chamilo-lms/main/inc/ajax/message.ajax.php

<?php
/* For licensing terms, see /license.txt */
/**
 * Responses to AJAX calls
 */

require_once '../global.inc.php';

$action = $_GET['a'];

switch ($action) {
    case 'send_message':
        $subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;
        $messageContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;

        if (empty($subject) || empty($messageContent)) {
            echo Display::display_error_message(get_lang('ErrorSendingMessage'));
            exit;
        }

        $result = MessageManager::send_message($_REQUEST['user_id'], $subject, $messageContent);
        if ($result) {
            echo Display::display_confirmation_message(get_lang('MessageHasBeenSent'));
        } else {
            echo Display::display_error_message(get_lang('ErrorSendingMessage'));
        }
        break;
    case 'send_invitation':
        $subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;
        $invitationContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;

        SocialManager::send_invitation_friend_user($_REQUEST['user_id'], $subject, $invitationContent);
        break;
    case 'find_users':
        if (api_is_anonymous()) {
            echo '';
            break;
        }
        $track_online_table      = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);
        $tbl_my_user		     = Database::get_main_table(TABLE_MAIN_USER);
        $tbl_my_user_friend      = Database::get_main_table(TABLE_MAIN_USER_REL_USER);
        $tbl_user 			     = Database::get_main_table(TABLE_MAIN_USER);
        $tbl_access_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
        $search				     = Database::escape_string($_REQUEST['tag']);

        $access_url_id           = api_get_multiple_access_url() == 'true' ? api_get_current_access_url_id() : 1;
        $user_id                 = api_get_user_id();
        $is_western_name_order   = api_is_western_name_order();

        $likeCondition = " AND (firstname LIKE '%$search%' OR lastname LIKE '%$search%' OR email LIKE '%$search%') ";

        if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool') == 'true') {
            // All users
            if (api_get_setting('allow_send_message_to_all_platform_users') == 'true' || api_is_platform_admin() ) {
                if ($access_url_id != 0) {
                    $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                            FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id
                            WHERE
                                u.status <> 6  AND
                                u.user_id <> $user_id AND
                                r.access_url_id = $access_url_id
                                $likeCondition ";

                } else {
                    $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                            FROM $tbl_user u
                            WHERE
                                u.status <> 6  AND
                                u.user_id <> $user_id
                                $likeCondition ";
                }
            } else {
                //only my contacts
                if ($access_url_id != 0) {
                    $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                            FROM $tbl_access_url_rel_user r, $tbl_my_user_friend uf
                            INNER JOIN $tbl_my_user AS u
                            ON uf.friend_user_id = u.user_id
                            WHERE
                                u.status <> 6 AND
                                relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND
                                uf.user_id = $user_id AND
                                friend_user_id <> $user_id AND
                                u.user_id = r.user_id AND
                                r.access_url_id = $access_url_id
                                $likeCondition";
                } else {
                    $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                            FROM $tbl_my_user_friend uf
                            INNER JOIN $tbl_my_user AS u
                            ON uf.friend_user_id = u.user_id
         	                WHERE
                                u.status <> 6 AND
                                relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND
                                uf.user_id = $user_id AND
                                friend_user_id <> $user_id
                                $likeCondition";
                }
            }
        } elseif (api_get_setting('allow_social_tool')=='false' && api_get_setting('allow_message_tool')=='true') {
            if (api_get_setting('allow_send_message_to_all_platform_users') == 'true') {
                $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                        FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id
                        WHERE
                            u.status <> 6  AND
                            u.user_id <> $user_id AND
                            r.access_url_id = $access_url_id
                            $likeCondition ";
            } else {
                $time_limit = api_get_setting('time_limit_whosonline');
                $online_time = time() - $time_limit*60;
                $limit_date	 = api_get_utc_datetime($online_time);
                $sql = "SELECT SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
                        FROM $tbl_my_user u INNER JOIN $track_online_table t
                        ON u.user_id=t.login_user_id
                        WHERE login_date >= '".$limit_date."' AND
                        $likeCondition";
            }
        }
        $sql .=' LIMIT 20';
        $result = Database::query($sql);

        $showEmail = api_get_setting('show_email_addresses');
        $return = array();
        if (Database::num_rows($result) > 0) {
            while ($row = Database::fetch_array($result, 'ASSOC')) {
                $name = api_get_person_name($row['firstname'], $row['lastname']);
                if ($showEmail == 'true') {
                    $name .= ' ('.$row['email'].')';
                }
                $return[] = array(
                    'caption' => $name,
                    'value' => $row['id']
                );
            }
        }
        echo json_encode($return);
        break;
    default:
        echo '';

}
exit;
(no commit message) 16 years ago			`<?php`
Adding some exercises alpha improvements ... 15 years ago			`/* For licensing terms, see /license.txt */`
(no commit message) 16 years ago			`/**`
Feature #347 - System libraries: Removing the parameters __FILE__ and __LINE__ in the Database::query() calls. 16 years ago			`* Responses to AJAX calls`
(no commit message) 16 years ago			`*/`
Minor - deleting unused files 14 years ago
(no commit message) 16 years ago			`require_once '../global.inc.php';`
Minor - deleting unused files 14 years ago
(no commit message) 16 years ago			`$action = $_GET['a'];`

Feature #347 - System libraries: Removing the parameters __FILE__ and __LINE__ in the Database::query() calls. 16 years ago			`switch ($action) {`
Minor - format code 12 years ago			`case 'send_message':`
Validate message content and subject 11 years ago			`$subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;`
			`$messageContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;`

			`if (empty($subject) \|\| empty($messageContent)) {`
			`echo Display::display_error_message(get_lang('ErrorSendingMessage'));`
			`exit;`
			`}`

			`$result = MessageManager::send_message($_REQUEST['user_id'], $subject, $messageContent);`
Minor - deleting unused files 14 years ago			`if ($result) {`
			`echo Display::display_confirmation_message(get_lang('MessageHasBeenSent'));`
			`} else {`
			`echo Display::display_error_message(get_lang('ErrorSendingMessage'));`
			`}`
			`break;`
			`case 'send_invitation':`
Validate sent data on invitation 11 years ago			`$subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : null;`
			`$invitationContent = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : null;`

			`SocialManager::send_invitation_friend_user($_REQUEST['user_id'], $subject, $invitationContent);`
Minor - deleting unused files 14 years ago			`break;`
Minor - format code 12 years ago			`case 'find_users':`
			`if (api_is_anonymous()) {`
			`echo '';`
			`break;`
			`}`
Replace function name. get_user_personal_table to get_main_table get_statistic_table to get_main_table 11 years ago			`$track_online_table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_ONLINE);`
merge yoselyn.7281 12 years ago			`$tbl_my_user = Database::get_main_table(TABLE_MAIN_USER);`
			`$tbl_my_user_friend = Database::get_main_table(TABLE_MAIN_USER_REL_USER);`
			`$tbl_user = Database::get_main_table(TABLE_MAIN_USER);`
			`$tbl_access_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);`
Fixing message search see BT#7851 12 years ago			`$search = Database::escape_string($_REQUEST['tag']);`

			`$access_url_id = api_get_multiple_access_url() == 'true' ? api_get_current_access_url_id() : 1;`
merge yoselyn.7281 12 years ago			`$user_id = api_get_user_id();`
			`$is_western_name_order = api_is_western_name_order();`
Fixing message search see BT#7851 12 years ago
			`$likeCondition = " AND (firstname LIKE '%$search%' OR lastname LIKE '%$search%' OR email LIKE '%$search%') ";`

Minor - format code 12 years ago			`if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool') == 'true') {`
Fixing message search see BT#7851 12 years ago			`// All users`
			`if (api_get_setting('allow_send_message_to_all_platform_users') == 'true' \|\| api_is_platform_admin() ) {`
merge yoselyn.7281 12 years ago			`if ($access_url_id != 0) {`
Fixing message search see BT#7851 12 years ago			`$sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id`
			`WHERE`
			`u.status <> 6 AND`
			`u.user_id <> $user_id AND`
			`r.access_url_id = $access_url_id`
			`$likeCondition ";`
Showing only users from current portal -refs #7281 12 years ago
merge yoselyn.7281 12 years ago			`} else {`
Fixing message search see BT#7851 12 years ago			`$sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_user u`
			`WHERE`
			`u.status <> 6 AND`
			`u.user_id <> $user_id`
			`$likeCondition ";`
merge yoselyn.7281 12 years ago			`}`
Fixing message search see BT#7851 12 years ago			`} else {`
Minor - format code 12 years ago			`//only my contacts`
merge yoselyn.7281 12 years ago			`if ($access_url_id != 0) {`
Fixing message search see BT#7851 12 years ago			`$sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_access_url_rel_user r, $tbl_my_user_friend uf`
			`INNER JOIN $tbl_my_user AS u`
			`ON uf.friend_user_id = u.user_id`
			`WHERE`
			`u.status <> 6 AND`
			`relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND`
			`uf.user_id = $user_id AND`
			`friend_user_id <> $user_id AND`
			`u.user_id = r.user_id AND`
			`r.access_url_id = $access_url_id`
			`$likeCondition";`
merge yoselyn.7281 12 years ago			`} else {`
Fixing message search see BT#7851 12 years ago			`$sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_my_user_friend uf`
			`INNER JOIN $tbl_my_user AS u`
			`ON uf.friend_user_id = u.user_id`
			`WHERE`
			`u.status <> 6 AND`
			`relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND`
			`uf.user_id = $user_id AND`
			`friend_user_id <> $user_id`
			`$likeCondition";`
merge yoselyn.7281 12 years ago			`}`
Minor - format code 12 years ago			`}`
			`} elseif (api_get_setting('allow_social_tool')=='false' && api_get_setting('allow_message_tool')=='true') {`
Fixing message search see BT#7851 12 years ago			`if (api_get_setting('allow_send_message_to_all_platform_users') == 'true') {`
			`$sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id`
			`WHERE`
			`u.status <> 6 AND`
			`u.user_id <> $user_id AND`
			`r.access_url_id = $access_url_id`
			`$likeCondition ";`
			`} else {`
			`$time_limit = api_get_setting('time_limit_whosonline');`
			`$online_time = time() - $time_limit*60;`
			`$limit_date = api_get_utc_datetime($online_time);`
			`$sql = "SELECT SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email`
			`FROM $tbl_my_user u INNER JOIN $track_online_table t`
			`ON u.user_id=t.login_user_id`
			`WHERE login_date >= '".$limit_date."' AND`
			`$likeCondition";`
			`}`
Minor - format code 12 years ago			`}`
			`$sql .=' LIMIT 20';`
Fixing message search see BT#7851 12 years ago			`$result = Database::query($sql);`
Feature #347 - System libraries: Removing the parameters __FILE__ and __LINE__ in the Database::query() calls. 16 years ago
Fixing message search see BT#7851 12 years ago			`$showEmail = api_get_setting('show_email_addresses');`
			`$return = array();`
Minor - format code 12 years ago			`if (Database::num_rows($result) > 0) {`
			`while ($row = Database::fetch_array($result, 'ASSOC')) {`
Fixing message search see BT#7851 12 years ago			`$name = api_get_person_name($row['firstname'], $row['lastname']);`
			`if ($showEmail == 'true') {`
			`$name .= ' ('.$row['email'].')';`
			`}`
			`$return[] = array(`
			`'caption' => $name,`
			`'value' => $row['id']`
			`);`
Minor - format code 12 years ago			`}`
			`}`
			`echo json_encode($return);`
			`break;`
			`default:`
			`echo '';`
Feature #347 - System libraries: Removing the parameters __FILE__ and __LINE__ in the Database::query() calls. 16 years ago
(no commit message) 16 years ago			`}`
Minor - format code 12 years ago			`exit;`