PHP sl_send_love Examples

Example #1

File: sendlove_func.php Project: highfidelity/love

function sendlove_toanother($userid, $username, $nickname, $isSuper, $toArg, $forArg, $priv)
{
    // UTF-8 Encode passed parameters to preserve non-latin characters.
    $username = setEncoding($username);
    $nickname = setEncoding($nickname);
    $toArg = setEncoding($toArg);
    $forArg = setEncoding($forArg);
    if (enforceRateLimit('love', $userid)) {
        error_log("User " . $userid . " send love was rate limited.");
        return 'ratelimit';
    }
    // Only super admins can send love to the guest account
    $to = mysql_real_escape_string(strtolower(trim($toArg)));
    if ($to == GUEST_USER && !$isSuper) {
        return 'guest';
    }
    //Can't send love to self
    if ($to == $username) {
        return 'self';
    }
    $sqlView = "SELECT company_id, skill, team FROM " . USERS . " WHERE id='" . $userid . "'";
    $resView = mysql_query($sqlView);
    $rowView = mysql_fetch_array($resView);
    $company_id = $rowView['company_id'];
    $skill = $rowView['skill'];
    $team = $rowView['team'];
    $sqlView = "SELECT company_id FROM " . USERS . " WHERE username = '******'and removed = 0";
    $resView = mysql_query($sqlView);
    $rowView = mysql_fetch_array($resView);
    $to_company = $rowView['company_id'];
    $company = $company_id == $rowView['company_id'] ? ", company_id='" . $company_id . "'" : "";
    $private = $priv ? ',private=1' : '';
    //$allowed_tags = array();  // no tags are currently allowed in the 'forArg'
    $for = $forArg;
    //strip_tags($forArg);
    // this sends the actual email
    if (!sl_send_love($username, $nickname, $userid, $company_id, $to, $for, false, $priv)) {
        // false from sl_send_love means the user was outside the system
        return 'outside';
    }
    $rc = 'ok';
    $query = "insert into " . LOVE . " set giver='" . $username . "', receiver='" . addslashes($to) . "', skill='{$skill}', team='{$team}', why='" . addslashes($for) . "', at=now()" . $company . $private;
    $res = mysql_query($query);
    // See if the recipient is has a facebook id, if so we'll return a value so it can be handled.
    $resfb = mysql_query("select id, fb_id from " . USERS . " where username = '******'");
    if (mysql_num_rows($resfb) > 0) {
        $rowfb = mysql_fetch_assoc($resfb);
        $fb_id = $rowfb['fb_id'];
        if (!empty($fb_id)) {
            $rc = array('facebook', $to, $for, $fb_id);
        }
    }
    if ($company_id == $to_company && $company_id == JOURNAL_API_COMPANY && !$priv) {
        $toNickname = getNickName($to);
        if (empty($toNickname)) {
            $toNickname = $to;
        }
        $for = stripslashes($for);
        $data = array();
        $data['user'] = JOURNAL_API_USER;
        $data['pwd'] = sha1(JOURNAL_API_PWD);
        $data['message'] = $nickname . " to {$toNickname}: {$for}";
        $prc = postRequest(JOURNAL_API_URL, $data);
    }
    return $rc;
}

Example #2

File: api.php Project: highfidelity/love

function sendFromJournal()
{
    // Check that all required parameters exist
    if (empty($_POST['caller']) || empty($_POST['from']) || empty($_POST['to']) || empty($_POST['why'])) {
        $rsp['error'] = SL_BAD_CALL;
        respond($rsp);
    }
    // Prepare received data
    $to = mysql_real_escape_string(trim(setEncoding($_POST['to'])));
    $from = mysql_real_escape_string(trim(setEncoding($_POST['from'])));
    $why = smart_strip_tags(mysql_real_escape_string(trim(setEncoding($_POST['why']))));
    $private = isset($_POST['priv']) && (int) $_POST['priv'] > 0;
    // Can't send love to self
    if (strtolower($to) == strtolower($from)) {
        $rsp['error'] = SL_NOT_COWORKER;
        respond($rsp);
    }
    // Check that to and from nicknames exist and find their data
    foreach (array('from', 'to') as $v) {
        $query = "select id, fb_id, username, nickname, company_id, skill, team " . "from " . USERS . " where nickname='" . ${$v} . "' and removed = 0";
        $res = mysql_query($query);
        $line = mysql_fetch_array($res, MYSQL_ASSOC);
        if ($res && $line) {
            ${$v} = $line;
        } else {
            $rsp['error'] = SL_UNKNOWN_USER;
            respond($rsp);
        }
    }
    // Check rate limit
    if (enforceRateLimit('love', $from['id'])) {
        error_log("User " . $from['id'] . " send love was rate limited.");
        $rsp['error'] = SL_RATE_LIMIT;
        respond($rsp);
    }
    // Send love
    if (!sl_send_love($from['username'], $from['nickname'], $from['id'], $from['company_id'], $to['username'], $why, false, $private)) {
        $rsp['error'] = SL_SEND_FAILED;
        respond($rsp);
    }
    // Record love in database
    $company = $to['company_id'] == $from['company_id'] ? ", company_id={$to['company_id']}" : "";
    $priv_str = $private ? ', private=1' : '';
    $query = "insert into " . LOVE . " set giver='{$from['username']}', receiver='{$to['username']}', " . "skill='{$from['skill']}', team='{$from['team']}', why='{$why}', at=now()" . $company . $priv_str;
    $rsp['status'] = SL_OK;
    $rsp['error'] = SL_NO_ERROR;
    $rsp['info'] = $query;
    if (!mysql_query($query)) {
        error_log("Add Love.err:" . mysql_error());
        $rsp['error'] = SL_DB_FAILURE;
        respond($rsp);
    }
    // See if the recipient is has a facebook id, if so we'll return a value so it can be handled.
    // if (!empty($to['fb_id'])) {
    //   $rc = array('facebook', $to['username'], $why, $to['fb_id']);
    // }
    // Make love notice in journal
    if ($to['company_id'] == JOURNAL_API_COMPANY && !$private) {
        $data = array('user' => JOURNAL_API_USER, 'pwd' => sha1(JOURNAL_API_PWD), 'message' => "{$from['nickname']} to {$to['nickname']}: {$why}");
        $journal_rsp = postRequest(JOURNAL_API_URL, $data);
        $journal_rsp = trim($journal_rsp);
        if ($journal_rsp != 'ok') {
            $rsp['status'] = SL_WARNING;
            $rsp['error'] = SL_JOURNAL_FAILED;
            $rsp['info'] = $journal_rsp;
            respond($rsp);
        }
    }
}