'; switch(@$_GET['i']) { case 'compose': print ''; print ''; break; case 'read': if(!isset($_GET['id']) || empty($_GET['id'])) { print 'No ID specified'; break; } $id = $_GET['id']; if((!is_numeric($id)) || (!preg_match('/[0-9]+/', $id))) { print 'Invalid ID specified.'; break; } $msgQuery = $database->prepare("SELECT * FROM `flashii_messages` WHERE `id` = ?"); $msgQuery->bind_param('s', $id); $msgQuery->execute(); $msgResult = $msgQuery->get_result(); $msgArray = $msgResult->fetch_array(MYSQLI_ASSOC); $msgQuery->close(); if(!in_array($_SESSION['uid'], unserialize($msgArray['toUsers']))) { print 'You are not authorised to read this message.'; break; } print ''; print '» From '; print $flashii->getUserdata($msgArray['fromUser'])['username']; print ' on '; print date($fwSettings['dateFormat'], $msgArray['date']); print ''; break; case 'sent': $msgQuery = $database->query("SELECT * FROM `flashii_messages`"); $msgArray = $msgQuery->fetch_all(MYSQLI_ASSOC); $inboxArr = []; foreach($msgArray as $key => $value) { if($value['fromUser'] == $_SESSION['uid']) $inboxArr[$key] = $value; } ?> '; } } else { print ''; } ?>

To	Subject	Sent
'; foreach(unserialize($msg['toUsers']) as $user) { print ''; print $flashii->getUserdata($user)['username']; print ''; } print '	'; print $msg['title']; print '	'; print date($fwSettings['dateFormat'], $msg['date']); print '
You have no sent messages.

query("SELECT * FROM `flashii_messages`"); $msgArray = $msgQuery->fetch_all(MYSQLI_ASSOC); $inboxArr = []; foreach($msgArray as $key => $value) { if(in_array($_SESSION['uid'], unserialize($value['toUsers'])) && (empty($msg['deletedBy']) || !in_array($_SESSION['uid'], unserialize($value['deletedBy'])))) $inboxArr[$key] = $value; } ?> '; } } else { print ''; } ?>

From	Subject	Received
'; print ''; print $flashii->getUserdata($msg['fromUser'])['username']; print '	'; print $msg['title']; print '	'; print date($fwSettings['dateFormat'], $msg['date']); print '
You have no recieved messages.

'; } } else { ?>