--- a/plugins/PrivateMessages.php Tue Nov 16 12:44:22 2010 -0500
+++ b/plugins/PrivateMessages.php Tue Jul 12 22:13:37 2011 -0400
@@ -96,6 +96,7 @@
die_friendly('Message status', '<p>Your message has been moved to the folder "'.$fname.'".</p><p><a href="'.makeUrlNS('Special', 'PrivateMessages/Folder/Inbox').'">Return to inbox</a></p>');
break;
case 'Delete':
+ csrf_request_confirm();
$id = $argv[1];
if(!preg_match('#^([0-9]+)$#', $id)) die_friendly('Message error', '<p>Invalid message ID</p>');
$q = $db->sql_query('SELECT message_to FROM '.table_prefix.'privmsgs WHERE message_id='.$id.'');
@@ -111,6 +112,7 @@
if($argv[1]=='Send' && isset($_POST['_send']))
{
// Check each POST DATA parameter...
+ csrf_request_confirm();
if(!isset($_POST['to']) || ( isset($_POST['to']) && $_POST['to'] == '')) die_friendly('Sending of message failed', '<p>Please enter the username to which you want to send your message.</p>');
if(!isset($_POST['subject']) || ( isset($_POST['subject']) && $_POST['subject'] == '')) die_friendly('Sending of message failed', '<p>Please enter a subject for your message.</p>');
if(!isset($_POST['message']) || ( isset($_POST['message']) && $_POST['message'] == '')) die_friendly('Sending of message failed', '<p>Please enter a message to send.</p>');
@@ -133,6 +135,7 @@
return;
} elseif($argv[1]=='Send' && isset($_POST['_savedraft'])) {
// Check each POST DATA parameter...
+ csrf_request_confirm();
if(!isset($_POST['to']) || ( isset($_POST['to']) && $_POST['to'] == '')) die_friendly('Sending of message failed', '<p>Please enter the username to which you want to send your message.</p>');
if(!isset($_POST['subject']) || ( isset($_POST['subject']) && $_POST['subject'] == '')) die_friendly('Sending of message failed', '<p>Please enter a subject for your message.</p>');
if(!isset($_POST['message']) || ( isset($_POST['message']) && $_POST['message'] == '')) die_friendly('Sending of message failed', '<p>Please enter a message to send.</p>');
@@ -192,11 +195,12 @@
<br />
<div class="tblholder"><table border="0" width="100%" cellspacing="1" cellpadding="4">
<tr><th colspan="2">Compose new private message</th></tr>
- <tr><td class="row1">To:<br /><small>Separate multiple names with a single comma; you<br />can send this message to up to <b><?php echo (string)MAX_PMS_PER_BATCH; ?></b> users.</small></td><td class="row1"><?php echo $template->username_field('to', (isset($_POST['_savedraft'])) ? $_POST['to'] : $to ); ?></td></tr>
- <tr><td class="row2">Subject:</td><td class="row2"><input name="subject" type="text" size="30" value="<?php if(isset($_POST['_savedraft'])) echo $_POST['subject']; else echo $subj; ?>" /></td></tr>
- <tr><td class="row1">Message:</td><td class="row1" style="min-width: 80%;"><textarea rows="20" cols="40" name="message" style="width: 100%;"><?php if(isset($_POST['_savedraft'])) echo $_POST['message']; else echo $text; ?></textarea></td></tr>
+ <tr><td class="row1">To:<br /><small>Separate multiple names with a single comma; you<br />can send this message to up to <b><?php echo (string)MAX_PMS_PER_BATCH; ?></b> users.</small></td><td class="row1"><?php echo $template->username_field('to', (isset($_POST['_savedraft'])) ? htmlspecialchars($_POST['to']) : $to ); ?></td></tr>
+ <tr><td class="row2">Subject:</td><td class="row2"><input name="subject" type="text" size="30" value="<?php if(isset($_POST['_savedraft'])) echo htmlspecialchars($_POST['subject']); else echo $subj; ?>" /></td></tr>
+ <tr><td class="row1">Message:</td><td class="row1" style="min-width: 80%;"><textarea rows="20" cols="40" name="message" style="width: 100%;"><?php if(isset($_POST['_savedraft'])) echo htmlspecialchars($_POST['message']); else echo $text; ?></textarea></td></tr>
<tr><th colspan="2"><input type="submit" name="_send" value="Send message" /> <input type="submit" name="_savedraft" value="Save as draft" /> <input type="submit" name="_inbox" value="Back to Inbox" /></th></tr>
</table></div>
+ <input type="hidden" name="cstok" value="<?php echo $session->csrf_token; ?>" />
<?php
echo '</form>';
$template->footer();
@@ -214,6 +218,7 @@
if(isset($_POST['_send']))
{
// Check each POST DATA parameter...
+ csrf_request_confirm();
if(!isset($_POST['to']) || ( isset($_POST['to']) && $_POST['to'] == '')) die_friendly('Sending of message failed', '<p>Please enter the username to which you want to send your message.</p>');
if(!isset($_POST['subject']) || ( isset($_POST['subject']) && $_POST['subject'] == '')) die_friendly('Sending of message failed', '<p>Please enter a subject for your message.</p>');
if(!isset($_POST['message']) || ( isset($_POST['message']) && $_POST['message'] == '')) die_friendly('Sending of message failed', '<p>Please enter a message to send.</p>');
@@ -231,6 +236,7 @@
return;
} elseif(isset($_POST['_savedraft'])) {
// Check each POST DATA parameter...
+ csrf_request_confirm();
if(!isset($_POST['to']) || ( isset($_POST['to']) && $_POST['to'] == '')) die_friendly('Sending of message failed', '<p>Please enter the username to which you want to send your message.</p>');
if(!isset($_POST['subject']) || ( isset($_POST['subject']) && $_POST['subject'] == '')) die_friendly('Sending of message failed', '<p>Please enter a subject for your message.</p>');
if(!isset($_POST['message']) || ( isset($_POST['message']) && $_POST['message'] == '')) die_friendly('Sending of message failed', '<p>Please enter a message to send.</p>');
@@ -251,6 +257,7 @@
userprefs_show_menu();
echo '<form action="'.makeUrlNS('Special', 'PrivateMessages/Edit/'.$id).'" method="post">';
?>
+ <input type="hidden" name="cstok" value="<?php echo $session->csrf_token; ?>" />
<br />
<div class="tblholder"><table border="0" width="100%" cellspacing="1" cellpadding="4">
<tr><th colspan="2">Edit draft</th></tr>
@@ -317,6 +324,7 @@
if(!$q) $db->_die('The private message data could not be selected.');
echo '<form action="'.makeUrlNS('Special', 'PrivateMessages/PostHandler').'" method="post"><div class="tblholder"><table border="0" width="100%" cellspacing="1" cellpadding="4"><tr><th colspan="4" style="text-align: left;">Folder: '.$argv[1].'</th></tr><tr><th class="subhead">';
if($fname == 'drafts' || $fname == 'Outbox') echo 'To'; else echo 'From';
+ ?><input type="hidden" name="cstok" value="<?php echo $session->csrf_token; ?>" /><?php
echo '</th><th class="subhead">Subject</th><th class="subhead">Date</th><th class="subhead">Mark</th></tr>';
if($db->numrows() < 1)
echo '<tr><td style="text-align: center;" class="row1" colspan="4">No messages in this folder.</td></tr>';
@@ -351,12 +359,16 @@
$fname = $db->escape(strtolower($_POST['folder']));
if($fname=='drafts' || $fname=='outbox')
{
- $q = $db->sql_query('SELECT p.message_id, p.message_from, p.message_to, p.date, p.subject FROM '.table_prefix.'privmsgs AS p WHERE p.folder_name=\''.$fname.'\' AND p.message_from=\''.$session->username.'\' ORDER BY date DESC;');
+ $fname = $fname == 'outbox' ? 'inbox' : $fname;
+ $readsnip = $fname == 'inbox' ? ' AND message_read = 0' : '';
+ $q = $db->sql_query('SELECT p.message_id, p.message_from, p.message_to, p.date, p.subject FROM '.table_prefix.'privmsgs AS p WHERE p.folder_name=\''.$fname.'\' AND p.message_from=\''.$session->username.'\'' . $readsnip . ' ORDER BY date DESC;');
} else {
$q = $db->sql_query('SELECT p.message_id, p.message_from, p.message_to, p.date, p.subject FROM '.table_prefix.'privmsgs AS p WHERE p.folder_name=\''.$fname.'\' AND p.message_to=\''.$session->username.'\' ORDER BY date DESC;');
}
if(!$q) $db->_die('The private message data could not be selected.');
-
+
+ csrf_request_confirm();
+
if(isset($_POST['archive'])) {
while($row = $db->fetchrow($q))
{
@@ -373,7 +385,7 @@
if(isset($_POST['marked_'.$row['message_id']]))
{
$e = $db->sql_query('DELETE FROM '.table_prefix.'privmsgs WHERE message_id='.$row['message_id'].';');
- if(!$e) $db->_die('Message '.$row['message_id'].' was not successfully moved.');
+ if(!$e) $db->_die('Message '.$row['message_id'].' was not successfully removed.');
$db->free_result();
}
}