oops

1 files changed, 349 insertions, 0 deletions

diff --git a/mod/mail.php b/mod/mail.php
new file mode 100644
index 000000000..eb1b0ddc0
--- /dev/null
+++ b/mod/mail.php
@@ -0,0 +1,349 @@
+<?php
+
+require_once('include/acl_selectors.php');
+require_once('include/message.php');
+require_once('include/zot.php');
+require_once("include/bbcode.php");
+require_once('include/Contact.php');
+
+
+function mail_post(&$a) {
+
+	if(! local_user())
+		return;
+
+	$replyto   = ((x($_REQUEST,'replyto'))      ? notags(trim($_REQUEST['replyto']))      : '');
+	$subject   = ((x($_REQUEST,'subject'))      ? notags(trim($_REQUEST['subject']))      : '');
+	$body      = ((x($_REQUEST,'body'))         ? escape_tags(trim($_REQUEST['body']))    : '');
+	$recipient = ((x($_REQUEST,'messageto'))    ? notags(trim($_REQUEST['messageto']))    : '');
+	$rstr      = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : '');
+	$expires   = ((x($_REQUEST,'expires')) ? datetime_convert(date_default_timezone_get(),'UTC', $_REQUEST['expires']) : '0000-00-00 00:00:00');
+
+	// If we have a raw string for a recipient which hasn't been auto-filled,
+	// it means they probably aren't in our address book, hence we don't know
+	// if we have permission to send them private messages.
+	// finger them and find out before we try and send it.
+
+	if(! $recipient) {
+		$channel = $a->get_channel();
+
+		$ret = zot_finger($rstr,$channel);
+
+		if(! $ret['success']) {
+			notice( t('Unable to lookup recipient.') . EOL);
+			return;
+		} 
+		$j = json_decode($ret['body'],true);
+
+		logger('message_post: lookup: ' . $url . ' ' . print_r($j,true));
+
+		if(! ($j['success'] && $j['guid'])) {
+			notice( t('Unable to communicate with requested channel.'));
+			return;
+		}
+
+		$x = import_xchan($j);
+
+		if(! $x['success']) {
+			notice( t('Cannot verify requested channel.'));
+			return;
+		}
+
+		$recipient = $x['hash'];
+
+		$their_perms = 0;
+
+		$global_perms = get_perms();
+
+		if($j['permissions']['data']) {
+			$permissions = crypto_unencapsulate($j['permissions'],$channel['channel_prvkey']);
+			if($permissions)
+				$permissions = json_decode($permissions);
+			logger('decrypted permissions: ' . print_r($permissions,true), LOGGER_DATA);
+		}
+		else
+			$permissions = $j['permissions'];
+
+		foreach($permissions as $k => $v) {
+			if($v) {
+				$their_perms = $their_perms | intval($global_perms[$k][1]);
+			}
+		}
+
+		if(! ($their_perms & PERMS_W_MAIL)) {
+ 			notice( t('Selected channel has private message restrictions. Send failed.'));
+			return;
+		}
+	}
+
+	if(feature_enabled(local_user(),'richtext')) {
+		$body = fix_mce_lf($body);
+	}
+
+	if(! $recipient) {
+		notice('No recipient found.');
+		$a->argc = 2;
+		$a->argv[1] = 'new';
+		return;
+	}
+
+	// We have a local_user, let send_message use the session channel and save a lookup
+	
+	$ret = send_message(0, $recipient, $body, $subject, $replyto, $expires);
+
+	if(! $ret['success']) {
+		notice($ret['message']);
+	}
+
+	goaway(z_root() . '/message');
+		
+}
+
+function mail_content(&$a) {
+
+	$o = '';
+	nav_set_selected('messages');
+
+	if(! local_user()) {
+		notice( t('Permission denied.') . EOL);
+		return login();
+	}
+
+	$channel = $a->get_channel();
+	head_set_icon($channel['xchan_photo_s']);
+
+	$cipher = get_pconfig(local_user(),'system','default_cipher');
+	if(! $cipher)
+		$cipher = 'aes256';
+
+	$tpl = get_markup_template('mail_head.tpl');
+	$header = replace_macros($tpl, array(
+		'$messages' => t('Messages'),
+		'$tab_content' => $tab_content
+	));
+
+	if((argc() == 3) && (argv(1) === 'drop')) {
+		if(! intval(argv(2)))
+			return;
+		$cmd = argv(1);
+
+		$r = private_messages_drop(local_user(), argv(2));
+		if($r) {
+			info( t('Message deleted.') . EOL );
+		}
+		goaway($a->get_baseurl(true) . '/message' );
+	}
+
+	if((argc() == 3) && (argv(1) === 'recall')) {
+		if(! intval(argv(2)))
+			return;
+		$cmd = argv(1);
+		$r = q("update mail set mail_flags = mail_flags | %d where id = %d and channel_id = %d limit 1",
+			intval(MAIL_RECALLED),
+			intval(argv(2)),
+			intval(local_user())
+		);
+		proc_run('php','include/notifier.php','mail',intval(argv(2)));
+
+		if($r) {
+				info( t('Message recalled.') . EOL );
+		}
+		goaway($a->get_baseurl(true) . '/message' );
+
+	}
+
+	if((argc() > 1) && (argv(1) === 'new')) {
+		
+		$o .= $header;
+		
+		$plaintext = false;
+		if(intval(get_pconfig(local_user(),'system','plaintext')))
+			$plaintext = true;
+		if(! feature_enabled(local_user(),'richtext'))
+			$plaintext = true;
+
+		$tpl = get_markup_template('msg-header.tpl');
+
+		$a->page['htmlhead'] .= replace_macros($tpl, array(
+			'$baseurl' => $a->get_baseurl(true),
+			'$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
+			'$nickname' => $channel['channel_address'],
+			'$linkurl' => t('Please enter a link URL:'),
+			'$expireswhen' => t('Expires YYYY-MM-DD HH:MM')
+		));
+	
+		$preselect = (isset($a->argv[2])?array($a->argv[2]):false);
+			
+
+		$prename = $preurl = $preid = '';
+
+		if($preselect) {
+			$r = q("select abook.*, xchan.* from abook left join xchan on abook_xchan = xchan_hash
+				where abook_channel = %d and abook_id = %d limit 1",
+				intval(local_user()),
+				intval(argv(2))
+			);
+			if($r) {
+				$prename = $r[0]['xchan_name'];
+				$preurl = $r[0]['xchan_url'];
+				$preid = $r[0]['abook_id'];
+			}
+		}	 
+
+		$prefill = (($preselect) ? $prename  : '');
+
+		if(! $prefill) {
+			if(array_key_exists('to',$_REQUEST))
+				$prefill = $_REQUEST['to'];
+		}
+
+		// the ugly select box
+		
+		$select = contact_select('messageto','message-to-select', $preselect, 4, true, false, false, 10);
+
+		$tpl = get_markup_template('prv_message.tpl');
+		$o .= replace_macros($tpl,array(
+			'$header' => t('Send Private Message'),
+			'$to' => t('To:'),
+			'$showinputs' => 'true', 
+			'$prefill' => $prefill,
+			'$autocomp' => $autocomp,
+			'$preid' => $preid,
+			'$subject' => t('Subject:'),
+			'$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+			'$text' => ((x($_REQUEST,'body')) ? htmlspecialchars($_REQUEST['body'], ENT_COMPAT, 'UTF-8') : ''),
+			'$readonly' => '',
+			'$yourmessage' => t('Your message:'),
+			'$select' => $select,
+			'$parent' => '',
+			'$upload' => t('Upload photo'),
+			'$attach' => t('Attach file'),
+			'$insert' => t('Insert web link'),
+			'$wait' => t('Please wait'),
+			'$submit' => t('Submit'),
+			'$defexpire' => '',
+			'$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'),
+			'$expires' => t('Set expiration date'),
+			'$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'),
+			'$encrypt' => t('Encrypt text'),
+			'$cipher' => $cipher,
+
+
+		));
+
+		return $o;
+	}
+
+
+	if((argc() > 1) && (intval(argv(1)))) {
+
+		$o .= $header;
+
+		$plaintext = true;
+		if( local_user() && feature_enabled(local_user(),'richtext') )
+			$plaintext = false;
+
+		$messages = private_messages_fetch_conversation(local_user(), argv(1), true);
+
+		if(! $messages) {
+			info( t('Message not found.') . EOL);
+			return $o;
+		}
+
+		if($messages[0]['to_xchan'] === $channel['channel_hash'])
+			$a->poi = $messages[0]['from'];
+		else
+			$a->poi = $messages[0]['to'];
+
+//		require_once('include/Contact.php');
+
+//		$a->set_widget('mail_conversant',vcard_from_xchan($a->poi,$get_observer_hash,'mail'));
+
+
+		$tpl = get_markup_template('msg-header.tpl');
+	
+		$a->page['htmlhead'] .= replace_macros($tpl, array(
+			'$nickname' => $channel['channel_addr'],
+			'$baseurl' => $a->get_baseurl(true),
+			'$editselect' => (($plaintext) ? 'none' : '/(profile-jot-text|prvmail-text)/'),
+			'$linkurl' => t('Please enter a link URL:'),
+			'$expireswhen' => t('Expires YYYY-MM-DD HH:MM')
+		));
+
+
+		$mails = array();
+		$seen = 0;
+		$unknown = false;
+
+		foreach($messages as $message) {
+
+			$s = theme_attachments($message);
+
+			$mails[] = array(
+				'id' => $message['id'],
+				'from_name' => $message['from']['xchan_name'],
+				'from_url' =>  chanlink_hash($message['from_xchan']),
+				'from_photo' => $message['from']['xchan_photo_m'],
+				'to_name' => $message['to']['xchan_name'],
+				'to_url' =>  chanlink_hash($message['to_xchan']),
+				'to_photo' => $message['to']['xchan_photo_m'],
+				'subject' => $message['title'],
+				'body' => smilies(bbcode($message['body']) . $s),
+				'delete' => t('Delete message'),
+				'recall' => t('Recall message'),
+				'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false),
+				'is_recalled' => (($message['mail_flags'] & MAIL_RECALLED) ? t('Message has been recalled.') : ''),
+				'date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A'),
+			);
+				
+			$seen = $message['seen'];
+
+		}
+
+		$recp = (($message['from_xchan'] === $channel['channel_hash']) ? 'to' : 'from');
+
+// FIXME - move this HTML to template
+
+		$select = $message[$recp]['xchan_name'] . '<input type="hidden" name="messageto" value="' . $message[$recp]['xchan_hash'] . '" />';
+		$parent = '<input type="hidden" name="replyto" value="' . $message['parent_mid'] . '" />';
+
+		$tpl = get_markup_template('mail_display.tpl');
+		$o = replace_macros($tpl, array(
+			'$prvmsg_header' => t('Private Conversation'),
+			'$thread_id' => $a->argv[1],
+			'$thread_subject' => $message['title'],
+			'$thread_seen' => $seen,
+			'$delete' =>  t('Delete conversation'),
+			'$canreply' => (($unknown) ? false : '1'),
+			'$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."),			
+			'$mails' => $mails,
+			
+			// reply
+			'$header' => t('Send Reply'),
+			'$to' => t('To:'),
+			'$showinputs' => '',
+			'$subject' => t('Subject:'),
+			'$subjtxt' => $message['title'],
+			'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ',
+			'$yourmessage' => t('Your message:'),
+			'$text' => '',
+			'$select' => $select,
+			'$parent' => $parent,
+			'$upload' => t('Upload photo'),
+			'$attach' => t('Attach file'),
+			'$insert' => t('Insert web link'),
+			'$submit' => t('Submit'),
+			'$wait' => t('Please wait'),
+			'$defexpire' => '',
+			'$feature_expire' => ((feature_enabled(local_user(),'content_expire')) ? 'block' : 'none'),
+			'$expires' => t('Set expiration date'),
+			'$feature_encrypt' => ((feature_enabled(local_user(),'content_encrypt')) ? 'block' : 'none'),
+			'$encrypt' => t('Encrypt text'),
+			'$cipher' => $cipher,
+
+		));
+
+		return $o;
+	}
+
+}