<?php
include("head.php");
$pmid = $_GET["pmid"];
$action = $_GET["action"];
$box = mysql_fetch_array(mysql_query("SELECT box FROM ibwf_users WHERE id='".$uid."'"));
////////////////////////////////////////////////////////////////////
if($action=="sendpm")
{
addonline(getuid_sid($sid),"Sending PM","");
echo "<div><br/>Send PM<br/></div>";
echo "<p align=\"center\">";
$whonick = getnick_uid($who);
if((isinvisable(getuid_sid($sid)))&&(isonline($who))&&(!isvip($who))){
echo "Cant Send PM to $whonick<br/>Your Invisable!<br/></p>";
}else{
echo "Send PM to $whonick<br/><br/></p>";
$upload = $_GET["upload"];
$gold = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$uid."'"));
if($gold[0]>999&&$upload==""){
echo "<a href=\"inbox.php?action=$action&who=$who&upload=1\">Add Temporary Attachment</a><br/><br/>";
}else if($gold[0]>999&&$upload==1){
echo "<a href=\"inbox.php?action=$action&who=$who\">Remove Attachment</a><br/><br/>";
}
if($upload==1&&$gold[0]>999){
echo "<form enctype=\"multipart/form-data\" action=\"inbxproc.php?action=sendpmx&who=$who\" method=\"post\">";
}else{
echo "<form action=\"inbxproc.php?action=sendpm&who=$who\" method=\"post\">";
}
echo "Title: <input name=\"title\" format=\"\" maxlength=\"50\"/><br/>";
if($box[0]==0){
echo "Message: <input name=\"pmtext\"/><br/>";
}else{
echo "Message: <textarea name=\"pmtext\"></textarea><br/>";
}
if($upload==1&&$gold[0]>999){
echo "Attatchment:<input type=\"file\" name=\"filetoupload\"/><br><br/>";
}
echo "<input type=\"submit\" value=\"SEND\"/>";
echo "</form>";
}
echo "<p align=\"center\">";
echo "<br/><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////
else if($action=="sendto")
{
addonline(getuid_sid($sid),"Sending PM","");
echo "<div><br/>Send PM<br/></div>";
echo "<p align=\"center\">";
$whonick = getnick_uid($who);
if(isinvisable(getuid_sid($sid))){
echo "Remember your invisable:<br/>This Message will only send if Person Your Sending To Is A Vip<br/>";
}
echo "Send PM to:<br/><br/>";
echo "</p>";
echo "<form action=\"inbxproc.php?action=sendto\" method=\"post\">";
echo "User: <input name=\"who\" format=\"*x\" maxlength=\"15\"/><br/>";
echo "Title: <input name=\"title\" format=\"\" maxlength=\"50\"/><br/>";
if($box[0]==0){
echo "Message: <input name=\"pmtext\"/><br/>";
}else{
echo "Message: <textarea name=\"pmtext\"></textarea><br/>";
}
echo "<input type=\"submit\" value=\"SEND\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////rename folder
else if($action=="rename")
{
addonline(getuid_sid($sid),"Renaming PM Folder","");
$fid = mysql_real_escape_string($_GET["fid"]);
$folder = mysql_fetch_array(mysql_query("SELECT name, pic, uid FROM inbox_folders WHERE id='".$fid."'"));
if($folder[2]!=$uid){
echo "<div><br/>Doh!br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This Folder Does Not Belong To You!<br/><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
echo "<div><br/>Renaming Folder: $folder[0]<br/></div>";
echo "<form action=\"inbxproc.php?action=rename\" method=\"post\">";
echo "New Folder Name: <input name=\"newname\" format=\"*x\" maxlength=\"25\"/><br/>";
echo "<input type=\"hidden\" name=\"fid\" value=\"$fid\"/>";
echo "Type: <select name=\"type\">";
echo "<option value=\"1\">Standard</option>";
echo "<option value=\"2\">Open</option>";
echo "<option value=\"3\">Star</option>";
echo "<option value=\"4\">Heart</option>";
echo "<option value=\"5\">Tick</option>";
echo "<option value=\"6\">Link</option>";
echo "<option value=\"7\">Video</option>";
echo "<option value=\"8\">Music</option>";
echo "<option value=\"9\">Pic</option>";
echo "</select>";
echo "<input type=\"submit\" value=\"Rename\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/>";
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////main
else if($action=="main")
{
addonline(getuid_sid($sid),"User Inbox","");
$place = $_GET["place"];
if($place!=""){
mysql_query("UPDATE ibwf_users SET inbox='".$place."' WHERE id='".$uid."'");
}
echo "<div><br/>Inbox<br/></div>";
$view="urd";
$myid = getuid_sid($sid);
$num_items = getpmcount($myid,$view); //changable
if($num_items>0)
{
echo "<p>";
echo " <img src=\"/images/inboxnew.gif\" alt=\"*\"/> New<br/>";
//changable sql
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred, b.title FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."' AND b.unread='1'
ORDER BY b.timesent DESC
LIMIT 0, 10";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
$iml = "<img src=\"images$folder/npm.gif\" alt=\"+\"/>";
if($item[5]==""){
$item[5] = "Message";
}
$lnk = "<a href=\"inbox.php?action=readpm&pmid=$item[1]\">$iml $item[5]</a> By <a href=\"index.php?action=viewuser&who=$item[2]\">$item[0]</a>";
echo "$lnk<br/>";
}
echo "</p>";
}
$mood = mysql_fetch_array(mysql_query("SELECT inboxalarm FROM ibwf_users WHERE id='".$uid."'"));
if($mood[0]>0){
$switch = "Off";
}else{
$switch = "On";
}
echo "<p align=\"center\">";
echo "<a href=\"genproc.php?action=inboxalarm\">Turn Inbox Alarm $switch</a><br/>";
$nof = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM inbox_folders WHERE uid='".$uid."'"));
if($nof[0]<11){
echo "<a href=\"inbox.php?action=newf\">Create New Folder</a><br/>";
}
echo "</p>";
echo "<p>";
$rpmnif = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE touid='".$uid."' AND unread='0' AND fid='0'"));
echo " <img src=\"/images/inboxbin.gif\" alt=\"*\"/> <a href=\"inbox.php?action=folder&fid=old\">Recycle Bin</a> ($rpmnif[0])<br/>";
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_bookmarks WHERE uid='".$uid."'"));
echo " <img src=\"/images/bookmark.gif\" alt=\"*\"/> <a href=\"inbox.php?action=bookmarks\">Bookmarks</a> ($noi[0])<br/>";
$snt = "snt";
$sent = getpmcount($uid,$snt);
echo " <img src=\"/images/inboxsent.gif\" alt=\"*\"/> <a href=\"inbox.php?action=folder&fid=sent\">Sent</a> ($sent)<br/><br/>";
$sql = "SELECT name, id, pic FROM inbox_folders WHERE uid='".$uid."' ORDER BY name DESC";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE touid='".$uid."' AND fid='".$item[1]."'"));
$lnk = " <img src=\"/images/inbox$item[2].gif\" alt=\"*\"/> <a href=\"inbox.php?action=folder&fid=$item[1]\">$item[0]</a> ($noi[0])";
echo "$lnk<br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"search.php?action=nbx\">Search</a><br/>";
echo "<a href=\"inbox.php?action=sendto\">Send To</a><br/>";
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////////////////
else if($action=="folder")
{
addonline(getuid_sid($sid),"User Inbox","");
$fid = mysql_real_escape_string($_GET["fid"]);
if($fid=="old"){
$pic = "<img src=\"/images/inboxbin.gif\" alt=\"*\"/>";
$fname = "Recycle Bin";
}else if($fid=="sent"){
$fname = "Sent";
$pic = "<img src=\"/images/inboxsent.gif\" alt=\"*\"/>";
}else{
$folder = mysql_fetch_array(mysql_query("SELECT name, pic FROM inbox_folders WHERE id='".$fid."'"));
$fname = $folder[0];
$pic = "<img src=\"/images/inbox$folder[1].gif\" alt=\"*\"/>";
}
echo "<div><br/>$pic $fname<br/></div>";
echo "<p align=\"center\">";
if(($fid!="old")&&($fid!="sent")){
echo "<a href=\"inbox.php?action=rename&fid=$fid\">Rename Folder</a><br/>";
echo "<a href=\"inbxproc.php?action=delf&fid=$fid\">Delete Folder</a><br/>";
}
if($fid!="sent"){
echo "<a href=\"inbxproc.php?action=proall&fid=$fid\">Delete All</a><br/>";
}
echo "</p>";
//////ALL LISTS SCRIPT <<
if($view=="")$view="all";
if($page=="" || $page<=0)$page=1;
$myid = getuid_sid($sid);
if($fid=="old"){
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE touid='".$uid."' AND unread='0' AND fid='0'"));
}else if($fid=="sent"){
$snt = "snt";
$noi[0] = getpmcount($myid,$snt);
}else{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE touid='".$uid."' AND fid='".$fid."'"));
}
$num_items = $noi[0]; //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
if($fid=="old"){
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred, b.title FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."' AND b.unread='0' AND b.fid='0'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}else if($fid=="sent"){
$sql = "SELECT
a.name, b.id, b.touid, b.unread, b.starred, b.title FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.touid
WHERE b.byuid='".$myid."'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}else{
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred, b.title FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."' AND b.fid='".$fid."'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
if($item[3]=="1")
{
$iml = "<img src=\"images/npm.gif\" alt=\"+\"/>";
}else{
if($item[4]=="1")
{
$iml = "<img src=\"images/spm.gif\" alt=\"*\"/>";
}else{
$iml = "<img src=\"images/opm.gif\" alt=\"-\"/>";
}
}
if($item[5]==""){
$item[5] = "Message";
}
$lnk = "<a href=\"inbox.php?action=readpm&pmid=$item[1]\">$iml $item[5]</a> By <a href=\"index.php?action=viewuser&who=$item[2]\">$item[0]</a>";
echo "$lnk<br/>";
}
echo "<br/>";
echo "</p>";
echo "<p align=\"center\">";
$npage = $page+1;
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"inbox.php?action=$action&page=$ppage&fid=$fid\">«Prev</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"inbox.php?action=$action&page=$npage&fid=$fid\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
echo "</p>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "Jump to page: <input name=\"page\" style=\"-wap-input-format=*N\" size=\"3\"/><br/>";
$rets .= "<input type=\"submit\" value=\"GO\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"view\" value=\"$view\"/>";
$rets .= "<input type=\"hidden\" name=\"fid\" value=\"$fid\"/>";
$rets .= "</form>";
echo $rets;
}
echo "<br/>";
}else{
echo "<p align=\"center\">";
echo "This Folder Is Currently Empty!<br/>";
echo "</p>";
}
////// UNTILL HERE >>
echo "<p align=\"center\">";
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////////////////
else if($action=="bookmarks")
{
addonline(getuid_sid($sid),"Bookmarks","");
echo "<div><br/>Bookmarks<br/></div>";
echo "<p align=\"center\">";
//////ALL LISTS SCRIPT <<
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_bookmarks WHERE uid='".$uid."'"));
if($noi[0]>0){
$num_items = $noi[0]; //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
//changable sql
$sql = "SELECT id, tid FROM ibwf_bookmarks WHERE uid='".$uid."' ORDER BY id DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$item[1]."'"));
$lnk = "<a href=\"index.php?action=viewtpc&tid=$item[1]\">$tname[0]</a>";
$del = "<a href=\"inbxproc.php?action=delbm&bid=$item[0]\">[X]</a>";
echo "$lnk ..... $del<br/>";
}
}
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"inbox.php?action=$action&page=$ppage&who=$who\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"inbox.php?action=$action&page=$npage&who=$who\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
echo "</p>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
}
////// UNTILL HERE >>
echo "<p align=\"center\">";
}else{
echo "You Currently Have No Bookmarks<br/>To Add A Bookmark Simply Click On Any <b>* </b> In a Topic And Then Click On <b>Add Bookmark! </b><br/>";
}
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////
else if($action=="newf")
{
addonline(getuid_sid($sid),"Creating Folder","");
echo "<div><br/>Create Folder<br/></div>";
$nof = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM inbox_folders WHERE uid='".$uid."'"));
if($nof[0]<11){
echo "<form method=\"post\" action=\"inbxproc.php?action=newf\">";
echo "Folder Name: <input name=\"fname\" maxlength=\"25\"/><br/>";
echo "Type: <select name=\"type\">";
echo "<option value=\"1\">Standard</option>";
echo "<option value=\"2\">Open</option>";
echo "<option value=\"3\">Star</option>";
echo "<option value=\"4\">Heart</option>";
echo "<option value=\"5\">Tick</option>";
echo "<option value=\"6\">Link</option>";
echo "<option value=\"7\">Video</option>";
echo "<option value=\"8\">Music</option>";
echo "<option value=\"9\">Pic</option>";
echo "</select>";
echo "<input type=\"submit\" name=\"Submit\" value=\"Create\"/>";
echo "</form><br/>";
echo "<p align=\"center\">";
}else{
echo "You Already Have 10 folders!<br/>";
}
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////move to folder
else if($action=="movetofolder")
{
addonline(getuid_sid($sid),"Moving PM to Folder","");
echo "<div><br/>Move Pm<br/></div>";
echo "<p align=\"center\">";
$movetof = mysql_real_escape_string($_POST["movetof"]);
$pmid = mysql_real_escape_string($_POST["pmid"]);
$uid = getuid_sid($sid);
$str = mysql_query("UPDATE ibwf_private SET fid='".$movetof."' WHERE id='".$pmid."' ");
if($str)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM moved successfully<br/><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't move PM at the moment<br/><br/>";
}
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////
else if($action=="readpm")
{
addonline(getuid_sid($sid),"Reading PM","");
echo "<div><br/>Read PM<br/></div>";
echo "<p align=\"center\">";
$pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, timesent,touid, reported, title FROM ibwf_private WHERE id='".$pmid."'"));
if(getuid_sid($sid)==$pminfo[3])
{
$chread = mysql_query("UPDATE ibwf_private SET unread='0' WHERE id='".$pmid."'");
}
if(($pminfo[3]==getuid_sid($sid))||($pminfo[1]==getuid_sid($sid)))
{
if(getuid_sid($sid)==$pminfo[3])
{
if(isonline($pminfo[1]))
{
$iml = "<img src=\"images$folder/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images$folder/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM By: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[1]\">$iml".getnick_uid($pminfo[1])."</a>";
}else{
if(isonline($pminfo[3]))
{
$iml = "<img src=\"images$folder/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images$folder/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM To: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[3]\">$iml".getnick_uid($pminfo[3])."</a>";
}
echo "$ptxt $bylnk<br/>";
$tmstamp = $pminfo[2];
$tmdt = date("d m Y - H:i:s", $tmstamp);
echo "$tmdt<br/><br/>";
if(isspam($pminfo[5]))
{
if(($pminfo[4]=="0") && (!isstatus7($pminfo[1])) && (!isstatus10($pminfo[3]))&&($pminfo[3]!=8634)&&($pminfo[1]!=8634))
{
mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."'");
}
}
if($pminfo[5]!=""){
echo "<u>$pminfo[5]</u><br/><br/>";
$reply = str_replace("Re: ","",$pminfo[5]);
$reply = "Re: $reply";
}else{
$reply = "";
}
$pmtext = parsepm($pminfo[0], $sid);
$pmtext = str_replace("/llfaqs","<a href=\"lists.php?action=faqs\">wapirate FAQs</a>", $pmtext);
$pmtext = str_replace("/reader",getnick_uid($pminfo[3]), $pmtext);
if(isspam($pmtext))
{
if(($pminfo[4]=="0") && (!isstatus7($pminfo[1])) && (!isstatus10($pminfo[3]))&&($pminfo[3]!=8634)&&($pminfo[1]!=8634))
{
mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."'");
}
}
echo $pmtext;
$path = mysql_fetch_array(mysql_query("SELECT filename, size FROM download_inbox WHERE pmid='".$pmid."'"));
$osize = round($path[1],1);
if($osize>1023)
{
$msize = $osize / 1024;
$nsize = round($msize,2);
$size = "$nsize mb";
}else{
$size = "$osize kb";
}
if($path[0]!=""){
echo "<br/><small>» Temporary Attatchment <img src=\"images/clip.gif\" alt=\"@\"/><br/>»<a href=\"inbox.php?action=getx&pmid=$pmid\">$path[0]</a> ($size)<br/>(Attached Untill Sunday)</small><br/>";
}
echo "<br/><br/>";
if((isinvisable(getuid_sid($sid)))&&(isonline($pminfo[1]))&&(!isvip($pminfo[1]))){
echo "<b>Cant Reply: Turn Your Invisability Off First!</b><br/>";
}else{
echo "</p>";
echo "<center>";
$upload = $_GET["upload"];
$gold = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$uid."'"));
if($gold[0]>999&&$upload==""){
echo "<a href=\"inbox.php?action=$action&pmid=$pmid&upload=1\">Add Temporary Attachment</a><br/><br/>";
}else if($gold[0]>999&&$upload==1){
echo "<a href=\"inbox.php?action=$action&pmid=$pmid\">Remove Attachment</a><br/>(Temporary Attachments will be Deleted Every Sunday)<br/><br/>";
}
if($upload==1&&$gold[0]>999){
echo "<form enctype=\"multipart/form-data\" action=\"inbxproc.php?action=sendpmx&who=$pminfo[1]\" method=\"post\">";
}else{
echo "<form action=\"inbxproc.php?action=sendpm&who=$pminfo[1]\" method=\"post\">";
}
echo "Title: <input name=\"title\" format=\"\" maxlength=\"50\" value=\"$reply\"/><br/>";
if($box[0]==0){
echo "Reply: <input name=\"pmtext\"/><br/>";
}else{
echo "Reply: <textarea name=\"pmtext\"></textarea><br/>";
}
if($upload==1&&$gold[0]>999){
echo "Attatchment:<input type=\"file\" name=\"filetoupload\"/><br><br/>";
}
echo "<input type=\"submit\" value=\"Reply\"/>";
echo "</form><br/>";
echo "</center>";
}
echo "<form action=\"inbxproc.php?action=proc\" method=\"post\">";
echo "Action: <select name=\"pmact\">";
echo "<option value=\"del-$pmid\">Delete</option>";
echo "<option value=\"rpt-$pmid\">Report</option>";
echo "<option value=\"frd-$pmid\">Forward</option>";
echo "<option value=\"rnm-$pmid\">Rename Title</option>";
echo "</select>";
echo "<input type=\"submit\" value=\"GO\"/>";
echo "</form>";
if(getuid_sid($sid)==$pminfo[3])
{
echo "<form action=\"inbox.php?action=movetofolder\" method=\"post\">";
echo "Move To: <select name=\"movetof\">";
$foldername = mysql_query("SELECT id, name FROM inbox_folders WHERE uid='".$uid."'");
while ($items = mysql_fetch_array($foldername))
{
echo "<option value=\"$items[0]\">".htmlspecialchars($items[1])."</option>";
}
echo "</select>";
echo "<input type=\"hidden\" name=\"pmid\" value=\"$pmid\"/>";
echo "<input type=\"submit\" value=\"Move\"/>";
echo "</form>";
}
echo "<p align=\"center\">";
echo "<br/><br/><a href=\"inbox.php?action=dialog&who=$pminfo[1]\">Dialog</a>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
echo "<br/><br/><a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
echo"<b><small>Or<br/></small></b>";
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////
else if($action=="dialog")
{
addonline(getuid_sid($sid),"Viewing PM Dialog","");
echo "<div><br/>Dialog<br/></div>";
$uid = getuid_sid($sid);
if($page=="" || $page<=0)$page=1;
$myid = getuid_sid($sid);
$pms = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE (byuid=$uid AND touid=$who) OR (byuid=$who AND touid=$uid) ORDER BY timesent"));
echo mysql_error();
$num_items = $pms[0]; //changable
$items_per_page= 7;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
echo "<p align=\"center\">";
$pms = mysql_query("SELECT byuid, text, timesent FROM ibwf_private WHERE (byuid=$uid AND touid=$who) OR (byuid=$who AND touid=$uid) ORDER BY timesent DESC LIMIT $limit_start, $items_per_page");
while($pm=mysql_fetch_array($pms))
{
if(isonline($pm[0]))
{
$iml = "<img src=\"images$folder/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images$folder/ofl.gif\" alt=\"-\"/>";
}
$bylnk = "<a href=\"index.php?action=viewuser&who=$pm[0]\">$iml".getnick_uid($pm[0])."</a>";
echo $bylnk;
$tmopm = date("d m y - h:i:s",$pm[2]);
echo "$tmopm<br/>";
echo parsepm($pm[1], $sid);
echo "<br/>--------------<br/>";
}
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"inbox.php?action=dialog&page=$ppage&who=$who\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"inbox.php?action=dialog&page=$npage&who=$who\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "Jump To Page: <input name=\"page\" format=\"*N\" size=\"3\"/>";
$rets .= "<input type=\"submit\" value=\"GO\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\"/>";
$rets .= "</form>";
echo $rets;
echo "<p align=\"center\">";
}
}else{
echo "<p align=\"center\">";
echo "NO DATA";
}
echo "<a href=\"inbox.php?action=main\">Back to Inbox</a><br/>";
$inb = mysql_fetch_array(mysql_query("SELECT inbox FROM ibwf_users WHERE id='".$uid."'"));
if($inb[0]!=""){
echo"<b><small>Or<br/></small></b>";
$place = str_replace("-","&",$inb[0]);
$place = str_replace("**","=",$place);
$place = str_replace("ZE*RO","",$place);
$place = explode("*",$place);
echo "<a href=\"$place[0].php?action=$place[1]\"/>Back to $place[2]</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
/////////get attachment
else if($action=="getx"){
$pmid = $_GET["pmid"];
addonline(getuid_sid($sid),"Downloading","");
echo "<div><br/>Download<br/></div>";
echo "<p align=\"center\">";
$pminfo = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_private WHERE id='".$pmid."'"));
if($pminfo[0]!=$uid&&$pminfo[1]!=$uid){
echo "This Attachment Does Not Belong To You!<br/>";
}else{
echo "<b>Download Attatchment</b><br/>";
$path = mysql_fetch_array(mysql_query("SELECT filename FROM download_inbox WHERE pmid='".$pmid."'"));
$download = $path[0];
echo "<meta http-equiv=Refresh content=1;url=inbox/download.php?sid=$sid&f=".$download.">";
echo "If Your Download Does Not Start In 5 seconds Click below<br/>";
echo "<a href=\"./inbox/download.php?f=".$download."\">Get File</a><br/><br/><br/>";
echo "<a href=\"inbox.php?action=readpm&pmid=$pmid\">«Back to Message</a><br/>";
}
echo getfoot($sid,$folder);
}
////////////////////////////////
else{
addonline(getuid_sid($sid),"Lost in inbox lol","");
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got in here, but there's nothing to show<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
?>