new_message.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * @package chamilo.messages
  5. */
  6. /**
  7. * This script shows a compose area (wysiwyg editor if supported, otherwise
  8. * a simple textarea) where the user can type a message.
  9. * There are three modes
  10. * - standard: type a message, select a user to send it to, press send
  11. * - reply on message (when pressing reply when viewing a message)
  12. * - send to specific user (when pressing send message in the who is online list).
  13. */
  14. $cidReset = true;
  15. require_once __DIR__.'/../inc/global.inc.php';
  16. api_block_anonymous_users();
  17. if (api_get_setting('allow_message_tool') !== 'true') {
  18. api_not_allowed(true);
  19. }
  20. $logInfo = [
  21. 'tool' => 'Messages',
  22. 'tool_id' => 0,
  23. 'tool_id_detail' => 0,
  24. 'action' => 'new_message',
  25. 'action_details' => isset($_GET['re_id']) ? 're_id' : '',
  26. ];
  27. Event::registerLog($logInfo);
  28. $allowSocial = api_get_setting('allow_social_tool') == 'true';
  29. $nameTools = api_xml_http_response_encode(get_lang('Messages'));
  30. $htmlHeadXtra[] = '<script>
  31. var counter_image = 1;
  32. function add_image_form() {
  33. // Multiple filepaths for image form
  34. var filepaths = document.getElementById("file_uploads");
  35. if (document.getElementById("filepath_"+counter_image)) {
  36. counter_image = counter_image + 1;
  37. } else {
  38. counter_image = counter_image;
  39. }
  40. var elem1 = document.createElement("div");
  41. elem1.setAttribute("id","filepath_"+counter_image);
  42. filepaths.appendChild(elem1);
  43. id_elem1 = "filepath_"+counter_image;
  44. id_elem1 = "\'"+id_elem1+"\'";
  45. document.getElementById("filepath_"+counter_image).innerHTML = "<div class=\"form-group\" ><label class=\"col-sm-4\">'.get_lang('FilesAttachment').'</label><input class=\"col-sm-8\" type=\"file\" name=\"attach_"+counter_image+"\" /></div><div class=\"form-group\" ><label class=\"col-sm-4\">'.get_lang('Description').'</label><div class=\"col-sm-8\"><input style=\"width:100%\" type=\"text\" name=\"legend[]\" /></div></div>";
  46. if (filepaths.childNodes.length == 6) {
  47. var link_attach = document.getElementById("link-more-attach");
  48. if (link_attach) {
  49. link_attach.innerHTML="";
  50. }
  51. }
  52. }
  53. </script>';
  54. $nameTools = get_lang('ComposeMessage');
  55. $tpl = new Template(get_lang('ComposeMessage'));
  56. /**
  57. * Shows the compose area + a list of users to select from.
  58. */
  59. function show_compose_to_any($tpl)
  60. {
  61. $default['user_list'] = 0;
  62. $html = manageForm($default, null, null, $tpl);
  63. return $html;
  64. }
  65. function show_compose_reply_to_message($message_id, $receiver_id, $tpl)
  66. {
  67. $table = Database::get_main_table(TABLE_MESSAGE);
  68. $receiver_id = (int) $receiver_id;
  69. $message_id = (int) $message_id;
  70. $query = "SELECT user_sender_id
  71. FROM $table
  72. WHERE user_receiver_id = ".$receiver_id." AND id = ".$message_id;
  73. $result = Database::query($query);
  74. $row = Database::fetch_array($result, 'ASSOC');
  75. $userInfo = api_get_user_info($row['user_sender_id']);
  76. if (empty($row['user_sender_id']) || empty($userInfo)) {
  77. $html = get_lang('InvalidMessageId');
  78. return $html;
  79. }
  80. $default['users'] = [$row['user_sender_id']];
  81. $html = manageForm($default, null, $userInfo['complete_name_with_username'], $tpl);
  82. return $html;
  83. }
  84. function show_compose_to_user($receiver_id, $tpl)
  85. {
  86. $userInfo = api_get_user_info($receiver_id);
  87. $html = get_lang('To').':&nbsp;<strong>'.$userInfo['complete_name'].'</strong>';
  88. $default['title'] = api_xml_http_response_encode(get_lang('EnterTitle'));
  89. $default['users'] = [$receiver_id];
  90. $html .= manageForm($default, null, '', $tpl);
  91. return $html;
  92. }
  93. /**
  94. * @param $default
  95. * @param null $select_from_user_list
  96. * @param string $sent_to
  97. * @param Template $tpl
  98. *
  99. * @return string
  100. */
  101. function manageForm($default, $select_from_user_list = null, $sent_to = '', $tpl = null)
  102. {
  103. $group_id = isset($_REQUEST['group_id']) ? (int) $_REQUEST['group_id'] : null;
  104. $message_id = isset($_GET['message_id']) ? (int) $_GET['message_id'] : null;
  105. $form = new FormValidator(
  106. 'compose_message',
  107. null,
  108. api_get_self(),
  109. null,
  110. ['enctype' => 'multipart/form-data']
  111. );
  112. if (empty($group_id)) {
  113. if (isset($select_from_user_list)) {
  114. $form->addText(
  115. 'id_text_name',
  116. get_lang('SendMessageTo'),
  117. true,
  118. [
  119. 'id' => 'id_text_name',
  120. 'onkeyup' => 'send_request_and_search()',
  121. 'autocomplete' => 'off',
  122. ]
  123. );
  124. $form->addRule('id_text_name', get_lang('ThisFieldIsRequired'), 'required');
  125. $form->addElement('html', '<div id="id_div_search" style="padding:0px" class="message-select-box" >&nbsp;</div>');
  126. $form->addElement('hidden', 'user_list', 0, ['id' => 'user_list']);
  127. } else {
  128. if (!empty($sent_to)) {
  129. $form->addLabel(get_lang('SendMessageTo'), $sent_to);
  130. }
  131. if (empty($default['users'])) {
  132. //fb select
  133. $form->addElement(
  134. 'select_ajax',
  135. 'users',
  136. get_lang('SendMessageTo'),
  137. [],
  138. [
  139. 'multiple' => 'multiple',
  140. 'url' => api_get_path(WEB_AJAX_PATH).'message.ajax.php?a=find_users',
  141. ]
  142. );
  143. } else {
  144. $form->addElement('hidden', 'hidden_user', $default['users'][0], ['id' => 'hidden_user']);
  145. }
  146. }
  147. } else {
  148. $userGroup = new UserGroup();
  149. $group_info = $userGroup->get($group_id);
  150. $form->addElement('label', get_lang('ToGroup'), api_xml_http_response_encode($group_info['name']));
  151. $form->addElement('hidden', 'group_id', $group_id);
  152. $form->addElement('hidden', 'parent_id', $message_id);
  153. }
  154. $form->addText('title', get_lang('Subject'), true);
  155. $form->addHtmlEditor(
  156. 'content',
  157. get_lang('Message'),
  158. false,
  159. false,
  160. ['ToolbarSet' => 'Messages', 'Width' => '100%', 'Height' => '250', 'style' => true]
  161. );
  162. if (isset($_GET['re_id'])) {
  163. $message_reply_info = MessageManager::get_message_by_id($_GET['re_id']);
  164. $default['title'] = get_lang('MailSubjectReplyShort').' '.Security::remove_XSS($message_reply_info['title']);
  165. $form->addHidden('re_id', (int) $_GET['re_id']);
  166. $form->addHidden('save_form', 'save_form');
  167. // Adding reply mail
  168. $user_reply_info = api_get_user_info($message_reply_info['user_sender_id']);
  169. $default['content'] = '<p><br/></p>'.sprintf(
  170. get_lang('XWroteY'),
  171. $user_reply_info['complete_name'],
  172. Security::filter_terms($message_reply_info['content'])
  173. );
  174. }
  175. if (isset($_GET['forward_id'])) {
  176. $forwardId = (int) $_GET['forward_id'];
  177. $message_reply_info = MessageManager::get_message_by_id($forwardId);
  178. $attachments = MessageManager::getAttachmentLinkList($forwardId);
  179. if (!empty($attachments)) {
  180. $fileListToString = !empty($attachments) ? implode('<br />', $attachments) : '';
  181. $form->addLabel('', $fileListToString);
  182. }
  183. $default['title'] = '['.get_lang('MailSubjectForwardShort').": ".Security::remove_XSS($message_reply_info['title']).']';
  184. $form->addHidden('forward_id', $forwardId);
  185. $form->addHidden('save_form', 'save_form');
  186. $receiverInfo = api_get_user_info($message_reply_info['user_receiver_id']);
  187. $forwardMessage = '---------- '.get_lang('ForwardedMessage').' ---------'.'<br />';
  188. $forwardMessage .= get_lang('Date').': '.api_get_local_time($message_reply_info['send_date']).'<br />';
  189. $forwardMessage .= get_lang('Subject').': '.Security::remove_XSS($message_reply_info['title']).'<br />';
  190. $forwardMessage .= get_lang('To').': '.$receiverInfo['complete_name'].' - '.$receiverInfo['email'].' <br />';
  191. $default['content'] = '<p><br/></p>'.$forwardMessage.'<br />'.Security::filter_terms($message_reply_info['content']);
  192. }
  193. if (empty($group_id)) {
  194. $form->addLabel(
  195. '',
  196. '<div id="file_uploads"><div id="filepath_1">
  197. <div id="filepaths" class="form-horizontal">
  198. <div id="paths-file" class="form-group">
  199. <label class="col-sm-4">'.get_lang('FilesAttachment').'</label>
  200. <input class="col-sm-8" type="file" name="attach_1"/>
  201. </div>
  202. </div>
  203. <div id="paths-description" class="form-group">
  204. <label class="col-sm-4">'.get_lang('Description').'</label>
  205. <div class="col-sm-8">
  206. <input id="file-descrtiption" class="form-control" type="text" name="legend[]" />
  207. </div>
  208. </div>
  209. </div>
  210. </div>'
  211. );
  212. $form->addLabel(
  213. '',
  214. '<span id="link-more-attach"><a class="btn btn-default" href="javascript://" onclick="return add_image_form()">'.
  215. get_lang('AddOneMoreFile').'</a></span>&nbsp;('.
  216. sprintf(
  217. get_lang('MaximunFileSizeX'),
  218. format_file_size(api_get_setting('message_max_upload_filesize'))
  219. ).')'
  220. );
  221. }
  222. $form->addLabel(
  223. '',
  224. '<iframe
  225. frameborder="0" height="200" width="100%" scrolling="no"
  226. src="'.api_get_path(WEB_CODE_PATH).'messages/record_audio.php"></iframe>'
  227. );
  228. $form->addButtonSend(get_lang('SendMessage'), 'compose');
  229. $form->setRequiredNote('<span class="form_required">*</span> <small>'.get_lang('ThisFieldIsRequired').'</small>');
  230. if (!empty($group_id) && !empty($message_id)) {
  231. $message_info = MessageManager::get_message_by_id($message_id);
  232. $default['title'] = get_lang('MailSubjectReplyShort')." ".$message_info['title'];
  233. }
  234. $form->setDefaults($default);
  235. $html = '';
  236. if ($form->validate()) {
  237. $check = Security::check_token('post');
  238. $disabled = api_get_configuration_value('disable_token_in_new_message');
  239. if ($disabled) {
  240. $check = true;
  241. }
  242. if ($check) {
  243. $user_list = $default['users'];
  244. $file_comments = $_POST['legend'];
  245. $title = $default['title'];
  246. $content = $default['content'];
  247. $group_id = isset($default['group_id']) ? $default['group_id'] : null;
  248. $parent_id = isset($default['parent_id']) ? $default['parent_id'] : null;
  249. $forwardId = isset($_POST['forward_id']) ? $_POST['forward_id'] : false;
  250. if (is_array($user_list) && count($user_list) > 0) {
  251. // All is well, send the message
  252. foreach ($user_list as $userId) {
  253. $res = MessageManager::send_message(
  254. $userId,
  255. $title,
  256. $content,
  257. $_FILES,
  258. $file_comments,
  259. $group_id,
  260. $parent_id,
  261. 0,
  262. 0,
  263. null,
  264. false,
  265. $forwardId,
  266. [],
  267. true
  268. );
  269. if ($res) {
  270. $userInfo = api_get_user_info($userId);
  271. Display::addFlash(Display::return_message(
  272. get_lang('MessageSentTo')."&nbsp;<b>".$userInfo['complete_name_with_username']."</b>",
  273. 'confirmation',
  274. false
  275. ));
  276. }
  277. }
  278. MessageManager::cleanAudioMessage();
  279. } else {
  280. Display::addFlash(Display::return_message('ErrorSendingMessage', 'error'));
  281. }
  282. }
  283. Security::clear_token();
  284. header('Location: '.api_get_path(WEB_PATH).'main/messages/inbox.php');
  285. exit;
  286. } else {
  287. $token = Security::get_token();
  288. $form->addElement('hidden', 'sec_token');
  289. $form->setConstants(['sec_token' => $token]);
  290. $html .= $form->returnForm();
  291. }
  292. return $html;
  293. }
  294. if ($allowSocial) {
  295. $this_section = SECTION_SOCIAL;
  296. $interbreadcrumb[] = [
  297. 'url' => api_get_path(WEB_PATH).'main/social/home.php',
  298. 'name' => get_lang('SocialNetwork'),
  299. ];
  300. } else {
  301. $this_section = SECTION_MYPROFILE;
  302. $interbreadcrumb[] = [
  303. 'url' => api_get_path(WEB_PATH).'main/auth/profile.php',
  304. 'name' => get_lang('Profile'),
  305. ];
  306. }
  307. $interbreadcrumb[] = [
  308. 'url' => api_get_path(WEB_PATH).'main/messages/inbox.php',
  309. 'name' => get_lang('Messages'),
  310. ];
  311. $group_id = isset($_REQUEST['group_id']) ? (int) $_REQUEST['group_id'] : 0;
  312. $social_right_content = null;
  313. if ($group_id != 0) {
  314. $social_right_content .= '<div class=actions>';
  315. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/social/group_view.php?id='.$group_id.'">'.
  316. Display::return_icon('back.png', api_xml_http_response_encode(get_lang('ComposeMessage'))).'</a>';
  317. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/new_message.php?group_id='.$group_id.'">'.
  318. Display::return_icon('message_new.png', api_xml_http_response_encode(get_lang('ComposeMessage'))).'</a>';
  319. $social_right_content .= '</div>';
  320. } else {
  321. if ($allowSocial) {
  322. } else {
  323. $social_right_content .= '<div class=actions>';
  324. if (api_get_setting('allow_message_tool') === 'true') {
  325. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/new_message.php">'.
  326. Display::return_icon('message_new.png', get_lang('ComposeMessage')).'</a>';
  327. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php">'.
  328. Display::return_icon('inbox.png', get_lang('Inbox')).'</a>';
  329. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/outbox.php">'.
  330. Display::return_icon('outbox.png', get_lang('Outbox')).'</a>';
  331. }
  332. $social_right_content .= '</div>';
  333. }
  334. }
  335. // LEFT COLUMN
  336. $social_left_content = '';
  337. if ($allowSocial) {
  338. // Block Social Menu
  339. $social_menu_block = SocialManager::show_social_menu('messages');
  340. $social_right_content .= '<div class="row">';
  341. $social_right_content .= '<div class="col-md-12">';
  342. $social_right_content .= '<div class="actions">';
  343. $social_right_content .= '<a href="'.api_get_path(WEB_PATH).'main/messages/inbox.php">'.
  344. Display::return_icon('back.png', get_lang('Back'), [], 32).'</a>';
  345. $social_right_content .= '</div>';
  346. $social_right_content .= '</div>';
  347. $social_right_content .= '<div class="col-md-12">';
  348. }
  349. // MAIN CONTENT
  350. if (!isset($_POST['compose'])) {
  351. if (isset($_GET['re_id'])) {
  352. $social_right_content .= show_compose_reply_to_message(
  353. $_GET['re_id'],
  354. api_get_user_id(),
  355. $tpl
  356. );
  357. } elseif (isset($_GET['send_to_user'])) {
  358. $social_right_content .= show_compose_to_user($_GET['send_to_user'], $tpl);
  359. } else {
  360. $social_right_content .= show_compose_to_any($tpl);
  361. }
  362. } else {
  363. $restrict = false;
  364. if (isset($_POST['users'])) {
  365. $restrict = true;
  366. } elseif (isset($_POST['group_id'])) {
  367. $restrict = true;
  368. } elseif (isset($_POST['hidden_user'])) {
  369. $restrict = true;
  370. }
  371. $default['title'] = $_POST['title'];
  372. $default['content'] = $_POST['content'];
  373. // comes from a reply button
  374. if (isset($_GET['re_id']) || isset($_GET['forward_id'])) {
  375. $social_right_content .= manageForm($default, null, null, $tpl);
  376. } else {
  377. // post
  378. if ($restrict) {
  379. if (!isset($_POST['group_id'])) {
  380. $default['users'] = isset($_POST['users']) ? $_POST['users'] : null;
  381. } else {
  382. $default['group_id'] = (int) $_POST['group_id'];
  383. }
  384. if (isset($_POST['hidden_user'])) {
  385. $default['users'] = [$_POST['hidden_user']];
  386. }
  387. $social_right_content .= manageForm($default, null, null, $tpl);
  388. } else {
  389. $social_right_content .= Display::return_message(get_lang('ErrorSendingMessage'), 'error');
  390. }
  391. }
  392. }
  393. if ($allowSocial) {
  394. $social_right_content .= '</div>';
  395. $social_right_content .= '</div>';
  396. }
  397. // Block Social Avatar
  398. SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'messages');
  399. MessageManager::cleanAudioMessage();
  400. if ($allowSocial) {
  401. $tpl->assign('social_menu_block', $social_menu_block);
  402. $tpl->assign('social_right_content', $social_right_content);
  403. $social_layout = $tpl->get_template('social/inbox.tpl');
  404. $tpl->display($social_layout);
  405. } else {
  406. $content = $social_right_content;
  407. $tpl->assign('content', $content);
  408. $tpl->display_one_col_template();
  409. }