message.ajax.php 6.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Responses to AJAX calls
  5. */
  6. $language_file = array('messages','userInfo');
  7. require_once '../global.inc.php';
  8. $action = $_GET['a'];
  9. switch ($action) {
  10. case 'send_message':
  11. $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : null;
  12. $result = MessageManager::send_message($_REQUEST['user_id'], $subject, $_REQUEST['content']);
  13. if ($result) {
  14. echo Display::display_confirmation_message(get_lang('MessageHasBeenSent'));
  15. } else {
  16. echo Display::display_error_message(get_lang('ErrorSendingMessage'));
  17. }
  18. break;
  19. case 'send_invitation':
  20. $subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : null;
  21. SocialManager::send_invitation_friend_user($_REQUEST['user_id'], $subject, $_REQUEST['content']);
  22. break;
  23. case 'find_users':
  24. if (api_is_anonymous()) {
  25. echo '';
  26. break;
  27. }
  28. $track_online_table = Database::get_statistic_table(TABLE_STATISTIC_TRACK_E_ONLINE);
  29. $tbl_my_user = Database::get_main_table(TABLE_MAIN_USER);
  30. $tbl_my_user_friend = Database::get_main_table(TABLE_MAIN_USER_REL_USER);
  31. $tbl_user = Database::get_main_table(TABLE_MAIN_USER);
  32. $tbl_access_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
  33. $search = Database::escape_string($_REQUEST['tag']);
  34. $access_url_id = api_get_multiple_access_url() == 'true' ? api_get_current_access_url_id() : 1;
  35. $user_id = api_get_user_id();
  36. $is_western_name_order = api_is_western_name_order();
  37. $likeCondition = " AND (firstname LIKE '%$search%' OR lastname LIKE '%$search%' OR email LIKE '%$search%') ";
  38. if (api_get_setting('allow_social_tool')=='true' && api_get_setting('allow_message_tool') == 'true') {
  39. // All users
  40. if (api_get_setting('allow_send_message_to_all_platform_users') == 'true' || api_is_platform_admin() ) {
  41. if ($access_url_id != 0) {
  42. $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  43. FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id
  44. WHERE
  45. u.status <> 6 AND
  46. u.user_id <> $user_id AND
  47. r.access_url_id = $access_url_id
  48. $likeCondition ";
  49. } else {
  50. $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  51. FROM $tbl_user u
  52. WHERE
  53. u.status <> 6 AND
  54. u.user_id <> $user_id
  55. $likeCondition ";
  56. }
  57. } else {
  58. //only my contacts
  59. if ($access_url_id != 0) {
  60. $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  61. FROM $tbl_access_url_rel_user r, $tbl_my_user_friend uf
  62. INNER JOIN $tbl_my_user AS u
  63. ON uf.friend_user_id = u.user_id
  64. WHERE
  65. u.status <> 6 AND
  66. relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND
  67. uf.user_id = $user_id AND
  68. friend_user_id <> $user_id AND
  69. u.user_id = r.user_id AND
  70. r.access_url_id = $access_url_id
  71. $likeCondition";
  72. } else {
  73. $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  74. FROM $tbl_my_user_friend uf
  75. INNER JOIN $tbl_my_user AS u
  76. ON uf.friend_user_id = u.user_id
  77. WHERE
  78. u.status <> 6 AND
  79. relation_type NOT IN(".USER_RELATION_TYPE_DELETED.", ".USER_RELATION_TYPE_RRHH.") AND
  80. uf.user_id = $user_id AND
  81. friend_user_id <> $user_id
  82. $likeCondition";
  83. }
  84. }
  85. } elseif (api_get_setting('allow_social_tool')=='false' && api_get_setting('allow_message_tool')=='true') {
  86. if (api_get_setting('allow_send_message_to_all_platform_users') == 'true') {
  87. $sql = "SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  88. FROM $tbl_user u LEFT JOIN $tbl_access_url_rel_user r ON u.user_id = r.user_id
  89. WHERE
  90. u.status <> 6 AND
  91. u.user_id <> $user_id AND
  92. r.access_url_id = $access_url_id
  93. $likeCondition ";
  94. } else {
  95. $time_limit = api_get_setting('time_limit_whosonline');
  96. $online_time = time() - $time_limit*60;
  97. $limit_date = api_get_utc_datetime($online_time);
  98. $sql = "SELECT SELECT DISTINCT u.user_id as id, u.firstname, u.lastname, u.email
  99. FROM $tbl_my_user u INNER JOIN $track_online_table t
  100. ON u.user_id=t.login_user_id
  101. WHERE login_date >= '".$limit_date."' AND
  102. $likeCondition";
  103. }
  104. }
  105. $sql .=' LIMIT 20';
  106. $result = Database::query($sql);
  107. $showEmail = api_get_setting('show_email_addresses');
  108. $return = array();
  109. if (Database::num_rows($result) > 0) {
  110. while ($row = Database::fetch_array($result, 'ASSOC')) {
  111. $name = api_get_person_name($row['firstname'], $row['lastname']);
  112. if ($showEmail == 'true') {
  113. $name .= ' ('.$row['email'].')';
  114. }
  115. $return[] = array(
  116. 'caption' => $name,
  117. 'value' => $row['id']
  118. );
  119. }
  120. }
  121. echo json_encode($return);
  122. break;
  123. default:
  124. echo '';
  125. }
  126. exit;