<?php
/**
 * This file is part of
 * pragmaMx - Web Content Management System.
 * Copyright by pragmaMx Developer Team - http://www.pragmamx.org
 *
 * pragmaMx is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * $Revision: 1.21.2.5 $
 * $Author: tora60 $
 * $Date: 2008/01/23 12:02:07 $
 *
 * this file based on:
 * php-nuke Web Portal System - http://phpnuke.org/
 * Thatware - http://thatware.org/
 * Part of phpBB integration
 * Copyright (c) 2001 by
 * Richard Tirtadji AKA King Richard (rtirtadji@hotmail.com)
 * Hutdik Hermawan AKA hotFix (hutdik76@hotmail.com)
 * http://www.phpnuke.web.id
 */
defined('mxMainFileLoaded') or die('access denied');
$module_name = basename(dirname(__FILE__));

// Link verwendet in Sprachdateien
if (!defined("_PMSBBCODELINK")) define("_PMSBBCODELINK","<a href=\"#\" onClick=\"window.open('modules.php?name=" . $module_name . "&file=bbcode','pmbbcode','left=10, top=10, width=640,height=480,toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=1,resizable=1,copyhistory=0'); return false;\">");

$page = (isset($_GET['page'])) ? (int)$_GET['page'] : 1;
define('MX_ML_IMAGEPATH', 'modules/' . $module_name . '/images/');


//PM per E-Mail sichern
function msgsichern($uid)
{
	global $prefix, $user_prefix, $module_name, $url_smiles, $subjectdefaulticon, $url_images, $url_button;
	global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2, $popupwidth,$poptableborder;
	$uid = (int)$uid;
	$kopf = "". _HELLO . ",\n" . _PMEMAIL . MX_BASE_URL . "\n". _YOURMAILPMS . "\n" . _HPMS . ":\n\n";
        $linie1 ="--------------------------------------------------------------------------------------------------------------------";
        $linie2 ="************************************************************************************************";
	$nachricht =$kopf;
	$qry="SELECT subject, from_userid, msg_time, msg_text FROM ${prefix}_priv_msgs WHERE to_userid=".$uid." order by msg_time desc";
		$result = sql_query($qry);
		while (list($subject, $from_userid, $msg_time, $msg_text) = sql_fetch_row($result)) {
		$qry2="SELECT * FROM ${user_prefix}_users WHERE uid=".$from_userid."";
		$result2 = sql_query($qry2);
		$row = sql_fetch_array($result2);
		$absender=$row["uname"];
		$nachricht .="$linie2\n";
		$nachricht .=" ". _TOPMS ." $msg_time " . _SPMS ." $absender:\n";
		$nachricht .="$linie1\n";
		$nachricht .=" $msg_text\n";

	}
	$nachricht .="$linie2\n";
	$nachricht .="\n\n\n" . _AOPMS . ":\n\n\n";

	$qry4="SELECT subject, to_userid, msg_time, msg_text FROM ${prefix}_priv_msgs_send WHERE from_userid=".$uid."  order by msg_time desc";
		$result4 = sql_query($qry4);
		while (list($subject, $to_userid, $msg_time, $msg_text) = sql_fetch_row($result4)) {
		$qry5="SELECT * FROM ${user_prefix}_users WHERE uid=".$to_userid."";
		$result5 = sql_query($qry5);
		$row5 = sql_fetch_array($result5);
		$empfang=$row5["uname"];
		$nachricht .="$linie2\n";
		$nachricht .=" ". _TOPMS ." $msg_time " . _ANPMS ." $empfang:\n";
		$nachricht .="$linie1\n";
		$nachricht .=" $msg_text\n";
	}

		$nachricht .="$linie2\n";
		$nachricht .="\n\n" . _MFGPMS . "\n " . _PMSBOX;
		$qry3="SELECT * FROM ${user_prefix}_users WHERE uid=".$uid."";
		$result3 = sql_query($qry3);
		$row2 = sql_fetch_array($result3);
		$email=$row2["email"];
		$absend=$row2["uname"];
mxmail($email, _PMSSI, $nachricht, $email, "", "", $absend);

messagesheader($uid);
OpenTable();
echo '<center><b>' . _YOURPMS . '</b></center>';
echo "<div style=\"float:right;\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a></div> ";
CloseTable();
}
//PM per E-Mail sichern ende

function msgindex($uid)
{
    global $prefix, $user_prefix, $module_name, $url_smiles, $url_icons, $subjectdefaulticon, $url_images, $url_button, $page, $pagesize;
    global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2, $popupwidth, $poptableborder;
    $uid = (int)$uid;
$count = "SELECT COUNT(to_userid) AS total FROM ${prefix}_priv_msgs ";
$select = "SELECT ${prefix}_priv_msgs.*, UNIX_TIMESTAMP(msg_time) as msgtimestamp, ${user_prefix}_users.uname as fromname "
        . "FROM ${prefix}_priv_msgs LEFT JOIN ${user_prefix}_users ON ${prefix}_priv_msgs.from_userid = ${user_prefix}_users.uid ";
$min = $pagesize * ($page - 1); // This is where we start our record set from
$max = $pagesize; // This is how many rows to select
$where = "where to_userid = $uid ";
$sort = "order by msg_time"; //sorty by .....
$limit = " DESC LIMIT " . $min . ", " . $max; // we only want rows $min  to $max
$count_result = sql_query($count . $where);
list($num_rows_per_order) = sql_fetch_row($count_result);
$result = sql_query($select . $where . $sort . $limit); # or die(); // Now lets do it !!
	if (!$result) {
        prvmsgerror(_ERRMSGDATABASE, $uid);
    }
    if (!$total_messages = sql_num_rows($result)) {
        $havemessages = 0;
    } else {
        $havemessages = 1;
        printOverlibDiv();
        $pm_overlib = new Overlib();
        echo '
<script language="JavaScript" src="modules/' . $module_name . '/javascript.js" type="text/javascript"></script>
';
    }
    $count = 0;
    echo "<form name=\"prvmsg\" method=\"post\" action=\"modules.php?name=" . $module_name . "\">\n";
    echo "<input type=\"hidden\" name=\"name\" value=\"" . $module_name . "\">\n";
    messagesheader($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\"100%\" bgcolor=\"$bgcolor2\">\n";
    if (!$havemessages) {
        echo "<tr bgcolor=\"$bgcolor3\">\n\t<td colspan=\"6\" align=\"center\"><br><br><br><b>" . _PMSDONTHAVESOME . "</b><br><br><br></td>\n</tr>\n";
    } else {
    echo "<tr bgcolor=\"$bgcolor2\">\n"
    . "\t<td colspan=\"5\" bgcolor=\"$bgcolor2\" align=\"left\"><font class=\"content\"><b>&nbsp;&nbsp;" . _EMPFPMS      . "</b><br><br>\n"
    . "</td></tr>\n";
        echo "<tr bgcolor=\"$bgcolor2\">\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\"><input name=\"allbox\" onclick=\"CheckAll();\" type=\"checkbox\" value=\"" . _PMSCHECKALL . "\" style=\"background-color: transparent;\"></td>\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\"><img src=\"$url_images/down.gif\" border=\"0\" alt=\"" . _PMSMSGSTATUS . "\"></td>\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;</td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _PMSFROM . "</b></font></td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _PMSSUBJECT . "</b></font></td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _PMSDATE . "</b></font></td>\n"
         . "</tr>\n";
        while ($row = sql_fetch_array($result)) {
            if (empty($row["msg_image"])) $row["msg_image"] = $subjectdefaulticon;
            if (empty($row["fromname"])) $row["fromname"] = "";
            $postedtime = mx_strftime(_PMSTIMESTRING, $row["msgtimestamp"]);
            $row["subject"] = strip_tags($row["subject"]);
            $row["subject"] = msg_smile($row["subject"]);

            $row["msg_text"] = strip_tags($row["msg_text"], "<img><br><hr><b><i>");
            // $row["msg_text"] = str_replace(array('&#41;','&#124;'),array(')','|'),$row["msg_text"]); /// macht mxSecureValue() rückgängig
            $row["msg_text"] = pmPrepDisplay($row["msg_text"]);

            $pm_overlib->ol_capicon = $url_icons . "/" . $row["msg_image"];
            $pm_overlib->ol_delay = 200;
            $pm_overlib->ol_hauto = "True";
            $pm_overlib->ol_vauto = "True";
            $myover = $pm_overlib->vover(pmValueToText($row["msg_text"]), pmValueToText($row["subject"]));
            echo "<tr>\t<td bgcolor=\"$bgcolor1\" width=\"2%\" align=\"center\"><input type=\"checkbox\" onclick=\"CheckCheckAll();\" name=\"msg_id[$count]\" value=\"" . (int)$row["msg_id"] . "\" style=\"background-color: transparent;\">";
            echo "</td>\n";
            echo "\t<td width=\"5%\" align=\"center\" bgcolor=\"$bgcolor1\">";
            if ($row["read_msg"] == 1) {
                echo "&nbsp;";
            } else {
                echo "<img src=\"$url_images/read.gif\" border=\"0\" alt=\"" . _PMSNOTREAD . "\">";
            }
            echo "</td>\n";
            echo "\t<td bgcolor=\"$bgcolor3\" width=\"5%\" align=\"center\"><a href=\"modules.php?name=$module_name&amp;op=read&amp;id=" . $row["msg_id"] . "\"><img src=\"" . $url_icons . "/" . $row["msg_image"] . "\" border=\"0\"></a></td>\n";
            echo "\t<td bgcolor=\"$bgcolor1\" width=\"10%\"><font class=\"content\" color=\"$textcolor2\">&nbsp;<a href='modules.php?name=Userinfo&amp;uname=" . $row["fromname"] . "'>" . $row["fromname"] . "</a>&nbsp;</font></td>\n";
            echo "\t<td bgcolor=\"$bgcolor3\">&nbsp;<a href=\"modules.php?name=$module_name&amp;op=read&amp;id=" . $row["msg_id"] . "\"" . $myover . "><font class=\"tiny\" color=\"$textcolor2\">" . $row["subject"] . "</font></a></td>\n";
            echo "\t<td bgcolor=\"$bgcolor1\" align=\"center\" width=\"18%\"><font class=\"tiny\" color=\"$textcolor2\">$postedtime</font></td>\n";
            echo "</tr>\n";
            $count++;
        }
    }
//page
echo "<tr bgcolor=\"$bgcolor2\">\n\t<td colspan=\"6\"><center><table>";
    if ($num_rows_per_order > $pagesize) {
        $total_pages = ceil($num_rows_per_order / $pagesize); // How many pages are we dealing with here ??
        $prev_page = $page - 1;

        if ($prev_page > 0) {
            echo "<td align='left' width='15%'><a href='modules.php?name=" . $module_name . "&amp;page=$prev_page'>";
            echo mxCreateImage(MX_ML_IMAGEPATH . 'left.gif', _PREVIOUS . " (" . $prev_page . ")");
            echo "</a></td>";
        } else {
            echo "<td width='15%'>&nbsp;</td>\n";
        }

        echo "<td align='center' width='70%'>";
        echo "<font class=tiny>$num_rows_per_order " . " ($total_pages " . _PAGES . ")</font>";
        echo "</td>";

        $next_page = $page + 1;
        if ($next_page <= $total_pages) {
            echo "<td align='right' width='15%'><a href='modules.php?name=" . $module_name . "&amp;page=$next_page'>";
            echo mxCreateImage(MX_ML_IMAGEPATH . 'right.gif', _NEXTPAGE . " (" . $next_page . ")");
            echo "</a></td>";
        } else {
            echo "<td width='15%'>&nbsp;</td></tr>\n";
        }
        /* Added a numbered page list, only shows up to 50 pages. */

        echo "<tr><td colspan=\"3\" align=\"center\">";
        echo " <font class=tiny>[ </font>";

        for($n = 1; $n < $total_pages; $n++) {
            if ($n == $page) {
                echo "<font class=tiny><b>$n</b></font></a>";
            } else {
                echo "<a href='modules.php?name=" . $module_name . "&amp;page=$n'>";
                echo "<font class=tiny>$n</font></a>";
            }
            if ($n >= 50) { // if more than 50 pages are required, break it at 50.
                $break = true;
                break;
            } else { // guess not.
                echo "<font class=tiny> | </font>";
            }
        }

        if (!isset($break)) { // are we sopposed to break ?
            if ($n == $page) {
                echo "<font class=tiny><b>$n</b></font></a>";
            } else {
                echo "<a href='modules.php?name=" . $module_name . "&amp;page=$total_pages'>";
                echo "<font class=tiny>$n</font></a>";
            }
        }
        echo " <font class=tiny>]</font> ";
    	echo "</td></tr>\n"; 
	}
echo "</table></center>";
//page ende
    echo "<tr bgcolor=\"$bgcolor2\">\n\t<td colspan=\"6\">";
    echo "<div style=\"float:left;\"><a href=\"modules.php?name=$module_name&amp;op=sendmsg\">" . mxCreateImage("$url_button/ausgang.gif", _ASENTPMS) . "</a> ";
    echo "<a href=\"modules.php?name=$module_name&amp;op=send\">" . mxCreateImage("$url_button/senden.gif", _PMSPRIVATEMESSAGESEND) . "</a> ";
    if ($havemessages) {
        echo "&nbsp;<input type=\"image\" src=\"$url_button/loeschen.gif\" name=\"delete_messages\" value=\"delete_messages\" style=\"background-color: transparent; border: none;\" alt=\"" . _PMSDELETE . "\" title=\"" . _PMSDELETE . "\">";
        echo "<input type=\"hidden\" name=\"total_messages\" value=\"" . (int)$total_messages . "\">";
        echo "<input type=\"hidden\" name=\"op\" value=\"delete_messages\"></a>" . "  ";
	    echo "<a href=\"modules.php?name=$module_name&amp;op=speichern\">" . mxCreateImage("$url_button/speichern.gif", _SAVEPMS) . "</a></div>\n";
        echo "<div style=\"float:right;\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a></div> ";
    }
    echo "</td>\n</tr>\n</table>\n</form>";
}

function messagesheader($uid)
{
    global $url_images, $module_name, $prefix, $user_prefix, $bgcolor3, $bgcolor2, $pmgrenze_godadmin, $pmgrenze_admin;
    include_once("modules/Your_Account/navbar.php");
    OpenTable();
    nav();
    CloseTable();
    echo "<br>";
    OpenTable();
    $buddyalt = strip_tags(eregi_replace("<br>", "\n", _PMSDISCRIBE));
    $windowname = md5($GLOBALS['sitename']);
    echo "

<div style=\"float:left\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_images/pmessage.gif", _PMSRETURNTOPMSG) . "</a>
<font class=\"title\"><b>" . _PMSPRIVATEMESSAGES . "</b>
</font></div>
<div style=\"float:right\"><a href=\"#\" onClick=\"window.open('modules.php?name=" . $module_name . "&amp;file=buddy','$windowname','left=180, top=150, width=240,height=350,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no');\">
" . mxCreateImage("$url_images/buddy.gif", $buddyalt) . "</a></div><div style=\"clear:both\"></div><br>
\n";
//PM Begrenzung
	$uid = (int)$uid;
	$allget = 0;
	$allsend = 0;
	$qry = "SELECT to_userid, Count(msg_id) FROM  ${prefix}_priv_msgs WHERE to_userid=" . $uid . " GROUP BY to_userid;";
		$result = sql_query($qry);
		while (list($to_userid, $nums) = sql_fetch_row($result)) {
	  		$allget = $nums;	#++;	# Anzahl aller pm's ermitteln
		}
      $qry = "SELECT from_userid, Count(msg_id) FROM ${prefix}_priv_msgs_send WHERE from_userid=" . $uid . " GROUP BY from_userid;";
		$result = sql_query($qry);
		while (list($from_userid, $nums) = sql_fetch_row($result)) {
	  		$allsend = $nums;	#++;	# Anzahl aller pm's ermitteln
		}
		include("modules/" . $GLOBALS['module_name'] . "/inboxsize-conf.php");
		$erlaubtpm = $sentboxsize;
		$erlaubtgetpm = $inboxsize;
if (MX_IS_ADMIN && $pmgrenze_admin == 0) {
} else {
	if (mxGetAdminPref('radminsuper') && $pmgrenze_godadmin == 0) {
	} else {
		if($erlaubtpm == 0 && $erlaubtgetpm == 0) {
		} else {
			$nochpm = $erlaubtpm - $allsend;
			$nochgetpm = $erlaubtgetpm - $allget;
				if($allget >= $erlaubtgetpm) {
				$nochgetpm = "<font color=red>$nochgetpm</font>";
				}
				if($allsend >= $erlaubtpm) {
				$nochpm = "<font color=red>$nochpm</font>";
				}
        		echo "<div align=\"center\">\n";
	        echo "<table border=\"0\" width=\"100%\" cellspacing=\"0\">\n";
    	    echo "<tr bgcolor=\"$bgcolor2\">\n";
        	echo "<td width=\"50%\">\n";
     	    echo "<p align=\"center\">\n";
        	echo "<font class=\"content\"><b>" . _PMNE . "</b></font>\n";
       		echo "</td>\n";
        	echo "<td width=\"50%\">\n";
        	echo "<p align=\"center\">\n";
        	echo "<font class=\"content\"><b> " . _PMNA . "</b></font>\n";
        	echo "</td>\n";
        	echo "</tr>\n";
        	echo "<tr bgcolor=\"$bgcolor3\">\n";
        	echo "<td width=\"50%\">\n";
        	echo "<p align=\"center\">\n";
        	echo "<font class=\"content\">" . _PMNOCH . $nochgetpm . _PMFREI . _PMVON . $erlaubtgetpm . "</font>\n";
	        echo "</td>\n";
    	    echo "<td width=\"50%\">\n";
        	echo "<p align=\"center\">\n";
	        echo "<font class=\"content\">" . _PMNOCH . $nochpm . _PMFREI . _PMVON . $erlaubtpm . "</font>\n";
    	    echo "</td>\n";
        	echo "</tr>\n";
      		echo "</table>\n";
        	echo "</div>\n";

	    	echo "</center>\n";
		}
	}
}
//Ende PM Begrenzung
    CloseTable();
    // echo "<br>";
}


function messagesheader1($uid)
{
    global $url_images, $module_name, $prefix, $user_prefix, $bgcolor3, $bgcolor2, $pmgrenze_godadmin, $pmgrenze_admin;
    include_once("modules/Your_Account/navbar.php");
    OpenTable();
    nav();
    CloseTable();
    echo "<br>";
    OpenTable();
    $buddyalt = strip_tags(eregi_replace("<br>", "\n", _PMSDISCRIBE));
    $windowname = md5($GLOBALS['sitename']);
    echo "

<div style=\"float:left\"><a href=\"modules.php?name=$module_name&op=sendmsg\">" . mxCreateImage("$url_images/pmessage.gif", _PMSRETURNTOPMSG) . "</a>
<font class=\"title\"><b>" . _PMSPRIVATEMESSAGES . "</b>
</font></div>
<div style=\"float:right\"><a href=\"#\" onClick=\"window.open('modules.php?name=" . $module_name . "&amp;file=buddy','$windowname','left=180, top=150, width=240,height=350,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no');\">
" . mxCreateImage("$url_images/buddy.gif", $buddyalt) . "</a></div><div style=\"clear:both\"></div><br>
\n";
//PM Begrenzung
	$uid = (int)$uid;
	$allget = 0;
	$allsend = 0;
	$qry = "SELECT to_userid, Count(msg_id) FROM  ${prefix}_priv_msgs WHERE to_userid=" . $uid . " GROUP BY to_userid;";
		$result = sql_query($qry);
		while (list($to_userid, $nums) = sql_fetch_row($result)) {
	  		$allget = $nums;	#++;	# Anzahl aller pm's ermitteln
		}
      $qry = "SELECT from_userid, Count(msg_id) FROM ${prefix}_priv_msgs_send WHERE from_userid=" . $uid . " GROUP BY from_userid;";
		$result = sql_query($qry);
		while (list($from_userid, $nums) = sql_fetch_row($result)) {
	  		$allsend = $nums;	#++;	# Anzahl aller pm's ermitteln
		}
		include("modules/" . $GLOBALS['module_name'] . "/inboxsize-conf.php");
		$erlaubtpm = $sentboxsize;
		$erlaubtgetpm = $inboxsize;
if (MX_IS_ADMIN && $pmgrenze_admin == 0) {
} else {
	if (mxGetAdminPref('radminsuper') && $pmgrenze_godadmin == 0) {
	} else {
		if($erlaubtpm == 0 and $erlaubtgetpm == 0) {
		} else {
		$nochpm = $erlaubtpm - $allsend;
		$nochgetpm = $erlaubtgetpm - $allget;
			if($allget >= $erlaubtgetpm) {
				$nochgetpm = "<font color=red>$nochgetpm</font>";
			}
			if($allsend >= $erlaubtpm) {
				$nochpm = "<font color=red>$nochpm</font>";
			}
			echo "<div align=\"center\">\n";
	        echo "<table border=\"0\" width=\"100%\" cellspacing=\"0\">\n";
    	    echo "<tr bgcolor=\"$bgcolor2\">\n";
        	echo "<td width=\"50%\">\n";
	        echo "<p align=\"center\">\n";
    	    echo "<font class=\"content\"><b> " . _PMNA . "</b></font>\n";
        	echo "</td>\n";
	        echo "<td width=\"50%\">\n";
    	    echo "<p align=\"center\">\n";
        	echo "<font class=\"content\"><b>" . _PMNE . "</b></font>\n";
	        echo "</td>\n";
    	    echo "</tr>\n";
        	echo "<tr bgcolor=\"$bgcolor3\">\n";
	        echo "<td width=\"50%\">\n";
    	    echo "<p align=\"center\">\n";
        	echo "<font class=\"content\">" . _PMNOCH . $nochpm . _PMFREI . _PMVON . $erlaubtpm . "</font>\n";
	        echo "</td>\n";
    	    echo "<td width=\"50%\">\n";
        	echo "<p align=\"center\">\n";
	        echo "<font class=\"content\">" . _PMNOCH . $nochgetpm . _PMFREI . _PMVON . $erlaubtgetpm . "</font>\n";
    	    echo "</td>\n";
        	echo "</tr>\n";
	        echo "</table>\n";
    	    echo "</div>\n";

	    	echo "</center>\n";
		}
	}
}
//Ende PM Begrenzung
    CloseTable();
    // echo "<br>";
}

function prvmsgerror($error_msg, $uid)
{
    global $header, $footer, $PHP_SELF, $bgcolor2, $url_button;
    if (!isset($header)) {
        include("header.php");
    }
    messagesheader($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
     . "<tr bgcolor=\"$bgcolor2\" align=\"center\"><td><br>";
    echo "<center><font class=\"title\"><b>" . _PMSGERROR . "</b></font><br><br>";
    OpenTable2();
    echo "<center><br>$error_msg<br><br></center>";
    CloseTable2();
    echo "<br><a href=\"javascript:history.go(-1)\">" . mxCreateImage($url_button . '/zurueck.gif', _PMSGOBACK) . "</a><br>" . _GOBACK . "<br></center></td></tr></table>";
    include("footer.php");
    die("");
}

function readmessage($id, $uid)
{
    global $prefix, $user_prefix, $module_name, $url_smiles, $url_icons, $url_avatar, $url_images, $blankavatar;
    global $allow_bbcode, $allow_html ;
    global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2, $url_button;
    list($id, $uid) = mxForceInteger($id, $uid); // by AE
    $qry = "SELECT " . $prefix . "_priv_msgs.*, UNIX_TIMESTAMP(msg_time) as msgtimestamp FROM " . $prefix . "_priv_msgs WHERE (to_userid=$uid) and (msg_id=$id);";
    $result = sql_query($qry);
    if (!$result) {
        prvmsgerror(_ERRMSGDATABASE, $uid);
    }
    $row = sql_fetch_array($result);
    if (!$row["msg_id"]) {
        msgindex($uid);
    } else {
        $posterdata = get_userdata_from_id($row["from_userid"]);
        $postedtime = mx_strftime(_PMSTIMESTRING, $row["msgtimestamp"]);

        $replymsg = pmUndoPrepDisplay($row['msg_text']);
        $replymsg = "[quote][i]" . _ON . " " . $postedtime . ", " . _PMSWROTE . " " . $posterdata['uname'] . ":[/i]\n" . $replymsg . "\n[/quote]\n";

        $row["msg_text"] = pmPrepDisplay($row["msg_text"]);

        $qry = "SELECT msg_id FROM " . $prefix . "_priv_msgs WHERE to_userid=$uid and msg_time>'" . $row["msg_time"] . "' and msg_id<>'" . $row["msg_id"] . "' and (from_userid is not null) order by msg_time asc LIMIT 0,1";
        list($next) = sql_fetch_row(sql_query($qry));
        $qry = "SELECT msg_id FROM " . $prefix . "_priv_msgs WHERE to_userid=$uid and msg_time<'" . $row["msg_time"] . "' and msg_id<>'" . $row["msg_id"] . "' and (from_userid is not null) order by msg_time desc LIMIT 0,1";
        list($previous) = sql_fetch_row(sql_query($qry));
        $qry = "UPDATE " . $prefix . "_priv_msgs SET read_msg=1 WHERE msg_id=" . $row["msg_id"];
        $result = sql_query($qry);
        if (!$result) {
            prvmsgerror(_ERRMSGDATABASE, $uid);
        }

        if (empty($posterdata["user_sig"])) {
            $rowspan = "2";
        } else {
            $rowspan = "3";
            $posterdata["user_sig"] = pmPrepDisplay(pmxSigBbCode($posterdata["user_sig"]));
        }

        messagesheader($uid);

        echo"<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">";
        echo "<tr bgcolor=\"$bgcolor1\"><td COLSPAN=\"2\"><font color=\"$textcolor1\" class=\"content\">"
         . "<a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a> &nbsp;";
        if ($previous) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read&amp;id=$previous\">" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . "</a> &nbsp;";
        } else {
            echo "" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . " &nbsp;";
        }
        if ($next) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read&amp;id=$next\">" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "</a>";
        } else {
            echo "" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "";
        }
        echo "</font></td></tr>"
         . "<tr bgcolor=\"$bgcolor2\">"
         . "<td colspan=\"2\"><font class=\"title\" color=\"$textcolor2\">" . _PMSPRIVATEMESSAGE . ": &nbsp;&nbsp;<b><i>" . msg_smile($row["subject"]) . "</i></b></font></td>"
         . "</tr>"
         . "<tr bgcolor=\"$bgcolor3\">\n"
         . "<td valign=\"top\" rowspan=\"" . $rowspan . "\" width=\"20%\">" . _PMSFROM . ": <b>" . $posterdata["uname"] . "</b><br><br>\n";

        $isAvatar = mxIsAvatarUploaded($posterdata["uname"], true);
        if ($isAvatar) {
            // Bild ausgeben:
            echo $isAvatar;
        } else if (!empty($posterdata["user_avatar"]) && $posterdata["user_avatar"] != "blank.gif") {
            echo "<img src=\"$url_avatar/" . $posterdata["user_avatar"] . "\" alt=\"" . $posterdata["uname"] . "\"><br>\n";
        } else {
            echo "<img src=\"$url_avatar/$blankavatar\" alt=\"" . $posterdata["uname"] . "\"><br>\n";
        }
        echo "<br><a href=\"modules.php?name=Userinfo&amp;uname=" . urlencode($posterdata["uname"]) . "\"><img src=\"$url_images/profile.gif\" border=\"0\" alt=\"" . _PMSPROFILE . "\"><font class=\"tiny\">" . _PMSPROFILE . "</font></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<br>\n"
         . get_onlinestatus($posterdata["uname"])
         . "</td>"
         . "<td width='80%' height='10' valign='top'><img src=\"" . $url_icons . "/" . $row["msg_image"] . "\" alt=\"\">&nbsp;<font class=\"content\">" . _PMSSENT . ": $postedtime</font></td></tr>"
         . "<tr bgcolor=\"$bgcolor1\"><td width='80%' height='80' valign='top'>" . $row["msg_text"] . "<br><br></td></tr>";

        if (!empty($posterdata["user_sig"])) {
            echo "<tr bgcolor=\"$bgcolor3\"><td width='80%' height='10'><div class=\"tiny\">" . $posterdata["user_sig"] . "</div></td></tr>\n";
        }

        echo "<tr bgcolor=\"$bgcolor2\"><td COLSPAN=\"2\">"
         . "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr>"
         . "<td><a href=\"modules.php?name=$module_name&amp;op=reply&amp;id=" . $row["msg_id"] . "\">" . mxCreateImage("$url_button/antworten.gif", _PMSREPLY) . "</a>\n"
         . "&nbsp;<a href=\"modules.php?name=$module_name&amp;op=delete&amp;msg_id=" . $row["msg_id"] . "\">" . mxCreateImage("$url_button/loeschen.gif", _PMSDELETE) . "</a>\n</td>\n"
         . "<td align=\"right\">"
         . "<a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a> &nbsp;";
        if ($previous) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read&amp;id=$previous\">" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . "</a> &nbsp;";
        } else {
            echo "" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . " &nbsp;";
        }
        if ($next) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read&amp;id=$next\">" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "</a>";
        } else {
            echo "" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "";
        }
        echo "</td></tr></table>"
         . "</td></tr></table>";

        echo '
<script language="JavaScript" src="modules/' . $module_name . '/javascript.js" type="text/javascript"></script>
';
        echo "<form action=\"modules.php?name=" . $module_name . "\" method=\"post\" name=\"pmsubmit\">";
        echo "<input type=\"hidden\" name=\"name\" value=\"" . $module_name . "\">\n";
        echo "<input type=\"hidden\" name=\"op\" value=\"submit\">\n";
        echo "<br><table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
         . "<tr bgcolor=\"$bgcolor2\">"
         . "<td colspan=\"2\"><font class=\"title\" color=\"$textcolor2\"><b>" . $posterdata["uname"] . "&nbsp;" . _PMSREPLY . ":</b></font></td>"
         . "</tr>";
        if (MX_IS_ADMIN) {
            echo "<tr>"
             . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSTOALL1 . ":</b></td>"
             . "<td bgcolor=\"$bgcolor1\"><input type='checkbox' name='to_all' value='1'> <span class=\"tiny\">" . _PMSTOALL2 . "</span></td>"
             . "</tr>";
        }
        echo "<tr>"
         . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSSUBJECT . ":</b></td>"
         . "<td bgcolor=\"$bgcolor1\"><input type=\"text\" name=\"subject\" value=\"" . mxEntityQuotes(msg_desmile($row["subject"])) . "\" size=\"50\" MAXLENGTH=\"100\"></td>"
         . "</tr>"
         . "<tr valign=\"top\">"
         . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSMESSAGEICON . ":</b></td>"
         . "<td bgcolor=\"$bgcolor1\">" . mxPmGetPictos($row["msg_image"]) . "</td>"
         . "</tr>"
         . "<tr valign=\"top\">"
         . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSMESSAGE . ":</b><br><br>"
         . "<font class=\"tiny\">";
        if ($allow_html == 1) {
            echo _PMSHTML . ": " . _PMSPMON . "<br>\n";
        } else {
            echo _PMSHTML . ": " . _PMSOFF . "<br>\n";
        }
        if ($allow_bbcode == 1) {
            echo _PMSBBCODELINK . _PMSBBCODE . "</a>: " . _PMSPMON . "<br>\n";
        } else {
            echo _PMSBBCODE . ": " . _PMSOFF . "<br>\n";
        }
        echo "</font></td>"
         . "<td bgcolor=\"$bgcolor1\">"
         . "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr>"
         . "<td><textarea name=\"message\" id=\"message\" rows=\"10\" cols=\"45\" ONSELECT=\"storeCaret(this);\" ONCLICK=\"storeCaret(this);\" ONKEYUP=\"storeCaret(this);\">" . htmlentities($replymsg) . "</textarea></td>"
         . "<td>";
        if ($allow_bbcode == 1) {
            printsmilies();
        }
        echo "</td></tr></table>";
        if ($allow_bbcode == 1) {
            putitems();
        }
        echo "</td></tr>"
         . "<tr valign=\"top\">"
         ."<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSSAVE . ":</b><br><br>"
         ."<td bgcolor=\"$bgcolor1\"><input type=\"checkbox\" checked name=\"notsave\" value=\"1\" style=\"background-color: transparent;\"> <span class=\"tiny\">" . _NOTSAVEPMS . "</span></TD></TR>"
         . "<tr><td bgcolor=\"$bgcolor1\" colspan=\"2\" align=\"center\">\n"
         . "<input type=\"hidden\" name=\"to_user\" value=\"" . mxEntityQuotes($posterdata["uname"]) . "\">"
         . "<input type=\"hidden\" name=\"msg_id\" value=\"" . (int)$row["msg_id"] . "\">\n"
         . "<input type=\"submit\" name=\"submit\" value=\"" . _PMSSUBMIT . "\">&nbsp;\n"
         . "<input type=\"reset\" value=\"" . _PMSCLEAR . "\">\n"
         . "</TABLE>"
         . "</FORM>";
    }
}

function deletesentmessage($msg_id, $uid)
{
	global $prefix, $user_prefix, $PHP_SELF, $module_name, $refresh, $bgcolor2, $url_button;
	list($msg_id, $uid) = mxForceInteger($msg_id, $uid);
	$qry = "SELECT msg_time FROM ".$prefix."_priv_msgs_send WHERE (from_userid=$uid) and (msg_id=$msg_id) and (from_userid is not null) LIMIT 0,1";
	list($time) = sql_fetch_row(sql_query($qry));
	$qry = "SELECT msg_id FROM ".$prefix."_priv_msgs_send WHERE (from_userid=$uid) and (msg_time>'$time') and (msg_id<>$msg_id) and (from_userid is not null) order by msg_time asc LIMIT 0,1";
	list($nextid) = sql_fetch_row(sql_query($qry));
  $qry = "DELETE FROM ".$prefix."_priv_msgs_send WHERE (msg_id=$msg_id) AND (from_userid=$uid) or (from_userid is null)";
  if(!sql_query($qry)) {
		prvmsgerror(_ERRMSGNODELETE, $uid);
  	}
	else {
		messagesheader1($uid);
		echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
		."<TR BGCOLOR=\"$bgcolor2\" align=\"center\"><TD><br>"._PMSMSGDELETED."<br><br>";
		if ($nextid){
	    $xrefresh = $refresh*2;
			echo "<a href=\"modules.php?name=$module_name&op=index\"><img src=\"$url_button/index.gif\" border=\"0\" alt=\""._PMSRETURNTOPMSG."\"></a> &nbsp; <a href=\"modules.php?name=$module_name&op=read&id=$nextid\"><img src=\"$url_button/naechste.gif\" border=\"0\" alt=\""._PMSNEXT."\"></a>";
			echo "<META http-equiv=\"Refresh\" content=\"$xrefresh;URL=modules.php?name=$module_name&op=read&id=$nextid\">";
			}
		else {
	    echo "<a href=\"modules.php?name=$module_name&op=sendmsg\">"._PMSRETURNTOPMSG."</a>";
			echo "<META http-equiv=\"Refresh\" content=\"$refresh;URL=modules.php?name=$module_name&op=sendmsg\">";
			}
		echo "<br><br></TD></TR></table>";
    }
	}

function deletesentmessages($arrformvars, $uid)
{
	global $prefix, $refresh, $module_name, $bgcolor2;
	$status =0;
	if (isset($arrformvars["msg_id"])){
		list($uid, $arrformvars["msg_id"]) = mxForceInteger($uid, $arrformvars["msg_id"]);
		while(list($key, $val) = each($arrformvars["msg_id"])) {
			$qry="DELETE FROM ".$prefix."_priv_msgs_send WHERE (msg_id=$val) AND (from_userid=$uid) or (from_userid is null)";
			if(!sql_query($qry)) {
				prvmsgerror(_ERRMSGNODELETE, $uid);
				}
			else {
				$status =1;
				}
			}
		}
	messagesheader1($uid);
	echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
	."<TR BGCOLOR=\"$bgcolor2\" align=\"center\"><TD><br>";
	if ($status){
		echo _PMSMSGDELETED2;
		}
	else {
    echo _PMSMSGNOTODELETE;
		}
	echo "<br><br><a href=\"modules.php?name=$module_name&op=sendmsg\">"._PMSRETURNTOPMSG."</a><br><br></TD></TR></table>";
	echo "<META http-equiv=\"Refresh\" content=\"$refresh;URL=modules.php?name=$module_name&op=sendmsg\">";
	}


function sendmessage($msg_id, $uid, $to_user = "")
{
    global $allow_bbcode, $allow_html;
    global $prefix, $user_prefix, $module_name, $url_smiles, $url_button, $subjectdefaulticon;
    global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2;
    list($msg_id, $uid) = mxForceInteger($msg_id, $uid);
    $count = 0;
    $userlistlink = "[&nbsp;<a href=\"#\" onClick=\"window.open('modules.php?name=$module_name&amp;op=userslist','pmuserslist','left=200, top=200, width=240,height=200,toolbar=no,location=no,directories=no,statusbar=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no'); return false;\">" . _PMSUSERSLIST . "</a>&nbsp;]";
    if ($msg_id) {
        $qry = "SELECT msgs.msg_image, msgs.subject, msgs.to_userid, UNIX_TIMESTAMP(msg_time), msgs.msg_text, fromuser.uname "
         . "FROM " . $prefix . "_priv_msgs AS msgs LEFT JOIN " . $user_prefix . "_users AS fromuser ON msgs.from_userid = fromuser.uid "
         . "WHERE ((to_userid=$uid) AND (msg_id=$msg_id) and (from_userid is not null));";
        $result = sql_query($qry);
        if (!$result) {
            prvmsgerror(_ERRMSGDATABASE, $uid);
        }
        list($msg_image, $subject, $to_userid, $msg_time, $msg_text, $to_user) = sql_fetch_row($result);
        $msg_time = mx_strftime(_PMSTIMESTRING, $msg_time);
        if (!$msg_image) {
            $msg_image = $subjectdefaulticon;
        }
        $subject = _PMSRE . ": " . msg_desmile($subject);
        $subject = str_replace("" . _PMSRE . ": " . _PMSRE . ": ", _PMSRE . ": ", $subject);
        $msg_text = pmUndoPrepDisplay($msg_text);
        $msg_text = "[quote][i]" . _ON . " " . $msg_time . ", " . _PMSWROTE . " " . $to_user . ":[/i]\n" . $msg_text . "\n[/quote]\n";
    } else {
        if (is_numeric($uid) && empty($to_user)) {
            $qry = "SELECT uid, uname from " . $user_prefix . "_users where uid=$uid and user_stat=1 and uname<>'" . mxAddSlashesForSQL($GLOBALS['anonymous']) . "';";
            $result = sql_query($qry);
            list($uid, $to_user) = sql_fetch_row($result);
        } else {
            $to_user = (empty($to_user)) ? $uid : $to_user;
        }
        $msg_image = $subjectdefaulticon;
        $subject = "";
        $msg_text = "";
    }

    echo '
<script language="JavaScript" src="modules/' . $module_name . '/javascript.js" type="text/javascript"></script>
';
    echo "<form action=\"modules.php?name=" . $module_name . "\" method=\"post\" name=\"pmsubmit\">";
    echo "<input type=\"hidden\" name=\"name\" value=\"" . $module_name . "\">\n";
    echo "<input type=\"hidden\" name=\"op\" value=\"submit\">\n";
    messagesheader($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
     . "<tr bgcolor=\"$bgcolor2\">"
     . "<td colspan=\"2\" align=\"right\"><div style=\"float:left;\"><font color=\"$textcolor2\" class=\"title\"><b>" . _PMSPRIVATEMESSAGESEND . "</b></font></div>"
     . "<div style=\"float:right;\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a></div></td>"
     . "</tr>"
     . "<tr>"
     . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSTO . ":</b></td>"
     . "<td bgcolor=\"$bgcolor1\"><input name=\"to_user\" size=\"26\" maxlength=\"25\" value=\"" . mxEntityQuotes($to_user) . "\">&nbsp;&nbsp;&nbsp;" . $userlistlink . "</td>"
     . "</tr>";
    if (MX_IS_ADMIN) {
        echo "<tr>"
         . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSTOALL1 . ":</b></td>"
         . "<td bgcolor=\"$bgcolor1\"><input type='checkbox' name='to_all' value='1'> <span class=\"tiny\">" . _PMSTOALL2 . "</span></td>"
         . "</tr>";
    }
    echo "<tr>"
     . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSSUBJECT . ":</b></td>"
     . "<td bgcolor=\"$bgcolor1\"><input type=\"text\" name=\"subject\" value=\"" . mxEntityQuotes($subject) . "\" size=\"50\" MAXLENGTH=\"100\"></td>"
     . "</tr>"
     . "<tr valign=\"top\">"
     . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSMESSAGEICON . ":</b></td>"
     . "<td bgcolor=\"$bgcolor1\">" . mxPmGetPictos($msg_image) . "</td>"
     . "</tr>"
     . "<tr valign=\"top\">"
     . "<td bgcolor=\"$bgcolor3\" width=\"25%\"><b>" . _PMSMESSAGE . ":</b><br><br>"
     . "<font class=\"tiny\">";
    if ($allow_html == 1) {
        echo _PMSHTML . ": " . _PMSPMON . "<br>\n";
    } else {
        echo _PMSHTML . ": " . _PMSOFF . "<br>\n";
    }
    if ($allow_bbcode == 1) {
        echo _PMSBBCODELINK . _PMSBBCODE . "</a>: " . _PMSPMON . "<br>\n";
    } else {
        echo _PMSBBCODE . ": " . _PMSOFF . "<br>\n";
    }
    echo "</font></td>"
     . "<td bgcolor=\"$bgcolor1\">"
     . "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr>"
     . "<td><textarea name=\"message\" id=\"message\" rows=\"10\" cols=\"45\" onSelect=\"storeCaret(this);\" onClick=\"storeCaret(this);\" onKeyUp=\"storeCaret(this);\">" . htmlentities($msg_text) . "</textarea></td>"
     . "<td>";
    if ($allow_bbcode == 1) {
        printsmilies();
    }
    echo "</td></tr></table>";
    if ($allow_bbcode == 1) {
        putitems();
    }
    echo "</td></tr>"
	."<tr VALIGN=\"TOP\">"
	."<td BGCOLOR=\"$bgcolor3\" width=\"25%\"><b>" . _PMSSAVE . ":</b><br><br>"
	."<td BGCOLOR=\"$bgcolor1\"><input type='checkbox' checked name='notsave' value='1' style='background-color: transparent;'> <span class='tiny'>" . _NOTSAVEPMS . "</span></TD></TR>"
     . "<tr><td bgcolor=\"$bgcolor1\" colspan=\"2\" align=\"center\">\n"
     . "<input type=\"hidden\" name=\"msg_id\" value=\"" . (int)$msg_id . "\">\n"
     . "<input type=\"submit\" name=\"submit\" value=\"" . _PMSSUBMIT . "\">&nbsp;\n"
     . "<input type=\"reset\" value=\"" . _PMSCLEAR . "\">\n"
     . "&nbsp;<input type=\"submit\" name=\"cancel\" value=\"" . _PMSCANCELSEND . "\">\n"
     . "</td></tr>"
     . "</TABLE>"
     . "</FORM>"
     . "<br>";
}

function cancelsubmit($msg_id, $uid)
{
    list($msg_id, $uid) = mxForceInteger($msg_id, $uid);
    if ($msg_id) {
        readmessage($msg_id, $uid);
    } else {
        msgindex($uid);
    }
}

function sendmsg($uid)
{
    global $prefix, $user_prefix, $module_name, $url_smiles, $url_icons, $subjectdefaulticon, $url_images, $url_button, $page, $pagesize;
    global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2, $popupwidth, $poptableborder;
    $uid = (int)$uid;
$count = "SELECT COUNT(to_userid) AS total FROM ${prefix}_priv_msgs_send ";
$select = "SELECT ${prefix}_priv_msgs_send.*, UNIX_TIMESTAMP(msg_time) as msgtimestamp, ${user_prefix}_users.uname as toname "
        . "FROM ${prefix}_priv_msgs_send LEFT JOIN ${user_prefix}_users ON ${prefix}_priv_msgs_send.to_userid = ${user_prefix}_users.uid ";
$min = $pagesize * ($page - 1); // This is where we start our record set from
$max = $pagesize; // This is how many rows to select
$where = "where from_userid = $uid ";
$sort = "order by msg_time"; //sorty by .....
$limit = " DESC LIMIT " . $min . ", " . $max; // we only want rows $min  to $max
$count_result = sql_query($count . $where);
list($num_rows_per_order) = sql_fetch_row($count_result);
$result = sql_query($select . $where . $sort . $limit); # or die(); // Now lets do it !!

    if (!$result) {
        prvmsgerror(_ERRMSGDATABASE, $uid);
    }
    if (!$total_messages = sql_num_rows($result)) {
        $havemessages = 0;
    } else {
        $havemessages = 1;
        printOverlibDiv();
        $pm_overlib = new Overlib();
        echo '
<script language="JavaScript" src="modules/' . $module_name . '/javascript.js" type="text/javascript"></script>
';
    }
    $count = 0;
    echo "<form name=\"prvmsg\" method=\"post\" action=\"modules.php?name=" . $module_name . "\">\n";
    echo "<input type=\"hidden\" name=\"name\" value=\"" . $module_name . "\">\n";
    messagesheader1($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"1\" width=\"100%\" bgcolor=\"$bgcolor2\">\n";
    if (!$havemessages) {
        echo "<tr bgcolor=\"$bgcolor3\">\n\t<td colspan=\"6\" align=\"center\"><br><br><br><b>" . _SENTPMSDONTHAVESOME . "</b><br><br><br></td>\n</tr>\n";
    } else {
    echo "<tr bgcolor=\"$bgcolor2\">\n"
    . "\t<td colspan=\"5\" bgcolor=\"$bgcolor2\" align=\"left\"><font class=\"content\"><b>&nbsp;&nbsp;" . _SENTPMS      . "</b><br><br>\n"
    . "</td>\n";
        echo "<tr bgcolor=\"$bgcolor2\">\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\"><input name=\"allbox\" onclick=\"CheckAll();\" type=\"checkbox\" value=\"" . _PMSCHECKALL . "\" style=\"background-color: transparent;\"></td>\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\"><img src=\"$url_images/down.gif\" border=\"0\" alt=\"" . _PMSMSGSTATUS . "\"></td>\n"
         . "\t<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;</td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _SENTPMSTO . "</b></font></td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _PMSSUBJECT . "</b></font></td>\n"
         . "\t<td align=\"center\"><font class=\"content\" color=\"$textcolor2\"><b>" . _PMSDATE . "</b></font></td>\n"
         . "</tr>\n";
        while ($row = sql_fetch_array($result)) {
		
//Nachrichten ungelesenen auslesen für "pix" ----->
$pm_uhrzeit = $row["msg_time"];
$select1 = "SELECT * FROM ${prefix}_priv_msgs ";
$where1 = "where msg_time = '$pm_uhrzeit'";
$result_read_msg = sql_query($select1 . $where1);
//<----- bis hier

            if (empty($row["msg_image"])) $row["msg_image"] = $subjectdefaulticon;
            if (empty($row["toname"])) $row["toname"] = "";
            $postedtime = mx_strftime(_PMSTIMESTRING, $row["msgtimestamp"]);
            $row["subject"] = strip_tags($row["subject"]);
            $row["subject"] = msg_smile($row["subject"]);

            $row["msg_text"] = strip_tags($row["msg_text"], "<img><br><hr><b><i>");
            // $row["msg_text"] = str_replace(array('&#41;','&#124;'),array(')','|'),$row["msg_text"]); /// macht mxSecureValue() rückgängig
            $row["msg_text"] = pmPrepDisplay($row["msg_text"]);

            $pm_overlib->ol_capicon = $url_icons . "/" . $row["msg_image"];
            $pm_overlib->ol_delay = 200;
            $pm_overlib->ol_hauto = "True";
            $pm_overlib->ol_vauto = "True";
            $myover = $pm_overlib->vover(pmValueToText($row["msg_text"]), pmValueToText($row["subject"]));
            echo "<tr>\t<td bgcolor=\"$bgcolor1\" width=\"2%\" align=\"center\"><input type=\"checkbox\" onclick=\"CheckCheckAll();\" name=\"msg_id[$count]\" value=\"" . (int)$row["msg_id"] . "\" style=\"background-color: transparent;\">";
            echo "</td>\n";
            echo "\t<td width=\"5%\" align=\"center\" bgcolor=\"$bgcolor1\">";


//ab hier Abfrage für schon gelesen "pix"---->
//Eigene Nachrichten auslesen
		        $ungelesen= mysql_fetch_array($result_read_msg);

            if ($ungelesen["read_msg"] == 0 && $ungelesen["read_msg"] != "")
			{
                echo "<img src=\"$url_images/read.gif\" border=\"0\" alt=\"" . _PMSNOTREAD . "\">";
            }
			else
			{
                echo "";
            }
//<----- bis hier

            echo "</td>\n";
            echo "\t<td bgcolor=\"$bgcolor3\" width=\"5%\" align=\"center\"><a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=" . $row["msg_id"] . "\"><img src=\"" . $url_icons . "/" . $row["msg_image"] . "\" border=\"0\"></a></td>\n";
            echo "\t<td bgcolor=\"$bgcolor1\" width=\"10%\"><font class=\"content\" color=\"$textcolor2\">&nbsp;<a href='modules.php?name=Userinfo&amp;uname=" . $row["toname"] . "'>" . $row["toname"] . "</a>&nbsp;</font></td>\n";
            echo "\t<td bgcolor=\"$bgcolor3\">&nbsp;<a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=" . $row["msg_id"] . "\"" . $myover . "><font class=\"tiny\" color=\"$textcolor2\">" . $row["subject"] . "</font></a></td>\n";
            echo "\t<td bgcolor=\"$bgcolor1\" align=\"center\" width=\"18%\"><font class=\"tiny\" color=\"$textcolor2\">$postedtime</font></td>\n";
            echo "</tr>\n";
            $count++;
        }
    }
//page
echo "<tr bgcolor=\"$bgcolor2\">\n\t<td colspan=\"6\"><center><table>";
    if ($num_rows_per_order > $pagesize) {
        $total_pages = ceil($num_rows_per_order / $pagesize); // How many pages are we dealing with here ??
        $prev_page = $page - 1;

        if ($prev_page > 0) {
            echo "<td align='left' width='15%'><a href='modules.php?name=" . $module_name . "&op=sendmsg&amp;page=$prev_page'>";
            echo mxCreateImage(MX_ML_IMAGEPATH . 'left.gif', _PREVIOUS . " (" . $prev_page . ")");
            echo "</a></td>";
        } else {
            echo "<td width='15%'>&nbsp;</td>\n";
        }

        echo "<td align='center' width='70%'>";
        echo "<font class=tiny>$num_rows_per_order " . " ($total_pages " . _PAGES . ")</font>";
        echo "</td>";

        $next_page = $page + 1;
        if ($next_page <= $total_pages) {
            echo "<td align='right' width='15%'><a href='modules.php?name=" . $module_name . "&op=sendmsg&amp;page=$next_page'>";
            echo mxCreateImage(MX_ML_IMAGEPATH . 'right.gif', _NEXTPAGE . " (" . $next_page . ")");
            echo "</a></td>";
        } else {
            echo "<td width='15%'>&nbsp;</td></tr>\n";
        }
        /* Added a numbered page list, only shows up to 50 pages. */

        echo "<tr><td colspan=\"3\" align=\"center\">";
        echo " <font class=tiny>[ </font>";

        for($n = 1; $n < $total_pages; $n++) {
            if ($n == $page) {
                echo "<font class=tiny><b>$n</b></font></a>";
            } else {
                echo "<a href='modules.php?name=" . $module_name . "&op=sendmsg&amp;page=$n'>";
                echo "<font class=tiny>$n</font></a>";
            }
            if ($n >= 50) { // if more than 50 pages are required, break it at 50.
                $break = true;
                break;
            } else { // guess not.
                echo "<font class=tiny> | </font>";
            }
        }

        if (!isset($break)) { // are we sopposed to break ?
            if ($n == $page) {
                echo "<font class=tiny><b>$n</b></font></a>";
            } else {
                echo "<a href='modules.php?name=" . $module_name . "&op=sendmsg&amp;page=$total_pages'>";
                echo "<font class=tiny>$n</font></a>";
            }
        }
        echo " <font class=tiny>]</font> ";
    	echo "</td></tr>\n"; 
	}
echo "</table></center>";
//page ende
    echo "<tr bgcolor=\"$bgcolor2\">\n\t<td colspan=\"6\">";
    echo "<div style=\"float:left;\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/eingang.gif", _ESENTPMS) . "</a> ";
    echo "<a href=\"modules.php?name=$module_name&amp;op=send\">" . mxCreateImage("$url_button/senden.gif", _PMSPRIVATEMESSAGESEND) . "</a> ";
    if ($havemessages) {
        echo "&nbsp;<input type=\"image\" src=\"$url_button/loeschen.gif\" name=\"delete_messages\" value=\"delete_messages\" style=\"background-color: transparent; border: none;\" alt=\"" . _PMSDELETE . "\" title=\"" . _PMSDELETE . "\">";
        echo "<input type=\"hidden\" name=\"total_messages\" value=\"" . (int)$total_messages . "\">";
        echo "<input type=\"hidden\" name=\"op\" value=\"delete_sent_messages\"></a>" . "  ";
	    echo "<a href=\"modules.php?name=$module_name&amp;op=speichern\">" . mxCreateImage("$url_button/speichern.gif", _SAVEPMS) . "</a></div>\n";
        echo "<div style=\"float:right;\"><a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a></div> ";
    }
    echo "</td>\n</tr>\n</table>\n</form>";
}

function readsentmessage($id, $uid)
{
    global $prefix, $user_prefix, $module_name, $url_smiles, $url_icons, $url_avatar, $url_images, $blankavatar;
    global $allow_bbcode, $allow_html ;
    global $bgcolor1, $bgcolor2, $bgcolor3, $textcolor1, $textcolor2, $url_button;
    list($id, $uid) = mxForceInteger($id, $uid); // by AE
    $qry = "SELECT " . $prefix . "_priv_msgs_send.*, UNIX_TIMESTAMP(msg_time) as msgtimestamp FROM " . $prefix . "_priv_msgs_send WHERE (from_userid=$uid) and (msg_id=$id);";
    $result = sql_query($qry);
    if (!$result) {
        prvmsgerror(_ERRMSGDATABASE, $uid);
    }
    $row = sql_fetch_array($result);
    if (!$row["msg_id"]) {
        msgindex($uid);
    } else {
        $posterdata = get_userdata_from_id($row["to_userid"]);
        $postedtime = mx_strftime(_PMSTIMESTRING, $row["msgtimestamp"]);

        $replymsg = pmUndoPrepDisplay($row['msg_text']);
        $replymsg = "[quote][i]" . _ON . " " . $postedtime . ", " . _PMSWROTE . " " . $posterdata['uname'] . ":[/i]\n" . $replymsg . "\n[/quote]\n";

        $row["msg_text"] = pmPrepDisplay($row["msg_text"]);

        $qry = "SELECT msg_id FROM " . $prefix . "_priv_msgs_send WHERE from_userid=$uid and msg_time>'" . $row["msg_time"] . "' and msg_id<>'" . $row["msg_id"] . "' and (from_userid is not null) order by msg_time asc LIMIT 0,1";
        list($next) = sql_fetch_row(sql_query($qry));
        $qry = "SELECT msg_id FROM " . $prefix . "_priv_msgs_send WHERE from_userid=$uid and msg_time<'" . $row["msg_time"] . "' and msg_id<>'" . $row["msg_id"] . "' and (from_userid is not null) order by msg_time desc LIMIT 0,1";
        list($previous) = sql_fetch_row(sql_query($qry));
#        $qry = "UPDATE " . $prefix . "_priv_msgs_send SET read_msg=1 WHERE msg_id=" . $row["msg_id"];
        $result = sql_query($qry);
        if (!$result) {
            prvmsgerror(_ERRMSGDATABASE, $uid);
        }

        if (empty($posterdata["user_sig"])) {
            $rowspan = "2";
        } else {
            $rowspan = "3";
            $posterdata["user_sig"] = pmPrepDisplay(pmxSigBbCode($posterdata["user_sig"]));
        }

        messagesheader1($uid);

        echo"<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">";
        echo "<tr bgcolor=\"$bgcolor1\"><td COLSPAN=\"2\"><font color=\"$textcolor1\" class=\"content\">"
         . "<a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a> &nbsp;";
        if ($previous) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=$previous\">" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . "</a> &nbsp;";
        } else {
            echo "" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . " &nbsp;";
        }
        if ($next) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=$next\">" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "</a>";
        } else {
            echo "" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "";
        }
        echo "</font></td></tr>"
         . "<tr bgcolor=\"$bgcolor2\">"
         . "<td colspan=\"2\"><font class=\"title\" color=\"$textcolor2\">" . _PMSPRIVATEMESSAGE . ": &nbsp;&nbsp;<b><i>" . msg_smile($row["subject"]) . "</i></b></font></td>"
         . "</tr>"
         . "<tr bgcolor=\"$bgcolor3\">\n"
         . "<td valign=\"top\" rowspan=\"" . $rowspan . "\" width=\"20%\">" . _SENTPMSTO . ": <b>" . $posterdata["uname"] . "</b><br><br>\n";

        $isAvatar = mxIsAvatarUploaded($posterdata["uname"], true);
        if ($isAvatar) {
            // Bild ausgeben:
            echo $isAvatar;
        } else if (!empty($posterdata["user_avatar"]) && $posterdata["user_avatar"] != "blank.gif") {
            echo "<img src=\"$url_avatar/" . $posterdata["user_avatar"] . "\" alt=\"" . $posterdata["uname"] . "\"><br>\n";
        } else {
            echo "<img src=\"$url_avatar/$blankavatar\" alt=\"" . $posterdata["uname"] . "\"><br>\n";
        }
        echo "<br><a href=\"modules.php?name=Userinfo&amp;uname=" . urlencode($posterdata["uname"]) . "\"><img src=\"$url_images/profile.gif\" border=\"0\" alt=\"" . _PMSPROFILE . "\"><font class=\"tiny\">" . _PMSPROFILE . "</font></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<br>\n"
         . get_onlinestatus($posterdata["uname"])
         . "</td>"
         . "<td width='80%' height='10' valign='top'><img src=\"" . $url_icons . "/" . $row["msg_image"] . "\" alt=\"\">&nbsp;<font class=\"content\">" . _PMSSENT . ": $postedtime</font></td></tr>"
         . "<tr bgcolor=\"$bgcolor1\"><td width='80%' height='80' valign='top'>" . $row["msg_text"] . "<br><br></td></tr>";

        if (!empty($posterdata["user_sig"])) {
            echo "<tr bgcolor=\"$bgcolor3\"><td width='80%' height='10'><div class=\"tiny\">" . $posterdata["user_sig"] . "</div></td></tr>\n";
        }

        echo "<tr bgcolor=\"$bgcolor2\"><td COLSPAN=\"2\">"
         . "<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr>"
         . "&nbsp;<td><a href=\"modules.php?name=$module_name&amp;op=delete_sent&amp;msg_id=" . $row["msg_id"] . "\">" . mxCreateImage("$url_button/loeschen.gif", _PMSDELETE) . "</a>\n"
         . "<td align=\"right\">"
         . "<a href=\"modules.php?name=$module_name\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a> &nbsp;";
        if ($previous) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=$previous\">" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . "</a> &nbsp;";
        } else {
            echo "" . mxCreateImage("$url_button/vorherige.gif", _PMSPREVIOUS) . " &nbsp;";
        }
        if ($next) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=read_sent&amp;id=$next\">" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "</a>";
        } else {
            echo "" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "";
        }
        echo "</td></tr></table>"
         . "</td></tr></table>";
    }
}

function submitmessage($arrpostdata, $uid)
{
    include("modules/" . $GLOBALS['module_name'] . "/inboxsize-conf.php");
    global $prefix, $user_prefix, $PHP_SELF, $module_name, $refresh, $bgcolor2, $pmgrenze_godadmin, $pmgrenze_admin;
	$to_userid = 0;
    $uid = (int)$uid;
    if (empty($arrpostdata["to_user"]) && empty($arrpostdata["to_all"]) || (!empty($arrpostdata["to_all"]) && !MX_IS_ADMIN)) {
        prvmsgerror(_ERRMSGNOUSER, $uid);
    }
    if (empty($arrpostdata["to_all"])) {
        $result = sql_query("select uid from " . $user_prefix . "_users where uname=\"" . mxAddSlashesForSQL($arrpostdata["to_user"]) . "\"");
        list($to_userid) = sql_fetch_row($result);
        if (!$to_userid) {
            prvmsgerror(_PMSUSERNOTINDB, $uid);
        }
    }
// PM Begrenzung
$result_anzahl = sql_query("SELECT Count(*) FROM " . $prefix . "_priv_msgs WHERE to_userid=$to_userid");
$qry_sent = "SELECT Count(*) FROM " . $prefix . "_priv_msgs_send WHERE from_userid=$uid";
$result_sent = sql_query($qry_sent);
$count_anzahl = sql_fetch_row($result_anzahl);
$countpmsent = sql_fetch_row($result_sent);
if (MX_IS_ADMIN && $pmgrenze_admin == 0) {
} else {
	if (mxGetAdminPref('radminsuper') && $pmgrenze_godadmin == 0) {
	} else {
		if ($sentboxsize == 0) {
		} else {
			if ($countpmsent[0] >= $sentboxsize) {
    			prvmsgerror(_SENTPMBOXVOLL, $uid);
			}
		}
		if ($inboxsize == 0) {
		} else {
			if ($count_anzahl[0] >= $inboxsize) {
	    		prvmsgerror(_PMBOXVOLL, $uid);
			}
		}
	}
}
//Ende PM Begrenzung
    if (!($arrpostdata["subject"])) {
        prvmsgerror(_ERRMSGNOSUBJECT, $uid);
    }
    if (strip_tags($arrpostdata["subject"]) != $arrpostdata["subject"]) {
        prvmsgerror(_ERRMSGNOHTMLINSUBJECT, $uid);
    }
    if (!($arrpostdata["image"])) {
        prvmsgerror(_ERRMSGNOICON, $uid);
    }
    if (!($arrpostdata["message"])) {
        prvmsgerror(_ERRMSGNOMESSAGE, $uid);
    }
    $arrpostdata["message"] = mxAddSlashesForSQL($arrpostdata["message"]);
    $arrpostdata["subject"] = mxAddSlashesForSQL(strip_tags($arrpostdata["subject"]));

    $qry1 = "INSERT INTO " . $user_prefix . "_priv_msgs (msg_image, subject, from_userid, to_userid, msg_time, msg_text) ";
    $qry_msg_sent = "INSERT INTO " . $user_prefix . "_priv_msgs_send (msg_image, subject, from_userid, to_userid, msg_time, msg_text) "; //Gesendete PM´s speichern
    if (empty($arrpostdata["to_all"])) {
//ignore Funktion
if (mxModuleAllowed("Friendlist")) {
    include("modules/Friendlist/config.php");
	if (!(MX_IS_ADMIN && $friendlist_admin == 0)) {
		if (!(mxGetAdminPref('radminsuper') && $friendlist_godadmin == 0)) {
$ignore = sql_query("select uname from " . $user_prefix . "_users_ignorelist where uid='" . $to_userid . "' AND ignoreid='" . $uid . "'");
$nene = sql_num_rows($ignore);
if ($nene == 1) {
list($ignorename) = sql_fetch_row($ignore);
prvmsgerror($ignorename . " " . _NOMESSAGE . "<br><a href=\"modules.php?name=$module_name\">" . _PMSRETURNTOPMSG, $uid);
}
}
}
}
######
       $qry1 .= "VALUES ('" . $arrpostdata["image"] . "', '" . $arrpostdata["subject"] . "', " . $uid . ", " . $to_userid . ", now(), '" . $arrpostdata["message"] . "')";
        $qry_msg_sent .= "VALUES ('" . $arrpostdata["image"] . "', '" . $arrpostdata["subject"] . "', " . $uid . ", " . $to_userid . ", now(), '" . $arrpostdata["message"] . "')";
		//Gesendete PM´S speichern
        if (!$result = sql_query($qry1)) {
            prvmsgerror(_ERRMSGNOSUBMIT, $uid);
        }
    if (empty($arrpostdata["notsave"])) {
	} else {
	        if (!$result = sql_query($qry_msg_sent)) {
    	        prvmsgerror(_ERRMSGNOSUBMIT, $uid);
        	}
		}
    } else {
        if (MX_IS_ADMIN) {
            $i = 0;
            $result = sql_query("select uid from " . $user_prefix . "_users where user_stat=1");
            while (list($to_userid) = sql_fetch_row($result)) {
                $qry2 = $qry1 . " VALUES ('" . $arrpostdata["image"] . "', '" . $arrpostdata["subject"] . "', " . $uid . ", " . $to_userid . ", now(), '" . $arrpostdata["message"] . "')";
                $result2 = sql_query($qry2);
                if ($result2) $i++;
            }
        }
    }
###Email bei neuer PN wenn User offline ist #####
#$Nachricht = $arrpostdata["message"];
$dieUserdaten = mxGetUserDataFromUid($uid);
$Absender = $dieUserdaten['uname'];
list($touser_uname,$touser_email,$user_pm_mail) = sql_fetch_row(sql_query("SELECT uname, email, user_pm_mail FROM " . $user_prefix . "_users WHERE uid='$to_userid'"));
$message = _HELLO . " $touser_uname,\n" . _PMEMAIL . MX_BASE_URL . _PMEMAIL1 . "$Absender " . _PMEMAIL2 . MX_BASE_URL . "modules.php?name=" . $GLOBALS['module_name'] . _PMEMAIL3 . MX_BASE_URL . "modules.php?name=Your_Account&op=edithome";
$subject = _PMEMAILSUB . MX_BASE_URL;
if (!mxIsUserOnline($touser_uname) && ($user_pm_mail ==1))
{
   mxMail($touser_email, "$subject", $message, $GLOBALS['adminmail'],"text","PM-Mail");
}
    pmxHeader::add('<meta http-equiv="Refresh" content="' . ((isset($i)) ? ($refresh * 4) : $refresh) . ';URL=modules.php?name=' . $module_name . '">');
    messagesheader($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
     . "<tr bgcolor=\"$bgcolor2\">"
     . "<td><br><center>" . _PMSMSGPOSTED . " " . ((isset($i)) ? " (" . $i . " User)" : "") . "<br><a href=\"modules.php?name=$module_name\">" . _PMSRETURNTOPMSG . "</a></center><br></td>"
     . "</tr></table>";
}

function deletemessage($msg_id, $uid)
{
    global $prefix, $user_prefix, $PHP_SELF, $module_name, $refresh, $bgcolor2, $url_button;
    list($msg_id, $uid) = mxForceInteger($msg_id, $uid);
    $qry = "SELECT msg_time FROM " . $prefix . "_priv_msgs WHERE (to_userid=$uid) and (msg_id=$msg_id) and (from_userid is not null) LIMIT 0,1";
    list($time) = sql_fetch_row(sql_query($qry));
    $qry = "SELECT msg_id FROM " . $prefix . "_priv_msgs WHERE (to_userid=$uid) and (msg_time>'$time') and (msg_id<>$msg_id) and (from_userid is not null) order by msg_time asc LIMIT 0,1";
    list($nextid) = sql_fetch_row(sql_query($qry));
    $qry = "DELETE FROM " . $prefix . "_priv_msgs WHERE (msg_id=$msg_id) AND (to_userid=$uid) or (from_userid is null)";
    if (!sql_query($qry)) {
        prvmsgerror(_ERRMSGNODELETE, $uid);
    } else {
        $xrefresh = ($nextid) ? ($refresh * 2) : $refresh;
        pmxHeader::add('<meta http-equiv="Refresh" content="' . $xrefresh . ';URL=modules.php?name=' . $module_name . '">');
        messagesheader($uid);
        echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
         . "<tr bgcolor=\"$bgcolor2\" align=\"center\"><td><br>" . _PMSMSGDELETED . "<br><br>";
        if ($nextid) {
            echo "<a href=\"modules.php?name=$module_name&amp;op=index\">" . mxCreateImage("$url_button/index.gif", _PMSRETURNTOPMSG) . "</a> &nbsp; <a href=\"modules.php?name=$module_name&amp;op=read&amp;id=$nextid\">" . mxCreateImage("$url_button/naechste.gif", _PMSNEXT) . "</a>";
        } else {
            echo "<a href=\"modules.php?name=$module_name\">" . _PMSRETURNTOPMSG . "</a>";
        }
        echo "<br><br></td></tr></table>";
    }
}

function deletemessages($arrformvars, $uid)
{
    global $prefix, $refresh, $module_name, $bgcolor2;
    $status = 0;
    $delmess = array();
    $uid = (int)$uid;
    if (isset($arrformvars["msg_id"])) {
        foreach ($arrformvars["msg_id"] as $key => $val) {
            $delmess[] = (int)$val;
            $status++;
        }
        if (count($delmess)) {
            $delmess = implode(',', $delmess);
            $del_unread = (empty($GLOBALS['allow_delete_unread'])) ? 'AND (read_msg <> 0)' : '';
            $qry = "DELETE FROM " . $prefix . "_priv_msgs WHERE (msg_id IN (" . $delmess . ")) AND (to_userid=" . $uid . ") " . $del_unread . " OR (from_userid = 0) OR (msg_text IS NULL) OR (subject IS NULL) OR (msg_text='') OR (subject='')";
            sql_query($qry);
            $qry = "SELECT COUNT(msg_id) FROM " . $prefix . "_priv_msgs WHERE (to_userid = " . $uid . ") AND msg_id IN (" . $delmess . ")";
            $result = sql_query($qry);
            list($delmess) = sql_fetch_row($result);
            $status = $status - ((int)$delmess);
        }
    }
    pmxHeader::add('<meta http-equiv="Refresh" content="' . $refresh . ';URL=modules.php?name=' . $module_name . '">');
    messagesheader($uid);
    echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"3\" width=\"100%\" bgcolor=\"$bgcolor2\">"
     . "<tr bgcolor=\"$bgcolor2\" align=\"center\"><td><br>";
    if ($status) {
        echo _PMSMSGDELETED2 . " (" . $status . "x)";
    } else {
        echo _PMSMSGNOTODELETE;
    }
    echo "<br><br><a href=\"modules.php?name=$module_name\">" . _PMSRETURNTOPMSG . "</a><br><br></td></tr></table>";
}

/**
 * mainprog
 */
if (!MX_IS_USER) {
    header("Location: modules.php?name=Your_Account&op=login");
    exit;
} else {
    $module_name = basename(dirname(__FILE__));
    // Link verwendet in Sprachdateien
    if (!defined("_PMSBBCODELINK")) define("_PMSBBCODELINK", "<a href=\"#\" onClick=\"window.open('modules.php?name=" . $module_name . "&amp;file=bbcode','pmbbcode','left=10, top=10, width=640,height=480,toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=1,resizable=1,copyhistory=0'); return false;\">");

    $userdata = mxGetUserData();

    $_REQUEST["op"] = (empty($_REQUEST["op"])) ? "index" : $_REQUEST["op"];
    $_REQUEST["uname"] = (empty($_REQUEST["uname"])) ? $userdata["uid"] : $_REQUEST["uname"];
    $_REQUEST["to_user"] = (empty($_REQUEST["to_user"])) ? $userdata["uname"] : $_REQUEST["to_user"];

    include_once("modules/" . $module_name . "/config.php");
    if (@file_exists('modules/' . $module_name . '/bbfunctions.php')) include_once("modules/" . $module_name . "/bbfunctions.php");
    include_once("modules/" . $module_name . "/functions.php");
    mxGetLangfile($module_name);

    if ($op == "userslist") {
        userslist();
        exit;
    }

    $pagetitle = _PMSPRIVATEMESSAGES;
    include('header.php');
    echo "\n\n<!-- beginn $module_name output -->\n";

    if (isset($_REQUEST['mode']) && isset($_REQUEST['u'])) {
        $_REQUEST['op'] = $_REQUEST['mode'];
        $xinfo = mxGetUserDataFromUid($_REQUEST['u']);
        $_REQUEST["to_user"] = $xinfo['uname'];
    }

    switch ($_REQUEST['op']) {
        case "read":
            readmessage($_REQUEST["id"], $userdata["uid"]);
		    break;
    	case "read_sent":
			readsentmessage($_REQUEST["id"], $userdata["uid"]);
            break;
        case "reply":
            sendmessage($_REQUEST["id"], $userdata["uid"]);
            break;
        case "send":
            sendmessage(0, $_REQUEST["uname"]);
            break;
        case "post":
        case "send_to":
            sendmessage(0, $_REQUEST["uname"], $_REQUEST["to_user"]);
            break;
        case "submit":
            if (isset($_REQUEST["submit"])) {
                submitmessage($_REQUEST, $userdata["uid"]);
            } else {
                cancelsubmit($_REQUEST["msg_id"], $userdata["uid"]);
            }
            break;
        case "delete":
            deletemessage($_REQUEST["msg_id"], $userdata["uid"]);
 		    break;
    	case "delete_sent":
			deletesentmessage($_REQUEST["msg_id"], $userdata["uid"]);
    		break;
		case "delete_sent_messages":
			deletesentmessages($_REQUEST, $userdata["uid"]);
    		break;
    	case "sendmsg":
        	sendmsg($userdata["uid"]);
            break;
        case "delete_messages":
            deletemessages($_REQUEST, $userdata["uid"]);
            break;
        Default:
            msgindex($userdata["uid"]);
		    break;
    	case "speichern":
            msgsichern($userdata["uid"]);
            break;
    }
    echo "\n<!-- end $module_name output -->\n\n";
    include('footer.php');
}