From e279a991a84cefe7950207cfb45888f558ce4803 Mon Sep 17 00:00:00 2001
From: Isaac Flores <isaac.flores@beeznest.com>
Date: Thu, 5 Feb 2009 23:34:52 +0100
Subject: [PATCH] [svn r18274] logic changes - allow work with ajax in message
 tool - (see FS#3618)

---
 main/inc/lib/database.lib.php   |   4 +-
 main/inc/lib/message.lib.php    | 268 +++++++++---------------------
 main/messages/inbox.php         |  29 ++--
 main/messages/message.class.php | 277 ++++++++++++++++++++++++++++++++
 main/messages/new_message.php   |  97 +++++++----
 main/messages/outbox.php        | 114 +++++++++++++
 main/messages/view_message.php  |  95 +++--------
 7 files changed, 579 insertions(+), 305 deletions(-)
 create mode 100755 main/messages/message.class.php
 create mode 100755 main/messages/outbox.php

diff --git a/main/inc/lib/database.lib.php b/main/inc/lib/database.lib.php
index ce7f40564e..6493b9266a 100644
--- a/main/inc/lib/database.lib.php
+++ b/main/inc/lib/database.lib.php
@@ -1,4 +1,4 @@
-<?php // $Id: database.lib.php 18156 2009-02-02 17:02:08Z juliomontoya $
+<?php // $Id: database.lib.php 18274 2009-02-05 22:34:52Z iflorespaz $
 /* See license terms in /dokeos_license.txt */
 /**
 ==============================================================================
@@ -77,6 +77,8 @@ define('TABLE_MAIN_USER_FRIEND','user_friend');
 define('TABLE_MAIN_USER_FRIEND_RELATION_TYPE','user_friend_relation_type');
 //Web services
 define('TABLE_MAIN_USER_API_KEY','user_api_key');
+//Message
+define('TABLE_MAIN_MESSAGE','message');
 
 //statistic database tables
 define('TABLE_STATISTIC_TRACK_E_LASTACCESS', 'track_e_lastaccess');
diff --git a/main/inc/lib/message.lib.php b/main/inc/lib/message.lib.php
index 6a9edc59a3..750f68fde5 100644
--- a/main/inc/lib/message.lib.php
+++ b/main/inc/lib/message.lib.php
@@ -5,7 +5,7 @@
 
 	Copyright (c) 2004-2008 Dokeos SPRL
 	Copyright (c) Julio Montoya <gugli100@gmail.com>
-
+	Copyright (c) Isaac Flores <florespaz_isaac@hotmail.com>
 	For a full list of contributors, see "credits.txt".
 	The full license can be read in "license.txt".
 
@@ -23,205 +23,97 @@
 */
 
 include_once(api_get_path(LIBRARY_PATH).'/online.inc.php');
-$table_message = Database::get_course_table(TABLE_MESSAGE);
-
-function get_online_user_list($current_user_id)
-{
-	$min=30;
-	global $_configuration;
-	$userlist = WhoIsOnline($current_user_id,$_configuration['statistics_database'],$min);
-	foreach($userlist as $row) {
-		$receiver_id = $row[0];
-		$online_user_list[$receiver_id] = GetFullUserName($receiver_id).($current_user_id==$receiver_id?("&nbsp;(".get_lang('Myself').")"):(""));
-	}
-	return $online_user_list;
-}
-
-/**
-* Displays info stating that the message is sent successfully.
-*/
-function display_success_message($uid)
-{
-	$success= get_lang('MessageSentTo').
-			"&nbsp;<b>".
-			GetFullUserName($uid).
-			"</b>".
-			"<br><a href=\"".
-			"inbox.php\">".
-			get_lang('BackToInbox').
-			"</a>";
-	Display::display_confirmation_message($success, false);
-}
-
-/**
-* @todo this function seems no longer user
-* but is still mentioned in comments, what can be the use?
-*/
-function validate_text($texto)
-{
-	$MAX_SIZE = 60; // minimun size of chars 
-	$i=0;
-	$lines = array(); //array with lines
-	$token = strtok($texto, "\n");
-	while($token) {
-		$lines[$i]= $token;
-		$token = strtok("\n");
-		$i++;
-	}
-	$modificado= "";
-	for($i=0; $i<count($lines); $i++ ) {
-		if(strlen($lines[$i])>$MAX_SIZE + 1) {
-			$modificado2= substr($lines[$i], 0, $MAX_SIZE);
-			for($j=$MAX_SIZE; $j<strlen($lines[$i]); $j+=$MAX_SIZE) {
-				$modificado2 = $modificado2."\n".substr($lines[$i], $j, $MAX_SIZE);
-			}
-		} else {
-			$modificado2= $lines[$i];
-		}
-		$modificado = $modificado.$modificado2."\n";
-	}
-	$modificado = substr($modificado, 0 ,strlen($modificado)-1);
-	$modificado = str_replace("&", "&#038", $modificado); // �em
-	$modificado = str_replace("<", "&#60", $modificado); // para evitar que lo convierta en html
-	$modificado = str_replace(">", "&#62", $modificado); // �em
-	return $modificado;
-}
-
-/**
-* Displays the wysiwyg html editor.
-*/
-function display_html_editor_area($name,$resp)
-{
-	api_disp_html_area($name, get_lang('TypeYourMessage'), '', '100%');
-}
-
-/**
-* Get the new messages for the current user from the database.
-*/
-function get_new_messages()
-{
-	global $table_message;
-	if (!api_get_user_id()) {
-		return false;
-	}
-	$i=0;		
-	$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND msg_status=1;";
-	$result = api_sql_query($query,__FILE__,__LINE__);
-	$i = Database::num_rows($result);
-	return $i;
-}
-
-/**
-* Get the list of user_ids of users who are online.
-*/
-function users_connected_by_id()
-{
-	global $_configuration, $_user;
-	$minute=30;
-	$user_connect = WhoIsOnline($_user['user_id'],$_configuration['statistics_database'],$minute);
-	for ($i=0; $i<count($user_connect); $i++) {
-		$user_id_list[$i]=$user_connect[$i][0];
-	}
-	return $user_id_list;
-}
-
-/**
- * Gets the total number of messages, used for the inbox sortable table
- */
-function get_number_of_messages()
-{
-	global $table_message;
-	$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE user_receiver_id=".api_get_user_id();
-	$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
-	$result = Database::fetch_array($sql_result);
-	return $result['number_messages'];
-}
-
-/**
- * Gets information about some messages, used for the inbox sortable table
- * @param int $from
- * @param int $number_of_items
- * @param string $direction
- */
-function get_message_data($from, $number_of_items, $column, $direction)
-{
-	global $table_message;
-	$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3 FROM $table_message " .
-				 "WHERE user_receiver_id=".api_get_user_id()." " .
-				 "ORDER BY col$column $direction LIMIT $from,$number_of_items";
-	$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
-	$i = 0;
-	$message_list = array ();
-	while ($result = Database::fetch_row($sql_result)) {
-		$message[0] = $result[0];
-		$message[1] = GetFullUserName($result[1]);
-		//$message[1] = "<a href=\"view_message.php?id=".$result[0]."\" title=\"$texto\">".GetFullUserName($result[1])."</a>";
-		$message[2] = '<a href="view_message.php?id='.$result[0].'">'.$result[2].'</a>';
-		$message[3] = $result[3]; //date stays the same
-		
-		$message[4] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-					  '&nbsp;&nbsp;<a href="inbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
-		$message_list[] = $message;
-		$i++;
-	}
-	return $message_list;
-}
-
-/**
-* Displays the inbox of a user, listing all messages.
-* In the process of moving towards sortable table.
-*/
-function inbox_display()
-{
-	global $table_message;
-	//delete messages if delete action was chosen
-	if (isset ($_REQUEST['action']))
-	{
+require_once '../messages/message.class.php';
+function inbox_display() {
+	$table_message = Database::get_main_table(TABLE_MESSAGE); 
+	$request=api_is_xml_http_request();
+	
+	if (isset ($_REQUEST['action'])) {
 		switch ($_REQUEST['action']) {
 			case 'delete' :
-				$number_of_selected_messages = count($_POST['id']);
-				foreach ($_POST['id'] as $index => $message_id) {
-					delete_message_by_user_receiver(api_get_user_id(), $message_id);	
-				}
-				Display::display_normal_message(get_lang('SelectedMessagesDeleted'));
-				break;
+			$number_of_selected_messages = count($_POST['id']);
+			foreach ($_POST['id'] as $index => $message_id) {
+				MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);	
+			}
+			Display::display_normal_message(get_lang('SelectedMessagesDeleted'));
+			break;
 			case 'deleteone' :
-				delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
-				Display::display_confirmation_message(get_lang('MessageDeleted'));
-				echo '<br / >';	
+			MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
+			Display::display_confirmation_message(get_lang('MessageDeleted'));
+			echo '<br/>';	
 			break;
 		}
 	}
-
+	
 	// display sortable table with messages of the current user
-	$table = new SortableTable('messages', 'get_number_of_messages', 'get_message_data', 1);
+	$table = new SortableTable('messages', 'get_number_of_messages_mask', 'get_message_data_mask', 1);
 	$table->set_header(0, '', false);
-	$table->set_header(1, get_lang('From'));
-	$table->set_header(2, get_lang('Title'));
-	$table->set_header(3, get_lang('Date'));
-	$table->set_header(4, get_lang('Actions'), false);
+	if ($request===true) {
+		$title= utf8_encode(get_lang('Title'));
+		$action=utf8_encode(get_lang('Actions'));
+		$param=true;
+	} else {
+		$title= get_lang('Title');
+		$action=get_lang('Actions');
+		$param=true;		
+	}
+	$table->set_header(1, get_lang('From'),$param);
+	$table->set_header(2,$title,$param);
+	$table->set_header(3, get_lang('Date'),$param);
+	$table->set_header(4,$action,$param);
 	$table->set_form_actions(array ('delete' => get_lang('DeleteSelectedMessages')));
 	$table->display();
 }
-
-function send_message($receiver_user_id, $title, $content)
-{
-	global $table_message; 
-	$query = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content ) ".
-			 " VALUES (".
-	 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '1', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."'".
-	 		 ");";
-	$result = api_sql_query($query,__FILE__,__LINE__);
-	return $result;	
+function get_number_of_messages_mask() {
+	return MessageManager::get_number_of_messages();
 }
-
-function delete_message_by_user_receiver($user_receiver_id,$id)
-{
-	global $table_message;
-	$query = "DELETE FROM $table_message " .
-			 "WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".Database::escape_string($id);
-	$result = api_sql_query($query,__FILE__,__LINE__);
-	return $result;	
+function get_message_data_mask($from, $number_of_items, $column, $direction) {
+	return MessageManager::get_message_data($from, $number_of_items, $column, $direction);
+}
+function outbox_display() {
+	$table_message = Database::get_main_table(TABLE_MESSAGE); 
+	$request=api_is_xml_http_request();
+
+if (isset ($_REQUEST['action'])) {
+	switch ($_REQUEST['action']) {
+		case 'delete' :
+		$number_of_selected_messages = count($_POST['id']);
+		if ($number_of_selected_messages!=0) {
+			foreach ($_POST['id'] as $index => $message_id) {
+				MessageManager::delete_message_by_user_receiver(api_get_user_id(), $message_id);	
+			}
+		}
+		Display::display_normal_message(get_lang('SelectedMessagesDeleted'));
+		break;
+		case 'deleteone' :
+		MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_GET['id']);
+		Display::display_confirmation_message(get_lang('MessageDeleted'));
+		echo '<br/>';	
+		break;
+	}
 }
 
+// display sortable table with messages of the current user
+$table = new SortableTable('messages', 'get_number_of_messages_send_mask', 'get_message_data_send_mask', 1);
+if ($request===true) {
+	$title= utf8_encode(get_lang('Title'));
+	$action=utf8_encode(get_lang('Actions'));
+} else {
+	$title= get_lang('Title');
+	$action=get_lang('Actions');		
+}
+$table->set_header(0, '', false);
+$table->set_header(1, get_lang('From'));
+$table->set_header(2, $title);
+$table->set_header(3, get_lang('Date'));
+$table->set_header(4,$action, false);
+$table->set_form_actions(array ('delete' => get_lang('DeleteSelectedMessages')));
+	$table->display();
+}
+function get_number_of_messages_send_mask() {
+	return MessageManager::get_number_of_messages_send();
+}
+function get_message_data_send_mask($from, $number_of_items, $column, $direction) {
+	return MessageManager::get_message_data_send($from, $number_of_items, $column, $direction);
+}
 ?>
\ No newline at end of file
diff --git a/main/messages/inbox.php b/main/messages/inbox.php
index fba3b74c54..9c3b1e8290 100755
--- a/main/messages/inbox.php
+++ b/main/messages/inbox.php
@@ -5,7 +5,7 @@
 
 	Copyright (c) 2009 Dokeos SPRL
 	Copyright (c) 2009 Julio Montoya Armas <gugli100@gmail.com>
-	Copyright (c) Facultad de Matematicas, UADY (México)
+	Copyright (c) Facultad de Matematicas, UADY (México)
 	Copyright (c) Evie, Free University of Brussels (Belgium)		
 
 	For a full list of contributors, see "credits.txt".
@@ -31,14 +31,12 @@
 $language_file= 'messages';
 $cidReset=true;
 include_once ('../inc/global.inc.php');
-require_once (api_get_path(LIBRARY_PATH).'message.lib.php');
+require_once '../messages/message.class.php';
+include_once(api_get_path(LIBRARY_PATH).'/message.lib.php');
 api_block_anonymous_users();
-
 if (api_get_setting('allow_message_tool')!='true'){
 	api_not_allowed();
 }
-
-
 $htmlHeadXtra[]='<script language="javascript">
 <!--
 function enviar(miforma) 
@@ -71,25 +69,30 @@ function deselect_all(formita)
 		MAIN CODE
 ==============================================================================
 */
-
 $nameTools = get_lang('Messages');
-Display::display_header($nameTools,get_lang('Inbox'));
+$request=api_is_xml_http_request();
+if ($request===false) {
+	Display::display_header($nameTools,get_lang('Inbox'));
+	$link_ref="new_message.php";	
+} else {
+	$link_ref="../messages/new_message.php?rs=1";
+}
 api_display_tool_title(get_lang('Inbox'));
 
-$table_message = Database::get_course_table(TABLE_MESSAGE);
+$table_message = Database::get_main_table(TABLE_MESSAGE);
 
 echo '<div class=actions>';
-echo '<a href="new_message.php">'.Display::return_icon('message_new.png',get_lang('ComposeMessage')).get_lang('ComposeMessage').'</a>';
+echo '<a href="'.$link_ref.'">'.Display::return_icon('message_new.png',get_lang('ComposeMessage')).get_lang('ComposeMessage').'</a>';
 echo '</div>';
 
-if(!isset($_GET[del_msg])) {
+if (!isset($_GET['del_msg'])) {
 	inbox_display();
 } else {
 	$num_msg = $_POST['total'];
 	for ($i=0;$i<$num_msg;$i++) {
 		if($_POST[$i]) {
 			//the user_id was necesarry to delete a message??
-			delete_message_by_user_receiver(api_get_user_id(), $_POST['_'.$i]);			
+			MessageManager::delete_message_by_user_receiver(api_get_user_id(), $_POST['_'.$i]);			
 		}
 	}
 	inbox_display();
@@ -100,5 +103,7 @@ if(!isset($_GET[del_msg])) {
 		FOOTER 
 ==============================================================================
 */ 
-Display::display_footer();
+if ($request===false) {
+	Display::display_footer();
+}
 ?>
\ No newline at end of file
diff --git a/main/messages/message.class.php b/main/messages/message.class.php
new file mode 100755
index 0000000000..eb94429a0f
--- /dev/null
+++ b/main/messages/message.class.php
@@ -0,0 +1,277 @@
+<?php
+/*
+==============================================================================
+	Dokeos - elearning and course management software
+
+	Copyright (c) 2004-2009 Dokeos SPRL
+	Copyright (c) Julio Montoya <gugli100@gmail.com>
+
+	For a full list of contributors, see "credits.txt".
+	The full license can be read in "license.txt".
+
+	This program is free software; you can redistribute it and/or
+	modify it under the terms of the GNU General Public License
+	as published by the Free Software Foundation; either version 2
+	of the License, or (at your option) any later version.
+
+	See the GNU General Public License for more details.
+
+	Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
+	Mail: info@dokeos.com
+	
+==============================================================================
+*/
+include_once(api_get_path(LIBRARY_PATH).'/main_api.lib.php');
+include_once(api_get_path(LIBRARY_PATH).'/online.inc.php');
+class MessageManager {	
+	function MessageManager() {
+		
+	}
+	public static function get_online_user_list($current_user_id) {
+		$min=30;
+		global $_configuration;
+		$userlist = WhoIsOnline($current_user_id,$_configuration['statistics_database'],$min);
+		foreach($userlist as $row) {
+			$receiver_id = $row[0];
+			$online_user_list[$receiver_id] = GetFullUserName($receiver_id).($current_user_id==$receiver_id?("&nbsp;(".get_lang('Myself').")"):(""));
+		}
+		return $online_user_list;
+	}
+	
+	/**
+	* Displays info stating that the message is sent successfully.
+	*/
+	public static function display_success_message($uid) {
+		$success= get_lang('MessageSentTo').
+				"&nbsp;<b>".
+				GetFullUserName($uid).
+				"</b>".
+				"<br><a href=\"".
+				"inbox.php\">".
+				get_lang('BackToInbox').
+				"</a>";
+		Display::display_confirmation_message($success, false);
+	}
+	
+	/**
+	* Displays the wysiwyg html editor.
+	*/
+	public static function display_html_editor_area($name,$resp) {
+		api_disp_html_area($name, get_lang('TypeYourMessage'), '', '100%');
+	}
+	
+	/**
+	* Get the new messages for the current user from the database.
+	*/
+	public static function get_new_messages() {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		if (!api_get_user_id()) {
+			return false;
+		}
+		$i=0;		
+		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND msg_status=1";
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		$i = Database::num_rows($result);
+		return $i;
+	}
+	
+	/**
+	* Get the list of user_ids of users who are online.
+	*/
+	public static function users_connected_by_id() {
+		global $_configuration, $_user;
+		$minute=30;
+		$user_connect = WhoIsOnline($_user['user_id'],$_configuration['statistics_database'],$minute);
+		for ($i=0; $i<count($user_connect); $i++) {
+			$user_id_list[$i]=$user_connect[$i][0];
+		}
+		return $user_id_list;
+	}
+	
+	/**
+	 * Gets the total number of messages, used for the inbox sortable table
+	 */
+	public static function get_number_of_messages () {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status IN (0,1) AND user_receiver_id=".api_get_user_id();
+		$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
+		$result = Database::fetch_array($sql_result);
+		return $result['number_messages'];
+	}
+	
+	/**
+	 * Gets information about some messages, used for the inbox sortable table
+	 * @param int $from
+	 * @param int $number_of_items
+	 * @param string $direction
+	 */
+	public static function get_message_data ($from, $number_of_items, $column, $direction) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$request=api_is_xml_http_request();
+		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3 FROM $table_message " .
+					 "WHERE user_receiver_id=".api_get_user_id()." AND msg_status IN (0,1)" .
+					 "ORDER BY col$column $direction LIMIT $from,$number_of_items";
+		$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
+		$i = 0;
+		$message_list = array ();
+		while ($result = Database::fetch_row($sql_result)) {
+			$message[0] = ($result[0]);
+			if ($request===true) {
+				$message[1] = utf8_encode(GetFullUserName(($result[1])));
+				$message[2] = '<a href="../messages/view_message.php?rs=1&amp;id='.$result[0].'">'.utf8_encode($result[2]).'</a>';
+				$message[4] = '<a href="../messages/new_message.php?rs=1&amp;re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a href="../messages/inbox.php?rs=1&amp;action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			} else {
+				$message[1] = GetFullUserName(($result[1]));
+				$message[2] = '<a href="view_message.php?id='.$result[0].'">'.$result[2].'</a>';
+				$message[4] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a href="inbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';	
+			}
+			$message[3] = ($result[3]); //date stays the same
+			$message_list[] = $message;
+			
+			$i++;
+		}
+		return $message_list;
+	}
+	
+	 public static function send_message ($receiver_user_id, $title, $content) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content ) ".
+				 " VALUES (".
+		 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '1', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."'".
+		 		 ")";
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		return $result;	
+	}
+	
+	 public static function delete_message_by_user_receiver ($user_receiver_id,$id) {	
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "DELETE FROM $table_message " .
+				 "WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".Database::escape_string($id);
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		return $result;	
+	}
+	public static function delete_message_by_user_sender ($user_sender_id,$id) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "UPDATE $table_message " .
+				 "SET msg_status=8 WHERE user_sender_id=".Database::escape_string($user_sender_id)." AND id=".Database::escape_string($id);
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		return $result;		
+	}
+	public static function update_message ($user_id, $id) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "UPDATE $table_message SET msg_status = '0' WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = api_sql_query($query,__FILE__,__LINE__);	
+	}
+	
+	 public static function get_message_by_user ($user_id,$id) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		return $row = Database::fetch_array($result);
+	}
+	
+	 public static function exist_message ($user_id, $id) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$query = "SELECT id FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = api_sql_query($query,__FILE__,__LINE__);
+		$num = Database::num_rows($result);
+		if ($num>0)
+			return true;
+		else
+			return false;	
+	}
+	 public static function get_message_data_send ($from, $number_of_items, $column, $direction) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$request=api_is_xml_http_request();
+		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3 FROM $table_message " .
+					 "WHERE user_sender_id=".api_get_user_id()." AND msg_status IN (0,1)" .
+					 "ORDER BY col$column $direction LIMIT $from,$number_of_items";
+		$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
+		$i = 0;
+		$message_list = array ();
+		while ($result = Database::fetch_row($sql_result)) {
+			$message[0] = $result[0];
+			if ($request===true) {
+				$message[1] = utf8_encode(GetFullUserName($result[1]));
+				$message[2] = '<a href="../messages/view_message.php?rs=1&amp;id_send='.$result[0].'">'.utf8_encode($result[2]).'</a>';
+				$message[4] = '<a href="../messages/new_message.php?rs=1&amp;re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a href="../messages/outbox.php?rs=1&amp;action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			} else {
+				$message[1] = GetFullUserName($result[1]);
+				$message[2] = '<a href="../messages/view_message.php?id_send='.$result[0].'">'.$result[2].'</a>';
+				$message[4] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a href="outbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			}
+			$message[3] = $result[3]; //date stays the same
+			$message_list[] = $message;
+			$i++;
+		}
+		return $message_list;
+	}
+	 public static function get_number_of_messages_send () {
+		$table_message = Database::get_main_table(TABLE_MESSAGE); 
+		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status IN (0,1) AND user_sender_id=".api_get_user_id();
+		$sql_result = api_sql_query($sql_query,__FILE__,__LINE__);
+		$result = Database::fetch_array($sql_result);
+		return $result['number_messages'];
+	}
+	public static function show_message_box () {
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		if (isset($_GET['id_send'])) {
+			$query = "SELECT * FROM $table_message WHERE user_sender_id=".api_get_user_id()." AND id=".$_GET['id_send']." AND msg_status IN (0,1);";
+			$result = api_sql_query($query,__FILE__,__LINE__);
+		} else {
+			$query = "UPDATE $table_message SET msg_status = '0' WHERE user_receiver_id=".api_get_user_id()." AND id='".Database::escape_string($_GET['id'])."';";
+			$result = api_sql_query($query,__FILE__,__LINE__);
+			$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND id='".Database::escape_string($_GET['id'])."';";
+			$result = api_sql_query($query,__FILE__,__LINE__);
+		}
+		$row = Database::fetch_array($result);
+		$user_con = self::users_connected_by_id();
+		$band=0;
+		$reply='';
+		for ($i=0;$i<count($user_con);$i++)
+			if ($row[1]==$user_con[$i])
+				$band=1;	
+		if ($band==1 && !isset($_GET['id_send'])) {
+			$reply = '<a href="new_message.php?re_id='.$_GET['id'].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).get_lang('ReplyToMessage').'</a>';
+		}
+		echo '<div class=actions>';
+		echo $reply; 
+		echo '<a href="inbox.php?action=deleteone&id='.$row[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).''.get_lang('Delete').'</a>';
+		echo '</div><br />';
+		echo '
+		<table class="message_view_table" >
+		    <TR>
+		      <TD width=10>&nbsp; </TD>
+		      <TD vAlign=top width="100%">
+		      	<TABLE>      
+		            <TR>
+		              <TD width="100%">                              
+		                    <TR> <h1>'.$row[5].'</h1></TR>
+		              </TD>              		
+		              <TR>                       
+		              	<TD>'.get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1],$mysqlMainDb).'</b> '.strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2],$mysqlMainDb).'</b> </TD>
+		              </TR>                    
+		              <TR>
+		              <TD >'.get_lang('Date').'&nbsp; '.$row[4].'</TD>                      
+		              </TR>              
+		            </TR>          
+		        </TABLE>	      		
+		        <br />
+		        <TABLE height=209 width="100%" bgColor=#ffffff>
+		          <TBODY>
+		            <TR>
+		              <TD vAlign=top>'.$row[6].'</TD>
+		            </TR>
+		          </TBODY>
+		        </TABLE>
+		        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
+		      <TD width=10>&nbsp;</TD>
+		    </TR>
+		</TABLE>';
+	}
+}
+?>
\ No newline at end of file
diff --git a/main/messages/new_message.php b/main/messages/new_message.php
index 0fc925fbda..1f9a02c664 100755
--- a/main/messages/new_message.php
+++ b/main/messages/new_message.php
@@ -1,11 +1,11 @@
-<?php // $Id: new_message.php 17903 2009-01-21 19:50:57Z juliomontoya $
+<?php // $Id: new_message.php 18274 2009-02-05 22:34:52Z iflorespaz $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
 
 	Copyright (c) 2009 Dokeos SPRL
 	Copyright (c) 2009 Julio Montoya Armas <gugli100@gmail.com>
-	Copyright (c) Facultad de Matematicas, UADY (México)
+	Copyright (c) Facultad de Matematicas, UADY (México)
 	Copyright (c) Evie, Free University of Brussels (Belgium)		
 
 	For a full list of contributors, see "credits.txt".
@@ -47,11 +47,9 @@ if (api_get_setting('allow_message_tool')!='true'){
 }
 
 
-require_once(api_get_path(LIBRARY_PATH).'message.lib.php');
+require_once'../messages/message.class.php';
 require_once(api_get_path(LIBRARY_PATH).'/text.lib.php');
 require_once(api_get_path(LIBRARY_PATH).'/formvalidator/FormValidator.class.php');
-$table_message = Database::get_course_table(TABLE_MESSAGE);
-
 /*
 -----------------------------------------------------------
 	Constants and variables
@@ -71,8 +69,35 @@ function validate(form,list)
 }
 
 </script>';
+$htmlHeadXtra[] = '<script src="../inc/lib/javascript/jquery.js" type="text/javascript" language="javascript"></script>'; //jQuery
+$htmlHeadXtra[] = '<script type="text/javascript">
+$(document).ready(function (){
+	cont=0;
+      $("#id_text_name").bind("keyup", function(){
+      	name=$("#id_text_name").get(0).value;
+		$.ajax({
+				contentType: "application/x-www-form-urlencoded",
+				beforeSend: function(objeto) {
+				/*$("#id_div_search").html("buscando...");*/ },
+				type: "POST",
+				url: "../social/select_options.php",
+				data: "search="+name,
+				success: function(datos){
+				$("#id_div_search").html(datos)
+				$("#id_search_name").bind("click", function(){
+					name_option=$("select#id_search_name option:selected").text();
+					code_option=$("select#id_search_name option:selected").val();
+					 $("#user_list").attr("value", code_option);
+					 $("#id_text_name").attr("value", name_option);
+					 $("#id_div_search").html("");
+					 cont++;
+				 });
+				},	
+		});
+      });  
+});
+	</script>';	
 $nameTools = get_lang('ComposeMessage');
-
 /*
 ==============================================================================
 		FUNCTIONS
@@ -82,80 +107,84 @@ $nameTools = get_lang('ComposeMessage');
 /**
 * Shows the compose area + a list of users to select from.
 */
-function show_compose_to_any($user_id)
-{
-	$online_user_list = get_online_user_list($user_id);
+function show_compose_to_any ($user_id) {
+	$online_user_list = MessageManager::get_online_user_list($user_id);
 	$default['user_list'] = $user_id;
 	manage_form($default, $online_user_list);
 }
 
-function show_compose_reply_to_message($message_id, $receiver_id)
-{
-	global $table_message;
+function show_compose_reply_to_message ($message_id, $receiver_id) {
+	$table_message = Database::get_main_table(TABLE_MESSAGE);
 	$query = "SELECT * FROM $table_message WHERE user_receiver_id=".$receiver_id." AND id='".$message_id."';";
 	$result = api_sql_query($query,__FILE__,__LINE__);
 	$row = Database::fetch_array($result);
 
-	if(!isset($row[1]))
-	{
+	if (!isset($row[1])) {
 		echo get_lang('InvalidMessageId');
 		die();
 	}
-	
 	echo get_lang('To').':&nbsp;<strong>'.	GetFullUserName($row[1]).'</strong>';
-	
 	$default['title'] =get_lang('EnterTitle');
 	$default['user_list'] = $row[1];
-
 	manage_form($default);
 }
 
-function show_compose_to_user($receiver_id)
-{
+function show_compose_to_user ($receiver_id) {
 	echo get_lang('To').':&nbsp;<strong>'.	GetFullUserName($receiver_id).'</strong>';
 	$default['title'] = get_lang('EnterTitle');
 	$default['user_list'] = $receiver_id;
 	manage_form($default);
 }
 
-function manage_form($default, $select_from_user_list = null)
-{
-	global $table_message;
+function manage_form ($default, $select_from_user_list = null) {
+	$table_message = Database::get_main_table(TABLE_MESSAGE);
 	
 	$form = new FormValidator('compose_message');
-	if (isset($select_from_user_list))
-	{
-		$form->addElement('select', 'user_list', get_lang('SendMessageTo'), $select_from_user_list);
+	if (isset($select_from_user_list)) {
+		$form->addElement('text','id_text_name',get_lang('SendMessageTo'),array('size' => 40,'id'=>'id_text_name'));
+		$form->addElement('html','<div id="id_div_search" class="message-search">&nbsp;</div>');
+		$form->addElement('hidden','user_list','',array('id'=>'user_list'));
+		//$form->addElement('select','user_list',get_lang('SendMessageTo'),$select_from_user_list);
 	} else {
-		$form->addElement('hidden', 'user_list');
+		//$form->addElement('hidden','user_list');
+		$form->addElement('hidden','user_list','',array('id'=>'user_list'));
 	}
 	$form->add_textfield('title', get_lang('Title'));
 	$form->add_html_editor('content', '',false,false);
 	$form->addElement('submit', 'compose', get_lang('Send'));
 	$form->setDefaults($default);
 
-	if($form->validate()) {
+	if ($form->validate()) {
 		$values = $form->exportValues();
 		$receiver_user_id = $values['user_list'];
 		$title = $values['title'];
 		$content = $values['content'];
 		//all is well, send the message
-		send_message($receiver_user_id, $title, $content);
-		display_success_message($receiver_user_id);
+		MessageManager::send_message($receiver_user_id, $title, $content);
+		MessageManager::display_success_message($receiver_user_id);
 	} else {
 		$form->display();
 	}
 }
-
 /*
 ==============================================================================
 		MAIN SECTION
 ==============================================================================
 */
-$interbreadcrumb[] = array ('url' => 'inbox.php', 'name' => get_lang('Messages'));
-Display::display_header($nameTools, get_lang('ComposeMessage'));
+if (isset($_GET['rs'])) {
+	$interbreadcrumb[] = array ('url' => 'inbox.php', 'name' => get_lang('Messages'));
+	$interbreadcrumb[]= array (
+		'url' => '../social/'.$_SESSION['social_dest'],
+		'name' => get_lang('SocialNetwork')
+	);
+}
+	$interbreadcrumb[]= array (
+		'url' => '#',
+		'name' => get_lang('ComposeMessage')
+	);
+Display::display_header('');
 api_display_tool_title($nameTools);
-if(!isset($_POST['compose'])) {
+if (!isset($_POST['compose'])) {
 	if(isset($_GET['re_id'])) {
 		$message_id = $_GET['re_id'];
 		$receiver_id = api_get_user_id();
@@ -174,8 +203,6 @@ if(!isset($_POST['compose'])) {
 		Display::display_error_message(get_lang('ErrorSendingMessage'));
 	}
 }
-
-
 /*
 ==============================================================================
 		FOOTER
diff --git a/main/messages/outbox.php b/main/messages/outbox.php
new file mode 100755
index 0000000000..ab454a570e
--- /dev/null
+++ b/main/messages/outbox.php
@@ -0,0 +1,114 @@
+<?php 
+/*
+==============================================================================
+	Dokeos - elearning and course management software
+
+	Copyright (c) 2009 Dokeos SPRL
+	Copyright (c) 2009 Julio Montoya Armas <gugli100@gmail.com>
+	Copyright (c) Facultad de Matematicas, UADY (México)
+	Copyright (c) Evie, Free University of Brussels (Belgium)		
+
+	For a full list of contributors, see "credits.txt".
+	The full license can be read in "license.txt".
+
+	This program is free software; you can redistribute it and/or
+	modify it under the terms of the GNU General Public License
+	as published by the Free Software Foundation; either version 2
+	of the License, or (at your option) any later version.
+
+	See the GNU General Public License for more details.
+
+    Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
+    Mail: info@dokeos.com
+==============================================================================
+*/
+/*
+==============================================================================
+		INIT SECTION
+==============================================================================
+*/ 
+// name of the language file that needs to be included 
+$language_file= 'messages';
+$cidReset=true;
+include_once ('../inc/global.inc.php');
+require_once (api_get_path(LIBRARY_PATH).'message.lib.php');
+api_block_anonymous_users();
+
+if (api_get_setting('allow_message_tool')!='true'){
+	api_not_allowed();
+}
+
+
+$htmlHeadXtra[]='<script language="javascript">
+<!--
+function enviar(miforma) 
+{ 
+	if(confirm("'.get_lang("SureYouWantToDeleteSelectedMessages").'"))
+		miforma.submit();
+} 
+function select_all(formita)
+{ 
+   for (i=0;i<formita.elements.length;i++) 
+	{
+      		if(formita.elements[i].type == "checkbox") 			
+				formita.elements[i].checked=1			
+	}
+}
+function deselect_all(formita)
+{ 
+   for (i=0;i<formita.elements.length;i++) 
+	{
+      		if(formita.elements[i].type == "checkbox") 			
+				formita.elements[i].checked=0			
+	}	
+}
+//-->
+</script>';
+
+
+/*
+==============================================================================
+		MAIN CODE
+==============================================================================
+*/
+
+$nameTools = get_lang('Messages');
+$request=api_is_xml_http_request();
+if ($request===false) {
+	Display::display_header($nameTools,get_lang('Outbox'));
+}
+api_display_tool_title(get_lang('Outbox'));
+
+$table_message = Database::get_main_table(TABLE_MESSAGE);
+
+echo '<div class=actions>';
+echo get_lang('ReadMessageComment');
+echo '</div>';
+
+$user_sender_id=api_get_user_id();
+$id=Security::remove_XSS($_GET['id']);
+
+if (isset($_GET['action']) && $_GET['action']=='deleteone') {
+	MessageManager::delete_message_by_user_sender($user_sender_id,$id);
+}
+if (!isset($_GET[del_msg])) {
+	outbox_display();
+} else {
+	$num_msg = $_POST['total'];
+	for ($i=0;$i<$num_msg;$i++) {
+		if($_POST[$i]) {
+			//the user_id was necesarry to delete a message??
+			delete_message_by_user_receiver(api_get_user_id(), $_POST['_'.$i]);			
+		}
+	}
+	inbox_display();
+}
+/*
+==============================================================================
+		FOOTER 
+==============================================================================
+*/
+if ($request===false) {
+	Display::display_footer();
+}
+?>
\ No newline at end of file
diff --git a/main/messages/view_message.php b/main/messages/view_message.php
index 327793a4cb..24e1e93ffe 100755
--- a/main/messages/view_message.php
+++ b/main/messages/view_message.php
@@ -1,11 +1,11 @@
-<?php // $Id: view_message.php 17903 2009-01-21 19:50:57Z juliomontoya $
+<?php // $Id: view_message.php 18274 2009-02-05 22:34:52Z iflorespaz $
 /*
 ==============================================================================
 	Dokeos - elearning and course management software
 
 	Copyright (c) 2009 Dokeos SPRL
 	Copyright (c) 2009 Julio Montoya Armas <gugli100@gmail.com>
-	Copyright (c) Facultad de Matematicas, UADY (México)
+	Copyright (c) Facultad de Matematicas, UADY (México)
 	Copyright (c) Evie, Free University of Brussels (Belgium)	
 
 	For a full list of contributors, see "credits.txt".
@@ -28,82 +28,39 @@
 		INIT SECTION
 =========================================================================5====
 */
-
 // name of the language file that needs to be included
 $language_file= 'messages';
+$cidReset= true;
 include_once('../inc/global.inc.php');
 api_block_anonymous_users();
 if (api_get_setting('allow_message_tool')!='true'){
 	api_not_allowed();
 }
-
-
 require_once(api_get_path(LIBRARY_PATH).'message.lib.php');
-$nameTools = get_lang('Messages');
-
-$interbredcrump[]=array('url' => 'inbox.php','name' => get_lang('Inbox'));
-Display::display_header($nameTools,get_lang('Messages'));
-
+$interbreadcrumb[]=array('url' => '#','name' => get_lang('Inbox'));
+if (isset($_GET['id_send'])) {
+	if (isset($_GET['rs'])) {
+		$interbreadcrumb[]= array (
+			'url' => '../social/'.$_SESSION['social_dest'].'?#remote-tab-2',
+			'name' => get_lang('SocialNetwork')
+		);
+	}	
+} else {
+	if (isset($_GET['rs'])) {
+		$interbreadcrumb[]= array (
+			'url' => '../social/'.$_SESSION['social_dest'],
+			'name' => get_lang('SocialNetwork')
+		);
+	}	
+}
+/*
+==============================================================================
+		HEADER
+==============================================================================
+*/
+Display::display_header('');
 api_display_tool_title(get_lang('ReadMessage'));
-
-$table_message = Database::get_course_table(TABLE_MESSAGE);
-
-$query = "UPDATE $table_message SET msg_status = '0' WHERE user_receiver_id=".api_get_user_id()." AND id='".Database::escape_string($_GET['id'])."';";
-$result = api_sql_query($query,__FILE__,__LINE__);
-
-$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND id='".Database::escape_string($_GET['id'])."';";
-$result = api_sql_query($query,__FILE__,__LINE__);
-$row = Database::fetch_array($result);
-
-$user_con = users_connected_by_id();
-$band=0;
-$reply='';
-for($i=0;$i<count($user_con);$i++)
-	if($row[1]==$user_con[$i])
-		$band=1;	
-if($band==1)
-	$reply = '<a href="new_message.php?re_id='.$_GET['id'].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).get_lang('ReplyToMessage').'</a>';
-	
-echo '<div class=actions>';
-echo '<a href="inbox.php">&laquo;&nbsp;'.get_lang('BackToInbox').'</a>';
-echo $reply; 
-echo '<a href="inbox.php?action=deleteone&id='.$row[0].'"  onclick="javascript:if(!confirm('."'".addslashes(htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).''.get_lang('Delete').'</a>';
-echo '</div><br />';
-
-echo '
-<table class="message_view_table" >
-    <TR>
-      <TD width=10>&nbsp; </TD>
-      <TD vAlign=top width="100%">
-      	<TABLE>      
-            <TR>
-              <TD width="100%">                              
-                    <TR> <h1>'.$row[5].'</h1></TR>
-              </TD>              		
-              <TR>                       
-              	<TD>'.get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1],$mysqlMainDb).'</b> '.strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2],$mysqlMainDb).'</b> </TD>
-              </TR>                    
-              <TR>
-              <TD >'.get_lang('Date').'&nbsp; '.$row[4].'</TD>                      
-              </TR>              
-            </TR>          
-        </TABLE>	      		
-        
-        <br />
-        <TABLE height=209 width="100%" bgColor=#ffffff>
-          <TBODY>
-            <TR>
-              <TD vAlign=top>'.$row[6].'</TD>
-            </TR>
-          </TBODY>
-        </TABLE>
-        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
-      <TD width=10>&nbsp;</TD>
-    
-    </TR>
-</TABLE>';
-
- 	
+MessageManager::show_message_box();
 /*
 ==============================================================================
 		FOOTER