engelsystem/includes/pages/user_messages.php

<?php
function messages_title() {
  return _("Messages");
}

function user_unread_messages() {
  global $user;
  
  if (isset($user)) {
    $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
    return '<span class="badge">' . $new_messages . '</span>';
  }
  return '';
}

function user_messages() {
  global $user;
  
  if (! isset($_REQUEST['action'])) {
    $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
    
    $to_select_data = array(
        "" => _("Select recipient...") 
    );
    
    foreach ($users as $u)
      $to_select_data[$u['UID']] = $u['Nick'];
    
    $to_select = html_select_key('to', 'to', $to_select_data, '');
    
    $messages_html = "";
    $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
    foreach ($messages as $message) {
      $sender_user_source = User($message['SUID']);
      if ($sender_user_source === false)
        engelsystem_error(_("Unable to load user."));
      $receiver_user_source = User($message['RUID']);
      if ($receiver_user_source === false)
        engelsystem_error(_("Unable to load user."));
      
      $messages_html .= sprintf('<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td><td>%s</td>', ($message['isRead'] == 'N' ? ' class="new_message"' : ''), ($message['isRead'] == 'N' ? '•' : ''), date("Y-m-d H:i", $message['Datum']), User_Nick_render($sender_user_source), User_Nick_render($receiver_user_source), str_replace("\n", '<br />', $message['Text']));
      
      $messages_html .= '<td>';
      if ($message['RUID'] == $user['UID']) {
        if ($message['isRead'] == 'N')
          $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . _("mark as read") . '</a>';
      } else {
        $messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . _("delete message") . '</a>';
      }
      $messages_html .= '</td></tr>';
    }
    
    return template_render('../templates/user_messages.html', array(
        'title' => messages_title(),
        'link' => page_link_to("user_messages"),
        'greeting' => sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)) . '<br /><br />',
        'messages' => $messages_html,
        'new_label' => _("New"),
        'date_label' => _("Date"),
        'from_label' => _("Transmitted"),
        'to_label' => _("Recipient"),
        'text_label' => _("Message"),
        'date' => date("Y-m-d H:i"),
        'from' => User_Nick_render($user),
        'to_select' => $to_select,
        'submit_label' => _("Save") 
    ));
  } else {
    switch ($_REQUEST['action']) {
      case "read":
        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
          $id = $_REQUEST['id'];
        else
          return error(_("Incomplete call, missing Message ID."), true);
        
        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
        if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
          sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
          redirect(page_link_to("user_messages"));
        } else
          return error(_("No Message found."), true);
        break;
      
      case "delete":
        if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
          $id = $_REQUEST['id'];
        else
          return error(_("Incomplete call, missing Message ID."), true);
        
        $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
        if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
          sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
          redirect(page_link_to("user_messages"));
        } else
          return error(_("No Message found."), true);
        break;
      
      case "send":
        if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
          redirect(page_link_to("user_messages"));
        } else {
          return error(_("Transmitting was terminated with an Error."), true);
        }
        break;
      
      default:
        return error(_("Wrong action."), true);
    }
  }
}
?>
user messages 2011-06-02 21:38:19 +02:00			`<?php`
basic gettext integration 2013-11-25 21:04:58 +01:00			`function messages_title() {`
			`return _("Messages");`
			`}`

user messages 2011-06-02 21:38:19 +02:00			`function user_unread_messages() {`
add basic bootstrap theme 2014-08-22 22:34:13 +02:00			`global $user;`
basic gettext integration 2013-11-25 21:04:58 +01:00
add basic bootstrap theme 2014-08-22 22:34:13 +02:00			`if (isset($user)) {`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
add basic bootstrap theme 2014-08-22 22:34:13 +02:00			`return '<span class="badge">' . $new_messages . '</span>';`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`}`
add basic bootstrap theme 2014-08-22 22:34:13 +02:00			`return '';`
user messages 2011-06-02 21:38:19 +02:00			`}`

			`function user_messages() {`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`global $user;`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`if (! isset($_REQUEST['action'])) {`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
basic gettext integration 2013-11-25 21:04:58 +01:00
			`$to_select_data = array(`
reviewed cookies api 2014-01-07 15:50:16 +01:00			`"" => _("Select recipient...")`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`);`
basic gettext integration 2013-11-25 21:04:58 +01:00
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`foreach ($users as $u)`
			`$to_select_data[$u['UID']] = $u['Nick'];`
basic gettext integration 2013-11-25 21:04:58 +01:00
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$to_select = html_select_key('to', 'to', $to_select_data, '');`
basic gettext integration 2013-11-25 21:04:58 +01:00
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$messages_html = "";`
			$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
			`foreach ($messages as $message) {`
			`$sender_user_source = User($message['SUID']);`
basic gettext integration 2013-11-25 21:04:58 +01:00			`if ($sender_user_source === false)`
gettext for user sites 2013-11-28 22:40:48 +01:00			`engelsystem_error(_("Unable to load user."));`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$receiver_user_source = User($message['RUID']);`
basic gettext integration 2013-11-25 21:04:58 +01:00			`if ($receiver_user_source === false)`
gettext for user sites 2013-11-28 22:40:48 +01:00			`engelsystem_error(_("Unable to load user."));`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`$messages_html .= sprintf('<tr %s> <td>%s</td> <td>%s</td> <td>%s</td> <td>%s</td><td>%s</td>', ($message['isRead'] == 'N' ? ' class="new_message"' : ''), ($message['isRead'] == 'N' ? '•' : ''), date("Y-m-d H:i", $message['Datum']), User_Nick_render($sender_user_source), User_Nick_render($receiver_user_source), str_replace("\n", '<br />', $message['Text']));`

mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$messages_html .= '<td>';`
			`if ($message['RUID'] == $user['UID']) {`
			`if ($message['isRead'] == 'N')`
basic gettext integration 2013-11-25 21:04:58 +01:00			`$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=read&id=' . $message['id'] . '">' . _("mark as read") . '</a>';`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`} else {`
basic gettext integration 2013-11-25 21:04:58 +01:00			`$messages_html .= '<a href="' . page_link_to("user_messages") . '&action=delete&id=' . $message['id'] . '">' . _("delete message") . '</a>';`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`}`
			`$messages_html .= '</td></tr>';`
			`}`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`return template_render('../templates/user_messages.html', array(`
add basic bootstrap theme 2014-08-22 22:34:13 +02:00			`'title' => messages_title(),`
basic gettext integration 2013-11-25 21:04:58 +01:00			`'link' => page_link_to("user_messages"),`
gettext for user sites 2013-11-28 22:40:48 +01:00			`'greeting' => sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)) . '<br /><br />',`
basic gettext integration 2013-11-25 21:04:58 +01:00			`'messages' => $messages_html,`
			`'new_label' => _("New"),`
			`'date_label' => _("Date"),`
			`'from_label' => _("Transmitted"),`
			`'to_label' => _("Recipient"),`
			`'text_label' => _("Message"),`
			`'date' => date("Y-m-d H:i"),`
			`'from' => User_Nick_render($user),`
			`'to_select' => $to_select,`
			`'submit_label' => _("Save")`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`));`
			`} else {`
			`switch ($_REQUEST['action']) {`
basic gettext integration 2013-11-25 21:04:58 +01:00			`case "read":`
			`if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$id = $_REQUEST['id'];`
			`else`
basic gettext integration 2013-11-25 21:04:58 +01:00			`return error(_("Incomplete call, missing Message ID."), true);`

mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
			`if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {`
			sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
			`redirect(page_link_to("user_messages"));`
			`} else`
basic gettext integration 2013-11-25 21:04:58 +01:00			`return error(_("No Message found."), true);`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`break;`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`case "delete":`
			`if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`$id = $_REQUEST['id'];`
			`else`
basic gettext integration 2013-11-25 21:04:58 +01:00			`return error(_("Incomplete call, missing Message ID."), true);`

mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
			`if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {`
			sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
			`redirect(page_link_to("user_messages"));`
			`} else`
basic gettext integration 2013-11-25 21:04:58 +01:00			`return error(_("No Message found."), true);`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`break;`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`case "send":`
reviewed cookies api 2014-01-07 15:50:16 +01:00			`if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`redirect(page_link_to("user_messages"));`
			`} else {`
basic gettext integration 2013-11-25 21:04:58 +01:00			`return error(_("Transmitting was terminated with an Error."), true);`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`}`
			`break;`
basic gettext integration 2013-11-25 21:04:58 +01:00
			`default:`
			`return error(_("Wrong action."), true);`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`}`
			`}`
user messages 2011-06-02 21:38:19 +02:00			`}`
			`?>`