';
$result = mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error($dbconn));
while($row = mysqli_fetch_array($result))
{
if( isset($_GET["msg_to"]) && $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
$select_msg_to .= '
';
}
$select_msg_to .= '
';
if( isset($_GET["pmdo"]) && empty($can_pm) )
{
// pm_allow ist auf 0
if (!isset($message_field)) $message_field="";
$message_field .= "
Der User darf keine PM Empfangen/Senden
";
}
else
{
//pm_allow ist auf 1
if (!isset($message_field)) $message_field = "";
eval ("\$message_field .= \"".gettemplate($template_dir."body_message_write")."\";");
}
echo $message_field;
}
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "dowrite" )
{
if( $_REQUEST["userid_to"] != '0' )
{
// an einen bestimmten User
$result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
}
else
{
// an alle User die PM d�rfen
$result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error($dbconn));
while($row = mysqli_fetch_array($result))
{
$result_msg = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')");
}
}
echo gohome($_SERVER["PHP_SELF"]);
}
elseif( isset($_GET["pmdo"]) && $_GET["pmdo"] == "deletepm" )
{
$result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error($dbconn));
}
?>