$boardname - Private messages$tblstart"; if(!$action and $log and (!$id or ($id and $loguserid==$msg[userto]))){ print '
'; if($log && $id){ $user=loaduser($msg[userfrom],1); $quotemsg="[quote=$user[name]]$msg[text][/quote] "; $subject="Re: $msg[title]"; $tcellbg="$tccell1l valign=top"; $postlist=" $tccellh width=150>User $tccellh>Message $tcellbg>$user[name]$smallfont
Posts: $postnum$user[posts] $tcellbg>".doreplace2($msg[text])." "; }else $postlist=''; if($userid) $user=loaduser($userid,1); $user[name]=htmlspecialchars($user[name]); $subject=htmlspecialchars($subject); print " $tccellh width=150>  $tccellh>  $tccell1>Send to: $tccell2l>$inpt=username VALUE=\"$user[name]\" SIZE=25 MAXLENGTH=25> $tccell1>Subject: $tccell2l>$inpt=subject VALUE=\"$subject\" SIZE=60 MAXLENGTH=100> $tccell1>Message: $tccell2l>$txta=message ROWS=20 COLS=$numcols>$quotemsg $tccell1>  $tccell2l> $inph=action VALUE=sendmsg> $inps=submit VALUE='Send message'> $inps=preview VALUE='Preview message'> $tblend
$tblstart $postlist $tblend $fonttag$boardname - Private messages "; } if($action=='sendmsg'){ $userid=checkusername($username); if($userid!=-1 and $subject){ $subject=str_replace('<','<',$subject); $sign=$loguser[signature]; $head=$loguser[postheader]; if($user[postbg]) $head="
$head"; $numdays=(ctime()-$loguser[regdate])/86400; $message=doreplace($message,$loguser[posts],$numdays,$loguser[name]); $rsign=doreplace($sign,$loguser[posts],$numdays,$loguser[name]); $rhead=doreplace($head,$loguser[posts],$numdays,$loguser[name]); $currenttime=ctime(); if($submit){ $headid=getpostlayoutid($head); $signid=getpostlayoutid($sign); mysql_query("INSERT INTO pmsgs (id,userto,userfrom,date,ip,msgread,headid,signid) VALUES (NULL,$userid,$loguserid,$currenttime,'$userip',0,$headid,$signid)"); mysql_query("INSERT INTO pmsgs_text (pid,title,text,tagval) VALUES (".mysql_insert_id().",'$subject','$message','$tagval')") or print mysql_error(); print " $tccell1>Private message to $username sent successfully!.
".redirect('private.php','your private message box...',0).$tblend; }else{ loadtlayout(); $ppost=$loguser; $message = stripslashes($message); $username = stripslashes($username); $subject = stripslashes($subject); $ppost[uid]=$loguserid; $ppost[date]=$currenttime; $ppost[headtext]=$rhead; $ppost[signtext]=$rsign; $ppost[text]=$message; if($isadmin) $ip=$userip; print " $tccellh>Message preview $tblend$tblstart ".threadpost($ppost,1)." $tblend
$tblstart
$tccellh width=150> $tccellh>  $tccell1>Message: $tccell2l>$txta=message ROWS=10 COLS=$numcols>$message $tccell1> $tccell2l> $inph=username VALUE=\"".htmlspecialchars($username)."\"> $inph=subject VALUE=\"$subject\"> $inph=action VALUE=sendmsg> $inps=submit VALUE=\"Send message\"> $inps=preview VALUE='Preview message'> "; } }else print " $tccell1>Couldn't send the message. You didn't enter an existing username to send the message to.
".redirect('private.php','return to the private message box',2); } if($action=='delete' and $msg[userto]==$loguserid){ mysql_query("DELETE FROM pmsgs WHERE id=$id"); mysql_query("DELETE FROM pmsgs_text WHERE pid=$id"); print " $tccell1>Thank you, $loguser[name], for deleting the message.
".redirect('private.php','return to the private message box',0).$tblend; } print $footer; printtimedif($startingtime); ?>