'; $result = mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error()); while($row = mysqli_fetch_array($result)) { if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; } $select_msg_to .= ' '; } $select_msg_to .= ' '; if( $_GET["msg_to"] && empty($can_pm) ) { // pm_allow ist auf 0 $message_field .= "
Der User darf keine PM Empfangen/Senden


"; } else { //pm_allow ist auf 1 eval ("\$message_field .= \"".gettemplate($template_dir."body_message_write")."\";"); } echo $message_field; } elseif( $_GET["pmdo"] == "dowrite" ) { if( $_REQUEST["userid_to"] != '0' ) { // an einen bestimmten User $result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')"); } else { // an alle User die PM d�rfen $result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error()); while($row = mysqli_fetch_array($result)) { $result_msg = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')"); } } echo gohome($_SERVER["PHP_SELF"]); } elseif( $_GET["pmdo"] == "deletepm" ) { $result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error()); } ?>