vb.org Archive
Page 3 of 9 12 3 45 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin 3.0 Full Releases (https://vborg.vbsupport.ru/forumdisplay.php?f=33)
-   -   Delete PM sent before user reads it (https://vborg.vbsupport.ru/showthread.php?t=78729)

Boofo 03-28-2005 06:25 PM
Quote:
Originally Posted by why-not
How about adding a userid to the query! Sure it would be difficult to know who has unread PM(s), but all one has to do is start sending requests with PM ids and they can delete all unread PM(s) even ones that are not theirs! Then you should also check the request, because allowing what you allow, can end up with anyone reading any table they want or even delete your whole database! Nice idea, but it needs to be made secure!

Sonia
How would you do that exactly? ;)

nexialys 03-28-2005 06:29 PM
the best way would be to have a dropdown with multiple choices where you select the users that need to be deleted from the list of receiving the pm ... so if there is only one receiver, the dropdown will be a single choice... if we choose nobody, no pm will be deleted...

pie 03-29-2005 01:30 AM
Quote:
Originally Posted by why-not
How about adding a userid to the query! Sure it would be difficult to know who has unread PM(s), but all one has to do is start sending requests with PM ids and they can delete all unread PM(s) even ones that are not theirs! Then you should also check the request, because allowing what you allow, can end up with anyone reading any table they want or even delete your whole database! Nice idea, but it needs to be made secure!

Sonia
Very good point... I have to say silly me for not doing it.

Quote:
That is the only draw back stoping me from using it.
Theres nothing that can be done about that, unfortunatly you can't pull back emails. I could do a "This PM has been deleted" error message if you guys'd prefer.

Quote:
the best way would be to have a dropdown with multiple choices where you select the users that need to be deleted from the list of receiving the pm ... so if there is only one receiver, the dropdown will be a single choice... if we choose nobody, no pm will be deleted...
Thats a good idea, the fact that it could be for mulitple users completly slipped my mind. I'd probally do checkboxes rather than a list purely because i find checkboxes easier and I want them as easy as possible.

Dennis Olson 03-29-2005 04:06 PM
A couple of points:

1) The delete function LEAVES the tracking notice in your tracking folder. How can that be removed at the same time? (After all, you don't need the tracking notice anymore).

2) You create the following phrase:

Phrase Type: Private Messaging
Varname: was_deleted
Text: You deleted it!

but in your EVAL statement, you use:

eval(print_standard_redirect('deleted_private_mess ages_successfully'));

Thus never referencing that phrase....

pie 03-29-2005 05:16 PM
Quote:
Originally Posted by Dennis Olson
A couple of points:

1) The delete function LEAVES the tracking notice in your tracking folder. How can that be removed at the same time? (After all, you don't need the tracking notice anymore).

2) You create the following phrase:

Phrase Type: Private Messaging
Varname: was_deleted
Text: You deleted it!

but in your EVAL statement, you use:

eval(print_standard_redirect('deleted_private_mess ages_successfully'));

Thus never referencing that phrase....
Yes. This hack is still not 100% Featured, I will be adding it so that in the Sent Messages folder, it'll show that it was deleted and thus didn't get through.

DivisionByZero 04-03-2005 03:16 AM
Quote:
Originally Posted by Dennis Olson
A couple of points:

1) The delete function LEAVES the tracking notice in your tracking folder. How can that be removed at the same time? (After all, you don't need the tracking notice anymore).
I would like to leave the tracking message just to remind the sender that he deleted it. But, I would like to have the "Delete Their PM!" link removed. The way it stands now, if the sender deletes the PM, the "Delete Their PM" link is still active. This could be gotten rid of to prevent an error message.

DivisionByZero 04-03-2005 05:03 AM
Ok, in the meantime, while pie works on the authenticate_sender_before_delete scheme, I added a quick fix to it. It's simple.. It replaces the entire request routine and here it is:

PHP Code:
if ($_REQUEST['do'] == "deleteunread")
{
$pm $_GET['pm'];

// check to see if it is still unread and the user hasn't dilly-dallied
        $pmquery $DB_site->query("SELECT * FROM " TABLE_PREFIX "pm WHERE pmid='$pm'");
        $pmnum $DB_site->num_rows($pmquery);

        if ($pmnum == 0)
        {
            $idname $vbphrase['private_message'];
            eval(print_standard_error('invalidid'));
        }

     $pmquery $DB_site->query("SELECT * FROM " TABLE_PREFIX "pm WHERE pmid=$pm AND messageread=0");
        if ($DB_site->num_rows($pmquery) == 0)
        {
            eval(print_standard_error('hasbeenread'));
        }
        
// check to the actual sender of the PM is the one trying to delete it. Done by chris
        $suspectuser $bbuserinfo['userid'];
    $senderquery $DB_site->query("SELECT userid FROM " TABLE_PREFIX "pmreceipt WHERE pmid=$pm AND readtime=0");
        $senderresult mysql_fetch_assoc($senderquery);
        if ($senderresult['userid'] == $suspectuser) {

        $receiptSql "UPDATE " TABLE_PREFIX "pmreceipt SET deleted=1 WHERE pmid=$pm";
        $DB_site->query($receiptSql);

        $deletePmSql "DELETE FROM " TABLE_PREFIX "pm WHERE pmid=" $pm;
        $DB_site->query($deletePmSql);        

        $url "private.php?$session[sessionurl]do=trackpm";
        eval(print_standard_redirect('deleted_private_messages_successfully'));
        }
        else {
        $idname $vbphrase['private_message'];
        eval(print_standard_error('invalidid'));
        }

DivisionByZero 04-03-2005 05:18 AM
To replace the "Delete Their PM!" link if the PM has already been deleted by the sender, do the following:

In private.php, find

PHP Code:
 $pmreceipts $DB_site->query("
        SELECT
            pmreceipt.*, pmreceipt.pmid AS receiptid
        FROM " TABLE_PREFIX "pmreceipt AS pmreceipt
        WHERE pmreceipt.userid = $bbuserinfo[userid]
        ORDER BY pmreceipt.sendtime DESC
    "); 
Replace with:
PHP Code:
    $pmreceipts $DB_site->query("
        SELECT
            deleted, pmreceipt.*, pmreceipt.pmid AS receiptid
        FROM " TABLE_PREFIX "pmreceipt AS pmreceipt
        WHERE pmreceipt.userid = $bbuserinfo[userid]
        ORDER BY pmreceipt.sendtime DESC
    "); 
The pm_receiptsbit template replacement string should be changed to:
HTML Code:
                <td class="alt2"><span class="smallfont"><if condition="$show['readpm']">$receipt[read_date] <span class="time">$receipt[read_time]</span><else /><em>$vbphrase[unread_date]<br /><if condition="$receipt[deleted] == '0'"><a href="private.php?$sesion[sessionurl]do=unsend&amp;pm=$receipt[receiptid]">$vbphrase[deleteunread]</a><else />$vbphrase[was_deleted]</if></em></if></td>

pie 04-12-2005 10:05 PM
You saying you want an Undelete?

DivisionByZero 04-12-2005 11:29 PM
No, i noticed now if a user deletes the PM WITHOUT reading it, the receipt should be processed as "confirmed" and not have the "delete their pm" availability anymore. :)


All times are GMT. The time now is 05:51 PM.
Page 3 of 9 12 3 45 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01183 seconds
  • Memory Usage 1,777KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_html_printable
  • (3)bbcode_php_printable
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete