docs/inbox/index.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2010                                      */
   6 /* Inclusive Design Institute                                   */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13 // $Id$
  14 $_user_location = 'public';
  15
  16 define('AT_INCLUDE_PATH', '../include/');
  17 require (AT_INCLUDE_PATH.'vitals.inc.php');
  18
  19 if (!$_SESSION['valid_user']) {
  20         require(AT_INCLUDE_PATH.'header.inc.php');
  21         $msg->printInfos('INVALID_USER');
  22         require(AT_INCLUDE_PATH.'footer.inc.php');
  23         exit;
  24 }
  25
  26 $_GET['view'] = intval($_GET['view']);
  27
  28 if ($_GET['view']) {
  29         $result = mysql_query("UPDATE ".TABLE_PREFIX."messages SET new=0, date_sent=date_sent WHERE to_member_id=$_SESSION[member_id] AND message_id=$_GET[view]",$db);
  30 }
  31
  32 if (isset($_GET['delete'])) {
  33         $_GET['delete'] = intval($_GET['delete']);
  34
  35         if($result = mysql_query("DELETE FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] AND message_id=$_GET[delete]",$db)){
  36                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  37         }
  38
  39         header('Location: index.php');
  40         exit;
  41 } else if (isset($_POST['submit_yes'], $_POST['ids'])) {
  42         $ids = $addslashes($_POST['ids']);
  43
  44         $sql = "DELETE FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] AND message_id IN ($ids)";
  45         mysql_query($sql, $db);
  46
  47         $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  48
  49         header('Location: index.php');
  50         exit;
  51 } else if (isset($_POST['submit_no'])) {
  52         $msg->addFeedback('CANCELLED');
  53
  54         header('Location: index.php');
  55         exit;
  56 } else if (isset($_POST['delete']) && !isset($_POST['id'])) {
  57         $msg->addError('NO_ITEM_SELECTED');
  58         header('Location: index.php');
  59         exit;
  60 }
  61
  62 require(AT_INCLUDE_PATH.'header.inc.php');
  63
  64 if (isset($_GET['view']) && $_GET['view']) {
  65         $sql    = "SELECT * FROM ".TABLE_PREFIX."messages WHERE message_id=$_GET[view] AND to_member_id=$_SESSION[member_id]";
  66         $result_messages = mysql_query($sql, $db);
  67
  68 } else if (isset($_POST['delete'], $_POST['id'])) {
  69         $hidden_vars['ids'] = implode(',', $_POST['id']);
  70
  71         $msg->addConfirm('DELETE_MSGS', $hidden_vars);
  72         $msg->printConfirm();
  73 }
  74
  75 $sql    = "SELECT * FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] ORDER BY date_sent DESC";
  76 $result = mysql_query($sql,$db);
  77
  78 // since Inbox isn't a module, it can't have a cron job.
  79 // so, we delete the expires sent messages with P =  1/7.
  80 if (!rand(0, 6)) {
  81         $sql = "DELETE FROM ".TABLE_PREFIX."messages_sent WHERE from_member_id=$_SESSION[member_id] AND TO_DAYS(date_sent) < (TO_DAYS(NOW()) - {$_config['sent_msgs_ttl']}) LIMIT 100";
  82         mysql_query($sql, $db);
  83 }
  84
  85 $savant->assign('result', $result);
  86 $savant->assign('result_messages', $result_messages);
  87 $savant->display('inbox/inbox.tmpl.php');
  88 require(AT_INCLUDE_PATH.'footer.inc.php'); ?>