diff options
| -rw-r--r-- | include/message.php | 82 | ||||
| -rw-r--r-- | mod/message.php | 88 |
2 files changed, 93 insertions, 77 deletions
diff --git a/include/message.php b/include/message.php index 5e7b49e35..f3bc61465 100644 --- a/include/message.php +++ b/include/message.php @@ -1,14 +1,21 @@ <?php +/* Private Message backend API */ + // send a private message function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=''){ + $ret = array('success' => false); + $a = get_app(); - if(! $recipient) return -1; + if(! $recipient) { + $ret['message'] = t('No recipient provided.'); + return $ret; + } if(! strlen($subject)) $subject = t('[no subject]'); @@ -25,6 +32,12 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' $channel = get_app()->get_channel(); } + if(! $channel) { + $ret['message'] = t('Unable to determine sender.'); + return $ret; + } + + // generate a unique message_id do { $dups = false; @@ -32,7 +45,7 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' $uri = $hash . '@' . get_app()->get_hostname(); - $r = q("SELECT `id` FROM mail WHERE `uri` = '%s' LIMIT 1", + $r = q("SELECT id FROM mail WHERE uri = '%s' LIMIT 1", dbesc($uri)); if(count($r)) $dups = true; @@ -44,10 +57,10 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' } - $r = q("INSERT INTO `mail` ( account_id, channel_id, from_xchan, to_xchan, title, body, uri, parent_uri, created ) + $r = q("INSERT INTO mail ( account_id, channel_id, from_xchan, to_xchan, title, body, uri, parent_uri, created ) VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", intval($channel['channel_account_id']), - intval(local_user()), + intval($channel['channel_id']), dbesc($channel['channel_hash']), dbesc($recipient), dbesc($subject), @@ -57,14 +70,18 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' dbesc(datetime_convert()) ); + // verify the save - $r = q("SELECT * FROM `mail` WHERE uri = '%s' and channel_id = %d LIMIT 1", + $r = q("SELECT * FROM mail WHERE uri = '%s' and channel_id = %d LIMIT 1", dbesc($uri), - intval(local_user()) + intval($channel['channel_id']) ); if(count($r)) $post_id = $r[0]['id']; - + else { + $ret['message'] = t('Stored post could not be verified.'); + return $ret; + } /** * @@ -88,27 +105,25 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto=' continue; $image_uri = substr($image,strrpos($image,'/') + 1); $image_uri = substr($image_uri,0, strpos($image_uri,'-')); - $r = q("UPDATE `photo` SET `allow_cid` = '%s' - WHERE `resource_id` = '%s' AND `album` = '%s' AND `uid` = %d ", + $r = q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d and allow_cid = '%s'", dbesc('<' . $recipient . '>'), dbesc($image_uri), - dbesc( t('Wall Photos')), - intval(local_user()) + intval($channel['channel_id']), + dbesc('<' . $channel['channel_hash'] . '>') ); } } } - if($post_id) { - proc_run('php',"include/notifier.php","mail","$post_id"); - return intval($post_id); - } else { - return -3; - } + proc_run('php','include/notifier.php','mail',$post_id); + + $ret['success'] = true; + $ret['message_item'] = intval($post_id); + return; } -function private_messages_list($uid, $mailbox = '', $order = 'desc', $start = 0, $numitems = 0) { +function private_messages_list($uid, $mailbox = '', $order = 'created desc', $start = 0, $numitems = 0) { $where = ''; $limit = ''; @@ -129,7 +144,7 @@ function private_messages_list($uid, $mailbox = '', $order = 'desc', $start = 0, } - $r = q("SELECT * from mail WHERE channel_id = %d $where order by created $order $limit", + $r = q("SELECT * from mail WHERE channel_id = %d $where order by $order $limit", intval(local_user()) ); if(! $r) { @@ -199,6 +214,35 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee } +function private_messages_drop($channel_id, $messageitem_id, $drop_conversation = false) { + + if($drop_conversation) { + // find the parent_id + $p = q("SELECT parent_uri FROM mail WHERE id = %d AND channel_id = %d LIMIT 1", + intval($messageitem_id), + intval($channel_id) + ); + if($p) { + $r = q("DELETE FROM mail WHERE parent_uri = '%s' AND channel_id = %d ", + dbesc($p[0]['parent_uri']), + intval($channel_id) + ); + if($r) + return true; + } + } + else { + $r = q("DELETE FROM mail WHERE id = %d AND channel_id = %d LIMIT 1", + intval($messageitem_id), + intval($channel_id) + ); + if($r) + return true; + } + return false; +} + + function private_messages_fetch_conversation($channel_id, $messageitem_id, $updateseen = false) { // find the parent_uri of the message being requested diff --git a/mod/message.php b/mod/message.php index b0b4c3eff..dd892b2a5 100644 --- a/mod/message.php +++ b/mod/message.php @@ -3,6 +3,7 @@ require_once('include/acl_selectors.php'); require_once('include/message.php'); require_once('include/zot.php'); +require_once("include/bbcode.php"); function message_aside(&$a) { @@ -20,10 +21,8 @@ function message_aside(&$a) { function message_post(&$a) { - if(! local_user()) { - notice( t('Permission denied.') . EOL); + if(! local_user()) return; - } $replyto = ((x($_REQUEST,'replyto')) ? notags(trim($_REQUEST['replyto'])) : ''); $subject = ((x($_REQUEST,'subject')) ? notags(trim($_REQUEST['subject'])) : ''); @@ -31,6 +30,11 @@ function message_post(&$a) { $recipient = ((x($_REQUEST,'messageto')) ? notags(trim($_REQUEST['messageto'])) : ''); $rstr = ((x($_REQUEST,'messagerecip')) ? notags(trim($_REQUEST['messagerecip'])) : ''); + // If we have a raw string for a recipient which hasn't been auto-filled, + // it means they probably aren't in our address book, hence we don't know + // if we have permission to send them private messages. + // finger them and find out before we try and send it. + if(! $recipient) { $channel = $a->get_channel(); @@ -83,39 +87,25 @@ function message_post(&$a) { } } - if(feature_enabled(local_user(),'richtext')) { $body = fix_mce_lf($body); } - - $ret = send_message(local_user(), $recipient, $body, $subject, $replyto); - $norecip = false; - - switch($ret){ - case -1: - notice( t('No recipient selected.') . EOL ); - $norecip = true; - break; - case -2: - notice( t('Unable to locate contact information.') . EOL ); - break; - case -3: - notice( t('Message could not be sent.') . EOL ); - break; - case -4: - notice( t('Message collection failure.') . EOL ); - break; - default: - info( t('Message sent.') . EOL ); - } - - // fake it to go back to the input form if no recipient listed - if($norecip) { + if(! $recipient) { + notice('No recipient found.'); $a->argc = 2; $a->argv[1] = 'new'; + return; } + // We have a local_user, let send_message use the session channel and save a lookup + + $ret = send_message(0, $recipient, $body, $subject, $replyto); + + if(! $ret['success']) { + notice($ret['message']); + } + } // Note: the code in 'item_extract_images' and 'item_redir_and_replace_images' @@ -206,7 +196,7 @@ function message_content(&$a) { return; } - $myprofile = $a->get_baseurl(true) . '/channel/' . $a->user['nickname']; + $channel = $a->get_channel(); $tpl = get_markup_template('mail_head.tpl'); $header = replace_macros($tpl, array( @@ -214,44 +204,25 @@ function message_content(&$a) { '$tab_content' => $tab_content )); - if((argc() == 3) && (argv(1) === 'drop' || argv(1) === 'dropconv')) { if(! intval(argv(2))) return; $cmd = argv(1); if($cmd === 'drop') { - $r = q("DELETE FROM `mail` WHERE `id` = %d AND channel_id = %d LIMIT 1", - intval(argv(2)), - intval(local_user()) - ); + $r = private_messages_drop(local_user(), argv(2)); if($r) { info( t('Message deleted.') . EOL ); } goaway($a->get_baseurl(true) . '/message' ); } else { - $r = q("SELECT `parent_uri` FROM `mail` WHERE `id` = %d AND channel_id = %d LIMIT 1", - intval(argv(2)), - intval(local_user()) - ); - if(count($r)) { - $parent = $r[0]['parent_uri']; - - - $r = q("DELETE FROM `mail` WHERE `parent_uri` = '%s' AND channel_id = %d ", - dbesc($parent), - intval(local_user()) - ); - - if($r) - info( t('Conversation removed.') . EOL ); - } + $r = private_messages_drop(local_user(), argv(2), true); + if($r) + info( t('Conversation removed.') . EOL ); goaway($a->get_baseurl(true) . '/message' ); - } - + } } - $channel = $a->get_channel(); if((argc() > 1) && ($a->argv[1] === 'new')) { @@ -328,7 +299,9 @@ function message_content(&$a) { // private_messages_list() can do other more complicated stuff, for now keep it simple - $r = private_messages_list($uid, '', 'desc', $a->pager['start'], $a->pager['itemspage']); + $order = 'created desc'; + + $r = private_messages_list(local_user(), '', $order, $a->pager['start'], $a->pager['itemspage']); if(! $r) { info( t('No messages.') . EOL); @@ -341,14 +314,14 @@ function message_content(&$a) { $o .= replace_macros($tpl, array( '$id' => $rr['id'], '$from_name' => $rr['from']['xchan_name'], - '$from_url' => z_root() . '/chanview/?f=&hash=' . $rr['from_xchan'], + '$from_url' => chanlink_hash($rr['from_xchan']), '$from_photo' => $rr['from']['xchan_photo_s'], '$to_name' => $rr['to']['xchan_name'], - '$to_url' => z_root() . '/chanview/?f=&hash=' . $rr['to_xchan'], + '$to_url' => chanlink_hash($rr['to_xchan']), '$to_photo' => $rr['to']['xchan_photo_s'], '$subject' => (($rr['seen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), '$delete' => t('Delete message'), - '$body' => $rr['body'], + '$body' => smilies(bbcode($rr['body'])), '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['created'], t('D, d M Y - g:i A')), '$seen' => $rr['seen'] )); @@ -372,7 +345,6 @@ function message_content(&$a) { return $o; } - require_once("include/bbcode.php"); $tpl = get_markup_template('msg-header.tpl'); |