/beta/home/message.asp

http://github.com/khaneh/Orders · ASP · 373 lines · 330 code · 23 blank · 20 comment · 46 complexity · 58f84c610d789d6355afad1145dfd815 MD5 · raw file

  1. <%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><%
  2. 'Home (0)
  3. PageTitle= " "
  4. SubmenuItem=2
  5. if not Auth(0 , 2) then NotAllowdToViewThisPage()
  6. sendTo = session("id")
  7. %>
  8. <!--#include file="top.asp" -->
  9. <!--#include File="../include_farsiDateHandling.asp"-->
  10. <!--#include File="../include_JS_InputMasks.asp"-->
  11. <%
  12. function sqlSafe (s)
  13. st=s
  14. st=replace(St,"'","`")
  15. st=replace(St,chr(34),"`")
  16. sqlsafe=st
  17. end function
  18. if request("act")="show" then
  19. if IsNumeric(request("id")) then
  20. set rs=Conn.execute ("select Messages.*,userTo.realName as toName, userFrom.realName as fromName,message_types.name as typeName from Messages inner join users as userTo on Messages.msgTo=userTo.id inner join users as userFrom on Messages.msgFrom=userFrom.id inner join message_types on Messages.type=message_types.id where Messages.id=" & request("id"))
  21. if rs.eof then
  22. ErrorMsg = " !"
  23. response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
  24. end if
  25. select case Trim(rs("relatedTable"))
  26. case "accounts":
  27. response.redirect "../CRM/AccountInfo.asp?act=show&selectedCustomer="&rs("relatedID")
  28. case "invoices":
  29. response.redirect "../AR/AccountReport.asp?act=showInvoice&invoice="&rs("relatedID")
  30. case "orders":
  31. response.redirect "../order/TraceOrder.asp?act=show&order="&rs("relatedID")
  32. case "quotes" :
  33. response.redirect "../order/Inquiry.asp?act=show&quote="&rs("relatedID")
  34. case else
  35. %>
  36. <br><br><br>
  37. <div align="right">
  38. <LI> : <span dir=ltr><%=RS("MsgDate")%></span>
  39. <LI>: <%=RS("MsgTime")%>
  40. <li>: <%=rs("fromName")%></li>
  41. <li>: <%=rs("toName")%></li>
  42. <li><%=rs("typeName")%></li>
  43. <LI>: <%=RS("MsgBody")%>
  44. </div>
  45. <%
  46. end select
  47. else
  48. ErrorMsg = " ."
  49. response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
  50. end if
  51. end if
  52. '-----------------------------------------------------------------------------------------------------
  53. '------------------------------------------------------------------------------------ Send New Message
  54. '-----------------------------------------------------------------------------------------------------
  55. if request.form("Submit")=" " then
  56. ON ERROR RESUME NEXT
  57. ErrorFound = false
  58. ErrorMsg = ""
  59. MsgTo = cint(request.form("MsgTo"))
  60. msgTitle = sqlSafe(request.form("msgTitle"))
  61. msgBody = sqlSafe(left(request.form("msgBody"),1999))
  62. RelatedTable = sqlSafe(request.form("RelatedTable"))
  63. relatedID = sqlSafe(request.form("relatedID"))
  64. if relatedID<>"" then relatedID = clng(relatedID)
  65. replyTo = sqlSafe(request.form("replyTo"))
  66. IsReply = sqlSafe(request.form("IsReply"))
  67. urgent = sqlSafe(request.form("urgent"))
  68. MsgFrom = session("ID")
  69. MsgDate = shamsiToday()
  70. MsgTime = currentTime10()
  71. returnURL = request.form("retURL")
  72. if instr(returnURL,"?") > 0 then
  73. returnURL = returnURL & "&"
  74. else
  75. returnURL = returnURL & "?"
  76. end if
  77. if IsNumeric(request.form("msgType")) then
  78. msgType = CInt(request.form("msgType"))
  79. else
  80. msgType=0
  81. end if
  82. if MsgTo <> -100 then
  83. set RS=Conn.Execute ("SELECT RealName FROM Users where ID="& MsgTo)
  84. if RS.eof then
  85. ErrorFound = true
  86. ErrorMsg = " "
  87. else
  88. ReceiverName= RS("RealName")
  89. end if
  90. RS.close
  91. end if
  92. if Err.Number<>0 then
  93. ErrorFound = true
  94. ErrorMsg = " ."
  95. end if
  96. ON ERROR GOTO 0
  97. if ErrorFound then
  98. conn.close
  99. response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
  100. end if
  101. if MsgTo=-100 AND Auth(0 , 7) then '
  102. msg = " "
  103. writeAnd = ""
  104. set RSV=Conn.Execute ("SELECT * FROM Users WHERE (ID <> 0) AND (Display = 1) ORDER BY RealName")
  105. Do while not RSV.eof
  106. MsgTo=RSV("ID")
  107. MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
  108. conn.Execute MySQL
  109. msg = msg & writeAnd & RSV("RealName")
  110. writeAnd = " "
  111. RSV.moveNext
  112. Loop
  113. RSV.close
  114. msg = msg & " ."
  115. else
  116. MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
  117. conn.Execute MySQL
  118. if MsgTo=0 then
  119. msg = " ."
  120. else
  121. msg = " " & ReceiverName & " ."
  122. end if
  123. end if
  124. response.redirect returnURL & "msg=" & Server.URLEncode(msg)
  125. end if
  126. '-----------------------------------------------------------------------------------------------------
  127. '-----------------------------------------------------------------------------------------------------
  128. '-----------------------------------------------------------------------------------------------------
  129. %>
  130. <center><BR><BR><BR>
  131. <TABLE>
  132. <TR>
  133. <%
  134. replyTo = "0"
  135. IsReply = "0"
  136. RelatedTable = "NaN"
  137. RelatedID = "0"
  138. msgBody = ""
  139. MsgTitle = ""
  140. '-----------------------------------------------------------------------------------------------------
  141. '------------------------------------------------------------------------------------------ Reply Form
  142. '-----------------------------------------------------------------------------------------------------
  143. if request("act") = "reply" then
  144. response.write "<TD valign=top> "
  145. replyTo = request("id")
  146. IsReply = "1"
  147. MySQL = "SELECT * FROM Messages WHERE (id = "& replyTo & ") and (MsgTo="& session("id") & ")"
  148. set RSM = conn.Execute (MySQL)
  149. if RSM.EOF then
  150. response.write "<BR><BR><BR><BR><CENTER> </CENTER>"
  151. response.end
  152. end if
  153. sendTo = RSM("MsgFrom")
  154. RelatedTable = trim(RSM("RelatedTable"))
  155. RelatedID = trim(RSM("RelatedID"))
  156. 'response.write RelatedTable
  157. %>
  158. <H3> </H3>
  159. <TABLE style="border: solid 1pt black; width:220">
  160. <TR>
  161. <TD>
  162. <LI> : <span dir=ltr><%=RSM("MsgDate")%></span>
  163. <LI>: <%=RSM("MsgTime")%>
  164. <LI>: <%=RSM("MsgBody")%>
  165. </TD>
  166. </TR>
  167. </TABLE>
  168. </td>
  169. <%
  170. '-----------------------------------------------------------------------------------------------------
  171. '-------------------------------------------------------------------------------------------- FWD Form
  172. '-----------------------------------------------------------------------------------------------------
  173. elseif request("act") = "forward" then
  174. fwMsg = request("id")
  175. MySQL = "SELECT Messages.*, Users.RealName FROM Messages INNER JOIN Users ON Messages.MsgFrom = Users.ID WHERE (Messages.id = "& fwMsg & ") AND (Messages.MsgTo = "& session("id") & ")"
  176. set RSM = conn.Execute (MySQL)
  177. if RSM.EOF then
  178. response.write "<BR><BR><BR><BR><CENTER> </CENTER>"
  179. response.end
  180. end if
  181. sendTo = RSM("MsgFrom")
  182. RelatedTable = trim(RSM("RelatedTable"))
  183. RelatedID = trim(RSM("RelatedID"))
  184. msgBody= "[ "& RSM("RealName")& "] " & RSM("MsgBody")
  185. MsgTitle = "FWD"
  186. %>
  187. <TR>
  188. <TD colspan=2 align=center><H3> </H3></TD>
  189. </TR>
  190. <%
  191. elseif request("act") ="" then
  192. %>
  193. <TR>
  194. <TD colspan=2 align=center><H3> </H3></TD>
  195. </TR>
  196. <%
  197. end if
  198. '-----------------------------------------------------------------------------------------------------
  199. '------------------------------------------------------------------------------------ New Message Form
  200. '-----------------------------------------------------------------------------------------------------
  201. if request("act")<>"show" then
  202. if request("act")<>"reply" and request("act")<>"forward" then
  203. RelatedID=request("RelatedID")
  204. RelatedTable=LCase(request("RelatedTable"))
  205. end if
  206. Select Case RelatedTable
  207. Case "orders":
  208. RelatedTableName = " "
  209. Case "accounts":
  210. RelatedTableName = " "
  211. Case "invoices":
  212. RelatedTableName = " "
  213. Case "quotes":
  214. RelatedTableName = " "
  215. Case else:
  216. RelatedTableName = RelatedTable
  217. End Select
  218. if request("sendTo") <> "" then sendTo = request("sendTo")
  219. 'response.write sendTo
  220. 'response.write RelatedTable
  221. %>
  222. <TD valign=top>
  223. <FORM METHOD=POST ACTION="message.asp">
  224. <INPUT TYPE="hidden" name="replyTo" value="<%=replyTo%>">
  225. <INPUT TYPE="hidden" name="IsReply" value="<%=IsReply%>">
  226. <TABLE>
  227. <TR>
  228. <TD align=left>:</TD>
  229. <TD align=right>
  230. <INPUT TYPE="hidden" NAME="retURL" value="<%=request("retURL")%>">
  231. <% if not (request("act") = "reply") then %>
  232. <select name="MsgTo" class=inputBut >
  233. <% set RSV=Conn.Execute ("SELECT * FROM Users WHERE Display=1 ORDER BY RealName")
  234. Do while not RSV.eof
  235. %>
  236. <option value="<%=RSV("ID")%>" <%
  237. if cint(RSV("ID"))=cint(sendTo) then
  238. response.write " selected "
  239. end if
  240. %>><%=RSV("RealName")%></option>
  241. <%
  242. RSV.moveNext
  243. Loop
  244. RSV.close
  245. %>
  246. <% if Auth(0 , 7) then
  247. ' Has the Priviledge to SEND MESSAGE TO EVERYONE
  248. %> <option disabled value="0">----------------------</option>
  249. <option value="-100">* *</option>
  250. <% end if%>
  251. </select>
  252. <% else
  253. if request("sendTo")<>"" then
  254. sendTo = request("sendTo")
  255. end if
  256. set RSV=Conn.Execute ("SELECT RealName FROM Users where ID = " & sendTo)
  257. if RSV.EOF then
  258. response.redirect "message.asp"
  259. end if %>
  260. <INPUT TYPE="hidden" NAME="MsgTo" value="<%=sendTo%>"><INPUT readonly TYPE="text" NAME="MsgTo21" value="<%=RSV("RealName")%>">
  261. <% end if %>
  262. <span dir=ltr><%=shamsiToday()%></span><BR>
  263. </TD>
  264. </TR>
  265. <TR>
  266. <TD align=left><!----></TD>
  267. <TD align=right>
  268. <INPUT TYPE="hidden" NAME="msgTitle" class=inputBut size=31 value="<%=MsgTitle%>">
  269. </TD>
  270. </TR>
  271. <TR>
  272. <TD align=left></TD>
  273. <TD align=right>
  274. <TEXTAREA NAME="msgBody" ROWS="7" class=inputBut COLS="32" maxlength=1999><%=msgBody%></TEXTAREA>
  275. </TD>
  276. </TR>
  277. <TR>
  278. <TD align=left> </TD>
  279. <TD align=right>
  280. <% if RelatedID = "" then %>
  281. <SELECT NAME="RelatedTable" onchange="hideIT()" >
  282. <option <% if RelatedTable="NaN" then %> selected <% end if %>value="NaN"></option>
  283. <option <% if RelatedTable="orders" then %> selected <% end if %>value="orders">/ ()</option>
  284. <option <% if RelatedTable="accounts" then %> selected <% end if %>value="accounts"> ()</option>
  285. <option <% if RelatedTable="invoices" then %> selected <% end if %>value="invoices"> ()</option>
  286. </SELECT>
  287. <span name="relatedIDSpan" id="relatedIDSpan">
  288. <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" onKeyPress="return maskNumber(this);" >
  289. </span>
  290. <% else %>
  291. <INPUT TYPE="hidden" NAME="RelatedTable" value="<%=RelatedTable%>"><INPUT TYPE="text" NAME="alak" value="<%=RelatedTableName%>"size=17 readonly> <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" readonly>
  292. <% end if %>
  293. </TD>
  294. </TR>
  295. <TR>
  296. <TD align=left>:</TD>
  297. <TD align=right>
  298. <span style="background-color:white"><INPUT TYPE="radio" NAME="urgent" value="0" checked> &nbsp;
  299. <span style="background-color:#FFDDDD"><INPUT TYPE="radio" NAME="urgent" value="1"> &nbsp;
  300. <span style="background-color:yellow"><INPUT TYPE="radio" NAME="urgent" value="2"> &nbsp;
  301. </TD>
  302. </TR>
  303. <tr>
  304. <td align="left">:</td>
  305. <td align="right">
  306. <select name="msgType">
  307. <%
  308. set rs= Conn.Execute("select * from message_types")
  309. if request("typeID")<>"" then typeID=request("typeID")
  310. while not rs.eof
  311. %>
  312. <option value="<%=rs("id")%>" <%if cint(typeID)=cint(rs("id")) then response.write(" selected ") %>><%=rs("name")%></option>
  313. <%
  314. rs.moveNext
  315. wend
  316. %>
  317. </select>
  318. </td>
  319. </tr>
  320. <TR>
  321. <TD align=left></TD>
  322. <TD align=center><br><INPUT TYPE="submit" name="submit" value=" "></TD>
  323. </TR>
  324. <TR>
  325. <TD align=left></TD>
  326. <TD align=right>
  327. </TD>
  328. </TR>
  329. </TABLE>
  330. </FORM>
  331. <%
  332. end if
  333. %>
  334. <SCRIPT type="text/javascript">
  335. $(document).ready(function(){
  336. hideIT();
  337. });
  338. function hideIT(){
  339. if ($("select[name=RelatedTable]").val()=='NaN'){
  340. $("#relatedIDSpan").css("visibility","hidden");
  341. } else {
  342. $("#relatedIDSpan").css("visibility","visible");
  343. $("[name=relatedID]").focus();
  344. }
  345. }
  346. </SCRIPT>
  347. </TD>
  348. </TR>
  349. </TABLE>
  350. <!--#include file="tah.asp" -->