* $Author: liubo $
* $Id: user_msg.php 17217 2011-01-19 06:29:08Z liubo $
*/
define('IN_ECS', true);
require dirname(__FILE__) . '/includes/init.php';
/*初始化数据交换对象 */
$table = "hteacher.ht_feedback";
$exc = new exchange($table, $db, 'msg_id', 'msg_title');
/*------------------------------------------------------ */
//-- 列出所有$from的留言
/*------------------------------------------------------ */
if ($_REQUEST['act'] == "list") {
$smarty->display('msg_list.htm');
exit;
} elseif ($_REQUEST['act'] == 'ajax_list') {
$list = msg_list("class", $table);
make_json($list);
} elseif ($_REQUEST['act'] == 'ajax_save') {
$sql = "INSERT INTO " . $table . "(parent_id, user_id, user_name, user_email, msg_title, \r\n\t msg_type, msg_content, msg_time, msg_status, msg_from)" . " VALUES (0, '{$_SESSION['admin_id']}', '{$_SESSION['admin_name']}', ' ', " . " '{$_POST['msg_title']}', 0, '{$_POST['msg_content']}', '" . gmtime() . "', '0', 'class')";
$db->query($sql);
admin_log(addslashes($_REQUEST["msg_title"]), 'add', $sql);
make_json_result("添加“" . $_REQUEST["msg_title"] . "”成功!");
} elseif ($_REQUEST['act'] == 'ajax_delete') {
$id = !empty($_REQUEST['msg_id']) ? intval($_REQUEST['msg_id']) : 0;
$sql = "delete from " . $table . " where parent_id={$id} or msg_id=" . $id;
$db->query($sql);
admin_log($_REQUEST["msg_id"], 'delete', $sql);
make_json_result("删除成功!");
}
/**
*
//-- 列出所有留言
/*------------------------------------------------------ */
if ($_REQUEST['act'] == 'list_all') {
assign_query_info();
$msg_list = msg_list();
$smarty->assign('msg_list', $msg_list['msg_list']);
$smarty->assign('filter', $msg_list['filter']);
$smarty->assign('record_count', $msg_list['record_count']);
$smarty->assign('page_count', $msg_list['page_count']);
$smarty->assign('full_page', 1);
$smarty->assign('sort_msg_id', '<img src="images/sort_desc.gif">');
$smarty->assign('ur_here', $_LANG['08_unreply_msg']);
$smarty->assign('full_page', 1);
$smarty->display('msg_list.htm');
} elseif ($_REQUEST['act'] == 'query') {
$msg_list = msg_list();
$smarty->assign('msg_list', $msg_list['msg_list']);
$smarty->assign('filter', $msg_list['filter']);
$smarty->assign('record_count', $msg_list['record_count']);
$smarty->assign('page_count', $msg_list['page_count']);
$sort_flag = sort_flag($msg_list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('msg_list.htm'), '', array('filter' => $msg_list['filter'], 'page_count' => $msg_list['page_count']));
} elseif ($_REQUEST['act'] == 'remove') {
$msg_id = intval($_REQUEST['id']);
/* 检查权限 */
check_authz_json('feedback_priv');
$msg_title = $exc->get_name($msg_id);
$img = $exc->get_name($msg_id, 'message_img');
if ($exc->drop($msg_id)) {
/* 删除图片 */
if (!$mode) {
$mode = get('mode');
}
$mode = mysql_clean($mode);
switch ($mode) {
case 'send_photo_pm':
$array = $_POST;
$array['is_pm'] = true;
$array['from'] = userid();
$cbpm->send_pm($array);
if (error()) {
$errors = error_list();
$response = array('error' => $errors[0]);
}
if (msg()) {
$success = msg_list();
$response = array('success' => $success[0]);
}
echo json_encode($response);
break;
case 'delete_photo':
$id = mysql_clean($_POST['id']);
$photo = $cbphoto->get_photo($id);
$item = get_collection_item($photo['collection_id'], $photo['photo_id']);
$redirect_to = $cbcollection->get_next_prev_item($item['ci_id'], $item['collection_id'], 'next');
$response = array('success' => true, 'redirect_to' => $cbphoto->photo_links($redirect_to[0], 'view_photo'));
/* Delete photo */
$cbphoto->delete_photo($id);
if (error()) {
$response = array('error' => error());
}
case 'spam_comment':
$cid = mysql_clean($_POST['cid']);
$rating = $myquery->spam_comment($cid);
if (msg()) {
$msg = msg_list();
$msg = $msg[0];
}
if (error()) {
$err = error_list();
$err = $err[0];
}
$ajax['msg'] = $msg;
$ajax['err'] = $err;
echo json_encode($ajax);
break;
case 'remove_spam':
$cid = mysql_clean($_POST['cid']);
$rating = $myquery->remove_spam($cid);
if (msg()) {
$msg = msg_list();
$msg = $msg[0];
}
if (error()) {
$err = error_list();
$err = $err[0];
}
$ajax['msg'] = $msg;
$ajax['err'] = $err;
echo json_encode($ajax);
break;
}
$nextpage = " <a href=\"?p=" . $total . "\"><i class=\"fa fa-angle-right\"></i></a>";
}
if ($page - 2 > 0) {
$page2left = " <a href=\"?p=" . ($page - 2) . "\">" . ($page - 2) . "</a> ";
}
if ($page - 1 > 0) {
$page1left = " <a href=\"?p=" . ($page - 1) . "\">" . ($page - 1) . "</a> ";
}
if ($page + 2 <= $total) {
$page2right = " <a href=\"?p=" . ($page + 2) . "\">" . ($page + 2) . "</a> ";
}
if ($page + 1 <= $total) {
$page1right = " <a href=\"?p=" . ($page + 1) . "\">" . ($page + 1) . "</a> ";
}
}
print '<tr>
<td colspan="3"><input type="submit" value="' . $del . '" /></td>
<td colspan="3">';
if ($total != 1) {
print ' <div class="pages"> ' . $pervpage . $page2left . $page1left . '<b>' . $page . '</b>' . $page1right . $page2right . $nextpage . '</div>';
}
print '</td>
</tr>';
}
$p = intval($_GET['p']);
msg_list($p, 50, $user_id, $lng, $lang['delete'], $lang['pages']);
?>
</table>
</form>
<?php
}
/**
* Function used to check weather msg exists or not
*/
function msg($param = 'array')
{
if (count(msg_list()) > 0) {
if ($param != 'array') {
if ($param == 'single') {
$param = 0;
}
$msg = msg_list();
return $msg[$param];
}
return msg_list();
} else {
return false;
}
}
}
redirect_header($back, 3, _AM_MSG_UPDATE_FAIL);
exit;
} elseif (!empty($op)) {
$uid = $xoopsUser->getVar('uid');
foreach ($_POST['ids'] as $msgid) {
change_message_status(intval($msgid), 0, $op);
}
$back = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "msgadm.php";
redirect_header($back, 1, _AM_MSG_UPDATED);
exit;
}
xoops_cp_header();
include "mymenu.php";
if (empty($_GET['msgid'])) {
msg_list();
} else {
msg_detail(intval($_GET['msgid']));
}
xoops_cp_footer();
function msg_list()
{
global $msg_status, $xoopsDB, $xoopsUser, $xoopsModuleConfig, $xoopsModule, $myts;
$labels = array('mtime' => _AM_FORM_MTIME, 'status' => _AM_MSG_STATUS, 'fidref' => _AM_FORM_TITLE, 'cfrom' => _AM_MSG_FROM, 'uname' => _AM_MSG_CHARGE, 'comms' => _AM_MSG_COMMS, 'ope' => _AM_OPERATION);
$orders = array('mtime' => 'DESC', 'fidref' => 'ASC', 'uname' => 'ASC', 'status' => 'ASC', 'uid' => 'ASC', 'orders' => array('mtime'));
$listctrl = new ListCtrl('msgadm', $orders);
$start = isset($_GET['start']) ? intval($_GET['start']) : 0;
$search = isset($_GET['q']) ? $myts->stripSlashesGPC($_GET['q']) : '';
$max = $xoopsModuleConfig['max_lists'];
$users = $xoopsDB->prefix('users');
$comms = $xoopsDB->prefix('xoopscomments');
/*初始化数据交换对象 */
$table = $ecs->table("message");
$guardian = get_guardian($class_code, $_SESSION[student_code]);
$_SESSION[guardian_id] = $guardian['guardian_id'];
/*------------------------------------------------------ */
//-- 列出所有$from的留言
/*------------------------------------------------------ */
if ($_REQUEST['act'] == "list") {
$class_admins = get_class_admins($class_code);
$smarty->assign("class_admins", $class_admins);
$guardian_id = $_SESSION[guardian_id];
$smarty->assign("guardian_id", $guardian_id);
$smarty->display('message_list.htm');
exit;
} elseif ($_REQUEST['act'] == 'ajax_list') {
$list = msg_list($table);
make_json($list);
} elseif ($_REQUEST['act'] == 'ajax_add') {
$sql = "INSERT INTO " . $table . "(fid, message, msg_type, to_, to_type,\r\n\t from_, from_type, class_code, created)" . " VALUES (" . $_REQUEST['fid'] . ",'" . $_REQUEST['message'] . "', '" . $_REQUEST['msg_type'] . "',\r\n\t '" . $_REQUEST['to_'] . "','" . $_REQUEST['to_type'] . "',\r\n\t '" . $_REQUEST['from_'] . "','" . $_REQUEST['from_type'] . "',\r\n\t '{$class_code}', now())";
$db->query($sql);
admin_log(addslashes($_REQUEST["message"]), 'add', $sql);
make_json_result("添加消息成功!");
} elseif ($_REQUEST['act'] == 'view') {
$id = !empty($_REQUEST['message_id']) ? intval($_REQUEST['message_id']) : 0;
$sql = "select * from " . $ecs->table("message") . " where message_id=" . $id;
$row = $db->getRow($sql);
if (!$row) {
die("您访问的消息不存在!");
}
if ($row['to_'] != $_SESSION['guardian_id'] && $row['to_type'] == "guardian" && ($row['from_'] != $_SESSION['guardian_id'] && $row['from_type'] == "guardian")) {
die("您访问的不属于您自己的消息!");
$db->query($sql);
/* 清除缓存 */
clear_cache_files();
ecs_header("Location: user_msg.php?act=view&id={$_REQUEST['id']}\n");
exit;
} else {
/* 禁止留言显示 */
$sql = "UPDATE " . $ecs->table('feedback') . " SET msg_status = 0 WHERE msg_id = '{$_REQUEST['id']}'";
$db->query($sql);
/* 清除缓存 */
clear_cache_files();
ecs_header("Location: user_msg.php?act=view&id={$_REQUEST['id']}\n");
exit;
}
} elseif ($_REQUEST['act'] == 'query') {
$msg_list = msg_list($_REQUEST['from']);
$smarty->assign('msg_list', $msg_list['msg_list']);
$smarty->assign('filter', $msg_list['filter']);
$smarty->assign('record_count', $msg_list['record_count']);
$smarty->assign('page_count', $msg_list['page_count']);
$sort_flag = sort_flag($msg_list['filter']);
$smarty->assign($sort_flag['tag'], $sort_flag['img']);
make_json_result($smarty->fetch('msg_list.htm'), '', array('filter' => $msg_list['filter'], 'page_count' => $msg_list['page_count']));
} elseif ($_REQUEST['act'] == 'remove') {
$msg_id = intval($_REQUEST['id']);
/* 检查权限 */
check_authz_json('feedback_priv');
$msg_title = $exc->get_name($msg_id);
$img = $exc->get_name($msg_id, 'message_img');
if ($exc->drop($msg_id)) {
/* 删除图片 */
