1 | <?php |
||
2 | /** |
||
3 | * Private message module |
||
4 | * |
||
5 | * You may not change or alter any portion of this comment or credits |
||
6 | * of supporting developers from this source code or any supporting source code |
||
7 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
8 | * This program is distributed in the hope that it will be useful, |
||
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
11 | * |
||
12 | * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
||
13 | * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) |
||
14 | * @package pm |
||
15 | * @since 2.3.0 |
||
16 | * @author Jan Pedersen |
||
17 | * @author Taiwen Jiang <[email protected]> |
||
18 | */ |
||
19 | |||
20 | include_once dirname(dirname(__DIR__)) . '/mainfile.php'; |
||
21 | |||
22 | if (!is_object($GLOBALS['xoopsUser'])) { |
||
23 | redirect_header(XOOPS_URL, 3, _NOPERM); |
||
24 | } |
||
25 | $valid_op_requests = array('out', 'save', 'in'); |
||
26 | $_REQUEST['op'] = !empty($_REQUEST['op']) && in_array($_REQUEST['op'], $valid_op_requests) ? $_REQUEST['op'] : 'in'; |
||
27 | $msg_id = empty($_REQUEST['msg_id']) ? 0 : (int)$_REQUEST['msg_id']; |
||
28 | $pm_handler = xoops_getModuleHandler('message'); |
||
29 | $pm = null; |
||
30 | if ($msg_id > 0) { |
||
31 | $pm = $pm_handler->get($msg_id); |
||
32 | } |
||
33 | |||
34 | if (is_object($pm) && ($pm->getVar('from_userid') != $GLOBALS['xoopsUser']->getVar('uid')) && ($pm->getVar('to_userid') != $GLOBALS['xoopsUser']->getVar('uid'))) { |
||
35 | redirect_header(XOOPS_URL . '/modules/' . $GLOBALS['xoopsModule']->getVar('dirname', 'n') . '/index.php', 2, _NOPERM); |
||
36 | } |
||
37 | |||
38 | if (is_object($pm) && !empty($_POST['action'])) { |
||
39 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||
40 | echo implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()); |
||
41 | exit(); |
||
42 | } |
||
43 | $res = false; |
||
44 | if (!empty($_REQUEST['email_message'])) { |
||
45 | $res = $pm_handler->sendEmail($pm, $GLOBALS['xoopsUser']); |
||
46 | } elseif (!empty($_REQUEST['move_message']) && $_REQUEST['op'] !== 'save' && !$GLOBALS['xoopsUser']->isAdmin() && $pm_handler->getSavecount() >= $GLOBALS['xoopsModuleConfig']['max_save']) { |
||
47 | $res_message = sprintf(_PM_SAVED_PART, $GLOBALS['xoopsModuleConfig']['max_save'], 0); |
||
48 | } else { |
||
49 | switch ($_REQUEST['op']) { |
||
50 | case 'out': |
||
51 | if ($pm->getVar('from_userid') != $GLOBALS['xoopsUser']->getVar('uid')) { |
||
52 | break; |
||
53 | } |
||
54 | if (!empty($_REQUEST['delete_message'])) { |
||
55 | $res = $pm_handler->setFromdelete($pm); |
||
56 | } elseif (!empty($_REQUEST['move_message'])) { |
||
57 | $res = $pm_handler->setFromsave($pm); |
||
58 | } |
||
59 | break; |
||
60 | case 'save': |
||
61 | if ($pm->getVar('to_userid') == $GLOBALS['xoopsUser']->getVar('uid')) { |
||
62 | if (!empty($_REQUEST['delete_message'])) { |
||
63 | $res1 = $pm_handler->setTodelete($pm); |
||
64 | $res1 = $res1 ? $pm_handler->setTosave($pm, 0) : false; |
||
65 | } elseif (!empty($_REQUEST['move_message'])) { |
||
66 | $res1 = $pm_handler->setTosave($pm, 0); |
||
67 | } |
||
68 | } |
||
69 | if ($pm->getVar('from_userid') == $GLOBALS['xoopsUser']->getVar('uid')) { |
||
70 | if (!empty($_REQUEST['delete_message'])) { |
||
71 | $res2 = $pm_handler->setFromDelete($pm); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
72 | $res2 = $res2 ? $pm_handler->setFromsave($pm, 0) : false; |
||
73 | } elseif (!empty($_REQUEST['move_message'])) { |
||
74 | $res2 = $pm_handler->setFromsave($pm, 0); |
||
75 | } |
||
76 | } |
||
77 | $res = $res1 && $res2; |
||
78 | break; |
||
79 | |||
80 | case 'in': |
||
81 | default: |
||
82 | if ($pm->getVar('to_userid') != $GLOBALS['xoopsUser']->getVar('uid')) { |
||
83 | break; |
||
84 | } |
||
85 | if (!empty($_REQUEST['delete_message'])) { |
||
86 | $res = $pm_handler->setTodelete($pm); |
||
87 | } elseif (!empty($_REQUEST['move_message'])) { |
||
88 | $res = $pm_handler->setTosave($pm); |
||
89 | } |
||
90 | break; |
||
91 | } |
||
92 | } |
||
93 | $res_message = isset($res_message) ? $res_message : ($res ? _PM_ACTION_DONE : _PM_ACTION_ERROR); |
||
94 | redirect_header('viewpmsg.php?op=' . htmlspecialchars($_REQUEST['op']), 2, $res_message); |
||
95 | } |
||
96 | $start = !empty($_GET['start']) ? (int)$_GET['start'] : 0; |
||
97 | $total_messages = !empty($_GET['total_messages']) ? (int)$_GET['total_messages'] : 0; |
||
98 | $GLOBALS['xoopsOption']['template_main'] = 'pm_readpmsg.tpl'; |
||
99 | include $GLOBALS['xoops']->path('header.php'); |
||
100 | |||
101 | if (!is_object($pm)) { |
||
102 | if ($_REQUEST['op'] === 'out') { |
||
103 | $criteria = new CriteriaCompo(new Criteria('from_delete', 0)); |
||
104 | $criteria->add(new Criteria('from_userid', $GLOBALS['xoopsUser']->getVar('uid'))); |
||
105 | $criteria->add(new Criteria('from_save', 0)); |
||
106 | } elseif ($_REQUEST['op'] === 'save') { |
||
107 | $crit_to = new CriteriaCompo(new Criteria('to_delete', 0)); |
||
108 | $crit_to->add(new Criteria('to_save', 1)); |
||
109 | $crit_to->add(new Criteria('to_userid', $GLOBALS['xoopsUser']->getVar('uid'))); |
||
110 | $crit_from = new CriteriaCompo(new Criteria('from_delete', 0)); |
||
111 | $crit_from->add(new Criteria('from_save', 1)); |
||
112 | $crit_from->add(new Criteria('from_userid', $GLOBALS['xoopsUser']->getVar('uid'))); |
||
113 | $criteria = new CriteriaCompo($crit_to); |
||
114 | $criteria->add($crit_from, 'OR'); |
||
115 | } else { |
||
116 | $criteria = new CriteriaCompo(new Criteria('to_delete', 0)); |
||
117 | $criteria->add(new Criteria('to_userid', $GLOBALS['xoopsUser']->getVar('uid'))); |
||
118 | $criteria->add(new Criteria('to_save', 0)); |
||
119 | } |
||
120 | |||
121 | $criteria->setLimit(1); |
||
122 | $criteria->setStart($start); |
||
123 | $criteria->setSort('msg_time'); |
||
124 | $criteria->setOrder('DESC'); |
||
125 | list($pm) = $pm_handler->getObjects($criteria); |
||
126 | } |
||
127 | |||
128 | include_once $GLOBALS['xoops']->path('class/xoopsformloader.php'); |
||
129 | |||
130 | $pmform = new XoopsForm('', 'pmform', 'readpmsg.php', 'post', true); |
||
131 | if (is_object($pm) && !empty($pm)) { |
||
132 | if ($pm->getVar('from_userid') != $GLOBALS['xoopsUser']->getVar('uid')) { |
||
133 | $reply_button = new XoopsFormButton('', 'send', _PM_REPLY); |
||
134 | $reply_button->setExtra("onclick='javascript:openWithSelfMain(\"" . XOOPS_URL . '/modules/pm/pmlite.php?reply=1&msg_id=' . $pm->getVar('msg_id') . "\", \"pmlite\", 565,500);'"); |
||
135 | $pmform->addElement($reply_button); |
||
136 | } |
||
137 | $pmform->addElement(new XoopsFormButton('', 'delete_message', _PM_DELETE, 'submit')); |
||
138 | $pmform->addElement(new XoopsFormButton('', 'move_message', ($_REQUEST['op'] === 'save') ? _PM_UNSAVE : _PM_TOSAVE, 'submit')); |
||
139 | $pmform->addElement(new XoopsFormButton('', 'email_message', _PM_EMAIL, 'submit')); |
||
140 | $pmform->addElement(new XoopsFormHidden('msg_id', $pm->getVar('msg_id'))); |
||
141 | $pmform->addElement(new XoopsFormHidden('op', $_REQUEST['op'])); |
||
142 | $pmform->addElement(new XoopsFormHidden('action', 1)); |
||
143 | $pmform->assign($GLOBALS['xoopsTpl']); |
||
144 | |||
145 | if ($pm->getVar('from_userid') == $GLOBALS['xoopsUser']->getVar('uid')) { |
||
146 | $poster = new XoopsUser($pm->getVar('to_userid')); |
||
147 | } else { |
||
148 | $poster = new XoopsUser($pm->getVar('from_userid')); |
||
149 | } |
||
150 | if (!is_object($poster)) { |
||
151 | $GLOBALS['xoopsTpl']->assign('poster', false); |
||
152 | $GLOBALS['xoopsTpl']->assign('anonymous', $xoopsConfig['anonymous']); |
||
153 | } else { |
||
154 | $GLOBALS['xoopsTpl']->assign('poster', $poster); |
||
155 | } |
||
156 | |||
157 | if ($pm->getVar('to_userid') == $GLOBALS['xoopsUser']->getVar('uid') && $pm->getVar('read_msg') == 0) { |
||
158 | $pm_handler->setRead($pm); |
||
159 | } |
||
160 | |||
161 | $message = $pm->getValues(); |
||
162 | $message['msg_time'] = formatTimestamp($pm->getVar('msg_time')); |
||
163 | $message['msg_image'] = htmlspecialchars($message['msg_image'], ENT_QUOTES); |
||
164 | } |
||
165 | $GLOBALS['xoopsTpl']->assign('message', $message); |
||
166 | $GLOBALS['xoopsTpl']->assign('op', $_REQUEST['op']); |
||
167 | $GLOBALS['xoopsTpl']->assign('previous', $start - 1); |
||
168 | $GLOBALS['xoopsTpl']->assign('next', $start + 1); |
||
169 | $GLOBALS['xoopsTpl']->assign('total_messages', $total_messages); |
||
170 | |||
171 | include $GLOBALS['xoops']->path('footer.php'); |
||
172 |