/modules/messages/includes/messages.inc.php
PHP | 207 lines | 196 code | 6 blank | 5 comment | 40 complexity | eb5e4172785e5bbc73492d716b468ffa MD5 | raw file
- <div class="navbar">
- <div class="navbar-inner">
- <div class="container">
- <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-messages-collapse">
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- <span class="icon-bar"></span>
- </a>
- <a class="brand" href="<?php echo $basehref; ?>messages/">Messages</a>
- <div class="nav-collapse nav-messages-collapse collapse">
- <ul class="nav nav-pills">
- <li class="active"><a href="#current" data-toggle="tab">Current</a></li>
- <li><a href="#archived" data-toggle="tab">Archived</a></li>
- </ul>
- <div class="pull-right">
- <form class="navbar-search">
- <input type="text" id="searchbox" class="search-query" placeholder="Search Messages" data-provide="typeahead">
- </form>
- </div>
- </div>
- </div>
- </div>
- </div>
- <div class="row">
- <div class="span6 pull-left">
- </div>
- <div class="span6 pull-right">
- <button href="#addMessage" role="button" class="btn btn-success pull-right" type="button" data-toggle="modal"><i class="icon-plus icon-white"></i> Add A New Message</button>
- </div>
- </div>
- <br clear="all" /><br clear="all" />
- <?php
- if($_POST['doAddMessage'] && $link) {
- // add the message
- if($_POST['clientid'] != "X") $clientid = $_POST['clientid'];
- if($_POST['projectid'] != "0") $projectid = $_POST['projectid'];
- $sql = "INSERT INTO messages (
- `message_title`,
- `message_describe`,
- `created`,
- `modified`,
- `clientid`,
- `projectid`,
- `userid`
- ) VALUES (
- '" . $_POST['message_title'] . "',
- '" . $message_describe . "',
- NOW(),
- NOW(),
- '" . $clientid . "',
- '" . $projectid . "',
- '" . $_SESSION['userid_auth'] . "'
- )";
- $q = mysql_query($sql);
- $notice = "Your new image was created.";
- }
- if(getSetting("dateFormat", $_SESSION['userid_auth']) && getSetting("dateFormat", $_SESSION['userid_auth']) != "0") {
- $date_format_setting = getSetting("dateFormat", $_SESSION['userid_auth']);
- }
- if (isset($_POST['search'])) { // a search was performed
- $level_auth = getCurrentUserAccessLevel();
- $group_auth = getCurrentUserGroupID();
- $search_client = "Client: ";
- // CLIENT SECTION
- if(substr($_POST['search'], 0, strlen($search_client)) == $search_client) {
- $message_sql = "SELECT id
- FROM clients
- WHERE fullname LIKE '%" . str_replace($search_client, "", $_POST['search']) . "%'";
- $message_q = mysql_query($message_sql);
- while($i = mysql_fetch_object($message_q)) {
- $message_id = $i->id;
- }
- $sql = "SELECT messages.`id` AS `id`,
- messages.`message_title` AS `message_title`,
- messages.`message_hourly` AS `message_hourly`,
- messages.`message_rate` AS `message_rate`,
- DATE_FORMAT(messages.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(messages.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- messages.`created` AS `created`,
- messages.`modified` AS `modified`,
- messages.`clientid` AS `clientid`
- FROM messages, users
- WHERE users.userid='" . $_SESSION['userid_auth'] . "'
- AND messages.message_title LIKE '%" . $_POST['search'] . "%'";
- if($level_auth < "11" || getSetting('onlyShowImagesInMyGroup', $_SESSION['userid_auth']) == "0")
- $sql .= " AND users.id=messages.ownerid AND users.groupid = '" . $group_auth . "'";
- $sql .= " ORDER BY messages.`sort` ASC, messages.`modified` DESC, messages.`created` DESC";
- $search_text = "Images for the client <u>".str_replace($search_client, "", $_POST['search'])."</u>";
- // PROJECT SECTION
- } elseif(substr($_POST['search'], 0, strlen($search_client)) == $search_client) {
- $message_sql = "SELECT id
- FROM clients
- WHERE fullname LIKE '%" . str_replace($search_client, "", $_POST['search']) . "%'";
- $message_q = mysql_query($message_sql);
- while($i = mysql_fetch_object($message_q)) {
- $message_id = $i->id;
- }
- $sql = "SELECT messages.`id` AS `id`,
- messages.`message_title` AS `message_title`,
- messages.`message_describe` AS `message_describe`,
- DATE_FORMAT(messages.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(messages.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- messages.`created` AS `created`,
- messages.`modified` AS `modified`,
- messages.`clientid` AS `clientid`
- FROM messages, users
- WHERE users.userid='" . $_SESSION['userid_auth'] . "'
- AND messages.message_title LIKE '%" . $_POST['search'] . "%'";
- if($level_auth < "11" || getSetting('onlyShowImagesInMyGroup', $_SESSION['userid_auth']) == "0")
- $sql .= " AND users.id=messages.ownerid AND users.groupid = '" . $group_auth . "'";
- $sql .= " ORDER BY messages.`sort` ASC, messages.`modified` DESC, messages.`created` DESC";
- $search_text = "Images for the client <u>".str_replace($search_client, "", $_POST['search'])."</u>";
- // SEARCH SECTION
- } else {
- $sql = "SELECT messages.`id` AS `id`,
- messages.`message_title` AS `message_title`,
- messages.`message_hourly` AS `message_hourly`,
- messages.`message_rate` AS `message_rate`,
- DATE_FORMAT(messages.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(messages.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- messages.`created` AS `created`,
- messages.`modified` AS `modified`,
- messages.`clientid` AS `clientid`
- FROM messages
- WHERE userid='" . $_SESSION['userid_auth'] . "'
- AND milestoneid='0'
- AND completed='" . $completed . "'
- AND messageid='" . $message_id . "'";
- $sql .= " ORDER BY messages.`sort` ASC, messages.`modified` DESC, messages.`created` DESC";
- $search_text = "Search results for the search term <u>".$_POST['search']."</u>";
- }
- } else { // a search was not performed
- $sql = "SELECT messages.`id` AS `id`,
- messages.`message_title` AS `message_title`,
- messages.`message_describe` AS `message_describe`,
- DATE_FORMAT(messages.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(messages.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- messages.`created` AS `created`,
- messages.`modified` AS `modified`,
- messages.`clientid` AS `clientid`,
- messages.`projectid` AS `projectid`
- FROM messages
- ORDER BY messages.`modified` DESC, messages.`created` DESC";
- }
- //if($debugmode) echo "<pre>".$sql."</pre>";
- $q = mysql_query($sql);
- $total_numrows = mysql_num_rows($q);
- if($_POST['search']) echo "<p><strong>" . $search_text . "</strong></p>";
- if($notice) {
- ?>
- <div class="icon-container fadeout">
- <img src="/img/icons/button-info.png" class="icon-image" alt="" />
- </div>
- <div class="icon-text fadeout"><?php echo $notice; ?></div>
- <br clear="all" /><br clear="all" />
- <?php
- }
- if($_POST['search'] || $total_numrows) {
- ?><table id="messages" class="rowsbox tablesorter" border="0" cellspacing="0" cellpadding="4" summary="">
- <thead>
- <tr>
- <th class="icon"></th>
- <th class="item">Image</th>
- <th>Client</th>
- <th>Project</th>
- <th>Updated</th>
- <th class="delete"></th>
- </tr>
- </thead>
- <tbody><?php
- $j = 0;
- while($i = mysql_fetch_object($q)) {
- $id = $i->id;
- $message_title = $i->message_title;
- $message_describe = $i->message_describe;
- $message_describe = $i->message_describe;
- $completed = $i->completed;
- $created = $i->created;
- $modified = $i->modified;
- $fcreated = $i->fcreated;
- $fmodified = $i->fmodified;
- $clientid = $i->clientid;
- if($j % 2 == 0) $rowcolor = "row"; else $rowcolor = "altrow";
- ?>
- <tr id="item_<?php echo $id; ?>" class="<? echo $rowcolor; ?> item_<? echo $id; ?>">
- <td class="icon"><img src="/modules/messages/img/button-message.png" title="Image" alt="" /></td>
- <td class="item"><a href="<?php echo $basehref; ?>/ajax/get_message.php?id=<? echo $id; ?>" class="lightbox" rel="lightbox"><? echo $message_title; ?></a></td>
- <td><?php if($clientid) echo getClientName($clientid); else echo 'Internal'; ?></td>
- <td><?php if($projectid) echo getProjectName($clientid); ?></td>
- <td><?php if($modified != "0000-00-00 00:00:00" && $modified != "") echo $fmodified; else echo '-'; ?></td>
- <td class="delete"><a href="" id="<?php echo $id; ?>"><img src="/img/icons/button-delete.png" border="0" alt="" /></a></td>
- </tr>
- <?php
- $j++;
- }
- ?></tbody><?php
- if($total_numrows > "10") pagination();
- ?></table><?php
- }
- mysql_close($link);
- ?>