if ($ConvID = (int)$_GET['id']) { // Get conversation info $DB->query(" SELECT Subject, UserID, Level, AssignedToUser, Unread, Status FROM staff_pm_conversations WHERE ID = $ConvID"); list($Subject, $UserID, $Level, $AssignedToUser, $Unread, $Status) = $DB->next_record(); $LevelCap = 1000; $Level = min($Level, $LevelCap); if (!(($UserID == $LoggedUser['ID']) || ($AssignedToUser == $LoggedUser['ID']) || (($Level > 0 && $Level <= $LoggedUser['EffectiveClass']) || ($Level == 0 && $IsFLS)) )) { // User is trying to view someone else's conversation error(403); } // User is trying to view their own unread conversation, set it to read if ($UserID == $LoggedUser['ID'] && $Unread) { $DB->query(" UPDATE staff_pm_conversations SET Unread = false WHERE ID = $ConvID"); // Clear cache for user $Cache->delete_value("staff_pm_new_$LoggedUser[ID]"); } View::show_header('Staff PM', 'staffpm,bbcode'); $UserInfo = Users::user_info($UserID); $UserStr = Users::format_username($UserID, true, true, true, true); $OwnerID = $UserID; $OwnerName = $UserInfo['Username']; ?>