachmentOptions['width'])
Chris@76: 		{
Chris@76: 			if (!empty($size['mime']))
Chris@76: 				$attachmentOptions['mime_type'] = $size['mime'];
Chris@76: 			elseif (isset($validImageTypes[$size[2]]))
Chris@76: 				$attachmentOptions['mime_type'] = 'image/' . $validImageTypes[$size[2]];
Chris@76: 		}
Chris@76: 
Chris@76: 		if (!empty($attachmentOptions['width']) && !empty($attachmentOptions['height']))
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				UPDATE {db_prefix}attachments
Chris@76: 				SET
Chris@76: 					width = {int:width},
Chris@76: 					height = {int:height},
Chris@76: 					mime_type = {string:mime_type}
Chris@76: 				WHERE id_attach = {int:id_attach}',
Chris@76: 				array(
Chris@76: 					'width' => (int) $attachmentOptions['width'],
Chris@76: 					'height' => (int) $attachmentOptions['height'],
Chris@76: 					'id_attach' => $attachmentOptions['id'],
Chris@76: 					'mime_type' => empty($attachmentOptions['mime_type']) ? '' : $attachmentOptions['mime_type'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Security checks for images
Chris@76: 	// Do we have an image? If yes, we need to check it out!
Chris@76: 	if (isset($validImageTypes[$size[2]]))
Chris@76: 	{
Chris@76: 		if (!checkImageContents($attachmentOptions['destination'], !empty($modSettings['attachment_image_paranoid'])))
Chris@76: 		{
Chris@76: 			// It's bad. Last chance, maybe we can re-encode it?
Chris@76: 			if (empty($modSettings['attachment_image_reencode']) || (!reencodeImage($attachmentOptions['destination'], $size[2])))
Chris@76: 			{
Chris@76: 				// Nothing to do: not allowed or not successful re-encoding it.
Chris@76: 				require_once($sourcedir . '/ManageAttachments.php');
Chris@76: 				removeAttachments(array(
Chris@76: 					'id_attach' => $attachmentOptions['id']
Chris@76: 				));
Chris@76: 				$attachmentOptions['id'] = null;
Chris@76: 				$attachmentOptions['errors'][] = 'bad_attachment';
Chris@76: 
Chris@76: 				return false;
Chris@76: 			}
Chris@76: 			// Success! However, successes usually come for a price:
Chris@76: 			// we might get a new format for our image...
Chris@76: 			$old_format = $size[2];
Chris@76: 			$size = @getimagesize($attachmentOptions['destination']);
Chris@76: 			if (!(empty($size)) && ($size[2] != $old_format))
Chris@76: 			{
Chris@76: 				// Let's update the image information
Chris@76: 				// !!! This is becoming a mess: we keep coming back and update the database,
Chris@76: 				//  instead of getting it right the first time.
Chris@76: 				if (isset($validImageTypes[$size[2]]))
Chris@76: 				{
Chris@76: 					$attachmentOptions['mime_type'] = 'image/' . $validImageTypes[$size[2]];
Chris@76: 					$smcFunc['db_query']('', '
Chris@76: 						UPDATE {db_prefix}attachments
Chris@76: 						SET
Chris@76: 							mime_type = {string:mime_type}
Chris@76: 						WHERE id_attach = {int:id_attach}',
Chris@76: 						array(
Chris@76: 							'id_attach' => $attachmentOptions['id'],
Chris@76: 							'mime_type' => $attachmentOptions['mime_type'],
Chris@76: 						)
Chris@76: 					);
Chris@76: 				}
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	if (!empty($attachmentOptions['skip_thumbnail']) || (empty($attachmentOptions['width']) && empty($attachmentOptions['height'])))
Chris@76: 		return true;
Chris@76: 
Chris@76: 	// Like thumbnails, do we?
Chris@76: 	if (!empty($modSettings['attachmentThumbnails']) && !empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachmentOptions['width'] > $modSettings['attachmentThumbWidth'] || $attachmentOptions['height'] > $modSettings['attachmentThumbHeight']))
Chris@76: 	{
Chris@76: 		if (createThumbnail($attachmentOptions['destination'], $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight']))
Chris@76: 		{
Chris@76: 			// Figure out how big we actually made it.
Chris@76: 			$size = @getimagesize($attachmentOptions['destination'] . '_thumb');
Chris@76: 			list ($thumb_width, $thumb_height) = $size;
Chris@76: 
Chris@76: 			if (!empty($size['mime']))
Chris@76: 				$thumb_mime = $size['mime'];
Chris@76: 			elseif (isset($validImageTypes[$size[2]]))
Chris@76: 				$thumb_mime = 'image/' . $validImageTypes[$size[2]];
Chris@76: 			// Lord only knows how this happened...
Chris@76: 			else
Chris@76: 				$thumb_mime = '';
Chris@76: 
Chris@76: 			$thumb_filename = $attachmentOptions['name'] . '_thumb';
Chris@76: 			$thumb_size = filesize($attachmentOptions['destination'] . '_thumb');
Chris@76: 			$thumb_file_hash = getAttachmentFilename($thumb_filename, false, null, true);
Chris@76: 
Chris@76: 			// To the database we go!
Chris@76: 			$smcFunc['db_insert']('',
Chris@76: 				'{db_prefix}attachments',
Chris@76: 				array(
Chris@76: 					'id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8',
Chris@76: 					'size' => 'int', 'width' => 'int', 'height' => 'int', 'mime_type' => 'string-20', 'approved' => 'int',
Chris@76: 				),
Chris@76: 				array(
Chris@76: 					$id_folder, (int) $attachmentOptions['post'], 3, $thumb_filename, $thumb_file_hash, $attachmentOptions['fileext'],
Chris@76: 					$thumb_size, $thumb_width, $thumb_height, $thumb_mime, (int) $attachmentOptions['approved'],
Chris@76: 				),
Chris@76: 				array('id_attach')
Chris@76: 			);
Chris@76: 			$attachmentOptions['thumb'] = $smcFunc['db_insert_id']('{db_prefix}attachments', 'id_attach');
Chris@76: 
Chris@76: 			if (!empty($attachmentOptions['thumb']))
Chris@76: 			{
Chris@76: 				$smcFunc['db_query']('', '
Chris@76: 					UPDATE {db_prefix}attachments
Chris@76: 					SET id_thumb = {int:id_thumb}
Chris@76: 					WHERE id_attach = {int:id_attach}',
Chris@76: 					array(
Chris@76: 						'id_thumb' => $attachmentOptions['thumb'],
Chris@76: 						'id_attach' => $attachmentOptions['id'],
Chris@76: 					)
Chris@76: 				);
Chris@76: 
Chris@76: 				rename($attachmentOptions['destination'] . '_thumb', getAttachmentFilename($thumb_filename, $attachmentOptions['thumb'], $id_folder, false, $thumb_file_hash));
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // !!!
Chris@76: function modifyPost(&$msgOptions, &$topicOptions, &$posterOptions)
Chris@76: {
Chris@76: 	global $user_info, $modSettings, $smcFunc, $context;
Chris@76: 
Chris@76: 	$topicOptions['poll'] = isset($topicOptions['poll']) ? (int) $topicOptions['poll'] : null;
Chris@76: 	$topicOptions['lock_mode'] = isset($topicOptions['lock_mode']) ? $topicOptions['lock_mode'] : null;
Chris@76: 	$topicOptions['sticky_mode'] = isset($topicOptions['sticky_mode']) ? $topicOptions['sticky_mode'] : null;
Chris@76: 
Chris@76: 	// This is longer than it has to be, but makes it so we only set/change what we have to.
Chris@76: 	$messages_columns = array();
Chris@76: 	if (isset($posterOptions['name']))
Chris@76: 		$messages_columns['poster_name'] = $posterOptions['name'];
Chris@76: 	if (isset($posterOptions['email']))
Chris@76: 		$messages_columns['poster_email'] = $posterOptions['email'];
Chris@76: 	if (isset($msgOptions['icon']))
Chris@76: 		$messages_columns['icon'] = $msgOptions['icon'];
Chris@76: 	if (isset($msgOptions['subject']))
Chris@76: 		$messages_columns['subject'] = $msgOptions['subject'];
Chris@76: 	if (isset($msgOptions['body']))
Chris@76: 	{
Chris@76: 		$messages_columns['body'] = $msgOptions['body'];
Chris@76: 
Chris@76: 		if (!empty($modSettings['search_custom_index_config']))
Chris@76: 		{
Chris@76: 			$request = $smcFunc['db_query']('', '
Chris@76: 				SELECT body
Chris@76: 				FROM {db_prefix}messages
Chris@76: 				WHERE id_msg = {int:id_msg}',
Chris@76: 				array(
Chris@76: 					'id_msg' => $msgOptions['id'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 			list ($old_body) = $smcFunc['db_fetch_row']($request);
Chris@76: 			$smcFunc['db_free_result']($request);
Chris@76: 		}
Chris@76: 	}
Chris@76: 	if (!empty($msgOptions['modify_time']))
Chris@76: 	{
Chris@76: 		$messages_columns['modified_time'] = $msgOptions['modify_time'];
Chris@76: 		$messages_columns['modified_name'] = $msgOptions['modify_name'];
Chris@76: 		$messages_columns['id_msg_modified'] = $modSettings['maxMsgID'];
Chris@76: 	}
Chris@76: 	if (isset($msgOptions['smileys_enabled']))
Chris@76: 		$messages_columns['smileys_enabled'] = empty($msgOptions['smileys_enabled']) ? 0 : 1;
Chris@76: 
Chris@76: 	// Which columns need to be ints?
Chris@76: 	$messageInts = array('modified_time', 'id_msg_modified', 'smileys_enabled');
Chris@76: 	$update_parameters = array(
Chris@76: 		'id_msg' => $msgOptions['id'],
Chris@76: 	);
Chris@76: 
Chris@76: 	foreach ($messages_columns as $var => $val)
Chris@76: 	{
Chris@76: 		$messages_columns[$var] = $var . ' = {' . (in_array($var, $messageInts) ? 'int' : 'string') . ':var_' . $var . '}';
Chris@76: 		$update_parameters['var_' . $var] = $val;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Nothing to do?
Chris@76: 	if (empty($messages_columns))
Chris@76: 		return true;
Chris@76: 
Chris@76: 	// Change the post.
Chris@76: 	$smcFunc['db_query']('', '
Chris@76: 		UPDATE {db_prefix}messages
Chris@76: 		SET ' . implode(', ', $messages_columns) . '
Chris@76: 		WHERE id_msg = {int:id_msg}',
Chris@76: 		$update_parameters
Chris@76: 	);
Chris@76: 
Chris@76: 	// Lock and or sticky the post.
Chris@76: 	if ($topicOptions['sticky_mode'] !== null || $topicOptions['lock_mode'] !== null || $topicOptions['poll'] !== null)
Chris@76: 	{
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}topics
Chris@76: 			SET
Chris@76: 				is_sticky = {raw:is_sticky},
Chris@76: 				locked = {raw:locked},
Chris@76: 				id_poll = {raw:id_poll}
Chris@76: 			WHERE id_topic = {int:id_topic}',
Chris@76: 			array(
Chris@76: 				'is_sticky' => $topicOptions['sticky_mode'] === null ? 'is_sticky' : (int) $topicOptions['sticky_mode'],
Chris@76: 				'locked' => $topicOptions['lock_mode'] === null ? 'locked' : (int) $topicOptions['lock_mode'],
Chris@76: 				'id_poll' => $topicOptions['poll'] === null ? 'id_poll' : (int) $topicOptions['poll'],
Chris@76: 				'id_topic' => $topicOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Mark the edited post as read.
Chris@76: 	if (!empty($topicOptions['mark_as_read']) && !$user_info['is_guest'])
Chris@76: 	{
Chris@76: 		// Since it's likely they *read* it before editing, let's try an UPDATE first.
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}log_topics
Chris@76: 			SET id_msg = {int:id_msg}
Chris@76: 			WHERE id_member = {int:current_member}
Chris@76: 				AND id_topic = {int:id_topic}',
Chris@76: 			array(
Chris@76: 				'current_member' => $user_info['id'],
Chris@76: 				'id_msg' => $modSettings['maxMsgID'],
Chris@76: 				'id_topic' => $topicOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 		$flag = $smcFunc['db_affected_rows']() != 0;
Chris@76: 
Chris@76: 		if (empty($flag))
Chris@76: 		{
Chris@76: 			$smcFunc['db_insert']('ignore',
Chris@76: 				'{db_prefix}log_topics',
Chris@76: 				array('id_topic' => 'int', 'id_member' => 'int', 'id_msg' => 'int'),
Chris@76: 				array($topicOptions['id'], $user_info['id'], $modSettings['maxMsgID']),
Chris@76: 				array('id_topic', 'id_member')
Chris@76: 			);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// If there's a custom search index, it needs to be modified...
Chris@76: 	if (isset($msgOptions['body']) && !empty($modSettings['search_custom_index_config']))
Chris@76: 	{
Chris@76: 		$customIndexSettings = unserialize($modSettings['search_custom_index_config']);
Chris@76: 
Chris@76: 		$stopwords = empty($modSettings['search_stopwords']) ? array() : explode(',', $modSettings['search_stopwords']);
Chris@76: 		$old_index = text2words($old_body, $customIndexSettings['bytes_per_word'], true);
Chris@76: 		$new_index = text2words($msgOptions['body'], $customIndexSettings['bytes_per_word'], true);
Chris@76: 
Chris@76: 		// Calculate the words to be added and removed from the index.
Chris@76: 		$removed_words = array_diff(array_diff($old_index, $new_index), $stopwords);
Chris@76: 		$inserted_words = array_diff(array_diff($new_index, $old_index), $stopwords);
Chris@76: 		// Delete the removed words AND the added ones to avoid key constraints.
Chris@76: 		if (!empty($removed_words))
Chris@76: 		{
Chris@76: 			$removed_words = array_merge($removed_words, $inserted_words);
Chris@76: 			$smcFunc['db_query']('', '
Chris@76: 				DELETE FROM {db_prefix}log_search_words
Chris@76: 				WHERE id_msg = {int:id_msg}
Chris@76: 					AND id_word IN ({array_int:removed_words})',
Chris@76: 				array(
Chris@76: 					'removed_words' => $removed_words,
Chris@76: 					'id_msg' => $msgOptions['id'],
Chris@76: 				)
Chris@76: 			);
Chris@76: 		}
Chris@76: 
Chris@76: 		// Add the new words to be indexed.
Chris@76: 		if (!empty($inserted_words))
Chris@76: 		{
Chris@76: 			$inserts = array();
Chris@76: 			foreach ($inserted_words as $word)
Chris@76: 				$inserts[] = array($word, $msgOptions['id']);
Chris@76: 			$smcFunc['db_insert']('insert',
Chris@76: 				'{db_prefix}log_search_words',
Chris@76: 				array('id_word' => 'string', 'id_msg' => 'int'),
Chris@76: 				$inserts,
Chris@76: 				array('id_word', 'id_msg')
Chris@76: 			);
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	if (isset($msgOptions['subject']))
Chris@76: 	{
Chris@76: 		// Only update the subject if this was the first message in the topic.
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_topic
Chris@76: 			FROM {db_prefix}topics
Chris@76: 			WHERE id_first_msg = {int:id_first_msg}
Chris@76: 			LIMIT 1',
Chris@76: 			array(
Chris@76: 				'id_first_msg' => $msgOptions['id'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 		if ($smcFunc['db_num_rows']($request) == 1)
Chris@76: 			updateStats('subject', $topicOptions['id'], $msgOptions['subject']);
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Finally, if we are setting the approved state we need to do much more work :(
Chris@76: 	if ($modSettings['postmod_active'] && isset($msgOptions['approved']))
Chris@76: 		approvePosts($msgOptions['id'], $msgOptions['approved']);
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // Approve (or not) some posts... without permission checks...
Chris@76: function approvePosts($msgs, $approve = true)
Chris@76: {
Chris@76: 	global $sourcedir, $smcFunc;
Chris@76: 
Chris@76: 	if (!is_array($msgs))
Chris@76: 		$msgs = array($msgs);
Chris@76: 
Chris@76: 	if (empty($msgs))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	// May as well start at the beginning, working out *what* we need to change.
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT m.id_msg, m.approved, m.id_topic, m.id_board, t.id_first_msg, t.id_last_msg,
Chris@76: 			m.body, m.subject, IFNULL(mem.real_name, m.poster_name) AS poster_name, m.id_member,
Chris@76: 			t.approved AS topic_approved, b.count_posts
Chris@76: 		FROM {db_prefix}messages AS m
Chris@76: 			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
Chris@76: 			INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
Chris@76: 			LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
Chris@76: 		WHERE m.id_msg IN ({array_int:message_list})
Chris@76: 			AND m.approved = {int:approved_state}',
Chris@76: 		array(
Chris@76: 			'message_list' => $msgs,
Chris@76: 			'approved_state' => $approve ? 0 : 1,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$msgs = array();
Chris@76: 	$topics = array();
Chris@76: 	$topic_changes = array();
Chris@76: 	$board_changes = array();
Chris@76: 	$notification_topics = array();
Chris@76: 	$notification_posts = array();
Chris@76: 	$member_post_changes = array();
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		// Easy...
Chris@76: 		$msgs[] = $row['id_msg'];
Chris@76: 		$topics[] = $row['id_topic'];
Chris@76: 
Chris@76: 		// Ensure our change array exists already.
Chris@76: 		if (!isset($topic_changes[$row['id_topic']]))
Chris@76: 			$topic_changes[$row['id_topic']] = array(
Chris@76: 				'id_last_msg' => $row['id_last_msg'],
Chris@76: 				'approved' => $row['topic_approved'],
Chris@76: 				'replies' => 0,
Chris@76: 				'unapproved_posts' => 0,
Chris@76: 			);
Chris@76: 		if (!isset($board_changes[$row['id_board']]))
Chris@76: 			$board_changes[$row['id_board']] = array(
Chris@76: 				'posts' => 0,
Chris@76: 				'topics' => 0,
Chris@76: 				'unapproved_posts' => 0,
Chris@76: 				'unapproved_topics' => 0,
Chris@76: 			);
Chris@76: 
Chris@76: 		// If it's the first message then the topic state changes!
Chris@76: 		if ($row['id_msg'] == $row['id_first_msg'])
Chris@76: 		{
Chris@76: 			$topic_changes[$row['id_topic']]['approved'] = $approve ? 1 : 0;
Chris@76: 
Chris@76: 			$board_changes[$row['id_board']]['unapproved_topics'] += $approve ? -1 : 1;
Chris@76: 			$board_changes[$row['id_board']]['topics'] += $approve ? 1 : -1;
Chris@76: 
Chris@76: 			// Note we need to ensure we announce this topic!
Chris@76: 			$notification_topics[] = array(
Chris@76: 				'body' => $row['body'],
Chris@76: 				'subject' => $row['subject'],
Chris@76: 				'name' => $row['poster_name'],
Chris@76: 				'board' => $row['id_board'],
Chris@76: 				'topic' => $row['id_topic'],
Chris@76: 				'msg' => $row['id_first_msg'],
Chris@76: 				'poster' => $row['id_member'],
Chris@76: 			);
Chris@76: 		}
Chris@76: 		else
Chris@76: 		{
Chris@76: 			$topic_changes[$row['id_topic']]['replies'] += $approve ? 1 : -1;
Chris@76: 
Chris@76: 			// This will be a post... but don't notify unless it's not followed by approved ones.
Chris@76: 			if ($row['id_msg'] > $row['id_last_msg'])
Chris@76: 				$notification_posts[$row['id_topic']][] = array(
Chris@76: 					'id' => $row['id_msg'],
Chris@76: 					'body' => $row['body'],
Chris@76: 					'subject' => $row['subject'],
Chris@76: 					'name' => $row['poster_name'],
Chris@76: 					'topic' => $row['id_topic'],
Chris@76: 				);
Chris@76: 		}
Chris@76: 
Chris@76: 		// If this is being approved and id_msg is higher than the current id_last_msg then it changes.
Chris@76: 		if ($approve && $row['id_msg'] > $topic_changes[$row['id_topic']]['id_last_msg'])
Chris@76: 			$topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_msg'];
Chris@76: 		// If this is being unapproved, and it's equal to the id_last_msg we need to find a new one!
Chris@76: 		elseif (!$approve)
Chris@76: 			// Default to the first message and then we'll override in a bit ;)
Chris@76: 			$topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_first_msg'];
Chris@76: 
Chris@76: 		$topic_changes[$row['id_topic']]['unapproved_posts'] += $approve ? -1 : 1;
Chris@76: 		$board_changes[$row['id_board']]['unapproved_posts'] += $approve ? -1 : 1;
Chris@76: 		$board_changes[$row['id_board']]['posts'] += $approve ? 1 : -1;
Chris@76: 
Chris@76: 		// Post count for the user?
Chris@76: 		if ($row['id_member'] && empty($row['count_posts']))
Chris@76: 			$member_post_changes[$row['id_member']] = isset($member_post_changes[$row['id_member']]) ? $member_post_changes[$row['id_member']] + 1 : 1;
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	if (empty($msgs))
Chris@76: 		return;
Chris@76: 
Chris@76: 	// Now we have the differences make the changes, first the easy one.
Chris@76: 	$smcFunc['db_query']('', '
Chris@76: 		UPDATE {db_prefix}messages
Chris@76: 		SET approved = {int:approved_state}
Chris@76: 		WHERE id_msg IN ({array_int:message_list})',
Chris@76: 		array(
Chris@76: 			'message_list' => $msgs,
Chris@76: 			'approved_state' => $approve ? 1 : 0,
Chris@76: 		)
Chris@76: 	);
Chris@76: 
Chris@76: 	// If we were unapproving find the last msg in the topics...
Chris@76: 	if (!$approve)
Chris@76: 	{
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_topic, MAX(id_msg) AS id_last_msg
Chris@76: 			FROM {db_prefix}messages
Chris@76: 			WHERE id_topic IN ({array_int:topic_list})
Chris@76: 				AND approved = {int:approved}
Chris@76: 			GROUP BY id_topic',
Chris@76: 			array(
Chris@76: 				'topic_list' => $topics,
Chris@76: 				'approved' => 1,
Chris@76: 			)
Chris@76: 		);
Chris@76: 		while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 			$topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_last_msg'];
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	// ... next the topics...
Chris@76: 	foreach ($topic_changes as $id => $changes)
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}topics
Chris@76: 			SET approved = {int:approved}, unapproved_posts = unapproved_posts + {int:unapproved_posts},
Chris@76: 				num_replies = num_replies + {int:num_replies}, id_last_msg = {int:id_last_msg}
Chris@76: 			WHERE id_topic = {int:id_topic}',
Chris@76: 			array(
Chris@76: 				'approved' => $changes['approved'],
Chris@76: 				'unapproved_posts' => $changes['unapproved_posts'],
Chris@76: 				'num_replies' => $changes['replies'],
Chris@76: 				'id_last_msg' => $changes['id_last_msg'],
Chris@76: 				'id_topic' => $id,
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 	// ... finally the boards...
Chris@76: 	foreach ($board_changes as $id => $changes)
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}boards
Chris@76: 			SET num_posts = num_posts + {int:num_posts}, unapproved_posts = unapproved_posts + {int:unapproved_posts},
Chris@76: 				num_topics = num_topics + {int:num_topics}, unapproved_topics = unapproved_topics + {int:unapproved_topics}
Chris@76: 			WHERE id_board = {int:id_board}',
Chris@76: 			array(
Chris@76: 				'num_posts' => $changes['posts'],
Chris@76: 				'unapproved_posts' => $changes['unapproved_posts'],
Chris@76: 				'num_topics' => $changes['topics'],
Chris@76: 				'unapproved_topics' => $changes['unapproved_topics'],
Chris@76: 				'id_board' => $id,
Chris@76: 			)
Chris@76: 		);
Chris@76: 
Chris@76: 	// Finally, least importantly, notifications!
Chris@76: 	if ($approve)
Chris@76: 	{
Chris@76: 		if (!empty($notification_topics))
Chris@76: 		{
Chris@76: 			require_once($sourcedir . '/Post.php');
Chris@76: 			notifyMembersBoard($notification_topics);
Chris@76: 		}
Chris@76: 		if (!empty($notification_posts))
Chris@76: 			sendApprovalNotifications($notification_posts);
Chris@76: 
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			DELETE FROM {db_prefix}approval_queue
Chris@76: 			WHERE id_msg IN ({array_int:message_list})
Chris@76: 				AND id_attach = {int:id_attach}',
Chris@76: 			array(
Chris@76: 				'message_list' => $msgs,
Chris@76: 				'id_attach' => 0,
Chris@76: 			)
Chris@76: 		);
Chris@76: 	}
Chris@76: 	// If unapproving add to the approval queue!
Chris@76: 	else
Chris@76: 	{
Chris@76: 		$msgInserts = array();
Chris@76: 		foreach ($msgs as $msg)
Chris@76: 			$msgInserts[] = array($msg);
Chris@76: 
Chris@76: 		$smcFunc['db_insert']('ignore',
Chris@76: 			'{db_prefix}approval_queue',
Chris@76: 			array('id_msg' => 'int'),
Chris@76: 			$msgInserts,
Chris@76: 			array('id_msg')
Chris@76: 		);
Chris@76: 	}
Chris@76: 
Chris@76: 	// Update the last messages on the boards...
Chris@76: 	updateLastMessages(array_keys($board_changes));
Chris@76: 
Chris@76: 	// Post count for the members?
Chris@76: 	if (!empty($member_post_changes))
Chris@76: 		foreach ($member_post_changes as $id_member => $count_change)
Chris@76: 			updateMemberData($id_member, array('posts' => 'posts ' . ($approve ? '+' : '-') . ' ' . $count_change));
Chris@76: 
Chris@76: 	return true;
Chris@76: }
Chris@76: 
Chris@76: // Approve topics?
Chris@76: function approveTopics($topics, $approve = true)
Chris@76: {
Chris@76: 	global $smcFunc;
Chris@76: 
Chris@76: 	if (!is_array($topics))
Chris@76: 		$topics = array($topics);
Chris@76: 
Chris@76: 	if (empty($topics))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	$approve_type = $approve ? 0 : 1;
Chris@76: 
Chris@76: 	// Just get the messages to be approved and pass through...
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_msg
Chris@76: 		FROM {db_prefix}messages
Chris@76: 		WHERE id_topic IN ({array_int:topic_list})
Chris@76: 			AND approved = {int:approve_type}',
Chris@76: 		array(
Chris@76: 			'topic_list' => $topics,
Chris@76: 			'approve_type' => $approve_type,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$msgs = array();
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 		$msgs[] = $row['id_msg'];
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	return approvePosts($msgs, $approve);
Chris@76: }
Chris@76: 
Chris@76: // A special function for handling the hell which is sending approval notifications.
Chris@76: function sendApprovalNotifications(&$topicData)
Chris@76: {
Chris@76: 	global $txt, $scripturl, $language, $user_info;
Chris@76: 	global $modSettings, $sourcedir, $context, $smcFunc;
Chris@76: 
Chris@76: 	// Clean up the data...
Chris@76: 	if (!is_array($topicData) || empty($topicData))
Chris@76: 		return;
Chris@76: 
Chris@76: 	$topics = array();
Chris@76: 	$digest_insert = array();
Chris@76: 	foreach ($topicData as $topic => $msgs)
Chris@76: 		foreach ($msgs as $msgKey => $msg)
Chris@76: 	{
Chris@76: 		censorText($topicData[$topic][$msgKey]['subject']);
Chris@76: 		censorText($topicData[$topic][$msgKey]['body']);
Chris@76: 		$topicData[$topic][$msgKey]['subject'] = un_htmlspecialchars($topicData[$topic][$msgKey]['subject']);
Chris@76: 		$topicData[$topic][$msgKey]['body'] = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($topicData[$topic][$msgKey]['body'], false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
Chris@76: 
Chris@76: 		$topics[] = $msg['id'];
Chris@76: 		$digest_insert[] = array($msg['topic'], $msg['id'], 'reply', $user_info['id']);
Chris@76: 	}
Chris@76: 
Chris@76: 	// These need to go into the digest too...
Chris@76: 	$smcFunc['db_insert']('',
Chris@76: 		'{db_prefix}log_digest',
Chris@76: 		array(
Chris@76: 			'id_topic' => 'int', 'id_msg' => 'int', 'note_type' => 'string', 'exclude' => 'int',
Chris@76: 		),
Chris@76: 		$digest_insert,
Chris@76: 		array()
Chris@76: 	);
Chris@76: 
Chris@76: 	// Find everyone who needs to know about this.
Chris@76: 	$members = $smcFunc['db_query']('', '
Chris@76: 		SELECT
Chris@76: 			mem.id_member, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile,
Chris@76: 			ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started,
Chris@76: 			ln.id_topic
Chris@76: 		FROM {db_prefix}log_notify AS ln
Chris@76: 			INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ln.id_member)
Chris@76: 			INNER JOIN {db_prefix}topics AS t ON (t.id_topic = ln.id_topic)
Chris@76: 			INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
Chris@76: 		WHERE ln.id_topic IN ({array_int:topic_list})
Chris@76: 			AND mem.is_activated = {int:is_activated}
Chris@76: 			AND mem.notify_types < {int:notify_types}
Chris@76: 			AND mem.notify_regularity < {int:notify_regularity}
Chris@76: 		GROUP BY mem.id_member, ln.id_topic, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile, ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started
Chris@76: 		ORDER BY mem.lngfile',
Chris@76: 		array(
Chris@76: 			'topic_list' => $topics,
Chris@76: 			'is_activated' => 1,
Chris@76: 			'notify_types' => 4,
Chris@76: 			'notify_regularity' => 2,
Chris@76: 		)
Chris@76: 	);
Chris@76: 	$sent = 0;
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($members))
Chris@76: 	{
Chris@76: 		if ($row['id_group'] != 1)
Chris@76: 		{
Chris@76: 			$allowed = explode(',', $row['member_groups']);
Chris@76: 			$row['additional_groups'] = explode(',', $row['additional_groups']);
Chris@76: 			$row['additional_groups'][] = $row['id_group'];
Chris@76: 			$row['additional_groups'][] = $row['id_post_group'];
Chris@76: 
Chris@76: 			if (count(array_intersect($allowed, $row['additional_groups'])) == 0)
Chris@76: 				continue;
Chris@76: 		}
Chris@76: 
Chris@76: 		$needed_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
Chris@76: 		if (empty($current_language) || $current_language != $needed_language)
Chris@76: 			$current_language = loadLanguage('Post', $needed_language, false);
Chris@76: 
Chris@76: 		$sent_this_time = false;
Chris@76: 		// Now loop through all the messages to send.
Chris@76: 		foreach ($topicData[$row['id_topic']] as $msg)
Chris@76: 		{
Chris@76: 			$replacements = array(
Chris@76: 				'TOPICSUBJECT' => $topicData[$row['id_topic']]['subject'],
Chris@76: 				'POSTERNAME' => un_htmlspecialchars($topicData[$row['id_topic']]['name']),
Chris@76: 				'TOPICLINK' => $scripturl . '?topic=' . $row['id_topic'] . '.new;topicseen#new',
Chris@76: 				'UNSUBSCRIBELINK' => $scripturl . '?action=notify;topic=' . $row['id_topic'] . '.0',
Chris@76: 			);
Chris@76: 
Chris@76: 			$message_type = 'notification_reply';
Chris@76: 			// Do they want the body of the message sent too?
Chris@76: 			if (!empty($row['notify_send_body']) && empty($modSettings['disallow_sendBody']))
Chris@76: 			{
Chris@76: 				$message_type .= '_body';
Chris@76: 				$replacements['BODY'] = $topicData[$row['id_topic']]['body'];
Chris@76: 			}
Chris@76: 			if (!empty($row['notify_regularity']))
Chris@76: 				$message_type .= '_once';
Chris@76: 
Chris@76: 			// Send only if once is off or it's on and it hasn't been sent.
Chris@76: 			if (empty($row['notify_regularity']) || (empty($row['sent']) && !$sent_this_time))
Chris@76: 			{
Chris@76: 				$emaildata = loadEmailTemplate($message_type, $replacements, $needed_language);
Chris@76: 				sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, 'm' . $topicData[$row['id_topic']]['last_id']);
Chris@76: 				$sent++;
Chris@76: 			}
Chris@76: 
Chris@76: 			$sent_this_time = true;
Chris@76: 		}
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($members);
Chris@76: 
Chris@76: 	if (isset($current_language) && $current_language != $user_info['language'])
Chris@76: 		loadLanguage('Post');
Chris@76: 
Chris@76: 	// Sent!
Chris@76: 	if (!empty($sent))
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}log_notify
Chris@76: 			SET sent = {int:is_sent}
Chris@76: 			WHERE id_topic IN ({array_int:topic_list})
Chris@76: 				AND id_member != {int:current_member}',
Chris@76: 			array(
Chris@76: 				'current_member' => $user_info['id'],
Chris@76: 				'topic_list' => $topics,
Chris@76: 				'is_sent' => 1,
Chris@76: 			)
Chris@76: 		);
Chris@76: }
Chris@76: 
Chris@76: // Update the last message in a board, and its parents.
Chris@76: function updateLastMessages($setboards, $id_msg = 0)
Chris@76: {
Chris@76: 	global $board_info, $board, $modSettings, $smcFunc;
Chris@76: 
Chris@76: 	// Please - let's be sane.
Chris@76: 	if (empty($setboards))
Chris@76: 		return false;
Chris@76: 
Chris@76: 	if (!is_array($setboards))
Chris@76: 		$setboards = array($setboards);
Chris@76: 
Chris@76: 	// If we don't know the id_msg we need to find it.
Chris@76: 	if (!$id_msg)
Chris@76: 	{
Chris@76: 		// Find the latest message on this board (highest id_msg.)
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@76: 			SELECT id_board, MAX(id_last_msg) AS id_msg
Chris@76: 			FROM {db_prefix}topics
Chris@76: 			WHERE id_board IN ({array_int:board_list})
Chris@76: 				AND approved = {int:approved}
Chris@76: 			GROUP BY id_board',
Chris@76: 			array(
Chris@76: 				'board_list' => $setboards,
Chris@76: 				'approved' => 1,
Chris@76: 			)
Chris@76: 		);
Chris@76: 		$lastMsg = array();
Chris@76: 		while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 			$lastMsg[$row['id_board']] = $row['id_msg'];
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 	else
Chris@76: 	{
Chris@76: 		// Just to note - there should only be one board passed if we are doing this.
Chris@76: 		foreach ($setboards as $id_board)
Chris@76: 			$lastMsg[$id_board] = $id_msg;
Chris@76: 	}
Chris@76: 
Chris@76: 	$parent_boards = array();
Chris@76: 	// Keep track of last modified dates.
Chris@76: 	$lastModified = $lastMsg;
Chris@76: 	// Get all the child boards for the parents, if they have some...
Chris@76: 	foreach ($setboards as $id_board)
Chris@76: 	{
Chris@76: 		if (!isset($lastMsg[$id_board]))
Chris@76: 		{
Chris@76: 			$lastMsg[$id_board] = 0;
Chris@76: 			$lastModified[$id_board] = 0;
Chris@76: 		}
Chris@76: 
Chris@76: 		if (!empty($board) && $id_board == $board)
Chris@76: 			$parents = $board_info['parent_boards'];
Chris@76: 		else
Chris@76: 			$parents = getBoardParents($id_board);
Chris@76: 
Chris@76: 		// Ignore any parents on the top child level.
Chris@76: 		//!!! Why?
Chris@76: 		foreach ($parents as $id => $parent)
Chris@76: 		{
Chris@76: 			if ($parent['level'] != 0)
Chris@76: 			{
Chris@76: 				// If we're already doing this one as a board, is this a higher last modified?
Chris@76: 				if (isset($lastModified[$id]) && $lastModified[$id_board] > $lastModified[$id])
Chris@76: 					$lastModified[$id] = $lastModified[$id_board];
Chris@76: 				elseif (!isset($lastModified[$id]) && (!isset($parent_boards[$id]) || $parent_boards[$id] < $lastModified[$id_board]))
Chris@76: 					$parent_boards[$id] = $lastModified[$id_board];
Chris@76: 			}
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	// Note to help understand what is happening here. For parents we update the timestamp of the last message for determining
Chris@76: 	// whether there are child boards which have not been read. For the boards themselves we update both this and id_last_msg.
Chris@76: 
Chris@76: 	$board_updates = array();
Chris@76: 	$parent_updates = array();
Chris@76: 	// Finally, to save on queries make the changes...
Chris@76: 	foreach ($parent_boards as $id => $msg)
Chris@76: 	{
Chris@76: 		if (!isset($parent_updates[$msg]))
Chris@76: 			$parent_updates[$msg] = array($id);
Chris@76: 		else
Chris@76: 			$parent_updates[$msg][] = $id;
Chris@76: 	}
Chris@76: 
Chris@76: 	foreach ($lastMsg as $id => $msg)
Chris@76: 	{
Chris@76: 		if (!isset($board_updates[$msg . '-' . $lastModified[$id]]))
Chris@76: 			$board_updates[$msg . '-' . $lastModified[$id]] = array(
Chris@76: 				'id' => $msg,
Chris@76: 				'updated' => $lastModified[$id],
Chris@76: 				'boards' => array($id)
Chris@76: 			);
Chris@76: 
Chris@76: 		else
Chris@76: 			$board_updates[$msg . '-' . $lastModified[$id]]['boards'][] = $id;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Now commit the changes!
Chris@76: 	foreach ($parent_updates as $id_msg => $boards)
Chris@76: 	{
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}boards
Chris@76: 			SET id_msg_updated = {int:id_msg_updated}
Chris@76: 			WHERE id_board IN ({array_int:board_list})
Chris@76: 				AND id_msg_updated < {int:id_msg_updated}',
Chris@76: 			array(
Chris@76: 				'board_list' => $boards,
Chris@76: 				'id_msg_updated' => $id_msg,
Chris@76: 			)
Chris@76: 		);
Chris@76: 	}
Chris@76: 	foreach ($board_updates as $board_data)
Chris@76: 	{
Chris@76: 		$smcFunc['db_query']('', '
Chris@76: 			UPDATE {db_prefix}boards
Chris@76: 			SET id_last_msg = {int:id_last_msg}, id_msg_updated = {int:id_msg_updated}
Chris@76: 			WHERE id_board IN ({array_int:board_list})',
Chris@76: 			array(
Chris@76: 				'board_list' => $board_data['boards'],
Chris@76: 				'id_last_msg' => $board_data['id'],
Chris@76: 				'id_msg_updated' => $board_data['updated'],
Chris@76: 			)
Chris@76: 		);
Chris@76: 	}
Chris@76: }
Chris@76: 
Chris@76: // This simple function gets a list of all administrators and sends them an email to let them know a new member has joined.
Chris@77: function adminNotify($type, $memberID, $member_name = null, $justify = null)
Chris@76: {
Chris@76: 	global $txt, $modSettings, $language, $scripturl, $user_info, $context, $smcFunc;
Chris@76: 
Chris@76: 	// If the setting isn't enabled then just exit.
Chris@76: 	if (empty($modSettings['notify_new_registration']))
Chris@76: 		return;
Chris@76: 
Chris@77: 	$member_email = null;
Chris@77: 
Chris@76: 	if ($member_name == null)
Chris@76: 	{
Chris@76: 		// Get the new user's name....
Chris@76: 		$request = $smcFunc['db_query']('', '
Chris@77: 			SELECT real_name, email_address
Chris@76: 			FROM {db_prefix}members
Chris@76: 			WHERE id_member = {int:id_member}
Chris@76: 			LIMIT 1',
Chris@76: 			array(
Chris@76: 				'id_member' => $memberID,
Chris@76: 			)
Chris@76: 		);
Chris@77: 		list ($member_name, $member_email) = $smcFunc['db_fetch_row']($request);
Chris@76: 		$smcFunc['db_free_result']($request);
Chris@76: 	}
Chris@76: 
Chris@76: 	$toNotify = array();
Chris@76: 	$groups = array();
Chris@76: 
Chris@76: 	// All membergroups who can approve members.
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_group
Chris@76: 		FROM {db_prefix}permissions
Chris@76: 		WHERE permission = {string:moderate_forum}
Chris@76: 			AND add_deny = {int:add_deny}
Chris@76: 			AND id_group != {int:id_group}',
Chris@76: 		array(
Chris@76: 			'add_deny' => 1,
Chris@76: 			'id_group' => 0,
Chris@76: 			'moderate_forum' => 'moderate_forum',
Chris@76: 		)
Chris@76: 	);
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 		$groups[] = $row['id_group'];
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	// Add administrators too...
Chris@76: 	$groups[] = 1;
Chris@76: 	$groups = array_unique($groups);
Chris@76: 
Chris@76: 	// Get a list of all members who have ability to approve accounts - these are the people who we inform.
Chris@76: 	$request = $smcFunc['db_query']('', '
Chris@76: 		SELECT id_member, lngfile, email_address
Chris@76: 		FROM {db_prefix}members
Chris@76: 		WHERE (id_group IN ({array_int:group_list}) OR FIND_IN_SET({raw:group_array_implode}, additional_groups) != 0)
Chris@76: 			AND notify_types != {int:notify_types}
Chris@76: 		ORDER BY lngfile',
Chris@76: 		array(
Chris@76: 			'group_list' => $groups,
Chris@76: 			'notify_types' => 4,
Chris@76: 			'group_array_implode' => implode(', additional_groups) != 0 OR FIND_IN_SET(', $groups),
Chris@76: 		)
Chris@76: 	);
Chris@76: 	while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76: 	{
Chris@76: 		$replacements = array(
Chris@76: 			'USERNAME' => $member_name,
Chris@77: 			'USEREMAIL' => $member_email,
Chris@76: 			'PROFILELINK' => $scripturl . '?action=profile;u=' . $memberID
Chris@76: 		);
Chris@76: 		$emailtype = 'admin_notify';
Chris@76: 
Chris@76: 		// If they need to be approved add more info...
Chris@76: 		if ($type == 'approval')
Chris@76: 		{
Chris@76: 			$replacements['APPROVALLINK'] = $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve';
Chris@76: 			$emailtype .= '_approval';
Chris@76: 		}
Chris@76: 
Chris@76: 		$emaildata = loadEmailTemplate($emailtype, $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
Chris@76: 
Chris@76: 		// And do the actual sending...
Chris@77: 		sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'] . "\n\nJustification: $justify\n\n", null, null, false, 0);
Chris@76: 	}
Chris@76: 	$smcFunc['db_free_result']($request);
Chris@76: 
Chris@76: 	if (isset($current_language) && $current_language != $user_info['language'])
Chris@76: 		loadLanguage('Login');
Chris@76: }
Chris@76: 
Chris@76: function loadEmailTemplate($template, $replacements = array(), $lang = '', $loadLang = true)
Chris@76: {
Chris@76: 	global $txt, $mbname, $scripturl, $settings, $user_info;
Chris@76: 
Chris@76: 	// First things first, load up the email templates language file, if we need to.
Chris@76: 	if ($loadLang)
Chris@76: 		loadLanguage('EmailTemplates', $lang);
Chris@76: 
Chris@76: 	if (!isset($txt['emails'][$template]))
Chris@76: 		fatal_lang_error('email_no_template', 'template', array($template));
Chris@76: 
Chris@76: 	$ret = array(
Chris@76: 		'subject' => $txt['emails'][$template]['subject'],
Chris@76: 		'body' => $txt['emails'][$template]['body'],
Chris@76: 	);
Chris@76: 
Chris@76: 	// Add in the default replacements.
Chris@76: 	$replacements += array(
Chris@76: 		'FORUMNAME' => $mbname,
Chris@76: 		'SCRIPTURL' => $scripturl,
Chris@76: 		'THEMEURL' => $settings['theme_url'],
Chris@76: 		'IMAGESURL' => $settings['images_url'],
Chris@76: 		'DEFAULT_THEMEURL' => $settings['default_theme_url'],
Chris@76: 		'REGARDS' => $txt['regards_team'],
Chris@76: 	);
Chris@76: 
Chris@76: 	// Split the replacements up into two arrays, for use with str_replace
Chris@76: 	$find = array();
Chris@76: 	$replace = array();
Chris@76: 
Chris@76: 	foreach ($replacements as $f => $r)
Chris@76: 	{
Chris@76: 		$find[] = '{' . $f . '}';
Chris@76: 		$replace[] = $r;
Chris@76: 	}
Chris@76: 
Chris@76: 	// Do the variable replacements.
Chris@76: 	$ret['subject'] = str_replace($find, $replace, $ret['subject']);
Chris@76: 	$ret['body'] = str_replace($find, $replace, $ret['body']);
Chris@76: 
Chris@76: 	// Now deal with the {USER.variable} items.
Chris@76: 	$ret['subject'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['subject']);
Chris@76: 	$ret['body'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['body']);
Chris@76: 
Chris@76: 	// Finally return the email to the caller so they can send it out.
Chris@76: 	return $ret;
Chris@76: }
Chris@76: 
Chris@76: function user_info_callback($matches)
Chris@76: {
Chris@76: 	global $user_info;
Chris@76: 	if (empty($matches[1]))
Chris@76: 		return '';
Chris@76: 
Chris@76: 	$use_ref = true;
Chris@76: 	$ref = &$user_info;
Chris@76: 
Chris@76: 	foreach (explode('.', $matches[1]) as $index)
Chris@76: 	{
Chris@76: 		if ($use_ref && isset($ref[$index]))
Chris@76: 			$ref = &$ref[$index];
Chris@76: 		else
Chris@76: 		{
Chris@76: 			$use_ref = false;
Chris@76: 			break;
Chris@76: 		}
Chris@76: 	}
Chris@76: 
Chris@76: 	return $use_ref ? $ref : $matches[0];
Chris@76: }
Chris@76: 
Chris@77: ?>