Location: PHPKode > projects > Emilda > emilda-1.2.3/src/communication.php
<?php

//-----------------------------------------------------------------------------
//
// Copyright (C) 2003-2005 Oy Realnode Ab
//
//-----------------------------------------------------------------------------
//
// communication.php
//     Part of the Emilda Project (http://www.emilda.org/)
//
// Description
//     Communication.
//
// Authors
//     Christoffer Landtman <landtman (at) realnode com>
//     Erik Berglund <berglund (at) realnode com>
//     Mattias Nordstrom <nordstrom (at) realnode com>
//
//-----------------------------------------------------------------------------
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
//-----------------------------------------------------------------------------
//
// $Id: communication.php,v 1.30.2.2 2005/02/03 14:42:58 eberglun Exp $
//
//-----------------------------------------------------------------------------

// Id used to identify this page within functions.
$PageID = "COMMUNICATION";

require_once "common.inc";

require_once "config.inc";
require_once "constants.inc";
require_once "db.inc";
require_once "error.inc";
require_once "layout.inc";
require_once "mgmnt.inc";
require_once "language.inc";

layout_header();

if(isset($_REQUEST['recepient']) && isset($_REQUEST['send']) && $_REQUEST["recepient"] != "dev")
{
	// Check who we want to send the message to
	list($trigger, $target) = explode("_", $_REQUEST["recepient"]);
	if($trigger == "group") {
		if($target == "all") {
			// Kick use if he/she tries to spam
			if(!check_priv("ADMIN")) {
				error("session violation");
			}
			$sql = "SELECT DISTINCT(user_id)
					FROM linkage";
		} else {
			$sql = "SELECT user_id
					FROM linkage
					WHERE group_id=".$target;
		}
	} else {
		if($target == "all") {
			// Kick use if he/she tries to spam
			if(!check_priv("ADMIN")) {
				error("session violation");
			}
			$sql = "SELECT user_id
					FROM users";
		} else {
			$sql = "SELECT user_id
					FROM users
					WHERE user_id=".$target;
		}
	}

	// Perform the SQL query
	$result = sql_cquery($sql);	
	// Remember success/fails
	$success=0;
	$fail=0;
	// Loop throug all our hits
	while($row = mysql_fetch_array($result)) {
		if(isset($_REQUEST['hidden']) && $_REQUEST['hidden'] != "")
			$hidden = "\n\n".$_REQUEST['hidden'];
		else
			$hidden = $_REQUEST['hidden'];
	
		$res = sql_query(	"INSERT INTO messages
							SET message_to_id=".$row["user_id"].",
							message_from_id=".USER_ID.",
							message_from_name='".format_user_real_name(array("user_given_names" => USER_GIVEN_NAMES, "user_surname" => USER_SURNAME))."',
							message_sent=NOW(),
							message_subject='".$_REQUEST['HTML_subject']."',
							message_text='".$_REQUEST['HTML_message'].$hidden."',
							message_replyto_id=".$_REQUEST["replyto_id"].",
							message_read=0");
	
		if(mysql_affected_rows()) {
			// Increment success counter
			$success++;
			
			$user = mysql_fetch_array(sql_query("SELECT user_preferences, user_email FROM users WHERE user_id=" . $row["user_id"]));
			if (check_pref("IM_EMAIL", $row["user_id"])) { 
				
				$msg = _("You have received a message from a user in Emilda. To reply, please login to Emilda and reply to the message found on your start page. A copy of the message has been included below. Do not reply to this e-mail, use Emilda!")."\n\n\n"._("From").": ".USER_SURNAME.", ".USER_GIVEN_NAMES."\n"._("Subject").": ".$_REQUEST['HTML_subject']."\n\n".$_REQUEST['HTML_message'];
				
				mail($user['user_email'], "[Emilda] ".$_REQUEST['HTML_subject'], $msg, "From: ".USER_SURNAME." ".USER_GIVEN_NAMES." <emilda-no-reply@".$_SERVER['SERVER_NAME'].">");
			}
		} else {
			// Increment fail counter
			$fail++;
		}
	}
	
	if(!$fail) {
		layout_page_title(sprintf(ngettext("Message Sent", "%d Messages Sent", $success), $success), 'ok');
	} else {
		layout_page_title(sprintf(ngettext("Sending Failed", "%d/%d Messages Failed", $fail + $success), $fail, $fail + $success), 'error');
	}
}

elseif(isset($_REQUEST['message_id']) && is_numeric($_REQUEST['message_id']) && isset($_REQUEST['delete']))
{
    $res = sql_query("SELECT * FROM messages WHERE message_id=".$_REQUEST['message_id']);
	$row = mysql_fetch_array($res);

	if($row['message_to_id'] != USER_ID) {
		error("session violation");
	}

	$res = sql_query("DELETE FROM messages WHERE message_id=".$_REQUEST['message_id']);

	if(mysql_affected_rows())
		layout_page_title(_("Message Deleted"), 'ok');
}

elseif(isset($_REQUEST['recepient']) && $_REQUEST['recepient'] == 'dev')
{
	$message = "From: ".USER_GIVEN_NAMES." ".USER_SURNAME." (User: ".USER_NAME."/".USER_ID.")\n";
	$message .= "User-Agent: " . getenv("HTTP_USER_AGENT") . "\n";
	$message .= "Host: " . getenv("REMOTE_ADDR") . "\n";
	$message .= "Subject: " . $_REQUEST['HTML_subject'] . "\n";
	$message .= "Message:\n\n" . $_REQUEST['HTML_message'];
	$headers = "From: Emilda <Emilda@" . getenv("SERVER_NAME") . ">\r\n";
	$result = mail($config['developers_email'], "Emilda : " . $_REQUEST['HTML_subject'], $message, $headers); //fix gettext!

	if($result)
		layout_page_title(_("Message Sent"), 'ok');
}

elseif (isset($_REQUEST['recepient']) && $_REQUEST['recepient'] == '') {
	layout_page_title(_("Send Failed"), 'error');
}


$MESSAGE_SUBJECT = '';
$MESSAGE_TEXT = '';
if (isset($_REQUEST['message_id']) && is_numeric($_REQUEST['message_id']))
{
	$res = sql_query("SELECT * FROM messages WHERE message_id=".$_REQUEST['message_id']);
	$row = mysql_fetch_array($res);
	
	if (mysql_num_rows($res))
	{
		$MESSAGE_SUBJECT = $row['message_subject'];
		$MESSAGE_TEXT = $row['message_text'];
	}
}
	
layout_page_title();

?>

<table border="0" cellspacing="0" cellpadding="0" width="90%">
<tr>
<td align="left" valign="top" width="1%">

<form name='im' action='<?php echo $page_config[$PageID]['href'] ?>' method='post'>
<input type="hidden" name="id" value="<?php echo $_REQUEST['id'] ?>" />
<input type="hidden" name="auth" value="<?php echo $_REQUEST['auth'] ?>" />

<span class="tiny"><?php echo _("To") ?></span>
<br />
<select name="recepient">
	<option value="" disabled="disabled"><?php echo _("Choose") ?></option>
	<?php
	
	// Get groups
	$res = sql_query("	SELECT *
						FROM groups, linkage
						WHERE groups.group_id=linkage.group_id AND
							linkage.group_manager=1 AND
							linkage.user_id=".USER_ID."
						ORDER BY groups.group_name");
	if(check_priv("ADMIN")) {
		print "<option value='group_all'>[" . _("All Groups") . "]</option>";
	} else {
		print "<option value='' disable>[" . _("All Groups") . "]</option>";
	}
	while ($group = mysql_fetch_array($res)) {
		print "<option value='group_".$group["group_id"]."'>&nbsp;&nbsp;".$group["group_name"]."</option>";
	}
	
	// All users
	$res = sql_query("	SELECT *
						FROM users
						ORDER BY user_surname");
	if(check_priv("ADMIN")) {
		print "<option value='user_all'>[" . _("All Users") . "]</option>";
	} else {
		print "<option value='' disable>[" . _("All Users") . "]</option>";
	}
	while ($user = mysql_fetch_array($res)) {
		if(isset($_REQUEST['reply']) && isset($_REQUEST['recepient']) && $_REQUEST['recepient'] == $user['user_id']) {
			$selected = " selected";
		} else {
			$selected = "";
		}
		print "<option value='user_".$user["user_id"]."'$selected>&nbsp;&nbsp;".format_user_real_name($user)."</option>";
	}

	?>
	<option value='dev'><?php echo _("Developers") ?></option>
</select>
					
<span class="tiny"><br /><br /><?php echo _("Subject") ?></span><br />
<input type="text" name="HTML_subject" size="40" value="<?php	if(isset($_REQUEST["reply"])) {
																	print format_reply_subject($MESSAGE_SUBJECT);
																} elseif (isset($_REQUEST["forward"])) {
																	print format_forward_subject($MESSAGE_SUBJECT);
																} elseif (isset($_REQUEST['subject'])) {
																	print $_REQUEST['subject'];
																} ?>">

<span class="tiny"><br /><br /><?php echo _("Message") ?></span>
<br />
<textarea name='HTML_message' cols="40" rows="6" class='textarea'><?php if(isset($_REQUEST["reply"])) {
																			print format_reply_message($MESSAGE_TEXT, $_REQUEST["recepient"]);
																		} elseif (isset($_REQUEST["forward"])) {
																			print format_forward_message($MESSAGE_TEXT, $_REQUEST["recepient"]);
																		}  elseif (isset($_REQUEST['message'])) {
																			print $_REQUEST['message'];
																		} ?></textarea>

<br /><br />
<input type="hidden" name="hidden" value="<?php if(isset($_REQUEST['hidden']) && !isset($_REQUEST['send']) && !isset($_REQUEST['delete'])) print $_REQUEST['hidden'];?>">
<?php
	if (isset($_REQUEST['reply'])) {
		?><input type="hidden" name="replyto_id" value="<?php echo $_REQUEST['replyto_id'] ?>" /><?php
	} else {
		?><input type="hidden" name="replyto_id" value="NULL" /><?php
	}
?>
<input type="submit" name="send" value="<?php echo _("Send") ?>">	

</form>

</td>
<td width="50">&nbsp;</td>
<td align="left" valign="top">

<?php

if (isset($_REQUEST['offset'])) {
	$offset = intval($_REQUEST['offset']);
} else {
	$offset = 0;
}

$res = sql_cquery(	"SELECT *, UNIX_TIMESTAMP(messages.message_sent) AS sent_epoch
					FROM messages
					WHERE messages.message_to_id=".USER_ID."
					ORDER BY message_sent DESC
					LIMIT $offset, 10");
					
if(mysql_num_rows($res))
{
	$my_table = new Table(_("Inbox"));

	while($row = mysql_fetch_array($res))
	{	
		if($row['message_from_id'] == 0)
		{
			$loc = mysql_fetch_array(sql_query("SELECT location_name FROM locations WHERE location_id=".USER_LOCATION));
			$from = $loc['location_name'];
		}
		else
		{
			$from = $row['message_from_name'];
		}
		
		$row['message_subject'] = ($row['message_subject'] == "") ? "[" . _("No Subject") . "]" : $row['message_subject'];

		list($message, $raw, $hidden) = format_message($row['message_text']);
		
		$reply_res = sql_query("SELECT user_id FROM users WHERE user_id='".$row['message_from_id']."'");
		if (!mysql_num_rows($reply_res)) {
			$disabled = 'disabled="disabled" class="button_disabled"';
		} else {
			$disabled = '';
		}
		
		$msg =& new Table(date(USER_DATE_FORMAT, $row['sent_epoch']) . '&nbsp;&nbsp;' . str_shorten($row['message_subject'], 30));
		$msg->add_row('<b>' . _("Subject") . ":</b>&nbsp;" . $row['message_subject']);
		$msg->add_row('<b>' . _("Sender") . ":</b>&nbsp;" . $from);
		$msg->add_row(
			"<hr />$message<hr />" .
			'<form name="alter" action="' . $page_config[$PageID]['href'] . '" method="post">
				<input type="hidden" name="id" value="' . $_REQUEST['id'] . '" />
				<input type="hidden" name="auth" value="' . $_REQUEST['auth'] . '" />
				<input type="hidden" name="message_id" value="' . $row['message_id'] . '">
				<input type="hidden" name="replyto_id" value="' . $row['message_id'] . '">
				<input type="hidden" name="recepient" value="' . $row['message_from_id'] . '">
				<input type="hidden" name="hidden" value="' . $hidden . '" />
				<input type="submit" class="button" name="reply" value="&lt;&nbsp;' . _("Reply") . '"' . $disabled  . '/> 
				<input type="submit" class="button" name="forward" value="' . _("Forward") . '&nbsp;&gt;"' . $disabled  . '/> 
				<input type="submit" class="button" name="delete" value="[&nbsp;' . _("Delete") . '&nbsp;]" />
			</form>'
		);
		
		if ($row['message_read'] == 0) {	
			$msg->enable_hide();
		} else {
			$msg->hide();
		}
		
		$my_table->adopt($msg);
	}
	
	$count = mysql_num_rows(sql_cquery("SELECT * FROM messages WHERE messages.message_to_id=".USER_ID));

	if ($offset + 10 < $count) {
		$next = '<input type="button" value="' . sprintf(_("Next %d"), $count - ($offset + 10)) . '&nbsp;&gt;" onClick="window.location=\'' . $page_config[$PageID]['href'] . '?offset=' . ($offset + 10) . '&id=' . $_REQUEST['id'] . '&auth=' . $_REQUEST['auth'] . '\'" />';
	} else {
		$next = '';
	}
	
	if ($offset - 10 >= 0) {
		$prev = '<input type="button" value="&lt;&nbsp;' . sprintf(_("Previous %d"), 10) . '" onClick="window.location=\'' . $page_config[$PageID]['href'] . '?offset=' . ($offset - 10) . '&id=' . $_REQUEST['id'] . '&auth=' . $_REQUEST['auth'] . '\'" />';
	} else {
		$prev = '';
	}
	
	$my_table->set_footer($prev . $next);
	$my_table->render();
	
	// All messages have been "read" when they have been displayed
	$update_res = sql_query("UPDATE messages SET message_read=1 WHERE message_to_id=" . USER_ID);
}

?>

</td>
</tr>
</table>

<?php

layout_footer();

?>
Return current item: Emilda