merge

16 years ago · ecf721e684
parent f01534de2d e0bc0def08
commit ecf721e684
19 changed files with 884 additions and 1021 deletions
--- a/main/css/blue_lagoon/default.css
+++ b/main/css/blue_lagoon/default.css
@ -2182,11 +2182,11 @@ div.comments {
 /* styles from the my.profile.php file */
 .message-content {
 	float:right;
-	margin:5px auto;
-	background:#FFF;
-	border:1px dotted #ccc;
+	margin:20px auto;
+	background:#F5E38E;
+	border:2px solid #EBCA4F;
 	padding:10px;
-	width:50%;
+	width:200px;
 	position:relative;
 }
 .message-content .message-delete {
@ -2207,8 +2207,8 @@ div.comments {
 	margin-right:-100px;
 }
 .message-title {
-	/* color:#ff0000;*/
-	font-size:12px;
+	color:#ff0000;
+	font-size:15px;
 }
 .message-body {
 	font-size:11px;
--- a/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/class.upload.php
+++ b/main/inc/lib/fckeditor/editor/plugins/ajaxfilemanager/inc/class.upload.php
@ -204,7 +204,7 @@ class Upload
 		{
 			$this->fileBaseName = $fileBaseName;
 		}
-		$this->fileBaseName=disable_dangerous_file(replace_dangerous_char(str_replace(' ','_',$this->fileBaseName)));// Juan Carlos Raña replace space by _ because fix long names. See: ajaxfilemanager/inc/class.manager.php. And add cleaning from dokeos replace_dangerous_char() and disable_dangerous_file()
+		$this->fileBaseName=disable_dangerous_file(replace_dangerous_char(str_replace(' ','_',$this->fileBaseName),'strict'));// Juan Carlos Raña replace space by _ because fix long names. See: ajaxfilemanager/inc/class.manager.php. And add cleaning from dokeos replace_dangerous_char() and disable_dangerous_file()
 		$fileName = $this->fileBaseName . $this->fileExtension;
 		$filePath = $dest . $fileName;

--- a/main/inc/lib/fileUpload.lib.php
+++ b/main/inc/lib/fileUpload.lib.php
@ -248,8 +248,8 @@ function handle_uploaded_document($_course,$uploaded_file,$base_work_dir,$upload
 	}
 	else
 	{
-		//clean up the name, only ASCII characters should stay.
-		$clean_name = replace_dangerous_char($uploaded_file['name']);
+		//clean up the name, only ASCII characters should stay. (and strict)
+		$clean_name = replace_dangerous_char($uploaded_file['name'], 'strict');
 		//no "dangerous" files
 		$clean_name = disable_dangerous_file($clean_name);
 		if(!filter_extension($clean_name))
@ -703,7 +703,7 @@ function treat_uploaded_file($uploadedFile, $baseWorkDir, $uploadPath, $maxFille
 		$fileName = trim($uploadedFile['name']);

 		// CHECK FOR NO DESIRED CHARACTERS
-		$fileName = replace_dangerous_char($fileName);
+		$fileName = replace_dangerous_char($fileName, 'strict');

 		// TRY TO ADD AN EXTENSION TO FILES WITOUT EXTENSION
 		$fileName = add_ext_on_mime($fileName,$uploadedFile['type']);
@ -1867,7 +1867,7 @@ $handle=opendir($path);
 	    else
 		{
 			//rename
-			$safe_file=disable_dangerous_file(replace_dangerous_char($file));
+			$safe_file=disable_dangerous_file(replace_dangerous_char($file, 'strict'));
 			@rename($base_work_dir.$current_path.'/'.$file,$base_work_dir.$current_path.'/'.$safe_file);

 			if(!DocumentManager::get_document_id($_course, $current_path.'/'.$safe_file))
--- a/main/inc/lib/message.lib.php
+++ b/main/inc/lib/message.lib.php
@ -1,29 +1,782 @@
 <?php
-/*
+/* For licensing terms, see /dokeos_license.txt */
+
+/**
+==============================================================================
+*	This class provides methods for messages management.
+*	Include/require it in your code to use its features.
+*
+*	@package dokeos.library
 ==============================================================================
-	Dokeos - elearning and course management software
+*/

-	Copyright (c) 2004-2008 Dokeos SPRL
-	Copyright (c) Julio Montoya <gugli100@gmail.com>
-	Copyright (c) Isaac Flores <florespaz_isaac@hotmail.com>
-	For a full list of contributors, see "credits.txt".
-	The full license can be read in "license.txt".

-	This program is free software; you can redistribute it and/or
-	modify it under the terms of the GNU General Public License
-	as published by the Free Software Foundation; either version 2
-	of the License, or (at your option) any later version.
+require_once api_get_path(LIBRARY_PATH).'online.inc.php';
+require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
+require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
+require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';

-	See the GNU General Public License for more details.
+/* 
+ * @todo use constants!
+ */
+define('MESSAGE_STATUS_NEW',				'0');
+define('MESSAGE_STATUS_UNREAD',				'1');
+define('MESSAGE_STATUS_DELETED',			'2');

-	Contact address: Dokeos, rue du Corbeau, 108, B-1030 Brussels, Belgium
-	Mail: info@dokeos.com
+define('MESSAGE_STATUS_INVITATION_PENDING',	'5');
+define('MESSAGE_STATUS_INVITATION_ACCEPTED','6');
+define('MESSAGE_STATUS_INVITATION_DENIED',	'7');

-==============================================================================
-*/
+class MessageManager
+{
+	function MessageManager() {
+
+	}
+	public static function get_online_user_list($current_user_id) {
+		$min=30;
+		global $_configuration;
+		$userlist = WhoIsOnline($current_user_id,$_configuration['statistics_database'],$min);
+		foreach($userlist as $row) {
+			$receiver_id = $row[0];
+			$online_user_list[$receiver_id] = GetFullUserName($receiver_id).($current_user_id==$receiver_id?("&nbsp;(".get_lang('Myself').")"):(""));
+		}
+		return $online_user_list;
+	}
+
+	/**
+	* Displays info stating that the message is sent successfully.
+	*/
+	public static function display_success_message($uid) {
+			global $charset;
+		if ($_SESSION['social_exist']===true) {
+			$redirect="#remote-tab-2";
+			if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
+				$success=get_lang('MessageSentTo').
+				"&nbsp;<b>".
+				GetFullUserName($uid).
+				"</b>";
+			}else {
+				$success=get_lang('MessageSentTo').
+				"&nbsp;<b>".
+				GetFullUserName($uid).
+				"</b>";
+			}
+		} else {
+				$success=get_lang('MessageSentTo').
+				"&nbsp;<b>".
+				GetFullUserName($uid).
+				"</b>";
+		}
+		Display::display_confirmation_message(api_xml_http_response_encode($success), false);
+	}
+
+	/**
+	* Displays the wysiwyg html editor.
+	*/
+	public static function display_html_editor_area($name, $resp) {
+		api_disp_html_area($name, get_lang('TypeYourMessage'), '', '', null, array('ToolbarSet' => 'Messages', 'Width' => '95%', 'Height' => '250'));
+	}
+
+	/**
+	* Get the new messages for the current user from the database.
+	*/
+	public static function get_new_messages() {
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		if (!api_get_user_id()) {
+			return false;
+		}
+		$i=0;
+		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND msg_status=1";
+		$result = Database::query($query,__FILE__,__LINE__);
+		$i = Database::num_rows($result);
+		return $i;
+	}
+
+	/**
+	* Get the list of user_ids of users who are online.
+	*/
+	public static function users_connected_by_id() {
+		global $_configuration, $_user;
+		$minute=30;
+		$user_connect = WhoIsOnline($_user['user_id'],$_configuration['statistics_database'],$minute);
+		for ($i=0; $i<count($user_connect); $i++) {
+			$user_id_list[$i]=$user_connect[$i][0];
+		}
+		return $user_id_list;
+	}
+
+	/**
+	 * Gets the total number of messages, used for the inbox sortable table
+	 */
+	public static function get_number_of_messages () {
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status IN (0,1) AND user_receiver_id=".api_get_user_id();
+		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
+		$result = Database::fetch_array($sql_result);
+		return $result['number_messages'];
+	}
+
+	/**
+	 * Gets information about some messages, used for the inbox sortable table
+	 * @param int $from
+	 * @param int $number_of_items
+	 * @param string $direction
+	 */
+	public static function get_message_data ($from, $number_of_items, $column, $direction) {
+		global $charset;
+		$from = intval($from);
+		$number_of_items = intval($number_of_items);
+		$column = intval($column);
+		if (!in_array($direction, array('ASC', 'DESC')))
+			$direction = 'ASC';
+
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$request=api_is_xml_http_request();
+		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3, msg_status as col4 FROM $table_message " .
+					 "WHERE user_receiver_id=".api_get_user_id()." AND msg_status IN (0,1)" .
+					 "ORDER BY send_date desc, col$column $direction LIMIT $from,$number_of_items";
+		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
+		$i = 0;
+		$message_list = array ();
+		while ($result = Database::fetch_row($sql_result)) {
+			if ($request===true) {
+				$message[0] = '<input type="checkbox" value='.$result[0].' name="id[]">';
+			 } else {
+				$message[0] = ($result[0]);
+			 }
+
+			if ($request===true) {
+				if($result[4]==0)
+            	{
+					$message[1] = Display::return_icon('mail_open.png',get_lang('AlreadyReadMessage'));//Message already read
+				}
+				else
+				{
+					$message[1] = Display::return_icon('mail.png',get_lang('UnReadMessage'));//Message without reading
+				}
+
+				$message[2] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.GetFullUserName($result[1]).'</a>';
+				$message[3] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
+				$message[5] = '<a onclick="reply_to_messages(\'show\','.$result[0].',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a onclick="delete_one_message('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			} else {
+				$message[2] = '<a href="view_message.php?id='.$result[0].'">'.GetFullUserName(($result[1])).'</a>';;
+				$message[3] = '<a href="view_message.php?id='.$result[0].'">'.$result[2].'</a>';
+				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a delete_one_message('.$result[0].') href="inbox.php?action=deleteone&id='.$result[0].'">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			}
+			$message[4] = ($result[3]); //date stays the same
+			foreach($message as $key => $value) {
+				$message[$key] = api_xml_http_response_encode($value);
+			}
+			$message_list[] = $message;
+
+			$i++;
+		}
+		return $message_list;
+	}
+
+	public static function send_message ($receiver_user_id, $title, $content, $file_attachments = array(), $file_comments = '', $group_id = 0, $parent_id = 0) {	
+        global $charset;
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$group_id = intval($group_id);
+        $receiver_user_id = intval($receiver_user_id);
+        $parent_id = intval($parent_id);
+
+        if (is_numeric($receiver_user_id)) {
+			$table_message = Database::get_main_table(TABLE_MESSAGE);
+	        $title = api_convert_encoding($title,$charset,'UTF-8');
+	        $content = api_convert_encoding($content,$charset,'UTF-8');
+			//message in inbox
+			$sql = "SELECT COUNT(*) as count FROM $table_message WHERE user_sender_id = ".api_get_user_id()." AND user_receiver_id='".Database::escape_string($receiver_user_id)."' AND title = '".Database::escape_string($title)."' AND content ='".Database::escape_string($content)."' ";
+			$res_exist = Database::query($sql,__FILE__,__LINE__);
+			$row_exist = Database::fetch_array($res_exist,'ASSOC');
+			if ($row_exist['count'] == 0) {								 		 
+				//message in outbox
+				$sql = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content ) ".
+						 " VALUES (".
+				 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '4', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."'".
+				 		 ")";
+				$rs = Database::query($sql,__FILE__,__LINE__);
+				$outbox_last_id = Database::insert_id();
+				
+				// save attachment file for outbox messages
+				if (is_array($file_attachments)) {
+					$o = 0;
+					foreach ($file_attachments as $file_attach) {						
+						if ($file_attach['error'] == 0) {
+							self::save_message_attachment_file($file_attach,$file_comments[$o],$outbox_last_id,api_get_user_id());
+						}
+						$o++;	
+					}
+				}
+				//message in inbox								 
+				$query = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content, group_id, parent_id ) ".
+						 " VALUES (".
+				 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '1', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."','$group_id','$parent_id'".
+				 		 ")";
+				$result = Database::query($query,__FILE__,__LINE__);				
+				$inbox_last_id = Database::insert_id();
+				
+				// save attachment file for inbox messages
+				if (is_array($file_attachments)) {
+					$i = 0;
+					foreach ($file_attachments as $file_attach) {						
+						if ($file_attach['error'] == 0) {
+							self::save_message_attachment_file($file_attach,$file_comments[$i],$inbox_last_id,null,$receiver_user_id);
+						}
+						$i++;	
+					}
+				}																				
+				return $result;
+			}
+        } else {
+        	return false;
+        }
+
+		return false;
+	}
+	
+	public static function delete_message_by_user_receiver ($user_receiver_id,$id) {
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		if ($id != strval(intval($id))) return false;
+		$id = Database::escape_string($id);
+		$sql="SELECT * FROM $table_message WHERE id=".$id." AND msg_status<>4;";
+		$rs=Database::query($sql,__FILE__,__LINE__);
+		
+		if (Database::num_rows($rs) > 0 ) {
+			$row = Database::fetch_array($rs);
+			// delete attachment file
+			$res = self::delete_message_attachment_file($id,$user_receiver_id);
+			// delete message
+			$query = "UPDATE $table_message SET msg_status=3 WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".$id;
+			//$query = "DELETE FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".$id;
+			$result = Database::query($query,__FILE__,__LINE__);			
+			return $result;
+		} else {
+			return false;
+		}
+	}
+	/**
+	 * Set status deleted
+	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
+	 * @param  integer
+	 * @param  integer
+	 * @return array
+	 */
+	public static function delete_message_by_user_sender ($user_sender_id,$id) {
+		if ($id != strval(intval($id))) return false;
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		
+		$id = intval($id);
+		$user_sender_id = intval($user_sender_id);
+		
+		$sql="SELECT * FROM $table_message WHERE id='$id'";
+		$rs=Database::query($sql,__FILE__,__LINE__);
+		
+		if (Database::num_rows($rs) > 0 ) {
+			$row = Database::fetch_array($rs);
+			// delete attachment file
+			$res = self::delete_message_attachment_file($id,$user_sender_id);
+			// delete message
+			$query = "UPDATE $table_message SET msg_status=3 WHERE user_sender_id='$user_sender_id' AND id='$id'";
+			//$query = "DELETE FROM $table_message WHERE user_sender_id='$user_sender_id' AND id='$id'";
+			$result = Database::query($query,__FILE__,__LINE__);					
+			return $result;		
+		}				
+		return false;
+	}
+	
+	public static function save_message_attachment_file($file_attach,$file_comment,$message_id,$receiver_user_id=0,$sender_user_id=0) {
+
+		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
+
+		// Try to add an extension to the file if it hasn't one
+		$new_file_name = add_ext_on_mime(stripslashes($file_attach['name']), $file_attach['type']);
+		
+		// user's file name
+		$file_name =$file_attach['name'];
+	
+		if (!filter_extension($new_file_name))  {
+			Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
+		} else {
+			$new_file_name = uniqid('');						
+
+			$message_user_id = '';
+			if (!empty($receiver_user_id)) {
+				$message_user_id = $receiver_user_id;
+			} else {
+				$message_user_id = $sender_user_id;
+			}			
+			
+			// User-reserved directory where photos have to be placed.
+			$path_user_info = UserManager::get_user_picture_path_by_id($message_user_id, 'system', true);
+			$path_message_attach = $path_user_info['dir'].'message_attachments/';
+					
+			// If this directory does not exist - we create it.
+			if (!file_exists($path_message_attach)) {
+				$perm = api_get_setting('permissions_for_new_directories');
+				$perm = octdec(!empty($perm) ? $perm : '0770');
+				@mkdir($path_message_attach, $perm, true);
+			}				
+
+			$new_path=$path_message_attach.$new_file_name;			
+			if (!empty($receiver_user_id)) {				
+				$result= @copy($file_attach['tmp_name'], $new_path);				
+			} else {
+				$result= @move_uploaded_file($file_attach['tmp_name'], $new_path);	
+			}
+
+			$safe_file_comment= Database::escape_string($file_comment);
+			$safe_file_name = Database::escape_string($file_name);
+			$safe_new_file_name = Database::escape_string($new_file_name);						
+			// Storing the attachments if any			
+			$sql="INSERT INTO $tbl_message_attach(filename,comment, path,message_id,size)
+				  VALUES ( '$safe_file_name', '$safe_file_comment', '$safe_new_file_name' , '$message_id', '".$file_attach['size']."' )";
+			$result=Database::query($sql, __LINE__, __FILE__);
+			$message.=' / '.get_lang('FileUploadSucces').'<br />';
+	
+		}	
+	}
+
+	/**
+	 * Delete message attachment file (logicaly updating the row with a suffix _DELETE_id)
+	 * @param  int		message id
+	 * @param  int		message user id (receiver user id or sender user id) 
+	 * @return void
+	 */
+	public static function delete_message_attachment_file($message_id,$message_uid) {
+
+		$message_id = intval($message_id);		
+		$message_uid = intval($message_uid);
+		$table_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
+		
+		$sql= "SELECT * FROM $table_message_attach WHERE message_id = '$message_id'";
+		$rs	= Database::query($sql,__FILE__,__LINE__);		
+		$new_paths = array();
+		while ($row = Database::fetch_array($rs)) {
+			$path 		= $row['path'];
+			$attach_id  = $row['id'];			
+			$new_path 	= $path.'_DELETED_'.$attach_id;
+			$path_user_info = UserManager::get_user_picture_path_by_id($message_uid, 'system', true);
+			$path_message_attach = $path_user_info['dir'].'message_attachments/';					
+			if (is_file($path_message_attach.$path)) {				
+				if(rename($path_message_attach.$path, $path_message_attach.$new_path)) {					
+					$sql_upd = "UPDATE $table_message_attach set path='$new_path' WHERE id ='$attach_id'";
+					$rs_upd = Database::query($sql_upd,__FILE__,__LINE__);					
+				} 							
+			}						
+		}				
+	}	
+	
+	public static function update_message ($user_id, $id) {
+		if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$query = "UPDATE $table_message SET msg_status = '0' WHERE msg_status<>4 AND user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = Database::query($query,__FILE__,__LINE__);
+	}
+
+	 public static function get_message_by_user ($user_id,$id) {
+	 	if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = Database::query($query,__FILE__,__LINE__);
+		return $row = Database::fetch_array($result);
+	}
+	
+	public static function get_messages_by_group($group_id) {	 	
+		if ($group_id != strval(intval($group_id))) return false;		
+	 	$table_message = Database::get_main_table(TABLE_MESSAGE);
+	 	$group_id = intval($group_id);	 			
+		$query = "SELECT * FROM $table_message WHERE group_id='$group_id' AND msg_status <> 4 ORDER BY id";		
+		$rs = Database::query($query,__FILE__,__LINE__);		
+		$data = array();
+		if (Database::num_rows($rs) > 0) {
+			while ($row = Database::fetch_array($rs)) {
+				$data[] = $row;
+			}		
+		}
+		return $data;
+	}
+	
+	/**
+	 * Gets information about if exist messages
+	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
+	 * @param  integer
+	 * @param  integer
+	 * @return boolean
+	 */
+	 public static function exist_message ($user_id, $id) {
+	 	if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$query = "SELECT id FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
+		$result = Database::query($query,__FILE__,__LINE__);
+		$num = Database::num_rows($result);
+		if ($num>0)
+			return true;
+		else
+			return false;
+	}
+	/**
+	 * Gets information about messages sent
+	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
+	 * @param  integer
+	 * @param  integer
+	 * @param  string
+	 * @return array
+	 */
+	 public static function get_message_data_sent ($from, $number_of_items, $column, $direction) {
+	 	global $charset;
+
+	 	$from = intval($from);
+		$number_of_items = intval($number_of_items);
+		$column = intval($column);
+		if (!in_array($direction, array('ASC', 'DESC')))
+			$direction = 'ASC';
+
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$request=api_is_xml_http_request();
+		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3, user_receiver_id as col4, msg_status as col5 FROM $table_message " .
+					 "WHERE user_sender_id=".api_get_user_id()." AND msg_status=4 " .
+					 "ORDER BY col$column $direction LIMIT $from,$number_of_items";
+
+		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
+		$i = 0;
+		$message_list = array ();
+		while ($result = Database::fetch_row($sql_result)) {
+			if ($request===true) {
+				$message[0] = '<input type="checkbox" value='.$result[0].' name="out[]">';
+			 } else {
+				$message[0] = ($result[0]);
+			 }
+
+			if ($request===true) {
+			   if ($result[5]==4)
+			   {
+			   		$message[1] = Display::return_icon('mail_send.png',get_lang('MessageSent'));//Message Sent
+			   }
+				$message[2] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.GetFullUserName($result[4]).'</a>';
+				$message[3] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
+				$message[5] = '&nbsp;&nbsp;<a onclick="delete_one_message_outbox('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			} else {
+				$message[2] = '<a onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].'">'.GetFullUserName($result[4]).'</a>';
+				$message[3] = '<a onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].'">'.$result[2].'</a>';
+				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
+						  '&nbsp;&nbsp;<a href="outbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
+			}
+			$message[4] = $result[3]; //date stays the same
+			foreach($message as $key => $value) {
+				$message[$key] = api_xml_http_response_encode($value);
+			}
+			$message_list[] = $message;
+			$i++;
+		}
+		return $message_list;
+	}
+	/**
+	 * Gets information about number messages sent
+	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
+	 * @param void
+	 * @return integer
+	 */
+	 public static function get_number_of_messages_sent () {
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status=4 AND user_sender_id=".api_get_user_id();
+		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
+		$result = Database::fetch_array($sql_result);
+		return $result['number_messages'];
+	}
+	
+	/**
+	 * display message box in the inbox 
+	 * @return void
+	 */
+	public static function show_message_box() {
+		global $charset;
+		
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
+		
+		$message_id = '';
+		if (isset($_GET['id_send']) && is_numeric($_GET['id_send'])) {
+			$query = "SELECT * FROM $table_message WHERE user_sender_id=".api_get_user_id()." AND id=".intval(Database::escape_string($_GET['id_send']))." AND msg_status=4;";
+			$result = Database::query($query,__FILE__,__LINE__);
+		    $path='outbox.php';
+		    $message_id = intval($_GET['id_send']);
+		} else {
+			if (is_numeric($_GET['id'])) {
+				$query = "UPDATE $table_message SET msg_status = '0' WHERE user_receiver_id=".api_get_user_id()." AND id='".intval(Database::escape_string($_GET['id']))."';";
+				$result = Database::query($query,__FILE__,__LINE__);
+				$query = "SELECT * FROM $table_message WHERE msg_status<>4 AND user_receiver_id=".api_get_user_id()." AND id='".intval(Database::escape_string($_GET['id']))."';";
+				$result = Database::query($query,__FILE__,__LINE__);				
+			}			
+			$path='inbox.php';
+			$message_id = intval($_GET['id']);
+		}
+
+		$row = Database::fetch_array($result);
+		
+		// get file attachments by message id
+		$files_attachments = '';
+		if (!empty($message_id)) {
+			$sql = "SELECT * FROM $tbl_message_attach WHERE message_id = '$message_id'";
+			$rs_file = Database::query($sql,__FILE__,__LINE__);				
+			if (Database::num_rows($rs_file) > 0) {
+				$attach_icon = Display::return_icon('attachment.gif');						
+				$archiveURL=api_get_path(WEB_CODE_PATH).'messages/download.php?type=inbox&file=';				
+				while ($row_file = Database::fetch_array($rs_file)) {				
+					$archiveFile = $row_file['path'];
+					$filename = $row_file['filename'];
+					$filesize = format_file_size($row_file['size']);
+					$filecomment = $row_file['comment'];
+					$files_attachments .= $attach_icon.'&nbsp;<a href="'.$archiveURL.$archiveFile.'">'.$filename.'</a>&nbsp;('.$filesize.')'.(!empty($filecomment)?'&nbsp;-&nbsp;'.$filecomment:'').'<br />'; 
+				}
+			}						
+		}
+		
+		$user_con = self::users_connected_by_id();
+		$band=0;
+		$reply='';
+		for ($i=0;$i<count($user_con);$i++)
+			if ($row[1]==$user_con[$i])
+				$band=1;
+		if ($band==1 && !isset($_GET['id_send'])) {
+			if (is_numeric($_GET['id'])) {
+				$reply = '<a onclick="reply_to_messages(\'show\','.Security::remove_XSS($_GET['id']).',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',api_xml_http_response_encode(get_lang('ReplyToMessage'))).api_xml_http_response_encode(get_lang('ReplyToMessage')).'</a>';
+			}
+		}
+		echo '<div class=actions>';
+		echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToInbox'))).api_xml_http_response_encode(get_lang('BackToInbox')).'</a>';
+		echo $reply;
+		echo '<a onclick="delete_one_message('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).''.api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
+		echo '</div><br />';
+		echo '
+		<table class="message_view_table" >
+		    <TR>
+		      <TD width=10>&nbsp; </TD>
+		      <TD vAlign=top width="100%">
+		      	<TABLE>
+		            <TR>
+		              <TD width="100%">
+		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
+		              </TD>
+		              <TR>
+		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
+		              </TR>
+		              <TR>
+		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>
+		              </TR>
+		            </TR>
+		        </TABLE>
+		        <br />
+		        <TABLE height=209 width="100%" bgColor=#ffffff>
+		          <TBODY>
+		            <TR>
+		              <TD vAlign=top>'.str_replace("\\","",api_xml_http_response_encode($row[6])).'</TD>
+		            </TR>
+		          </TBODY>
+		        </TABLE>
+		        '.$files_attachments.'				        		
+		        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
+		      <TD width=10>&nbsp;</TD>
+		    </TR>
+		</TABLE>';
+	}
+	
+	
+	/**
+	 * display message box sent showing it into outbox 
+	 * @return void
+	 */
+	public static function show_message_box_sent () {		
+		global $charset;		
+		$table_message = Database::get_main_table(TABLE_MESSAGE);
+		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
+		
+		$message_id = '';
+		if (is_numeric($_GET['id_send'])) {
+			$query = "SELECT * FROM $table_message WHERE user_sender_id=".api_get_user_id()." AND id=".intval(Database::escape_string($_GET['id_send']))." AND msg_status=4;";
+			$result = Database::query($query,__FILE__,__LINE__);
+			$message_id = intval($_GET['id_send']);
+		}
+		$path='outbox.php';
+
+		// get file attachments by message id
+		$files_attachments = '';
+		if (!empty($message_id)) {
+			$sql = "SELECT * FROM $tbl_message_attach WHERE message_id = '$message_id'";
+			$rs_file = Database::query($sql,__FILE__,__LINE__);				
+			if (Database::num_rows($rs_file) > 0) {
+				$attach_icon = Display::return_icon('attachment.gif');						
+				$archiveURL=api_get_path(WEB_CODE_PATH).'messages/download.php?type=outbox&file=';				
+				while ($row_file = Database::fetch_array($rs_file)) {				
+					$archiveFile = $row_file['path'];
+					$filename = $row_file['filename'];
+					$filesize = format_file_size($row_file['size']);
+					$filecomment = $row_file['comment'];
+					$files_attachments .= $attach_icon.'&nbsp;<a href="'.$archiveURL.$archiveFile.'">'.$filename.'</a>&nbsp;('.$filesize.')'.(!empty($filecomment)?'&nbsp;-&nbsp;'.$filecomment:'').'<br />'; 
+				}
+			}						
+		}
+
+		$row = Database::fetch_array($result);
+		$user_con = self::users_connected_by_id();
+		$band=0;
+		$reply='';
+		for ($i=0;$i<count($user_con);$i++)
+			if ($row[1]==$user_con[$i])
+				$band=1;
+		echo '<div class=actions>';
+		echo '<a onclick="close_and_open_outbox()" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToOutbox'))).api_xml_http_response_encode(get_lang('BackToOutbox')).'</a>';
+		echo '<a onclick="delete_one_message_outbox('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
+		echo '</div><br />';
+		echo '
+		<table class="message_view_table" >
+		    <TR>
+		      <TD width=10>&nbsp; </TD>
+		      <TD vAlign=top width="100%">
+		      	<TABLE>
+		            <TR>
+		              <TD width="100%">
+		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
+		              </TD>
+		              <TR>
+		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
+		              </TR>
+		              <TR>
+		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>
+		              </TR>
+		            </TR>
+		        </TABLE>
+		        <br />
+		        <TABLE height=209 width="100%" bgColor=#ffffff>
+		          <TBODY>
+		            <TR>
+		              <TD vAlign=top>'.str_replace("\\","",api_xml_http_response_encode($row[6])).'</TD>
+		            </TR>
+		          </TBODY>
+		        </TABLE>
+		        '.$files_attachments.'		
+		        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
+		      <TD width=10>&nbsp;</TD>
+		    </TR>
+		</TABLE>';
+	}
+	
+	/**
+	 * get user id by user email
+	 * @param string $user_email
+	 * @return int user id
+	 */
+	public static function get_user_id_by_email ($user_email) {
+		$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
+		$sql='SELECT user_id FROM '.$tbl_user.' WHERE email="'.Database::escape_string($user_email).'";';
+		$rs=Database::query($sql,__FILE__,__LINE__);
+		$row=Database::fetch_array($rs,'ASSOC');
+		if (isset($row['user_id'])) {
+			return $row['user_id'];
+		} else {
+			return null;
+		}
+	}
+	
+	/**
+	 * display messages for group with nested view 
+	 * @param int group id
+	 * @return void
+	 */
+	public static function display_messages_for_group($group_id) {
+				
+		global $origin;				
+		$rows = self::get_messages_by_group($group_id);		
+		$rows = self::calculate_children($rows);
+		$group_info = GroupPortalManager::get_group_data($group_id);		
+		$count=0;
+						
+		foreach ($rows as $message) {
+			$indent	= $message['indent_cnt']*'20';
+			$user_sender_info = UserManager::get_user_info_by_id($message['user_sender_id']); 
+			if (!empty($message['parent_id'])) {				
+				$message_parent_info = self::get_message_by_id($message['parent_id']);								
+				$user_parent_info = UserManager::get_user_info_by_id($message_parent_info['user_sender_id']);
+				$name_user_parent = api_get_person_name($user_parent_info['firstname'], $user_parent_info['lastname']);
+			}
+			$name=api_get_person_name($user_sender_info['firstname'], $user_sender_info['lastname']);						
+			echo "<div style=\"margin-left: ".$indent."px;padding:5px;border:1pt dotted black\">";
+			echo '<div id="message-title">'.$message['title'].'&nbsp;(&nbsp;'.$message['send_date'].'&nbsp;)&nbsp;</div>';						
+			echo '<div id="message-author">'.get_lang('From').'&nbsp;'.$name.'&nbsp;'.get_lang('ToGroup').'&nbsp;'.(!empty($message['parent_id'])?$name_user_parent:$group_info['name']).'</div>';			
+			echo '<div id="message-content">'.$message['content'].'</div>';
+			echo '<div id="actions">';
+			
+			if (!isset($message['children'])) {
+				echo '<a href="/main/messages/new_message.php?group_id='.$group_id.'&message_id='.$message['id'].'">'.Display::return_icon('forumthread_new.gif',api_xml_http_response_encode(get_lang('Reply'))).'&nbsp;'.api_xml_http_response_encode(get_lang('Reply')).'</a>';
+			}
+			echo '</div>';
+			echo '</div>';
+			$count++;						
+		}
+	}
+	
+	/**
+	 * Add children to messages by id is used for nested view messages  
+	 * @param array  rows of messages 
+	 * @return array new list adding the item children
+	 */	
+	public static function calculate_children($rows) {
+
+		foreach($rows as $row) {
+			$rows_with_children[$row["id"]]=$row;
+			$rows_with_children[$row["parent_id"]]["children"][]=$row["id"];
+		}		
+		$rows=$rows_with_children;
+		$sorted_rows=array(0=>array());
+		self::message_recursive_sort($rows, $sorted_rows);
+		unset($sorted_rows[0]);
+		return $sorted_rows;
+	}
+	
+	/**
+	 * Sort recursively the messages, is used for for nested view messages   
+	 * @param array  original rows of messages
+	 * @param array  list recursive of messages
+	 * @param int   seed for calculate the indent
+	 * @param int   indent for nested view 
+	 * @return void
+	 */	
+	public static function message_recursive_sort($rows, &$messages, $seed=0, $indent=0) {
+		if($seed>0) {
+			$messages[$rows[$seed]["id"]]=$rows[$seed];
+			$messages[$rows[$seed]["id"]]["indent_cnt"]=$indent;
+			$indent++;
+		}	
+		if(isset($rows[$seed]["children"])) {
+			foreach($rows[$seed]["children"] as $child) {
+				self::message_recursive_sort($rows, $messages, $child, $indent);
+			}
+		}
+	}
+	
+	/**
+	 * Get message list by id    
+	 * @param int  message id 
+	 * @return array  
+	 */	
+	public static function get_message_by_id($message_id) {
+		$tbl_message = Database::get_main_table(TABLE_MESSAGE);
+		$message_id = intval($message_id);				
+		$sql = "SELECT * FROM $tbl_message WHERE id = '$message_id'";
+		$res = Database::query($sql, __FILE__, __LINE__);
+		$item = array(); 
+		if (Database::num_rows($res)>0) {
+			$item = Database::fetch_array($res,'ASSOC');
+		}
+		return $item;
+	}	
+}
+
+
+//@todo this functions should be in the message class

-require_once api_get_path(LIBRARY_PATH).'online.inc.php';
-require_once api_get_path(SYS_CODE_PATH).'messages/message.class.php';
 function inbox_display() {
 	global $charset;	
 //	$charset = api_get_setting('platform_charset');
--- a/main/inc/lib/social.lib.php
+++ b/main/inc/lib/social.lib.php
@ -1,8 +1,17 @@
 <?php //$id: $
 /* For licensing terms, see /dokeos_license.txt */

-// Relation type between users
+/**
+==============================================================================
+*	This class provides methods for the social network management.
+*	Include/require it in your code to use its features.
+*
+*	@package dokeos.library
+==============================================================================
+*/
+

+// Relation type between users
 define('USERUNKNOW',	'0');
 define('SOCIALUNKNOW',	'1');
 define('SOCIALPARENT',	'2');
@ -12,6 +21,7 @@ define('SOCIALENEMY',	'5');
 define('SOCIALDELETED',	'6');

 require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
+require_once api_get_path(LIBRARY_PATH).'message.lib.php';

 class SocialManager extends UserManager {

@ -241,9 +251,10 @@ class SocialManager extends UserManager {
 		$current_date = date('Y-m-d H:i:s',time());
 		$status_invitation=5;//status of pending invitation
 		$sql_exist='SELECT COUNT(*) AS count FROM '.$tbl_message.' WHERE user_sender_id='.($user_id).' AND user_receiver_id='.($friend_id).' AND msg_status IN(5,6,7);';
-
+		error_log($sql_exist);
 		$res_exist=Database::query($sql_exist,__FILE__,__LINE__);
 		$row_exist=Database::fetch_array($res_exist,'ASSOC');
+		
 		if ($row_exist['count']==0) {			
 			$sql='INSERT INTO '.$tbl_message.'(user_sender_id,user_receiver_id,msg_status,send_date,title,content) VALUES('.$user_id.','.$friend_id.','.$status_invitation.',"'.$current_date.'","'.$message_title.'","'.$message_content.'")';
 			Database::query($sql,__FILE__,__LINE__);
@ -275,7 +286,7 @@ class SocialManager extends UserManager {
 	public static function get_message_number_invitation_by_user_id ($user_receiver_id) {
 		$status_invitation=5;//status of pending invitation
 		$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);
-		$sql='SELECT COUNT(*) as count_message_in_box FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_receiver_id).' AND msg_status=5';
+		$sql='SELECT COUNT(*) as count_message_in_box FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_receiver_id).' AND msg_status='.MESSAGE_STATUS_INVITATION_PENDING;
 		$res=Database::query($sql,__FILE__,__LINE__);
 		$row=Database::fetch_array($res,'ASSOC');
 		return $row['count_message_in_box'];
@ -290,7 +301,7 @@ class SocialManager extends UserManager {
 	public static function get_list_invitation_of_friends_by_user_id ($user_id) {
 		$list_friend_invitation=array();
 		$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);
-		$sql='SELECT user_sender_id,send_date,title,content FROM '.$tbl_message.' WHERE user_receiver_id='.((int)$user_id).' AND msg_status = 5';
+		$sql='SELECT user_sender_id,send_date,title,content FROM '.$tbl_message.' WHERE user_receiver_id='.intval($user_id).' AND msg_status = '.MESSAGE_STATUS_INVITATION_PENDING;
 		$res=Database::query($sql,__FILE__,__LINE__);
 		while ($row=Database::fetch_array($res,'ASSOC')) {
 			$list_friend_invitation[]=$row;
@ -308,7 +319,7 @@ class SocialManager extends UserManager {
 	public static function get_list_invitation_sent_by_user_id ($user_id) {
 		$list_friend_invitation=array();
 		$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);		
-		$sql='SELECT user_receiver_id, send_date,title,content FROM '.$tbl_message.' WHERE user_sender_id = '.intval($user_id).' AND msg_status = 5';
+		$sql='SELECT user_receiver_id, send_date,title,content FROM '.$tbl_message.' WHERE user_sender_id = '.intval($user_id).' AND msg_status = '.MESSAGE_STATUS_INVITATION_PENDING;
 		$res=Database::query($sql,__FILE__,__LINE__);
 		while ($row=Database::fetch_array($res,'ASSOC')) {
 			$list_friend_invitation[$row['user_receiver_id']]=$row;
@ -317,29 +328,29 @@ class SocialManager extends UserManager {
 	}
 	
 	/**
-	 * allow accept invitation
-	 * @author isaac flores paz <florespaz@bidsoftperu.com>
+	 * Accepts invitation
 	 * @param int user sender id
 	 * @param int user receiver id
-	 * @return void()
+	 * @author isaac flores paz <florespaz@bidsoftperu.com>
+	 * @author Julio Montoya <gugli100@gmail.com> Cleaning code
 	 */
 	public static function invitation_accepted ($user_send_id,$user_receiver_id) {
 		$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);
-		$msg_status=6;// friend accepted
-		$sql='UPDATE '.$tbl_message.' SET msg_status='.$msg_status.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
+		$sql='UPDATE '.$tbl_message.' SET msg_status='.MESSAGE_STATUS_INVITATION_ACCEPTED.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
 		Database::query($sql,__FILE__,__LINE__);
 	}
 	/**
-	 * allow deny invitation
-	 * @author isaac flores paz <florespaz@bidsoftperu.com>
+	 * Denies invitation	 
 	 * @param int user sender id
 	 * @param int user receiver id
-	 * @return void()
+	 * @author isaac flores paz <florespaz@bidsoftperu.com>
+	 * @author Julio Montoya <gugli100@gmail.com> Cleaning code
 	 */
 	public static function invitation_denied ($user_send_id,$user_receiver_id) {
 		$tbl_message=Database::get_main_table(TABLE_MAIN_MESSAGE);
-		$msg_status=7;
-		$sql='UPDATE '.$tbl_message.' SET msg_status='.$msg_status.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
+		//$msg_status=7;
+		//$sql='UPDATE '.$tbl_message.' SET msg_status='.$msg_status.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
+		$sql='DELETE FROM '.$tbl_message.' WHERE user_sender_id='.((int)$user_send_id).' AND user_receiver_id='.((int)$user_receiver_id).';';
 		Database::query($sql,__FILE__,__LINE__);
 	}
 	/**
@ -369,6 +380,7 @@ class SocialManager extends UserManager {
 		$succes = get_lang('MessageSentTo');
 		$succes.= ' : '.api_get_person_name($user_info['firstName'], $user_info['lastName']);
 		if (isset($subject_message) && isset($content_message) && isset($userfriend_id)) {			
+			error_log('1');
 			$send_message = MessageManager::send_message($userfriend_id, $subject_message, $content_message);
 			if ($send_message) {
 				echo Display::display_confirmation_message($succes,true);
@ -377,6 +389,7 @@ class SocialManager extends UserManager {
 			}
 			exit;
 		} elseif (isset($userfriend_id) && !isset($subject_message)) {
+			error_log('2');
 			$count_is_true=false;
 			$count_number_is_true=0;
 			if (isset($userfriend_id) && $userfriend_id>0) {
@ -619,19 +632,20 @@ class SocialManager extends UserManager {
 	}
 	
 	public static function show_social_menu() {
-		echo '<div class="actions">';
+		/*
+		echo '<div class="actions">'; 
 			echo '<a href="'.api_get_path(WEB_PATH).'main/social/profile.php">'.Display::return_icon('shared_profile.png').' '.get_lang('ViewMySharedProfile').'</a>';			
 			echo '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php?f=social">'.Display::return_icon('inbox.png').' '.get_lang('Messages').'</a>';
 			echo '<a href="'.api_get_path(WEB_PATH).'main/social/friends.php">'.Display::return_icon('lp_users.png').' '.get_lang('Friends').'</a>';
 			echo '<a href="'.api_get_path(WEB_PATH).'main/social/invitations.php">'.Display::return_icon('lp_users.png').' '.get_lang('Invitations').'</a>';
-			echo '<a href="'.api_get_path(WEB_PATH).'main/social/groups.php">'.Display::return_icon('group.gif').' '.get_lang('MyGroups').'</a>';
+			echo '<a href="'.api_get_path(WEB_PATH).'main/social/groups.php">'.Display::return_icon('group.gif').' '.get_lang('Groups').'</a>';
 			echo '<a href="'.api_get_path(WEB_PATH).'main/social/search.php">'.Display::return_icon('search.gif').' '.get_lang('Search').'</a>';
 			echo '<a href="'.api_get_path(WEB_PATH).'main/auth/profile.php?show=1">'.Display::return_icon('edit.gif').' '.get_lang('EditProfile').'</a>';	
-			/*
+			
 			echo '<span style="float:right; padding-top:7px;">'.
 				 '<a href="/main/auth/profile.php?show=1">'.Display::return_icon('edit.gif').' '.get_lang('Configuration').'</a>';
 				 '</span>';
-			*/		 
-		echo '</div>';
+				 
+		echo '</div>';*/
 	}
 }
--- a/main/inc/lib/usermanager.lib.php
+++ b/main/inc/lib/usermanager.lib.php
@ -2648,22 +2648,8 @@ class UserManager
 	 * 
 	 */
 	public function get_search_form($query) {
-		echo'<form method="get" action="'.api_get_path(WEB_PATH).'main/social/search.php">
-
-		<table cellspacing="0" cellpadding="0" id="SearchTable">
-		<tbody><tr>
-		<td>
-			<div id="SearchQueryChunk">
-			<div id="SearchQueryNav">
-				<b>Search</b > (Users, Groups)				
-			</div>
-			<div>
-				<input type="text" size="30" value="'.Security::remove_XSS($query).'" tabindex="1" id="standard_q" name="q"/>				
-				<button class="search" value="search"/>'.get_lang('Search').'</button>
-			</div>					
-		</td>
-		</tr>
-		</tbody></table></form>';
+		//Not available yet		
+		return '';
 	}
 	//deprecated
 	public function get_public_users($keyword, $from = 0, $number_of_items= 20, $column=2, $direction='ASC') {	
@ -2736,7 +2722,8 @@ class UserManager
 			}
 			return $users;
 		}
-	function show_menu(){
+	function show_menu() {
+		/*
 		echo '<div class="actions">';
 		echo '<a href="/main/auth/profile.php">'.Display::return_icon('profile.png').' '.get_lang('PersonalData').'</a>';
 		echo '<a href="/main/messages/inbox.php">'.Display::return_icon('inbox.png').' '.	get_lang('Inbox').'</a>';
@ -2744,7 +2731,7 @@ class UserManager
 		echo '<span style="float:right; padding-top:7px;">'.
 			 '<a href="/main/auth/profile.php?show=1">'.Display::return_icon('edit.gif').' '.get_lang('Configuration').'</a>';
 			 '</span>';		 
-		echo '</div>';
+		echo '</div>';*/
 	}
 	/**
 	 * Gives a list of course auto-register (field special_course)
--- a/main/messages/inbox.php
+++ b/main/messages/inbox.php
@ -32,8 +32,8 @@
 $language_file = array('registration','messages','userInfo','admin','index');
 $cidReset=true;
 require_once '../inc/global.inc.php';
-require_once '../messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'message.lib.php';
+
 api_block_anonymous_users();
 if (isset($_GET['messages_page_nr'])) {
 	if (api_get_setting('allow_social_tool')=='true' &&  api_get_setting('allow_message_tool')=='true') {
--- a/main/messages/message.class.php
+++ b/main/messages/message.class.php
@ -1,769 +1,3 @@
 <?php
-/* For licensing terms, see /dokeos_license.txt */
-require_once api_get_path(LIBRARY_PATH).'online.inc.php';
-require_once api_get_path(LIBRARY_PATH).'fileUpload.lib.php';
-require_once api_get_path(LIBRARY_PATH).'fileDisplay.lib.php';
-require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
-
-/* 
- * @todo use constants!
- */
-define('MESSAGE_STATUS_NEW',				'0');
-define('MESSAGE_STATUS_UNREAD',				'1');
-define('MESSAGE_STATUS_DELETED',			'2');
-
-define('MESSAGE_STATUS_INVITATION_PENDING',	'5');
-define('MESSAGE_STATUS_INVITATION_ACCEPTED','6');
-define('MESSAGE_STATUS_INVITATION_DENIED',	'7');
-
-
-
-
-class MessageManager
-{
-	function MessageManager() {
-
-	}
-	public static function get_online_user_list($current_user_id) {
-		$min=30;
-		global $_configuration;
-		$userlist = WhoIsOnline($current_user_id,$_configuration['statistics_database'],$min);
-		foreach($userlist as $row) {
-			$receiver_id = $row[0];
-			$online_user_list[$receiver_id] = GetFullUserName($receiver_id).($current_user_id==$receiver_id?("&nbsp;(".get_lang('Myself').")"):(""));
-		}
-		return $online_user_list;
-	}
-
-	/**
-	* Displays info stating that the message is sent successfully.
-	*/
-	public static function display_success_message($uid) {
-			global $charset;
-		if ($_SESSION['social_exist']===true) {
-			$redirect="#remote-tab-2";
-			if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true') {
-				$success=get_lang('MessageSentTo').
-				"&nbsp;<b>".
-				GetFullUserName($uid).
-				"</b>";
-			}else {
-				$success=get_lang('MessageSentTo').
-				"&nbsp;<b>".
-				GetFullUserName($uid).
-				"</b>";
-			}
-		} else {
-				$success=get_lang('MessageSentTo').
-				"&nbsp;<b>".
-				GetFullUserName($uid).
-				"</b>";
-		}
-		Display::display_confirmation_message(api_xml_http_response_encode($success), false);
-	}
-
-	/**
-	* Displays the wysiwyg html editor.
-	*/
-	public static function display_html_editor_area($name, $resp) {
-		api_disp_html_area($name, get_lang('TypeYourMessage'), '', '', null, array('ToolbarSet' => 'Messages', 'Width' => '95%', 'Height' => '250'));
-	}
-
-	/**
-	* Get the new messages for the current user from the database.
-	*/
-	public static function get_new_messages() {
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		if (!api_get_user_id()) {
-			return false;
-		}
-		$i=0;
-		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".api_get_user_id()." AND msg_status=1";
-		$result = Database::query($query,__FILE__,__LINE__);
-		$i = Database::num_rows($result);
-		return $i;
-	}
-
-	/**
-	* Get the list of user_ids of users who are online.
-	*/
-	public static function users_connected_by_id() {
-		global $_configuration, $_user;
-		$minute=30;
-		$user_connect = WhoIsOnline($_user['user_id'],$_configuration['statistics_database'],$minute);
-		for ($i=0; $i<count($user_connect); $i++) {
-			$user_id_list[$i]=$user_connect[$i][0];
-		}
-		return $user_id_list;
-	}
-
-	/**
-	 * Gets the total number of messages, used for the inbox sortable table
-	 */
-	public static function get_number_of_messages () {
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status IN (0,1) AND user_receiver_id=".api_get_user_id();
-		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
-		$result = Database::fetch_array($sql_result);
-		return $result['number_messages'];
-	}
-
-	/**
-	 * Gets information about some messages, used for the inbox sortable table
-	 * @param int $from
-	 * @param int $number_of_items
-	 * @param string $direction
-	 */
-	public static function get_message_data ($from, $number_of_items, $column, $direction) {
-		global $charset;
-		$from = intval($from);
-		$number_of_items = intval($number_of_items);
-		$column = intval($column);
-		if (!in_array($direction, array('ASC', 'DESC')))
-			$direction = 'ASC';
-
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$request=api_is_xml_http_request();
-		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3, msg_status as col4 FROM $table_message " .
-					 "WHERE user_receiver_id=".api_get_user_id()." AND msg_status IN (0,1)" .
-					 "ORDER BY send_date desc, col$column $direction LIMIT $from,$number_of_items";
-		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
-		$i = 0;
-		$message_list = array ();
-		while ($result = Database::fetch_row($sql_result)) {
-			if ($request===true) {
-				$message[0] = '<input type="checkbox" value='.$result[0].' name="id[]">';
-			 } else {
-				$message[0] = ($result[0]);
-			 }
-
-			if ($request===true) {
-				if($result[4]==0)
-            	{
-					$message[1] = Display::return_icon('mail_open.png',get_lang('AlreadyReadMessage'));//Message already read
-				}
-				else
-				{
-					$message[1] = Display::return_icon('mail.png',get_lang('UnReadMessage'));//Message without reading
-				}
-
-				$message[2] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.GetFullUserName($result[1]).'</a>';
-				$message[3] = '<a onclick="get_action_url_and_show_messages(1,'.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
-				$message[5] = '<a onclick="reply_to_messages(\'show\','.$result[0].',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a onclick="delete_one_message('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
-			} else {
-				$message[2] = '<a href="view_message.php?id='.$result[0].'">'.GetFullUserName(($result[1])).'</a>';;
-				$message[3] = '<a href="view_message.php?id='.$result[0].'">'.$result[2].'</a>';
-				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a delete_one_message('.$result[0].') href="inbox.php?action=deleteone&id='.$result[0].'">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
-			}
-			$message[4] = ($result[3]); //date stays the same
-			foreach($message as $key => $value) {
-				$message[$key] = api_xml_http_response_encode($value);
-			}
-			$message_list[] = $message;
-
-			$i++;
-		}
-		return $message_list;
-	}
-
-	public static function send_message ($receiver_user_id, $title, $content, $file_attachments = array(), $file_comments = '', $group_id = 0, $parent_id = 0) {	
-        global $charset;
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$group_id = intval($group_id);
-        $receiver_user_id = intval($receiver_user_id);
-        $parent_id = intval($parent_id);
-
-        if (is_numeric($receiver_user_id)) {
-			$table_message = Database::get_main_table(TABLE_MESSAGE);
-	        $title = api_convert_encoding($title,$charset,'UTF-8');
-	        $content = api_convert_encoding($content,$charset,'UTF-8');
-			//message in inbox
-			$sql = "SELECT COUNT(*) as count FROM $table_message WHERE user_sender_id = ".api_get_user_id()." AND user_receiver_id='".Database::escape_string($receiver_user_id)."' AND title = '".Database::escape_string($title)."' AND content ='".Database::escape_string($content)."' ";
-			$res_exist = Database::query($sql,__FILE__,__LINE__);
-			$row_exist = Database::fetch_array($res_exist,'ASSOC');
-			if ($row_exist['count'] == 0) {								 		 
-				//message in outbox
-				$sql = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content ) ".
-						 " VALUES (".
-				 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '4', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."'".
-				 		 ")";
-				$rs = Database::query($sql,__FILE__,__LINE__);
-				$outbox_last_id = Database::insert_id();
-				
-				// save attachment file for outbox messages
-				if (is_array($file_attachments)) {
-					$o = 0;
-					foreach ($file_attachments as $file_attach) {						
-						if ($file_attach['error'] == 0) {
-							self::save_message_attachment_file($file_attach,$file_comments[$o],$outbox_last_id,api_get_user_id());
-						}
-						$o++;	
-					}
-				}
-				//message in inbox								 
-				$query = "INSERT INTO $table_message(user_sender_id, user_receiver_id, msg_status, send_date, title, content, group_id, parent_id ) ".
-						 " VALUES (".
-				 		 "'".api_get_user_id()."', '".Database::escape_string($receiver_user_id)."', '1', '".date('Y-m-d H:i:s')."','".Database::escape_string($title)."','".Database::escape_string($content)."','$group_id','$parent_id'".
-				 		 ")";
-				$result = Database::query($query,__FILE__,__LINE__);				
-				$inbox_last_id = Database::insert_id();
-				
-				// save attachment file for inbox messages
-				if (is_array($file_attachments)) {
-					$i = 0;
-					foreach ($file_attachments as $file_attach) {						
-						if ($file_attach['error'] == 0) {
-							self::save_message_attachment_file($file_attach,$file_comments[$i],$inbox_last_id,null,$receiver_user_id);
-						}
-						$i++;	
-					}
-				}																				
-				return $result;
-			}
-        } else {
-        	return false;
-        }
-
-		return false;
-	}
-	
-	public static function delete_message_by_user_receiver ($user_receiver_id,$id) {
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		if ($id != strval(intval($id))) return false;
-		$id = Database::escape_string($id);
-		$sql="SELECT * FROM $table_message WHERE id=".$id." AND msg_status<>4;";
-		$rs=Database::query($sql,__FILE__,__LINE__);
-		
-		if (Database::num_rows($rs) > 0 ) {
-			$row = Database::fetch_array($rs);
-			// delete attachment file
-			$res = self::delete_message_attachment_file($id,$user_receiver_id);
-			// delete message
-			$query = "UPDATE $table_message SET msg_status=3 WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".$id;
-			//$query = "DELETE FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_receiver_id)." AND id=".$id;
-			$result = Database::query($query,__FILE__,__LINE__);			
-			return $result;
-		} else {
-			return false;
-		}
-	}
-	/**
-	 * Set status deleted
-	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
-	 * @param  integer
-	 * @param  integer
-	 * @return array
-	 */
-	public static function delete_message_by_user_sender ($user_sender_id,$id) {
-		if ($id != strval(intval($id))) return false;
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		
-		$id = intval($id);
-		$user_sender_id = intval($user_sender_id);
-		
-		$sql="SELECT * FROM $table_message WHERE id='$id'";
-		$rs=Database::query($sql,__FILE__,__LINE__);
-		
-		if (Database::num_rows($rs) > 0 ) {
-			$row = Database::fetch_array($rs);
-			// delete attachment file
-			$res = self::delete_message_attachment_file($id,$user_sender_id);
-			// delete message
-			$query = "UPDATE $table_message SET msg_status=3 WHERE user_sender_id='$user_sender_id' AND id='$id'";
-			//$query = "DELETE FROM $table_message WHERE user_sender_id='$user_sender_id' AND id='$id'";
-			$result = Database::query($query,__FILE__,__LINE__);					
-			return $result;		
-		}				
-		return false;
-	}
-	
-	public static function save_message_attachment_file($file_attach,$file_comment,$message_id,$receiver_user_id=0,$sender_user_id=0) {
-
-		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
-
-		// Try to add an extension to the file if it hasn't one
-		$new_file_name = add_ext_on_mime(stripslashes($file_attach['name']), $file_attach['type']);
-		
-		// user's file name
-		$file_name =$file_attach['name'];
-	
-		if (!filter_extension($new_file_name))  {
-			Display :: display_error_message(get_lang('UplUnableToSaveFileFilteredExtension'));
-		} else {
-			$new_file_name = uniqid('');						
-
-			$message_user_id = '';
-			if (!empty($receiver_user_id)) {
-				$message_user_id = $receiver_user_id;
-			} else {
-				$message_user_id = $sender_user_id;
-			}			
-			
-			// User-reserved directory where photos have to be placed.
-			$path_user_info = UserManager::get_user_picture_path_by_id($message_user_id, 'system', true);
-			$path_message_attach = $path_user_info['dir'].'message_attachments/';
-					
-			// If this directory does not exist - we create it.
-			if (!file_exists($path_message_attach)) {
-				$perm = api_get_setting('permissions_for_new_directories');
-				$perm = octdec(!empty($perm) ? $perm : '0770');
-				@mkdir($path_message_attach, $perm, true);
-			}				
-
-			$new_path=$path_message_attach.$new_file_name;			
-			if (!empty($receiver_user_id)) {				
-				$result= @copy($file_attach['tmp_name'], $new_path);				
-			} else {
-				$result= @move_uploaded_file($file_attach['tmp_name'], $new_path);	
-			}
-
-			$safe_file_comment= Database::escape_string($file_comment);
-			$safe_file_name = Database::escape_string($file_name);
-			$safe_new_file_name = Database::escape_string($new_file_name);						
-			// Storing the attachments if any			
-			$sql="INSERT INTO $tbl_message_attach(filename,comment, path,message_id,size)
-				  VALUES ( '$safe_file_name', '$safe_file_comment', '$safe_new_file_name' , '$message_id', '".$file_attach['size']."' )";
-			$result=Database::query($sql, __LINE__, __FILE__);
-			$message.=' / '.get_lang('FileUploadSucces').'<br />';
-	
-		}	
-	}
-
-	/**
-	 * Delete message attachment file (logicaly updating the row with a suffix _DELETE_id)
-	 * @param  int		message id
-	 * @param  int		message user id (receiver user id or sender user id) 
-	 * @return void
-	 */
-	public static function delete_message_attachment_file($message_id,$message_uid) {
-
-		$message_id = intval($message_id);		
-		$message_uid = intval($message_uid);
-		$table_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
-		
-		$sql= "SELECT * FROM $table_message_attach WHERE message_id = '$message_id'";
-		$rs	= Database::query($sql,__FILE__,__LINE__);		
-		$new_paths = array();
-		while ($row = Database::fetch_array($rs)) {
-			$path 		= $row['path'];
-			$attach_id  = $row['id'];			
-			$new_path 	= $path.'_DELETED_'.$attach_id;
-			$path_user_info = UserManager::get_user_picture_path_by_id($message_uid, 'system', true);
-			$path_message_attach = $path_user_info['dir'].'message_attachments/';					
-			if (is_file($path_message_attach.$path)) {				
-				if(rename($path_message_attach.$path, $path_message_attach.$new_path)) {					
-					$sql_upd = "UPDATE $table_message_attach set path='$new_path' WHERE id ='$attach_id'";
-					$rs_upd = Database::query($sql_upd,__FILE__,__LINE__);					
-				} 							
-			}						
-		}				
-	}	
-	
-	public static function update_message ($user_id, $id) {
-		if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$query = "UPDATE $table_message SET msg_status = '0' WHERE msg_status<>4 AND user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
-		$result = Database::query($query,__FILE__,__LINE__);
-	}
-
-	 public static function get_message_by_user ($user_id,$id) {
-	 	if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$query = "SELECT * FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
-		$result = Database::query($query,__FILE__,__LINE__);
-		return $row = Database::fetch_array($result);
-	}
-	
-	public static function get_messages_by_group($group_id) {	 	
-		if ($group_id != strval(intval($group_id))) return false;		
-	 	$table_message = Database::get_main_table(TABLE_MESSAGE);
-	 	$group_id = intval($group_id);	 			
-		$query = "SELECT * FROM $table_message WHERE group_id='$group_id' AND msg_status <> 4 ORDER BY id";		
-		$rs = Database::query($query,__FILE__,__LINE__);		
-		$data = array();
-		if (Database::num_rows($rs) > 0) {
-			while ($row = Database::fetch_array($rs)) {
-				$data[] = $row;
-			}		
-		}
-		return $data;
-	}
-	
-	/**
-	 * Gets information about if exist messages
-	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
-	 * @param  integer
-	 * @param  integer
-	 * @return boolean
-	 */
-	 public static function exist_message ($user_id, $id) {
-	 	if ($id != strval(intval($id)) || $user_id != strval(intval($user_id))) return false;
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$query = "SELECT id FROM $table_message WHERE user_receiver_id=".Database::escape_string($user_id)." AND id='".Database::escape_string($id)."'";
-		$result = Database::query($query,__FILE__,__LINE__);
-		$num = Database::num_rows($result);
-		if ($num>0)
-			return true;
-		else
-			return false;
-	}
-	/**
-	 * Gets information about messages sent
-	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
-	 * @param  integer
-	 * @param  integer
-	 * @param  string
-	 * @return array
-	 */
-	 public static function get_message_data_sent ($from, $number_of_items, $column, $direction) {
-	 	global $charset;
-
-	 	$from = intval($from);
-		$number_of_items = intval($number_of_items);
-		$column = intval($column);
-		if (!in_array($direction, array('ASC', 'DESC')))
-			$direction = 'ASC';
-
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$request=api_is_xml_http_request();
-		$sql_query = "SELECT id as col0, user_sender_id as col1, title as col2, send_date as col3, user_receiver_id as col4, msg_status as col5 FROM $table_message " .
-					 "WHERE user_sender_id=".api_get_user_id()." AND msg_status=4 " .
-					 "ORDER BY col$column $direction LIMIT $from,$number_of_items";
-
-		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
-		$i = 0;
-		$message_list = array ();
-		while ($result = Database::fetch_row($sql_result)) {
-			if ($request===true) {
-				$message[0] = '<input type="checkbox" value='.$result[0].' name="out[]">';
-			 } else {
-				$message[0] = ($result[0]);
-			 }
-
-			if ($request===true) {
-			   if ($result[5]==4)
-			   {
-			   		$message[1] = Display::return_icon('mail_send.png',get_lang('MessageSent'));//Message Sent
-			   }
-				$message[2] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.GetFullUserName($result[4]).'</a>';
-				$message[3] = '<a onclick="show_sent_message('.$result[0].')" href="javascript:void(0)">'.str_replace("\\","",$result[2]).'</a>';
-				$message[5] = '&nbsp;&nbsp;<a onclick="delete_one_message_outbox('.$result[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
-			} else {
-				$message[2] = '<a onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].'">'.GetFullUserName($result[4]).'</a>';
-				$message[3] = '<a onclick="show_sent_message ('.$result[0].')" href="../messages/view_message.php?id_send='.$result[0].'">'.$result[2].'</a>';
-				$message[5] = '<a href="new_message.php?re_id='.$result[0].'">'.Display::return_icon('message_reply.png',get_lang('ReplyToMessage')).'</a>'.
-						  '&nbsp;&nbsp;<a href="outbox.php?action=deleteone&id='.$result[0].'"  onclick="javascript:if(!confirm('."'".addslashes(api_htmlentities(get_lang('ConfirmDeleteMessage')))."'".')) return false;">'.Display::return_icon('message_delete.png',get_lang('DeleteMessage')).'</a>';
-			}
-			$message[4] = $result[3]; //date stays the same
-			foreach($message as $key => $value) {
-				$message[$key] = api_xml_http_response_encode($value);
-			}
-			$message_list[] = $message;
-			$i++;
-		}
-		return $message_list;
-	}
-	/**
-	 * Gets information about number messages sent
-	 * @author Isaac FLores Paz <isaac.flores@dokeos.com>
-	 * @param void
-	 * @return integer
-	 */
-	 public static function get_number_of_messages_sent () {
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$sql_query = "SELECT COUNT(*) as number_messages FROM $table_message WHERE msg_status=4 AND user_sender_id=".api_get_user_id();
-		$sql_result = Database::query($sql_query,__FILE__,__LINE__);
-		$result = Database::fetch_array($sql_result);
-		return $result['number_messages'];
-	}
-	
-	/**
-	 * display message box in the inbox 
-	 * @return void
-	 */
-	public static function show_message_box() {
-		global $charset;
-		
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
-		
-		$message_id = '';
-		if (isset($_GET['id_send']) && is_numeric($_GET['id_send'])) {
-			$query = "SELECT * FROM $table_message WHERE user_sender_id=".api_get_user_id()." AND id=".intval(Database::escape_string($_GET['id_send']))." AND msg_status=4;";
-			$result = Database::query($query,__FILE__,__LINE__);
-		    $path='outbox.php';
-		    $message_id = intval($_GET['id_send']);
-		} else {
-			if (is_numeric($_GET['id'])) {
-				$query = "UPDATE $table_message SET msg_status = '0' WHERE user_receiver_id=".api_get_user_id()." AND id='".intval(Database::escape_string($_GET['id']))."';";
-				$result = Database::query($query,__FILE__,__LINE__);
-				$query = "SELECT * FROM $table_message WHERE msg_status<>4 AND user_receiver_id=".api_get_user_id()." AND id='".intval(Database::escape_string($_GET['id']))."';";
-				$result = Database::query($query,__FILE__,__LINE__);				
-			}			
-			$path='inbox.php';
-			$message_id = intval($_GET['id']);
-		}
-
-		$row = Database::fetch_array($result);
-		
-		// get file attachments by message id
-		$files_attachments = '';
-		if (!empty($message_id)) {
-			$sql = "SELECT * FROM $tbl_message_attach WHERE message_id = '$message_id'";
-			$rs_file = Database::query($sql,__FILE__,__LINE__);				
-			if (Database::num_rows($rs_file) > 0) {
-				$attach_icon = Display::return_icon('attachment.gif');						
-				$archiveURL=api_get_path(WEB_CODE_PATH).'messages/download.php?type=inbox&file=';				
-				while ($row_file = Database::fetch_array($rs_file)) {				
-					$archiveFile = $row_file['path'];
-					$filename = $row_file['filename'];
-					$filesize = format_file_size($row_file['size']);
-					$filecomment = $row_file['comment'];
-					$files_attachments .= $attach_icon.'&nbsp;<a href="'.$archiveURL.$archiveFile.'">'.$filename.'</a>&nbsp;('.$filesize.')'.(!empty($filecomment)?'&nbsp;-&nbsp;'.$filecomment:'').'<br />'; 
-				}
-			}						
-		}
-		
-		$user_con = self::users_connected_by_id();
-		$band=0;
-		$reply='';
-		for ($i=0;$i<count($user_con);$i++)
-			if ($row[1]==$user_con[$i])
-				$band=1;
-		if ($band==1 && !isset($_GET['id_send'])) {
-			if (is_numeric($_GET['id'])) {
-				$reply = '<a onclick="reply_to_messages(\'show\','.Security::remove_XSS($_GET['id']).',\'\')" href="javascript:void(0)">'.Display::return_icon('message_reply.png',api_xml_http_response_encode(get_lang('ReplyToMessage'))).api_xml_http_response_encode(get_lang('ReplyToMessage')).'</a>';
-			}
-		}
-		echo '<div class=actions>';
-		echo '<a onclick="close_div_show(\'div_content_messages\')" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToInbox'))).api_xml_http_response_encode(get_lang('BackToInbox')).'</a>';
-		echo $reply;
-		echo '<a onclick="delete_one_message('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).''.api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
-		echo '</div><br />';
-		echo '
-		<table class="message_view_table" >
-		    <TR>
-		      <TD width=10>&nbsp; </TD>
-		      <TD vAlign=top width="100%">
-		      	<TABLE>
-		            <TR>
-		              <TD width="100%">
-		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
-		              </TD>
-		              <TR>
-		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
-		              </TR>
-		              <TR>
-		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>
-		              </TR>
-		            </TR>
-		        </TABLE>
-		        <br />
-		        <TABLE height=209 width="100%" bgColor=#ffffff>
-		          <TBODY>
-		            <TR>
-		              <TD vAlign=top>'.str_replace("\\","",api_xml_http_response_encode($row[6])).'</TD>
-		            </TR>
-		          </TBODY>
-		        </TABLE>
-		        '.$files_attachments.'				        		
-		        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
-		      <TD width=10>&nbsp;</TD>
-		    </TR>
-		</TABLE>';
-	}
-	
-	
-	/**
-	 * display message box sent showing it into outbox 
-	 * @return void
-	 */
-	public static function show_message_box_sent () {		
-		global $charset;		
-		$table_message = Database::get_main_table(TABLE_MESSAGE);
-		$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
-		
-		$message_id = '';
-		if (is_numeric($_GET['id_send'])) {
-			$query = "SELECT * FROM $table_message WHERE user_sender_id=".api_get_user_id()." AND id=".intval(Database::escape_string($_GET['id_send']))." AND msg_status=4;";
-			$result = Database::query($query,__FILE__,__LINE__);
-			$message_id = intval($_GET['id_send']);
-		}
-		$path='outbox.php';
-
-		// get file attachments by message id
-		$files_attachments = '';
-		if (!empty($message_id)) {
-			$sql = "SELECT * FROM $tbl_message_attach WHERE message_id = '$message_id'";
-			$rs_file = Database::query($sql,__FILE__,__LINE__);				
-			if (Database::num_rows($rs_file) > 0) {
-				$attach_icon = Display::return_icon('attachment.gif');						
-				$archiveURL=api_get_path(WEB_CODE_PATH).'messages/download.php?type=outbox&file=';				
-				while ($row_file = Database::fetch_array($rs_file)) {				
-					$archiveFile = $row_file['path'];
-					$filename = $row_file['filename'];
-					$filesize = format_file_size($row_file['size']);
-					$filecomment = $row_file['comment'];
-					$files_attachments .= $attach_icon.'&nbsp;<a href="'.$archiveURL.$archiveFile.'">'.$filename.'</a>&nbsp;('.$filesize.')'.(!empty($filecomment)?'&nbsp;-&nbsp;'.$filecomment:'').'<br />'; 
-				}
-			}						
-		}
-
-		$row = Database::fetch_array($result);
-		$user_con = self::users_connected_by_id();
-		$band=0;
-		$reply='';
-		for ($i=0;$i<count($user_con);$i++)
-			if ($row[1]==$user_con[$i])
-				$band=1;
-		echo '<div class=actions>';
-		echo '<a onclick="close_and_open_outbox()" href="javascript:void(0)">'.Display::return_icon('folder_up.gif',api_xml_http_response_encode(get_lang('BackToOutbox'))).api_xml_http_response_encode(get_lang('BackToOutbox')).'</a>';
-		echo '<a onclick="delete_one_message_outbox('.$row[0].')" href="javascript:void(0)"  >'.Display::return_icon('message_delete.png',api_xml_http_response_encode(get_lang('DeleteMessage'))).api_xml_http_response_encode(get_lang('DeleteMessage')).'</a>';
-		echo '</div><br />';
-		echo '
-		<table class="message_view_table" >
-		    <TR>
-		      <TD width=10>&nbsp; </TD>
-		      <TD vAlign=top width="100%">
-		      	<TABLE>
-		            <TR>
-		              <TD width="100%">
-		                    <TR> <h1>'.str_replace("\\","",api_xml_http_response_encode($row[5])).'</h1></TR>
-		              </TD>
-		              <TR>
-		              	<TD>'.api_xml_http_response_encode(get_lang('From').'&nbsp;<b>'.GetFullUserName($row[1]).'</b> '.api_strtolower(get_lang('To')).'&nbsp;  <b>'.GetFullUserName($row[2])).'</b> </TD>
-		              </TR>
-		              <TR>
-		              <TD >'.api_xml_http_response_encode(get_lang('Date').'&nbsp; '.$row[4]).'</TD>
-		              </TR>
-		            </TR>
-		        </TABLE>
-		        <br />
-		        <TABLE height=209 width="100%" bgColor=#ffffff>
-		          <TBODY>
-		            <TR>
-		              <TD vAlign=top>'.str_replace("\\","",api_xml_http_response_encode($row[6])).'</TD>
-		            </TR>
-		          </TBODY>
-		        </TABLE>
-		        '.$files_attachments.'		
-		        <DIV class=HT style="PADDING-BOTTOM: 5px"> </DIV></TD>
-		      <TD width=10>&nbsp;</TD>
-		    </TR>
-		</TABLE>';
-	}
-	
-	/**
-	 * get user id by user email
-	 * @param string $user_email
-	 * @return int user id
-	 */
-	public static function get_user_id_by_email ($user_email) {
-		$tbl_user = Database::get_main_table(TABLE_MAIN_USER);
-		$sql='SELECT user_id FROM '.$tbl_user.' WHERE email="'.Database::escape_string($user_email).'";';
-		$rs=Database::query($sql,__FILE__,__LINE__);
-		$row=Database::fetch_array($rs,'ASSOC');
-		if (isset($row['user_id'])) {
-			return $row['user_id'];
-		} else {
-			return null;
-		}
-	}
-	
-	/**
-	 * display messages for group with nested view 
-	 * @param int group id
-	 * @return void
-	 */
-	public static function display_messages_for_group($group_id) {
-				
-		global $origin;				
-		$rows = self::get_messages_by_group($group_id);		
-		$rows = self::calculate_children($rows);
-		$group_info = GroupPortalManager::get_group_data($group_id);		
-		$count=0;
-						
-		foreach ($rows as $message) {
-			$indent	= $message['indent_cnt']*'20';
-			$user_sender_info = UserManager::get_user_info_by_id($message['user_sender_id']); 
-			if (!empty($message['parent_id'])) {				
-				$message_parent_info = self::get_message_by_id($message['parent_id']);								
-				$user_parent_info = UserManager::get_user_info_by_id($message_parent_info['user_sender_id']);
-				$name_user_parent = api_get_person_name($user_parent_info['firstname'], $user_parent_info['lastname']);
-			}
-			$name=api_get_person_name($user_sender_info['firstname'], $user_sender_info['lastname']);						
-			echo "<div style=\"margin-left: ".$indent."px;padding:5px;border:1pt dotted black\">";
-			echo '<div id="message-title">'.$message['title'].'&nbsp;(&nbsp;'.$message['send_date'].'&nbsp;)&nbsp;</div>';						
-			echo '<div id="message-author">'.get_lang('From').'&nbsp;'.$name.'&nbsp;'.get_lang('ToGroup').'&nbsp;'.(!empty($message['parent_id'])?$name_user_parent:$group_info['name']).'</div>';			
-			echo '<div id="message-content">'.$message['content'].'</div>';
-			echo '<div id="actions">';
-			
-			if (!isset($message['children'])) {
-				echo '<a href="/main/messages/new_message.php?group_id='.$group_id.'&message_id='.$message['id'].'">'.Display::return_icon('forumthread_new.gif',api_xml_http_response_encode(get_lang('Reply'))).'&nbsp;'.api_xml_http_response_encode(get_lang('Reply')).'</a>';
-			}
-			echo '</div>';
-			echo '</div>';
-			$count++;						
-		}
-	}
-	
-	/**
-	 * Add children to messages by id is used for nested view messages  
-	 * @param array  rows of messages 
-	 * @return array new list adding the item children
-	 */	
-	public static function calculate_children($rows) {
-
-		foreach($rows as $row) {
-			$rows_with_children[$row["id"]]=$row;
-			$rows_with_children[$row["parent_id"]]["children"][]=$row["id"];
-		}		
-		$rows=$rows_with_children;
-		$sorted_rows=array(0=>array());
-		self::message_recursive_sort($rows, $sorted_rows);
-		unset($sorted_rows[0]);
-		return $sorted_rows;
-	}
-	
-	/**
-	 * Sort recursively the messages, is used for for nested view messages   
-	 * @param array  original rows of messages
-	 * @param array  list recursive of messages
-	 * @param int   seed for calculate the indent
-	 * @param int   indent for nested view 
-	 * @return void
-	 */	
-	public static function message_recursive_sort($rows, &$messages, $seed=0, $indent=0) {
-		if($seed>0) {
-			$messages[$rows[$seed]["id"]]=$rows[$seed];
-			$messages[$rows[$seed]["id"]]["indent_cnt"]=$indent;
-			$indent++;
-		}	
-		if(isset($rows[$seed]["children"])) {
-			foreach($rows[$seed]["children"] as $child) {
-				self::message_recursive_sort($rows, $messages, $child, $indent);
-			}
-		}
-	}
-	
-	/**
-	 * Get message list by id    
-	 * @param int  message id 
-	 * @return array  
-	 */	
-	public static function get_message_by_id($message_id) {
-		$tbl_message = Database::get_main_table(TABLE_MESSAGE);
-		$message_id = intval($message_id);				
-		$sql = "SELECT * FROM $tbl_message WHERE id = '$message_id'";
-		$res = Database::query($sql, __FILE__, __LINE__);
-		$item = array(); 
-		if (Database::num_rows($res)>0) {
-			$item = Database::fetch_array($res,'ASSOC');
-		}
-		return $item;
-	}
-	
-}
+/* see main/inc/lib/message.lib.php*/
 ?>
--- a/main/messages/new_message.php
+++ b/main/messages/new_message.php
@ -5,7 +5,7 @@

 	Copyright (c) 2009 Dokeos SPRL
 	Copyright (c) 2009 Julio Montoya Armas <gugli100@gmail.com>
-	Copyright (c) Facultad de Matematicas, UADY (México)
+	Copyright (c) Facultad de Matematicas, UADY (M<EFBFBD>xico)
 	Copyright (c) Evie, Free University of Brussels (Belgium)
 	Copyright (c) 2009 Isaac Flores Paz <isaac.flores.paz@gmail.com>
 	For a full list of contributors, see "credits.txt".
@ -46,11 +46,11 @@ if (api_get_setting('allow_message_tool')!='true'){
 	api_not_allowed();
 }

-
-require_once api_get_path(SYS_CODE_PATH).'messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'text.lib.php';
 require_once api_get_path(LIBRARY_PATH).'formvalidator/FormValidator.class.php';
 require_once api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php';
+require_once api_get_path(LIBRARY_PATH).'message.lib.php';
+
 $request=api_is_xml_http_request();
 $nameTools = api_xml_http_response_encode(get_lang('Messages'));
 /*
@ -241,18 +241,14 @@ if (isset($_GET['rs'])) {
 		'name' => get_lang('SocialNetwork')
 	);
 } else {
-	$interbreadcrumb[] = array ('url' => 'javascript: void(0);', 'name' => get_lang('Messages'));
-	$interbreadcrumb[]= array (
-		'url' => 'outbox.php',
-		'name' => get_lang('Outbox')
-	);
+	$interbreadcrumb[] = array ('url' => 'main/auth/profile.php', 'name' => get_lang('Profile'));
 	$interbreadcrumb[]= array (
 		'url' => 'inbox.php',
 		'name' => get_lang('Inbox')
 	);
 }
 	$interbreadcrumb[]= array (
-		'url' => 'javascript: void(0);',
+		'url' => '#',
 		'name' => get_lang('ComposeMessage')
 	);

--- a/main/messages/outbox.php
+++ b/main/messages/outbox.php
@ -32,8 +32,8 @@
 $language_file = array('registration','messages','userInfo','admin');
 $cidReset=true;
 require_once '../inc/global.inc.php';
-require_once '../messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'message.lib.php';
+
 api_block_anonymous_users();
 if (isset($_GET['messages_page_nr'])) {
 	if (api_get_setting('allow_social_tool')=='true' &&  api_get_setting('allow_message_tool')=='true') {
--- a/main/messages/send_message.php
+++ b/main/messages/send_message.php
@ -4,7 +4,6 @@
 $language_file = array('registration','messages','userInfo','admin');
 $cidReset=true;
 require_once '../inc/global.inc.php';
-require_once '../messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
 require_once api_get_path(LIBRARY_PATH).'message.lib.php';
 require_once api_get_path(LIBRARY_PATH).'social.lib.php';
--- a/main/messages/send_message_to_userfriend.inc.php
+++ b/main/messages/send_message_to_userfriend.inc.php
@ -3,10 +3,10 @@
 $language_file = array('registration','messages','userInfo','admin');
 $cidReset=true;
 require_once '../inc/global.inc.php';
-require_once '../messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
 require_once api_get_path(LIBRARY_PATH).'message.lib.php';
 require_once api_get_path(LIBRARY_PATH).'social.lib.php';
+
 if (api_is_anonymous()) {
 	api_not_allowed();
 }
--- a/main/social/groups.php
+++ b/main/social/groups.php
@ -4,9 +4,9 @@
 $language_file = array('admin');
 require_once '../inc/global.inc.php';
 require_once api_get_path(LIBRARY_PATH).'usermanager.lib.php';
-require_once api_get_path(SYS_CODE_PATH).'messages/message.class.php';
 require_once api_get_path(LIBRARY_PATH).'group_portal_manager.lib.php';
 require_once api_get_path(LIBRARY_PATH).'social.lib.php';
+require_once api_get_path(LIBRARY_PATH).'message.lib.php';

 $this_section = SECTION_SOCIAL;

@ -58,13 +58,6 @@ if ($group_id != 0 ) {
 	$users		= GroupPortalManager::get_users_by_group($group_id, true);
 	
 	
-	//@todo this must be move to default.css for dev use only
-	echo '<style> 		
-			#group_members { width:250px; height:300px; overflow-x:none; overflow-y: auto;}
-			.group_member_item { width:80px; height:100px; float:left; margin:5px 5px 15px 5px; }
-			
-	</style>';
-
 	echo '<div id="layout-left" style="float: left; width: 280px; height: 100%;">';

 	//Group's title
--- a/main/social/invitations.php
+++ b/main/social/invitations.php
@ -80,15 +80,6 @@ $pending_invitations = GroupPortalManager::get_groups_by_user($user_id, GROUP_US

 $number_loop=count($list_get_invitation);

-//@todo move this to default.css
-echo '<style>
-.confirm {
-	border-top:1px solid #D8DFEA;
-}
-
-</style>';
-
-
 if ($number_loop==0) {
 	Display::display_normal_message(get_lang('NoPendingInvitations'));
 } else {
--- a/main/social/profile.php
+++ b/main/social/profile.php
@ -7,9 +7,6 @@
 * @package dokeos.social
 */

-/**
- * Init
- */
 $language_file = array('registration','messages','userInfo','admin','forum','blog');
 $cidReset = true;
 require '../inc/global.inc.php';
@ -210,7 +207,7 @@ if (isset($_GET['u'])) {
 	$info_user=api_get_user_info(api_get_user_id());
 	$param_user='';
 }
-$_SESSION['social_user_id'] = $user_id;
+$_SESSION['social_user_id'] = intval($user_id);

 /**
 * Display
@ -333,7 +330,6 @@ echo '<div id="social-profile-wrapper">';
 					}
 				}
 			} else {
-				// No friends!! :(
 					$friend_html .= '<div class="sectiontitle">'.get_lang('Friends').'</div>';
 					$friend_html.= '<div id="friend-container" class="social-friend-container">';
 					$friend_html.= '<div id="friend-header">';
@ -470,17 +466,7 @@ echo '<div id="social-profile-container">';
    	  	echo '</div>';
    	  	
    	  	
-    	  	if (api_get_user_id() == $user_id) {
-    	  	/*	// if i'm me
-    	  		echo '<div>';
-    	  		echo Display::return_icon('email.gif');
-    	  		echo '&nbsp;<a href="../social/index.php#remote-tab-2">'.get_lang('MyInbox').'</a>&nbsp;';
-    	  		echo '</div>';
-    	  		echo '<div>';
-    	  		echo Display::return_icon('edit.gif');
-    	  		echo '&nbsp;<a href="../auth/profile.php?show=1">'.get_lang('EditInformation').'</a>&nbsp;';
-    	  		echo '</div>';*/
-    	  	} else {
+    
    	  		echo '<br/>';
    	  		echo '<div class="actions" style="margin-right:5px;">';
    	  		echo '&nbsp;<a href="/main/messages/send_message_to_userfriend.inc.php?height=365&width=610&user_friend='.$user_id.'&view=profile&view_panel=1" class="thickbox" title="'.get_lang('SendMessage').'">'.Display::return_icon('message_new.png').'&nbsp;&nbsp;'.get_lang('SendMessage').'</a><br />';
@ -496,17 +482,10 @@ echo '<div id="social-profile-container">';
    	  			}
    	  		}
 				
-				
-    	  		
    	  		echo '</div>';
-    	  	}    	  	
+     	  	
    	  	echo '<br />';

-    	  	// Send message or Add to friend links
-    	  	/*if (!$show_full_profile) {
-    	  		echo '&nbsp;&nbsp;<a href="../messages/send_message_to_userfriend.inc.php?height=365&width=610&user_friend='.$user_id.'&view=profile" class="thickbox" title="'.get_lang('SendMessage').'">'.Display::return_icon('message_new.png').'&nbsp;&nbsp;'.get_lang('SendMessage').'</a><br />';
-    	  	}*/
-
 			// Extra information

    	  	if ($show_full_profile) {
@ -707,32 +686,6 @@ echo '<div id="social-profile-container">';
 							$listInactives[] = $value;
 						}
 					}
-					/*
-					// --- Session registered
-					api_display_tool_title(get_lang('Sessions'));
-					if(count($listActives)>0) {
-						echo "<ul class=\"courseslist\">\n";
-						foreach ($listActives as $key => $value) {
-							if (!empty($value[2])) {
-								if ((isset($old_session) && $old_session != $value[2]) or ((!isset($old_session)) && isset($value[2]))) {
-									$old_session = $value[2];
-									if ($key != 0) {
-										echo '</ul>';
-									}
-									//echo '<ul class="session_box"><li class="session_box_title">'.$value[3]['title'].' '.$value[3]['dates'].'</li>';
-									echo '<ul>';
-									if ( !empty($value[3]['coach']) ) {
-										echo '<li class="session_box_coach">'.$value[3]['coach'].'</li>';
-									}
-									echo '</ul>';
-									echo '<ul class="session_course_item">';
-								}
-							}
-							echo $value[1];
-						}
-						echo '</ul>';
-					}
-					*/
 				}
 				echo '</ul><br />';
 				
@ -750,5 +703,7 @@ echo '<div id="social-profile-container">';
        echo '</div>';
    echo '</div>';
 echo '</div>'; //from the main
+
 echo '<form id="id_reload" name="id_reload" action="profile.php">&nbsp;</form>';
+
 Display :: display_footer();
--- a/main/social/show_search_image.inc.php
+++ b/main/social/show_search_image.inc.php
@ -46,14 +46,9 @@ if (count($list_path_friends)!=0) {
 				$user_info=api_get_user_info($list_friends_id[$j]);
 				$user_name=api_xml_http_response_encode(api_get_person_name($user_info['firstName'], $user_info['lastName']));
 				$friends_profile = SocialManager::get_picture_user($list_friends_id[$j], $list_friends_file[$j], 92);
-				$friend_html.='<div onMouseover="show_icon_delete(this)" onMouseout="hide_icon_delete(this)" class="image-social-content" id=div_'.$list_friends_id[$j].'>';
-				$friend_html.='<span><a href="profile.php?u='.$list_friends_id[$j].'"><center><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' id="imgfriend_'.$list_friends_id[$j].'" title="'.$user_name.'" /></center></a></span>';
-				$friend_html.='<img onclick="delete_friend (this)" id=img_'.$list_friends_id[$j].' src="../img/blank.gif" alt="" title=""  class="image-delete" /> <center class="friend">'.$user_name.'</center></div>';
-				/*
-				 * $friend_html.='&nbsp;<div onMouseover="show_icon_delete(this)" onMouseout="hide_icon_delete(this)" class="image-social-content" id=div_'.$list_friends_id[$j].' style="float:left" >
-				 * <img src="'.$list_friends_dir[$j]."/".$list_friends_file[$j].'" width="90" height="110" style="margin-left:3px ;margin-rigth:3px;margin-top:10px;margin-bottom:3px;" id="imgfriend_'.$list_friends_id[$j].'" title="'.$user_name.'" onclick="qualify_friend(this)"/>
-				 * <img onclick="delete_friend (this)" id=img_'.$list_friends_id[$j].' src="../img/blank.gif" alt="" title=""  class="image-delete" /></div>&nbsp;';
-				 */
+				$friend_html.='<div onMouseover="show_icon_delete(this)" onMouseout="hide_icon_delete(this)" class="image-social-content" id=div_'.$list_friends_id[$j].'  >
+				<span><center><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' id="imgfriend_'.$list_friends_id[$j].'" title="'.$user_name.'" onclick=load_thick(\'qualify_contact.inc.php?path_user="'.urlencode($list_friends_dir[$j].$list_friends_file[$j]).'&amp;id_user="'.$list_friends_id[$j].'"\',"") /></center></span>
+				<img onclick="delete_friend (this)" id=img_'.$list_friends_id[$j].' src="../img/blank.gif" alt="" title=""  class="image-delete" /> <center class="friend">'.$user_name.'</center></div>';
 			}
 			$j++;
 		}
--- a/main/work/work.php
+++ b/main/work/work.php
@ -1486,11 +1486,13 @@ if (!$display_upload_form && !$display_tool_options) {
 			echo $form_filter;
 			
 		}
-		if(!empty($publication['description'])){
-			echo '<br /><b>'.get_lang('Description').'</b>&nbsp;&nbsp;'.$publication['description'].'<br /><br />';
-		}
-
 	}
+	if(!empty($publication['description'])){
+			echo '<div class="actions">';
+			echo '<br /><b>'.get_lang('Description').':</b>&nbsp;&nbsp;'.$publication['description'].'<br /><br />';
+			echo '</div>';
+	}
+	
 	display_student_publications_list($base_work_dir . '/' . $my_cur_dir_path, 'work/' . $my_cur_dir_path, $currentCourseRepositoryWeb, $link_target_parameter, $dateFormatLong, $origin,$add_query);
 	

--- a/user_portal.php
+++ b/user_portal.php
@ -1337,54 +1337,7 @@ if (isset($toolsList) and is_array($toolsList) and isset($digest)) {
 if ($show_menu) {
 	echo '<div class="menusection">';
 	echo '<span class="menusectioncaption">'.get_lang('MenuUser').'</span>';
-	
-	//user image
-	//	@todo add a platform setting to add the user image
-	if (api_get_setting('allow_social_tool')=='true') {
-		$img_array= UserManager::get_user_picture_path_by_id(api_get_user_id(),'web',true,true);
-		$img_array = UserManager::get_picture_user(api_get_user_id(), $img_array['file'], 92, 'medium_', ' width="90" height="90" ');
-		echo '<div id="social_widget" style="">';
-			echo '<a href="'.api_get_path(WEB_PATH).'main/social/profile.php"><img src="'.$img_array['file'].'" '.$img_array['style'].' border="1"></a>';
-		/*
-		if (api_get_setting('allow_message_tool') == 'true') {
-			require_once api_get_path(LIBRARY_PATH).'message.lib.php';
-			require_once api_get_path(LIBRARY_PATH).'social.lib.php';
-			
-			$number_of_new_messages		= MessageManager::get_new_messages();
-			$number_of_outbox_message	= MessageManager::get_number_of_messages_sent();
-			$cant_out_box = ' ('.$number_of_outbox_message.')';
-			$cant_msg = ' ('.$number_of_new_messages.')';
-			$number_of_new_messages_of_friend = SocialManager::get_message_number_invitation_by_user_id(api_get_user_id());
-			//echo '<div class="message-view" style="display:none;">'.get_lang('ViewMessages').'</div>';
-			echo '<div class="message-content">
-					<h2 class="message-title">'.get_lang('Messages').'</h2>
-					<p>
-						<a href="../social/index.php#remote-tab-2" class="message-body">'.get_lang('Inbox').$cant_msg.' </a><br />
-						<a href="../social/index.php#remote-tab-3" class="message-body">'.get_lang('Outbox').$cant_out_box.'</a><br />
-					</p>';
 		
-			//if (api_get_setting('allow_social_tool') == 'true') {
-			//	 if ($number_of_new_messages_of_friend > 0) {
-			//		echo '<div class="message-content-internal">';
-			//		echo '<a href="../social/index.php#remote-tab-4" style="color:#000000">'. Display::return_icon('info3.gif', get_lang('NewMessage'), 'align="absmiddle"').'&nbsp;'.get_lang('Invitation ').'('.$number_of_new_messages_of_friend.')'.'</a>';
-			//		echo '</div><br />';
-			//	 }
-			// }
-			echo '<img src="'.api_get_path(WEB_IMG_PATH).'delete.gif" alt="'.get_lang('Close').'" title="'.get_lang('Close').'"  class="message-delete" />';
-			if ($number_of_new_messages_of_friend > 0) {
-				echo '<br />';
-			}
-			echo '</div>';
-		}
-		*/
-		echo '</div><br />';
-				
-	
-	}  
-	
-
-	
-	
 	echo '<ul class="menulist">';
 	if ($show_create_link) {
 		display_create_course_link();
--- a/whoisonline.php
+++ b/whoisonline.php
@ -119,77 +119,69 @@ if ($_GET['chatid'] != '') {
 */
 function display_user_list($user_list, $_plugins) {
 	global $charset;
-	if ($_GET['id'] == '') {
+	if ($_GET["id"]=='') {
 		$extra_params = array();
 		$course_url = '';
-		if (strlen($_GET['cidReq']) > 0) {
+		if(strlen($_GET['cidReq']) > 0) {
 			$extra_params['cidReq'] = Security::remove_XSS($_GET['cidReq']);
 			$course_url = '&amp;cidReq='.Security::remove_XSS($_GET['cidReq']);
-		}
-		
+		}		
 		foreach ($user_list as $user) {
-			$uid = $user[0];
+			$uid=$user[0];
 			$user_info = api_get_user_info($uid);
 			$table_row = array();
-			if (api_get_setting('allow_social_tool')=='true') {
-				$url = api_get_path(WEB_PATH).'main/social/profile.php?u='.$uid.$course_url;
-			} else {
-				$url = '?id='.$uid.$course_url;
-			}
-			$image_array = UserManager::get_user_picture_path_by_id($uid, 'system', false, true);
-
-			$friends_profile = SocialManager::get_picture_user($uid, $image_array['file'], 92, 'medium_', ' width="90" height="90" ');
-			// reduce image
-			$name = api_get_person_name($user_info['firstName'], $user_info['lastName']);
-			$table_row[] = '<a href="'.$url.'"><img title = "'.$name.'" alt="'.$name.'" src="'.$friends_profile['file'].'" '.$friends_profile['style'].' border="1"></a>';
-			$table_row[] = '<a href="'.$url.'" style="font-size:10px;">'.api_get_person_name($user_info['firstName'], $user_info['lastName']).'</a>';
-
+			$url = '?id='.$uid.$course_url;
+            $image_array=UserManager::get_user_picture_path_by_id($uid,'system',false,true);
+            
+            $friends_profile = SocialManager::get_picture_user($uid, $image_array['file'], 92, 'medium_', ' width="90" height="90" ');
+            //reduce image
+            $table_row[] = '<center><a href="'.$url.'"><img src="'.$friends_profile['file'].'" '.$friends_profile['style'].' border="1"></a></center>';
+			$table_row[] = '<a href="'.$url.'">'.$user_info['firstName'].' '.$user_info['lastName'].'</a>';
+			
 			//$table_row[] = '<a href="'.$url.'">'.$user_info['lastName'].'</a>';
-
+			
 			if (api_get_setting('show_email_addresses') == 'true') {
 				$table_row[] = Display::encrypted_mailto_link($user_info['mail']);
 			}
-			$user_anonymous = api_get_anonymous_id();
-			/*
-			if (api_get_setting('allow_social_tool') == 'true' && api_get_user_id() <> $user_anonymous && api_get_user_id() <> 0) {
+			$user_anonymous=api_get_anonymous_id();
+			if (api_get_setting('allow_social_tool')=='true' && api_get_user_id()<>$user_anonymous && api_get_user_id()<>0) {
 				if ($user_info['user_id'] != api_get_user_id() && !api_is_anonymous($user_info['user_id'])) {
-					$user_relation = UserFriend::get_relation_between_contacts(api_get_user_id(), $user_info['user_id']);
-					// not in my contacts
-					if ($user_relation == 0 || $user_relation == 6) {
-						$table_row[] = '<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=2&height=300&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendInvitation').'">'.Display :: return_icon('add_multiple_users.gif', get_lang('SocialInvitationToFriends')).'&nbsp;'.get_lang('SendInvitation').'</a><br />
-									<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=1&height=310&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendAMessage').'">'.Display :: return_icon('mail_send.png', get_lang('SendAMessage')).'&nbsp;'.get_lang('SendAMessage').'</a>';
+					$user_relation=SocialManager::get_relation_between_contacts(api_get_user_id(),$user_info['user_id']);
+					if ($user_relation==0 || $user_relation==6) {
+						$table_row[] = '<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=2&height=365&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendInvitation').'">'.Display :: return_icon('add_multiple_users.gif', get_lang('SocialInvitationToFriends')).'&nbsp;'.get_lang('SendInvitation').'</a><br />
+										<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=1&height=365&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendAMessage').'">'.Display :: return_icon('mail_send.png', get_lang('SendAMessage')).'&nbsp;'.get_lang('SendAMessage').'</a>';
 					} else {
-						$table_row[] = '<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=1&height=310&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendAMessage').'">'.Display :: return_icon('mail_send.png', get_lang('SendAMessage')).'&nbsp;'.get_lang('SendAMessage').'</a>';
-					}
+						$table_row[] = '<a href="main/messages/send_message_to_userfriend.inc.php?view_panel=1&height=365&width=610&user_friend='.$user_info['user_id'].'" class="thickbox" title="'.get_lang('SendAMessage').'">'.Display :: return_icon('mail_send.png', get_lang('SendAMessage')).'&nbsp;'.get_lang('SendAMessage').'</a>';
+					}				
 				}
 			}
-			*/
 			$table_data[] = $table_row;
 		}
-		$table_header[] = array(get_lang('UserPicture'), false, 'width="90"');
-		$table_header[] = array(get_lang('Name'), true);
-		//$table_header[] = array(get_lang('LastName'), true);
-
+		$table_header[] = array(get_lang('UserPicture'),false,'width="90"');
+		$table_header[] = array(get_lang('Name'),true);
+		//$table_header[] = array(get_lang('LastName'),true);
+		
 		if (api_get_setting('show_email_addresses') == 'true') {
-			$table_header[] = array(get_lang('Email'), true);
-		}
-		$user_anonymous = api_get_anonymous_id();
-		if (api_get_setting('allow_social_tool') == 'true' && api_get_user_id() <> $user_anonymous && api_get_user_id() <> 0) {
-			$table_header[] = array(get_lang('Friends'), false, 'width="200"');
+			$table_header[] = array(get_lang('Email'),true);
 		}
+		$user_anonymous=api_get_anonymous_id();
+		if (api_get_setting('allow_social_tool')=='true' && api_get_user_id()<>$user_anonymous && api_get_user_id()<>0) {
+			$table_header[] = array(get_lang('Friends'),false,'width="200"');
+		}		
 		/*this feature is deprecated
-		if (api_get_setting('allow_message_tool') == 'true' && isset($_SESSION['_user'])) {
-			$table_header[] = array(get_lang('SendMessage'), true);
+		if ( api_get_setting('allow_message_tool')=='true' && isset($_SESSION['_user'])) {
+			$table_header[] = array(get_lang('SendMessage'),true);
 		}
 		*/
-		$sorting_options['column'] = (isset($_GET['column']) ? (int)$_GET['column'] : 2);
-		/*if (api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true') {
+		$sorting_options['column'] = (isset ($_GET['column']) ? (int)$_GET['column'] : 2);
+		/*if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true' ) {			
 			//send_invitation_friend_user();
-			echo '<div align="right"><input type="button" name="id_btn_send_invitation" id="id_btn_send_invitation" value="'.get_lang('SendInviteMessage').'"/></div>';
+			echo '<div align="right"><input type="button" name="id_btn_send_invitation" id="id_btn_send_invitation" value="'.get_lang('SendInviteMessage').'"/></div>';			
 			echo '<form action="whoisonline.php" name="form_register_friend" id="form_register_friend" method="post">';
 		}*/
-		Display::display_sortable_table($table_header, $table_data, $sorting_options, array('per_page' => 30), $extra_params,array(),'grid');
-		/*if (api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true' ) {
+		
+		Display::display_sortable_table($table_header,$table_data,$sorting_options,array('per_page_default'=>count($table_data)),$extra_params);		
+		/*if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool')=='true' ) {
 			echo '</form>';
 		}*/
 	}
@ -370,8 +362,7 @@ if ((api_get_setting('showonline', 'world') == 'true' && !$_user['user_id']) ||
 	}

 	if ($user_list) {
-		if (!isset($_GET['id'])) {
-			echo UserManager::get_search_form($_GET['q']);
+		if (!isset($_GET['id'])) {			
 			display_user_list($user_list, $_plugins);
 		} else {
 			//individual user information - also displays header info