<?php
require_once('include/acl_selectors.php');
+require_once('include/message.php');
function message_post(&$a) {
return;
}
- $replyto = ((x($_POST,'replyto')) ? notags(trim($_POST['replyto'])) : '');
- $subject = ((x($_POST,'subject')) ? notags(trim($_POST['subject'])) : '');
- $body = ((x($_POST,'body')) ? escape_tags(trim($_POST['body'])) : '');
- $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto']) : 0 );
+ $replyto = ((x($_REQUEST,'replyto')) ? notags(trim($_REQUEST['replyto'])) : '');
+ $subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : '');
+ $body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
+ $recipient = ((x($_REQUEST,'messageto')) ? intval($_REQUEST['messageto']) : 0 );
- if(! $recipient) {
- notice( t('No recipient selected.') . EOL );
- return;
+
+ $ret = send_message($recipient, $body, $subject, $replyto);
+ $norecip = false;
+
+ switch($ret){
+ case -1:
+ notice( t('No recipient selected.') . EOL );
+ $norecip = true;
+ break;
+ case -2:
+ notice( t('Unable to locate contact information.') . EOL );
+ break;
+ case -3:
+ notice( t('Message could not be sent.') . EOL );
+ break;
+ case -4:
+ notice( t('Message collection failure.') . EOL );
+ break;
+ default:
+ info( t('Message sent.') . EOL );
}
- if(! strlen($subject))
- $subject = t('[no subject]');
-
- $me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
- intval(local_user())
- );
- $contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($recipient),
- intval(local_user())
- );
+ // fake it to go back to the input form if no recipient listed
- if(! (count($me) && (count($contact)))) {
- notice( t('Unable to locate contact information.') . EOL );
- return;
+ if($norecip) {
+ $a->argc = 2;
+ $a->argv[1] = 'new';
}
- $hash = random_string();
- $uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
-
- if(! strlen($replyto))
- $replyto = $uri;
-
- $r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`,
- `contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
- VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
- intval(local_user()),
- dbesc($me[0]['name']),
- dbesc($me[0]['thumb']),
- dbesc($me[0]['url']),
- intval($recipient),
- dbesc($subject),
- dbesc($body),
- 1,
- 0,
- dbesc($uri),
- dbesc($replyto),
- datetime_convert()
- );
- $r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
- dbesc($uri),
- intval(local_user())
- );
- if(count($r))
- $post_id = $r[0]['id'];
-
- /**
- *
- * When a photo was uploaded into the message using the (profile wall) ajax
- * uploader, The permissions are initially set to disallow anybody but the
- * owner from seeing it. This is because the permissions may not yet have been
- * set for the post. If it's private, the photo permissions should be set
- * appropriately. But we didn't know the final permissions on the post until
- * now. So now we'll look for links of uploaded messages that are in the
- * post and set them to the same permissions as the post itself.
- *
- */
-
- $match = null;
-
- if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
- $images = $match[1];
- if(count($images)) {
- foreach($images as $image) {
- if(! stristr($image,$a->get_baseurl() . '/photo/'))
- continue;
- $image_uri = substr($image,strrpos($image,'/') + 1);
- $image_uri = substr($image_uri,0, strpos($image_uri,'-'));
- $r = q("UPDATE `photo` SET `allow_cid` = '%s'
- WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
- dbesc('<' . $recipient . '>'),
- dbesc($image_uri),
- dbesc( t('Wall Photos')),
- intval(local_user())
- );
- }
- }
- }
-
- if($post_id) {
- proc_run('php',"include/notifier.php","mail","$post_id");
- notice( t('Message sent.') . EOL );
- }
- else {
- notice( t('Message could not be sent.') . EOL );
- }
- return;
}
function message_content(&$a) {
$o = '';
- $o .= '<script> $(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
+ nav_set_selected('messages');
if(! local_user()) {
notice( t('Permission denied.') . EOL);
return;
}
- $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
+ $myprofile = $a->get_baseurl(true) . '/profile/' . $a->user['nickname'];
+
+
+ $tabs = array(
+ array(
+ 'label' => t('Inbox'),
+ 'url'=> $a->get_baseurl(true) . '/message',
+ 'sel'=> (($a->argc == 1) ? 'active' : ''),
+ ),
+ array(
+ 'label' => t('Outbox'),
+ 'url' => $a->get_baseurl(true) . '/message/sent',
+ 'sel'=> (($a->argv[1] == 'sent') ? 'active' : ''),
+ ),
+ array(
+ 'label' => t('New Message'),
+ 'url' => $a->get_baseurl(true) . '/message/new',
+ 'sel'=> (($a->argv[1] == 'new') ? 'active' : ''),
+ ),
+ );
+ $tpl = get_markup_template('common_tabs.tpl');
+ $tab_content = replace_macros($tpl, array('$tabs'=>$tabs));
- $tpl = load_view_file('view/mail_head.tpl');
+ $tpl = get_markup_template('mail_head.tpl');
$header = replace_macros($tpl, array(
'$messages' => t('Messages'),
- '$inbox' => t('Inbox'),
- '$outbox' => t('Outbox'),
- '$new' => t('New Message')
+ '$tab_content' => $tab_content
));
intval(local_user())
);
if($r) {
- notice( t('Message deleted.') . EOL );
+ info( t('Message deleted.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
else {
- $r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
);
if(count($r)) {
$parent = $r[0]['parent-uri'];
+ $convid = $r[0]['convid'];
+
$r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
dbesc($parent),
intval(local_user())
);
+
+ // remove diaspora conversation pointer
+ // Actually if we do this, we can never receive another reply to that conversation,
+ // as we will never again have the info we need to re-create it.
+ // We'll just have to orphan it.
+
+ //if($convid) {
+ // q("delete from conv where id = %d limit 1",
+ // intval($convid)
+ // );
+ //}
+
if($r)
- notice( t('Conversation removed.') . EOL );
+ info( t('Conversation removed.') . EOL );
}
- goaway($a->get_baseurl() . '/message' );
+ goaway($a->get_baseurl(true) . '/message' );
}
}
if(($a->argc > 1) && ($a->argv[1] === 'new')) {
- $tpl = file_get_contents('view/msg-header.tpl');
+ $o .= $header;
+
+ $plaintext = false;
+ if(intval(get_pconfig(local_user(),'system','plaintext')))
+ $plaintext = true;
+
+
+ $tpl = get_markup_template('msg-header.tpl');
$a->page['htmlhead'] .= replace_macros($tpl, array(
- '$baseurl' => $a->get_baseurl(),
+ '$baseurl' => $a->get_baseurl(true),
+ '$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
'$nickname' => $a->user['nickname'],
'$linkurl' => t('Please enter a link URL:')
));
$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
- $select = contact_select('messageto','message-to-select', $preselect, 4, true);
- $tpl = file_get_contents('view/prv_message.tpl');
+ $select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
+ $tpl = get_markup_template('prv_message.tpl');
$o .= replace_macros($tpl,array(
'$header' => t('Send Private Message'),
'$to' => t('To:'),
'$subject' => t('Subject:'),
- '$subjtxt' => '',
+ '$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+ '$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
'$readonly' => '',
'$yourmessage' => t('Your message:'),
'$select' => $select,
'$upload' => t('Upload photo'),
'$insert' => t('Insert web link'),
'$wait' => t('Please wait')
-
));
return $o;
$a->set_pager_total($r[0]['total']);
$r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
- `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
+ `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` , `contact`.`network`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
- WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ",
+ WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `mailcreated` DESC LIMIT %d , %d ",
intval(local_user()),
dbesc($myprofile),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
if(! count($r)) {
- notice( t('No messages.') . EOL);
+ info( t('No messages.') . EOL);
return $o;
}
- $tpl = file_get_contents('view/mail_list.tpl');
+ $tpl = get_markup_template('mail_list.tpl');
foreach($r as $rr) {
$o .= replace_macros($tpl, array(
'$id' => $rr['id'],
'$from_name' =>$rr['from-name'],
- '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
+ '$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']),
'$sparkle' => ' sparkle',
'$from_photo' => $rr['thumb'],
- '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
+ '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')),
'$delete' => t('Delete conversation'),
- '$body' => $rr['body'],
- '$to_name' => $rr['name'],
+ '$body' => template_escape($rr['body']),
+ '$to_name' => template_escape($rr['name']),
'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
));
}
);
if(count($r)) {
$contact_id = $r[0]['contact-id'];
+ $convid = $r[0]['convid'];
+
+ $sql_extra = sprintf(" and `mail`.`parent-uri` = '%s' ", dbesc($r[0]['parent-uri']));
+ if($convid)
+ $sql_extra = sprintf(" and ( `mail`.`parent-uri` = '%s' OR `mail`.`convid` = '%d' ) ",
+ dbesc($r[0]['parent-uri']),
+ intval($convid)
+ );
+
$messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
- WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
- intval(local_user()),
- dbesc($r[0]['parent-uri'])
+ WHERE `mail`.`uid` = %d $sql_extra ORDER BY `mail`.`created` ASC",
+ intval(local_user())
);
}
if(! count($messages)) {
require_once("include/bbcode.php");
- $tpl = file_get_contents('view/msg-header.tpl');
+ $tpl = get_markup_template('msg-header.tpl');
$a->page['htmlhead'] .= replace_macros($tpl, array(
'$nickname' => $a->user['nickname'],
- '$baseurl' => $a->get_baseurl()
+ '$baseurl' => $a->get_baseurl(true)
));
- $tpl = file_get_contents('view/mail_conv.tpl');
+ $tpl = get_markup_template('mail_conv.tpl');
foreach($messages as $message) {
if($message['from-url'] == $myprofile) {
$from_url = $myprofile;
$sparkle = '';
}
else {
- $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
+ $from_url = $a->get_baseurl(true) . '/redir/' . $message['contact-id'];
$sparkle = ' sparkle';
}
$o .= replace_macros($tpl, array(
'$id' => $message['id'],
- '$from_name' =>$message['from-name'],
+ '$from_name' => template_escape($message['from-name']),
'$from_url' => $from_url,
'$sparkle' => $sparkle,
'$from_photo' => $message['from-photo'],
- '$subject' => $message['title'],
- '$body' => smilies(bbcode($message['body'])),
+ '$subject' => template_escape($message['title']),
+ '$body' => template_escape(smilies(bbcode($message['body']))),
'$delete' => t('Delete message'),
- '$to_name' => $message['name'],
+ '$to_name' => template_escape($message['name']),
'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
));
}
$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
- $tpl = file_get_contents('view/prv_message.tpl');
+ $tpl = get_markup_template('prv_message.tpl');
$o .= replace_macros($tpl,array(
'$header' => t('Send Reply'),
'$to' => t('To:'),
'$subject' => t('Subject:'),
- '$subjtxt' => $message['title'],
+ '$subjtxt' => template_escape($message['title']),
'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
'$yourmessage' => t('Your message:'),
+ '$text' => '',
'$select' => $select,
'$parent' => $parent,
'$upload' => t('Upload photo'),
'$insert' => t('Insert web link'),
'$wait' => t('Please wait')
-
));
return $o;
}
-}
\ No newline at end of file
+}
projects / friendica.git / blobdiff