* $Author: liubo $ * $Id: user_msg.php 17217 2011-01-19 06:29:08Z liubo $ */ define('IN_ECS', true); require dirname(__FILE__) . '/includes/init.php'; /*初始化数据交换对象 */ $table = "hteacher.ht_feedback"; $exc = new exchange($table, $db, 'msg_id', 'msg_title'); /*------------------------------------------------------ */ //-- 列出所有$from的留言 /*------------------------------------------------------ */ if ($_REQUEST['act'] == "list") { $smarty->display('msg_list.htm'); exit; } elseif ($_REQUEST['act'] == 'ajax_list') { $list = msg_list("class", $table); make_json($list); } elseif ($_REQUEST['act'] == 'ajax_save') { $sql = "INSERT INTO " . $table . "(parent_id, user_id, user_name, user_email, msg_title, \r\n\t msg_type, msg_content, msg_time, msg_status, msg_from)" . " VALUES (0, '{$_SESSION['admin_id']}', '{$_SESSION['admin_name']}', ' ', " . " '{$_POST['msg_title']}', 0, '{$_POST['msg_content']}', '" . gmtime() . "', '0', 'class')"; $db->query($sql); admin_log(addslashes($_REQUEST["msg_title"]), 'add', $sql); make_json_result("添加“" . $_REQUEST["msg_title"] . "”成功!"); } elseif ($_REQUEST['act'] == 'ajax_delete') { $id = !empty($_REQUEST['msg_id']) ? intval($_REQUEST['msg_id']) : 0; $sql = "delete from " . $table . " where parent_id={$id} or msg_id=" . $id; $db->query($sql); admin_log($_REQUEST["msg_id"], 'delete', $sql); make_json_result("删除成功!"); } /** *
//-- 列出所有留言 /*------------------------------------------------------ */ if ($_REQUEST['act'] == 'list_all') { assign_query_info(); $msg_list = msg_list(); $smarty->assign('msg_list', $msg_list['msg_list']); $smarty->assign('filter', $msg_list['filter']); $smarty->assign('record_count', $msg_list['record_count']); $smarty->assign('page_count', $msg_list['page_count']); $smarty->assign('full_page', 1); $smarty->assign('sort_msg_id', '<img src="images/sort_desc.gif">'); $smarty->assign('ur_here', $_LANG['08_unreply_msg']); $smarty->assign('full_page', 1); $smarty->display('msg_list.htm'); } elseif ($_REQUEST['act'] == 'query') { $msg_list = msg_list(); $smarty->assign('msg_list', $msg_list['msg_list']); $smarty->assign('filter', $msg_list['filter']); $smarty->assign('record_count', $msg_list['record_count']); $smarty->assign('page_count', $msg_list['page_count']); $sort_flag = sort_flag($msg_list['filter']); $smarty->assign($sort_flag['tag'], $sort_flag['img']); make_json_result($smarty->fetch('msg_list.htm'), '', array('filter' => $msg_list['filter'], 'page_count' => $msg_list['page_count'])); } elseif ($_REQUEST['act'] == 'remove') { $msg_id = intval($_REQUEST['id']); /* 检查权限 */ check_authz_json('feedback_priv'); $msg_title = $exc->get_name($msg_id); $img = $exc->get_name($msg_id, 'message_img'); if ($exc->drop($msg_id)) { /* 删除图片 */
if (!$mode) { $mode = get('mode'); } $mode = mysql_clean($mode); switch ($mode) { case 'send_photo_pm': $array = $_POST; $array['is_pm'] = true; $array['from'] = userid(); $cbpm->send_pm($array); if (error()) { $errors = error_list(); $response = array('error' => $errors[0]); } if (msg()) { $success = msg_list(); $response = array('success' => $success[0]); } echo json_encode($response); break; case 'delete_photo': $id = mysql_clean($_POST['id']); $photo = $cbphoto->get_photo($id); $item = get_collection_item($photo['collection_id'], $photo['photo_id']); $redirect_to = $cbcollection->get_next_prev_item($item['ci_id'], $item['collection_id'], 'next'); $response = array('success' => true, 'redirect_to' => $cbphoto->photo_links($redirect_to[0], 'view_photo')); /* Delete photo */ $cbphoto->delete_photo($id); if (error()) { $response = array('error' => error()); }
case 'spam_comment': $cid = mysql_clean($_POST['cid']); $rating = $myquery->spam_comment($cid); if (msg()) { $msg = msg_list(); $msg = $msg[0]; } if (error()) { $err = error_list(); $err = $err[0]; } $ajax['msg'] = $msg; $ajax['err'] = $err; echo json_encode($ajax); break; case 'remove_spam': $cid = mysql_clean($_POST['cid']); $rating = $myquery->remove_spam($cid); if (msg()) { $msg = msg_list(); $msg = $msg[0]; } if (error()) { $err = error_list(); $err = $err[0]; } $ajax['msg'] = $msg; $ajax['err'] = $err; echo json_encode($ajax); break; }
$nextpage = " <a href=\"?p=" . $total . "\"><i class=\"fa fa-angle-right\"></i></a>"; } if ($page - 2 > 0) { $page2left = " <a href=\"?p=" . ($page - 2) . "\">" . ($page - 2) . "</a> "; } if ($page - 1 > 0) { $page1left = " <a href=\"?p=" . ($page - 1) . "\">" . ($page - 1) . "</a> "; } if ($page + 2 <= $total) { $page2right = " <a href=\"?p=" . ($page + 2) . "\">" . ($page + 2) . "</a> "; } if ($page + 1 <= $total) { $page1right = " <a href=\"?p=" . ($page + 1) . "\">" . ($page + 1) . "</a> "; } } print '<tr> <td colspan="3"><input type="submit" value="' . $del . '" /></td> <td colspan="3">'; if ($total != 1) { print ' <div class="pages"> ' . $pervpage . $page2left . $page1left . '<b>' . $page . '</b>' . $page1right . $page2right . $nextpage . '</div>'; } print '</td> </tr>'; } $p = intval($_GET['p']); msg_list($p, 50, $user_id, $lng, $lang['delete'], $lang['pages']); ?> </table> </form> <?php }
/** * Function used to check weather msg exists or not */ function msg($param = 'array') { if (count(msg_list()) > 0) { if ($param != 'array') { if ($param == 'single') { $param = 0; } $msg = msg_list(); return $msg[$param]; } return msg_list(); } else { return false; } }
} redirect_header($back, 3, _AM_MSG_UPDATE_FAIL); exit; } elseif (!empty($op)) { $uid = $xoopsUser->getVar('uid'); foreach ($_POST['ids'] as $msgid) { change_message_status(intval($msgid), 0, $op); } $back = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "msgadm.php"; redirect_header($back, 1, _AM_MSG_UPDATED); exit; } xoops_cp_header(); include "mymenu.php"; if (empty($_GET['msgid'])) { msg_list(); } else { msg_detail(intval($_GET['msgid'])); } xoops_cp_footer(); function msg_list() { global $msg_status, $xoopsDB, $xoopsUser, $xoopsModuleConfig, $xoopsModule, $myts; $labels = array('mtime' => _AM_FORM_MTIME, 'status' => _AM_MSG_STATUS, 'fidref' => _AM_FORM_TITLE, 'cfrom' => _AM_MSG_FROM, 'uname' => _AM_MSG_CHARGE, 'comms' => _AM_MSG_COMMS, 'ope' => _AM_OPERATION); $orders = array('mtime' => 'DESC', 'fidref' => 'ASC', 'uname' => 'ASC', 'status' => 'ASC', 'uid' => 'ASC', 'orders' => array('mtime')); $listctrl = new ListCtrl('msgadm', $orders); $start = isset($_GET['start']) ? intval($_GET['start']) : 0; $search = isset($_GET['q']) ? $myts->stripSlashesGPC($_GET['q']) : ''; $max = $xoopsModuleConfig['max_lists']; $users = $xoopsDB->prefix('users'); $comms = $xoopsDB->prefix('xoopscomments');
/*初始化数据交换对象 */ $table = $ecs->table("message"); $guardian = get_guardian($class_code, $_SESSION[student_code]); $_SESSION[guardian_id] = $guardian['guardian_id']; /*------------------------------------------------------ */ //-- 列出所有$from的留言 /*------------------------------------------------------ */ if ($_REQUEST['act'] == "list") { $class_admins = get_class_admins($class_code); $smarty->assign("class_admins", $class_admins); $guardian_id = $_SESSION[guardian_id]; $smarty->assign("guardian_id", $guardian_id); $smarty->display('message_list.htm'); exit; } elseif ($_REQUEST['act'] == 'ajax_list') { $list = msg_list($table); make_json($list); } elseif ($_REQUEST['act'] == 'ajax_add') { $sql = "INSERT INTO " . $table . "(fid, message, msg_type, to_, to_type,\r\n\t from_, from_type, class_code, created)" . " VALUES (" . $_REQUEST['fid'] . ",'" . $_REQUEST['message'] . "', '" . $_REQUEST['msg_type'] . "',\r\n\t '" . $_REQUEST['to_'] . "','" . $_REQUEST['to_type'] . "',\r\n\t '" . $_REQUEST['from_'] . "','" . $_REQUEST['from_type'] . "',\r\n\t '{$class_code}', now())"; $db->query($sql); admin_log(addslashes($_REQUEST["message"]), 'add', $sql); make_json_result("添加消息成功!"); } elseif ($_REQUEST['act'] == 'view') { $id = !empty($_REQUEST['message_id']) ? intval($_REQUEST['message_id']) : 0; $sql = "select * from " . $ecs->table("message") . " where message_id=" . $id; $row = $db->getRow($sql); if (!$row) { die("您访问的消息不存在!"); } if ($row['to_'] != $_SESSION['guardian_id'] && $row['to_type'] == "guardian" && ($row['from_'] != $_SESSION['guardian_id'] && $row['from_type'] == "guardian")) { die("您访问的不属于您自己的消息!");
$db->query($sql); /* 清除缓存 */ clear_cache_files(); ecs_header("Location: user_msg.php?act=view&id={$_REQUEST['id']}\n"); exit; } else { /* 禁止留言显示 */ $sql = "UPDATE " . $ecs->table('feedback') . " SET msg_status = 0 WHERE msg_id = '{$_REQUEST['id']}'"; $db->query($sql); /* 清除缓存 */ clear_cache_files(); ecs_header("Location: user_msg.php?act=view&id={$_REQUEST['id']}\n"); exit; } } elseif ($_REQUEST['act'] == 'query') { $msg_list = msg_list($_REQUEST['from']); $smarty->assign('msg_list', $msg_list['msg_list']); $smarty->assign('filter', $msg_list['filter']); $smarty->assign('record_count', $msg_list['record_count']); $smarty->assign('page_count', $msg_list['page_count']); $sort_flag = sort_flag($msg_list['filter']); $smarty->assign($sort_flag['tag'], $sort_flag['img']); make_json_result($smarty->fetch('msg_list.htm'), '', array('filter' => $msg_list['filter'], 'page_count' => $msg_list['page_count'])); } elseif ($_REQUEST['act'] == 'remove') { $msg_id = intval($_REQUEST['id']); /* 检查权限 */ check_authz_json('feedback_priv'); $msg_title = $exc->get_name($msg_id); $img = $exc->get_name($msg_id, 'message_img'); if ($exc->drop($msg_id)) { /* 删除图片 */