diff --git a/main/admin/add_users_to_group.php b/main/admin/add_users_to_group.php index 94831ad06d..b18658df8d 100644 --- a/main/admin/add_users_to_group.php +++ b/main/admin/add_users_to_group.php @@ -44,15 +44,6 @@ if(isset($_REQUEST['add_type']) && $_REQUEST['add_type']!=''){ $add_type = Security::remove_XSS($_REQUEST['add_type']); } -/* -if (!api_is_platform_admin()) { - $sql = 'SELECT session_admin_id FROM '.Database :: get_main_table(TABLE_MAIN_SESSION).' WHERE id='.$id_session; - $rs = Database::query($sql,__FILE__,__LINE__); - if(Database::result($rs,0,0)!=$_user['user_id']) { - api_not_allowed(true); - } -}*/ - //checking for extra field with filter on include_once (api_get_path(LIBRARY_PATH).'usermanager.lib.php'); include_once (api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php'); @@ -203,49 +194,30 @@ $UserList=$SessionList=array(); $users=$sessions=array(); $noPHP_SELF=true; + +$group_info = GroupPortalManager::get_group_data($group_id); +Display::display_header($tool_name); +//api_display_tool_title($tool_name.' ('.$session_info['name'].')'); + + if($_POST['form_sent']) { $form_sent = $_POST['form_sent']; $firstLetterUser = $_POST['firstLetterUser']; $firstLetterSession = $_POST['firstLetterSession']; $UserList = $_POST['sessionUsersList']; - $ClassList = $_POST['sessionClassesList']; - + $ClassList = $_POST['sessionClassesList']; $group_id = intval($_POST['id']); if(!is_array($UserList)) { $UserList=array(); } - - if ($form_sent == 1) { - + if ($form_sent == 1) { GroupPortalManager::delete_users($group_id); $result = GroupPortalManager::add_users_to_groups($UserList, array($group_id)); - - - //SessionManager::suscribe_users_to_session($id_session,$UserList,true,true); - - //adding the session to the access_url_rel_session table - /*global $_configuration; - require_once (api_get_path(LIBRARY_PATH).'urlmanager.lib.php'); - if ($_configuration['multiple_access_urls']==true) { - $tbl_user_rel_access_url= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER); - $access_url_id = api_get_current_access_url_id(); - UrlManager::add_session_to_url($id_session,$access_url_id); - } else { - // we are filling by default the access_url_rel_session table - UrlManager::add_session_to_url($id_session,1); - }*/ - //if(empty($_GET['add'])) - //header('Location: '.Security::remove_XSS($_GET['page']).'?id_session='.$id_session); - //else - header('Location: group_list.php'); + Display :: display_confirmation_message(get_lang('UsersEdited')); } } -$group_info = GroupPortalManager::get_group_data($group_id); -Display::display_header($tool_name); -//api_display_tool_title($tool_name.' ('.$session_info['name'].')'); - $nosessionUsersList = $sessionUsersList = array(); /*$sql = 'SELECT COUNT(1) FROM '.$tbl_user; $rs = Database::query($sql, __FILE__, __LINE__); @@ -477,7 +449,7 @@ if(!empty($errorMsg)) { : - : + : diff --git a/main/admin/group_add.php b/main/admin/group_add.php index b7314d17e4..b38561487d 100644 --- a/main/admin/group_add.php +++ b/main/admin/group_add.php @@ -68,6 +68,8 @@ $form->addRule('picture', get_lang('OnlyImagesAllowed').' ('.implode(',', $allow $status = array(); $status[GROUP_PERMISSION_OPEN] = get_lang('Open'); $status[GROUP_PERMISSION_CLOSED] = get_lang('Closed'); +$status[GROUP_PERMISSION_APPROVAL_NEEDED] = get_lang('ApprovalNeeded'); + $form->addElement('select', 'visibility', get_lang('GroupPermissions'), $status); // Set default values diff --git a/main/admin/group_edit.php b/main/admin/group_edit.php index 43244b1bb7..4d02420fb0 100644 --- a/main/admin/group_edit.php +++ b/main/admin/group_edit.php @@ -71,6 +71,7 @@ if (strlen($group_data['picture_uri']) > 0) { $status = array(); $status[GROUP_PERMISSION_OPEN] = get_lang('Open'); $status[GROUP_PERMISSION_CLOSED] = get_lang('Closed'); +$status[GROUP_PERMISSION_APPROVAL_NEEDED] = get_lang('ApprovalNeeded'); $form->addElement('select', 'visibility', get_lang('GroupPermissions'), $status, array()); diff --git a/main/inc/header.inc.php b/main/inc/header.inc.php index 9d53f87b19..66128cf4fe 100644 --- a/main/inc/header.inc.php +++ b/main/inc/header.inc.php @@ -219,4 +219,4 @@ include(api_get_path(LIBRARY_PATH).'/javascript/email_links.lib.js.php'); addElement('static', null, null, 'Username'); $form->addElement('text', 'login', '', array('size' => USERNAME_MAX_LENGTH)); @@ -2810,7 +2810,7 @@ function api_plugin($location) { global $_plugins; if (isset($_plugins[$location]) && is_array($_plugins[$location])) { foreach ($_plugins[$location] as $this_plugin) { - include api_get_path(SYS_PLUGIN_PATH)."$this_plugin/index.php"; + require_once api_get_path(SYS_PLUGIN_PATH)."$this_plugin/index.php"; } } } diff --git a/main/inc/lib/social.lib.php b/main/inc/lib/social.lib.php index ecc062804e..04617c9f22 100755 --- a/main/inc/lib/social.lib.php +++ b/main/inc/lib/social.lib.php @@ -1,12 +1,16 @@ + * @author Julio Montoya Cleaning code * @param int user friend id * @param int user id - * @param int kind of relation between users + * @param int relation between users see constants definition * @return void */ - public static function register_friend ($friend_id,$my_user_id,$relation_type) { + public static function register_friend ($friend_id,$my_user_id,$relation_type) { $tbl_my_friend = Database :: get_main_table(TABLE_MAIN_USER_FRIEND); - $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE friend_user_id=' . ((int)$friend_id).' AND user_id='.((int)$my_user_id); - + + $friend_id = intval($friend_id); + $my_user_id = intval($my_user_id); + $relation_type = intval($relation_type); + + $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE friend_user_id=' .$friend_id.' AND user_id='.$my_user_id; + error_log($sql); $result = Database::query($sql, __FILE__, __LINE__); $row = Database :: fetch_array($result, 'ASSOC'); if ($row['count'] == 0) { $current_date=date('Y-m-d H:i:s'); - $sql_i = 'INSERT INTO ' . $tbl_my_friend . '(friend_user_id,user_id,relation_type,last_edit)values(' . ((int)$friend_id) . ','.((int)$my_user_id).','.((int)$relation_type).',"'.$current_date.'");'; + $sql_i = 'INSERT INTO ' . $tbl_my_friend . '(friend_user_id,user_id,relation_type,last_edit)values(' . $friend_id . ','.$my_user_id.','.$relation_type.',"'.$current_date.'");'; Database::query($sql_i, __FILE__, __LINE__); } else { - $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE friend_user_id=' . ((int)$friend_id) . ' AND user_id='.((int)$my_user_id); + $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE friend_user_id=' . $friend_id . ' AND user_id='.$my_user_id; $result = Database::query($sql, __FILE__, __LINE__); $row = Database :: fetch_array($result, 'ASSOC'); if ($row['count'] == 1) { - $sql_i = 'UPDATE ' . $tbl_my_friend . ' SET relation_type='.((int)$relation_type).' WHERE friend_user_id=' . ((int)$friend_id).' AND user_id='.((int)$my_user_id); + $sql_i = 'UPDATE ' . $tbl_my_friend . ' SET relation_type='.$relation_type.' WHERE friend_user_id=' . $friend_id.' AND user_id='.$my_user_id; Database::query($sql_i, __FILE__, __LINE__); } } @@ -46,23 +56,26 @@ class SocialManager extends UserManager { /** * Allow to delete contact to social network *@author isaac flores paz + *@author Julio Montoya Cleaning code *@param int user friend id - *@return void */ public static function removed_friend ($friend_id) { - $tbl_my_friend = Database :: get_main_table(TABLE_MAIN_USER_FRIEND); + $tbl_my_friend = Database :: get_main_table(TABLE_MAIN_USER_FRIEND); $tbl_my_message = Database :: get_main_table(TABLE_MAIN_MESSAGE); + $user_id=api_get_user_id(); - $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE user_id=' . ((int)$user_id) . ' AND relation_type<>6 AND friend_user_id='.((int)$friend_id); + $friend_id = intval($friend_id); + + $sql = 'SELECT COUNT(*) as count FROM ' . $tbl_my_friend . ' WHERE user_id=' . $user_id . ' AND relation_type<>6 AND friend_user_id='.$friend_id; $result = Database::query($sql, __FILE__, __LINE__); $row = Database :: fetch_array($result, 'ASSOC'); if ($row['count'] == 1) { //Delete user friend - $sql_i = 'UPDATE ' . $tbl_my_friend . ' SET relation_type=6 WHERE user_id=' . ((int)$user_id).' AND friend_user_id='.((int)$friend_id); - $sql_j = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . ((int)$user_id).' AND user_sender_id='.((int)$friend_id); + $sql_i = 'UPDATE ' . $tbl_my_friend .' SET relation_type='.SOCIALDELETED.' WHERE user_id=' . $user_id.' AND friend_user_id='.$friend_id; + $sql_j = 'UPDATE ' . $tbl_my_message.' SET msg_status=7 WHERE user_receiver_id=' . $user_id.' AND user_sender_id='.$friend_id; //Delete user - $sql_ij = 'UPDATE ' . $tbl_my_friend . ' SET relation_type=6 WHERE user_id=' . ((int)$friend_id).' AND friend_user_id='.((int)$user_id); - $sql_ji = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . ((int)$friend_id).' AND user_sender_id='.((int)$user_id); + $sql_ij = 'UPDATE ' . $tbl_my_friend . ' SET relation_type='.SOCIALDELETED.' WHERE user_id=' . $friend_id.' AND friend_user_id='.$user_id; + $sql_ji = 'UPDATE ' . $tbl_my_message . ' SET msg_status=7 WHERE user_receiver_id=' . $friend_id.' AND user_sender_id='.$user_id; Database::query($sql_i, __FILE__, __LINE__); Database::query($sql_j, __FILE__, __LINE__); Database::query($sql_ij, __FILE__, __LINE__); @@ -189,8 +202,9 @@ class SocialManager extends UserManager { return $list_path_image_friend; } /** - * allow to sent an invitation to my contacts + * Sends an invitation to contacts * @author isaac flores paz + * @author Julio Montya Cleaning code * @param int user id * @param int user friend id * @param string title of the message @@ -198,22 +212,29 @@ class SocialManager extends UserManager { * @return boolean */ public static function send_invitation_friend ($user_id,$friend_id,$message_title,$message_content) { - $tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE); - $current_date=date('Y-m-d H:i:s',time()); + $tbl_message = Database::get_main_table(TABLE_MAIN_MESSAGE); + $user_id = intval($user_id); + $friend_id = intval($friend_id); + $message_title = Database::escape_string($message_title); + $message_content = Database::escape_string($message_content); + + $current_date = date('Y-m-d H:i:s',time()); $status_invitation=5;//status of pending invitation - $sql_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).' AND msg_status IN(5,6,7);'; + $sql_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.($user_id).' AND user_receiver_id='.($friend_id).' AND msg_status IN(5,6,7);'; + $res_exist=Database::query($sql_exist,__FILE__,__LINE__); $row_exist=Database::fetch_array($res_exist,'ASSOC'); - if ($row_exist['count']==0) { - $sql='INSERT INTO '.$tbl_message.'(user_sender_id,user_receiver_id,msg_status,send_date,title,content) VALUES('.((int)$user_id).','.((int)$friend_id).','.((int)$status_invitation).',"'.$current_date.'","'.$message_title.'","'.$message_content.'")'; + if ($row_exist['count']==0) { + $sql='INSERT INTO '.$tbl_message.'(user_sender_id,user_receiver_id,msg_status,send_date,title,content) VALUES('.$user_id.','.$friend_id.','.$status_invitation.',"'.$current_date.'","'.$message_title.'","'.$message_content.'")'; Database::query($sql,__FILE__,__LINE__); return true; } elseif ($row_exist['count']==1) { - $sql_if_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).' AND msg_status=7'; + //invitation already exist + $sql_if_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.$user_id.' AND user_receiver_id='.$friend_id.' AND msg_status=7'; $res_if_exist=Database::query($sql_if_exist,__FILE__,__LINE__); $row_if_exist=Database::fetch_array($res_if_exist,'ASSOC'); if ($row_if_exist['count']==1) { - $sql_if_exist_up='UPDATE '.$tbl_message.'SET msg_status=5 WHERE user_sender_id='.((int)$user_id).' AND user_receiver_id='.((int)$friend_id).';'; + $sql_if_exist_up='UPDATE '.$tbl_message.'SET msg_status=5 WHERE user_sender_id='.$user_id.' AND user_receiver_id='.$friend_id.';'; Database::query($sql_if_exist_up,__FILE__,__LINE__); return true; } else { @@ -234,13 +255,14 @@ class SocialManager extends UserManager { public static function get_message_number_invitation_by_user_id ($user_receiver_id) { $status_invitation=5;//status of pending invitation $tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE); - $sql='SELECT COUNT(*) as count_message_in_box FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_receiver_id).' AND msg_status=5;'; + $sql='SELECT COUNT(*) as count_message_in_box FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_receiver_id).' AND msg_status=5'; $res=Database::query($sql,__FILE__,__LINE__); $row=Database::fetch_array($res,'ASSOC'); return $row['count_message_in_box']; } + /** - * get invitation list by user id + * Get invitation list received by user * @author isaac flores paz * @param int user id * @return array() @@ -248,13 +270,32 @@ class SocialManager extends UserManager { public static function get_list_invitation_of_friends_by_user_id ($user_id) { $list_friend_invitation=array(); $tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE); - $sql='SELECT user_sender_id,send_date,title,content FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_id).' AND msg_status=5;'; + $sql='SELECT user_sender_id,send_date,title,content FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_id).' AND msg_status = 5'; $res=Database::query($sql,__FILE__,__LINE__); while ($row=Database::fetch_array($res,'ASSOC')) { $list_friend_invitation[]=$row; } return $list_friend_invitation; } + + /** + * Get invitation list sent by user + * @author Julio Montoya + * @param int user id + * @return array() + */ + + public static function get_list_invitation_sent_by_user_id ($user_id) { + $list_friend_invitation=array(); + $tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE); + $sql='SELECT user_receiver_id, send_date,title,content FROM '.$tbl_message.' WHERE user_sender_id = '.intval($user_id).' AND msg_status = 5'; + $res=Database::query($sql,__FILE__,__LINE__); + while ($row=Database::fetch_array($res,'ASSOC')) { + $list_friend_invitation[$row['user_receiver_id']]=$row; + } + return $list_friend_invitation; + } + /** * allow accept invitation * @author isaac flores paz @@ -295,19 +336,20 @@ class SocialManager extends UserManager { Database::query($sql,__FILE__,__LINE__); } /** - * Send invitation a your friends + * Sends invitations to friends * @author Isaac Flores Paz + * @author Julio Montoya Cleaning code * @param void * @return string message invitation */ public static function send_invitation_friend_user ($userfriend_id,$subject_message='',$content_message='') { //$id_user_friend=array(); - $user_info=array(); - $user_info=api_get_user_info($userfriend_id); - $succes=get_lang('MessageSentTo'); + $user_info = array(); + $user_info = api_get_user_info($userfriend_id); + $succes = get_lang('MessageSentTo'); $succes.= ' : '.api_get_person_name($user_info['firstName'], $user_info['lastName']); - if (isset($subject_message) && isset($content_message) && isset($userfriend_id)) { - $send_message = MessageManager::send_message(((int)$userfriend_id),Database::escape_string($subject_message), Database::escape_string($content_message)); + if (isset($subject_message) && isset($content_message) && isset($userfriend_id)) { + $send_message = MessageManager::send_message($userfriend_id, $subject_message, $content_message); if ($send_message) { echo Display::display_confirmation_message($succes,true); } else { @@ -318,16 +360,12 @@ class SocialManager extends UserManager { $count_is_true=false; $count_number_is_true=0; if (isset($userfriend_id) && $userfriend_id>0) { - $user_info=array(); - $user_id=api_get_user_id(); - $user_info=api_get_user_info($user_id); - $message_title=get_lang('Invitation'); - $message_content=$content_message; - $count_is_true=self::send_invitation_friend(((int)$user_id),((int)$userfriend_id),Database::escape_string($message_title),Database::escape_string($message_content)); + $message_title = get_lang('Invitation'); + $count_is_true = self::send_invitation_friend(api_get_user_id(),$userfriend_id, $message_title, $content_message); if ($count_is_true) { echo Display::display_normal_message(get_lang('InvitationHasBeenSent')); }else { - echo Display::display_error_message(get_lang('InvitationHasBeenNotSent')); + echo Display::display_error_message(get_lang('YouAlreadySentAnInvitation')); } } diff --git a/main/messages/message.class.php b/main/messages/message.class.php index 5e799b6ebc..d5b921082a 100755 --- a/main/messages/message.class.php +++ b/main/messages/message.class.php @@ -5,6 +5,20 @@ require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php'; require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php'; require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php'; +/* + * @todo use constants! + */ +define('MESSAGE_STATUS_NEW', '0'); +define('MESSAGE_STATUS_UNREAD', '1'); +define('MESSAGE_STATUS_DELETED', '2'); + +define('MESSAGE_STATUS_INVITATION_PENDING', '5'); +define('MESSAGE_STATUS_INVITATION_ACCEPTED','6'); +define('MESSAGE_STATUS_INVITATION_DENIED', '7'); + + + + class MessageManager { function MessageManager() { @@ -154,29 +168,30 @@ class MessageManager return $message_list; } - public static function send_message ($receiver_user_id, $title, $content, $file_attachments = array(), $file_comments = '', $group_id = 0, $parent_id = 0) { + public static function send_message ($receiver_user_id, $title, $content, $file_attachments = array(), $file_comments = '', $group_id = 0, $parent_id = 0) { global $charset; - $table_message = Database::get_main_table(TABLE_MESSAGE); - $group_id = intval($group_id); + $group_id = intval($group_id); $receiver_user_id = intval($receiver_user_id); $parent_id = intval($parent_id); - - if (is_numeric($receiver_user_id)) { + + if (is_numeric($receiver_user_id)) { + $table_message = Database::get_main_table(TABLE_MESSAGE); $title = api_convert_encoding($title,$charset,'UTF-8'); - $content = api_convert_encoding($content,$charset,'UTF-8'); - $sql = "SELECT COUNT(*) as count FROM $table_message WHERE user_sender_id = ".api_get_user_id()." AND user_receiver_id='$receiver_user_id' AND title = '".Database::escape_string($title)."' AND content ='".Database::escape_string($content)."' AND group_id='$group_id' AND parent_id='$parent_id'"; + $content = api_convert_encoding($content,$charset,'UTF-8'); + //message in inbox + $sql = "SELECT COUNT(*) as count FROM $table_message WHERE user_sender_id = ".api_get_user_id()." AND user_receiver_id='".Database::escape_string($receiver_user_id)."' AND title = '".Database::escape_string($title)."' AND content ='".Database::escape_string($content)."' "; $res_exist = Database::query($sql,__FILE__,__LINE__); $row_exist = Database::fetch_array($res_exist,'ASSOC'); - - if ($row_exist['count'] ==0) { + if ($row_exist['count'] == 0) { //message in outbox - $sql = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content, group_id, parent_id) ". + $sql = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content ) ". " VALUES (". - "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '4', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."','$group_id','$parent_id'". + "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '4', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."'". ")"; $rs = Database::query($sql,__FILE__,__LINE__); - $outbox_last_id = Database::insert_id(); + $outbox_last_id = Database::insert_id(); + // save attachment file for outbox messages if (is_array($file_attachments)) { $o = 0; @@ -194,6 +209,7 @@ class MessageManager ")"; $result = Database::query($query,__FILE__,__LINE__); $inbox_last_id = Database::insert_id(); + // save attachment file for inbox messages if (is_array($file_attachments)) { $i = 0; @@ -206,6 +222,8 @@ class MessageManager } return $result; } + } else { + return false; } return false; @@ -261,56 +279,55 @@ class MessageManager return false; } - - /** - * Save message attachment file - * @param array contain info about uploaded file - * @param string a comment about the file - * @param int message id - * @param int receiver user id - * @param int sender user id - * @return void - */ public static function save_message_attachment_file($file_attach,$file_comment,$message_id,$receiver_user_id=0,$sender_user_id=0) { $tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT); // Try to add an extension to the file if it hasn't one - $new_file_name = add_ext_on_mime(stripslashes($file_attach['name']), $file_attach['type']); + $new_file_name = add_ext_on_mime(stripslashes($file_attach['name']), $file_attach['type']); + // user's file name - $file_name =$file_attach['name']; + $file_name =$file_attach['name']; + if (!filter_extension($new_file_name)) { Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension')); } else { $new_file_name = uniqid(''); + $message_user_id = ''; if (!empty($receiver_user_id)) { $message_user_id = $receiver_user_id; } else { $message_user_id = $sender_user_id; - } + } + // User-reserved directory where photos have to be placed. $path_user_info = UserManager::get_user_picture_path_by_id($message_user_id, 'system', true); - $path_message_attach = $path_user_info['dir'].'message_attachments/'; + $path_message_attach = $path_user_info['dir'].'message_attachments/'; + // If this directory does not exist - we create it. if (!file_exists($path_message_attach)) { $perm = api_get_setting('permissions_for_new_directories'); $perm = octdec(!empty($perm) ? $perm : '0770'); @mkdir($path_message_attach, $perm, true); } + $new_path=$path_message_attach.$new_file_name; if (!empty($receiver_user_id)) { $result= @copy($file_attach['tmp_name'], $new_path); } else { $result= @move_uploaded_file($file_attach['tmp_name'], $new_path); } + $safe_file_comment= Database::escape_string($file_comment); $safe_file_name = Database::escape_string($file_name); $safe_new_file_name = Database::escape_string($new_file_name); // Storing the attachments if any $sql="INSERT INTO $tbl_message_attach(filename,comment, path,message_id,size) VALUES ( '$safe_file_name', '$safe_file_comment', '$safe_new_file_name' , '$message_id', '".$file_attach['size']."' )"; - $result=Database::query($sql, __LINE__, __FILE__); + $result=Database::query($sql, __LINE__, __FILE__); + $message.=' / '.get_lang('FileUploadSucces').'
'; + } } @@ -321,9 +338,11 @@ class MessageManager * @return void */ public static function delete_message_attachment_file($message_id,$message_uid) { + $message_id = intval($message_id); $message_uid = intval($message_uid); $table_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT); + $sql= "SELECT * FROM $table_message_attach WHERE message_id = '$message_id'"; $rs = Database::query($sql,__FILE__,__LINE__); $new_paths = array(); @@ -445,7 +464,7 @@ class MessageManager $i++; } return $message_list; - } + } /** * Gets information about number messages sent * @author Isaac FLores Paz @@ -591,6 +610,7 @@ class MessageManager } } } + $row = Database::fetch_array($result); $user_con = self::users_connected_by_id(); $band=0; diff --git a/main/messages/send_message.php b/main/messages/send_message.php index 3f91d8f8d7..ea64933bdc 100755 --- a/main/messages/send_message.php +++ b/main/messages/send_message.php @@ -1,28 +1,6 @@ - Copyright (c) Facultad de Matematicas, UADY (México) - Copyright (c) Evie, Free University of Brussels (Belgium) - Copyright (c) 2009 Isaac Flores Paz - - For a full list of contributors, see "credits.txt". - The full license can be read in "license.txt". - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - as published by the Free Software Foundation; either version 2 - of the License, or (at your option) any later version. - - See the GNU General Public License for more details. - - Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium - Mail: info@dokeos.com -============================================================================== -*/ $language_file = array('registration','messages','userInfo','admin'); $cidReset=true; require_once '../inc/global.inc.php'; @@ -35,12 +13,14 @@ if (api_is_anonymous()) { api_not_allowed(); } -$user_id=intval($_POST['user_id']); -$panel_id=intval($_POST['panel_id']); -$content_message=Security::remove_XSS($_POST['txt_content'],COURSEMANAGERLOWSECURITY); //check this is filtered on output -$subject_message=Security::remove_XSS($_POST['txt_subject']); //check this is filtered on output -$user_info=array(); -$user_info=api_get_user_info($user_id); +$user_id = intval($_POST['user_id']); +$panel_id = intval($_POST['panel_id']); + +$content_message = Security::remove_XSS($_POST['txt_content'],COURSEMANAGERLOWSECURITY); //check this is filtered on output +$subject_message = Security::remove_XSS($_POST['txt_subject']); //check this is filtered on output +$user_info = array(); +$user_info = api_get_user_info($user_id); + if ($panel_id==2) { ?> diff --git a/main/messages/send_message_to_userfriend.inc.php b/main/messages/send_message_to_userfriend.inc.php index f646e8f706..c1f50f2073 100755 --- a/main/messages/send_message_to_userfriend.inc.php +++ b/main/messages/send_message_to_userfriend.inc.php @@ -1,4 +1,4 @@ -'true' && api_get_setting('allow_social_tool')<>'true'){ +if (api_get_setting('allow_message_tool') != 'true' && api_get_setting('allow_social_tool') != 'true'){ api_not_allowed(); } diff --git a/main/social/group_add.php b/main/social/group_add.php index 91441bb3c4..096b0a3e35 100644 --- a/main/social/group_add.php +++ b/main/social/group_add.php @@ -3,8 +3,22 @@ $language_file= 'admin'; $cidReset=true; require_once '../inc/global.inc.php'; require_once api_get_path(LIBRARY_PATH).'/formvalidator/FormValidator.class.php'; -$request=api_is_xml_http_request(); -$nameTools = api_xml_http_response_encode(get_lang('AddGroup')); +require_once api_get_path(LIBRARY_PATH).'social.lib.php'; +require_once api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php'; + +api_block_anonymous_users(); + +$nameTools = get_lang('AddGroup'); +$this_section = SECTION_SOCIAL; + +$interbreadcrumb[]= array ('url' =>'home.php','name' => get_lang('Social')); +Display :: display_header($tool_name, 'Groups'); + +//show the action menu +SocialManager::show_social_menu(); +echo '
'; +echo get_lang('Groups'); +echo '
'; global $charset; $table_message = Database::get_main_table(TABLE_MESSAGE); @@ -22,7 +36,7 @@ $form->applyFilter('name', 'trim'); $form->addRule('name', get_lang('ThisFieldIsRequired'), 'required'); // Description -$form->addElement('text', 'description', get_lang('Description')); +$form->addElement('textarea', 'description', get_lang('Description')); $form->applyFilter('description', 'html_filter'); $form->applyFilter('description', 'trim'); @@ -34,40 +48,42 @@ $form->applyFilter('url', 'trim'); // Picture $form->addElement('file', 'picture', get_lang('AddPicture')); - $allowed_picture_types = array ('jpg', 'jpeg', 'png', 'gif'); - $form->addRule('picture', get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')', 'filetype', $allowed_picture_types); +// Status +$status = array(); +$status[GROUP_PERMISSION_OPEN] = get_lang('Open'); +$status[GROUP_PERMISSION_CLOSED] = get_lang('Closed'); +$status[GROUP_PERMISSION_APPROVAL_NEEDED] = get_lang('ApprovalNeeded'); -/* - $form->add_textfield('id_text_name', api_xml_http_response_encode(get_lang('SendMessageTo')),true,array('size' => 40,'id'=>'id_text_name','onkeyup'=>'send_request_and_search()','autocomplete'=>'off','style'=>'padding:0px')); - $form->addRule('id_text_name', api_xml_http_response_encode(get_lang('ThisFieldIsRequired')), 'required'); - $form->addElement('html',''); - $form->addElement('hidden','user_list',0,array('id'=>'user_list')); - -$form->add_textfield('title', api_xml_http_response_encode(get_lang('Title'))); -$form->add_html_editor('content', '', false, false, array('ToolbarSet' => 'Messages', 'Width' => '95%', 'Height' => '250')); -if (isset($_GET['re_id'])) { - $form->addElement('hidden','re_id',Security::remove_XSS($_GET['re_id'])); - $form->addElement('hidden','save_form','save_form'); -} +$form->addElement('select', 'visibility', get_lang('GroupPermissions'), $status); -*/ -$form->addElement('style_submit_button','add_group', api_xml_http_response_encode(get_lang('AddGroup')),'class="save"'); +$form->addElement('style_submit_button','add_group', get_lang('AddGroup'),'class="save"'); $form->setRequiredNote(api_xml_http_response_encode('* '.get_lang('ThisFieldIsRequired').'')); $form->setDefaults($default); if ($form->validate()) { $values = $form->exportValues(); - var_dump($values); - $receiver_user_id = $values['user_list']; - $title = $values['title']; - $content = $values['content']; - //all is well, send the message - //MessageManager::send_message($receiver_user_id, $title, $content); - //MessageManager::display_success_message($receiver_user_id); + + $picture_element = & $form->getElement('picture'); + $picture = $picture_element->getValue(); + $picture_uri = ''; + $name = $values['name']; + $description = $values['description']; + $url = $values['url']; + $status = intval($values['visibility']); + $picture = $_FILES['picture']; + + $group_id = GroupPortalManager::add($name, $description, $url, $status); + GroupPortalManager::add_user_to_group(api_get_user_id(), $group_id,GROUP_USER_PERMISSION_ADMIN); + + if (!empty($picture['name'])) { + $picture_uri = GroupPortalManager::update_group_picture($group_id, $_FILES['picture']['name'], $_FILES['picture']['tmp_name']); + GroupPortalManager::update($group_id, $name, $description, $url,$status, $picture_uri); + } + } else { $form->display(); } diff --git a/main/social/group_edit.php b/main/social/group_edit.php index 251b6818b8..9cb8ad3aa9 100644 --- a/main/social/group_edit.php +++ b/main/social/group_edit.php @@ -49,7 +49,7 @@ $form->applyFilter('name', 'trim'); $form->addRule('name', get_lang('ThisFieldIsRequired'), 'required'); // Description -$form->addElement('text', 'description', get_lang('Description')); +$form->addElement('textarea', 'description', get_lang('Description')); $form->applyFilter('description', 'html_filter'); $form->applyFilter('description', 'trim'); @@ -71,9 +71,10 @@ if (strlen($group_data['picture_uri']) > 0) { $status = array(); $status[GROUP_PERMISSION_OPEN] = get_lang('Open'); $status[GROUP_PERMISSION_CLOSED] = get_lang('Closed'); - +$status[GROUP_PERMISSION_APPROVAL_NEEDED] = get_lang('ApprovalNeeded'); $form->addElement('select', 'visibility', get_lang('GroupPermissions'), $status, array()); + // Submit button $form->addElement('style_submit_button', 'submit', get_lang('ModifyInformation'), 'class="save"'); diff --git a/main/social/group_members.php b/main/social/group_members.php new file mode 100644 index 0000000000..cbb9f846dd --- /dev/null +++ b/main/social/group_members.php @@ -0,0 +1,76 @@ +'home.php','name' => get_lang('Social')); + +api_block_anonymous_users(); + +Display :: display_header($tool_name, 'Groups'); +SocialManager::show_social_menu(); +echo '
'; +echo get_lang('GroupMembers'); +echo '
'; + +// Group information +$group_id = intval($_GET['id']); +$admins = GroupPortalManager::get_users_by_group($group_id, true,GROUP_USER_PERMISSION_ADMIN); +$show_message = ''; + +if (isset($_GET['action']) && $_GET['action']=='add') { + // we add a user only if is a open group + $user_join = intval($_GET['u']); + //if i'm the admin + if (isset($admins[api_get_user_id()]) && $admins[api_get_user_id()]['relation_type'] == GROUP_USER_PERMISSION_ADMIN) { + GroupPortalManager::update_user_permission($user_join, $group_id); + $show_message = get_lang('UserAdded'); + } +} + +if (isset($_GET['action']) && $_GET['action']=='delete') { + // we add a user only if is a open group + $user_join = intval($_GET['u']); + //if i'm the admin + if (isset($admins[api_get_user_id()]) && $admins[api_get_user_id()]['relation_type'] == GROUP_USER_PERMISSION_ADMIN) { + GroupPortalManager::delete_user_rel_group($user_join, $group_id); + $show_message = get_lang('UserDeleted'); + } +} + +$users = GroupPortalManager::get_users_by_group($group_id, true); + +if (! empty($show_message)){ + Display :: display_normal_message($show_message); +} + +$new_member_list = array(); + +foreach($users as $user) { + switch ($user['relation_type']) { + case GROUP_USER_PERMISSION_ADMIN: + $user['link'] = Display::return_icon('admin_star.png', get_lang('Admin')); + break; + case GROUP_USER_PERMISSION_READER: + $user['link'] = ''.Display::return_icon('delete.png', get_lang('Delete')).''; + break; + case GROUP_USER_PERMISSION_PENDING_INVITATION: + $user['link'] = ''.Display::return_icon('pending_invitation.png', get_lang('PendingInvitation')).''; + break; + } + $new_member_list[] = $user; +} + +if (count($new_member_list) > 0) { + Display::display_sortable_grid('search_users', array(), $new_member_list, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, false, true,true,false,true,true)); +} + + +Display :: display_footer(); +?> \ No newline at end of file diff --git a/main/social/groups.php b/main/social/groups.php index b7a1ae93d5..a7d1a300ce 100644 --- a/main/social/groups.php +++ b/main/social/groups.php @@ -19,25 +19,41 @@ echo '
'; echo get_lang('Groups'); echo '
'; +// getting group information $group_id = intval($_GET['id']); +$group_info = GroupPortalManager::get_group_data($group_id); -if ($group_id != 0 ) { +if ($group_id != 0 ) { + + //Loading group information if (isset($_GET['status']) && $_GET['status']=='sent') { Display::display_confirmation_message(api_xml_http_response_encode(get_lang('MessageHasBeenSent')), false); } + if (isset($_GET['action']) && $_GET['action']=='leave') { $user_leaved = intval($_GET['u']); GroupPortalManager::delete_user_rel_group($user_leaved, $group_id); - } + } + + // add a user to a group if its open + if (isset($_GET['action']) && $_GET['action']=='join') { - $user_join = intval($_GET['u']); - GroupPortalManager::add_user_to_group($user_join, $group_id); - } - $group_info = GroupPortalManager::get_group_data($group_id); + // we add a user only if is a open group + $user_join = intval($_GET['u']); + if ($group_info['visibility'] != GROUP_PERMISSION_CLOSED) { + if ($group_info['visibility'] == GROUP_PERMISSION_OPEN) { + GroupPortalManager::add_user_to_group($user_join, $group_id); + } else { + GroupPortalManager::add_user_to_group($user_join, $group_id, GROUP_USER_PERMISSION_PENDING_INVITATION); + } + } + } + $picture = GroupPortalManager::get_picture_group($group_id, $group_info['picture_uri'],160,'medium_'); - $tags = GroupPortalManager::get_group_tags($group_id,true); - $users = GroupPortalManager::get_users_by_group($group_id,true); + $tags = GroupPortalManager::get_group_tags($group_id, true); + $users = GroupPortalManager::get_users_by_group($group_id, true); + //@todo this must be move to default.css for dev use only echo ''; echo '
'; + //Group's title echo '

'.$group_info['name'].'

'; @@ -80,18 +97,28 @@ if ($group_id != 0 ) { echo ''; - + echo get_lang('Members').' : '; + echo '
'; - foreach($users as $user) { - echo '
'.$user['picture_uri'].'
'.$user['firstname'].' '.$user['lastname'].'
'; + foreach($users as $user) { + if ($user['relation_type'] != GROUP_USER_PERMISSION_PENDING_INVITATION) { + if ($user['relation_type'] == GROUP_USER_PERMISSION_ADMIN) { + $user['lastname'].= Display::return_icon('admin_star.png', get_lang('Admin')); + } + echo '
'.$user['picture_uri'].$user['firstname'].$user['lastname'].'
'; } + } echo '
'; + - echo '
'; + echo '
'; + if (is_array($users[api_get_user_id()]) && count($users[api_get_user_id()]) > 0) { //im a member - if ($users[api_get_user_id()]['relation_type']!='') { + + if ($users[api_get_user_id()]['relation_type'] !='' ) { + $my_group_role = $users[api_get_user_id()]['relation_type']; // I'm just a reader if ($my_group_role == GROUP_USER_PERMISSION_READER) { @@ -101,15 +128,22 @@ if ($group_id != 0 ) { } elseif ($my_group_role == GROUP_USER_PERMISSION_ADMIN) { echo 'Im the admin/'; echo ''.get_lang('EditGroup').''; + echo ''.get_lang('MemberList').''; echo 'Invite others'; + } elseif ($my_group_role == GROUP_USER_PERMISSION_PENDING_INVITATION) { + echo 'You should Wait'; } } else { - //im not a member - echo ''.get_lang('JoinGroup').''; + if ($group_info['visibility']!= GROUP_PERMISSION_CLOSED ) { + //im not a member + echo ''.get_lang('JoinGroup').''; + } } } else { //im not a member - echo ''.get_lang('JoinGroup').''; + if ($group_info['visibility'] != GROUP_PERMISSION_CLOSED) { + echo ''.get_lang('JoinGroup').''; + } } echo '
'; // end layout permissions echo '
'; // end layout left @@ -118,9 +152,12 @@ if ($group_id != 0 ) { MessageManager::display_messages_for_group($group_id); echo '
'; // end layout messages echo ''; // end layout right + } else { - // Newest groups ---------------- + + // Newest groups -------- + $results = GroupPortalManager::get_groups_by_age(10 , true); $groups = array(); foreach ($results as $result) { @@ -132,9 +169,10 @@ if ($group_id != 0 ) { if (count($groups) > 0) { echo '

'.get_lang('Newest').'

'; Display::display_sortable_grid('search_users', array(), $groups, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, true, true,false)); - } + } + + // Pop groups ----- - // Pop groups ---------------- $results = GroupPortalManager::get_groups_by_popularity(10 , true); $groups = array(); foreach ($results as $result) { @@ -149,25 +187,25 @@ if ($group_id != 0 ) { } - // My groups + // My groups ----- + $results = GroupPortalManager::get_groups_by_user(api_get_user_id(), 0, true); $groups = array(); + foreach ($results as $result) { $id = $result['id']; $url_open = ''; - $url_close = ''; + $url_close = ''; + if ($result['relation_type'] == GROUP_USER_PERMISSION_ADMIN) { + $result['name'].= Display::return_icon('admin_star.png', get_lang('Admin')); + } $groups[]= array($url_open.$result['picture_uri'].$url_close, $url_open.$result['name'].$url_close); } echo '

'.get_lang('MyGroups').'

'; + echo ''.get_lang('CreateAgroup').''; if (count($groups) > 0) { Display::display_sortable_grid('search_users', array(), $groups, array('hide_navigation'=>true, 'per_page' => 100), $query_vars, false, array(true, true, true,false)); - } else { - echo get_lang('CreateAgroup'); } -} - - - - +} Display :: display_footer(); ?> \ No newline at end of file diff --git a/main/social/invitations.php b/main/social/invitations.php index c4dcd94cfc..8acd8d080e 100644 --- a/main/social/invitations.php +++ b/main/social/invitations.php @@ -1,7 +1,7 @@ 'home.php','name' => get_lang('Social')); +$htmlHeadXtra[] = ''; //jQuery +$htmlHeadXtra[] = ' +'; +api_block_anonymous_users(); + Display :: display_header($tool_name, 'Groups'); SocialManager::show_social_menu(); echo '
'; echo get_lang('Invitations'); -echo '
'; +echo ''; - -api_block_anonymous_users(); -$request=api_is_xml_http_request(); -$language_variable=api_xml_http_response_encode(get_lang('PendingInvitations')); -$language_comment=api_xml_http_response_encode(get_lang('SocialInvitesComment')); + +$request = api_is_xml_http_request(); +$language_variable = api_xml_http_response_encode(get_lang('PendingInvitations')); +$language_comment = api_xml_http_response_encode(get_lang('SocialInvitesComment')); //api_display_tool_title($language_variable); ?>
+.confirm { + border-top:1px solid #D8DFEA; } -for ($i=0;$i<$number_loop;$i++) { -?> -
- - - - - - - -
- - - -
- - - -
- - - - - - +'; -
- - - - -
- - - -
- -
/>
 - - - - - - - - - - - - -
- - - - -
-
- - - -
- - - -
- - - -
- - -
-
-
- +
+ + + + + + + + +
+ + /> + + +
+ +
+
+ +
+
+ + +
+
+
+ '; + +if (count($list_get_invitation_sent) > 0 ){ + echo get_lang('InvitationSent'); + foreach ($list_get_invitation_sent as $invitation) { + $sender_user_id = $invitation['user_receiver_id'];?> +
+ + + + + + + + +
+ + /> + + +
+ +
+
+ +
+
+
+ \ No newline at end of file diff --git a/main/social/profile.php b/main/social/profile.php index 12e391ce11..d01d30f9cf 100644 --- a/main/social/profile.php +++ b/main/social/profile.php @@ -391,9 +391,9 @@ echo '
'; // Images uploaded by course $file_list = ''; if (is_array($course_list_code) && count($course_list_code)>0) { - foreach ($course_list_code as $course) { - $file_list.= UserManager::get_user_upload_files_by_course($user_id,$course['code']); - } + foreach ($course_list_code as $course) { + $file_list.= UserManager::get_user_upload_files_by_course($user_id,$course['code']); + } } if (!empty($file_list)) { @@ -456,7 +456,10 @@ echo '
'; echo '
'; + + //------------------------------------- // LEFT COLUMN + echo '
'; //--- User image @@ -481,7 +484,19 @@ echo '
'; } else { echo '
'; echo '
'; - echo ' '.Display::return_icon('message_new.png').'  '.get_lang('SendMessage').'
'; + echo ' '.Display::return_icon('message_new.png').'  '.get_lang('SendMessage').'
'; + + //check if I already sent an invitation message + $invitation_sent_list = SocialManager::get_list_invitation_sent_by_user_id(api_get_user_id()); + + if (is_array($invitation_sent_list) && is_array($invitation_sent_list[$user_id]) && count($invitation_sent_list[$user_id]) >0 ) { + echo ''.get_lang('YouAlreadySentAnInvitation').''; + } else { + echo ' '.Display :: return_icon('add_multiple_users.gif', get_lang('SocialInvitationToFriends')).' '.get_lang('SendInvitation').''; + } + + + echo '
'; } echo '
'; diff --git a/main/social/register_friend.php b/main/social/register_friend.php index 94accdf016..c5630d7b9f 100755 --- a/main/social/register_friend.php +++ b/main/social/register_friend.php @@ -17,21 +17,22 @@ $friend_id_qualify = Security::remove_XSS($_POST['user_id_friend_q']); $type_friend_qualify = Security::remove_XSS($_POST['type_friend_q']); //filtered? $is_my_friend = Security::remove_XSS($_POST['is_my_friend']); //filtered? if (isset($_POST['is_my_friend'])) { - $relation_type='3';//my friend + $relation_type=SOCIALFRIEND;//my friend } else { - $relation_type='1';//Contact unknown + $relation_type=SOCIALUNKNOW;//Contact unknown } if (isset($_POST['friend_id'])) { - SocialManager::register_friend ((int)$the_current_user_id,(int)$my_current_friend,(int)$relation_type); - SocialManager::register_friend ((int)$my_current_friend,(int)$the_current_user_id,(int)$relation_type); - SocialManager::invitation_accepted ((int)$my_current_friend,(int)$the_current_user_id); + + SocialManager::register_friend($the_current_user_id,$my_current_friend,$relation_type); + SocialManager::register_friend($my_current_friend,$the_current_user_id,$relation_type); + SocialManager::invitation_accepted($my_current_friend,$the_current_user_id); + if (isset($_POST['is_my_friend'])) { echo api_xml_http_response_encode(get_lang('AddedContactToList')); } else { Display::display_normal_message(api_xml_http_response_encode(get_lang('AddedContactToList'))); } - } if (isset($_POST['denied_friend_id'])) { SocialManager::invitation_denied((int)$my_denied_current_friend,(int)$the_current_user_id);