update config
This commit is contained in:
@ -22,34 +22,34 @@
|
||||
|
||||
require_once("config.inc.php");
|
||||
|
||||
if( $_GET["pmdo"] == "reply" )
|
||||
if( isset($_GET["pmdo"]) && $_GET["pmdo"] == "reply" )
|
||||
{
|
||||
$result = mysql_query("SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysql_error());
|
||||
$row = mysql_fetch_array($result);
|
||||
$result = mysqli_query($dbconn, "SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysqli_error($dbconn));
|
||||
$row = mysqli_fetch_array($result);
|
||||
eval ("\$message_field .= \"".gettemplate($template_dir."body_message_reply")."\";");
|
||||
|
||||
echo $message_field;
|
||||
}
|
||||
elseif( $_GET["pmdo"] == "doreply" )
|
||||
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "doreply" )
|
||||
{
|
||||
$result = mysql_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
|
||||
$result = mysql_query("DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysql_error());
|
||||
$result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
|
||||
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysqli_error($dbconn));
|
||||
|
||||
echo gohome($_SERVER["PHP_SELF"]);
|
||||
}
|
||||
|
||||
elseif( $_GET["pmdo"] == "write" )
|
||||
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "write" )
|
||||
{
|
||||
$select_msg_to = '
|
||||
<select name="userid_to" id="userid_to">
|
||||
<option value="0">Empf<EFBFBD>nger</option>
|
||||
<option value="0">Empfänger</option>
|
||||
<option>--------------------</option>
|
||||
<option value="0">Alle</option>';
|
||||
|
||||
$result = mysql_query("SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysql_error());
|
||||
while($row = mysql_fetch_array($result))
|
||||
$result = mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error($dbconn));
|
||||
while($row = mysqli_fetch_array($result))
|
||||
{
|
||||
if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
|
||||
if( isset($_GET["msg_to"]) && $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
|
||||
$select_msg_to .= '
|
||||
<option value="'.$row["id"].'" '.$selected.'>'.$row["real_name"].'</option>
|
||||
';
|
||||
@ -59,41 +59,43 @@ elseif( $_GET["pmdo"] == "write" )
|
||||
</select>
|
||||
';
|
||||
|
||||
if( $_GET["msg_to"] && empty($can_pm) )
|
||||
if( (!isset($can_pm) || $can_pm!=1) && isset($_GET["msg_to"]) )
|
||||
{
|
||||
// pm_allow ist auf 0
|
||||
if (!isset($message_field)) $message_field="";
|
||||
$message_field .= "<b><font color=\"red\"><br>Der User darf keine PM Empfangen/Senden</font></b><br><br>";
|
||||
}
|
||||
else
|
||||
{
|
||||
//pm_allow ist auf 1
|
||||
if (!isset($message_field)) $message_field = "";
|
||||
eval ("\$message_field .= \"".gettemplate($template_dir."body_message_write")."\";");
|
||||
}
|
||||
|
||||
echo $message_field;
|
||||
}
|
||||
elseif( $_GET["pmdo"] == "dowrite" )
|
||||
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "dowrite" )
|
||||
{
|
||||
if( $_REQUEST["userid_to"] != '0' )
|
||||
{
|
||||
// an einen bestimmten User
|
||||
$result = mysql_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
|
||||
$result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
|
||||
}
|
||||
else
|
||||
{
|
||||
// an alle User die PM d<>rfen
|
||||
$result = mysql_query("SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysql_error());
|
||||
while($row = mysql_fetch_array($result))
|
||||
// an alle User die PM d<>rfen
|
||||
$result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error($dbconn));
|
||||
while($row = mysqli_fetch_array($result))
|
||||
{
|
||||
$result_msg = mysql_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')");
|
||||
$result_msg = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')");
|
||||
}
|
||||
}
|
||||
|
||||
echo gohome($_SERVER["PHP_SELF"]);
|
||||
}
|
||||
|
||||
elseif( $_GET["pmdo"] == "deletepm" )
|
||||
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "deletepm" )
|
||||
{
|
||||
$result = mysql_query("DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysql_error());
|
||||
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error($dbconn));
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user