Example #1
0
function prepare_review($s, $allowTags = false, $additionalTags = '')
{
    if (!$s) {
        return '';
    }
    $allowTags = $allowTags !== false ? $allowTags : '<p><u><strike><s><em><i><strong><b><br><ul><ol><li><span>';
    $allowTags .= $additionalTags;
    $s = str_replace('&nbsp;', ' ', $s);
    $s = clean_inside_tags(strip_tags($s, $allowTags));
    $s = texttourl($s);
    return trim($s);
}
Example #2
0
 function write()
 {
     global $current_user;
     /* @var $current_user User */
     if (!$current_user->authorized) {
         throw new Exception('Access Denied');
     }
     $id_author = $current_user->id;
     $to_users_ = isset(Request::$post['to']) ? Request::$post['to'] : array();
     if (!is_array($to_users_)) {
         $to_users_ = array($to_users_);
     }
     foreach ($to_users_ as $id) {
         $to_users[$id] = $id;
     }
     foreach ($to_users as $id) {
         if (strstr($id, ',')) {
             $t_to_users = explode(',', $id);
             foreach ($t_to_users as $n) {
                 $to_users_p[trim($n)] = trim($n);
             }
         } else {
             $to_users_p[trim($id)] = trim($id);
         }
     }
     $to_users = $to_users_p;
     if (isset($to_users[$current_user->id])) {
         throw new Exception('self mailing');
     }
     if (isset($to_users[$current_user->getNickName()])) {
         throw new Exception('self mailing');
     }
     $loaded = array();
     foreach ($to_users as $id) {
         $tmp = new User($id);
         $tmp->load();
         $loaded[$tmp->id] = $tmp;
     }
     foreach ($loaded as $key => $u) {
         $to_users[$key] = $key;
     }
     $subject = isset(Request::$post['subject']) ? Request::$post['subject'] : 'Без темы';
     $body = isset(Request::$post['body']) ? Request::$post['body'] : false;
     $subject = prepare_review($subject, '');
     $body = prepare_review($body, '');
     if (!$body) {
         throw new Exception('body!');
     }
     $time = time();
     $thread_id = isset(Request::$post['thread_id']) ? Request::$post['thread_id'] : false;
     if ($thread_id) {
         // а можно ли писать в этот тред этому человеку?
         $query = 'SELECT DISTINCT id_recipient FROM `users_messages_index` WHERE `thread_id`=' . $thread_id;
         $usrs = Database::sql2array($query);
         $found = false;
         $to_users = array();
         if ($usrs) {
             foreach ($usrs as $usr) {
                 if ($usr['id_recipient'] == $current_user->id) {
                     $found = true;
                 }
                 $to_users[$usr['id_recipient']] = $usr['id_recipient'];
             }
         }
         if (!$found) {
             throw new Exception('You cant post to thread #' . $thread_id);
         }
     }
     $to_users[$current_user->id] = $current_user->id;
     $body = texttourl($body);
     $this->sendMessage($id_author, $to_users, $subject, $body, $time, $thread_id);
 }