<?php

/*
	[UCenter] (C)2001-2099 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$Id: pm.php 1059 2011-03-01 07:25:09Z monkey $
*/

!defined('IN_UC') && exit('Access Denied');

define('PMINBALCKLIST_ERROR', -6);
define('PMSENDSELF_ERROR', -8);
define('PMSENDNONE_ERROR', -9);
define('PMSENDCHATNUM_ERROR', -10);
define('PMTHREADNONE_ERROR', -11);
define('PMPRIVILEGENONE_ERROR', -12);
define('PMCHATTYPE_ERROR', -13);
define('PMUIDTYPE_ERROR', -14);
define('PMDATA_ERROR', -15);

class pmmodel {

	var $db;
	var $base;
	function __construct(&$base) {
		$this->pmmodel($base);
	}

	function pmmodel(&$base) {
		$this->base = $base;
		$this->db = $base->db;
	}

	function pmintval($pmid) {
		return @is_numeric($pmid) ? $pmid : 0;
	}

	function getpmbypmid($uid, $pmid) {
		if(!$pmid) {
			return array();
		}
		$arr = array();
		$pm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=i.plid WHERE i.pmid='$pmid'");
		if($this->isprivilege($pm['plid'], $uid)) {
			$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($pm['plid'])." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=p.plid WHERE p.pmid='$pm[pmid]'");
			$arr = $this->getpostlist($pms);
		}
		return $arr;
	}

	function isprivilege($plid, $uid) {
		if(!$plid || !$uid) {
			return true;
		}
		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
		if($this->db->fetch_array($query)) {
			return true;
		} else {
			return false;
		}
	}

	function getpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp, $type = 0) {
		if(!$type) {
			$pm = $this->getprivatepmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
		} else {
			$pm = $this->getchatpmbyplid($uid, $plid, $starttime, $endtime, $start, $ppp);
		}
		return $this->getpostlist($pm);
	}

	function getpostlist($list) {
		if(empty($list)) {
			return array();
		}
		$authoridarr = $authorarr = array();
		foreach($list as $key => $value) {
			$authoridarr[$value['authorid']] = $value['authorid'];
		}
		if($authoridarr) {
			$this->base->load('user');
			$authorarr = $_ENV['user']->id2name($authoridarr);
		}
		foreach($list as $key => $value) {
			if($value['pmtype'] == 1) {
				$users = explode('_', $value['min_max']);
				if($value['authorid'] == $users[0]) {
					$value['touid'] = $users[1];
				} else {
					$value['touid'] = $users[0];
				}
			} else {
				$value['touid'] = 0;
			}
			$value['author'] = $authorarr[$value['authorid']];

			$value['msgfromid'] = $value['authorid'];
			$value['msgfrom'] = $value['author'];
			$value['msgtoid'] = $value['touid'];

			unset($value['min_max']);
			unset($value['delstatus']);
			unset($value['lastmessage']);
			$list[$key] = $value;
		}
		return $list;
	}

	function setpmstatus($uid, $touids, $plids, $status = 0) {
		if(!$uid) {
			return false;
		}
		if(!$status) {
			$oldstatus = 1;
			$newstatus = 0;
		} else {
			$oldstatus = 0;
			$newstatus = 1;
		}
		if($touids) {
			foreach($touids as $key => $value) {
				if($uid == $value || !$value) {
					return false;
				}
				$relastionship[] = $this->relationship($uid, $value);
			}
			$plid = $plidpostarr = array();
			$query = $this->db->query("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
			while($thread = $this->db->fetch_array($query)) {
				$plidarr[] = $thread['plid'];
			}
			if($plidarr) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plidarr).") AND uid='$uid' AND isnew='$oldstatus'");
			}
		}
		if($plids) {
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew='$newstatus' WHERE plid IN (".$this->base->implode($plids).") AND uid='$uid' AND isnew='$oldstatus'");
		}
		return true;
	}

	function set_ignore($uid) {
		return $this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
	}

	function isnewpm($uid) {
		return $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");
	}

	function lastpm($uid) {
		$lastpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT 1");
		$lastmessage = unserialize($lastpm['lastmessage']);
		if($lastmessage['lastauthorid']) {
			$lastpm['lastauthorid'] = $lastmessage['lastauthorid'];
			$lastpm['lastauthor'] = $lastmessage['lastauthor'];
			$lastpm['lastsummary'] = $lastmessage['lastsummary'];
		} else {
			$lastpm['lastauthorid'] = $lastmessage['firstauthorid'];
			$lastpm['lastauthor'] = $lastmessage['firstauthor'];
			$lastpm['lastsummary'] = $lastmessage['firstsummary'];
		}
		return $lastpm;
	}

	function getpmnum($uid, $type = 0, $isnew = 0) {
		$newsql = '';
		$newnum = 0;

		if($isnew) {
			$newsql = 'AND m.isnew=1';
		}
		if(!$type) {
			$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m WHERE m.uid='$uid' $newsql");
		} else {
			$newnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE m.uid='$uid' $newsql AND t.pmtype='$type'");
		}
		return $newnum;
	}

	function getpmnumbyplid($uid, $plid) {
		return $this->db->result_first("SELECT pmnum FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$uid'");
	}

	function sendpm($fromuid, $fromusername, $touids, $subject, $message, $type = 0) {
		if(!$fromuid || !$fromusername || !$touids || !$message) {
			return 0;
		}
		$touids = array_unique($touids);
		$relationship = $existplid = $pm_member_insertsql = array();
		$this->base->load('user');
		$tmptouidarr = $touids;
		$blackls = $this->get_blackls($fromuid, $touids);

		foreach($tmptouidarr as $key => $value) {
			if($fromuid == $value || !$value) {
				return PMSENDSELF_ERROR;
			}

			if(in_array('{ALL}', $blackls[$value])) {
				unset($touids[$key]);
				continue;
			}
			$blackls[$value] = $_ENV['user']->name2id($blackls[$value]);
			if(!(isset($blackls[$value]) && !in_array($fromuid, $blackls[$value]))) {
				unset($touids[$key]);
			} else {
				$relationship[$value] = $this->relationship($fromuid, $value);
			}
		}
		if(empty($touids)) {
			return PMSENDNONE_ERROR;
		}
		if($type == 1 && count($touids) < 2) {
			return PMSENDCHATNUM_ERROR;
		}

		$_CACHE['badwords'] = $this->base->cache('badwords');
		if($_CACHE['badwords']['findpattern']) {
			$subject = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $subject);
			$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
		}
		if(!$subject) {
			$subject = $this->removecode(trim($message), 80);
		} else {
			$subject = htmlspecialchars($subject);
		}
		$lastsummary = $this->removecode(trim($message), 150);

		if(!$type) {
			$query = $this->db->query("SELECT plid, min_max FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")");
			while($thread = $this->db->fetch_array($query)) {
				$existplid[$thread['min_max']] = $thread['plid'];
			}
			$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
			$lastmessage = addslashes(serialize($lastmessage));
			foreach($relationship as $key => $value) {
				if(!isset($existplid[$value])) {
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '1', '$subject', 2, '$value', '".$this->base->time."', '$lastmessage')");
					$plid = $this->db->insert_id();
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
					$pmid = $this->db->insert_id();
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')");
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')");
				} else {
					$plid = $existplid[$value];
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
					$pmid = $this->db->insert_id();
					$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
					$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$key', '1', '1', '0', '".$this->base->time."')", 'SILENT');
					if(!$result) {
						$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$key'");
					}
					$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')", 'SILENT');
					if(!$result) {
						$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
					}
					$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");
				}
			}
		} else {
			$lastmessage = array('firstauthorid' => $fromuid, 'firstauthor' => $fromusername, 'firstsummary' => $lastsummary);
			$lastmessage = addslashes(serialize($lastmessage));
			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_lists(authorid, pmtype, subject, members, min_max, dateline, lastmessage) VALUES('$fromuid', '2', '$subject', '".(count($touids)+1)."', '', '".$this->base->time."', '$lastmessage')");
			$plid = $this->db->insert_id();
			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
			$pmid = $this->db->insert_id();
			$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
			$pm_member_insertsql[] = "('$plid', '$fromuid', '0', '1', '".$this->base->time."', '".$this->base->time."')";
			foreach($touids as $key => $value) {
				$pm_member_insertsql[] = "('$plid', '$value', '1', '1', '0', '".$this->base->time."')";
			}
			$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES ".implode(',', $pm_member_insertsql));
		}

		$newpm = array();
		foreach($touids as $key => $value) {
			$newpm[] = "('$value')";
		}
		$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $newpm));
		return $pmid;
	}

	function replypm($plid, $fromuid, $fromusername, $message) {
		if(!$plid || !$fromuid || !$fromusername || !$message) {
			return 0;
		}

		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
		if(empty($threadpm)) {
			return PMTHREADNONE_ERROR;
		}

		if($threadpm['pmtype'] == 1) {
			$users = explode('_', $threadpm['min_max']);
			if($users[0] == $fromuid) {
				$touid = $users[1];
			} elseif($users[1] == $fromuid) {
				$touid = $users[0];
			} else {
				return PMPRIVILEGENONE_ERROR;
			}

			$blackls = $this->get_blackls($fromuid, $touid);
			if(in_array('{ALL}', $blackls[$touid])) {
				return PMINBALCKLIST_ERROR;
			}
			$this->base->load('user');
			$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
			if(!(isset($blackls[$touid]) && !in_array($fromuid, $blackls[$touid]))) {
				return PMINBALCKLIST_ERROR;
			}
		}

		$memberuid = array();
		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
		while($member = $this->db->fetch_array($query)) {
			$memberuid[$member['uid']] = "('$member[uid]')";
		}
		if(!isset($memberuid[$fromuid])) {
			return PMPRIVILEGENONE_ERROR;
		}

		$_CACHE['badwords'] = $this->base->cache('badwords');
		if($_CACHE['badwords']['findpattern']) {
			$message = @preg_replace($_CACHE['badwords']['findpattern'], $_CACHE['badwords']['replace'], $message);
		}
		$lastsummary = $this->removecode(trim($message), 150);

		$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_indexes(plid) VALUES('$plid')");
		$pmid = $this->db->insert_id();
		$this->db->query("INSERT INTO ".UC_DBTABLEPRE.$this->getposttablename($plid)."(pmid, plid, authorid, message, dateline, delstatus) VALUES('$pmid', '$plid', '$fromuid', '$message', '".$this->base->time."', 0)");
		if($threadpm['pmtype'] == 1) {
			$lastmessage = array('lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
			$lastmessage = addslashes(serialize($lastmessage));
			$result = $this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '1', '0', '".$this->base->time."')", 'SILENT');
			if(!$result) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$touid'");
			}
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, pmnum=pmnum+1, lastupdate='".$this->base->time."', lastdateline='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
		} else {
			$lastmessage = unserialize($threadpm['lastmessage']);
			$lastmessage = array('firstauthorid' => $lastmessage['firstauthorid'], 'firstauthor' => $lastmessage['firstauthor'], 'firstsummary' => $lastmessage['firstsummary'], 'lastauthorid' => $fromuid, 'lastauthor' => $fromusername, 'lastsummary' => $lastsummary);
			$lastmessage = addslashes(serialize($lastmessage));
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=1, pmnum=pmnum+1, lastdateline='".$this->base->time."' WHERE plid='$plid'");
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0, lastupdate='".$this->base->time."' WHERE plid='$plid' AND uid='$fromuid'");
		}
		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET lastmessage='$lastmessage' WHERE plid='$plid'");

		$this->db->query("REPLACE INTO ".UC_DBTABLEPRE."newpm(uid) VALUES ".implode(',', $memberuid)."");

		return $pmid;
	}

	function appendchatpm($plid, $uid, $touid) {
		if(!$plid || !$uid || !$touid) {
			return 0;
		}
		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
		if(empty($threadpm)) {
			return PMTHREADNONE_ERROR;
		}
		if($threadpm['pmtype'] != 2) {
			return PMCHATTYPE_ERROR;
		}
		if($threadpm['authorid'] != $uid) {
			return PMPRIVILEGENONE_ERROR;
		}

		$blackls = $this->get_blackls($uid, $touid);
		if(in_array('{ALL}', $blackls[$touid])) {
			return PMINBALCKLIST_ERROR;
		}
		$this->base->load('user');
		$blackls[$touid] = $_ENV['user']->name2id($blackls[$touid]);
		if(!(isset($blackls[$touid]) && !in_array($uid, $blackls[$touid]))) {
			return PMINBALCKLIST_ERROR;
		}

		$pmnum = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." WHERE plid='$plid'");
		$this->db->query("INSERT INTO ".UC_DBTABLEPRE."pm_members(plid, uid, isnew, pmnum, lastupdate, lastdateline) VALUES('$plid', '$touid', '1', '$pmnum', '0', '0')", 'SILENT');
		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");

		return 1;
	}

	function kickchatpm($plid, $uid, $touid) {
		if(!$uid || !$touid || !$plid || $uid == $touid) {
			return 0;
		}
		$threadpm = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
		if($threadpm['pmtype'] != 2) {
			return PMCHATTYPE_ERROR;
		}
		if($threadpm['authorid'] != $uid) {
			return PMPRIVILEGENONE_ERROR;
		}
		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid' AND uid='$touid'");
		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members='$num' WHERE plid='$plid'");
		return 1;
	}

	function quitchatpm($uid, $plids) {
		if(!$uid || !$plids) {
			return 0;
		}
		$list = array();
		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE m.plid IN (".$this->base->implode($plids).") AND m.uid='$uid'");
		while($threadpm = $this->db->fetch_array($query)) {
			if($threadpm['pmtype'] != 2) {
				return PMCHATTYPE_ERROR;
			}
			if($threadpm['authorid'] == $uid) {
				return PMPRIVILEGENONE_ERROR;
			}
			$list[] = $threadpm['plid'];
		}

		if($list) {
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($list).") AND uid='$uid'");
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_lists SET members=members-1 WHERE plid IN (".$this->base->implode($list).")");
		}

		return 1;
	}

	function deletepmbypmid($uid, $pmid) {
		if(!$uid || !$pmid) {
			return 0;
		}
		$index = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON i.plid=t.plid WHERE i.pmid='$pmid'");
		if($index['pmtype'] != 1) {
			return PMUIDTYPE_ERROR;
		}
		$users = explode('_', $index['min_max']);
		if(!in_array($uid, $users)) {
			return PMPRIVILEGENONE_ERROR;
		}
		if($index['authorid'] != $uid) {
			$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=2 WHERE pmid='$pmid' AND delstatus=0");
			$updatenum = $this->db->affected_rows();
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=1");
			$deletenum = $this->db->affected_rows();
		} else {
			$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." SET delstatus=1 WHERE pmid='$pmid' AND delstatus=0");
			$updatenum = $this->db->affected_rows();
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE pmid='$pmid' AND delstatus=2");
			$deletenum = $this->db->affected_rows();
		}

		if(!$this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($index['plid'])." WHERE plid='$index[plid]'")) {
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$index[plid]'");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$index[plid]'");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$index[plid]'");
		} else {
			$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET pmnum=pmnum-".($updatenum + $deletenum)." WHERE plid='".$index['plid']."' AND uid='$uid'");
		}
		return 1;
	}

	function deletepmbypmids($uid, $pmids) {
		if($pmids) {
			foreach($pmids as $key => $pmid) {
				$this->deletepmbypmid($uid, $pmid);
			}
		}
		return 1;
	}

/*
	function deletepmbypmids($uid, $pmids) {
		if(!$uid || !$pmids) {
			return 0;
		}
		$pmplid = $delstatus1pm = $delstatus2pm = $pmplidpost = array();
		$existplid = array();
		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_indexes i LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON i.plid=t.plid WHERE i.pmid IN (".$this->base->implode($pmids).") AND t.pmtype=1");
		while($index = $this->db->fetch_array($query)) {
			$users = explode('_', $index['min_max']);
			if(!in_array($uid, $users)) {
				return PMPRIVILEGENONE_ERROR;
			}
			if($index['authorid'] == $uid) {
				$delstatus1pm[$this->getposttablename($index['plid'])][] = $index['pmid'];
			} else {
				$delstatus2pm[$this->getposttablename($index['plid'])][] = $index['pmid'];
			}
			$pmplidpost[$this->getposttablename($index['plid'])][] = $index['plid'];
			$pmplid[$index['plid']] = $index['plid'];
		}
		if(empty($pmplidpost)) {
			return 0;
		}

		if($delstatus1pm) {
			foreach($delstatus1pm as $key => $value) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."$key SET delstatus=1 WHERE pmid IN (".$this->base->implode($value).") AND delstatus=0");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."$key WHERE pmid IN (".$this->base->implode($value).") AND delstatus=2");
			}
		}

		if($delstatus2pm) {
			foreach($delstatus2pm as $key => $value) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."$key SET delstatus=2 WHERE pmid IN (".$this->base->implode($value).") AND delstatus=0");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."$key WHERE pmid IN (".$this->base->implode($value).") AND delstatus=1");
			}
		}

		foreach($pmplidpost as $key => $value) {
			$query = $this->db->query("SELECT DISTINCT plid FROM ".UC_DBTABLEPRE."$key WHERE plid IN (".$this->base->implode($value).")");
			while($pmpostarr = $this->db->fetch_array($query)) {
				$existplid[] = $pmpostarr['plid'];
			}
		}
		$pmplid = array_diff($pmplid, $existplid);
		if($pmplid) {
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid IN (".$this->base->implode($pmplid).")");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($pmplid).")");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid IN (".$this->base->implode($pmplid).")");
		}
		return 1;
	}
*/

	function deletepmbyplid($uid, $plid, $isuser = 0) {
		if(!$uid || !$plid) {
			return 0;
		}

		if($isuser) {
			$relationship = $this->relationship($uid, $plid);
			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='$relationship'";
		} else {
			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'";
		}

		$query = $this->db->query($sql);
		if($list = $this->db->fetch_array($query)) {
			if($list['pmtype'] == 1) {
				$user = explode('_', $list['min_max']);
				if(!in_array($uid, $user)) {
					return PMPRIVILEGENONE_ERROR;
				}
			} else {
				if($uid != $list['authorid']) {
					return PMPRIVILEGENONE_ERROR;
				}
			}
		} else {
			return PMTHREADNONE_ERROR;
		}

		if($list['pmtype'] == 1) {
			if($uid == $list['authorid']) {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=2");
				$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=1 WHERE plid='$list[plid]' AND delstatus=0");
			} else {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]' AND delstatus=1");
				$this->db->query("UPDATE ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." SET delstatus=2 WHERE plid='$list[plid]' AND delstatus=0");
			}
			$count = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'");
			if(!$count) {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'");
			} else {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]' AND uid='$uid'");
			}
		} else {
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE.$this->getposttablename($list['plid'])." WHERE plid='$list[plid]'");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$list[plid]'");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$list[plid]'");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid='$list[plid]'");
		}
		return 1;
	}

	function deletepmbyplids($uid, $plids, $isuser = 0) {
		if($plids) {
			foreach($plids as $key => $plid) {
				$this->deletepmbyplid($uid, $plid, $isuser);
			}
		}
		return 1;
	}

/*
	function deletepmbyplid($uid, $plids, $isuser = 0) {
		if(!$uid || !$plids) {
			return 0;
		}

		$privatepm = $chatpm = array();
		$privatepmauthorpost = $privatepmpost = $privatepmpostall = array();
		$existplid = array();
		if($isuser) {
			$relationship = array();
			foreach($plids as $key => $value) {
				if($uid == $value || !$value) {
					return PMDATA_ERROR;
				}
				$relationship[] = $this->relationship($uid, $value);
			}
			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max IN (".$this->base->implode($relationship).")";
		} else {
			$sql = "SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid IN (".$this->base->implode($plids).")";
		}
		$query = $this->db->query($sql);
		while($threadpm = $this->db->fetch_array($query)) {
			if($threadpm['pmtype'] == 1) {
				$users = explode('_', $threadpm['min_max']);
				if($users[0] == $uid) {
					$touid = $users[1];
				} elseif($users[1] == $uid) {
					$touid = $users[0];
				} else {
					continue;
				}

				if($threadpm['authorid'] == $uid) {
					$privatepmauthorpost[$this->getposttablename($threadpm['plid'])][] = $threadpm['plid'];
				} else {
					$privatepmpost[$this->getposttablename($threadpm['plid'])][] = $threadpm['plid'];
				}
				$privatepmpostall[$this->getposttablename($threadpm['plid'])][] = $threadpm['plid'];
				$privatepm[] = $threadpm['plid'];
			} else {
				if($uid != $threadpm['authorid']) {
					continue;
				}
				$chatpm[] = $threadpm['plid'];
				$chatpmpost[$this->getposttablename($threadpm['plid'])][] = $threadpm['plid'];
			}
		}

		if($privatepmauthorpost) {
			foreach($privatepmauthorpost as $key => $value) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."$key SET delstatus=1 WHERE plid IN (".$this->base->implode($value).") AND delstatus=0");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."$key WHERE plid IN (".$this->base->implode($value).") AND delstatus=2");
			}
		}

		if($privatepmpost) {
			foreach($privatepmpost as $key => $value) {
				$this->db->query("UPDATE ".UC_DBTABLEPRE."$key SET delstatus=2 WHERE plid IN (".$this->base->implode($value).") AND delstatus=0");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."$key WHERE plid IN (".$this->base->implode($value).") AND delstatus=1");
			}
		}
		if($privatepmpostall) {
			foreach($privatepmpostall as $key => $value) {
				$query = $this->db->query("SELECT DISTINCT plid FROM ".UC_DBTABLEPRE."$key WHERE plid IN (".$this->base->implode($value).")");
				while($postpm = $this->db->fetch_array($query)) {
					$existplid[] = $postpm['plid'];
				}
			}
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($privatepm).") AND uid='$uid'");
			$privatepm = array_diff($privatepm, $existplid);
			if(!empty($privatepm)) {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid IN (".$this->base->implode($privatepm).")");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($privatepm).")");
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid IN (".$this->base->implode($privatepm).")");
			}
		}
		if($chatpmpost) {
			foreach($chatpmpost as $key => $value) {
				$this->db->query("DELETE FROM ".UC_DBTABLEPRE."$key WHERE plid IN (".$this->base->implode($value).")");
			}
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_lists WHERE plid IN (".$this->base->implode($chatpm).")");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_members WHERE plid IN (".$this->base->implode($chatpm).")");
			$this->db->query("DELETE FROM ".UC_DBTABLEPRE."pm_indexes WHERE plid IN (".$this->base->implode($chatpm).")");
		}
		return 1;
	}
*/

	function getprivatepmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
		if(!$uid || !$plid) {
			return 0;
		}
		if(!$this->isprivilege($plid, $uid)) {
			return 0;
		}
		$thread = $this->db->fetch_first("SELECT * FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
		if($thread['pmtype'] != 1) {
			return 0;
		}
		$pms = $addsql = array();
		$addsql[] = "p.plid='$plid'";
		if($thread['authorid'] == $uid) {
			$addsql[] = 'p.delstatus IN (0,2)';
		} else {
			$addsql[] = 'p.delstatus IN (0,1)';
		}
		if($starttime) {
			$addsql[]= "p.dateline>'$starttime'";
		}
		if($endtime) {
			$addsql[] = "p.dateline<'$endtime'";
		}
		if($addsql) {
			$addsql = implode(' AND ', $addsql);
		} else {
			$addsql = '';
		}
		if($ppp) {
			$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
		} else {
			$limitsql = '';
		}
		$pms = $this->db->fetch_all("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
		return array_reverse($pms);
	}

	function getchatpmbyplid($uid, $plid, $starttime = 0, $endtime = 0, $start = 0, $ppp = 0) {
		if(!$uid || !$plid) {
			return 0;
		}
		if(!$this->isprivilege($plid, $uid)) {
			return 0;
		}
		$pms = $addsql = array();
		$addsql[] = "p.plid='$plid'";
		if($starttime) {
			$addsql[]= "p.dateline>'$starttime'";
		}
		if($endtime) {
			$addsql[] = "p.dateline<'$endtime'";
		}
		if($addsql) {
			$addsql = implode(' AND ', $addsql);
		} else {
			$addsql = '';
		}
		if($ppp) {
			$limitsql = 'LIMIT '.intval($start).', '.intval($ppp);
		} else {
			$limitsql = '';
		}
		$query = $this->db->query("SELECT t.*, p.*, t.authorid as founderuid, t.dateline as founddateline FROM ".UC_DBTABLEPRE.$this->getposttablename($plid)." p LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON p.plid=t.plid WHERE $addsql ORDER BY p.dateline DESC $limitsql");
		while($pm = $this->db->fetch_array($query)) {
			if($pm['pmtype'] != 2) {
				return 0;
			}
			$pms[] = $pm;
		}
		$this->db->query("UPDATE ".UC_DBTABLEPRE."pm_members SET isnew=0 WHERE plid='$plid' AND uid='$uid' AND isnew=1");
		return array_reverse($pms);
	}

	function getpmlist($uid, $filter, $start, $ppp = 10) {
		if(!$uid) {
			return 0;
		}
		$members = $touidarr = $tousernamearr = array();

		if($filter == 'newpm') {
			$addsql = 'm.isnew=1 AND ';
		/*������Ӱ��
		} elseif($filter == 'privatepm') {
			$addsql = 't.pmtype=1 AND ';
		} elseif($filter == 'chatpm') {
			$addsql = 't.pmtype=2 AND ';
		*/
		} else {
			$addsql = '';
		}
		$query = $this->db->query("SELECT * FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON t.plid=m.plid WHERE $addsql m.uid='$uid' ORDER BY m.lastdateline DESC LIMIT $start, $ppp");
		while($member = $this->db->fetch_array($query)) {
			if($member['pmtype'] == 1) {
				$users = explode('_', $member['min_max']);
				$member['touid'] = $users[0] == $uid ? $users[1] : $users[0];
			} else {
				$member['touid'] = 0;
			}
			$touidarr[$member['touid']] = $member['touid'];
			$members[] = $member;
		}

		$this->db->query("DELETE FROM ".UC_DBTABLEPRE."newpm WHERE uid='$uid'");

		$array = array();
		if($members) {
			$today = $this->base->time - $this->base->time % 86400;
			$this->base->load('user');
			$tousernamearr = $_ENV['user']->id2name($touidarr);
			foreach($members as $key => $data) {

				$daterange = 5;
				$data['founddateline'] = $data['dateline'];
				$data['dateline'] = $data['lastdateline'];
				$data['pmid'] = $data['plid'];
				$lastmessage = unserialize($data['lastmessage']);
				if($lastmessage['firstauthorid']) {
					$data['firstauthorid'] = $lastmessage['firstauthorid'];
					$data['firstauthor'] = $lastmessage['firstauthor'];
					$data['firstsummary'] = $lastmessage['firstsummary'];
				}
				if($lastmessage['lastauthorid']) {
					$data['lastauthorid'] = $lastmessage['lastauthorid'];
					$data['lastauthor'] = $lastmessage['lastauthor'];
					$data['lastsummary'] = $lastmessage['lastsummary'];
				}
				$data['msgfromid'] = $lastmessage['lastauthorid'];
				$data['msgfrom'] = $lastmessage['lastauthor'];
				$data['message'] = $lastmessage['lastsummary'];

				$data['new'] = $data['isnew'];

				$data['msgtoid'] = $data['touid'];
				if($data['lastdateline'] >= $today) {
					$daterange = 1;
				} elseif($data['lastdateline'] >= $today - 86400) {
					$daterange = 2;
				} elseif($data['lastdateline'] >= $today - 172800) {
					$daterange = 3;
				} elseif($data['lastdateline'] >= $today - 604800) {
					$daterange = 4;
				}
				$data['daterange'] = $daterange;

				$data['tousername'] = $tousernamearr[$data['touid']];
				unset($data['min_max']);
				$array[] = $data;
			}
		}
		return $array;
	}

	function getplidbypmid($pmid) {
		if(!$pmid) {
			return false;
		}
		return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_indexes WHERE pmid='$pmid'");
	}

	function getplidbytouid($uid, $touid) {
		if(!$uid || !$touid) {
			return 0;
		}
		return $this->db->result_first("SELECT plid FROM ".UC_DBTABLEPRE."pm_lists WHERE min_max='".$this->relationship($uid, $touid)."'");
	}

	function getuidbyplid($plid) {
		if(!$plid) {
			return array();
		}
		$uidarr = array();
		$query = $this->db->query("SELECT uid FROM ".UC_DBTABLEPRE."pm_members WHERE plid='$plid'");
		while($uid = $this->db->fetch_array($query)) {
			$uidarr[$uid['uid']] = $uid['uid'];
		}
		return $uidarr;
	}

	function chatpmmemberlist($uid, $plid) {
		if(!$uid || !$plid) {
			return 0;
		}
		$uidarr = $this->getuidbyplid($plid);
		if(empty($uidarr)) {
			return 0;
		}
		if(!isset($uidarr[$uid])) {
			return 0;
		}
		$authorid = $this->db->result_first("SELECT authorid FROM ".UC_DBTABLEPRE."pm_lists WHERE plid='$plid'");
		return array('author' => $authorid, 'member' => $uidarr);
	}

	function relationship($fromuid, $touid) {
		if($fromuid < $touid) {
			return $fromuid.'_'.$touid;
		} elseif($fromuid > $touid) {
			return $touid.'_'.$fromuid;
		} else {
			return '';
		}
	}

	function getposttablename($plid) {
		$id = substr((string)$plid, -1, 1);
		return 'pm_messages_'.$id;
	}

	function get_blackls($uid, $uids = array()) {
		if(!$uids) {
			$blackls = $this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'");
		} else {
			$uids = $this->base->implode($uids);
			$blackls = array();
			$query = $this->db->query("SELECT uid, blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid IN ($uids)");
			while($data = $this->db->fetch_array($query)) {
				$blackls[$data['uid']] = explode(',', $data['blacklist']);
			}
		}
		return $blackls;
	}

	function set_blackls($uid, $blackls) {
		$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
		return $this->db->affected_rows();
	}

	function update_blackls($uid, $username, $action = 1) {
		$username = !is_array($username) ? array($username) : $username;
		if($action == 1) {
			if(!in_array('{ALL}', $username)) {
				$usernames = $this->base->implode($username);
				$query = $this->db->query("SELECT username FROM ".UC_DBTABLEPRE."members WHERE username IN ($usernames)");
				$usernames = array();
				while($data = $this->db->fetch_array($query)) {
					$usernames[addslashes($data['username'])] = addslashes($data['username']);
				}
				if(!$usernames) {
					return 0;
				}
				$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
				if($blackls) {
					$list = explode(',', $blackls);
					foreach($list as $k => $v) {
						if(in_array($v, $usernames)) {
							unset($usernames[$v]);
						}
					}
				}
				if(!$usernames) {
					return 1;
				}
				$listnew = implode(',', $usernames);
				$blackls .= $blackls !== '' ? ','.$listnew : $listnew;
			} else {
				$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
				$blackls .= ',{ALL}';
			}
		} else {
			$blackls = addslashes($this->db->result_first("SELECT blacklist FROM ".UC_DBTABLEPRE."memberfields WHERE uid='$uid'"));
			$list = $blackls = explode(',', $blackls);
			foreach($list as $k => $v) {
				if(in_array($v, $username)) {
					unset($blackls[$k]);
				}
			}
			$blackls = implode(',', $blackls);
		}
		$this->db->query("UPDATE ".UC_DBTABLEPRE."memberfields SET blacklist='$blackls' WHERE uid='$uid'");
		return 1;
	}

	function removecode($str, $length) {
		static $uccode = null;
		if($uccode === null) {
			require_once UC_ROOT.'lib/uccode.class.php';
			$uccode = new uccode();
		}
		$str = $uccode->complie($str);
		return trim($this->base->cutstr(strip_tags($str), $length));
	}

	function ispminterval($uid, $interval = 0) {
		if(!$uid) {
			return 0;
		}
		$interval = intval($interval);
		if(!$interval) {
			return 1;
		}
		$lastupdate = $this->db->result_first("SELECT lastupdate FROM ".UC_DBTABLEPRE."pm_members WHERE uid='$uid' ORDER BY lastupdate DESC LIMIT 1");
		if(($this->base->time - $lastupdate) > $interval) {
			return 1;
		} else {
			return 0;
		}
	}

	function isprivatepmthreadlimit($uid, $maxnum = 0) {
		if(!$uid) {
			return 0;
		}
		$maxnum = intval($maxnum);
		if(!$maxnum) {
			return 1;
		}
		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_members m LEFT JOIN ".UC_DBTABLEPRE."pm_lists t ON m.plid=t.plid WHERE uid='$uid' AND lastupdate>'".($this->base->time-86400)."' AND t.pmtype=1");
		if($maxnum - $num < 0) {
			return 0;
		} else {
			return 1;
		}
	}

	function ischatpmthreadlimit($uid, $maxnum = 0) {
		if(!$uid) {
			return 0;
		}
		$maxnum = intval($maxnum);
		if(!$maxnum) {
			return 1;
		}
		$num = $this->db->result_first("SELECT COUNT(*) FROM ".UC_DBTABLEPRE."pm_lists WHERE authorid='$uid' AND dateline>'".($this->base->time-86400)."'");
		if($maxnum - $num < 0) {
			return 0;
		} else {
			return 1;
		}
	}
}
?>