An update to the hack posted by chrispadfield at http://www.vbulletin.com/forum/showthread.php?threadid=8582.

Updates:

1. Modified the look of page to match that of the email page.

2. Added select fields to send message to.

4. Fixed $adminuser and set to a hidden field.

Enjoy!




<?php

require("./global.php");

adminlog();

cpheader();

if ($action=="") {

echo "<p>In the private message, you may use \$username, \$password and \$email.</p>";
doformheader("masspm","masspm");

makehiddencode("fromuserid","$bbuserid");
makeinputcode("Subject:","title");
maketextareacode("Message:","message","",10,40);

echo "<tr><td colspan=2><b>Private message to users where:</b></td></tr>\n";
makeinputcode("User Name contains","ausername");
if ($pwdincp!=0) {
makeinputcode("and password contains","apassword");
}
makechoosercode("and usergroup is","usergroupid","usergroup",-1,"Any");
makeinputcode("and email contains","aemail");
makeinputcode("and parent's email contains","parentemail");
makeinputcode("and is coppa user (yes, no, blank for don't mind)","coppauser");
makeinputcode("and homepage contains","homepage");
makeinputcode("and ICQ Number contains","icq");
makeinputcode("and AIM Handle contains","aim");
makeinputcode("and Yahoo Messenger Handle contains","yahoo");
makeinputcode("and Biography contains","biography");
makeinputcode("and Signature contains","signature");
makeinputcode("and User Title contains","usertitle");
makeinputcode("and Join Date is after<br>(Format yyyy-mm-dd, leave blank for today)","joindateafter");
makeinputcode("and Join Date is before<br>(Format yyyy-mm-dd, leave blank for today)","joindatebefore");
makeinputcode("and Last Visit is after<br>(Format yyyy-mm-dd hh:mm:ss, leave blank for today)","lastvisitafter");
makeinputcode("and Last Visit is before<br>(Format yyyy-mm-dd hh:mm:ss, leave blank for today)","lastvisitbefore");
makeinputcode("and Last Post is after<br>(Format yyyy-mm-dd hh:mm:ss, leave blank for today)","lastpostafter");
makeinputcode("and Last Post is before<br>(Format yyyy-mm-dd hh:mm:ss, leave blank for today)","lastpostbefore");
makeinputcode("and Number of Posts is greater than","postslower");
makeinputcode("and Number of Posts is less than","postsupper");

doformfooter();
}

if ($action=="masspm") {

if ($condition=="") {

$condition="1=1";
if ($ausername!="") {
$condition.=" AND INSTR(username,'".addslashes(htmlspecialchars($ausername))."')>0";
}
if ($apassword!="") {
$condition.=" AND INSTR(password,'".addslashes($apassword)."')>0";
}
if ($usergroupid!=-1 and $usergroupid!="") {
$condition.=" AND usergroupid=$usergroupid";
}
if ($aemail!="") {
$condition.=" AND INSTR(email,'".addslashes(htmlspecialchars($aemail))."')>0";
}
if ($parentemail!="") {
$condition.=" AND INSTR(parentemail,'".addslashes(htmlspecialchars($parentemail))."')>0";
}
$coppauser=strtolower($coppauser);
if ($coppauser=="yes") {
$condition.=" AND coppauser=1";
}
if ($coppauser=="no") {
$condition.=" AND coppauser=0";
}
if ($homepage!="") {
$condition.=" AND INSTR(homepage,'".addslashes(htmlspecialchars($homepage))."')>0";
}
if ($icq!="") {
$condition.=" AND INSTR(icq,'".addslashes(htmlspecialchars($icq))."')>0";
}
if ($aim!="") {
$condition.=" AND INSTR(aim,'".addslashes(htmlspecialchars($aim))."')>0";
}
if ($yahoo!="") {
$condition.=" AND INSTR(yahoo,'".addslashes(htmlspecialchars($yahoo))."')>0";
}
if ($biography!="") {
$condition.=" AND INSTR(biography,'".addslashes(htmlspecialchars($biography))."')>0";
}
if ($signature!="") {
$condition.=" AND INSTR(signature,'".addslashes($signature)."')>0";
}
if ($usertitle!="") {
$condition.=" AND INSTR(usertitle,'".addslashes($usertitle)."')>0";
}
if ($joindateafter!="") {
$condition.=" AND joindate>UNIX_TIMESTAMP('".addslashes($joindateafter)."')";
}
if ($joindatebefore!="") {
$condition.=" AND joindate<UNIX_TIMESTAMP('".addslashes($joindatebefore)."')";
}
if ($lastvisitafter!="") {
$condition.=" AND lastvisit>UNIX_TIMESTAMP('".addslashes($lastvisitafter)."')";
}
if ($lastvisitbefore!="") {
$condition.=" AND lastvisit<UNIX_TIMESTAMP('".addslashes($lastvisitbefore)."')";
}
if ($lastpostafter!="") {
$condition.=" AND lastpost>UNIX_TIMESTAMP('".addslashes($lastpostafter)."')";
}
if ($lastpostbefore!="") {
$condition.=" AND lastpost<UNIX_TIMESTAMP('".addslashes($lastpostbefore)."')";
}
if ($postslower!="") {
$condition.=" AND posts>'$postslower'";
}
if ($postsupper!="") {
$condition.=" AND posts<'$postsupper'";
}
}

$users=$DB_site->query("SELECT userid,username,password,email FROM user WHERE $condition");

while ($user=$DB_site->fetch_array($users)) {

$userid=$user[userid];
$message=$message;
$message=str_replace("\$email",$user[email],$message);
$message=str_replace("\$username",$user[username],$message);
$message=str_replace("\$password",$user[password],$message);

$sql=$DB_site->query("INSERT INTO privatemessage (privatemessageid, folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, iconid, messageread) VALUES (NULL, '0', '$user[userid]', '$user[userid]', '$fromuserid', '".addslashes($title)."', '".addslashes($message)."', UNIX_TIMESTAMP(), '1', '0', '0')");

echo "PM sent to $user[userid] <br>";

}
}

?>

oh wicked, glad someone made these changes, saved me doing it ;)

very nice man :)
thanks alot..

Wow, that was quick and easy --

Is there anyway you can limit who it gets sent to?
(using the last visited, or join date fields)

Our board is over a year old and I just sent all these old users a test message which is a waste since they are long gone. Since my board is event based, if they are gone for more than a few months they probablyaren't coming back (which is fine!):)

me2be, it is just a matter of ammending the SELECT user line and adding an extra condition after WHERE. I will try and get the exact command i don't know how to do it with dates at the moment but someone might.

How about an addition, to MassPM a specific group so you can send to lets say only moderators, I think that would be nice.

I have updated the code which adds the select user statments. Also removed the icons as they really aren't needed... Enjoy!

What does this mean? It still shows the forum underneath the errors:

Warning: Cannot add header information - headers already sent by (output started at /usr/local/etc/httpd/***/admin/masspm.php:2) in /usr/local/etc/httpd/***/admin/global.php on line 68

Warning: Cannot add header information - headers already sent by (output started at /usr/local/etc/httpd/***/admin/masspm.php:2) in /usr/local/etc/httpd/***/admin/global.php on line 69

Warning: Cannot add header information - headers already sent by (output started at /usr/local/etc/httpd/***/admin/masspm.php:2) in /usr/local/etc/httpd/***/admin/global.php on line 70

Warning: Cannot add header information - headers already sent by (output started at /usr/local/etc/httpd/***/admin/masspm.php:2) in /usr/local/etc/httpd/***/admin/global.php on line 71

Warning: Cannot add header information - headers already sent by (output started at /usr/local/etc/httpd/***/admin/masspm.php:2) in /usr/local/etc/httpd/***/admin/global.php on line 128

Not sure why you would get header errors... Maybe you have a space on the first line of your code?

Try the zipped file attached below...

Yay!!! It worked!!!!! ** happy dance **

I have updated this as well if anyone is interested, here is a screen shot and I added it to the control panel. I eliminated the other queries such as lastpost etc.. since I was only lookin to Mass PM a group or all groups. Here it is:



<?php

require("./global.php");

adminlog();

cpheader();

if ($action=="") {

echo "<p>In the private message, you may use \$username, \$password and \$email.</p>";
doformheader("masspm","masspm");

echo "<tr><td colspan=2><b>Private message to groups where:</b></td></tr>\n";
if ($pwdincp!=0) {
makeinputcode("and password contains","apassword");
}
makechoosercode("Usergroup is:","usergroupid","usergroup",-1,"Any");
makehiddencode("fromuserid","$bbuserid");
makeinputcode("Subject:","title");
maketextareacode("Message:","message","",10,40);

doformfooter();
}

if ($action=="masspm") {

if ($condition=="") {

$condition="1=1";
if ($ausername!="") {
$condition.=" AND INSTR(username,'".addslashes(htmlspecialchars($ausername))."')>0";
}
if ($apassword!="") {
$condition.=" AND INSTR(password,'".addslashes($apassword)."')>0";
}
if ($usergroupid!=-1 and $usergroupid!="") {
$condition.=" AND usergroupid=$usergroupid";
}
if ($usertitle!="") {
$condition.=" AND INSTR(usertitle,'".addslashes($usertitle)."')>0";
}

}

$users=$DB_site->query("SELECT userid,username,password,email FROM user WHERE $condition");

while ($user=$DB_site->fetch_array($users)) {

$userid=$user[userid];
$message=$message;
$message=str_replace("\$email",$user[email],$message);
$message=str_replace("\$username",$user[username],$message);
$message=str_replace("\$password",$user[password],$message);

$sql=$DB_site->query("INSERT INTO privatemessage (privatemessageid, folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, iconid, messageread) VALUES (NULL, '0', '$user[userid]', '$user[userid]', '$fromuserid', '".addslashes($title)."', '".addslashes($message)."', UNIX_TIMESTAMP(), '1', '0', '0')");

echo "PM sent to $user[userid] <br>";

}
}

?>


Here is the control panel addition:

find this in admin/index.php below "User Groups and Permissions:


<tr><td><hr></td></tr>


add this above it:


<tr><td>
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr bgcolor="#3F3849"><td><font color="#BCB6CD">
<b>Mass Private Message</b>
</font></td></tr></table>
<a href="masspm.php"> Create Message </a> |
</td></tr>


Here is the pic:

needs to be ammeneded to send to just moderators though as moderators arn't a usergroup anymore.

Originally posted by chrispadfield
moderators arn't a usergroup anymore.

(COPPA) Users Awaiting Moderation [edit] [list all users]
Administrator [edit] [list all users]
Moderators [edit] [remove] [list all users]
Registered [edit] [list all users]
Super Moderator [edit] [list all users]
Unregistered / Not Logged In [edit] [list all users]
Users Awaiting Email Confirmation [edit] [list all users]

That's all folks


They are on my forum...?

Actually.. Unless you move them into a group on your own they are all set to the Registered User's Group when you upgrade. Moderator permissions are handled through a separate moderators table now.

I sent a test message to my moderators' user group last night, which is 5 people. To test it out, I included the $username, $password, and $email variables as it says you can. When it was sent out, instead of doing the person's the message was going to, all 5 messages had the info of the first person it was sent to.

i.e. I sent it to users 5, 49, 65, 100, 105 and in all of them it put the info for user 5.

Any ideas?

Thanks for a great hack otherwise. :)

subst:


$message=str_replace("$email",$user[email],$message);
$message=str_replace("$username",$user[username],$message);
$message=str_replace("$password",$user[password],$message);


with:



$message=str_replace("\$email",$user[email],$message);
$message=str_replace("\$username",$user[username],$message);
$message=str_replace("\$password",$user[password],$message);



(add slashes before $ otherwise it will parse as a var) :-)

I don't understand how to install this hack?

Upload masspm.php
Then I get lost?

Help?

that is it, the run masspm.php.

I used wreckman's and it went pearshaped and did not send the message for some reason so had to use my old one to do it. Not sure what the bug is but something not quite right i don't think?

VERSION 2.1 VERSION 2.1!!! PLEASE ADD :D

~Chris

all right! works fine

I have done the below but still getting the problem were the first name in the first message is being sent in all PM'ed messages.

Help!



Originally posted by marl
subst:


$message=str_replace("$email",$user[email],$message);
$message=str_replace("$username",$user[username],$message);
$message=str_replace("$password",$user[password],$message);


with:



$message=str_replace("\$email",$user[email],$message);
$message=str_replace("\$username",$user[username],$message);
$message=str_replace("\$password",$user[password],$message);



(add slashes before $ otherwise it will parse as a var) :-) :confused:

That is what I am experiencing too

Also, with the next update to this script, if possible could you make an "Are you sure" screen that allows you to select which users should and should not receive the message?

Solved the problem by running the repair script.

great hack !!!

I havent used it yet as i havent thought of a good enough subject to PM my users with !!!

here is a screen shot !!

:):):)

ok, found the error regarding the username not correctly parsed:

change this on:



$message=$message;
$message=str_replace("\$email",$user[email],$message);
$message=str_replace("\$username",$user[username],$message);
$message=str_replace("\$password",$user[password],$message);

$sql=$DB_site->query("INSERT INTO privatemessage (privatemessageid, folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, iconid, messageread) VALUES (NULL, '0', '$user[userid]', '$user[userid]', '$fromuserid', '".addslashes($title)."', '".addslashes($message)."', UNIX_TIMESTAMP(), '1', '0', '0')");



to this one:



$messagetosend=$message;
$messagetosend=str_replace("\$email",$touserinfo[email],$messagetosend);
$messagetosend=str_replace("\$username",$touserinfo[username],$messagetosend);
$messagetosend=str_replace("\$password",$touserinfo[password],$messagetosend);

$sql=$DB_site->query("INSERT INTO privatemessage (privatemessageid, folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, iconid, messageread) VALUES (NULL,'0','$user[userid]','$user[userid]','$fromuserid','".addslashes(htmlspecialchars($title))."','".addslashes($messagetosend)."',".time().",'1','0','0')");


:)

Originally posted by The Realist
Solved the problem by running the repair script.

What repair script? I get the problem where if I have a message with something like "Your username: $username" then it says the username of me(id = 1). I've got a slash before the $ on each one of them...

Is there an updated version with all the fixes?

Thanks,

Josh

yeah i wouldnt mind installin this one but with all the changes and stuff its baffled me a bit so il have 2 leave it for the sake of my forum!!!!!

I install this, but it doesn't parsed the information (username, email, password). I also noticed that the user doesn't get a msg pop-up even when they specified to get a pop-up when new PM arrive.