if (!empty($_POST['url_content'])) { $messageContent = $_POST['social_wall_new_msg_main'] . '<br><br>' . $_POST['url_content']; } $idMessage = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $messageContent, $messageId, MESSAGE_STATUS_WALL_POST); if (!empty($_FILES['picture']['tmp_name']) && $idMessage > 0) { $error = SocialManager::sendWallMessageAttachmentFile(api_get_user_id(), $_FILES['picture'], $idMessage, $fileComment = ''); } $url = api_get_path(WEB_CODE_PATH) . 'social/profile.php'; $url .= empty($_SERVER['QUERY_STRING']) ? '' : '?' . Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else { if (!empty($_POST['social_wall_new_msg']) && !empty($_POST['messageId'])) { $messageId = intval($_POST['messageId']); $messageContent = $_POST['social_wall_new_msg']; $res = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $messageContent, $messageId, MESSAGE_STATUS_WALL); $url = api_get_path(WEB_CODE_PATH) . 'social/profile.php'; $url .= empty($_SERVER['QUERY_STRING']) ? '' : '?' . Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else { if (isset($_GET['messageId'])) { $messageId = Security::remove_XSS($_GET['messageId']); $status = SocialManager::deleteMessage($messageId); header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/profile.php'); exit; } else { if (isset($_GET['u'])) { //I'm your friend? I can see your profile? $user_id = intval($_GET['u']); if (api_is_anonymous($user_id, true)) {
if (!empty($_POST['social_wall_new_msg_main']) || !empty($_FILES['picture']['tmp_name'])) { $messageId = 0; $idMessage = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $_POST['social_wall_new_msg_main'], $messageId, MESSAGE_STATUS_WALL_POST); if (!empty($_FILES['picture']['tmp_name']) && $idMessage > 0) { $error = SocialManager::sendWallMessageAttachmentFile(api_get_user_id(), $_FILES['picture'], $idMessage, $fileComment = ''); } $url = api_get_path(WEB_CODE_PATH) . 'social/profile.php'; $url .= empty($_SERVER['QUERY_STRING']) ? '' : '?'.Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else if (!empty($_POST['social_wall_new_msg']) && !empty($_POST['messageId'])) { $messageId = intval($_POST['messageId']); $res = SocialManager::sendWallMessage(api_get_user_id(), $friendId, $_POST['social_wall_new_msg'], $messageId , MESSAGE_STATUS_WALL); $url = api_get_path(WEB_CODE_PATH) . 'social/profile.php'; $url .= empty($_SERVER['QUERY_STRING']) ? '' : '?'.Security::remove_XSS($_SERVER['QUERY_STRING']); header('Location: ' . $url); exit; } else if (isset($_GET['messageId'])) { $messageId = Security::remove_XSS($_GET['messageId']); $status = SocialManager::deleteMessage($messageId); header('Location: ' . api_get_path(WEB_CODE_PATH) . 'social/profile.php'); exit; } else if (isset($_GET['u'])) { //I'm your friend? I can see your profile? $user_id = intval($_GET['u']); if (api_is_anonymous($user_id, true)) { api_not_allowed(true);