mod/message.php

   1 <?php
   2
   3 require_once('include/acl_selectors.php');
   4
   5 function message_post(&$a) {
   6
   7         if(! local_user()) {
   8                 notice( t('Permission denied.') . EOL);
   9                 return;
  10         }
  11
  12         $replyto   = ((x($_POST,'replyto'))   ? notags(trim($_POST['replyto']))   : '');
  13         $subject   = ((x($_POST,'subject'))   ? notags(trim($_POST['subject']))   : '');
  14         $body      = ((x($_POST,'body'))      ? escape_tags(trim($_POST['body'])) : '');
  15         $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto'])       : 0 );
  16
  17         if(! $recipient) {
  18                 notice( t('No recipient selected.') . EOL );
  19                 return;
  20         }
  21
  22         if(! strlen($subject))
  23                 $subject = t('[no subject]');
  24
  25         $me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
  26                 intval(local_user())
  27         );
  28         $contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  29                         intval($recipient),
  30                         intval(local_user())
  31         );
  32
  33         if(! (count($me) && (count($contact)))) {
  34                 notice( t('Unable to locate contact information.') . EOL );
  35                 return;
  36         }
  37
  38         $hash = random_string();
  39         $uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
  40
  41         if(! strlen($replyto))
  42                 $replyto = $uri;
  43
  44         $r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`,
  45                 `contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
  46                 VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
  47                 intval(local_user()),
  48                 dbesc($me[0]['name']),
  49                 dbesc($me[0]['thumb']),
  50                 dbesc($me[0]['url']),
  51                 intval($recipient),
  52                 dbesc($subject),
  53                 dbesc($body),
  54                 1,
  55                 0,
  56                 dbesc($uri),
  57                 dbesc($replyto),
  58                 datetime_convert()
  59         );
  60         $r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
  61                 dbesc($uri),
  62                 intval(local_user())
  63         );
  64         if(count($r))
  65                 $post_id = $r[0]['id'];
  66
  67         /**
  68          *
  69          * When a photo was uploaded into the message using the (profile wall) ajax
  70          * uploader, The permissions are initially set to disallow anybody but the
  71          * owner from seeing it. This is because the permissions may not yet have been
  72          * set for the post. If it's private, the photo permissions should be set
  73          * appropriately. But we didn't know the final permissions on the post until
  74          * now. So now we'll look for links of uploaded messages that are in the
  75          * post and set them to the same permissions as the post itself.
  76          *
  77          */
  78
  79         $match = null;
  80
  81         if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
  82                 $images = $match[1];
  83                 if(count($images)) {
  84                         foreach($images as $image) {
  85                                 if(! stristr($image,$a->get_baseurl() . '/photo/'))
  86                                         continue;
  87                                 $image_uri = substr($image,strrpos($image,'/') + 1);
  88                                 $image_uri = substr($image_uri,0, strpos($image_uri,'-'));
  89                                 $r = q("UPDATE `photo` SET `allow_cid` = '%s'
  90                                         WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
  91                                         dbesc('<' . $recipient . '>'),
  92                                         dbesc($image_uri),
  93                                         dbesc( t('Wall Photos')),
  94                                         intval(local_user())
  95                                 );
  96                         }
  97                 }
  98         }
  99
 100
 101
 102
 103
 104         $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
 105
 106         if($post_id) {
 107                 //proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"mail\" \"$post_id\" &", array(),$foo));
 108                 proc_run($php_path,"include/notifier.php","mail","$post_id");
 109                 notice( t('Message sent.') . EOL );
 110         }
 111         else {
 112                 notice( t('Message could not be sent.') . EOL );
 113         }
 114         return;
 115 }
 116
 117 function message_content(&$a) {
 118
 119         $o = '';
 120         $o .= '<script> $(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
 121
 122         if(! local_user()) {
 123                 notice( t('Permission denied.') . EOL);
 124                 return;
 125         }
 126
 127         $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 128
 129
 130         $tpl = load_view_file('view/mail_head.tpl');
 131         $header = replace_macros($tpl, array(
 132                 '$messages' => t('Messages'),
 133                 '$inbox' => t('Inbox'),
 134                 '$outbox' => t('Outbox'),
 135                 '$new' => t('New Message')
 136         ));
 137
 138
 139         if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
 140                 if(! intval($a->argv[2]))
 141                         return;
 142                 $cmd = $a->argv[1];
 143                 if($cmd === 'drop') {
 144                         $r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 145                                 intval($a->argv[2]),
 146                                 intval(local_user())
 147                         );
 148                         if($r) {
 149                                 notice( t('Message deleted.') . EOL );
 150                         }
 151                         goaway($a->get_baseurl() . '/message' );
 152                 }
 153                 else {
 154                         $r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 155                                 intval($a->argv[2]),
 156                                 intval(local_user())
 157                         );
 158                         if(count($r)) {
 159                                 $parent = $r[0]['parent-uri'];
 160                                 $r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
 161                                         dbesc($parent),
 162                                         intval(local_user())
 163                                 );
 164                                 if($r)
 165                                         notice( t('Conversation removed.') . EOL );
 166                         }
 167                         goaway($a->get_baseurl() . '/message' );
 168                 }
 169
 170         }
 171
 172         if(($a->argc > 1) && ($a->argv[1] === 'new')) {
 173
 174                 $tpl = load_view_file('view/msg-header.tpl');
 175
 176                 $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
 177
 178                 $select = contact_select('messageto','message-to-select', false, 4, true);
 179                 $tpl = load_view_file('view/prv_message.tpl');
 180                 $o .= replace_macros($tpl,array(
 181                         '$header' => t('Send Private Message'),
 182                         '$to' => t('To:'),
 183                         '$subject' => t('Subject:'),
 184                         '$subjtxt' => '',
 185                         '$readonly' => '',
 186                         '$yourmessage' => t('Your message:'),
 187                         '$select' => $select,
 188                         '$parent' => '',
 189                         '$upload' => t('Upload photo'),
 190                         '$insert' => t('Insert web link'),
 191                         '$wait' => t('Please wait')
 192
 193                 ));
 194
 195                 return $o;
 196         }
 197
 198         if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] === 'sent')) {
 199
 200                 $o .= $header;
 201
 202                 if($a->argc == 2)
 203                         $eq = '='; // I'm not going to bother escaping this.
 204                 else
 205                         $eq = '!='; // or this.
 206
 207                 $r = q("SELECT count(*) AS `total` FROM `mail`
 208                         WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
 209                         intval(local_user()),
 210                         dbesc($myprofile)
 211                 );
 212                 if(count($r))
 213                         $a->set_pager_total($r[0]['total']);
 214
 215                 $r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
 216                         `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 217                         FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 218                         WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC  LIMIT %d , %d ",
 219                         intval(local_user()),
 220                         dbesc($myprofile),
 221                         intval($a->pager['start']),
 222                         intval($a->pager['itemspage'])
 223                 );
 224                 if(! count($r)) {
 225                         notice( t('No messages.') . EOL);
 226                         return $o;
 227                 }
 228
 229                 $tpl = load_view_file('view/mail_list.tpl');
 230                 foreach($r as $rr) {
 231                         $o .= replace_macros($tpl, array(
 232                                 '$id' => $rr['id'],
 233                                 '$from_name' =>$rr['from-name'],
 234                                 '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
 235                                 '$sparkle' => ' sparkle',
 236                                 '$from_photo' => $rr['thumb'],
 237                                 '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
 238                                 '$delete' => t('Delete conversation'),
 239                                 '$body' => $rr['body'],
 240                                 '$to_name' => $rr['name'],
 241                                 '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'],'D, d M Y - g:i A')
 242                         ));
 243                 }
 244                 $o .= paginate($a);
 245                 return $o;
 246         }
 247
 248         if(($a->argc > 1) && (intval($a->argv[1]))) {
 249
 250                 $o .= $header;
 251
 252                 $r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 253                         FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 254                         WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1",
 255                         intval(local_user()),
 256                         intval($a->argv[1])
 257                 );
 258                 if(count($r)) {
 259                         $contact_id = $r[0]['contact-id'];
 260                         $messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
 261                                 FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
 262                                 WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
 263                                 intval(local_user()),
 264                                 dbesc($r[0]['parent-uri'])
 265                         );
 266                 }
 267                 if(! count($messages)) {
 268                         notice( t('Message not available.') . EOL );
 269                         return $o;
 270                 }
 271
 272                 $r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d",
 273                         dbesc($r[0]['parent-uri']),
 274                         intval(local_user())
 275                 );
 276
 277                 require_once("include/bbcode.php");
 278
 279                 $tpl = load_view_file('view/msg-header.tpl');
 280
 281                 $a->page['htmlhead'] .= replace_macros($tpl, array(
 282                         '$nickname' => $a->user['nickname'],
 283                         '$baseurl' => $a->get_baseurl()
 284                 ));
 285
 286
 287                 $tpl = load_view_file('view/mail_conv.tpl');
 288                 foreach($messages as $message) {
 289                         if($message['from-url'] == $myprofile) {
 290                                 $from_url = $myprofile;
 291                                 $sparkle = '';
 292                         }
 293                         else {
 294                                 $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
 295                                 $sparkle = ' sparkle';
 296                         }
 297                         $o .= replace_macros($tpl, array(
 298                                 '$id' => $message['id'],
 299                                 '$from_name' =>$message['from-name'],
 300                                 '$from_url' => $from_url,
 301                                 '$sparkle' => $sparkle,
 302                                 '$from_photo' => $message['from-photo'],
 303                                 '$subject' => $message['title'],
 304                                 '$body' => smilies(bbcode($message['body'])),
 305                                 '$delete' => t('Delete message'),
 306                                 '$to_name' => $message['name'],
 307                                 '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
 308                         ));
 309
 310                 }
 311                 $select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
 312                 $parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
 313                 $tpl = load_view_file('view/prv_message.tpl');
 314                 $o .= replace_macros($tpl,array(
 315                         '$header' => t('Send Reply'),
 316                         '$to' => t('To:'),
 317                         '$subject' => t('Subject:'),
 318                         '$subjtxt' => $message['title'],
 319                         '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
 320                         '$yourmessage' => t('Your message:'),
 321                         '$select' => $select,
 322                         '$parent' => $parent,
 323                         '$upload' => t('Upload photo'),
 324                         '$insert' => t('Insert web link'),
 325                         '$wait' => t('Please wait')
 326
 327                 ));
 328
 329                 return $o;
 330         }
 331
 332 }