Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

331 lines
9.4 KiB

11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
10 years ago
10 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. <?php
  2. require_once('include/acl_selectors.php');
  3. function message_post(&$a) {
  4. if(! local_user()) {
  5. notice( t('Permission denied.') . EOL);
  6. return;
  7. }
  8. $replyto = ((x($_POST,'replyto')) ? notags(trim($_POST['replyto'])) : '');
  9. $subject = ((x($_POST,'subject')) ? notags(trim($_POST['subject'])) : '');
  10. $body = ((x($_POST,'body')) ? escape_tags(trim($_POST['body'])) : '');
  11. $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto']) : 0 );
  12. if(! $recipient) {
  13. notice( t('No recipient selected.') . EOL );
  14. return;
  15. }
  16. if(! strlen($subject))
  17. $subject = t('[no subject]');
  18. $me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
  19. intval(local_user())
  20. );
  21. $contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  22. intval($recipient),
  23. intval(local_user())
  24. );
  25. if(! (count($me) && (count($contact)))) {
  26. notice( t('Unable to locate contact information.') . EOL );
  27. return;
  28. }
  29. $hash = random_string();
  30. $uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
  31. if(! strlen($replyto))
  32. $replyto = $uri;
  33. $r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`,
  34. `contact-id`, `title`, `body`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
  35. VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s', '%s', '%s' )",
  36. intval(local_user()),
  37. dbesc($me[0]['name']),
  38. dbesc($me[0]['thumb']),
  39. dbesc($me[0]['url']),
  40. intval($recipient),
  41. dbesc($subject),
  42. dbesc($body),
  43. 1,
  44. 0,
  45. dbesc($uri),
  46. dbesc($replyto),
  47. datetime_convert()
  48. );
  49. $r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
  50. dbesc($uri),
  51. intval(local_user())
  52. );
  53. if(count($r))
  54. $post_id = $r[0]['id'];
  55. /**
  56. *
  57. * When a photo was uploaded into the message using the (profile wall) ajax
  58. * uploader, The permissions are initially set to disallow anybody but the
  59. * owner from seeing it. This is because the permissions may not yet have been
  60. * set for the post. If it's private, the photo permissions should be set
  61. * appropriately. But we didn't know the final permissions on the post until
  62. * now. So now we'll look for links of uploaded messages that are in the
  63. * post and set them to the same permissions as the post itself.
  64. *
  65. */
  66. $match = null;
  67. if(preg_match_all("/\[img\](.*?)\[\/img\]/",$body,$match)) {
  68. $images = $match[1];
  69. if(count($images)) {
  70. foreach($images as $image) {
  71. if(! stristr($image,$a->get_baseurl() . '/photo/'))
  72. continue;
  73. $image_uri = substr($image,strrpos($image,'/') + 1);
  74. $image_uri = substr($image_uri,0, strpos($image_uri,'-'));
  75. $r = q("UPDATE `photo` SET `allow_cid` = '%s'
  76. WHERE `resource-id` = '%s' AND `album` = '%s' AND `uid` = %d ",
  77. dbesc('<' . $recipient . '>'),
  78. dbesc($image_uri),
  79. dbesc( t('Wall Photos')),
  80. intval(local_user())
  81. );
  82. }
  83. }
  84. }
  85. if($post_id) {
  86. proc_run('php',"include/notifier.php","mail","$post_id");
  87. info( t('Message sent.') . EOL );
  88. }
  89. else {
  90. notice( t('Message could not be sent.') . EOL );
  91. }
  92. return;
  93. }
  94. function message_content(&$a) {
  95. $o = '';
  96. $o .= '<script> $(document).ready(function() { $(\'#nav-messages-link\').addClass(\'nav-selected\'); });</script>';
  97. if(! local_user()) {
  98. notice( t('Permission denied.') . EOL);
  99. return;
  100. }
  101. $myprofile = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
  102. $tpl = get_markup_template('mail_head.tpl');
  103. $header = replace_macros($tpl, array(
  104. '$messages' => t('Messages'),
  105. '$inbox' => t('Inbox'),
  106. '$outbox' => t('Outbox'),
  107. '$new' => t('New Message')
  108. ));
  109. if(($a->argc == 3) && ($a->argv[1] === 'drop' || $a->argv[1] === 'dropconv')) {
  110. if(! intval($a->argv[2]))
  111. return;
  112. $cmd = $a->argv[1];
  113. if($cmd === 'drop') {
  114. $r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  115. intval($a->argv[2]),
  116. intval(local_user())
  117. );
  118. if($r) {
  119. info( t('Message deleted.') . EOL );
  120. }
  121. goaway($a->get_baseurl() . '/message' );
  122. }
  123. else {
  124. $r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  125. intval($a->argv[2]),
  126. intval(local_user())
  127. );
  128. if(count($r)) {
  129. $parent = $r[0]['parent-uri'];
  130. $r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
  131. dbesc($parent),
  132. intval(local_user())
  133. );
  134. if($r)
  135. info( t('Conversation removed.') . EOL );
  136. }
  137. goaway($a->get_baseurl() . '/message' );
  138. }
  139. }
  140. if(($a->argc > 1) && ($a->argv[1] === 'new')) {
  141. $tpl = get_markup_template('msg-header.tpl');
  142. $a->page['htmlhead'] .= replace_macros($tpl, array(
  143. '$baseurl' => $a->get_baseurl(),
  144. '$nickname' => $a->user['nickname'],
  145. '$linkurl' => t('Please enter a link URL:')
  146. ));
  147. $preselect = (isset($a->argv[2])?array($a->argv[2]):false);
  148. $select = contact_select('messageto','message-to-select', $preselect, 4, true);
  149. $tpl = get_markup_template('prv_message.tpl');
  150. $o .= replace_macros($tpl,array(
  151. '$header' => t('Send Private Message'),
  152. '$to' => t('To:'),
  153. '$subject' => t('Subject:'),
  154. '$subjtxt' => '',
  155. '$readonly' => '',
  156. '$yourmessage' => t('Your message:'),
  157. '$select' => $select,
  158. '$parent' => '',
  159. '$upload' => t('Upload photo'),
  160. '$insert' => t('Insert web link'),
  161. '$wait' => t('Please wait')
  162. ));
  163. return $o;
  164. }
  165. if(($a->argc == 1) || ($a->argc == 2 && $a->argv[1] === 'sent')) {
  166. $o .= $header;
  167. if($a->argc == 2)
  168. $eq = '='; // I'm not going to bother escaping this.
  169. else
  170. $eq = '!='; // or this.
  171. $r = q("SELECT count(*) AS `total` FROM `mail`
  172. WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
  173. intval(local_user()),
  174. dbesc($myprofile)
  175. );
  176. if(count($r))
  177. $a->set_pager_total($r[0]['total']);
  178. $r = q("SELECT max(`mail`.`created`) AS `mailcreated`, min(`mail`.`seen`) AS `mailseen`,
  179. `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
  180. FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
  181. WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ",
  182. intval(local_user()),
  183. dbesc($myprofile),
  184. intval($a->pager['start']),
  185. intval($a->pager['itemspage'])
  186. );
  187. if(! count($r)) {
  188. info( t('No messages.') . EOL);
  189. return $o;
  190. }
  191. $tpl = get_markup_template('mail_list.tpl');
  192. foreach($r as $rr) {
  193. $o .= replace_macros($tpl, array(
  194. '$id' => $rr['id'],
  195. '$from_name' =>$rr['from-name'],
  196. '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'],
  197. '$sparkle' => ' sparkle',
  198. '$from_photo' => $rr['thumb'],
  199. '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'),
  200. '$delete' => t('Delete conversation'),
  201. '$body' => $rr['body'],
  202. '$to_name' => $rr['name'],
  203. '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A'))
  204. ));
  205. }
  206. $o .= paginate($a);
  207. return $o;
  208. }
  209. if(($a->argc > 1) && (intval($a->argv[1]))) {
  210. $o .= $header;
  211. $r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
  212. FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
  213. WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1",
  214. intval(local_user()),
  215. intval($a->argv[1])
  216. );
  217. if(count($r)) {
  218. $contact_id = $r[0]['contact-id'];
  219. $messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
  220. FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
  221. WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
  222. intval(local_user()),
  223. dbesc($r[0]['parent-uri'])
  224. );
  225. }
  226. if(! count($messages)) {
  227. notice( t('Message not available.') . EOL );
  228. return $o;
  229. }
  230. $r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d",
  231. dbesc($r[0]['parent-uri']),
  232. intval(local_user())
  233. );
  234. require_once("include/bbcode.php");
  235. $tpl = get_markup_template('msg-header.tpl');
  236. $a->page['htmlhead'] .= replace_macros($tpl, array(
  237. '$nickname' => $a->user['nickname'],
  238. '$baseurl' => $a->get_baseurl()
  239. ));
  240. $tpl = get_markup_template('mail_conv.tpl');
  241. foreach($messages as $message) {
  242. if($message['from-url'] == $myprofile) {
  243. $from_url = $myprofile;
  244. $sparkle = '';
  245. }
  246. else {
  247. $from_url = $a->get_baseurl() . '/redir/' . $message['contact-id'];
  248. $sparkle = ' sparkle';
  249. }
  250. $o .= replace_macros($tpl, array(
  251. '$id' => $message['id'],
  252. '$from_name' =>$message['from-name'],
  253. '$from_url' => $from_url,
  254. '$sparkle' => $sparkle,
  255. '$from_photo' => $message['from-photo'],
  256. '$subject' => $message['title'],
  257. '$body' => smilies(bbcode($message['body'])),
  258. '$delete' => t('Delete message'),
  259. '$to_name' => $message['name'],
  260. '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A')
  261. ));
  262. }
  263. $select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
  264. $parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
  265. $tpl = get_markup_template('prv_message.tpl');
  266. $o .= replace_macros($tpl,array(
  267. '$header' => t('Send Reply'),
  268. '$to' => t('To:'),
  269. '$subject' => t('Subject:'),
  270. '$subjtxt' => $message['title'],
  271. '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
  272. '$yourmessage' => t('Your message:'),
  273. '$select' => $select,
  274. '$parent' => $parent,
  275. '$upload' => t('Upload photo'),
  276. '$insert' => t('Insert web link'),
  277. '$wait' => t('Please wait')
  278. ));
  279. return $o;
  280. }
  281. }