2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
authorize();
|
|
|
|
|
|
|
|
|
2013-05-05 08:00:31 +00:00
|
|
|
if (empty($_POST['toid'])) {
|
|
|
|
error(404);
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-05-05 08:00:31 +00:00
|
|
|
if (!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$_POST['toid']])) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error(403);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2013-06-04 08:00:34 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2011-03-28 14:21:28 +00:00
|
|
|
if (isset($_POST['convid']) && is_number($_POST['convid'])) {
|
|
|
|
$ConvID = $_POST['convid'];
|
2013-05-05 08:00:31 +00:00
|
|
|
$Subject = '';
|
2011-03-28 14:21:28 +00:00
|
|
|
$ToID = explode(',', $_POST['toid']);
|
2013-05-05 08:00:31 +00:00
|
|
|
foreach ($ToID as $TID) {
|
|
|
|
if (!is_number($TID)) {
|
|
|
|
$Err = 'A recipient does not exist.';
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
$DB->query("SELECT UserID FROM pm_conversations_users WHERE UserID='$LoggedUser[ID]' AND ConvID='$ConvID'");
|
2013-05-05 08:00:31 +00:00
|
|
|
if ($DB->record_count() == 0) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error(403);
|
|
|
|
}
|
|
|
|
} else {
|
2013-05-05 08:00:31 +00:00
|
|
|
$ConvID = '';
|
|
|
|
if (!is_number($_POST['toid'])) {
|
|
|
|
$Err = 'This recipient does not exist.';
|
2011-03-28 14:21:28 +00:00
|
|
|
} else {
|
|
|
|
$ToID = $_POST['toid'];
|
|
|
|
}
|
|
|
|
$Subject = trim($_POST['subject']);
|
|
|
|
if (empty($Subject)) {
|
|
|
|
$Err = "You can't send a message without a subject.";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$Body = trim($_POST['body']);
|
2013-05-05 08:00:31 +00:00
|
|
|
if ($Body === '' || $Body === false) {
|
2013-06-05 08:01:01 +00:00
|
|
|
$Err = "You can't send a message without a body.";
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
2013-05-05 08:00:31 +00:00
|
|
|
if (!empty($Err)) {
|
2011-03-28 14:21:28 +00:00
|
|
|
error($Err);
|
|
|
|
//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
|
|
|
|
$ToID = $_POST['toid'];
|
|
|
|
$Return = true;
|
|
|
|
include(SERVER_ROOT.'/sections/inbox/compose.php');
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
2013-03-10 08:00:41 +00:00
|
|
|
$ConvID = Misc::send_pm($ToID, $LoggedUser['ID'], $Subject, $Body, $ConvID);
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-06-05 08:01:01 +00:00
|
|
|
header('Location: ' . Inbox::get_inbox_link($LoggedUser['ListUnreadPMsFirst']));
|
2011-03-28 14:21:28 +00:00
|
|
|
?>
|