X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmessage.php;h=0907abd77f29fd0de4f370be3f126684bb91a43a;hb=1246a40ec22d1df7c0aa47d13690a65e868edaa4;hp=7f17a362b3cb518770fd5a2ac3994bc11d8825a0;hpb=92156cd8403fa1521ecf3c3f9ed3823c03c73dcd;p=friendica.git

diff --git a/mod/message.php b/mod/message.php
old mode 100644
new mode 100755
index 7f17a362b3..0907abd77f
--- a/mod/message.php
+++ b/mod/message.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once('include/acl_selectors.php');
+require_once('include/message.php');
 
 function message_post(&$a) {
 
@@ -9,123 +10,80 @@ function message_post(&$a) {
 		return;
 	}
 
-	$replyto   = ((x($_POST,'replyto'))   ? notags(trim($_POST['replyto']))   : '');
-	$subject   = ((x($_POST,'subject'))   ? notags(trim($_POST['subject']))   : '');
-	$body      = ((x($_POST,'body'))      ? escape_tags(trim($_POST['body'])) : '');
-	$recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto'])       : 0 );
+	$replyto   = ((x($_REQUEST,'replyto'))   ? notags(trim($_REQUEST['replyto']))   : '');
+	$subject   = ((x($_REQUEST,'subject'))   ? notags(trim($_REQUEST['subject']))   : '');
+	$body      = ((x($_REQUEST,'body'))      ? escape_tags(trim($_REQUEST['body'])) : '');
+	$recipient = ((x($_REQUEST,'messageto')) ? intval($_REQUEST['messageto'])       : 0 );
 
-	if(! $recipient) {
-		notice( t('No recipient selected.') . EOL );
-		return;
+	
+	$ret = send_message($recipient, $body, $subject, $replyto);
+	$norecip = false;
+
+	switch($ret){
+		case -1:
+			notice( t('No recipient selected.') . EOL );
+			$norecip = true;
+			break;
+		case -2:
+			notice( t('Unable to locate contact information.') . EOL );
+			break;
+		case -3:
+			notice( t('Message could not be sent.') . EOL );
+			break;
+		case -4:
+			notice( t('Message collection failure.') . EOL );
+			break;
+		default:
+			info( t('Message sent.') . EOL );
 	}
 
-	if(! strlen($subject))
-		$subject = t('[no subject]');
-
-	$me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval(local_user())
-	);
-	$contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-			intval($recipient),
-			intval(local_user())
-	);
+	// fake it to go back to the input form if no recipient listed
 
-	if(! (count($me) && (count($contact)))) {
-		notice( t('Unable to locate contact information.') . EOL );
-		return;
+	if($norecip) {
+		$a->argc = 2;
+		$a->argv[1] = 'new';
 	}
 
-	$hash = random_string();
- 	$uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
-
-	if(! strlen($replyto))
-		$replyto = $uri;
-
-	$r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`, 
-		`contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
-		VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
-		intval(local_user()),
-		dbesc($me[0]['name']),
-		dbesc($me[0]['thumb']),
-		dbesc($me[0]['url']),
-		intval($recipient),
-		dbesc($subject),
-		dbesc($body),
-		1,
-		0,
-		dbesc($uri),
-		dbesc($replyto),
-		datetime_convert()
-	);
-	$r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
-		dbesc($uri),
-		intval(local_user())
-	);
-	if(count($r))
-		$post_id = $r[0]['id'];
-
-	/**
-	 *
-	 * When a photo was uploaded into the message using the (profile wall) ajax 
-	 * uploader, The permissions are initially set to disallow anybody but the
-	 * owner from seeing it. This is because the permissions may not yet have been
-	 * set for the post. If it's private, the photo permissions should be set
-	 * appropriately. But we didn't know the final permissions on the post until
-	 * now. So now we'll look for links of uploaded messages that are in the
-	 * post and set them to the same permissions as the post itself.
-	 *
-	 */
-
-	$match = null;
-
-	if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
-		$images = $match[1];
-		if(count($images)) {
-			foreach($images as $image) {
-				if(! stristr($image,$a->get_baseurl() . '/photo/'))
-					continue;
-				$image_uri = substr($image,strrpos($image,'/') + 1);
-				$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
-				$r = q("UPDATE `photo` SET `allow_cid` = '%s'
-					WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
-					dbesc('<' . $recipient . '>'),
-					dbesc($image_uri),
-					dbesc( t('Wall Photos')),
-					intval(local_user())
-				); 
-			}
-		}
-	}
-	
-	if($post_id) {
-		proc_run('php',"include/notifier.php","mail","$post_id");
-		notice( t('Message sent.') . EOL );
-	}
-	else {
-		notice( t('Message could not be sent.') . EOL );
-	}
-	return;
 }
 
 function message_content(&$a) {
 
 	$o = '';
-	$o .= '<script>	$(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
+	nav_set_selected('messages');
 
 	if(! local_user()) {
 		notice( t('Permission denied.') . EOL);
 		return;
 	}
 
-	$myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
+	$myprofile = $a->get_baseurl(true) . '/profile/' . $a->user['nickname'];
+
+
+	$tabs = array(
+		array(
+			'label' => t('Inbox'),
+			'url'=> $a->get_baseurl(true) . '/message',
+			'sel'=> (($a->argc == 1) ? 'active' : ''),
+		),
+		array(
+			'label' => t('Outbox'),
+			'url' => $a->get_baseurl(true) . '/message/sent',
+			'sel'=> (($a->argv[1] == 'sent') ? 'active' : ''),
+		),
+		array(
+			'label' => t('New Message'),
+			'url' => $a->get_baseurl(true) . '/message/new',
+			'sel'=> (($a->argv[1] == 'new') ? 'active' : ''),
+		),
+	);
+	$tpl = get_markup_template('common_tabs.tpl');
+	$tab_content = replace_macros($tpl, array('$tabs'=>$tabs));
 
 
-	$tpl = load_view_file('view/mail_head.tpl');
+	$tpl = get_markup_template('mail_head.tpl');
 	$header = replace_macros($tpl, array(
 		'$messages' => t('Messages'),
-		'$inbox' => t('Inbox'),
-		'$outbox' => t('Outbox'),
-		'$new' => t('New Message')
+		'$tab_content' => $tab_content
 	));
 
 
@@ -139,48 +97,71 @@ function message_content(&$a) {
 				intval(local_user())
 			);
 			if($r) {
-				notice( t('Message deleted.') . EOL );
+				info( t('Message deleted.') . EOL );
 			}
-			goaway($a->get_baseurl() . '/message' );
+			goaway($a->get_baseurl(true) . '/message' );
 		}
 		else {
-			$r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("SELECT `parent-uri`,`convid` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval($a->argv[2]),
 				intval(local_user())
 			);
 			if(count($r)) {
 				$parent = $r[0]['parent-uri'];
+				$convid = $r[0]['convid'];
+
 				$r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
 					dbesc($parent),
 					intval(local_user())
 				);
+
+				// remove diaspora conversation pointer
+				// Actually if we do this, we can never receive another reply to that conversation,
+				// as we will never again have the info we need to re-create it. 
+				// We'll just have to orphan it. 
+
+				//if($convid) {
+				//	q("delete from conv where id = %d limit 1",
+				//		intval($convid)
+				//	);
+				//}
+
 				if($r)
-					notice( t('Conversation removed.') . EOL );
+					info( t('Conversation removed.') . EOL );
 			} 
-			goaway($a->get_baseurl() . '/message' );
+			goaway($a->get_baseurl(true) . '/message' );
 		}	
 	
 	}
 
 	if(($a->argc > 1) && ($a->argv[1] === 'new')) {
 		
-		$tpl = load_view_file('view/msg-header.tpl');
+		$o .= $header;
+		
+		$plaintext = false;
+		if(intval(get_pconfig(local_user(),'system','plaintext')))
+			$plaintext = true;
+
+
+		$tpl = get_markup_template('msg-header.tpl');
 
 		$a->page['htmlhead'] .= replace_macros($tpl, array(
-			'$baseurl' => $a->get_baseurl(),
+			'$baseurl' => $a->get_baseurl(true),
+			'$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
 			'$nickname' => $a->user['nickname'],
 			'$linkurl' => t('Please enter a link URL:')
 		));
 	
 		$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
 	
-		$select = contact_select('messageto','message-to-select', $preselect, 4, true);
-		$tpl = load_view_file('view/prv_message.tpl');
+		$select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
+		$tpl = get_markup_template('prv_message.tpl');
 		$o .= replace_macros($tpl,array(
 			'$header' => t('Send Private Message'),
 			'$to' => t('To:'),
 			'$subject' => t('Subject:'),
-			'$subjtxt' => '',
+			'$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+			'$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
 			'$readonly' => '',
 			'$yourmessage' => t('Your message:'),
 			'$select' => $select,
@@ -188,7 +169,6 @@ function message_content(&$a) {
 			'$upload' => t('Upload photo'),
 			'$insert' => t('Insert web link'),
 			'$wait' => t('Please wait')
-
 		));
 
 		return $o;
@@ -212,31 +192,31 @@ function message_content(&$a) {
 			$a->set_pager_total($r[0]['total']);
 	
 		$r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`, 
-			`mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` 
+			`mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` , `contact`.`network`  
 			FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` 
-			WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC  LIMIT %d , %d ",
+			WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `mailcreated` DESC  LIMIT %d , %d ",
 			intval(local_user()),
 			dbesc($myprofile),
 			intval($a->pager['start']),
 			intval($a->pager['itemspage'])
 		);
 		if(! count($r)) {
-			notice( t('No messages.') . EOL);
+			info( t('No messages.') . EOL);
 			return $o;
 		}
 
-		$tpl = load_view_file('view/mail_list.tpl');
+		$tpl = get_markup_template('mail_list.tpl');
 		foreach($r as $rr) {
 			$o .= replace_macros($tpl, array(
 				'$id' => $rr['id'],
 				'$from_name' =>$rr['from-name'],
-				'$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
+				'$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']),
 				'$sparkle' => ' sparkle',
 				'$from_photo' => $rr['thumb'],
-				'$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
+				'$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')),
 				'$delete' => t('Delete conversation'),
-				'$body' => $rr['body'],
-				'$to_name' => $rr['name'],
+				'$body' => template_escape($rr['body']),
+				'$to_name' => template_escape($rr['name']),
 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
 			));
 		}
@@ -256,11 +236,19 @@ function message_content(&$a) {
 		);
 		if(count($r)) { 
 			$contact_id = $r[0]['contact-id'];
+			$convid = $r[0]['convid'];
+
+			$sql_extra = sprintf(" and `mail`.`parent-uri` = '%s' ", dbesc($r[0]['parent-uri']));
+			if($convid)
+				$sql_extra = sprintf(" and ( `mail`.`parent-uri` = '%s' OR `mail`.`convid` = '%d' ) ",
+					dbesc($r[0]['parent-uri']),
+					intval($convid)
+				);  
+
 			$messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb` 
 				FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` 
-				WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
-				intval(local_user()),
-				dbesc($r[0]['parent-uri'])
+				WHERE `mail`.`uid` = %d $sql_extra ORDER BY `mail`.`created` ASC",
+				intval(local_user())
 			);
 		}
 		if(! count($messages)) {
@@ -275,57 +263,57 @@ function message_content(&$a) {
 
 		require_once("include/bbcode.php");
 
-		$tpl = load_view_file('view/msg-header.tpl');
+		$tpl = get_markup_template('msg-header.tpl');
 	
 		$a->page['htmlhead'] .= replace_macros($tpl, array(
 			'$nickname' => $a->user['nickname'],
-			'$baseurl' => $a->get_baseurl()
+			'$baseurl' => $a->get_baseurl(true)
 		));
 
 
-		$tpl = load_view_file('view/mail_conv.tpl');
+		$tpl = get_markup_template('mail_conv.tpl');
 		foreach($messages as $message) {
 			if($message['from-url'] == $myprofile) {
 				$from_url = $myprofile;
 				$sparkle = '';
 			}
 			else {
-				$from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
+				$from_url = $a->get_baseurl(true) . '/redir/' . $message['contact-id'];
 				$sparkle = ' sparkle';
 			}
 			$o .= replace_macros($tpl, array(
 				'$id' => $message['id'],
-				'$from_name' =>$message['from-name'],
+				'$from_name' => template_escape($message['from-name']),
 				'$from_url' => $from_url,
 				'$sparkle' => $sparkle,
 				'$from_photo' => $message['from-photo'],
-				'$subject' => $message['title'],
-				'$body' => smilies(bbcode($message['body'])),
+				'$subject' => template_escape($message['title']),
+				'$body' => template_escape(smilies(bbcode($message['body']))),
 				'$delete' => t('Delete message'),
-				'$to_name' => $message['name'],
+				'$to_name' => template_escape($message['name']),
 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
 			));
 				
 		}
 		$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
 		$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
-		$tpl = load_view_file('view/prv_message.tpl');
+		$tpl = get_markup_template('prv_message.tpl');
 		$o .= replace_macros($tpl,array(
 			'$header' => t('Send Reply'),
 			'$to' => t('To:'),
 			'$subject' => t('Subject:'),
-			'$subjtxt' => $message['title'],
+			'$subjtxt' => template_escape($message['title']),
 			'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
 			'$yourmessage' => t('Your message:'),
+			'$text' => '',
 			'$select' => $select,
 			'$parent' => $parent,
 			'$upload' => t('Upload photo'),
 			'$insert' => t('Insert web link'),
 			'$wait' => t('Please wait')
-
 		));
 
 		return $o;
 	}
 
-}
\ No newline at end of file
+}