Gazelle/sections/inbox/takecompose.php

60 lines
1.3 KiB
PHP
Raw Normal View History

2013-06-11 08:01:24 +00:00
<?php
2011-03-28 14:21:28 +00:00
authorize();
2013-05-05 08:00:31 +00:00
if (empty($_POST['toid'])) {
error(404);
}
2011-03-28 14:21:28 +00:00
2013-05-05 08:00:31 +00:00
if (!empty($LoggedUser['DisablePM']) && !isset($StaffIDs[$_POST['toid']])) {
2011-03-28 14:21:28 +00:00
error(403);
}
if (isset($_POST['convid']) && is_number($_POST['convid'])) {
$ConvID = $_POST['convid'];
2013-05-05 08:00:31 +00:00
$Subject = '';
2011-03-28 14:21:28 +00:00
$ToID = explode(',', $_POST['toid']);
2013-05-05 08:00:31 +00:00
foreach ($ToID as $TID) {
if (!is_number($TID)) {
$Err = 'A recipient does not exist.';
2011-03-28 14:21:28 +00:00
}
}
2013-06-10 08:01:05 +00:00
$DB->query("
SELECT UserID
FROM pm_conversations_users
WHERE UserID = '$LoggedUser[ID]'
AND ConvID = '$ConvID'");
2013-07-10 00:08:53 +00:00
if (!$DB->has_results()) {
2011-03-28 14:21:28 +00:00
error(403);
}
} else {
2013-05-05 08:00:31 +00:00
$ConvID = '';
if (!is_number($_POST['toid'])) {
$Err = 'This recipient does not exist.';
2011-03-28 14:21:28 +00:00
} else {
$ToID = $_POST['toid'];
}
$Subject = trim($_POST['subject']);
if (empty($Subject)) {
2013-06-10 08:01:05 +00:00
$Err = 'You cannot send a message without a subject.';
2011-03-28 14:21:28 +00:00
}
}
$Body = trim($_POST['body']);
2013-05-05 08:00:31 +00:00
if ($Body === '' || $Body === false) {
2013-06-10 08:01:05 +00:00
$Err = 'You cannot send a message without a body.';
2011-03-28 14:21:28 +00:00
}
2013-05-05 08:00:31 +00:00
if (!empty($Err)) {
2011-03-28 14:21:28 +00:00
error($Err);
//header('Location: inbox.php?action=compose&to='.$_POST['toid']);
$ToID = $_POST['toid'];
$Return = true;
include(SERVER_ROOT.'/sections/inbox/compose.php');
die();
}
2013-03-10 08:00:41 +00:00
$ConvID = Misc::send_pm($ToID, $LoggedUser['ID'], $Subject, $Body, $ConvID);
2011-03-28 14:21:28 +00:00
2013-06-09 08:01:21 +00:00
2013-06-12 08:00:46 +00:00
header('Location: ' . Inbox::get_inbox_link());
2011-03-28 14:21:28 +00:00
?>