Файл: adultscript-2.0.3-pro/files/modules/message/components/compose.php
Строк: 76
<?php
defined('_VALID') or die('Restricted Access!');
class VComponent_message_compose extends VModule_message
{
public function __construct()
{
parent::__construct();
}
public function render()
{
VAuth::check('Registered');
VLanguage::load('frontend.user');
$db = VF::factory('database');
$filter = VF::factory('filter');
$user_id = (int) $_SESSION['user_id'];
$errors = array();
$messages = array();
$username = (isset($_GET['username'])) ? $filter->get('username', 'STRING', 'GET') : '';
$subject = (isset($_GET['subject'])) ? $filter->get('subject', 'STRING', 'GET') : '';
$msg = array('username' => $username, 'subject' => $subject, 'message' => '');
if (isset($_POST['submit-send-message'])) {
$username = $filter->get('username');
$subject = $filter->get('subject');
$message = $filter->get('message');
if ($username == '') {
$errors[] = __('receiver-empty');
} else {
$db->query("SELECT u.user_id, u.email, up.allow_message, un.new_message
FROM #__user AS u
LEFT JOIN #__user_preferences AS up ON (up.user_id = u.user_id)
LEFT JOIN #__user_notifications AS un ON (un.user_id = u.user_id)
WHERE u.username = '".$db->escape($username)."'
AND u.status = '1'
LIMIT 1");
if ($db->affected_rows()) {
$data = $db->fetch_assoc();
$receiver_id = (int) $data['user_id'];
$db->query("SELECT blocked_id
FROM #__user_blocks
WHERE user_id = ".$receiver_id."
AND blocked_id = ".$user_id."
LIMIT 1");
if ($db->affected_rows()) {
$errors[] = __('receiver-blocked', array($username));
} else {
$allow_message = $data['allow_message'];
$new_message = (int) $data['new_message'];
$email = $data['email'];
if ($allow_message != 'all') {
if ($allow_message == 'no') {
$errors[] = __('receiver-no');
}
if ($allow_message == 'friends') {
$db->query("SELECT request_id
FROM #__user_friends
WHERE user_id = ".$user_id."
AND friend_id = ".$receiver_id."
AND status = 'confirmed'
LIMIT 1");
if ($db->affected_rows()) {
$msg['username'] = $username;
} else {
$errors[] = __('receiver-friend', array($username));
}
}
} else {
$msg['username'] = $username;
}
}
} else {
$errors[] = __('receiver-invalid');
}
}
if ($subject == '') {
$errors[] = __('subject-empty');
} elseif (!VValid::length($subject, 1, 255)) {
$errors[] = __('subject-length');
} else {
$msg['subject'] = $subject;
}
if ($message == '') {
$errors[] = __('message-empty');
} else {
$msg['message'] = $message;
}
if (!$errors) {
$db->query("INSERT INTO #__message
SET sender_id = ".$user_id.",
receiver_id = ".$receiver_id.",
subject = '".$db->escape($subject)."',
message = '".$db->escape($message)."',
send_time = ".time().",
status = 1");
if ($db->affected_rows()) {
$messages[] = __('compose-success');
$sender = htmlspecialchars($_SESSION['username'], ENT_QUOTES, 'UTF-8');
if ($new_message === 1) {
$mail = new VEmail();
$search = array('[#SITE_NAME#]', '[#BASE_URL#]', '[#USERNAME#]', '[#PROFILE_URL#]',
'[#SUBJECT#]', '[#MESSAGE#]', '[#INBOX_URL#]', '[#NOTIFS_URL#]');
$replace = array(VF::cfg_item('site_name'), BASE_URL, $sender, BASE_URL.'/users/'.$sender.'/',
$subject, $message, BASE_URL.'/message/inbox/', BASE_URL.'/user/notifications/');
$mail->predefined('user-message', $email, $search, $replace, 'noreply');
}
} else {
throw new Exception('Failed to add database entry!');
}
}
}
$this->tpl->menu = 'home';
$this->tpl->submenu = 'user-message-compose';
$this->tpl->colmenu = 'manage';
$this->tpl->title = __('compose-title');
$this->tpl->meta_title = __('compose-meta-title');
$this->tpl->errors = $errors;
$this->tpl->messages = $messages;
$this->tpl->msg = $msg;
$this->tpl->load(array('header', 'user_message_compose', 'footer'));
$this->tpl->display();
}
}