From 44e88a7404d8d4cadec307cf32f78e1caa92c09f Mon Sep 17 00:00:00 2001 From: tonghoil Date: Tue, 16 Sep 2025 20:14:51 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=80=99=E9=80=89=E6=8F=90?= =?UTF-8?q?=E9=86=92=E5=88=B0=E7=AE=A1=E7=90=86=E7=BB=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 1. 新增候选提醒到管理组消息 2. 修改发送私信的实现为message::add() --- public/comment.php | 19 ++-- public/fun.php | 32 +++++-- public/modtask.php | 158 +++++++++++++++++++++++++-------- public/mybonus.php | 13 ++- public/offers.php | 71 +++++++++++++-- public/staffbox.php | 10 ++- public/subtitles.php | 8 +- public/takemessage.php | 14 ++- public/takeupload.php | 8 +- public/viewrequests.php | 54 ++++++++--- resources/lang/en/offer.php | 2 + resources/lang/zh_CN/offer.php | 2 + resources/lang/zh_TW/offer.php | 2 + 13 files changed, 309 insertions(+), 84 deletions(-) diff --git a/public/comment.php b/public/comment.php index ebbd0c92..fc5a37b7 100644 --- a/public/comment.php +++ b/public/comment.php @@ -77,19 +77,22 @@ if ($action == "add") if($arg["commentpm"] == 'yes' && $CURUSER['id'] != $arr["owner"]) { - $added = sqlesc(date("Y-m-d H:i:s")); $locale = get_user_locale($arr['owner']); - $subject = sqlesc(nexus_trans("comment.msg_new_comment", [], $locale)); + $subject = nexus_trans("comment.msg_new_comment", [], $locale); if($type == "torrent") - $notifs = sqlesc(nexus_trans("comment.msg_torrent_receive_comment", [], $locale) . " [url=" . get_protocol_prefix() . "$BASEURL/details.php?id=$parent_id] " . $arr['name'] . "[/url]."); + $notifs = nexus_trans("comment.msg_torrent_receive_comment", [], $locale) . " [url=" . get_protocol_prefix() . "$BASEURL/details.php?id=$parent_id] " . $arr['name'] . "[/url]."; if($type == "offer") - $notifs = sqlesc(nexus_trans("comment.msg_torrent_receive_comment", [], $locale) . " [url=" . get_protocol_prefix() . "$BASEURL/offers.php?id=$parent_id&off_details=1] " . $arr['name'] . "[/url]."); + $notifs = nexus_trans("comment.msg_torrent_receive_comment", [], $locale) . " [url=" . get_protocol_prefix() . "$BASEURL/offers.php?id=$parent_id&off_details=1] " . $arr['name'] . "[/url]."; if($type == "request") - $notifs = sqlesc(nexus_trans("comment.msg_torrent_receive_comment", [], $locale). " [url=" . get_protocol_prefix() . "$BASEURL/viewrequests.php?id=$parent_id&req_details=1] " . $arr['name'] . "[/url]."); + $notifs = nexus_trans("comment.msg_torrent_receive_comment", [], $locale). " [url=" . get_protocol_prefix() . "$BASEURL/viewrequests.php?id=$parent_id&req_details=1] " . $arr['name'] . "[/url]."; - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['owner'] . ", $subject, $notifs, $added)") or sqlerr(__FILE__, __LINE__); - $Cache->delete_value('user_'.$arr['owner'].'_unread_message_count'); - $Cache->delete_value('user_'.$arr['owner'].'_inbox_count'); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['owner'], + 'subject' => $subject, + 'added' => now(), + 'msg' => $notifs, + ]); } KPS("+",$addcomment_bonus,$CURUSER["id"]); diff --git a/public/fun.php b/public/fun.php index ec86c410..746b3792 100644 --- a/public/fun.php +++ b/public/fun.php @@ -187,9 +187,14 @@ if ($action == 'ban') $subject = nexus_trans("fun.msg_fun_item_banned", [], $locale); $msg = nexus_trans("fun.msg_your_fun_item", [], $locale).$title.nexus_trans("fun.msg_is_ban_by", [], $locale).$CURUSER['username'].nexus_trans("fun.msg_reason", [], $locale).$banreason; - sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).", ".$arr['userid'].", '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); - $Cache->delete_value('user_'.$arr['userid'].'_unread_message_count'); - $Cache->delete_value('user_'.$arr['userid'].'_inbox_count'); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'subject' => $subject, + 'added' => now(), + 'msg' => $msg, + ]); + write_log("Fun item $id ($title) was banned by {$CURUSER['username']}. Reason: $banreason", 'normal'); stderr($lang_fun['std_success'], $lang_fun['std_fun_item_banned']); } @@ -204,7 +209,15 @@ function funreward($funvote, $totalvote, $title, $posterid, $bonus) $locale = get_user_lang($posterid); $subject = nexus_trans("fun.msg_fun_item_reward", [], $locale); $msg = $funvote.nexus_trans("fun.msg_out_of", [], $locale).$totalvote.nexus_trans("fun.msg_people_think", [], $locale).$title.nexus_trans("fun.msg_is_fun", [], $locale).$bonus.nexus_trans("fun.msg_bonus_as_reward", [], $locale); - $sql = "INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).",". $posterid. ",'" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")"; + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $posterid, + 'subject' => $subject, + 'added' => now(), + 'msg' => $msg, + ]); + sql_query($sql) or sqlerr(__FILE__, __LINE__); $Cache->delete_value('user_'.$posterid.'_unread_message_count'); $Cache->delete_value('user_'.$posterid.'_inbox_count'); @@ -276,10 +289,13 @@ if ($action == 'vote') $locale = get_user_locale($arr['userid']); $subject = nexus_trans("fun.msg_fun_item_dull", [], $locale); $msg = ($totalvote - $funvote).nexus_trans("fun.msg_out_of", [], $locale).$totalvote.nexus_trans("fun.msg_people_think", [], $locale).$arr['title'].nexus_trans("fun.msg_is_dull", [], $locale); - $sql = "INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).",". $arr['userid'].", '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")"; - sql_query($sql) or sqlerr(__FILE__, __LINE__); - $Cache->delete_value('user_'.$arr['userid'].'_unread_message_count'); - $Cache->delete_value('user_'.$arr['userid'].'_inbox_count'); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'subject' => $subject, + 'added' => now(), + 'msg' => $msg, + ]); } } } diff --git a/public/modtask.php b/public/modtask.php index b21e1ac6..6f7348c2 100644 --- a/public/modtask.php +++ b/public/modtask.php @@ -115,18 +115,33 @@ if ($action == "edituser") do_log($modifyLog, "alert"); $userModifyLogs[] = $modifyLog; $locale = get_user_locale($userid); - $subject = sqlesc(nexus_trans("user.msg_email_change", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_email_changed_from", [], $locale).$arr['email'].nexus_trans("user.msg_to_new", [], $locale) . $email .nexus_trans("user.msg_by", [], $locale).$CURUSER['username']); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + $subject = nexus_trans("user.msg_email_change", [], $locale); + $msg = nexus_trans("user.msg_your_email_changed_from", [], $locale).$arr['email'].nexus_trans("user.msg_to_new", [], $locale) . $email .nexus_trans("user.msg_by", [], $locale).$CURUSER['username']; + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } if ($arr['username'] != $username){ $updateset[] = "username = " . sqlesc($username); // $modcomment = date("Y-m-d") . " - Username changed from {$arr['username']} to $username by {$CURUSER['username']}.\n". $modcomment; $userModifyLogs[] = "Username changed from {$arr['username']} to $username by {$CURUSER['username']}"; - $subject = sqlesc(nexus_trans("user.msg_username_change", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_username_changed_from", [], $locale).$arr['username'].nexus_trans("user.msg_to_new", [], $locale) . $username .nexus_trans("user.msg_by", [], $locale).$CURUSER['username']); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + $subject = nexus_trans("user.msg_username_change", [], $locale); + $msg = nexus_trans("user.msg_your_username_changed_from", [], $locale).$arr['username'].nexus_trans("user.msg_to_new", [], $locale) . $username .nexus_trans("user.msg_by", [], $locale).$CURUSER['username']; + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); + $changeLog = [ 'uid' => $arr['id'], 'operator' => $CURUSER['username'], @@ -187,10 +202,18 @@ if ($action == "edituser") $updateset[] = "donoruntil = " . sqlesc($donoruntil); if (($donor != $arr['donor']) && (($donor == 'yes' && $donoruntil && $donoruntil >= date('Y-m-d H:i:s')) || ($donor == 'no'))) { - $subject = sqlesc(nexus_trans("user.msg_your_donor_status_changed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_donor_status_changed_by", [], $locale).$CURUSER['username']); + $subject = nexus_trans("user.msg_your_donor_status_changed", [], $locale); + $msg = nexus_trans("user.msg_donor_status_changed_by", [], $locale).$CURUSER['username']; $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); + // $modcomment = date("Y-m-d") . " - donor status changed by {$CURUSER['username']}. Current donor status: $donor \n". $modcomment; $userModifyLogs[] = "donor status changed by {$CURUSER['username']}. Current donor status: $donor"; } @@ -233,10 +256,18 @@ if ($action == "edituser") $updateset[] = "vip_added = ".sqlesc($vip_added); if ($vip_added == 'yes') $updateset[] = "vip_until = ".sqlesc($vip_until); - $subject = sqlesc(nexus_trans("user.msg_your_vip_status_changed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_vip_status_changed_by", [], $locale).$CURUSER['username']); + $subject = nexus_trans("user.msg_your_vip_status_changed", [], $locale); + $msg = nexus_trans("user.msg_vip_status_changed_by", [], $locale).$CURUSER['username']; $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); + // $modcomment = date("Y-m-d") . " - VIP status changed by {$CURUSER['username']}. VIP added: ".$vip_added.($vip_added == 'yes' ? "; VIP until: ".$vip_until : "").".\n". $modcomment; $userModifyLogs[] = "VIP status changed by {$CURUSER['username']}. VIP added: ".$vip_added.($vip_added == 'yes' ? "; VIP until: ".$vip_until : ""); } @@ -250,12 +281,19 @@ if ($action == "edituser") { // $modcomment = date("Y-m-d") . " - Warning removed by {$CURUSER['username']}.\n". $modcomment; $userModifyLogs[] = "Warning removed by {$CURUSER['username']}"; - $subject = sqlesc(nexus_trans("user.msg_warn_removed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_warning_removed_by", [], $locale) . $CURUSER['username'] . "."); + $subject = nexus_trans("user.msg_warn_removed", [], $locale); + $msg = nexus_trans("user.msg_your_warning_removed_by", [], $locale) . $CURUSER['username'] . "."; } $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + //sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } elseif ($warnlength) { @@ -264,19 +302,27 @@ if ($action == "edituser") // $modcomment = date("Y-m-d") . " - Warned by " . $CURUSER['username'] . ".\nReason: $warnpm.\n". $modcomment; $userModifyLogs[] = "Warned by " . $CURUSER['username'] . ".\nReason: $warnpm."; - $msg = sqlesc(nexus_trans("user.msg_you_are_warned_by", [], $locale).$CURUSER['username']."." . ($warnpm ? nexus_trans("user.msg_reason", [], $locale).$warnpm : "")); + $msg = nexus_trans("user.msg_you_are_warned_by", [], $locale).$CURUSER['username']."." . ($warnpm ? nexus_trans("user.msg_reason", [], $locale).$warnpm : ""); $updateset[] = "warneduntil = null"; }else{ $warneduntil = date("Y-m-d H:i:s",(strtotime(date("Y-m-d H:i:s")) + $warnlength * 604800)); $dur = $warnlength . nexus_trans("user.msg_week", [], $locale) . ($warnlength > 1 ? nexus_trans("user.msg_s", [], $locale) : ""); - $msg = sqlesc(nexus_trans("user.msg_you_are_warned_for", [], $locale).$dur.nexus_trans("user.msg_by", [], $locale) . $CURUSER['username'] . "." . ($warnpm ? nexus_trans("user.msg_reason", [], $locale).$warnpm : "")); + $msg = nexus_trans("user.msg_you_are_warned_for", [], $locale).$dur.nexus_trans("user.msg_by", [], $locale) . $CURUSER['username'] . "." . ($warnpm ? nexus_trans("user.msg_reason", [], $locale).$warnpm : ""); // $modcomment = date("Y-m-d") . " - Warned for $dur by " . $CURUSER['username'] . ".\nReason: $warnpm.\n". $modcomment; $userModifyLogs[] = "Warned for $dur by " . $CURUSER['username'] . ".Reason: $warnpm"; $updateset[] = "warneduntil = '$warneduntil'"; } - $subject = sqlesc(nexus_trans("user.msg_you_are_warned", [], $locale)); + $subject = nexus_trans("user.msg_you_are_warned", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); + $updateset[] = "warned = 'yes', timeswarned = timeswarned+1, lastwarned=$added, warnedby={$CURUSER['id']}"; } //migrate to management @@ -326,19 +372,31 @@ if ($action == "edituser") { // $modcomment = date("Y-m-d") . " - Posting enabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Posting enabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_posting_rights_restored", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_posting_rights_restored", [], $locale). $CURUSER['username'] . nexus_trans("user.msg_you_can_post", [], $locale)); + $subject = nexus_trans("user.msg_posting_rights_restored", [], $locale); + $msg = nexus_trans("user.msg_your_posting_rights_restored", [], $locale). $CURUSER['username'] . nexus_trans("user.msg_you_can_post", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } else { // $modcomment = date("Y-m-d") . " - Posting disabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Posting disabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_posting_rights_removed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_posting_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probable_reason", [], $locale)); + $subject = nexus_trans("user.msg_posting_rights_removed", [], $locale); + $msg = nexus_trans("user.msg_your_posting_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probable_reason", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } } if ($uploadpos != $curuploadpos) @@ -347,19 +405,31 @@ if ($action == "edituser") { // $modcomment = date("Y-m-d") . " - Upload enabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Upload enabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_upload_rights_restored", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_upload_rights_restored", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_you_upload_can_upload", [], $locale)); + $subject = nexus_trans("user.msg_upload_rights_restored", [], $locale); + $msg = nexus_trans("user.msg_your_upload_rights_restored", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_you_upload_can_upload", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } else { // $modcomment = date("Y-m-d") . " - Upload disabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Upload disabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_upload_rights_removed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_upload_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probably_reason_two", [], $locale)); + $subject = nexus_trans("user.msg_upload_rights_removed", [], $locale); + $msg = nexus_trans("user.msg_your_upload_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probably_reason_two", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } } if ($downloadpos != $curdownloadpos) @@ -368,19 +438,33 @@ if ($action == "edituser") { // $modcomment = date("Y-m-d") . " - Download enabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Download enabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_download_rights_restored", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_download_rights_restored", [], $locale). $CURUSER['username'] . nexus_trans("user.msg_you_can_download", [], $locale)); + $subject = nexus_trans("user.msg_download_rights_restored", [], $locale); + $msg = nexus_trans("user.msg_your_download_rights_restored", [], $locale). $CURUSER['username'] . nexus_trans("user.msg_you_can_download", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } else { // $modcomment = date("Y-m-d") . " - Download disabled by " . $CURUSER['username'] . ".\n" . $modcomment; $userModifyLogs[] = "Download disabled by " . $CURUSER['username']; - $subject = sqlesc(nexus_trans("user.msg_download_rights_removed", [], $locale)); - $msg = sqlesc(nexus_trans("user.msg_your_download_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probably_reason_three", [], $locale)); + $subject = nexus_trans("user.msg_download_rights_removed", [], $locale); + $msg = nexus_trans("user.msg_your_download_rights_removed", [], $locale) . $CURUSER['username'] . nexus_trans("user.msg_probably_reason_three", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $userid, + 'subject' => $subject, + 'msg' => $msg, + 'added' => now(), + ]); } } diff --git a/public/mybonus.php b/public/mybonus.php index 11732a97..9dcb9244 100644 --- a/public/mybonus.php +++ b/public/mybonus.php @@ -770,13 +770,20 @@ if ($action == "exchange") { //===send message $locale = get_user_locale($useridgift); - $subject = sqlesc(nexus_trans("bonus.msg_someone_loves_you", [], $locale)); + $subject = nexus_trans("bonus.msg_someone_loves_you", [], $locale); $added = sqlesc(date("Y-m-d H:i:s")); $msg = nexus_trans("bonus.msg_you_have_been_given", [], $locale).$points2.nexus_trans("bonus.msg_after_tax", [], $locale).$points2receiver.nexus_trans("bonus.msg_karma_points_by", [], $locale).$CURUSER['username']; if ($message) + { $msg .= "\n".nexus_trans("bonus.msg_personal_message_from", [], $locale).$CURUSER['username'].nexus_trans("bonus.msg_colon", [], $locale).$message; - $msg = sqlesc($msg); - sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES(0, $subject, $useridgift, $msg, $added)") or sqlerr(__FILE__, __LINE__); + } + \App\Models\Message::add([ + 'sender' => 0, + 'subject' => $subject, + 'added' => now(), + 'msg' => $msg, + 'receiver' => $useridgift, + ]); $usernamegift = unesc($_POST["username"]); nexus_redirect("" . get_protocol_prefix() . "$BASEURL/mybonus.php?do=transfer"); } diff --git a/public/offers.php b/public/offers.php index 02fc6a54..8c04677c 100644 --- a/public/offers.php +++ b/public/offers.php @@ -108,6 +108,17 @@ if (isset($_GET['new_offer']) && $_GET["new_offer"]){ } $id = mysql_insert_id(); + // add new offer message to staffmessage + \App\Models\StaffMessage::query()->insert([ + 'sender' => $CURUSER['id'], + 'subject' => nexus_trans('offer.msg_new_offer_subject'), + 'msg' => nexus_trans('offer.msg_new_offer_msg', [ + 'username' => "[url=userdetails.php?id={$CURUSER['id']}]{$CURUSER['username']}[/url]", + 'offername' => "[url=offers.php?id={$id}&off_details=1]{$name}[/url]"]), + 'added' => now(), + ]); + clear_staff_message_cache(); + write_log("offer $name was added by ".$CURUSER['username'],'normal'); header("Location: offers.php?id=$id&off_details=1"); @@ -258,7 +269,16 @@ if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) { $subject = nexus_trans("offer.msg_your_offer_allowed", [], $locale); $allowedtime = date("Y-m-d H:i:s"); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, '" . $allowedtime . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + //sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, '" . $allowedtime . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'msg' => $msg, + 'subject' => $subject, + 'added' => $allowedtime, + ]); + sql_query ("UPDATE offers SET allowed = 'allowed', allowedtime = '".$allowedtime."' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); write_log("{$CURUSER['username']} allowed offer {$arr['name']}",'normal'); @@ -309,7 +329,15 @@ if (isset($_GET["finish_offer"]) && $_GET["finish_offer"]) { } //===use this line if you DO HAVE subject in your PM system $subject = nexus_trans("offer.msg_your_offer", [], $locale).$arr['name'].nexus_trans("offer.msg_voted_on", [], $locale); - sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).", {$arr['userid']}, '" . $finishvotetime . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'subject' => $subject, + 'receiver' => $arr['userid'], + 'added' => $finishvotetime, + 'msg' => $msg, + ]); + //===use this line if you DO NOT subject in your PM system //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES(0, $arr['userid'], '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); write_log("{$CURUSER['username']} closed poll {$arr['name']}",'normal'); @@ -502,7 +530,15 @@ if (isset($_GET["vote"]) && $_GET["vote"]){ sql_query("UPDATE offers SET allowed='allowed', allowedtime=".sqlesc($finishtime)." WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $msg = nexus_trans("offer.msg_offer_voted_on", [], $locale)."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offerid&off_details=1]" . $arr['name'] . "[/url][/b].". nexus_trans("offer.msg_find_offer_option", [], $locale).$timeoutnote; $subject = nexus_trans("offer.msg_your_offer_allowed", [], $locale); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'msg' => $msg, + 'subject' => $subject, + 'added' => now(), + ]); + write_log("System allowed offer {$arr['name']}",'normal'); } //denied and send offer voted off message @@ -511,7 +547,17 @@ if (isset($_GET["vote"]) && $_GET["vote"]){ sql_query("UPDATE offers SET allowed='denied' WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); $msg = nexus_trans("offer.msg_offer_voted_off", [], $locale)."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].".nexus_trans("offer.msg_offer_deleted", [], $locale) ; $subject = nexus_trans("offer.msg_offer_deleted", [], $locale); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'msg' => $msg, + 'subject' => $subject, + 'added' => now(), + ]); + + + write_log("System denied offer {$arr['name']}",'normal'); } @@ -576,11 +622,18 @@ if (isset($_GET["del_offer"]) && $_GET["del_offer"]){ if ($CURUSER["id"] != $num["userid"]) { - $added = sqlesc(date("Y-m-d H:i:s")); + $added = date("Y-m-d H:i:s"); $locale = get_user_locale($num["userid"]); - $subject = sqlesc(nexus_trans("offer.msg_offer_deleted", [], $locale)); - $msg = sqlesc(nexus_trans("offer.msg_your_offer", [], $locale).$num['name'].nexus_trans("offer.msg_was_deleted_by", [], $locale). "[url=userdetails.php?id=".$CURUSER['id']."]".$CURUSER['username']."[/url]".nexus_trans("offer.msg_blank", [], $locale).($reason != "" ? nexus_trans("offer.msg_reason_is", [], $locale).$reason : "")); - sql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, {$num['userid']}, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__); + $subject = nexus_trans("offer.msg_offer_deleted", [], $locale); + $msg = nexus_trans("offer.msg_your_offer", [], $locale).$num['name'].nexus_trans("offer.msg_was_deleted_by", [], $locale). "[url=userdetails.php?id=".$CURUSER['id']."]".$CURUSER['username']."[/url]".nexus_trans("offer.msg_blank", [], $locale).($reason != "" ? nexus_trans("offer.msg_reason_is", [], $locale).$reason : ""); + + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $num['userid'], + 'msg' => $msg, + 'subject' => $subject, + 'added' => now(), + ]); } write_log("Offer: $offer ({$num['name']}) was deleted by {$CURUSER['username']}".($reason != "" ? " (".$reason.")" : ""),'normal'); header("Location: offers.php"); @@ -714,7 +767,7 @@ if ($offeruptimeout_main) print("
  • ".$lang_offers['text_rule_four_one']."".($offeruptimeout_main / 3600)."".$lang_offers['text_rule_four_two']."
    • \n"); print(""); if (user_can('addoffer')) -print("
    ". +print("
    ". "".$lang_offers['text_add_offer']."
    "); print("
    ".$lang_offers['text_search_offers']."    "); $cats = genrelist($browsecatmode); diff --git a/public/staffbox.php b/public/staffbox.php index e5f1196d..ca14aa53 100644 --- a/public/staffbox.php +++ b/public/staffbox.php @@ -194,7 +194,15 @@ if ($action == "takeanswer") { can_access_staff_message($answeringto); -sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES($userid, $receiver, $added, $message)") or sqlerr(__FILE__, __LINE__); +$subject = \App\Models\StaffMessage::query()->findOrFail($answeringto)->toArray()['subject']; + +\App\Models\Message::add([ + 'sender' => $userid, + 'receiver' => $receiver, + 'subject' => $subject, + 'added' => now(), + 'msg' => $msg, +]); sql_query("UPDATE staffmessages SET answer=$message, answered='1', answeredby='$userid' WHERE id=$answeringto") or sqlerr(__FILE__, __LINE__); $Cache->delete_value('staff_new_message_count'); diff --git a/public/subtitles.php b/public/subtitles.php index aac809ce..7b09a8e8 100644 --- a/public/subtitles.php +++ b/public/subtitles.php @@ -226,7 +226,13 @@ if (user_can('delownsub')) $msg = $CURUSER['username'].nexus_trans("subtitle.msg_deleted_your_sub", [], $locale). $a['title'].($reason != "" ? nexus_trans("subtitle.msg_reason_is", [], $locale).$reason : ""); $subject = nexus_trans("subtitle.msg_your_sub_deleted", [], $locale); $time = date("Y-m-d H:i:s"); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, $a[uppedby], '" . $time . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $a['uppedby'], + 'added' => now(), + 'msg' => $msg, + 'subject' => $subject, + ]); } $res = sql_query("SELECT lang_name from language WHERE sub_lang=1 AND id = " . sqlesc($a["lang_id"])) or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_assoc($res); diff --git a/public/takemessage.php b/public/takemessage.php index d6726d7f..396b41a2 100644 --- a/public/takemessage.php +++ b/public/takemessage.php @@ -87,9 +87,17 @@ if ($_SERVER["REQUEST_METHOD"] != "POST") } $subject = trim($_POST['subject']); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject, saved, location) VALUES(" . sqlesc($CURUSER["id"]) . ", ".sqlesc($receiver).", '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ", " . sqlesc($subject) . ", " . sqlesc($save) . ", 1)") or sqlerr(__FILE__, __LINE__); - $Cache->delete_value('user_'.$receiver.'_unread_message_count'); - $Cache->delete_value('user_'.$receiver.'_inbox_count'); + + \App\Models\Message::add([ + 'sender' => $CURUSER["id"], + 'receiver' => $receiver, + 'msg' => $msg, + 'subject' => $subject, + 'added' => now(), + 'saved' => $save, + 'location' => 1, + ]); + $Cache->delete_value('user_'.$CURUSER["id"].'_outbox_count'); $msgid=mysql_insert_id(); diff --git a/public/takeupload.php b/public/takeupload.php index 3e74dbe2..87591db5 100644 --- a/public/takeupload.php +++ b/public/takeupload.php @@ -481,7 +481,13 @@ if ($is_offer) //$some_variable .= "(0, $row[userid], '" . date("Y-m-d H:i:s") . "', " . sqlesc($pn_msg) . ")"; //=== use this if you DO have subject in your PMs - sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES (0, ".sqlesc($subject).", {$row['userid']}, ".sqlesc(date("Y-m-d H:i:s")).", " . sqlesc($pn_msg) . ")") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'subject' => $subject, + 'receiver' => $row['userid'], + 'added' => now(), + 'msg' => $pn_msg, + ]); //=== use this if you do NOT have subject in your PMs //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES ".$some_variable."") or sqlerr(__FILE__, __LINE__); //===end diff --git a/public/viewrequests.php b/public/viewrequests.php index 705b7550..9984dcad 100644 --- a/public/viewrequests.php +++ b/public/viewrequests.php @@ -358,10 +358,16 @@ else { $added = sqlesc(date("Y-m-d H:i:s")); - $subject = sqlesc($lang_viewrequests['message_please_confirm_supply']); - $notifs = sqlesc("{$lang_viewrequests['request_name']}:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url],{$lang_viewrequests['please_confirm_supply']}."); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['userid'] . ", $subject, $notifs, $added)") or sqlerr(__FILE__, __LINE__); + $subject = $lang_viewrequests['message_please_confirm_supply']; + $notifs = "{$lang_viewrequests['request_name']}:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url],{$lang_viewrequests['please_confirm_supply']}."; + App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'subject' => $subject, + 'msg' => $notifs, + 'added' => now(), + ]); stderr($lang_functions['std_success'], "{$lang_viewrequests['supply_success']},{$lang_functions['std_click_here_to_goback']}", 0); die; @@ -424,11 +430,16 @@ else { while ($row = mysql_fetch_array($res)) { $owner[] = $row[0]; - $added = sqlesc(date("Y-m-d H:i:s")); - $subject = sqlesc($lang_viewrequests['torrent_is_picked_for_request']); - $notifs = sqlesc("{$lang_viewrequests['request_name']}:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url].{$lang_functions['std_you_will_get']}: $amount {$lang_functions['text_bonus']}"); - sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $row[0] . ", $subject, $notifs, $added)") or sqlerr(__FILE__, __LINE__); - + $added = now(); + $subject = $lang_viewrequests['torrent_is_picked_for_request']; + $notifs = "{$lang_viewrequests['request_name']}:[url=viewrequests.php?id=$arr[id]] " . $arr['request'] . "[/url].{$lang_functions['std_you_will_get']}: $amount {$lang_functions['text_bonus']}"; + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $row[0], + 'added' => now(), + 'msg' => $notifs, + 'subject' => $subject, + ]); } sql_query("UPDATE users SET seedbonus = seedbonus + $amount WHERE id = '" . join("' OR id = '", $owner) . "'") or sqlerr(__FILE__, __LINE__); stderr($lang_functions['std_success'], "{$lang_viewrequests['confirm_request_success']},{$lang_functions['std_click_here_to_goback']}", 0); @@ -452,12 +463,29 @@ else { //sql_query("INSERT reqcommen (user , added ,text ,reqid) VALUES ( '".$CURUSER["id"]."' , ".sqlesc(date("Y-m-d H:i:s"))." , ".sqlesc($_POST["message"])." , '".$_POST["id"]."' )"); sql_query("INSERT INTO comments (user, request, added, text, ori_text) VALUES (" . $CURUSER["id"] . ",{$_POST['id']}, '" . date("Y-m-d H:i:s") . "', " . sqlesc($_POST["message"]) . "," . sqlesc($_POST["message"]) . ")"); - - if ($CURUSER["id"] <> $arr['userid']) sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['userid'] . ", '{$lang_viewrequests['request_get_new_reply']}', " . sqlesc(" [url=viewrequests.php?action=view&id={$_POST['id']}] " . $arr['request'] . "[/url].") . ", " . sqlesc(date("Y-m-d H:i:s")) . ")") or sqlerr(__FILE__, __LINE__); - + $id = (int) ($_POST['id'] ?? 0); + if ($CURUSER["id"] <> $arr['userid']) + { + //sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $arr['userid'] . ", '{$lang_viewrequests['request_get_new_reply']}', " . sqlesc(" [url=viewrequests.php?action=view&id={$_POST['id']}] " . $arr['request'] . "[/url].") . ", " . sqlesc(date("Y-m-d H:i:s")) . ")") or sqlerr(__FILE__, __LINE__); + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $arr['userid'], + 'subject' => $lang_viewrequests['request_get_new_reply'], + 'msg' => " [url=viewrequests.php?action=view&id={$id}] " . $arr['request'] . "[/url]", + 'added' => now(), + ]); + } $ruserid = 0 + $_POST["ruserid"]; - if ($ruserid <> $CURUSER["id"] && $ruserid <> $arr['userid']) sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, " . $ruserid . ", '{$lang_viewrequests['request_comment_get_new_reply']}', " . sqlesc(" [url=viewrequests.php?action=view&id={$_POST['id']}] " . $arr['request'] . "[/url].") . ", " . sqlesc(date("Y-m-d H:i:s")) . ")") or sqlerr(__FILE__, __LINE__); - + if ($ruserid <> $CURUSER["id"] && $ruserid <> $arr['userid']) + { + \App\Models\Message::add([ + 'sender' => 0, + 'receiver' => $ruserid, + 'subject' => $lang_viewrequests['request_comment_get_new_reply'], + 'msg' => " [url=viewrequests.php?action=view&id={$id}] " . $arr['request'] . "[/url]", + 'added' => now(), + ]); + } header("Location: viewrequests.php?action=view&id=" . $_POST['id']); } } diff --git a/resources/lang/en/offer.php b/resources/lang/en/offer.php index 615afc32..ea511d19 100644 --- a/resources/lang/en/offer.php +++ b/resources/lang/en/offer.php @@ -14,4 +14,6 @@ return [ 'msg_you_must_upload_in' => "Please upload the offer within ", 'msg_hours_otherwise' => " hours. Otherwise the offer would be deleted.", 'msg_reason_is' => "The reason: ", + 'msg_new_offer_subject' => "A new offer has been added", + 'msg_new_offer_msg' => "User :username has added a new offer :offername", ]; diff --git a/resources/lang/zh_CN/offer.php b/resources/lang/zh_CN/offer.php index b1b75473..68259ace 100644 --- a/resources/lang/zh_CN/offer.php +++ b/resources/lang/zh_CN/offer.php @@ -14,4 +14,6 @@ return [ 'msg_you_must_upload_in' => "请在", 'msg_hours_otherwise' => "小时内上传通过候选的内容。否则该候选将被删除。", 'msg_reason_is' => "原因:", + 'msg_new_offer_subject' => "有新的候选被添加", + 'msg_new_offer_msg' => "用户 :username 添加了新的候选 :offername", ]; diff --git a/resources/lang/zh_TW/offer.php b/resources/lang/zh_TW/offer.php index e5cce68b..37b61276 100644 --- a/resources/lang/zh_TW/offer.php +++ b/resources/lang/zh_TW/offer.php @@ -14,4 +14,6 @@ return [ 'msg_you_must_upload_in' => "請在", 'msg_hours_otherwise' => "小時內上傳通過候選的內容。否則該候選將被刪除。", 'msg_reason_is' => "原因:", + 'msg_new_offer_subject' => "有新的候選被添加", + 'msg_new_offer_msg' => "用戶 :username 添加了新的候選 :offername", ];