engelsystem/includes/pages/user_messages.php

<?php

function messages_title()
{
    return _("Messages");
}

function user_unread_messages()
{
    global $user;

    if (isset($user)) {
        $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
        if ($new_messages > 0) {
            return ' <span class="badge danger">' . $new_messages . '</span>';
        }
    }
    return '';
}

function user_messages()
{
    global $user;

    if (!isset($_REQUEST['action'])) {
        $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");

        $to_select_data = [
            "" => _("Select recipient...")
        ];

        foreach ($users as $u) {
            $to_select_data[$u['UID']] = $u['Nick'];
        }

        $to_select = html_select_key('to', 'to', $to_select_data, '');

        $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");

        $messages_table = [
            [
                'news'      => '',
                'timestamp' => date("Y-m-d H:i"),
                'from'      => User_Nick_render($user),
                'to'        => $to_select,
                'text'      => form_textarea('text', '', ''),
                'actions'   => form_submit('submit', _("Save"))
            ]
        ];

        foreach ($messages as $message) {
            $sender_user_source = User($message['SUID']);
            $receiver_user_source = User($message['RUID']);

            $messages_table_entry = [
                'new'       => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',
                'timestamp' => date("Y-m-d H:i", $message['Datum']),
                'from'      => User_Nick_render($sender_user_source),
                'to'        => User_Nick_render($receiver_user_source),
                'text'      => str_replace("\n", '<br />', $message['Text'])
            ];

            if ($message['RUID'] == $user['UID']) {
                if ($message['isRead'] == 'N') {
                    $messages_table_entry['actions'] = button(
                        page_link_to("user_messages") . '&action=read&id=' . $message['id'],
                        _("mark as read"),
                        'btn-xs'
                    );
                }
            } else {
                $messages_table_entry['actions'] = button(
                    page_link_to("user_messages") . '&action=delete&id=' . $message['id'],
                    _("delete message"),
                    'btn-xs'
                );
            }
            $messages_table[] = $messages_table_entry;
        }

        return page_with_title(messages_title(), [
            msg(),
            sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),
            form([
                table([
                    'new'       => _("New"),
                    'timestamp' => _("Date"),
                    'from'      => _("Transmitted"),
                    'to'        => _("Recipient"),
                    'text'      => _("Message"),
                    'actions'   => ''
                ], $messages_table)
            ], page_link_to('user_messages') . '&action=send')
        ]);
    } else {
        switch ($_REQUEST['action']) {
            case "read":
                if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
                    $message_id = $_REQUEST['id'];
                } else {
                    return error(_("Incomplete call, missing Message ID."), true);
                }

                $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
                if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
                    sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
                    redirect(page_link_to("user_messages"));
                } else {
                    return error(_("No Message found."), true);
                }
                break;

            case "delete":
                if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {
                    $message_id = $_REQUEST['id'];
                } else {
                    return error(_("Incomplete call, missing Message ID."), true);
                }

                $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
                if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
                    sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
                    redirect(page_link_to("user_messages"));
                } else {
                    return error(_("No Message found."), true);
                }
                break;

            case "send":
                if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {
                    redirect(page_link_to("user_messages"));
                } else {
                    return error(_("Transmitting was terminated with an Error."), true);
                }
                break;

            default:
                return error(_("Wrong action."), true);
        }
    }
}
user messages 2011-06-02 21:38:19 +02:00			`<?php`
put message input to the top 2015-12-29 18:13:05 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function messages_title()`
			`{`
			`return _("Messages");`
basic gettext integration 2013-11-25 21:04:58 +01:00			`}`

PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_unread_messages()`
			`{`
			`global $user;`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if (isset($user)) {`
			$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
			`if ($new_messages > 0) {`
			`return ' <span class="badge danger">' . $new_messages . '</span>';`
			`}`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`return '';`
user messages 2011-06-02 21:38:19 +02:00			`}`

PSR-2 formatting 2017-01-02 03:57:23 +01:00			`function user_messages()`
			`{`
			`global $user;`
Formatting 2017-01-02 15:43:36 +01:00
			`if (!isset($_REQUEST['action'])) {`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$to_select_data = [`
Formatting 2017-01-02 15:43:36 +01:00			`"" => _("Select recipient...")`
			`];`

PSR-2 formatting 2017-01-02 03:57:23 +01:00			`foreach ($users as $u) {`
			`$to_select_data[$u['UID']] = $u['Nick'];`
			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$to_select = html_select_key('to', 'to', $to_select_data, '');`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$messages_table = [`
Formatting 2017-01-02 15:43:36 +01:00			`[`
			`'news' => '',`
			`'timestamp' => date("Y-m-d H:i"),`
			`'from' => User_Nick_render($user),`
			`'to' => $to_select,`
			`'text' => form_textarea('text', '', ''),`
			`'actions' => form_submit('submit', _("Save"))`
			`]`
			`];`

PSR-2 formatting 2017-01-02 03:57:23 +01:00			`foreach ($messages as $message) {`
			`$sender_user_source = User($message['SUID']);`
			`$receiver_user_source = User($message['RUID']);`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`$messages_table_entry = [`
Formatting 2017-01-02 15:43:36 +01:00			`'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '',`
			`'timestamp' => date("Y-m-d H:i", $message['Datum']),`
			`'from' => User_Nick_render($sender_user_source),`
			`'to' => User_Nick_render($receiver_user_source),`
			`'text' => str_replace("\n", '<br />', $message['Text'])`
			`];`

PSR-2 formatting 2017-01-02 03:57:23 +01:00			`if ($message['RUID'] == $user['UID']) {`
			`if ($message['isRead'] == 'N') {`
Formatting 2017-01-02 15:43:36 +01:00			`$messages_table_entry['actions'] = button(`
			`page_link_to("user_messages") . '&action=read&id=' . $message['id'],`
			`_("mark as read"),`
			`'btn-xs'`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
			`} else {`
Formatting 2017-01-02 15:43:36 +01:00			`$messages_table_entry['actions'] = button(`
			`page_link_to("user_messages") . '&action=delete&id=' . $message['id'],`
			`_("delete message"),`
			`'btn-xs'`
			`);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
			`$messages_table[] = $messages_table_entry;`
prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00			`}`
Formatting 2017-01-02 15:43:36 +01:00
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`return page_with_title(messages_title(), [`
Formatting 2017-01-02 15:43:36 +01:00			`msg(),`
			`sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)),`
			`form([`
			`table([`
			`'new' => _("New"),`
			`'timestamp' => _("Date"),`
			`'from' => _("Transmitted"),`
			`'to' => _("Recipient"),`
			`'text' => _("Message"),`
			`'actions' => ''`
			`], $messages_table)`
			`], page_link_to('user_messages') . '&action=send')`
			`]);`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`} else {`
			`switch ($_REQUEST['action']) {`
Formatting 2017-01-02 15:43:36 +01:00			`case "read":`
			`if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {`
			`$message_id = $_REQUEST['id'];`
			`} else {`
			`return error(_("Incomplete call, missing Message ID."), true);`
			`}`

			$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
			`if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {`
			sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
			`redirect(page_link_to("user_messages"));`
			`} else {`
			`return error(_("No Message found."), true);`
			`}`
			`break;`

			`case "delete":`
			`if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) {`
			`$message_id = $_REQUEST['id'];`
			`} else {`
			`return error(_("Incomplete call, missing Message ID."), true);`
			`}`

			$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
			`if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {`
			sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
			`redirect(page_link_to("user_messages"));`
			`} else {`
			`return error(_("No Message found."), true);`
			`}`
			`break;`

			`case "send":`
			`if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) {`
			`redirect(page_link_to("user_messages"));`
			`} else {`
			`return error(_("Transmitting was terminated with an Error."), true);`
			`}`
			`break;`

			`default:`
			`return error(_("Wrong action."), true);`
mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00			`}`
PSR-2 formatting 2017-01-02 03:57:23 +01:00			`}`
user messages 2011-06-02 21:38:19 +02:00			`}`