Code:
else if($action=="renamefolder")
{
addonline(getuid_sid($sid),"Renaming PM Folder - xHTML:v3","");
echo xhtmlheadnotheme("Renaming PM Folder");
$canrename = "false";
$folderid = $_GET["fid"];
$foldername = mysql_fetch_array(mysql_query("SELECT foldername, uid FROM ibwf_private_folders WHERE folderid='".$folderid."'"));
if ($foldername[1]==$uid)
{
$canrename = "true";
echo "
<center>";
echo "Renaming Folder: [i][b]$foldername[0][/b][/i]
";
echo "<form action=\"inbox.php?action=rnamefdone&sid=$sid\" method=\"post\">";
echo "New Folder Name
<input name=\"newname\" format=\"*x\" maxlength=\"25\"/>
";
echo "<input type=\"hidden\" name=\"fid\" value=\"$folderid\"/>";
echo "<input type=\"submit\" value=\"Rename\"/>";
echo "</form>";
echo "</center></p>";
}else{
echo "<p align=\"center\">";
echo "This is not Your Folder!";
echo "</p>";
}
echo "
[size="1"]";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo " > ";
echo "<a href=\"inbox.php?action=main&sid=$sid\">Inbox</a>";
echo " > ";
if ($canrename=="true")
{
echo "<a href=\"inbox.php?action=folder&folderid=$folderid&sid=$sid\">$foldername[0]</a>";
}else{
echo "ERROR";
}
echo " > ";
echo "Renaming Folder";
echo "[/size]</p>";
echo xhtmlfoot();
}
////////////////////////////////////////RENAME FOLDER - DONE
else if($action=="rnamefdone")
{
addonline(getuid_sid($sid),"Renaming PM Folder - xHTML:v3","");
echo xhtmlheadnotheme("Renaming PM Folder");
$folderid = $_POST["fid"];
$newname = $_POST["newname"];
$res = mysql_query("UPDATE ibwf_private_folders SET foldername='".$newname."' WHERE folderid='".$folderid."'");
echo "<p align=\"center\">";
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Folder Renamed Successfully
";
}else{
echo "<img src=\"images/notok.gif\" alt=\"O\"/>Rename Error!
";
}
echo "</p>";
echo "
[size="1"]";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo " > ";
echo "<a href=\"inbox.php?action=main&sid=$sid\">Inbox</a>";
echo " > ";
echo "<a href=\"inbox.php?action=folder&folderid=$folderid&sid=$sid\">$newname</a>";
echo " > ";
echo "Folder Renamed";
echo "[/size]</p>";
echo xhtmlfoot();
}
////////////////////////////////////////DELETE FOLDER
else if($action=="delfolder")
{
addonline(getuid_sid($sid),"Deleting PM Folder - xHTML:v3","");
echo xhtmlheadnotheme("Deleting PM Folder");
$folderid = $_GET["fid"];
$foldername = mysql_fetch_array(mysql_query("SELECT foldername, uid FROM ibwf_private_folders WHERE folderid='".$folderid."'"));
if ($foldername[1]==$uid)
{
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_private_folders WHERE folderid='".$folderid."'");
$sql = "SELECT folderid FROM ibwf_private WHERE folderid='".$folderid."'";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$sql = mysql_query("UPDATE ibwf_private SET folderid='0' WHERE folderid='".$folderid."'");
}
}
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Folder Deleted Successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"O\"/>Delete Error!";
}
echo "</p>";
}else{
echo "<p align=\"center\">";
echo "This is not Your Folder!";
echo "</p>";
}
echo "
[size="1"]";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo " > ";
echo "<a href=\"inbox.php?action=main&sid=$sid\">Inbox</a>";
echo " > ";
echo "$foldername[0]";
echo " > ";
echo "Deleted";
echo "[/size]</p>";
echo xhtmlfoot();
}
else if($action=="readpm")
{
addonline(getuid_sid($sid),"Reading PM - xHTML:v3","");
$pstyle = theme($sid);
echo xhtmlhead("Read PM",$pstyle);
$pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, timesent, touid, reported, title FROM ibwf_private WHERE id='".$pmid."'"));
if(getuid_sid($sid)==$pminfo[3])
{
$chread = mysql_query("UPDATE ibwf_private SET unread='0' WHERE id='".$pmid."'");
}
if(($pminfo[3]==getuid_sid($sid))||($pminfo[1]==getuid_sid($sid)))
{
if(getuid_sid($sid)==$pminfo[3])
{
if(isonline($pminfo[1]))
{
$iml = "<img src=\"images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM By: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[1]&sid=$sid\">$iml".getnick_uid($pminfo[1])."</a>";
}else{
if(isonline($pminfo[3]))
{
$iml = "<img src=\"images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM To: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[3]&sid=$sid\">$iml".getnick_uid($pminfo[3])."</a>";
}
$tmstamp = $pminfo[2];
$tmdt = date("d/m/Y - H:i:s", $tmstamp);
echo "<div class=\"HTAB\" style=\"background:#FFFFFF\">";
echo "<div>";
echo "$blueh";
echo "$ptxt $bylnk
Subject: [size="1"]$pminfo[5][/size]
[size="1"]<font color=\"#ffffff\">$tmdt</font>[/size]</div>";
echo "$blueb";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"169\">";
echo "<tr>";
echo "<td class=\"IL-R\"><font color=\"#000000\">";
$pmtext = parsepm($pminfo[0], $sid);
$pmtext = str_replace("/faq","<a href=\"lists.php?action=faqs&sid=$sid\"><font color=\"#ffffff\">Users Questions</font></a>", $pmtext);
$pmtext = str_replace("/help","<a href=\"help.php?sid=$sid\"><font color=\"#ffffff\">Our help menu</font></a>", $pmtext);
$pmtext = str_replace("/reader",getnick_uid($pminfo[3]), $pmtext);
if(isspam($pmtext))
{
if(($pminfo[4]=="0") && ($pminfo[1]!=1))
{
mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."'");
}
}
echo $pmtext;
echo "</font></td>";
echo "</tr>";
echo "</table>";
echo "</div>";
echo "</div>";
echo "
<center>";
echo "<form action=\"inbxproc.php?action=proc&sid=$sid\" method=\"post\">";
echo "[size="1"]Action[/size]<select name=\"pmact\">";
echo "<option value=\"rep-$pmid\">Reply</option>";
echo "<option value=\"del-$pmid\">Delete</option>";
if(isstarred($pmid))
{
echo "<option value=\"ust-$pmid\">Unstar</option>";
}else{
echo "<option value=\"str-$pmid\">Star</option>";
}
echo "<option value=\"rpt-$pmid\">Report</option>";
echo "<option value=\"frd-$pmid\">Email To</option>";
echo "<option value=\"dnl-$pmid\">Download</option>";
echo "</select>";
echo "
<input type=\"submit\" value=\"GO\"/>";
echo "</form>";
$nof = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private_folders WHERE uid='".$uid."'"));
if ($nof[0]>=1){
echo "<form action=\"inbox.php?action=movetofolder&sid=$sid\" method=\"post\">";
$uid = getuid_sid($sid);
echo "[size="1"]Move To[/size]<select name=\"movetof\">";
$foldername = mysql_query("SELECT folderid, foldername FROM ibwf_private_folders WHERE uid='".$uid."'");
while ($items = mysql_fetch_array($foldername))
{
echo "<option value=\"$items[0]\">".htmlspecialchars($items[1])."</option>";
}
echo "</select>";
echo "<input type=\"hidden\" name=\"pmid\" value=\"$pmid\"/>";
echo "
<input type=\"submit\" value=\"Move\"/>";
echo "</form>";
}
echo "<a href=\"inbox.php?action=dialog&sid=$sid&who=$pminfo[1]\">Dialog</a>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
echo "</center></p>";
echo "
[size="1"]";
echo "<a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo " > ";
echo "<a href=\"inbox.php?action=main&sid=$sid\">Inbox</a>";
echo " > ";
echo "Reading PM";
echo "[/size]</p>";
echo xhtmlfoot();
}
Comment