2 /****************************************************************/
4 /****************************************************************/
5 /* Copyright (c) 2002-2008 by Greg Gay & Joel Kronenberg */
6 /* Adaptive Technology Resource Centre / University of Toronto */
9 /* This program is free software. You can redistribute it and/or*/
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************/
14 $_user_location = 'public';
16 define('AT_INCLUDE_PATH', '../include/');
17 require (AT_INCLUDE_PATH.'vitals.inc.php');
19 if (!$_SESSION['valid_user']) {
20 require(AT_INCLUDE_PATH.'header.inc.php');
21 $msg->printInfos('INVALID_USER');
22 require(AT_INCLUDE_PATH.'footer.inc.php');
26 $_GET['view'] = intval($_GET['view']);
29 $result = mysql_query("UPDATE ".TABLE_PREFIX."messages SET new=0, date_sent=date_sent WHERE to_member_id=$_SESSION[member_id] AND message_id=$_GET[view]",$db);
32 if (isset($_GET['delete'])) {
33 $_GET['delete'] = intval($_GET['delete']);
35 if($result = mysql_query("DELETE FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] AND message_id=$_GET[delete]",$db)){
36 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
39 header('Location: index.php');
41 } else if (isset($_POST['submit_yes'], $_POST['ids'])) {
42 $ids = $addslashes($_POST['ids']);
44 $sql = "DELETE FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] AND message_id IN ($ids)";
45 mysql_query($sql, $db);
47 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
49 header('Location: index.php');
51 } else if (isset($_POST['submit_no'])) {
52 $msg->addFeedback('CANCELLED');
54 header('Location: index.php');
56 } else if (isset($_POST['delete']) && !isset($_POST['id'])) {
57 $msg->addError('NO_ITEM_SELECTED');
58 header('Location: index.php');
62 require(AT_INCLUDE_PATH.'header.inc.php');
64 if (isset($_GET['view']) && $_GET['view']) {
65 $sql = "SELECT * FROM ".TABLE_PREFIX."messages WHERE message_id=$_GET[view] AND to_member_id=$_SESSION[member_id]";
66 $result = mysql_query($sql, $db);
68 if ($row = mysql_fetch_assoc($result)) {
72 <div class="forum-post-author">
73 <a href="profile.php?id=<?php echo $row['from_member_id']; ?>" class="title"><?php echo get_display_name($row['from_member_id']); ?></a><br />
74 <?php print_profile_img($row['from_member_id']); ?>
77 <div class="forum-post-content">
78 <h3><?php echo AT_Print(htmlspecialchars($row['subject'], ENT_COMPAT, "UTF-8"), 'messages.subject'); ?></h3>
80 <div class="forum-post-ctrl">
81 <a href="inbox/send_message.php?reply=<?php echo $_GET['view']; ?>"><?php echo _AT('reply'); ?></a> | <a href="<?php echo $_SERVER['PHP_SELF']; ?>?delete=<?php echo $_GET['view']; ?>"><?php echo _AT('delete'); ?></a>
83 <p class="date"><?php echo AT_date(_AT('forum_date_format'), $row['date_sent'], AT_DATE_MYSQL_DATETIME); ?></p>
87 <p><?php echo AT_print(htmlspecialchars($row['body'], ENT_COMPAT, "UTF-8"), 'messages.body'); ?></p>
95 } else if (isset($_POST['delete'], $_POST['id'])) {
96 $hidden_vars['ids'] = implode(',', $_POST['id']);
98 $msg->addConfirm('DELETE_MSGS', $hidden_vars);
102 $sql = "SELECT * FROM ".TABLE_PREFIX."messages WHERE to_member_id=$_SESSION[member_id] ORDER BY date_sent DESC";
103 $result = mysql_query($sql,$db);
105 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="form" >
106 <table class="data" summary="" rules="rows" width="55%">
109 <th scope="col"> </th>
110 <th scope="col"> </th>
111 <th scope="col" ><?php echo _AT('from'); ?></th>
112 <th scope="col" ><?php echo _AT('subject');?></th>
113 <th scope="col" ><?php echo _AT('date'); ?></th>
118 <td colspan="5"><input type="submit" name="delete" value="<?php echo _AT('delete'); ?>"/></td>
122 <?php if ($row = mysql_fetch_assoc($result)): ?>
124 <?php if ($row['message_id'] == $_GET['view']): ?>
125 <tr class="selected">
127 <tr onmousedown="document.form['m<?php echo $row['message_id']; ?>'].checked = !document.form['m<?php echo $row['message_id']; ?>'].checked; rowselectbox(this, document.form['m<?php echo $row['message_id']; ?>'].checked, '');" id="r_<?php echo $row['message_id']; ?>_1">
129 <td><input type="checkbox" name="id[]" value="<?php echo $row['message_id']; ?>" id="m<?php echo $row['message_id']; ?>" <?php if (isset($_POST['id']) && in_array($row['message_id'], $_POST['id'])) { echo 'checked="checked"'; } ?> title="<?php echo _AT('delete').': '.AT_print($row['subject'], 'messages.subject');?>"/></td>
132 if ($row['new'] == 1) {
134 } else if ($row['replied'] == 1) {
139 $name = get_display_name($row['from_member_id']);
141 echo '<td align="left" valign="middle">';
143 if ($_GET['view'] != $row['message_id']) {
146 echo '<strong>'.$name.'</strong>';
150 echo '<td><label for="m'.$row['message_id'].'">';
151 if ($_GET['view'] != $row['message_id']) {
152 echo '<a href="'.$_SERVER['PHP_SELF'].'?view='.$row['message_id'].'">'.AT_print($row['subject'], 'messages.subject').'</a>';
154 echo '<strong>'.AT_print($row['subject'], 'messages.subject').'</strong>';
156 echo '</label></td>';
158 echo '<td valign="middle" align="left" nowrap="nowrap">';
159 echo AT_date(_AT('inbox_date_format'), $row['date_sent'], AT_DATE_MYSQL_DATETIME);
162 } while ($row = mysql_fetch_assoc($result)); ?>
165 <td colspan="5"><?php echo _AT('none_found'); ?></td>
173 // since Inbox isn't a module, it can't have a cron job.
174 // so, we delete the expires sent messages with P = 1/7.
176 $sql = "DELETE FROM ".TABLE_PREFIX."messages_sent WHERE from_member_id=$_SESSION[member_id] AND TO_DAYS(date_sent) < (TO_DAYS(NOW()) - {$_config['sent_msgs_ttl']}) LIMIT 100";
177 mysql_query($sql, $db);
181 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>