// After validating and processing the post content, add this code to handle @username tags
// Admin only at this stage
if (X_SADMIN) { // remove line to be free for all or add // to start of line
$taggedMembers = [];
preg_match_all('/@([a-zA-Z0-9_]+)/', $dbmessage, $matches);
if (!empty($matches[1])) {
foreach ($matches[1] as $taggedUsername) {
// Check if the tagged username(s) exist in the members table
$query = $db->query("SELECT username FROM ".X_PREFIX."members WHERE username='".$db->escape($taggedUsername)."'");
if ($db->num_rows($query) > 0) {
$taggedMembers[] = $taggedUsername;
}
$db->free_result($query);
}
}
// Prepare the message content for u2u
$posturl = $full_url."viewthread.php?goto=lastpost&tid=$tid";
//$dbmessage = postedVar($dbmessage, '', TRUE, FALSE);
$u2uMessage = 'You were tagged: ' . "\n" . $threadname . "\n\n" . $posturl . "\n\n" . 'It says: ' . "\n";
$u2uMessage = addslashes($u2uMessage) . $dbmessage . "\n\n"; // Messages are historically double-slashed. $dbmessage had addslashes earlier in code around line 534
$u2uSubject = addslashes('You were tagged!');
$db->escape_fast($u2uMessage);
$db->escape_fast($u2uSubject);
// Send u2u to each tagged member
foreach ($taggedMembers as $taggedMember) {
$db->escape_fast($taggedMember);
$db->escape_fast($username);
$db->query("INSERT INTO ".X_PREFIX."u2u (msgto, msgfrom, type, owner, folder, subject, message, dateline, readstatus, sentstatus) VALUES ('$taggedMember', '$username', 'incoming', '$taggedMember', 'Inbox', '$u2uSubject', '$u2uMessage', ".$db->time($onlinetime).", 'no', 'yes')");
}
} // remove line to be free for all or add // to start of line
// |
