' . $hesklang['inbox'] . ''; $hesk_settings['mailtmp']['outbox'] = '' . $hesklang['outbox'] . ''; $hesk_settings['mailtmp']['new'] = '' . $hesklang['m_new'] . ''; /* Get action */ if ($action = hesk_REQUEST('a')) { if (defined('HESK_DEMO') && $action != 'new' && $action != 'read') { hesk_process_messages($hesklang['ddemo'], 'mail.php', 'NOTICE'); } } /* Sub-page specific settings */ $inbox_active = ''; $outbox_active = ''; $new_active = ''; if (isset($_GET['folder']) && hesk_GET('folder') == 'outbox') { $outbox_active = ' class="active"'; $hesk_settings['mailtmp']['this'] = 'from'; $hesk_settings['mailtmp']['other'] = 'to'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to']; $hesk_settings['mailtmp']['folder'] = 'outbox'; } elseif ($action == 'new') { $new_active = ' class="active"'; $_SESSION['hide']['list'] = 1; /* Do we have a recipient selected? */ if (!isset($_SESSION['mail']['to']) && isset($_GET['id'])) { $_SESSION['mail']['to'] = intval(hesk_GET('id')); } } else { $inbox_active = ' class="active"'; $hesk_settings['mailtmp']['this'] = 'to'; $hesk_settings['mailtmp']['other'] = 'from'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_from']; if ($action != 'read') { $hesk_settings['mailtmp']['folder'] = ''; } } /* What should we do? */ switch ($action) { case 'send': mail_send(); break; case 'mark_read': mail_mark_read(); break; case 'mark_unread': mail_mark_unread(); break; case 'delete': mail_delete(); break; } /* Print header */ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); /* Print main manage users page */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>

' . $hesklang['m_rec'] . ''; } elseif ($_SESSION['mail']['to'] == $_SESSION['id']) { $hesk_error_buffer .= '

' . $hesklang['m_inr'] . '

'; } else { $res = hesk_dbQuery("SELECT `name`,`email`,`notify_pm` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id`='" . intval($_SESSION['mail']['to']) . "' LIMIT 1"); $num = hesk_dbNumRows($res); if (!$num) { $hesk_error_buffer .= '

' . $hesklang['m_inr'] . '

'; } else { $pm_recipient = hesk_dbFetchAssoc($res); } } /* Subject */ $_SESSION['mail']['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer .= '

' . $hesklang['m_esu'] . '

'; /* Message */ $_SESSION['mail']['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer .= '

' . $hesklang['enter_message'] . '

'; // Attach signature to the message? if (!empty($_POST['signature'])) { $_SESSION['mail']['message'] .= "\n\n" . addslashes($_SESSION['signature']) . "\n"; } /* Any errors? */ if (strlen($hesk_error_buffer)) { $_SESSION['hide']['list'] = 1; $hesk_error_buffer = $hesklang['rfm'] . '

' . $hesk_error_buffer . ''; hesk_process_messages($hesk_error_buffer, 'NOREDIRECT'); } else { $_SESSION['mail']['message'] = hesk_makeURL($_SESSION['mail']['message']); $_SESSION['mail']['message'] = nl2br($_SESSION['mail']['message']); hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`from`,`to`,`subject`,`message`,`dt`,`read`) VALUES ('" . intval($_SESSION['id']) . "','" . intval($_SESSION['mail']['to']) . "','" . hesk_dbEscape($_SESSION['mail']['subject']) . "','" . hesk_dbEscape($_SESSION['mail']['message']) . "',NOW(),'0')"); /* Notify receiver via e-mail? */ if (isset($pm_recipient) && $pm_recipient['notify_pm']) { $pm_id = hesk_dbInsertID(); $pm = array( 'name' => hesk_msgToPlain(addslashes($_SESSION['name']), 1, 1), 'subject' => hesk_msgToPlain($_SESSION['mail']['subject'], 1, 1), 'message' => hesk_msgToPlain($_SESSION['mail']['message'], 1, 1), 'id' => $pm_id, ); /* Format email subject and message for recipient */ $subject = hesk_getEmailSubject('new_pm', $pm, 0); $message = hesk_getEmailMessage('new_pm', $pm, $modsForHesk_settings, 1, 0); $htmlMessage = hesk_getHtmlMessage('new_pm', $pm, $modsForHesk_settings, 1, 0); $hasMessage = hesk_doesTemplateHaveTag('new_pm', '%%MESSAGE%%', $modsForHesk_settings); /* Send e-mail */ hesk_mail($pm_recipient['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, array(), array(), $hasMessage); } unset($_SESSION['mail']); hesk_process_messages($hesklang['m_pms'], './mail.php', 'SUCCESS'); } } // END mail_send() function show_message() { global $hesk_settings, $hesklang, $admins; $id = intval( hesk_GET('id') ); /* Get the message details */ $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` WHERE `id`='".intval($id)."' AND `deletedby`!='".intval($_SESSION['id'])."' LIMIT 1"); $num = hesk_dbNumRows($res); if ($num) { $pm = hesk_dbFetchAssoc($res); /* Allowed to read the message? */ if ($pm['to'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['from']; } } elseif ($pm['from'] == $_SESSION['id']) { if (!isset($_SESSION['mail']['subject'])) { $_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject']; } if (!isset($_SESSION['mail']['to'])) { $_SESSION['mail']['to'] = $pm['to']; } $hesk_settings['mailtmp']['this'] = 'from'; $hesk_settings['mailtmp']['other'] = 'to'; $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to']; $hesk_settings['mailtmp']['outbox'] = ''.$hesklang['outbox'].''; $hesk_settings['mailtmp']['inbox'] = ''.$hesklang['inbox'].''; $hesk_settings['mailtmp']['outbox'] = ''.$hesklang['outbox'].''; } else { hesk_process_message($hesklang['m_ena'],'mail.php'); } /* Mark as read */ if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` SET `read`='1' WHERE `id`='".intval($id)."'"); } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? ''.$admins[$pm[$hesk_settings['mailtmp']['other']]].'' : (($pm['from'] == 9999) ? 'HESK.com' : $hesklang['e_udel']); $pm['dt'] = hesk_dateToString($pm['dt'],0,1,0,true); ?>

'.$hesklang['mau'].' '; $folder = ''; } echo ' '.$hesklang['delm'].''; ?>

1) ? $tmp : 1; /* List of private messages */ $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "'"); $total = hesk_dbResult($res, 0, 0); if ($total > 0) { $pages = ceil($total / $maxresults) or $pages = 1; if ($page > $pages) { $page = $pages; } $limit_down = ($page * $maxresults) - $maxresults; $prev_page = ($page - 1 <= 0) ? 0 : $page - 1; $next_page = ($page + 1 > $pages) ? 0 : $page + 1; if ($pages > 1) { echo $hesklang['pg'] . ': '; /* List pages */ if ($pages >= 7) { if ($page > 2) { echo '« '; } if ($prev_page) { echo '‹ '; } } for ($i = 1; $i <= $pages; $i++) { if ($i <= ($page + 5) && $i >= ($page - 5)) { if ($i == $page) { echo ' ' . $i . ' '; } else { echo ' ' . $i . ' '; } } } if ($pages >= 7) { if ($next_page) { echo ' › '; } if ($page < ($pages - 1)) { echo ' »'; } } echo '
'; } // end PAGES > 1 // Get messages from the database $res = hesk_dbQuery("SELECT `id`, `from`, `to`, `subject`, `dt`, `read` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' ORDER BY `id` DESC LIMIT " . intval($limit_down) . " , " . intval($maxresults) . " "); ?>

' . $pm['subject'] . ''; if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) { $pm['subject'] = '' . $pm['subject'] . ''; } $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '' : (($pm['from'] == 9999) ? 'HESK.com' : $hesklang['e_udel']); $pm['dt'] = hesk_dateToString($pm['dt'], 0, 0, 0, true) ?>

0 else { echo '' . $hesklang['npm'] . '

'; } } // END mail_list_messages() function show_new_form() { global $hesk_settings, $hesklang, $admins; ?>

data-error="" required>

()