/beta/home/message.asp
http://github.com/khaneh/Orders · ASP · 373 lines · 330 code · 23 blank · 20 comment · 46 complexity · 58f84c610d789d6355afad1145dfd815 MD5 · raw file
- <%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><%
- 'Home (0)
- PageTitle= " "
- SubmenuItem=2
- if not Auth(0 , 2) then NotAllowdToViewThisPage()
-
- sendTo = session("id")
- %>
- <!--#include file="top.asp" -->
- <!--#include File="../include_farsiDateHandling.asp"-->
- <!--#include File="../include_JS_InputMasks.asp"-->
- <%
-
- function sqlSafe (s)
- st=s
- st=replace(St,"'","`")
- st=replace(St,chr(34),"`")
- sqlsafe=st
- end function
- if request("act")="show" then
- if IsNumeric(request("id")) then
- set rs=Conn.execute ("select Messages.*,userTo.realName as toName, userFrom.realName as fromName,message_types.name as typeName from Messages inner join users as userTo on Messages.msgTo=userTo.id inner join users as userFrom on Messages.msgFrom=userFrom.id inner join message_types on Messages.type=message_types.id where Messages.id=" & request("id"))
- if rs.eof then
- ErrorMsg = " !"
- response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
- end if
- select case Trim(rs("relatedTable"))
- case "accounts":
- response.redirect "../CRM/AccountInfo.asp?act=show&selectedCustomer="&rs("relatedID")
- case "invoices":
- response.redirect "../AR/AccountReport.asp?act=showInvoice&invoice="&rs("relatedID")
- case "orders":
- response.redirect "../order/TraceOrder.asp?act=show&order="&rs("relatedID")
- case "quotes" :
- response.redirect "../order/Inquiry.asp?act=show"e="&rs("relatedID")
- case else
- %>
- <br><br><br>
-
- <div align="right">
- <LI> : <span dir=ltr><%=RS("MsgDate")%></span>
- <LI>: <%=RS("MsgTime")%>
- <li>: <%=rs("fromName")%></li>
- <li>: <%=rs("toName")%></li>
- <li><%=rs("typeName")%></li>
- <LI>: <%=RS("MsgBody")%>
- </div>
- <%
- end select
- else
- ErrorMsg = " ."
- response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
- end if
- end if
-
- '-----------------------------------------------------------------------------------------------------
- '------------------------------------------------------------------------------------ Send New Message
- '-----------------------------------------------------------------------------------------------------
- if request.form("Submit")=" " then
- ON ERROR RESUME NEXT
-
- ErrorFound = false
- ErrorMsg = ""
-
- MsgTo = cint(request.form("MsgTo"))
- msgTitle = sqlSafe(request.form("msgTitle"))
- msgBody = sqlSafe(left(request.form("msgBody"),1999))
- RelatedTable = sqlSafe(request.form("RelatedTable"))
- relatedID = sqlSafe(request.form("relatedID"))
- if relatedID<>"" then relatedID = clng(relatedID)
- replyTo = sqlSafe(request.form("replyTo"))
- IsReply = sqlSafe(request.form("IsReply"))
- urgent = sqlSafe(request.form("urgent"))
- MsgFrom = session("ID")
- MsgDate = shamsiToday()
- MsgTime = currentTime10()
-
- returnURL = request.form("retURL")
-
- if instr(returnURL,"?") > 0 then
- returnURL = returnURL & "&"
- else
- returnURL = returnURL & "?"
- end if
-
- if IsNumeric(request.form("msgType")) then
- msgType = CInt(request.form("msgType"))
- else
- msgType=0
- end if
-
- if MsgTo <> -100 then
- set RS=Conn.Execute ("SELECT RealName FROM Users where ID="& MsgTo)
- if RS.eof then
- ErrorFound = true
- ErrorMsg = " "
- else
- ReceiverName= RS("RealName")
- end if
- RS.close
- end if
-
- if Err.Number<>0 then
- ErrorFound = true
- ErrorMsg = " ."
- end if
- ON ERROR GOTO 0
-
- if ErrorFound then
- conn.close
- response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
- end if
-
- if MsgTo=-100 AND Auth(0 , 7) then '
- msg = " "
- writeAnd = ""
- set RSV=Conn.Execute ("SELECT * FROM Users WHERE (ID <> 0) AND (Display = 1) ORDER BY RealName")
- Do while not RSV.eof
- MsgTo=RSV("ID")
- MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
- conn.Execute MySQL
- msg = msg & writeAnd & RSV("RealName")
- writeAnd = " "
- RSV.moveNext
- Loop
- RSV.close
- msg = msg & " ."
- else
- MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
- conn.Execute MySQL
- if MsgTo=0 then
- msg = " ."
- else
- msg = " " & ReceiverName & " ."
- end if
- end if
- response.redirect returnURL & "msg=" & Server.URLEncode(msg)
- end if
-
- '-----------------------------------------------------------------------------------------------------
- '-----------------------------------------------------------------------------------------------------
- '-----------------------------------------------------------------------------------------------------
- %>
-
- <center><BR><BR><BR>
- <TABLE>
- <TR>
- <%
- replyTo = "0"
- IsReply = "0"
- RelatedTable = "NaN"
- RelatedID = "0"
- msgBody = ""
- MsgTitle = ""
-
- '-----------------------------------------------------------------------------------------------------
- '------------------------------------------------------------------------------------------ Reply Form
- '-----------------------------------------------------------------------------------------------------
- if request("act") = "reply" then
- response.write "<TD valign=top> "
- replyTo = request("id")
- IsReply = "1"
- MySQL = "SELECT * FROM Messages WHERE (id = "& replyTo & ") and (MsgTo="& session("id") & ")"
- set RSM = conn.Execute (MySQL)
- if RSM.EOF then
- response.write "<BR><BR><BR><BR><CENTER> </CENTER>"
- response.end
- end if
- sendTo = RSM("MsgFrom")
- RelatedTable = trim(RSM("RelatedTable"))
- RelatedID = trim(RSM("RelatedID"))
- 'response.write RelatedTable
- %>
- <H3> </H3>
- <TABLE style="border: solid 1pt black; width:220">
- <TR>
- <TD>
- <LI> : <span dir=ltr><%=RSM("MsgDate")%></span>
- <LI>: <%=RSM("MsgTime")%>
- <LI>: <%=RSM("MsgBody")%>
- </TD>
- </TR>
- </TABLE>
- </td>
- <%
- '-----------------------------------------------------------------------------------------------------
- '-------------------------------------------------------------------------------------------- FWD Form
- '-----------------------------------------------------------------------------------------------------
- elseif request("act") = "forward" then
- fwMsg = request("id")
- MySQL = "SELECT Messages.*, Users.RealName FROM Messages INNER JOIN Users ON Messages.MsgFrom = Users.ID WHERE (Messages.id = "& fwMsg & ") AND (Messages.MsgTo = "& session("id") & ")"
- set RSM = conn.Execute (MySQL)
- if RSM.EOF then
- response.write "<BR><BR><BR><BR><CENTER> </CENTER>"
- response.end
- end if
- sendTo = RSM("MsgFrom")
- RelatedTable = trim(RSM("RelatedTable"))
- RelatedID = trim(RSM("RelatedID"))
- msgBody= "[ "& RSM("RealName")& "] " & RSM("MsgBody")
- MsgTitle = "FWD"
- %>
- <TR>
- <TD colspan=2 align=center><H3> </H3></TD>
- </TR>
- <%
- elseif request("act") ="" then
- %>
- <TR>
- <TD colspan=2 align=center><H3> </H3></TD>
- </TR>
- <%
- end if
-
- '-----------------------------------------------------------------------------------------------------
- '------------------------------------------------------------------------------------ New Message Form
- '-----------------------------------------------------------------------------------------------------
- if request("act")<>"show" then
-
- if request("act")<>"reply" and request("act")<>"forward" then
- RelatedID=request("RelatedID")
- RelatedTable=LCase(request("RelatedTable"))
- end if
- Select Case RelatedTable
- Case "orders":
- RelatedTableName = " "
- Case "accounts":
- RelatedTableName = " "
- Case "invoices":
- RelatedTableName = " "
- Case "quotes":
- RelatedTableName = " "
- Case else:
- RelatedTableName = RelatedTable
- End Select
- if request("sendTo") <> "" then sendTo = request("sendTo")
- 'response.write sendTo
- 'response.write RelatedTable
- %>
- <TD valign=top>
- <FORM METHOD=POST ACTION="message.asp">
- <INPUT TYPE="hidden" name="replyTo" value="<%=replyTo%>">
- <INPUT TYPE="hidden" name="IsReply" value="<%=IsReply%>">
- <TABLE>
- <TR>
- <TD align=left>:</TD>
- <TD align=right>
- <INPUT TYPE="hidden" NAME="retURL" value="<%=request("retURL")%>">
- <% if not (request("act") = "reply") then %>
- <select name="MsgTo" class=inputBut >
- <% set RSV=Conn.Execute ("SELECT * FROM Users WHERE Display=1 ORDER BY RealName")
- Do while not RSV.eof
- %>
- <option value="<%=RSV("ID")%>" <%
- if cint(RSV("ID"))=cint(sendTo) then
- response.write " selected "
- end if
- %>><%=RSV("RealName")%></option>
- <%
- RSV.moveNext
- Loop
- RSV.close
- %>
- <% if Auth(0 , 7) then
- ' Has the Priviledge to SEND MESSAGE TO EVERYONE
- %> <option disabled value="0">----------------------</option>
- <option value="-100">* *</option>
- <% end if%>
- </select>
- <% else
-
- if request("sendTo")<>"" then
- sendTo = request("sendTo")
- end if
-
- set RSV=Conn.Execute ("SELECT RealName FROM Users where ID = " & sendTo)
- if RSV.EOF then
- response.redirect "message.asp"
- end if %>
- <INPUT TYPE="hidden" NAME="MsgTo" value="<%=sendTo%>"><INPUT readonly TYPE="text" NAME="MsgTo21" value="<%=RSV("RealName")%>">
- <% end if %>
- <span dir=ltr><%=shamsiToday()%></span><BR>
- </TD>
- </TR>
- <TR>
- <TD align=left><!----></TD>
- <TD align=right>
- <INPUT TYPE="hidden" NAME="msgTitle" class=inputBut size=31 value="<%=MsgTitle%>">
- </TD>
- </TR>
- <TR>
- <TD align=left></TD>
- <TD align=right>
- <TEXTAREA NAME="msgBody" ROWS="7" class=inputBut COLS="32" maxlength=1999><%=msgBody%></TEXTAREA>
- </TD>
- </TR>
- <TR>
- <TD align=left> </TD>
- <TD align=right>
- <% if RelatedID = "" then %>
- <SELECT NAME="RelatedTable" onchange="hideIT()" >
- <option <% if RelatedTable="NaN" then %> selected <% end if %>value="NaN"></option>
- <option <% if RelatedTable="orders" then %> selected <% end if %>value="orders">/ ()</option>
- <option <% if RelatedTable="accounts" then %> selected <% end if %>value="accounts"> ()</option>
- <option <% if RelatedTable="invoices" then %> selected <% end if %>value="invoices"> ()</option>
-
- </SELECT>
- <span name="relatedIDSpan" id="relatedIDSpan">
- <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" onKeyPress="return maskNumber(this);" >
- </span>
- <% else %>
- <INPUT TYPE="hidden" NAME="RelatedTable" value="<%=RelatedTable%>"><INPUT TYPE="text" NAME="alak" value="<%=RelatedTableName%>"size=17 readonly> <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" readonly>
- <% end if %>
- </TD>
- </TR>
- <TR>
- <TD align=left>:</TD>
- <TD align=right>
- <span style="background-color:white"><INPUT TYPE="radio" NAME="urgent" value="0" checked>
- <span style="background-color:#FFDDDD"><INPUT TYPE="radio" NAME="urgent" value="1">
- <span style="background-color:yellow"><INPUT TYPE="radio" NAME="urgent" value="2">
- </TD>
- </TR>
- <tr>
- <td align="left">:</td>
- <td align="right">
- <select name="msgType">
- <%
- set rs= Conn.Execute("select * from message_types")
- if request("typeID")<>"" then typeID=request("typeID")
- while not rs.eof
- %>
- <option value="<%=rs("id")%>" <%if cint(typeID)=cint(rs("id")) then response.write(" selected ") %>><%=rs("name")%></option>
- <%
- rs.moveNext
- wend
- %>
- </select>
- </td>
- </tr>
- <TR>
- <TD align=left></TD>
- <TD align=center><br><INPUT TYPE="submit" name="submit" value=" "></TD>
- </TR>
- <TR>
- <TD align=left></TD>
- <TD align=right>
- </TD>
- </TR>
- </TABLE>
- </FORM>
- <%
- end if
- %>
- <SCRIPT type="text/javascript">
- $(document).ready(function(){
- hideIT();
- });
- function hideIT(){
- if ($("select[name=RelatedTable]").val()=='NaN'){
- $("#relatedIDSpan").css("visibility","hidden");
- } else {
- $("#relatedIDSpan").css("visibility","visible");
- $("[name=relatedID]").focus();
- }
- }
- </SCRIPT>
-
- </TD>
- </TR>
- </TABLE>
-
- <!--#include file="tah.asp" -->