new_message.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * @package chamilo.messages
  5. */
  6. /**
  7. * This script shows a compose area (wysiwyg editor if supported, otherwise
  8. * a simple textarea) where the user can type a message.
  9. * There are three modes
  10. * - standard: type a message, select a user to send it to, press send
  11. * - reply on message (when pressing reply when viewing a message)
  12. * - send to specific user (when pressing send message in the who is online list).
  13. */
  14. $cidReset = true;
  15. require_once __DIR__.'/../inc/global.inc.php';
  16. api_block_anonymous_users();
  17. if (api_get_setting('allow_message_tool') !== 'true') {
  18. api_not_allowed(true);
  19. }
  20. $logInfo = [
  21. 'tool' => 'Messages',
  22. 'action' => 'new_message',
  23. 'action_details' => isset($_GET['re_id']) ? 're_id' : '',
  24. ];
  25. Event::registerLog($logInfo);
  26. $allowSocial = api_get_setting('allow_social_tool') === 'true';
  27. $nameTools = api_xml_http_response_encode(get_lang('Messages'));
  28. $htmlHeadXtra[] = '<script>
  29. var counter_image = 1;
  30. function add_image_form() {
  31. // Multiple filepaths for image form
  32. var filepaths = document.getElementById("file_uploads");
  33. if (document.getElementById("filepath_"+counter_image)) {
  34. counter_image = counter_image + 1;
  35. } else {
  36. counter_image = counter_image;
  37. }
  38. var elem1 = document.createElement("div");
  39. elem1.setAttribute("id","filepath_"+counter_image);
  40. filepaths.appendChild(elem1);
  41. id_elem1 = "filepath_"+counter_image;
  42. id_elem1 = "\'"+id_elem1+"\'";
  43. document.getElementById("filepath_"+counter_image).innerHTML = "<div class=\"form-group\" ><label class=\"col-sm-4\">'.get_lang('Files attachments').'</label><input class=\"col-sm-8\" type=\"file\" name=\"attach_"+counter_image+"\" /></div><div class=\"form-group\" ><label class=\"col-sm-4\">'.get_lang('Description').'</label><div class=\"col-sm-8\"><input style=\"width:100%\" type=\"text\" name=\"legend[]\" /></div></div>";
  44. if (filepaths.childNodes.length == 6) {
  45. var link_attach = document.getElementById("link-more-attach");
  46. if (link_attach) {
  47. link_attach.innerHTML="";
  48. }
  49. }
  50. }
  51. </script>';
  52. $nameTools = get_lang('Compose message');
  53. $tpl = new Template(get_lang('Compose message'));
  54. /**
  55. * Shows the compose area + a list of users to select from.
  56. */
  57. function show_compose_to_any($tpl)
  58. {
  59. $default['user_list'] = 0;
  60. $html = manageForm($default, null, null, $tpl);
  61. return $html;
  62. }
  63. function show_compose_reply_to_message($message_id, $receiver_id, $tpl)
  64. {
  65. $table = Database::get_main_table(TABLE_MESSAGE);
  66. $receiver_id = (int) $receiver_id;
  67. $message_id = (int) $message_id;
  68. $query = "SELECT user_sender_id
  69. FROM $table
  70. WHERE user_receiver_id = ".$receiver_id." AND id = ".$message_id;
  71. $result = Database::query($query);
  72. $row = Database::fetch_array($result, 'ASSOC');
  73. $userInfo = api_get_user_info($row['user_sender_id']);
  74. if (empty($row['user_sender_id']) || empty($userInfo)) {
  75. $html = get_lang('The id of the message to reply to is not valid.');
  76. return $html;
  77. }
  78. $default['users'] = [$row['user_sender_id']];
  79. $html = manageForm($default, null, $userInfo['complete_name_with_username'], $tpl);
  80. return $html;
  81. }
  82. function show_compose_to_user($receiver_id, $tpl)
  83. {
  84. $userInfo = api_get_user_info($receiver_id);
  85. $html = get_lang('To').':&nbsp;<strong>'.$userInfo['complete_name'].'</strong>';
  86. $default['title'] = api_xml_http_response_encode(get_lang('Please enter a title'));
  87. $default['users'] = [$receiver_id];
  88. $html .= manageForm($default, null, '', $tpl);
  89. return $html;
  90. }
  91. /**
  92. * @param $default
  93. * @param null $select_from_user_list
  94. * @param string $sent_to
  95. * @param Template $tpl
  96. *
  97. * @return string
  98. */
  99. function manageForm($default, $select_from_user_list = null, $sent_to = '', $tpl = null)
  100. {
  101. $group_id = isset($_REQUEST['group_id']) ? (int) $_REQUEST['group_id'] : null;
  102. $message_id = isset($_GET['message_id']) ? (int) $_GET['message_id'] : null;
  103. $form = new FormValidator(
  104. 'compose_message',
  105. null,
  106. api_get_self(),
  107. null,
  108. ['enctype' => 'multipart/form-data']
  109. );
  110. if (empty($group_id)) {
  111. if (isset($select_from_user_list)) {
  112. $form->addText(
  113. 'id_text_name',
  114. get_lang('Send to'),
  115. true,
  116. [
  117. 'id' => 'id_text_name',
  118. 'onkeyup' => 'send_request_and_search()',
  119. 'autocomplete' => 'off',
  120. ]
  121. );
  122. $form->addRule('id_text_name', get_lang('Required field'), 'required');
  123. $form->addElement('html', '<div id="id_div_search" style="padding:0px" class="message-select-box" >&nbsp;</div>');
  124. $form->addElement('hidden', 'user_list', 0, ['id' => 'user_list']);
  125. } else {
  126. if (!empty($sent_to)) {
  127. $form->addLabel(get_lang('Send to'), $sent_to);
  128. }
  129. if (empty($default['users'])) {
  130. //fb select
  131. $form->addElement(
  132. 'select_ajax',
  133. 'users',
  134. get_lang('Send to'),
  135. [],
  136. [
  137. 'multiple' => 'multiple',
  138. 'url' => api_get_path(WEB_AJAX_PATH).'message.ajax.php?a=find_users',
  139. ]
  140. );
  141. } else {
  142. $form->addElement('hidden', 'hidden_user', $default['users'][0], ['id' => 'hidden_user']);
  143. }
  144. }
  145. } else {
  146. $userGroup = new UserGroup();
  147. $group_info = $userGroup->get($group_id);
  148. $form->addElement('label', get_lang('To social group'), api_xml_http_response_encode($group_info['name']));
  149. $form->addElement('hidden', 'group_id', $group_id);
  150. $form->addElement('hidden', 'parent_id', $message_id);
  151. }
  152. $form->addText('title', get_lang('Subject'), true);
  153. $form->addHtmlEditor(
  154. 'content',
  155. get_lang('Message'),
  156. false,
  157. false,
  158. ['ToolbarSet' => 'Messages', 'Width' => '100%', 'Height' => '250', 'style' => true]
  159. );
  160. if (isset($_GET['re_id'])) {
  161. $message_reply_info = MessageManager::get_message_by_id($_GET['re_id']);
  162. $default['title'] = get_lang('RE:').' '.Security::remove_XSS($message_reply_info['title']);
  163. $form->addHidden('re_id', (int) $_GET['re_id']);
  164. $form->addHidden('save_form', 'save_form');
  165. // Adding reply mail
  166. $user_reply_info = api_get_user_info($message_reply_info['user_sender_id']);
  167. $default['content'] = '<p><br/></p>'.sprintf(
  168. get_lang('%s wrote: <br /><i>%s</i>'),
  169. $user_reply_info['complete_name'],
  170. Security::filter_terms($message_reply_info['content'])
  171. );
  172. }
  173. if (isset($_GET['forward_id'])) {
  174. $forwardId = (int) $_GET['forward_id'];
  175. $message_reply_info = MessageManager::get_message_by_id($forwardId);
  176. $attachments = MessageManager::getAttachmentLinkList($forwardId, MessageManager::MESSAGE_TYPE_INBOX);
  177. if (!empty($attachments)) {
  178. $fileListToString = !empty($attachments) ? implode('<br />', $attachments) : '';
  179. $form->addLabel('', $fileListToString);
  180. }
  181. $default['title'] = '['.get_lang('Fwd').": ".Security::remove_XSS($message_reply_info['title']).']';
  182. $form->addHidden('forward_id', $forwardId);
  183. $form->addHidden('save_form', 'save_form');
  184. $receiverInfo = api_get_user_info($message_reply_info['user_receiver_id']);
  185. $forwardMessage = '---------- '.get_lang('Forwarded message').' ---------'.'<br />';
  186. $forwardMessage .= get_lang('Date').': '.api_get_local_time($message_reply_info['send_date']).'<br />';
  187. $forwardMessage .= get_lang('Subject').': '.Security::remove_XSS($message_reply_info['title']).'<br />';
  188. $forwardMessage .= get_lang('To').': '.$receiverInfo['complete_name'].' - '.$receiverInfo['email'].' <br />';
  189. $default['content'] = '<p><br/></p>'.$forwardMessage.'<br />'.Security::filter_terms($message_reply_info['content']);
  190. }
  191. if (empty($group_id)) {
  192. $form->addLabel(
  193. '',
  194. '<div id="file_uploads"><div id="filepath_1">
  195. <div id="filepaths" class="form-horizontal">
  196. <div id="paths-file" class="form-group">
  197. <label class="col-sm-4">'.get_lang('Files attachments').'</label>
  198. <input class="col-sm-8" type="file" name="attach_1"/>
  199. </div>
  200. </div>
  201. <div id="paths-description" class="form-group">
  202. <label class="col-sm-4">'.get_lang('Description').'</label>
  203. <div class="col-sm-8">
  204. <input id="file-descrtiption" class="form-control" type="text" name="legend[]" />
  205. </div>
  206. </div>
  207. </div>
  208. </div>'
  209. );
  210. $form->addLabel(
  211. '',
  212. '<span id="link-more-attach"><a class="btn btn-default" href="javascript://" onclick="return add_image_form()">'.
  213. get_lang('Add one more file').'</a></span>&nbsp;('.
  214. sprintf(
  215. get_lang('Maximun file size: %s'),
  216. format_file_size(api_get_setting('message_max_upload_filesize'))
  217. ).')'
  218. );
  219. }
  220. $form->addLabel(
  221. '',
  222. '<iframe
  223. frameborder="0" height="200" width="100%" scrolling="no"
  224. src="'.api_get_path(WEB_CODE_PATH).'messages/record_audio.php"></iframe>'
  225. );
  226. $form->addButtonSend(get_lang('Send message'), 'compose');
  227. $form->setRequiredNote('<span class="form_required">*</span> <small>'.get_lang('Required field').'</small>');
  228. if (!empty($group_id) && !empty($message_id)) {
  229. $message_info = MessageManager::get_message_by_id($message_id);
  230. $default['title'] = get_lang('RE:')." ".$message_info['title'];
  231. }
  232. $form->setDefaults($default);
  233. $html = '';
  234. if ($form->validate()) {
  235. $check = Security::check_token('post');
  236. $disabled = api_get_configuration_value('disable_token_in_new_message');
  237. if ($disabled) {
  238. $check = true;
  239. }
  240. if ($check) {
  241. $user_list = $default['users'];
  242. $file_comments = $_POST['legend'];
  243. $title = $default['title'];
  244. $content = $default['content'];
  245. $group_id = isset($default['group_id']) ? $default['group_id'] : null;
  246. $parent_id = isset($default['parent_id']) ? $default['parent_id'] : null;
  247. $forwardId = isset($_POST['forward_id']) ? $_POST['forward_id'] : false;
  248. if (is_array($user_list) && count($user_list) > 0) {
  249. // All is well, send the message
  250. foreach ($user_list as $userId) {
  251. $res = MessageManager::send_message(
  252. $userId,
  253. $title,
  254. $content,
  255. $_FILES,
  256. $file_comments,
  257. $group_id,
  258. $parent_id,
  259. 0,
  260. 0,
  261. null,
  262. false,
  263. $forwardId,
  264. [],
  265. true
  266. );
  267. if ($res) {
  268. $userInfo = api_get_user_info($userId);
  269. Display::addFlash(Display::return_message(
  270. get_lang('The message has been sent to')."&nbsp;<b>".$userInfo['complete_name_with_username']."</b>",
  271. 'confirmation',
  272. false
  273. ));
  274. }
  275. }
  276. MessageManager::cleanAudioMessage();
  277. } else {
  278. Display::addFlash(Display::return_message('There was an error while trying to send the message.', 'error'));
  279. }
  280. }
  281. Security::clear_token();
  282. header('Location: '.api_get_path(WEB_CODE_PATH).'messages/inbox.php');
  283. exit;
  284. } else {
  285. $token = Security::get_token();
  286. $form->addElement('hidden', 'sec_token');
  287. $form->setConstants(['sec_token' => $token]);
  288. $html .= $form->returnForm();
  289. }
  290. return $html;
  291. }
  292. if ($allowSocial) {
  293. $this_section = SECTION_SOCIAL;
  294. $interbreadcrumb[] = [
  295. 'url' => api_get_path(WEB_CODE_PATH).'social/home.php',
  296. 'name' => get_lang('Social network'),
  297. ];
  298. } else {
  299. $this_section = SECTION_MYPROFILE;
  300. $interbreadcrumb[] = [
  301. 'url' => api_get_path(WEB_CODE_PATH).'auth/profile.php',
  302. 'name' => get_lang('Profile'),
  303. ];
  304. }
  305. $interbreadcrumb[] = [
  306. 'url' => api_get_path(WEB_CODE_PATH).'messages/inbox.php',
  307. 'name' => get_lang('Messages'),
  308. ];
  309. $group_id = isset($_REQUEST['group_id']) ? (int) $_REQUEST['group_id'] : 0;
  310. $social_right_content = null;
  311. if ($group_id != 0) {
  312. $social_right_content .= '<div class=actions>';
  313. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'social/group_view.php?id='.$group_id.'">'.
  314. Display::return_icon('back.png', api_xml_http_response_encode(get_lang('Compose message'))).'</a>';
  315. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'messages/new_message.php?group_id='.$group_id.'">'.
  316. Display::return_icon('message_new.png', api_xml_http_response_encode(get_lang('Compose message'))).'</a>';
  317. $social_right_content .= '</div>';
  318. } else {
  319. if ($allowSocial) {
  320. } else {
  321. $social_right_content .= '<div class=actions>';
  322. if (api_get_setting('allow_message_tool') === 'true') {
  323. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'messages/new_message.php">'.
  324. Display::return_icon('message_new.png', get_lang('Compose message')).'</a>';
  325. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'messages/inbox.php">'.
  326. Display::return_icon('inbox.png', get_lang('Inbox')).'</a>';
  327. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'messages/outbox.php">'.
  328. Display::return_icon('outbox.png', get_lang('Outbox')).'</a>';
  329. }
  330. $social_right_content .= '</div>';
  331. }
  332. }
  333. // LEFT COLUMN
  334. $social_left_content = '';
  335. if ($allowSocial) {
  336. // Block Social Menu
  337. $social_menu_block = SocialManager::show_social_menu('messages');
  338. $social_right_content .= '<div class="row">';
  339. $social_right_content .= '<div class="col-md-12">';
  340. $social_right_content .= '<div class="actions">';
  341. $social_right_content .= '<a href="'.api_get_path(WEB_CODE_PATH).'messages/inbox.php">'.
  342. Display::return_icon('back.png', get_lang('Back'), [], 32).'</a>';
  343. $social_right_content .= '</div>';
  344. $social_right_content .= '</div>';
  345. $social_right_content .= '<div class="col-md-12">';
  346. }
  347. // MAIN CONTENT
  348. if (!isset($_POST['compose'])) {
  349. if (isset($_GET['re_id'])) {
  350. $social_right_content .= show_compose_reply_to_message(
  351. $_GET['re_id'],
  352. api_get_user_id(),
  353. $tpl
  354. );
  355. } elseif (isset($_GET['send_to_user'])) {
  356. $social_right_content .= show_compose_to_user($_GET['send_to_user'], $tpl);
  357. } else {
  358. $social_right_content .= show_compose_to_any($tpl);
  359. }
  360. } else {
  361. $restrict = false;
  362. if (isset($_POST['users'])) {
  363. $restrict = true;
  364. } elseif (isset($_POST['group_id'])) {
  365. $restrict = true;
  366. } elseif (isset($_POST['hidden_user'])) {
  367. $restrict = true;
  368. }
  369. $default['title'] = $_POST['title'];
  370. $default['content'] = $_POST['content'];
  371. // comes from a reply button
  372. if (isset($_GET['re_id']) || isset($_GET['forward_id'])) {
  373. $social_right_content .= manageForm($default, null, null, $tpl);
  374. } else {
  375. // post
  376. if ($restrict) {
  377. if (!isset($_POST['group_id'])) {
  378. $default['users'] = isset($_POST['users']) ? $_POST['users'] : null;
  379. } else {
  380. $default['group_id'] = (int) $_POST['group_id'];
  381. }
  382. if (isset($_POST['hidden_user'])) {
  383. $default['users'] = [$_POST['hidden_user']];
  384. }
  385. $social_right_content .= manageForm($default, null, null, $tpl);
  386. } else {
  387. $social_right_content .= Display::return_message(get_lang('There was an error while trying to send the message.'), 'error');
  388. }
  389. }
  390. }
  391. if ($allowSocial) {
  392. $social_right_content .= '</div>';
  393. $social_right_content .= '</div>';
  394. }
  395. // Block Social Avatar
  396. SocialManager::setSocialUserBlock($tpl, api_get_user_id(), 'messages');
  397. MessageManager::cleanAudioMessage();
  398. if ($allowSocial) {
  399. $tpl->assign('social_menu_block', $social_menu_block);
  400. $tpl->assign('social_right_content', $social_right_content);
  401. $social_layout = $tpl->get_template('social/inbox.tpl');
  402. $tpl->display($social_layout);
  403. } else {
  404. $content = $social_right_content;
  405. $tpl->assign('content', $content);
  406. $tpl->display_one_col_template();
  407. }