Location: PHPKode > projects > top serious project > bco/manage_messages.php
<?php
//
// 11/27/2004 - Change Summary:
// Changes made by Mike Palumbo
// Added extra query to grab all distinct PM senders.
// Added extra form to handle selecting user via dropdown.
// Added extra routine to handle deleting PMs based on new form selection.
// Added additional comments
//

require("include.php");

if (!$logged_in) {
    header("Location: $GLOBALS[base_url]" . "login.php?back=manage_messages.php");
}

//
// Deletes the messages the user selects.
//
if (!empty($_POST)) {
   if (!empty($_POST['deleteDistinct'])) {
       if ($_POST['deleteByUserSelect'] == "00") {
           bco_error("You must select a user to delete messages from.");
       } else {
           $delete_distinct_query = "DELETE FROM private_messages WHERE owner=$user_array[myuserid] AND from_userid=" . $_POST['deleteByUserSelect'];
           
           if (!pg_query($delete_distinct_query)) {
               bco_error("Delete failed.<br />PostgreSQL said: " . pg_last_error());
           } else {
               header("Location: $GLOBALS[base_url]" . "manage_messages.php");
           }
       }
    } elseif ($_POST['delete'] == "delete selected") {
        if ($_POST['confirm'] == "confirmed") {
            if (isset($_POST['msg_number'])) {
                while (list($key, $value) = each($_POST['msg_number'])) {
                    $delete_string = "id=$value or ";
                    $delete_query .= $delete_string;
                }
                $delete_query = "delete from private_messages where " . substr("$delete_query", 0, -4) . " and owner=$user_array[myuserid]";
                if (!pg_query($delete_query)) {
                    bco_error("Delete failed.<br />PostgreSQL said: " . pg_last_error());
                } else {
                   header("Location: $GLOBALS[base_url]" . "manage_messages.php");
                } 
            } else {
                bco_error("You must select a message to delete");
            }
        } else {
            bco_error("You must confirm the deletion of this message");
        } 
    } elseif ($_POST['delete'] == "delete all from") {
        if (($_POST['inbox'] != 1) && ($_POST['outbox'] != 1)) {
            bco_error("You have to select inbox or outbox to continue with deletion.");
        }
        $delete_all_query = "delete from private_messages where owner=$user_array[myuserid]";
        // This kind of sucks, but whatever. It works.
        if (($_POST['inbox'] == 1) && ($_POST['outbox'] == 1)) {
            $delete_all_query .= " and type=1 or type=2";
        } elseif (($_POST['inbox'] == 1) && ($_POST['outbox'] != 1)) {
            $delete_all_query .= " and type=1";
        } elseif (($_POST['inbox'] != 1) && ($_POST['outbox'] == 1)) {
            $delete_all_query .= " and type=2";
        }
        if (!pg_query($delete_all_query)) {
            bco_error("Delete failed.<br />PostgreSQL said: " . pg_last_error());
        } else {
            header("Location: $GLOBALS[base_url]" . "manage_messages.php");
        }
    }
}

$query  = "select id from users where lower(username)=lower('$user_array[username]')";
$query .= " and password='" . md5($user_array['password']) . "'";
                                                                                                                            
if (!$result = pg_query($query)) {
    bco_error("In " . __FILE__ . " at line: " . __LINE__ . "<br />SQL Error: " . pg_last_error());
}
                                                                                                                            
$row = pg_fetch_assoc($result);
$user_id = $row['id'];

//Lookup all distinct from_users.
$get_distinct_messages_query = "select distinct count(a.from_userid) as amount, a.from_userid, b.username as from_username, lower(b.username) as lower_username from private_messages a left join users b on a.from_userid=b.id where a.owner=$user_id group by a.from_userid, b.username order by lower_username";

if (!$get_distinct_messages_result = pg_query($get_distinct_messages_query)) {
    error("Getting list of distinct message users failed.<br />PostgreSQL said: " . pg_last_error());
}

//Lookup all PMs.
$get_messages_query  = "select id, to_userid, to_username, from_userid, from_username, extract(epoch from date) as date, subject, viewed, type";
$get_messages_query .= " from private_messages where owner=$user_id order by date desc";

if (!$get_messages_result = pg_query($get_messages_query)) {
    error("Getting list of messages failed.<br />PostgreSQL said: " . pg_last_error());
}

bco_html_header("Manage your private messages");

bco_index_menu("Manage your private messages");

//No messages available.  Display message and end page.
if (pg_num_rows($get_messages_result) == 0) {
    echo "\n<br />";
    echo "\n<table width=\"100%\" cellpadding=\"2\" cellspacing=\"0\" class=\"replytbl\">";
    echo "\n    <tr>";
    echo "\n        <td class=\"tr1\" colspan=\"5\"><div align=\"center\"><h3>You have no messages to manage!</h3></div></td>";
    echo "\n    </tr>";
    echo "\n</table>"; 
    bco_html_footer();
    exit;
}

//Print dropdown list of users

echo "<form method=\"post\" action=\"$PHP_SELF\" name=\"deleteByUserForm\">";
echo "   <table width=\"100%\" cellpadding=\"2\" cellspacing=\"2\">";
echo "       <tr>";
echo "           <td align=\"left\" class=\"header\" colspan=\"2\"><span class=\"smallfont\">delete all messages from a specific user</span></td>";
echo "       </tr>";
echo "       <tr>";
echo "           <td width=\"250\"><select name=\"deleteByUserSelect\">";
echo "           <option value=\"00\" selected></option>";

while (($row = pg_fetch_assoc($get_distinct_messages_result)) && ($count++ < pg_num_rows($get_distinct_messages_result))) {
   $from_username = $row['from_username'];
   $from_userid = $row['from_userid'];
    $amount = $row['amount'];
   
   echo "\n<option value=\"$from_userid\">$from_username ($amount)</option>";
}
echo <<< END
           </select>&nbsp;&nbsp;<input type="submit" name="deleteDistinct" value="delete" class="button" /></td>
       </tr>
   </table>
    <br />
</form>

<form method="post" action="$PHP_SELF" name="deleteForm">
    <table width="100%" cellpadding="2" cellspacing="0" class="replytbl">
        <tr>
            <td align="left" class="header" nowrap="nowrap"><span class="smallfont">delete</span></td>
            <td align="left" class="header" nowrap="nowrap"><span class="smallfont">to</span></td>
            <td align="left" class="header" nowrap="nowrap"><span class="smallfont">from</span></td>
            <td align="left" class="header" nowrap="nowrap"><span class="smallfont">folder</span></td>
            <td align="left" width="60%" class="header"><span class="smallfont">message&nbsp;subject</span></td>
            <td align="left" class="header" nowrap="nowrap"><span class="smallfont">date</span></td>
        </tr>
END;

//clear count total so that delete table displays properly
$count = 0;

// Set this to 0 so we can increment it as we go through the while loop to mark the messages to check for deleting.
$msg_number = 0;

// Outputting data begins here!
while (($row = pg_fetch_assoc($get_messages_result)) && ($count++ < pg_num_rows($get_messages_result))) {
    $id             = $row[id];
    $to_userid      = $row['to_userid'];
    $to_username    = $row['to_username'];
    $from_userid    = $row['from_userid'];
    $from_username  = $row['from_username'];
    $date           = date("h:i A m-d-y", $row['date']);
    $subject        = stripslashes($row['subject']);
    $viewed         = $row['viewed'];
    
    if ($viewed == "0") {
        $row_class  = " class=\"mypost\"";
        $link_class = "mypost";
    } elseif ($count % 2 == 0) {
        $row_class  = " class=\"tr2\"";
        $link_class = "tr2";
    } else {
        $row_class  = " class=\"tr1\"";
        $link_class = "tr1";
    }

    switch($row['type']) {
    case "1":
        $folder = "inbox";
        break;

    case "2":
        $folder = "outbox";
        break;

    default:
        $folder = "-";
        break;
    }

    if ($viewed == "0") {
        $subject = "<strong><a href=\"view_pmsg.php?folder=$folder&amp;id=$id\" class=\"$link_class\">$subject</a></strong>";
    } else {
        $subject = "<a href=\"view_pmsg.php?folder=$folder&amp;id=$id\" class=\"$link_class\">$subject</a>";
    }

  
    echo "\n        <tr>";
    echo "\n            <td align=\"left\"$row_class><input type=\"checkbox\" name=\"msg_number[$msg_number]\" value=\"$id\" /></td>";
    echo "\n            <td align=\"left\"$row_class><a href=\"view_profile.php?id=$to_userid\" class=\"$link_class\">$to_username</a></td>";
    echo "\n            <td align=\"left\"$row_class><a href=\"view_profile.php?id=$from_userid\" class=\"$link_class\">$from_username</a></td>";
    echo "\n            <td align=\"left\"$row_class>$folder</td>";
    echo "\n            <td width=\"60%\" align=\"left\"$row_class>$subject</td>";
    echo "\n            <td align=\"left\" nowrap=\"nowrap\"$row_class>$date</td>";
    echo "\n        </tr>"; 
    // Increment $msg_number
    $msg_number++;
}
unset($msg_number);

echo <<< END
\n    </table>
    <br />
    <input type="submit" name="delete" value="delete selected" class="button" /> Confirm? 
    <input type="checkbox" name="confirm" value="confirmed" />
    <br />
    <input type="submit" name="delete" value="delete all from" class="button" /> 
    <input type="checkbox" name="inbox" value="1" /> inbox 
    <input type="checkbox" name="outbox" value="1" /> outbox
</form>
END;

bco_html_footer();

?>
Return current item: top serious project