<?php/*UserSpice 4An Open Source PHP User Management Systemby the UserSp

1. <?php
2. /*
3. UserSpice 4
4. An Open Source PHP User Management System
5. by the UserSpice Team at http://UserSpice.com
6.  
7. This program is free software: you can redistribute it and/or modify
8. it under the terms of the GNU General Public License as published by
9. the Free Software Foundation, either version 3 of the License, or
10. (at your option) any later version.
11.  
12. This program is distributed in the hope that it will be useful,
13. but WITHOUT ANY WARRANTY; without even the implied warranty of
14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15. GNU General Public License for more details.
16.  
17. You should have received a copy of the GNU General Public License
18. along with this program.  If not, see <http://www.gnu.org/licenses/>.
19. */
20. ?>
21. <?php
22. require_once '../users/init.php';
23. require_once $abs_us_root.$us_url_root.'users/includes/header.php';
24. require_once $abs_us_root.$us_url_root.'users/includes/navigation.php';
25. ?>
26.  
27. <?php if (!securePage($_SERVER['PHP_SELF'])){die();}
28. if($settings->messaging != 1){
29.   Redirect::to('account.php?err=Messaging+is+disabled');
30. }
31. ?>
32. <style>
33. .chat
34. {
35.   list-style: none;
36.   margin: 0;
37.   padding: 0;
38. }
39.  
40. .chat li
41. {
42.   margin-bottom: 10px;
43.   padding-bottom: 5px;
44.   border-bottom: 1px dotted #B3A9A9;
45. }
46.  
47. .chat li.left .chat-body
48. {
49.   margin-left: 60px;
50. }
51.  
52. .chat li.right .chat-body
53. {
54.   margin-right: 60px;
55. }
56.  
57.  
58. .chat li .chat-body p
59. {
60.   margin: 0;
61.   color: #777777;
62. }
63.  
64. .panel .slidedown .glyphicon, .chat .glyphicon
65. {
66.   margin-right: 5px;
67. }
68.  
69. .panel-body
70. {
71.   overflow-y: scroll;
72.   height: 250px;
73. }
74.  
75. ::-webkit-scrollbar-track
76. {
77.   -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
78.   background-color: #F5F5F5;
79. }
80.  
81. ::-webkit-scrollbar
82. {
83.   width: 12px;
84.   background-color: #F5F5F5;
85. }
86.  
87. ::-webkit-scrollbar-thumb
88. {
89.   -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
90.   background-color: #555;
91. }
92. </style>
93. <?php
94. $validation = new Validate();
95. $errors = [];
96. $successes = [];
97. $id = Input::get('id');
98. $unread = Input::get('unread');
99.  
100.  
101. $findThread = $db->query("SELECT * FROM message_threads WHERE id = ?",array($id));
102. $thread = $findThread->first();
103.  
104. $findMessageQ = $db->query("SELECT * FROM messages WHERE msg_thread = ?",array($id));
105. $messages = $findMessageQ->results();
106. $single = $findMessageQ->first();
107.  
108. $findUnread = $db->query("SELECT * FROM messages WHERE msg_thread = ? AND msg_to = ? AND msg_read != 1",array($id, $user->data()->id));
109. $myUnread = $findUnread->count();
110.  
111. //make sure there are messages TO me in the thread so I don't get a false unread button
112. $checkToQ = $db->query("SELECT * FROM messages WHERE msg_thread = ? AND msg_to = ?",array($id, $user->data()->id));
113. $checkTo = $checkToQ->count();
114.  
115.  
116. if (($single->msg_to != $user->data()->id) && ($single->msg_from != $user->data()->id)){
117.   $ip = ipCheck();
118.   $fields = array(
119.     'user'      => $user->data()->id,
120.     'page'      => 42,
121.     'ip'            => $ip,
122.   );
123.   $db->insert('audit',$fields);
124.   Redirect::to('messages.php?err=That thread does not belong to you or does not exist.'); die();
125. }
126.  
127. //ONLY mark messages read if you are the recipient
128. if($unread != 1){
129.   foreach ($messages as $message){
130.     if(($message->msg_read == 0) && ($message->msg_to == $user->data()->id)) {
131.       $db->update('messages',$message->id,['msg_read'=>1]);
132.     }
133.   }
134. }
135. //
136. if(!empty($_POST['markUnread'])){
137.   // die("<br><br>Unread");
138.   foreach ($messages as $message){
139.     if(($message->msg_read == 1) && ($message->msg_to == $user->data()->id)) {
140.       $db->update('messages',$message->id,['msg_read'=>0]);
141.       Redirect::to('message.php?id='.$id.'&unread=1');
142.     }
143.   }
144.  
145. }
146.  
147. if(!empty($_POST['markRead'])){
148.   foreach ($messages as $message){
149.     if(($message->msg_read == 0) && ($message->msg_to == $user->data()->id)) {
150.       $db->update('messages',$message->id,['msg_read'=>1]);
151.     }
152.   }
153.   Redirect::to('message.php?id='.$id);
154. }
155. //
156. $validation = new Validate();
157. //PHP Goes Here!
158.  
159. $errors = [];
160. $successes = [];
161.  
162. if(!empty($_POST['reply'])){
163.  
164.   $to = $single->msg_to;
165.   if($to == $user->data()->id){
166.     $to = $single->msg_from;
167.   }
168.   $msg_body = Input::get('msg_body');
169.   $validation->check($_POST,array(
170.     'msg_body' => array(
171.       'display' => 'Message',
172.       'required' => true
173.     )
174.   ));
175.   if($validation->passed()){
176.   $date = date("Y-m-d H:i:s");
177.   $fields = array(
178.     'msg_from'    => $user->data()->id,
179.     'msg_to'      => $to,
180.     'msg_body'    => $msg_body,
181.     'msg_thread'  => $id,
182.     'sent_on'     => $date,
183.   );
184.  
185.   $db->insert('messages',$fields);
186.  
187.   $threadUpdate = array(
188.     'last_update'    => $date,
189.     'last_update_by' => $user->data()->id,
190.     'archive_to' => 0,
191.     'archive_from' => 0
192.   );
193.  
194.   $db->update('message_threads',$id,$threadUpdate);
195.  
196.   $successes[] = "Your message has been sent!";
197. }
198. $findMessageQ = $db->query("SELECT * FROM messages WHERE msg_thread = ?",array($id));
199. $messages = $findMessageQ->results();
200. $single = $findMessageQ->first();
201. }
202.  
203.  
204. //PHP Goes Here!
205. ?>
206. <div id="page-wrapper">
207.   <div class="container-fluid">
208. <?=resultBlock($errors,$successes);?>
209. <?=$validation->display_errors();?>
210.     <div class="row">
211.       <div id="form-errors">
212.           <?=$validation->display_errors();?></div>
213.       <div class="col-sm-10 col-sm-offset-1">
214.         <div class="row">
215.           <div class="col-sm-10">
216.             <h2><a href="messages.php"><i class="glyphicon glyphicon-chevron-left"></i></a> <?=$thread ->msg_subject?></h2>
217.           </div>
218.           <div class="col-sm-2">
219.             <?php
220.             if($myUnread == 0 && $checkTo > 0){
221.               ?>
222.               <form class="" action="message.php?id=<?php echo $id?>" method="post">
223.                 <input type="submit" class="btn btn-danger" name="markUnread" value="Mark as Unread">
224.               </form>
225.               <?php
226.             }
227.             ?>
228.           </div>
229.         </div>
230.  
231.         <ul class="chat">
232.           <?php
233.           //dnd($messages);$grav = get_gravatar(strtolower(trim($user->data()->email)));
234.           foreach ($messages as $m){
235.             $findUser = $db->query("SELECT email FROM users WHERE id = $m->msg_from");
236.             $foundUser = $findUser->first();
237.             $grav = get_gravatar(strtolower(trim($foundUser->email)));
238.             $lastmessage = strtotime($m->sent_on);
239.                 $difference = ceil((time() - $lastmessage) / (60 * 60 * 24));
240.                 // if($difference==0) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
241.                 if($difference >= 0 && $difference < 7) {
242.                     $today = date("j");
243.                     $last_message = date("j",$lastmessage);
244.                     if($today==$last_message) { $last_update = "Today, "; $last_update .= date("g:i A",$lastmessage); }
245.                     else {
246.                 $last_update = date("l g:i A",$lastmessage); } }
247.                 elseif($difference >= 7) { $last_update = date("M j, Y g:i A",$lastmessage); }
248.             if($m->msg_to == $user->data()->id){
249.               ?>
250.               <li class="left clearfix"><span class="chat-img pull-left" style="padding-right:10px">
251.                 <img src="<?=$grav ?>" width="75" class="img-thumbnail" alt="Generic placeholder thumbnail"></p>
252.                 <!-- <img src="http://placehold.it/50/55C1E7/fff&text=U" alt="User Avatar" class="img-circle" /> -->
253.               </span>
254.               <div class="chat-body clearfix">
255.                 <div class="header">
256.                   <strong class="primary-font"><?php echouser($m->msg_from);?></strong> <small class="pull-right text-muted">
257.                     <span class="glyphicon glyphicon-time"></span><?=$last_update?></small>
258.                   </div>
259.                   <p>
260.                     <?php $msg = html_entity_decode($m->msg_body);
261.                     echo $msg; ?>
262.                   </p>
263.                 </div>
264.               </li>
265.  
266.               <?php }else{ ?>
267.  
268.                 <li class="left clearfix"><span class="chat-img pull-left" style="padding-right:10px">
269.                   <img src="<?=$grav; ?>" width="75" class="img-thumbnail" alt="Generic placeholder thumbnail"></p>
270.                 </span>
271.                 <div class="chat-body clearfix">
272.                   <div class="header">
273.                     <small class="pull-right text-muted"><span class="glyphicon glyphicon-time"></span><?=$last_update?></small>
274.                     <strong class="pull-left primary-font"><?php echouser($m->msg_from);?></strong>
275.                   </div>
276.                   <p>
277.                     <br>
278.                     <?php $msg = html_entity_decode($m->msg_body);
279.                     echo $msg; ?>
280.                   </p>
281.                   <?php if($m->msgfrom = $user->data()->id) {?><p class="pull-right"><?php if($m->msg_read==1) {?><i class="glyphicon glyphicon-check"></i> Read<?php } else { ?><i class="glyphicon glyphicon-unchecked"></i> Delivered<?php } ?></p><?php } ?>
282.                 </div>
283.               </li>
284.  
285.  
286.  
287.               <?php } //end if/else statement ?>
288.  
289.  
290.               <?php } //end foreach ?>
291.  
292.               <ul>
293.                 <!-- <h3>From: <?php //echouser($m->msg_from);?></h3> -->
294.  
295.                 <h3>Quick Reply <a href="#" data-toggle="modal" data-target="#reply"><i class="glyphicon glyphicon-new-window"></i></a></h3>
296.                 <form name="reply_form" action="message.php?id=<?=$id?>" method="post">
297.                   <div align="center">
298.                     <input type="text" class="form-control" placeholder="Click here or press Alt + R to focus on this box OR press Shift + R to open the expanded reply pane!" name="msg_body" id="msg_body"/>
299.                     <?php /* textarea rows="10" cols="80"  id="mytextarea" name="msg_body"></textarea> */ ?></div>
300.                     <input type="hidden" name="csrf" value="<?=Token::generate();?>" >
301.                   </p>
302.                   <p>
303.                     <input type="submit" class="btn btn-primary" name="reply" value="Reply">
304.                   </form>
305.                 </div> <!-- /.col -->
306.                
307. <div id="reply" class="modal fade" role="dialog">
308.   <div class="modal-dialog">
309.  
310.     <!-- Modal content-->
311.     <div class="modal-content">
312.       <div class="modal-header">
313.         <button type="button" class="close" data-dismiss="modal">&times;</button>
314.         <h4 class="modal-title">Reply</h4>
315.       </div>
316.       <div class="modal-body">
317. <form name="reply_form" action="message.php?id=<?=$id?>" method="post">
318.                   <div align="center">
319.                     <textarea rows="10" cols="80"  id="mytextarea" name="msg_body"></textarea></div>
320.                     <input type="hidden" name="csrf" value="<?=Token::generate();?>" >
321.                   </p>
322.                   <p>
323.                   <br />
324.       </div>
325.       <div class="modal-footer">
326.       <div class="btn-group">   <input type="hidden" name="csrf" value="<?=Token::generate();?>" />
327.     <input class='btn btn-primary' type='submit' name="reply" value='Reply' class='submit' /></div>
328.     </form>
329.          <div class="btn-group"><button type="button" class="btn btn-default" data-dismiss="modal">Close</button></div>
330.       </div>
331.     </div>
332.     </div>
333.   </div>
334. </div>
335.               </div> <!-- /.row -->
336.             </div> <!-- /.container -->
337.           </div> <!-- /.wrapper -->
338.  
339.  
340.           <!-- footers -->
341.           <?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
342.             <script src='https:////cdn.tinymce.com/4/tinymce.min.js'></script>
343.             <script src="scripts/jwerty.js"></script>
344.             <script>
345.             tinymce.init({
346.             selector: '#mytextarea'
347.             });
348.             jwerty.key('esc', function () {
349.                 $('.modal').modal('hide');
350.             });
351.             jwerty.key('shift+r', function () {
352.                 $('.modal').modal('hide');
353.                 $('#reply').modal();
354.             });
355.             jwerty.key('alt+r', function () {
356.                 $('.modal').modal('hide');
357.                 $('#msg_body').focus();
358.             });
359.             </script>
360.             <!-- Place any per-page javascript here -->
361.  
362.             <?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>