X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fmessage.php;h=466b0befa869390ce67d2c7472e3b21a492abc79;hb=1207bb1b55f402074a73d9ff0221ff8c9a6a285a;hp=0f55412bb65785b7491951dc7ee0d7c29e7cfaf2;hpb=35e29e10e69dfb086e990d852aa6b5006ce31d1b;p=friendica.git

diff --git a/mod/message.php b/mod/message.php
index 0f55412bb6..466b0befa8 100644
--- a/mod/message.php
+++ b/mod/message.php
@@ -1,11 +1,6 @@
 <?php
 
-require_once('view/acl_selectors.php');
-
-function message_init(&$a) {
-
-
-}
+require_once('include/acl_selectors.php');
 
 function message_post(&$a) {
 
@@ -14,22 +9,25 @@ function message_post(&$a) {
 		return;
 	}
 
-	$replyto = notags(trim($_POST['replyto']));
-	$recipient = intval($_POST['messageto']);
-	$subject = notags(trim($_POST['subject']));
-	$body = escape_tags(trim($_POST['body']));
+	$replyto   = ((x($_POST,'replyto'))   ? notags(trim($_POST['replyto']))   : '');
+	$subject   = ((x($_POST,'subject'))   ? notags(trim($_POST['subject']))   : '');
+	$body      = ((x($_POST,'body'))      ? escape_tags(trim($_POST['body'])) : '');
+	$recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto'])       : 0 );
 
 	if(! $recipient) {
 		notice( t('No recipient selected.') . EOL );
 		return;
 	}
 
+	if(! strlen($subject))
+		$subject = t('[no subject]');
+
 	$me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($_SESSION['uid'])
+		intval(local_user())
 	);
 	$contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 			intval($recipient),
-			intval($_SESSION['uid'])
+			intval(local_user())
 	);
 
 	if(! (count($me) && (count($contact)))) {
@@ -38,22 +36,21 @@ function message_post(&$a) {
 	}
 
 	$hash = random_string();
- 	$uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . $_SESSION['uid'] . ':' . $hash ;
+ 	$uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
 
 	if(! strlen($replyto))
 		$replyto = $uri;
 
 	$r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`, 
-		`contact-id`, `title`, `body`, `delivered`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
-		VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, %d, '%s', '%s', '%s' )",
-		intval($_SESSION['uid']),
+		`contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
+		VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
+		intval(local_user()),
 		dbesc($me[0]['name']),
 		dbesc($me[0]['thumb']),
 		dbesc($me[0]['url']),
 		intval($recipient),
 		dbesc($subject),
 		dbesc($body),
-		0,
 		1,
 		0,
 		dbesc($uri),
@@ -62,28 +59,59 @@ function message_post(&$a) {
 	);
 	$r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
 		dbesc($uri),
-		intval($_SESSION['uid'])
+		intval(local_user())
 	);
 	if(count($r))
 		$post_id = $r[0]['id'];
 
-	$url = $a->get_baseurl();
-	$php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
+	/**
+	 *
+	 * When a photo was uploaded into the message using the (profile wall) ajax 
+	 * uploader, The permissions are initially set to disallow anybody but the
+	 * owner from seeing it. This is because the permissions may not yet have been
+	 * set for the post. If it's private, the photo permissions should be set
+	 * appropriately. But we didn't know the final permissions on the post until
+	 * now. So now we'll look for links of uploaded messages that are in the
+	 * post and set them to the same permissions as the post itself.
+	 *
+	 */
+
+	$match = null;
+
+	if(preg_match_all("/\[img\](.+?)\[\/img\]/",$body,$match)) {
+		$images = $match[1];
+		if(count($images)) {
+			foreach($images as $image) {
+				if(! stristr($image,$a->get_baseurl() . '/photo/'))
+					continue;
+				$image_uri = substr($image,strrpos($image,'/') + 1);
+				$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
+				$r = q("UPDATE `photo` SET `allow_cid` = '%s'
+					WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
+					dbesc('<' . $recipient . '>'),
+					dbesc($image_uri),
+					dbesc( t('Wall Photos')),
+					intval(local_user())
+				); 
+			}
+		}
+	}
 	
 	if($post_id) {
-		proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"$url\" \"mail\" \"$post_id\" &",
-			array(),$foo));
+		proc_run('php',"include/notifier.php","mail","$post_id");
 		notice( t('Message sent.') . EOL );
 	}
 	else {
 		notice( t('Message could not be sent.') . EOL );
 	}
 	return;
-
 }
 
 function message_content(&$a) {
 
+	$o = '';
+	$o .= '<script>	$(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
+
 	if(! local_user()) {
 		notice( t('Permission denied.') . EOL);
 		return;
@@ -92,7 +120,7 @@ function message_content(&$a) {
 	$myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 
 
-	$tpl = file_get_contents('view/mail_head.tpl');
+	$tpl = load_view_file('view/mail_head.tpl');
 	$header = replace_macros($tpl, array(
 		'$messages' => t('Messages'),
 		'$inbox' => t('Inbox'),
@@ -101,14 +129,14 @@ function message_content(&$a) {
 	));
 
 
-	if(($a->argc == 3) && ($a->argv[1] == 'drop' || $a->argv[1] == 'dropconv')) {
+	if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
 		if(! intval($a->argv[2]))
 			return;
 		$cmd = $a->argv[1];
-		if($cmd == 'drop') {
+		if($cmd === 'drop') {
 			$r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval($a->argv[2]),
-				intval($_SESSION['uid'])
+				intval(local_user())
 			);
 			if($r) {
 				notice( t('Message deleted.') . EOL );
@@ -118,13 +146,13 @@ function message_content(&$a) {
 		else {
 			$r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval($a->argv[2]),
-				intval($_SESSION['uid'])
+				intval(local_user())
 			);
 			if(count($r)) {
 				$parent = $r[0]['parent-uri'];
 				$r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
 					dbesc($parent),
-					intval($_SESSION['uid'])
+					intval(local_user())
 				);
 				if($r)
 					notice( t('Conversation removed.') . EOL );
@@ -133,26 +161,15 @@ function message_content(&$a) {
 		}	
 	
 	}
-	if(($a->argc > 2) && ($a->argv[1] == 'redeliver') && intval($a->argv[2])) {
-		$url = $a->get_baseurl();
-		$post_id = intval($a->argv[2]);
-		$php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
-
-		proc_close(proc_open("\"$php_path\" \"include/notifier.php\" \"$url\" \"mail\" \"$post_id\" &",
-			array(),$foo));
-		goaway($a->get_baseurl() . '/message' );
-	}
-
-
 
-	if(($a->argc > 1) && ($a->argv[1] == 'new')) {
+	if(($a->argc > 1) && ($a->argv[1] === 'new')) {
 		
-		$tpl = file_get_contents('view/msg-header.tpl');
+		$tpl = load_view_file('view/msg-header.tpl');
 	
 		$a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
 
-		$select .= contact_select('messageto','message-to-select', false, 4, true);
-		$tpl = file_get_contents('view/prv_message.tpl');
+		$select = contact_select('messageto','message-to-select', false, 4, true);
+		$tpl = load_view_file('view/prv_message.tpl');
 		$o .= replace_macros($tpl,array(
 			'$header' => t('Send Private Message'),
 			'$to' => t('To:'),
@@ -171,7 +188,7 @@ function message_content(&$a) {
 		return $o;
 	}
 
-	if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] == 'sent')) {
+	if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] === 'sent')) {
 
 		$o .= $header;
 		
@@ -182,7 +199,7 @@ function message_content(&$a) {
 
 		$r = q("SELECT count(*) AS `total` FROM `mail` 
 			WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
-			intval($_SESSION['uid']),
+			intval(local_user()),
 			dbesc($myprofile)
 		);
 		if(count($r))
@@ -192,7 +209,7 @@ function message_content(&$a) {
 			`mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` 
 			FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` 
 			WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC  LIMIT %d , %d ",
-			intval($_SESSION['uid']),
+			intval(local_user()),
 			dbesc($myprofile),
 			intval($a->pager['start']),
 			intval($a->pager['itemspage'])
@@ -202,13 +219,14 @@ function message_content(&$a) {
 			return $o;
 		}
 
-		$tpl = file_get_contents('view/mail_list.tpl');
+		$tpl = load_view_file('view/mail_list.tpl');
 		foreach($r as $rr) {
 			$o .= replace_macros($tpl, array(
 				'$id' => $rr['id'],
 				'$from_name' =>$rr['from-name'],
 				'$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
-				'$from_photo' => $rr['from-photo'],
+				'$sparkle' => ' sparkle',
+				'$from_photo' => $rr['thumb'],
 				'$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
 				'$delete' => t('Delete conversation'),
 				'$body' => $rr['body'],
@@ -227,7 +245,7 @@ function message_content(&$a) {
 		$r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb` 
 			FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` 
 			WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1",
-			intval($_SESSION['uid']),
+			intval(local_user()),
 			intval($a->argv[1])
 		);
 		if(count($r)) { 
@@ -235,7 +253,7 @@ function message_content(&$a) {
 			$messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb` 
 				FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` 
 				WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
-				intval($_SESSION['uid']),
+				intval(local_user()),
 				dbesc($r[0]['parent-uri'])
 			);
 		}
@@ -246,26 +264,37 @@ function message_content(&$a) {
 
 		$r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d",
 			dbesc($r[0]['parent-uri']),
-			intval($_SESSION['uid'])
+			intval(local_user())
 		);
 
 		require_once("include/bbcode.php");
 
-		$tpl = file_get_contents('view/msg-header.tpl');
+		$tpl = load_view_file('view/msg-header.tpl');
 	
-		$a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl()));
+		$a->page['htmlhead'] .= replace_macros($tpl, array(
+			'$nickname' => $a->user['nickname'],
+			'$baseurl' => $a->get_baseurl()
+		));
 
 
-		$tpl = file_get_contents('view/mail_conv.tpl');
+		$tpl = load_view_file('view/mail_conv.tpl');
 		foreach($messages as $message) {
+			if($message['from-url'] == $myprofile) {
+				$from_url = $myprofile;
+				$sparkle = '';
+			}
+			else {
+				$from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
+				$sparkle = ' sparkle';
+			}
 			$o .= replace_macros($tpl, array(
 				'$id' => $message['id'],
 				'$from_name' =>$message['from-name'],
-				'$from_url' => (($message['from-url'] == $myprofile) 
-					? $myprofile : $a->get_baseurl() . '/redir/' . $message['contact-id']),
+				'$from_url' => $from_url,
+				'$sparkle' => $sparkle,
 				'$from_photo' => $message['from-photo'],
 				'$subject' => $message['title'],
-				'$body' => bbcode($message['body']),
+				'$body' => smilies(bbcode($message['body'])),
 				'$delete' => t('Delete message'),
 				'$to_name' => $message['name'],
 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
@@ -274,7 +303,7 @@ function message_content(&$a) {
 		}
 		$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
 		$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
-		$tpl = file_get_contents('view/prv_message.tpl');
+		$tpl = load_view_file('view/prv_message.tpl');
 		$o .= replace_macros($tpl,array(
 			'$header' => t('Send Reply'),
 			'$to' => t('To:'),