| changeset 826 | dcf5381ce8ba |
| parent 801 | eb8b23f11744 |
| child 960 | e74741b8360b |
| 825:9d5c04c1414f | 826:dcf5381ce8ba |
|---|---|
58 default: |
58 default: |
59 header('Location: '.makeUrlNS('Special', 'PrivateMessages/Folder/Inbox')); |
59 header('Location: '.makeUrlNS('Special', 'PrivateMessages/Folder/Inbox')); |
60 break; |
60 break; |
61 case 'View': |
61 case 'View': |
62 $id = $argv[1]; |
62 $id = $argv[1]; |
63 if ( !preg_match('#^([0-9]+)$#', $id) ) |
63 if ( !ctype_digit($id) ) |
64 { |
64 { |
65 die_friendly('Message error', '<p>Invalid message ID</p>'); |
65 die_friendly('Message error', '<p>Invalid message ID</p>'); |
66 } |
66 } |
67 $q = $db->sql_query('SELECT p.message_from, p.message_to, p.subject, p.message_text, p.date, p.folder_name, u.signature FROM '.table_prefix.'privmsgs AS p LEFT JOIN '.table_prefix.'users AS u ON (p.message_from=u.username) WHERE message_id='.$id.''); |
67 $q = $db->sql_query('SELECT p.message_from, p.message_to, p.subject, p.message_text, p.date, p.folder_name, u.signature FROM '.table_prefix.'privmsgs AS p LEFT JOIN '.table_prefix.'users AS u ON (p.message_from=u.username) WHERE message_id='.$id.''); |
68 if ( !$q ) |
68 if ( !$q ) |
104 <?php |
104 <?php |
105 $template->footer(); |
105 $template->footer(); |
106 break; |
106 break; |
107 case 'Move': |
107 case 'Move': |
108 $id = $argv[1]; |
108 $id = $argv[1]; |
109 if ( !preg_match('#^([0-9]+)$#', $id) ) |
109 if ( !ctype_digit($id) ) |
110 { |
110 { |
111 die_friendly('Message error', '<p>Invalid message ID</p>'); |
111 die_friendly('Message error', '<p>Invalid message ID</p>'); |
112 } |
112 } |
113 $q = $db->sql_query('SELECT message_to FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
113 $q = $db->sql_query('SELECT message_to FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
114 if ( !$q ) |
114 if ( !$q ) |
134 } |
134 } |
135 die_friendly($lang->get('privmsgs_msg_message_status'), '<p>' . $lang->get('privmsgs_msg_message_moved', array('folder' => $fname)) . '</p><p><a href="'.makeUrlNS('Special', 'PrivateMessages/Folder/Inbox').'">' . $lang->get('privmsgs_btn_return_to_inbox') . '</a></p>'); |
135 die_friendly($lang->get('privmsgs_msg_message_status'), '<p>' . $lang->get('privmsgs_msg_message_moved', array('folder' => $fname)) . '</p><p><a href="'.makeUrlNS('Special', 'PrivateMessages/Folder/Inbox').'">' . $lang->get('privmsgs_btn_return_to_inbox') . '</a></p>'); |
136 break; |
136 break; |
137 case 'Delete': |
137 case 'Delete': |
138 $id = $argv[1]; |
138 $id = $argv[1]; |
139 if ( !preg_match('#^([0-9]+)$#', $id) ) |
139 if ( !ctype_digit($id) ) |
140 { |
140 { |
141 die_friendly('Message error', '<p>Invalid message ID</p>'); |
141 die_friendly('Message error', '<p>Invalid message ID</p>'); |
142 } |
142 } |
143 $q = $db->sql_query('SELECT message_to FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
143 $q = $db->sql_query('SELECT message_to FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
144 if ( !$q ) |
144 if ( !$q ) |
363 echo '</form>'; |
363 echo '</form>'; |
364 $template->footer(); |
364 $template->footer(); |
365 break; |
365 break; |
366 case 'Edit': |
366 case 'Edit': |
367 $id = $argv[1]; |
367 $id = $argv[1]; |
368 if ( !preg_match('#^([0-9]+)$#', $id) ) |
368 if ( !ctype_digit($id) ) |
369 { |
369 { |
370 die_friendly('Message error', '<p>Invalid message ID</p>'); |
370 die_friendly('Message error', '<p>Invalid message ID</p>'); |
371 } |
371 } |
372 $q = $db->sql_query('SELECT message_from, message_to, subject, message_text, date, folder_name, message_read FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
372 $q = $db->sql_query('SELECT message_from, message_to, subject, message_text, date, folder_name, message_read FROM '.table_prefix.'privmsgs WHERE message_id='.$id.''); |
373 if ( !$q ) |
373 if ( !$q ) |