diff --git a/main/inc/ajax/message.ajax.php b/main/inc/ajax/message.ajax.php index a1e2e97a5e..0de5941a84 100644 --- a/main/inc/ajax/message.ajax.php +++ b/main/inc/ajax/message.ajax.php @@ -11,8 +11,9 @@ require_once '../global.inc.php'; $action = $_GET['a']; switch ($action) { - case 'send_message': - $result = MessageManager::send_message($_REQUEST['user_id'], $_REQUEST['subject'], $_REQUEST['content']); + case 'send_message': + $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : null; + $result = MessageManager::send_message($_REQUEST['user_id'], $subject, $_REQUEST['content']); if ($result) { echo Display::display_confirmation_message(get_lang('MessageHasBeenSent')); } else { @@ -20,59 +21,57 @@ switch ($action) { } break; case 'send_invitation': - SocialManager::send_invitation_friend_user($_REQUEST['user_id'], $_REQUEST['subject'], $_REQUEST['content']); + $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : null; + SocialManager::send_invitation_friend_user($_REQUEST['user_id'], $subject, $_REQUEST['content']); break; - case 'find_users': - if (api_is_anonymous()) { - echo ''; - break; - } - $track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE); - $tbl_my_user = Database::get_main_table(TABLE_MAIN_USER); - $tbl_my_user_friend = Database::get_main_table(TABLE_MAIN_USER_REL_USER); - $tbl_user = Database::get_main_table(TABLE_MAIN_USER); - $search = Database::escape_string($_REQUEST['tag']); + case 'find_users': + if (api_is_anonymous()) { + echo ''; + break; + } + $track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE); + $tbl_my_user = Database::get_main_table(TABLE_MAIN_USER); + $tbl_my_user_friend = Database::get_main_table(TABLE_MAIN_USER_REL_USER); + $tbl_user = Database::get_main_table(TABLE_MAIN_USER); + $search = Database::escape_string($_REQUEST['tag']); - $user_id = api_get_user_id(); - $is_western_name_order = api_is_western_name_order(); + $user_id = api_get_user_id(); + $is_western_name_order = api_is_western_name_order(); - if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool') == 'true') { - //all users - if (api_get_setting('allow_send_message_to_all_platform_users') == 'true' || api_is_platform_admin() ) { - $sql = 'SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name - FROM '.$tbl_user.' u - WHERE u.status <> 6 AND u.user_id <>'.$user_id.' AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; - } else { - //only my contacts - $sql = 'SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name - FROM '.$tbl_my_user_friend.' uf INNER JOIN '.$tbl_my_user.' AS u ON uf.friend_user_id = u.user_id ' . - 'WHERE u.status <> 6 AND relation_type NOT IN('.USER_RELATION_TYPE_DELETED.', '.USER_RELATION_TYPE_RRHH.') - AND uf.user_id = '.$user_id.' AND friend_user_id<>'.$user_id.' - AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; - } - } elseif (api_get_setting('allow_social_tool')=='false' && api_get_setting('allow_message_tool')=='true') { - - $time_limit = api_get_setting('time_limit_whosonline'); - + if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool') == 'true') { + //all users + if (api_get_setting('allow_send_message_to_all_platform_users') == 'true' || api_is_platform_admin() ) { + $sql = 'SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name + FROM '.$tbl_user.' u + WHERE u.status <> 6 AND u.user_id <>'.$user_id.' AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; + } else { + //only my contacts + $sql = 'SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name + FROM '.$tbl_my_user_friend.' uf INNER JOIN '.$tbl_my_user.' AS u ON uf.friend_user_id = u.user_id ' . + 'WHERE u.status <> 6 AND relation_type NOT IN('.USER_RELATION_TYPE_DELETED.', '.USER_RELATION_TYPE_RRHH.') + AND uf.user_id = '.$user_id.' AND friend_user_id<>'.$user_id.' + AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; + } + } elseif (api_get_setting('allow_social_tool')=='false' && api_get_setting('allow_message_tool')=='true') { + $time_limit = api_get_setting('time_limit_whosonline'); $online_time = time() - $time_limit*60; $limit_date = api_get_utc_datetime($online_time); + $sql = 'SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name + FROM '.$tbl_my_user.' u INNER JOIN '.$track_online_table.' t ON u.user_id=t.login_user_id + WHERE login_date >= "'.$limit_date.'" AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; + } + $sql .=' LIMIT 20'; + $result=Database::query($sql); - $sql='SELECT DISTINCT u.user_id as id, '.($is_western_name_order ? 'concat(u.firstname," ",u.lastname," ","( ",u.email," )")' : 'concat(u.lastname," ",u.firstname," ","( ",u.email," )")').' as name - FROM '.$tbl_my_user.' u INNER JOIN '.$track_online_table.' t ON u.user_id=t.login_user_id - WHERE login_date >= "'.$limit_date.'" AND '.($is_western_name_order ? 'concat(u.firstname, " ", u.lastname)' : 'concat(u.lastname, " ", u.firstname)').' LIKE CONCAT("%","'.$search.'","%") '; - } - $sql .=' LIMIT 20'; - $result=Database::query($sql); - - if (Database::num_rows($result) > 0) { - while ($row = Database::fetch_array($result,'ASSOC')) { - $return[] = array('caption'=>$row['name'], 'value'=>$row['id']); - } - } - echo json_encode($return); - break; - default: - echo ''; + if (Database::num_rows($result) > 0) { + while ($row = Database::fetch_array($result, 'ASSOC')) { + $return[] = array('caption'=>$row['name'], 'value'=>$row['id']); + } + } + echo json_encode($return); + break; + default: + echo ''; } -exit; \ No newline at end of file +exit; diff --git a/main/inc/lib/notification.lib.php b/main/inc/lib/notification.lib.php index dda42100ca..d06c0214c4 100644 --- a/main/inc/lib/notification.lib.php +++ b/main/inc/lib/notification.lib.php @@ -166,9 +166,24 @@ class Notification extends Model $extra_headers = array(); $extra_headers['reply_to']['mail'] = $sender_info['email']; $extra_headers['reply_to']['name'] = $sender_info['complete_name']; - api_mail_html($name, $user_info['mail'], Security::filter_terms($title), Security::filter_terms($content), $sender_info['complete_name'], $sender_info['email'], $extra_headers); + api_mail_html( + $name, + $user_info['mail'], + Security::filter_terms($title), + Security::filter_terms($content), + $sender_info['complete_name'], + $sender_info['email'], + $extra_headers + ); } else { - api_mail_html($name, $user_info['mail'], Security::filter_terms($title), Security::filter_terms($content), $this->admin_name, $this->admin_email); + api_mail_html( + $name, + $user_info['mail'], + Security::filter_terms($title), + Security::filter_terms($content), + $this->admin_name, + $this->admin_email + ); } } $params['sent_at'] = api_get_utc_datetime();