<?php
/**
* @file messages_func.php -- Urm...more functions? Yeah...
* @Id $Id: messages_func.php,v 1.16 2004/07/29 23:43:51 jason Exp $
*
* Cynus - a web-based content manager
* Copyright (C) 2003 Brett and Jason Profitt
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
cynus_debug ("Loaded messages_func.php",3 );
/**********************
Messages Main: string messages_main()
A wrapper for list_messages();
***********************/
function messages_main() {
cynus_debug ("Displaying messages main menu.", 3);
$submenu= array(
'Home' => 'index.php',
'Messages Main' => '',
);
$content .= cynus_submenu($submenu);
if(verify_permission("message_send_permission")) {
$content .= <<<___eofh
<a href="messages.php?action=new">Compose new message</a>
___eofh;
}
set_page_title('Messages Main');
$content .= list_messages();
return $content;
}
/***********************
Messages New: string messages_new()
Composes a new message
***********************/
function messages_new() {
global $user_config, $config;
cynus_debug ("Creating new message form.", 3);
set_page_title("Compose a Message");
$submenu= array(
'Home' => 'index.php',
'Messages Main' => 'messages.php',
'Compose a Message' => ''
);
$content .= cynus_submenu($submenu);
if($_POST['sent']==1) {
cynus_debug ("Received message info...checking.");
#Let's check everything
if(!is_array($_POST['recipients'])) {
cynus_debug ("No recipients", 2);
$error.='You did not select any recipients.<br />' . "\n";
}
if($_POST['message'] == '') {
cynus_debug ("No message", 2);
$error .= 'You must type a message.<br />' . "\n";
}
if($_POST['subject'] == '') {
cynus_debug ("No subject", 2);
$error .= 'You must type a subject.<br />' . "\n";
}
if($error != '') {
$content .= "<div class=\"form-error\">$error</div>";
}
else{
foreach($_POST['recipients'] as $to_id) {
add_message($to_id, $user_config['id'], $_POST['subject'], $_POST['message']);
}
$content .= 'Sent the message!<br />';
$_POST['recipients']=$_POST['message']=$_POST['subject']='';
}
}
if(!is_array($_POST['recipients'])){$_POST['recipients']=array();}
$content .= <<<___eofh
<form method="POST" action="messages.php?action=new">
<input type="hidden" name="sent" value="1">
<table>
<tr>
<td>
Subject: <input type="text" name="subject" value="$_POST[subject]" size="40"><br />
Message:<br />
<textarea name="message" cols="60" rows="10">$_POST[message]</textarea>
</td>
<td style="vertical-align:top;">\n
___eofh;
$query="SELECT * from `$config[sql_prefix]users` ORDER by `real_name`";
cynus_debug ($query);
$result=mysql_query($query);
while($each_name=mysql_fetch_assoc($result)) {
cynus_debug ("Adding {$each_name['real_name']}", 3);
if(in_array($each_name['id'], $_POST['recipients'])) {$checked=" checked";}
else{$checked="";}
$content .= "<input type=\"checkbox\" name=\"recipients[]\" value=\"$each_name[id]\" id=\"$each_name[id]\"$checked><label for=\"$each_name[id]\">$each_name[real_name]</label></a><br />\n";
}
$content .= <<<___eofh
</td>
</tr>
</table>
<input type="submit" value="Send Message">
</form>
___eofh;
return $content;
}
/***********************
Messages Read: string messages_read()
Takes $_GET[id] and prints out the message
in a way that makes sense. Checks that this
is the user's message
************************/
function messages_read() {
global $user_config, $config;
cynus_debug ("Reading message. Id == \"{$_GET['id']}\"", 3);
$submenu= array(
'Home' => 'index.php',
'Messages Main' => 'messages.php',
'Reading a Message' => ''
);
$content .= cynus_submenu($submenu);
set_page_title('Reading a Message');
$message=get_message($_GET['id']);
if($_GET['id'] == '') {
cynus_debug ("_GET['id'] empty.", 2);
cynus_error('You must select a message to read.');
}
#random check for existence
elseif($message['from'] == '') {
cynus_debug ("From field is null. Assuming no message.", 2);
cynus_error('No message exists with this ID.');
}
elseif($message['to'] != $user_config['id']){
cynus_debug ("User trying to read message not to him.", 2);
cynus_error('This message was not sent to you.');
}
else{
#so now we'll set the message read
if($message['is_read']==0) {
$query="UPDATE `$config[sql_prefix]messages` SET `is_read`='1' WHERE `id`='$message[id]'";
mysql_query($query);
}
$javascript .= <<<___eofh
<script language="JavaScript">
function confirm_delete(){
if(confirm('Are you sure you want to delete this message?')) {
document.delete_form.submit();
}
}
</script>
___eofh;
add_head_info($javascript);
if($message['from']==0) {$sender['real_name']='System';}
else{$sender=user_convert($message['from']);}
$date=date('n/j/Y @ g:i:s', $message['date']);
$message['message']=ereg_replace("\n", "<br />\n", $message['message']);
$content .= <<<___eofh
<table class="table-general">
<tr class="row1">
<td class="table-header">From</td>
<td class="row2">$sender[real_name]</td>
</tr>
<tr class="row1">
<td class="table-header">Date</td>
<td class="row2">$date</td>
</tr>
<tr class="row1">
<td class="table-header">Subject</td>
<td class="row2">$message[subject]</td>
</tr>
<tr class="row1">
<td class="table-header">Message</td>
<td class="row2">$message[message]</td>
</tr>
</table>
<form method="POST" action="messages.php?action=delete" name="delete_form">
<input type="hidden" name="delete[]" value="$_GET[id]">
</form>
___eofh;
if(verify_permission('message_send_permission') && $message['from'] != 0) {
$content .= "<a href=\"messages.php?action=reply&id=$_GET[id]\">Reply</a> / ";
}
$content .= "<a href=\"javascript:confirm_delete()\">Delete</a>";
}
return $content;
}
/*****************************
Messages Delete: messages_delete()
Prompts then deletes the set of messages selected by the user
****************************/
function messages_delete() {
global $user_config, $config;
cynus_debug ("Deleting message(s)", 3);
cynus_debug ($_POST['delete']);
if(!is_array($_POST['delete'])) {
cynus_debug ("No message id specified to delete", 2);
cynus_error('You must select messages to delete.');
}
else{
/*$to_delete=array();
foreach($_POST['delete'] as $msg_id) {
$message=get_message($msg_id);
if($message['to'] == $user_config['id']) {
array_push($to_delete, $msg_id);
}
}*/
$query="DELETE from `$config[sql_prefix]messages` WHERE (`id`='" . implode("' OR `id`='", $_POST['delete']) . "') AND `to`='$user_config[id]'";
cynus_debug ($query);
mysql_query($query);
$content .= messages_main();
return $content;
}
}
/*****************************
Add Message: add_message(int $to_id, int $from_id, string $subject, string $message)
Adds a message in the messages table which will then
be retrieved at a later time
*****************************/
function add_message($to_id, $from_id, $subject, $message) {
global $config;
cynus_debug ("Sending message to uid $to_id", 3);
$date=time();
$query="INSERT into `$config[sql_prefix]messages` (`to`, `from`, `subject`, `message`, `date`) VALUES ".
"('$to_id', '$from_id', '$subject', '$message', '$date')";
cynus_debug ($query);
mysql_query($query);
#cheap, but it should work unless they send the same message in a second, in which case we're screwed anyway...
//$query="SELECT * from `$config[sql_prefix]` WHERE `to`='$to_id' AND `from`='$from_id' AND `date`='$date'";
//$msg=mysql_request($query);
$msg_id=mysql_insert_id();
cynus_debug('Issuing CYNUS_MESSAGE_ADDED signal.');
issue_signal('CYNUS_MESSAGE_ADDED', $msg_id);
}
/****************************
Get Message: array get_message(int $msg_id)
Retrieves the message with id $msg_id and returns
an array set up as such:
to => "Receiver's ID"
from => "Sender's ID"
subject => "Message Subject"
message => "Message body"
date => "Date message was sent in epoch time"
******************************/
function get_message($msg_id) {
global $config;
cynus_debug ("Getting message where id == '$msg_id'", 3);
$query="SELECT * from `$config[sql_prefix]messages` WHERE `id`='$msg_id'";
return mysql_request($query);
}
/******************************
List Messages: string list_messages()
Returns a list of the messages in a table
for the user with ID $user_config['id']
******************************/
function list_messages() {
global $config, $user_config;
cynus_debug ("Listing messages.", 3);
$row1="row1";
$row2="row2";
$query="SELECT * from `$config[sql_prefix]messages` WHERE `to`='$user_config[id]' ORDER by `date` DESC";
cynus_debug ($query);
$result=mysql_query($query);
$javascript .= <<<___eofh
<script language="JavaScript">
function confirm_delete(){
var num=0, checked=0;
num=document.delete_form.delete_check.length;
for(var x=1;x<num;x++) {
if(eval("document.delete_form.delete_check[" + x + "].checked==true")) {
checked++;
}
}
if(checked==0) {
alert('You must select messages to delete.');
}
else{
var these, s='';
if(checked > 1) {these='these';s='s';}
else{these='this';}
if(confirm('Are you sure you want to delete ' + these + ' ' + checked + ' ' + 'message' + s + '?')) {
document.delete_form.submit();
}
}
}
</script>
___eofh;
add_head_info($javascript);
$content .= <<<___eofh
<form method="POST" action="messages.php?action=delete" name="delete_form">
<table class="table-general" style="width:100%">
<tr>
<td class="table-header"><input type="checkbox" id="delete_check" disabled checked/></td>
<td class="table-header">From</td>
<td class="table-header">Date</td>
<td class="table-header">Subject</td>
</tr>\n
___eofh;
while($each_message=mysql_fetch_assoc($result)) {
cynus_debug ("Looking at message {$each_message['id']} (sub==\"{$each_message['subject']}\")", 3);
cynus_debug ($each_message);
$date=date('n/j/Y @ g:i:s', $each_message['date']);
if($each_message['from']==0) {$sender['real_name']='System';}
else{$sender=user_convert($each_message['from']);}
if($each_message['is_read']==0) {$unread=' class="unread"';}
else{$unread='';}
$read_link="messages.php?action=read&id=$each_message[id]";
$content .= <<<___eofh
<tr class="$row1">
<td$unread><input type="checkbox" name="delete[]" value="$each_message[id]" id="delete_check"/>
<td$unread><a href="$read_link">$sender[real_name]</a></td>
<td$unread><a href="$read_link">$date</a></td>
<td$unread><a href="$read_link">$each_message[subject]</a></td>
</tr>\n
___eofh;
swap($row1, $row2);
$a_message=1;
}
if($a_message != 1) {$content .= '<tr class="row1"><td colspan="4" style="text-align:center;">No Messages</td></tr>';}
$content .= '</table><input type="button" value="Delete" class="button" onClick="confirm_delete()"/></form>';
return $content;
}
/**************************
Reply To a Message: string messages_reply()
Replied to the message specified by $_GET[id]
**************************/
function messages_reply() {
global $user_config;
cynus_debug ("Printing replying to message form", 3);
if($_POST['sent'] == 1 && $_GET['id'] != '') {
cynus_debug ("Received message info...checking.");
#check everything
if($_POST['subject'] == '') {
cynus_debug ("Subject empty", 2);
$error .= 'You did not supply a subject.<br />';
}
if($_POST['message'] == '') {
cynus_debug ("Message empty", 2);
$error .= 'You did not supply a message.<br />';
}
#if we error, we don't want to let them continue, never!
if($error != '') {
$_POST['sent']='';
$content .= $error;
$content .= messages_reply();
}
else{
$message=get_message($_GET['id']);
add_message($message['from'], $user_config['id'], $_POST['subject'], $_POST['message']);
$content .= 'Successfully sent a reply.';
$content .= messages_main();
}
}
#check that the message exists and is owned by the user
elseif($_GET['id']) {
$submenu= array(
'Home' => 'index.php',
'Messages Main' => 'messages.php',
'Replying to a Message' => ''
);
$content .= cynus_submenu($submenu);
set_page_title('Replying to a message');
$message=get_message($_GET['id']);
if($message['from'] != '') {
if($message['from']==0) {
cynus_debug ("User does not have enough rights.", 2);
cynus_error('You cannot reply to a message sent by Cynus.');
}
elseif($message['to'] == $user_config['id']) {
$sender=user_convert($message['from']);
$to_id=set_default($message['from'], $_POST['from']);
$date=date('n/j/Y @ g:i:s', time());
$original_message='Original Message:' . "\n>" . ereg_replace("\n", "\n>", $message['message']);
$message_body=set_default($original_message, $_POST['message']);
$subject=set_default("Re: $message[subject]", $_POST['subject']);
$message_body=stripslashes($message_body);
$subject=stripslashes($subject);
$content .= <<<___eofh
<form method="POST" action="messages.php?action=reply&id=$_GET[id]">
<input type="hidden" name="sent" value="1">
<table class="table-general">
<tr class="row1">
<td class="table-header">From</td>
<td class="row2">$user_config[real_name]</td>
</tr>
<tr class="row1">
<td class="table-header">To</td>
<td class="row2">$sender[real_name]</td>
</tr>
<tr class="row1">
<td class="table-header">Date</td>
<td class="row2">$date</td>
</tr>
<tr class="row1">
<td class="table-header">Subject</td>
<td class="row2"><input type="text" name="subject" value="$subject"></td>
</tr>
<tr class="row1">
<td class="table-header">Message</td>
<td class="row2"><textarea name="message" cols="65" rows="10">$message_body</textarea></td>
</tr>
</table>
<input type="submit" value="Send Reply" class="button">
</form>
___eofh;
}
else{ #if($message['to'] == $user_config['id'])
cynus_debug ("User trying to access message that's not his.", 2);
cynus_error('This is not your message to reply to.');
}
}
else{ #if($message['from'] != ''){
cynus_debug ("Message not found where id == \"{$_GET['id']}\"", 2);
cynus_error('No message exists with this ID.');
}
}
else{ #if($_GET['id'])
cynus_debug ("No _GET['id'] sent.", 2);
cynus_error('You did not select a message to reply to.');
}
return $content;
}
?>