Файл: adultscript-2.0.3-pro/files/templates/defboot/extend/ajax/user_message.plugin.php
Строк: 167
<?php
function ajax_plugin_user_message()
{
if (!VAuth::loggedin()) {
return;
}
$data = array('msg' => '', 'status' => 0, 'code' => '');
VLanguage::load('frontend.user');
$db = VF::factory('database');
if (isset($_POST['receiver_id']) && isset($_POST['message'])) {
$filter = VF::factory('filter');
$sender_id = (int) $_SESSION['user_id'];
$receiver_id = (int) $_POST['receiver_id'];
$subject = $filter->get('subject');
$message = $filter->get('message');
if ($subject == '') {
$data['msg'] = __('subject-empty');
return json_encode($data);
}
if ($message == '') {
$data['msg'] = __('message-empty');
return json_encode($data);
}
$db->query("SELECT u.username, u.email, up.allow_message, un.new_message
FROM #__user AS u
LEFT JOIN #__user_preferences AS up ON (up.user_id = u.user_id)
LEFT JOIN #__user_notifications AS un ON (un.user_id = u.user_id)
WHERE u.user_id = ".$receiver_id."
AND u.status = '1'
LIMIT 1");
if (!$db->affected_rows()) {
$data['msg'] = __('receiver-invalid');
return json_encode($data);
}
$user = $db->fetch_assoc();
$username = $user['username'];
$db->query("SELECT blocked_id
FROM #__user_blocks
WHERE user_id = ".$receiver_id."
AND blocked_id = ".$sender_id."
LIMIT 1");
if ($db->affected_rows()) {
$data['msg'] = __('receiver-blocked', array($username));
} else {
$allow_message = $user['allow_message'];
$new_message = (int) $user['new_message'];
$email = $user['email'];
if ($allow_message != 'all') {
if ($allow_message == 'no') {
$data['msg'] = __('receiver-no');
}
if ($allow_message == 'friends') {
$db->query("SELECT request_id
FROM #__user_friends
WHERE user_id = ".$sender_id."
AND friend_id = ".$receiver_id."
AND status = 'confirmed'
LIMIT 1");
if (!$db->affected_rows()) {
$data['msg'] = __('receiver-friend', array($username));
}
}
}
}
if ($data['msg']) {
return json_encode($data);
}
$db->query("INSERT INTO #__message
SET sender_id = ".$sender_id.",
receiver_id = ".$receiver_id.",
subject = '".$db->escape($subject)."',
message = '".$db->escape($message)."',
send_time = ".time().",
status = 1");
if ($db->affected_rows()) {
$msg_id = (int) $db->get_last_insert_id('#__message');
$sender = e($_SESSION['username']);
if ($new_message === 1) {
$mail = new VEmail();
$search = array('[#SITE_NAME#]', '[#BASE_URL#]', '[#USERNAME#]', '[#PROFILE_URL#]',
'[#SUBJECT#]', '[#MESSAGE#]', '[#INBOX_URL#]', '[#NOTIFS_URL#]');
$replace = array(VF::cfg_item('site_name'), BASE_URL, $sender, BASE_URL.'/users/'.$sender.'/',
$subject, $message, BASE_URL.'/message/inbox/', BASE_URL.'/user/notifications/');
$mail->predefined('user-message', $email, $search, $replace, 'noreply');
}
$code = array();
$avatar = 'nopic-'.$_SESSION['gender'].'.gif';
if ($_SESSION['avatar'] != '') {
$avatar = $sender_id.'.'.$_SESSION['avatar'];
}
$code[] = '<div id="message-'.$msg_id.'" class="media media-message">';
$code[] = '<div class="media-left">';
$code[] = '<a href="#" style="display: block; position: relative;">';
$code[] = '<img class="media-object img-rounded" src="'.USER_URL.'/'.$avatar.'" width="70" alt="'.__('alt-avatar', array($sender)).'" />';
$code[] = '</a>';
$code[] = '</div>';
$code[] = '<div class="media-body">';
$code[] = '<div class="media-heading">';
$code[] = __('from').' <span><a href="'.REL_URL.'/users/'.$sender.'/">'.$sender.'</a> </span> '.__('now');
$code[] = '</div>';
$code[] = '<p><h5><strong>'.e($subject).'</strong></h5>'.nl2br(e($message)).'</p>';
$code[] = '</div>';
$code[] = '</div>';
$data['status'] = 1;
$data['code'] = implode('', $code);
} else {
$data['msg'] = 'failed!';
}
return json_encode($data);
}
if (isset($_POST['sender_id'])) {
$sender_id = (int) trim($_POST['sender_id']);
$receiver_id = (int) $_SESSION['user_id'];
$count = (int) trim($_POST['count']);
}
$db->query("
SELECT m.msg_id, m.sender_id, m.receiver_id, m.subject,
m.message, m.send_time, m.status,
u.username, u.avatar, u.gender
FROM #__message AS m
LEFT JOIN #__user AS u ON (u.user_id = m.sender_id)
WHERE (m.receiver_id = ".$receiver_id." AND m.sender_id = ".$sender_id." OR m.receiver_id = ".$sender_id." AND m.sender_id = ".$receiver_id.")
AND m.status IN (1, 2, 3)
ORDER BY m.msg_id DESC
LIMIT 30
");
if ($db->affected_rows()) {
$msgs = $db->fetch_rows();
$username = $msgs['0']['username'];
$code = array();
$code[] = '<div id="read-modal" class="modal fade">';
$code[] = '<div class="modal-dialog modal-lg">';
$code[] = '<div class="modal-content">';
$code[] = '<div class="modal-header">';
$code[] = '<button type="button" class="close" data-dismiss="modal"><span aria-hidden="true">×</span><span class="sr-only">'.__('close').'</span></button>';
$code[] = '<h4 class="modal-title">'.__('messages-from', array($username)).'</h4>';
$code[] = '</div>';
$code[] = '<div class="modal-body" style="width: auto; height: auto; max-height: 400px; overflow: auto;">';
foreach ($msgs as $message) {
$avatar = 'nopic-'.$message['gender'].'.gif';
if ($message['avatar'] != '') {
$avatar = $message['sender_id'].'.'.$message['avatar'];
}
$code[] = '<div id="message-'.$message['msg_id'].'" class="media media-message">';
$code[] = '<div class="media-left">';
$code[] = '<a href="#" style="display: block; position: relative;">';
$code[] = '<img class="media-object img-rounded" src="'.USER_URL.'/'.$avatar.'" width="70" alt="'.__('alt-avatar', array($message['username'])).'" />';
$code[] = '</a>';
$code[] = '</div>';
$code[] = '<div class="media-body">';
$code[] = '<div class="media-heading">';
$code[] = __('from').' <span><a href="'.REL_URL.'/users/'.e($message['username']).'/">'.e($message['username']).'</a> </span> '.VDate::nice($message['send_time']);
$code[] = '</div>';
$code[] = '<p><h5><strong>'.e($message['subject']).'</strong></h5>'.nl2br(e($message['message'])).'</p>';
$code[] = '</div>';
$code[] = '</div>';
}
$db->query("
UPDATE #__message
SET status = 2
WHERE (receiver_id = ".$receiver_id." AND sender_id = ".$sender_id." OR receiver_id = ".$sender_id." AND sender_id = ".$receiver_id.")
AND status = 1
LIMIT 1
");
$code[] = '<input name="receiver_id" type="hidden" value="'.$sender_id.'">';
$code[] = '<form class="form-horizontal">';
$code[] = '<fieldset><legend>'.__('reply-to', array($username)).'</legend>';
$code[] = '<div class="form-group">';
$code[] = '<label for="subject" class="col-sm-2 control-label">'.__('subject').'</label>';
$code[] = '<div class="col-sm-10">';
$code[] = '<input name="subject" type="text" id="subject" class="form-control" value="'.e($message['subject']).'">';
$code[] = '</div></div>';
$code[] = '<div class="form-group">';
$code[] = '<label for="message" class="col-sm-2 control-label">'.__('message').'</label>';
$code[] = '<div class="col-sm-10">';
$code[] = '<textarea name="message" id="message" rows="3" class="form-control"></textarea>';
$code[] = '</div></div>';
$code[] = '</fieldset>';
$code[] = '</form>';
$code[] = '</div>';
$code[] = '<div class="modal-footer">';
$code[] = '<button type="button" class="btn btn-default" data-dismiss="modal">'.__('close').'</button>';
$code[] = '<button type="button" id="message-send" class="btn btn-primary">'.__('reply').'</button>';
$code[] = '</div>';
$code[] = '</div>';
$code[] = '</div>';
$code[] = '</div>';
$data['count'] = ($count >= 1) ? $count-1 : 0;
$data['code'] = implode('', $code);
$data['status'] = 1;
}
return json_encode($data);
}