if (is_user_logged_in()) {
$friend_from = $current_user->ID;
$friend_to = $_POST['friend_to'];
// Check to see if already a friend
$sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_friends WHERE friend_accepted = 'on' AND ((friend_from = %d AND friend_to = %d) OR (friend_to = %d AND friend_from = %d))";
$already_a_friend = $wpdb->get_var( $wpdb->prepare ($sql, $friend_to, $current_user->ID, $friend_to, $current_user->ID));
if ($already_a_friend >= 1) {
// already a friend
} else {
// Delete pending request
$sql = "DELETE FROM ".$wpdb->base_prefix."symposium_friends WHERE (friend_from = %d AND friend_to = %d) OR (friend_to = %d AND friend_from = %d)";
if (__wps__safe_param($friend_from)) {
$wpdb->query( $wpdb->prepare( $sql, $friend_to, $current_user->ID, $friend_to, $current_user->ID ) );
}
// Add the two friendship rows
$wpdb->query( $wpdb->prepare( "
INSERT INTO ".$wpdb->base_prefix."symposium_friends
( friend_from,
friend_to,
friend_timestamp,
friend_accepted,
friend_message
)
VALUES ( %d, %d, %s, %s, %s )",
array(
$current_user->ID,
}
exit;
}
// AJAX function to subscribe/unsubscribe to new symposium topics
if ($_POST['action'] == 'updateForumSubscribe') {
if (is_user_logged_in()) {
$subs = $wpdb->prefix . 'symposium_subs';
$action = $_POST['value'];
$cid = $_POST['cid'];
// Store subscription if wanted
if (__wps__safe_param($cid))
$wpdb->query($wpdb->prepare("DELETE FROM ".$wpdb->prefix."symposium_subs WHERE uid = %d AND tid = 0 AND (cid = %d OR cid = 0)", $current_user->ID, $cid));
if ($action == 1)
{
// Store subscription if wanted
$wpdb->query( $wpdb->prepare( "
INSERT INTO ".$subs."
( uid,
tid,
cid
)
VALUES ( %d, %d, %d )",
array(
$current_user->ID,
0,
function __wps__mail_messages_menu() {
global $wpdb;
if (isset($_GET['mail_mid_del'])) {
if (__wps__safe_param($_GET['mail_mid_del'])) {
// Update
$wpdb->query( $wpdb->prepare( "DELETE FROM ".$wpdb->base_prefix."symposium_mail WHERE mail_mid = %d", $_GET['mail_mid_del'] ) );
} else {
echo "BAD PARAMETER PASSED: ".$_GET['mail_mid_del'];
}
}
echo '<div class="wrap">';
echo '<div id="icon-themes" class="icon32"><br /></div>';
echo '<h2>'.sprintf(__('%s Management', WPS_TEXT_DOMAIN), WPS_WL).'</h2><br />';
__wps__show_manage_tabs_header('messages');
$all = $wpdb->get_var("SELECT count(*) FROM ".$wpdb->base_prefix."symposium_mail");
// Paging info
$showpage = 0;
$pagesize = 20;
$numpages = floor($all / $pagesize);
if ($all % $pagesize > 0) { $numpages++; }
if (isset($_GET['showpage']) && $_GET['showpage']) { $showpage = $_GET['showpage']-1; } else { $showpage = 0; }
if ($showpage >= $numpages) { $showpage = $numpages-1; }
$start = ($showpage * $pagesize);
if ($start < 0) { $start = 0; }
// Query
$sql = "SELECT m.* FROM ".$wpdb->base_prefix."symposium_mail m ";
$sql .= "ORDER BY m.mail_mid DESC ";
$sql .= "LIMIT ".$start.", ".$pagesize;
$messages = $wpdb->get_results($sql);
// Pagination (top)
echo __wps__pagination($numpages, $showpage, "admin.php?page=__wps__mail_messages_menu&showpage=");
echo '<br /><table class="widefat">';
echo '<thead>';
echo '<tr>';
echo '<th>ID</td>';
echo '<th>'.__('From', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('To', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Subject', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Sent', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Action', WPS_TEXT_DOMAIN).'</th>';
echo '</tr>';
echo '</thead>';
echo '<tfoot>';
echo '<tr>';
echo '<th>ID</th>';
echo '<th>'.__('From', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('To', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Subject', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Sent', WPS_TEXT_DOMAIN).'</th>';
echo '<th>'.__('Action', WPS_TEXT_DOMAIN).'</th>';
echo '</tr>';
echo '</tfoot>';
echo '<tbody>';
echo '<style>.mail_rollover:hover { background-color: #ccc; } </style>';
if ($messages) {
foreach ($messages as $message) {
echo '<tr class="mail_rollover">';
echo '<td valign="top" style="width: 30px">'.$message->mail_mid.'</td>';
echo '<td valign="top" style="width: 100px">'.__wps__profile_link($message->mail_from).'</td>';
echo '<td valign="top" style="width: 100px">'.__wps__profile_link($message->mail_to).'</td>';
echo '<td valign="top" style="width: 200px; text-align:center;">';
$preview = stripslashes($message->mail_subject);
$preview_length = 150;
if ( strlen($preview) > $preview_length ) { $preview = substr($preview, 0, $preview_length)."..."; }
echo '<div style="float: left;">';
echo '<a class="show_full_message" id="'.$message->mail_mid.'" style="cursor:pointer;margin-left:6px;">';
echo $preview;
echo '</a></div>';
echo '</td>';
echo '<td valign="top" style="width: 150px">'.$message->mail_sent.'</td>';
echo '<td valign="top" style="width: 50px">';
$showpage = (isset($_GET['showpage'])) ? $_GET['showpage'] : 0;
echo "<span class='trash delete'><a href='admin.php?page=__wps__mail_messages_menu&action=message_del&showpage=".$showpage."&mail_mid_del=".$message->mail_mid."'>".__('Trash', WPS_TEXT_DOMAIN)."</a></span>";
echo '</td>';
echo '</tr>';
}
} else {
echo '<tr><td colspan="6"> </td></tr>';
}
echo '</tbody>';
echo '</table>';
// Pagination (bottom)
echo __wps__pagination($numpages, $showpage, "admin.php?page=__wps__mail_messages_menu&showpage=");
__wps__show_manage_tabs_header_end();
echo '</div>'; // End of wrap div
}
$html .= '<textarea ';
if (get_option(WPS_OPTIONS_PREFIX.'_elastic')) $html .= 'class="elastic" ';
$html .= 'id="__wps__group_comment" onblur="this.value=(this.value==\'\') ? \''.$whatsup.'\' : this.value;" onfocus="this.value=(this.value==\''.$whatsup.'\') ? \'\' : this.value;">';
$html .= $whatsup;
$html .= '</textarea>';
if (get_option(WPS_OPTIONS_PREFIX.'_show_buttons')) {
$html .= '<br /><input id="symposium_group_add_comment" type="submit" class="__wps__button" style="width:75px;" value="'.__('Post', WPS_TEXT_DOMAIN).'" /> ';
}
$html .= '</div>';
}
if ($post != '' && __wps__safe_param($post)) {
// Re-act to a single post (probably from mail link)
$sql = "SELECT c.*, u.display_name FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID WHERE c.cid = %d AND c.comment_parent = 0 AND c.is_group = 'on' ORDER BY c.comment_timestamp DESC LIMIT %d, %d";
$comments = $wpdb->get_results($wpdb->prepare($sql, $post, $limit_from, $limit_count));
} else {
// Show whole wall
$sql = "SELECT c.*, u.display_name FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID WHERE c.comment_parent = 0 AND c.subject_uid = %d AND c.is_group = 'on' ORDER BY c.comment_timestamp DESC LIMIT %d, %d";
$comments = $wpdb->get_results($wpdb->prepare($sql, $uid1, $limit_from, $limit_count));
}