UserSpice messages.php with Brandin's patch

1. <?php
2. /*
3. UserSpice 4
4. An Open Source PHP User Management System
5. by the UserSpice Team at http://UserSpice.com
6.  
7. This program is free software: you can redistribute it and/or modify
8. it under the terms of the GNU General Public License as published by
9. the Free Software Foundation, either version 3 of the License, or
10. (at your option) any later version.
11.  
12. This program is distributed in the hope that it will be useful,
13. but WITHOUT ANY WARRANTY; without even the implied warranty of
14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15. GNU General Public License for more details.
16.  
17. You should have received a copy of the GNU General Public License
18. along with this program.  If not, see <http://www.gnu.org/licenses/>.
19. */
20. ?>
21. <?php
22. require_once '../users/init.php';
23. require_once $abs_us_root.$us_url_root.'users/includes/header.php';
24. require_once $abs_us_root.$us_url_root.'users/includes/navigation.php';
25. ?>
26.  
27. <?php if (!securePage($_SERVER['PHP_SELF'])){die();}
28. if($settings->messaging != 1){
29.   Redirect::to('account.php?err=Messaging+is+disabled');
30. }
31. $validation = new Validate();
32. $errors = [];
33. $successes = [];
34. $exempt = $db->query("SELECT msg_exempt FROM settings")->first()->msg_exempt;
35.    
36. if (strlen($exempt) == 0)
37.     $exempt = 0;
38.    
39. $userData = $db->query("SELECT id, username FROM users WHERE id NOT IN ($exempt) AND id!={$user->data()->id}")->results();
40. ?>
41. <?php
42. if (!empty($_POST)) {
43.   //Delete User Checkboxes
44.   if (!empty($_POST['archive'])){
45.     $deletions = $_POST['archive'];
46.     if ($deletion_count = archiveThreads($deletions,$user->data()->id,1)){
47.       $successes[] = lang("MESSAGE_ARCHIVE_SUCCESSFUL", array($deletion_count));
48.     }
49.     else {
50.       $errors[] = lang("SQL_ERROR");
51.     }
52.   }
53.   if (!empty($_POST['unarchive'])){
54.     $deletions = $_POST['unarchive'];
55.     if ($deletion_count = archiveThreads($deletions,$user->data()->id,0)){
56.       $successes[] = lang("MESSAGE_UNARCHIVE_SUCCESSFUL", array($deletion_count));
57.     }
58.     else {
59.       $errors[] = lang("SQL_ERROR");
60.     }
61.   }
62. if(!empty($_POST['send_message'])){
63.    
64.     if (empty(Input::get('user_id'))) {
65.     $errors[] = "Unknown recipient"; }
66.  
67.     if (strlen(Input::get('msg_body')) == 0) {
68.     $errors[] = "Message cannot be empty"; }
69.    
70.   $date = date("Y-m-d H:i:s");
71.  
72.   $thread = array(
73.     'msg_from'    => $user->data()->id,
74.     'msg_to'      => Input::get('user_id'),
75.     'msg_subject' => Input::get('msg_subject'),
76.     'last_update' => $date,
77.     'last_update_by' => $user->data()->id,
78.   );
79.     if (empty($errors)) {
80.     $db->insert('message_threads',$thread); }
81.   $newThread = $db->lastId();
82.  
83.  
84.   $fields = array(
85.     'msg_from'    => $user->data()->id,
86.     'msg_to'      => Input::get('user_id'),
87.     'msg_body'    => Input::get('msg_body'),
88.     'msg_thread'  => $newThread,
89.     'sent_on'     => $date,
90.   );
91.  
92.     if (empty($errors)) {
93.   $db->insert('messages',$fields);
94.  
95.     $successes[] = "Your message has been sent!"; }
96. }
97.  
98. if(!empty($_POST['send_mass_message'])){
99.   $date = date("Y-m-d H:i:s");
100.  
101.  
102.     foreach($userData as $v1) {
103.   $thread = array(
104.     'msg_from'    => $user->data()->id,
105.     'msg_to'      => $v1->id,
106.     'msg_subject' => Input::get('msg_subject'),
107.     'last_update' => $date,
108.     'last_update_by' => $user->data()->id,
109.   );
110.   $db->insert('message_threads',$thread);
111.   $newThread = $db->lastId();
112.  
113.  
114.   $fields = array(
115.     'msg_from'    => $user->data()->id,
116.     'msg_to'      => $v1->id,
117.     'msg_body'    => Input::get('msg_body'),
118.     'msg_thread'  => $newThread,
119.     'sent_on'     => $date,
120.   );
121.  
122.   $db->insert('messages',$fields);
123.     }
124.  
125.   $successes[] = "Your mass message has been sent!";
126. } }
127. $messagesQ = $db->query("SELECT * FROM message_threads WHERE msg_to = ? OR msg_from = ? ORDER BY last_update DESC",array($user->data()->id,$user->data()->id));
128. $messages = $messagesQ->results();
129. $messagesCount = $messagesQ->count();
130. $archiveCount = $db->query("SELECT id FROM message_threads WHERE msg_from = ? AND archive_from = ?",array($user->data()->id,1));
131. $archiveCountCount = $archiveCount->count();
132. $archiveCount2 = $db->query("SELECT id FROM message_threads WHERE msg_to = ? AND archive_to = ?",array($user->data()->id,1));
133. $archiveCountCount2 = $archiveCount2->count();
134. $count = $messagesCount - $archiveCountCount - $archiveCountCount2;
135. ?>
136. <div id="page-wrapper">
137.  
138. <div class="container">
139.  
140. <?=resultBlock($errors,$successes);?>
141. <?=$validation->display_errors();?>
142.  
143.  
144. <div class="row">
145.       <div class="col-sm-12">
146.         <div class="row" id="maindiv">
147.           <div>
148.         <h1><?php if (checkMenu(2,$user->data()->id)){  ?><div class="btn-group pull-left"><button type="button" class="btn btn-info" data-toggle="modal" data-target="#composemass"><i class="glyphicon glyphicon-plus"></i> New Mass Message</button></div><?php } ?> <center>Conversations <div class="btn-group pull-right"><button type="button" class="btn btn-info" data-toggle="modal" data-target="#compose"><i class="glyphicon glyphicon-plus"></i> New Message</button></div></center></h1>
149.       </div>
150.         <?php if($count > 0) {?><label><input type="checkbox" id="checkall" value="1"
151.         onclick="checkCheckboxes(this.id, 'maindiv');" >
152.         [ check/uncheck all ]</label><?php } ?>
153.       <form name="threads" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
154.         <center><table class="table table-striped">
155.           <thead>
156.             <tr>
157.               <th></th>
158.               <th></th>
159.             </tr>
160.           </thead>
161.           <tbody>
162.             <tr>
163.             <?php if($count > 0) {?>
164.               <?php foreach($messages as $m){ ?>
165.               <?php
166.               if($m->msg_from == $user->data()->id) { if($m->archive_from == 0) { $archived = 0; } else { $archived = 1; } } else { if($m->archive_to == 0) { $archived = 0; } else { $archived = 1; }}
167.               if($archived == 0) {
168.             if($m->msg_from == $user->data()->id) { $findId = $m->msg_to; } else { $findId = $m->msg_from; }
169.             $findUser = $db->query("SELECT picture,email FROM users WHERE id = $findId");
170.             $foundUser = $findUser->first();
171.              $grav = empty($foundUser->picture) ? get_gravatar(strtolower(trim($foundUser->email))) : $foundUser->picture; ?>
172.             <?php $lastmessage = strtotime($m->last_update);
173.                 $difference = ceil((time() - $lastmessage) / (60 * 60 * 24));
174.                 // if($difference==0) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
175.                 if($difference >= 0 && $difference < 7) {
176.                     $today = date("j");
177.                     $last_message = date("j",$lastmessage);
178.                     if($today==$last_message) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
179.                     else {
180.                 $last_update = date("l g:i A",$lastmessage); } }
181.                 elseif($difference >= 7) { $last_update = date("M j, Y g:i A",$lastmessage); }
182.                 $replies = $db->query("SELECT COUNT(*) AS count FROM messages WHERE msg_thread = ? GROUP BY msg_thread",array($m->id));
183.                 $repliescount = $replies->count();
184.                 ?>
185.                 <td style="width:100px">
186.                     <center>
187.                         <span class="chat-img pull-left" style="padding-right:5px">
188.                             <a class="nounderline" href="message.php?id=<?=$m->id?>">
189.                                 <img src="<?=$grav ?>" width="75" class="img-thumbnail">
190.                             </a>
191.                         </span>
192.                     </center>
193.                 </td>
194.                 <td class="pull-left">
195.                     <h4>
196.                         <input type="checkbox" name="archive[<?=$m->id?>]" value="<?=$m->id?>"/>
197.                         <a class="nounderline" href="message.php?id=<?=$m->id?>">  
198.                             <?=$m->msg_subject?> - with <?php if($m->msg_from == $user->data()->id) { echouser($m->msg_to); } else { echouser($m->msg_from); } ?>
199.                         </a>
200.                         <?php $unread = $db->query("SELECT * FROM messages WHERE msg_thread = ? AND msg_to = ? AND msg_read = ?",array($m->id,$user->data()->id,0));
201.                                 $unreadCount = $unread->count();?>
202.                     <?php if($unreadCount > 0) {?> - <font color="red"><?=$unreadCount?> New Message<?php if($unreadCount > 1) {?>s<?php } ?></font><?php } ?></h4>
203.                     <a class="nounderline" href="message.php?id=<?=$m->id?>">
204.                         Updated <?=$last_update?> by <?php echouser($m->last_update_by);?>
205.                     </a>
206.             </tr>
207.             <?php } } } else {?>
208.             <td colspan="2"><center><h3>No Conversations</h3></center></td></tr>
209.             <?php } ?>
210.               </tbody>
211.             </table></center>
212.             <?php if($count > 0) {?><div class="btn-group pull-right"><input class='btn btn-danger' type='submit' name='Submit' value='Archive Selected Threads' /></div><?php } ?>
213.                 </form>
214.                 <br /><?php if(($archiveCountCount + $archiveCountCount2) > 0) {?><center><a href="#" data-toggle="modal" data-target="#archived">View Archived Threads</a></center><?php } ?>
215.             </div><!-- End of main content section --><br />
216.           </div> <!-- /.col -->
217.          
218. <div id="compose" class="modal fade" role="dialog">
219.   <div class="modal-dialog">
220.  
221.     <!-- Modal content-->
222.     <div class="modal-content">
223.       <div class="modal-header">
224.         <button type="button" class="close" data-dismiss="modal">&times;</button>
225.         <h4 class="modal-title">New Message</h4>
226.       </div>
227.       <div class="modal-body">
228. <form name="create_message" action="messages.php" method="post">
229.  
230.                 <label>Select a user:</label>
231.                 <select name="user_id" id="combobox" class="form-control combobox" required>
232.                 <option readonly></option>
233.                 <?php
234.                 foreach($userData as $v1) {?>
235.                 <option value="<?=$v1->id;?>"><?=$v1->username;?></option>
236.                 <?php } ?>
237.                 </select><br />
238.               <label>Subject:</label>
239.                 <input required size='100' class='form-control' type='text' name='msg_subject' value='' required/>
240.                 <br /><label>Body:</label>
241.                 <textarea rows="20" cols="80"  id="mytextarea" name="msg_body"></textarea>
242.                 <input required type="hidden" name="csrf" value="<?=Token::generate();?>" >
243.               </p>
244.               <p>
245.                   <br />
246.       </div>
247.       <div class="modal-footer">
248.       <div class="btn-group">   <input type="hidden" name="csrf" value="<?=Token::generate();?>" />
249.     <input class='btn btn-primary' type='submit' name="send_message" value='Send Message' class='submit' /></div>
250.     </form>
251.          <div class="btn-group"><button type="button" class="btn btn-default" data-dismiss="modal">Close</button></div>
252.       </div>
253.     </div>
254.     </div>
255.   </div>
256.  
257.   <div id="archived" class="modal fade" role="dialog">
258.   <div class="modal-dialog">
259.  
260.     <!-- Modal content-->
261.     <div class="modal-content">
262.       <div class="modal-header">
263.         <button type="button" class="close" data-dismiss="modal">&times;</button>
264.         <h4 class="modal-title">Archived Threads</h4>
265.       </div>
266.       <div class="modal-body" id="archivediv">
267.       <?php $messagesQ2 = $db->query("SELECT * FROM message_threads WHERE (msg_to = ? OR msg_from = ?) AND (archive_to = ? OR archive_from = ?) ORDER BY last_update DESC",array($user->data()->id,$user->data()->id,1,1));
268.             $messages2 = $messagesQ2->results();
269.             $messagesCount2 = $messagesQ2->count(); ?>
270.             <?php if($messagesCount2 > 0) {?><label><input type="checkbox" id="checkall" value="1"
271.         onclick="checkCheckboxes(this.id, 'archivediv');" >
272.         [ check/uncheck all ]</label><?php } ?>
273. <form name="uthreads" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
274.         <center><table class="table table-striped">
275.           <thead>
276.             <tr>
277.               <th></th>
278.               <th></th>
279.             </tr>
280.           </thead>
281.           <tbody>
282.             <tr>
283.             <?php if($messagesCount2 > 0) {?>
284.               <?php foreach($messages2 as $m2){ ?>
285.               <?php
286.             if($m2->msg_from == $user->data()->id) { $findId = $m2->msg_to; } else { $findId = $m2->msg_from; }
287.             $findUser = $db->query("SELECT picture,email FROM users WHERE id = $findId");
288.             $foundUser = $findUser->first();
289.             $grav = empty($foundUser->picture) ? get_gravatar(strtolower(trim($foundUser->email))) : $foundUser->picture; ?>
290.             <?php $lastmessage = strtotime($m2->last_update);
291.                 $difference = ceil((time() - $lastmessage) / (60 * 60 * 24));
292.                 // if($difference==0) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
293.                 if($difference >= 0 && $difference < 7) {
294.                     $today = date("j");
295.                     $last_message = date("j",$lastmessage);
296.                     if($today==$last_message) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
297.                     else {
298.                 $last_update = date("l g:i A",$lastmessage); } }
299.                 elseif($difference >= 7) { $last_update = date("M j, Y g:i A",$lastmessage); }
300.                 $replies = $db->query("SELECT COUNT(*) AS count FROM messages WHERE msg_thread = ? GROUP BY msg_thread",array($m2->id));
301.                 $repliescount = $replies->count();
302.                 ?>
303.                 <td style="width:100px">
304.                     <center>
305.                         <span class="chat-img pull-left" style="padding-right:5px">
306.                             <a class="nounderline" href="message.php?id=<?=$m2->id?>">
307.                                 <img src="<?=$grav ?>" width="75" class="img-thumbnail">
308.                             </a>
309.                         </span>
310.                     </center>
311.                 </td>
312.                 <td class="pull-left">
313.                     <h4>
314.                         <input type="checkbox" name="unarchive[<?=$m2->id?>]" value="<?=$m2->id?>"/>
315.                         <a class="nounderline" href="message.php?id=<?=$m2->id?>">  
316.                             <?=$m2->msg_subject?> - with <?php if($m2->msg_from == $user->data()->id) { echouser($m2->msg_to); } else { echouser($m2->msg_from); } ?>
317.                         </a>
318.                     </h4>
319.                     <a class="nounderline" href="message.php?id=<?=$m2->id?>">
320.                         Updated <?=$last_update?> by <?php echouser($m2->last_update_by);?>
321.                     </a>
322.             </tr>
323.             <?php } } else {?>
324.             <td colspan="2"><center><h3>No Archived Conversations</h3></center></td></tr>
325.             <?php } ?>
326.               </tbody>
327.             </table></center>
328.                   <br />
329.       </div>
330.       <div class="modal-footer">
331.       <div class="btn-group">   <input type="hidden" name="csrf" value="<?=Token::generate();?>" />
332.     <input class='btn btn-primary' type='submit' name="Submit" value='Unarchive Selected Threads' class='submit' /></div>
333.     </form>
334.          <div class="btn-group"><button type="button" class="btn btn-default" data-dismiss="modal">Close</button></div>
335.       </div>
336.     </div>
337.     </div>
338.   </div>
339.  
340.   <div id="composemass" class="modal fade" role="dialog">
341.   <div class="modal-dialog">
342.  
343.     <!-- Modal content-->
344.     <div class="modal-content">
345.       <div class="modal-header">
346.         <button type="button" class="close" data-dismiss="modal">&times;</button>
347.         <h4 class="modal-title">New Mass Message</h4>
348.       </div>
349.       <div class="modal-body">
350. <form name="create_mass_message" action="messages.php" method="post">
351.  
352.               <label>Subject:</label>
353.                 <input required size='100' class='form-control' type='text' name='msg_subject' value='' required/>
354.                 <br /><label>Body:</label>
355.                 <textarea rows="20" cols="80"  id="mytextarea2" name="msg_body"></textarea>
356.                 <input required type="hidden" name="csrf" value="<?=Token::generate();?>" >
357.               </p>
358.               <p>
359.                   <br />
360.       </div>
361.       <div class="modal-footer">
362.       <div class="btn-group">   <input type="hidden" name="csrf" value="<?=Token::generate();?>" />
363.     <input class='btn btn-primary' type='submit' name="send_mass_message" value='Send Message' class='submit' /></div>
364.     </form>
365.          <div class="btn-group"><button type="button" class="btn btn-default" data-dismiss="modal">Close</button></div>
366.       </div>
367.     </div>
368.     </div>
369.   </div>
370.          
371.         </div> <!-- /.row -->
372.       </div> <!-- /.container -->
373.     </div> <!-- /.wrapper -->
374.  
375.  
376.     <!-- footers -->
377.     <?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
378.  
379.     <!-- Place any per-page javascript here -->
380.     <script src='https://cdn.tinymce.com/4/tinymce.min.js'></script>
381.     <script src="../usersc/js/bootstrap-combobox.js"></script>
382.     <script src="../usersc/js/messages.php.js"></script>
383.  
384.     <?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>