mod/message.php

   1 <?php
   2
   3 require_once('include/acl_selectors.php');
   4
   5 function message_post(&$a) {
   6
   7         if(! local_user()) {
   8                 notice( t('Permission denied.') . EOL);
   9                 return;
  10         }
  11
  12         $replyto   = ((x($_POST,'replyto'))   ? notags(trim($_POST['replyto']))   : '');
  13         $subject   = ((x($_POST,'subject'))   ? notags(trim($_POST['subject']))   : '');
  14         $body      = ((x($_POST,'body'))      ? escape_tags(trim($_POST['body'])) : '');
  15         $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto'])       : 0 );
  16
  17         if(! $recipient) {
  18                 notice( t('No recipient selected.') . EOL );
  19                 return;
  20         }
  21
  22         if(! strlen($subject))
  23                 $subject = t('[no subject]');
  24
  25         $me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
  26                 intval(local_user())
  27         );
  28         $contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  29                         intval($recipient),
  30                         intval(local_user())
  31         );
  32
  33         if(! (count($me) && (count($contact)))) {
  34                 notice( t('Unable to locate contact information.') . EOL );
  35                 return;
  36         }
  37
  38         $hash = random_string();
  39         $uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
  40
  41         if(! strlen($replyto))
  42                 $replyto = $uri;
  43
  44         $r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`,
  45                 `contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
  46                 VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
  47                 intval(local_user()),
  48                 dbesc($me[0]['name']),
  49                 dbesc($me[0]['thumb']),
  50                 dbesc($me[0]['url']),
  51                 intval($recipient),
  52                 dbesc($subject),
  53                 dbesc($body),
  54                 1,
  55                 0,
  56                 dbesc($uri),
  57                 dbesc($replyto),
  58                 datetime_convert()
  59         );
  60         $r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
  61                 dbesc($uri),
  62                 intval(local_user())
  63         );
  64         if(count($r))
  65                 $post_id = $r[0]['id'];
  66
  67         /**
  68          *
  69          * When a photo was uploaded into the message using the (profile wall) ajax
  70          * uploader, The permissions are initially set to disallow anybody but the
  71          * owner from seeing it. This is because the permissions may not yet have been
  72          * set for the post. If it's private, the photo permissions should be set
  73          * appropriately. But we didn't know the final permissions on the post until
  74          * now. So now we'll look for links of uploaded messages that are in the
  75          * post and set them to the same permissions as the post itself.
  76          *
  77          */
  78
  79         $match = null;
  80
  81         if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
  82                 $images = $match[1];
  83                 if(count($images)) {
  84                         foreach($images as $image) {
  85                                 if(! stristr($image,$a->get_baseurl() . '/photo/'))
  86                                         continue;
  87                                 $image_uri = substr($image,strrpos($image,'/') + 1);
  88                                 $image_uri = substr($image_uri,0, strpos($image_uri,'-'));
  89                                 $r = q("UPDATE `photo` SET `allow_cid` = '%s'
  90                                         WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
  91                                         dbesc('<' . $recipient . '>'),
  92                                         dbesc($image_uri),
  93                                         dbesc( t('Wall Photos')),
  94                                         intval(local_user())
  95                                 );
  96                         }
  97                 }
  98         }
  99
 100         if($post_id) {
 101                 proc_run('php',"include/notifier.php","mail","$post_id");
 102                 notice( t('Message sent.') . EOL );
 103         }
 104         else {
 105                 notice( t('Message could not be sent.') . EOL );
 106         }
 107         return;
 108 }
 109
 110 function message_content(&$a) {
 111
 112         $o = '';
 113         $o .= '<script> $(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
 114
 115         if(! local_user()) {
 116                 notice( t('Permission denied.') . EOL);
 117                 return;
 118         }
 119
 120         $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 121
 122
 123         $tpl = load_view_file('view/mail_head.tpl');
 124         $header = replace_macros($tpl, array(
 125                 '$messages' => t('Messages'),
 126                 '$inbox' => t('Inbox'),
 127                 '$outbox' => t('Outbox'),
 128                 '$new' => t('New Message')
 129         ));
 130
 131
 132         if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
 133                 if(! intval($a->argv[2]))
 134                         return;
 135                 $cmd = $a->argv[1];
 136                 if($cmd === 'drop') {
 137                         $r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 138                                 intval($a->argv[2]),
 139                                 intval(local_user())
 140                         );
 141                         if($r) {
 142                                 notice( t('Message deleted.') . EOL );
 143                         }
 144                         goaway($a->get_baseurl() . '/message' );
 145                 }
 146                 else {
 147                         $r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 148                                 intval($a->argv[2]),
 149                                 intval(local_user())
 150                         );
 151                         if(count($r)) {
 152                                 $parent = $r[0]['parent-uri'];
 153                                 $r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
 154                                         dbesc($parent),
 155                                         intval(local_user())
 156                                 );
 157                                 if($r)
 158                                         notice( t('Conversation removed.') . EOL );
 159                         }
 160                         goaway($a->get_baseurl() . '/message' );
 161                 }
 162
 163         }
 164
 165         if(($a->argc > 1) && ($a->argv[1] === 'new')) {
 166
 167                 $tpl = load_view_file('view/msg-header.tpl');
 168
 169                 $a->page['htmlhead'] .= replace_macros($tpl, array(
 170                         '$baseurl' => $a->get_baseurl(),
 171                         '$nickname' => $a->user['nickname'],
 172                         '$linkurl' => t('Please enter a link URL:')
 173                 ));
 174
 175                 $preselect = (isset($a->argv[2])?array($a->argv[2]):false);
 176
 177                 $select = contact_select('messageto','message-to-select', $preselect, 4, true);
 178                 $tpl = load_view_file('view/prv_message.tpl');
 179                 $o .= replace_macros($tpl,array(
 180                         '$header' => t('Send Private Message'),
 181                         '$to' => t('To:'),
 182                         '$subject' => t('Subject:'),
 183                         '$subjtxt' => '',
 184                         '$readonly' => '',
 185                         '$yourmessage' => t('Your message:'),
 186                         '$select' => $select,
 187                         '$parent' => '',
 188                         '$upload' => t('Upload photo'),
 189                         '$insert' => t('Insert web link'),
 190                         '$wait' => t('Please wait')
 191
 192                 ));
 193
 194                 return $o;
 195         }
 196
 197         if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] === 'sent')) {
 198
 199                 $o .= $header;
 200
 201                 if($a->argc == 2)
 202                         $eq = '='; // I'm not going to bother escaping this.
 203                 else
 204                         $eq = '!='; // or this.
 205
 206                 $r = q("SELECT count(*) AS `total` FROM `mail`
 207                         WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
 208                         intval(local_user()),
 209                         dbesc($myprofile)
 210                 );
 211                 if(count($r))
 212                         $a->set_pager_total($r[0]['total']);
 213
 214                 $r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
 215                         `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 216                         FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 217                         WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC  LIMIT %d , %d ",
 218                         intval(local_user()),
 219                         dbesc($myprofile),
 220                         intval($a->pager['start']),
 221                         intval($a->pager['itemspage'])
 222                 );
 223                 if(! count($r)) {
 224                         notice( t('No messages.') . EOL);
 225                         return $o;
 226                 }
 227
 228                 $tpl = load_view_file('view/mail_list.tpl');
 229                 foreach($r as $rr) {
 230                         $o .= replace_macros($tpl, array(
 231                                 '$id' => $rr['id'],
 232                                 '$from_name' =>$rr['from-name'],
 233                                 '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
 234                                 '$sparkle' => ' sparkle',
 235                                 '$from_photo' => $rr['thumb'],
 236                                 '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
 237                                 '$delete' => t('Delete conversation'),
 238                                 '$body' => $rr['body'],
 239                                 '$to_name' => $rr['name'],
 240                                 '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
 241                         ));
 242                 }
 243                 $o .= paginate($a);
 244                 return $o;
 245         }
 246
 247         if(($a->argc > 1) && (intval($a->argv[1]))) {
 248
 249                 $o .= $header;
 250
 251                 $r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 252                         FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 253                         WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1",
 254                         intval(local_user()),
 255                         intval($a->argv[1])
 256                 );
 257                 if(count($r)) {
 258                         $contact_id = $r[0]['contact-id'];
 259                         $messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 260                                 FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 261                                 WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
 262                                 intval(local_user()),
 263                                 dbesc($r[0]['parent-uri'])
 264                         );
 265                 }
 266                 if(! count($messages)) {
 267                         notice( t('Message not available.') . EOL );
 268                         return $o;
 269                 }
 270
 271                 $r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d",
 272                         dbesc($r[0]['parent-uri']),
 273                         intval(local_user())
 274                 );
 275
 276                 require_once("include/bbcode.php");
 277
 278                 $tpl = load_view_file('view/msg-header.tpl');
 279
 280                 $a->page['htmlhead'] .= replace_macros($tpl, array(
 281                         '$nickname' => $a->user['nickname'],
 282                         '$baseurl' => $a->get_baseurl()
 283                 ));
 284
 285
 286                 $tpl = load_view_file('view/mail_conv.tpl');
 287                 foreach($messages as $message) {
 288                         if($message['from-url'] == $myprofile) {
 289                                 $from_url = $myprofile;
 290                                 $sparkle = '';
 291                         }
 292                         else {
 293                                 $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
 294                                 $sparkle = ' sparkle';
 295                         }
 296                         $o .= replace_macros($tpl, array(
 297                                 '$id' => $message['id'],
 298                                 '$from_name' =>$message['from-name'],
 299                                 '$from_url' => $from_url,
 300                                 '$sparkle' => $sparkle,
 301                                 '$from_photo' => $message['from-photo'],
 302                                 '$subject' => $message['title'],
 303                                 '$body' => smilies(bbcode($message['body'])),
 304                                 '$delete' => t('Delete message'),
 305                                 '$to_name' => $message['name'],
 306                                 '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
 307                         ));
 308
 309                 }
 310                 $select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
 311                 $parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
 312                 $tpl = load_view_file('view/prv_message.tpl');
 313                 $o .= replace_macros($tpl,array(
 314                         '$header' => t('Send Reply'),
 315                         '$to' => t('To:'),
 316                         '$subject' => t('Subject:'),
 317                         '$subjtxt' => $message['title'],
 318                         '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
 319                         '$yourmessage' => t('Your message:'),
 320                         '$select' => $select,
 321                         '$parent' => $parent,
 322                         '$upload' => t('Upload photo'),
 323                         '$insert' => t('Insert web link'),
 324                         '$wait' => t('Please wait')
 325
 326                 ));
 327
 328                 return $o;
 329         }
 330
 331 }