/beta/home/message.asp
ASP | 373 lines | 330 code | 23 blank | 20 comment | 46 complexity | 58f84c610d789d6355afad1145dfd815 MD5 | raw file
1<%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><% 2'Home (0) 3PageTitle= " ������� " 4SubmenuItem=2 5if not Auth(0 , 2) then NotAllowdToViewThisPage() 6 7sendTo = session("id") 8%> 9<!--#include file="top.asp" --> 10<!--#include File="../include_farsiDateHandling.asp"--> 11<!--#include File="../include_JS_InputMasks.asp"--> 12<% 13 14function sqlSafe (s) 15 st=s 16 st=replace(St,"'","`") 17 st=replace(St,chr(34),"`") 18 sqlsafe=st 19end function 20if request("act")="show" then 21 if IsNumeric(request("id")) then 22 set rs=Conn.execute ("select Messages.*,userTo.realName as toName, userFrom.realName as fromName,message_types.name as typeName from Messages inner join users as userTo on Messages.msgTo=userTo.id inner join users as userFrom on Messages.msgFrom=userFrom.id inner join message_types on Messages.type=message_types.id where Messages.id=" & request("id")) 23 if rs.eof then 24 ErrorMsg = "���� ����!" 25 response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg) 26 end if 27 select case Trim(rs("relatedTable")) 28 case "accounts": 29 response.redirect "../CRM/AccountInfo.asp?act=show&selectedCustomer="&rs("relatedID") 30 case "invoices": 31 response.redirect "../AR/AccountReport.asp?act=showInvoice&invoice="&rs("relatedID") 32 case "orders": 33 response.redirect "../order/TraceOrder.asp?act=show&order="&rs("relatedID") 34 case "quotes" : 35 response.redirect "../order/Inquiry.asp?act=show"e="&rs("relatedID") 36 case else 37%> 38<br><br><br> 39 40<div align="right"> 41 <LI>����� �����: <span dir=ltr><%=RS("MsgDate")%></span> 42 <LI>����: <%=RS("MsgTime")%> 43 <li>��: <%=rs("fromName")%></li> 44 <li>��: <%=rs("toName")%></li> 45 <li><%=rs("typeName")%></li> 46 <LI>����: <%=RS("MsgBody")%> 47</div> 48<% 49 end select 50 else 51 ErrorMsg = "��� �� �����." 52 response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg) 53 end if 54end if 55 56'----------------------------------------------------------------------------------------------------- 57'------------------------------------------------------------------------------------ Send New Message 58'----------------------------------------------------------------------------------------------------- 59if request.form("Submit")="����� ����" then 60 ON ERROR RESUME NEXT 61 62 ErrorFound = false 63 ErrorMsg = "" 64 65 MsgTo = cint(request.form("MsgTo")) 66 msgTitle = sqlSafe(request.form("msgTitle")) 67 msgBody = sqlSafe(left(request.form("msgBody"),1999)) 68 RelatedTable = sqlSafe(request.form("RelatedTable")) 69 relatedID = sqlSafe(request.form("relatedID")) 70 if relatedID<>"" then relatedID = clng(relatedID) 71 replyTo = sqlSafe(request.form("replyTo")) 72 IsReply = sqlSafe(request.form("IsReply")) 73 urgent = sqlSafe(request.form("urgent")) 74 MsgFrom = session("ID") 75 MsgDate = shamsiToday() 76 MsgTime = currentTime10() 77 78 returnURL = request.form("retURL") 79 80 if instr(returnURL,"?") > 0 then 81 returnURL = returnURL & "&" 82 else 83 returnURL = returnURL & "?" 84 end if 85 86 if IsNumeric(request.form("msgType")) then 87 msgType = CInt(request.form("msgType")) 88 else 89 msgType=0 90 end if 91 92 if MsgTo <> -100 then 93 set RS=Conn.Execute ("SELECT RealName FROM Users where ID="& MsgTo) 94 if RS.eof then 95 ErrorFound = true 96 ErrorMsg = "������ ���� ���� �����" 97 else 98 ReceiverName= RS("RealName") 99 end if 100 RS.close 101 end if 102 103 if Err.Number<>0 then 104 ErrorFound = true 105 ErrorMsg = "��� �� �����." 106 end if 107 ON ERROR GOTO 0 108 109 if ErrorFound then 110 conn.close 111 response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg) 112 end if 113 114 if MsgTo=-100 AND Auth(0 , 7) then '����� ���� �� ��� 115 msg = "���� ���� " 116 writeAnd = "" 117 set RSV=Conn.Execute ("SELECT * FROM Users WHERE (ID <> 0) AND (Display = 1) ORDER BY RealName") 118 Do while not RSV.eof 119 MsgTo=RSV("ID") 120 MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")" 121 conn.Execute MySQL 122 msg = msg & writeAnd & RSV("RealName") 123 writeAnd = " � " 124 RSV.moveNext 125 Loop 126 RSV.close 127 msg = msg & " ����� ��." 128 else 129 MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")" 130 conn.Execute MySQL 131 if MsgTo=0 then 132 msg = "������� ��� ��." 133 else 134 msg = "���� ���� " & ReceiverName & " ����� ��." 135 end if 136 end if 137 response.redirect returnURL & "msg=" & Server.URLEncode(msg) 138end if 139 140'----------------------------------------------------------------------------------------------------- 141'----------------------------------------------------------------------------------------------------- 142'----------------------------------------------------------------------------------------------------- 143%> 144 145<center><BR><BR><BR> 146<TABLE> 147<TR> 148<% 149replyTo = "0" 150IsReply = "0" 151RelatedTable = "NaN" 152RelatedID = "0" 153msgBody = "" 154MsgTitle = "" 155 156'----------------------------------------------------------------------------------------------------- 157'------------------------------------------------------------------------------------------ Reply Form 158'----------------------------------------------------------------------------------------------------- 159if request("act") = "reply" then 160 response.write "<TD valign=top> " 161 replyTo = request("id") 162 IsReply = "1" 163 MySQL = "SELECT * FROM Messages WHERE (id = "& replyTo & ") and (MsgTo="& session("id") & ")" 164 set RSM = conn.Execute (MySQL) 165 if RSM.EOF then 166 response.write "<BR><BR><BR><BR><CENTER>����� ���� ����� ������ �� ������� �� �� ���� �� �����</CENTER>" 167 response.end 168 end if 169 sendTo = RSM("MsgFrom") 170 RelatedTable = trim(RSM("RelatedTable")) 171 RelatedID = trim(RSM("RelatedID")) 172 'response.write RelatedTable 173 %> 174 <H3>���� �� ����</H3> 175 <TABLE style="border: solid 1pt black; width:220"> 176 <TR> 177 <TD> 178 <LI>����� �����: <span dir=ltr><%=RSM("MsgDate")%></span> 179 <LI>����: <%=RSM("MsgTime")%> 180 <LI>����: <%=RSM("MsgBody")%> 181 </TD> 182 </TR> 183 </TABLE> 184 </td> 185 <% 186'----------------------------------------------------------------------------------------------------- 187'-------------------------------------------------------------------------------------------- FWD Form 188'----------------------------------------------------------------------------------------------------- 189elseif request("act") = "forward" then 190 fwMsg = request("id") 191 MySQL = "SELECT Messages.*, Users.RealName FROM Messages INNER JOIN Users ON Messages.MsgFrom = Users.ID WHERE (Messages.id = "& fwMsg & ") AND (Messages.MsgTo = "& session("id") & ")" 192 set RSM = conn.Execute (MySQL) 193 if RSM.EOF then 194 response.write "<BR><BR><BR><BR><CENTER>����� ���� ����� ������ �� ������� �� �� ����� �� �����</CENTER>" 195 response.end 196 end if 197 sendTo = RSM("MsgFrom") 198 RelatedTable = trim(RSM("RelatedTable")) 199 RelatedID = trim(RSM("RelatedID")) 200 msgBody= "[���� ������ �� "& RSM("RealName")& "] " & RSM("MsgBody") 201 MsgTitle = "FWD" 202 %> 203 <TR> 204 <TD colspan=2 align=center><H3>����� ����</H3></TD> 205 </TR> 206 <% 207elseif request("act") ="" then 208 %> 209 <TR> 210 <TD colspan=2 align=center><H3>����� ���� �� �����</H3></TD> 211 </TR> 212 <% 213end if 214 215'----------------------------------------------------------------------------------------------------- 216'------------------------------------------------------------------------------------ New Message Form 217'----------------------------------------------------------------------------------------------------- 218if request("act")<>"show" then 219 220 if request("act")<>"reply" and request("act")<>"forward" then 221 RelatedID=request("RelatedID") 222 RelatedTable=LCase(request("RelatedTable")) 223 end if 224 Select Case RelatedTable 225 Case "orders": 226 RelatedTableName = "����� �����" 227 Case "accounts": 228 RelatedTableName = "����� ����" 229 Case "invoices": 230 RelatedTableName = "������ �����" 231 Case "quotes": 232 RelatedTableName = "������� �����" 233 Case else: 234 RelatedTableName = RelatedTable 235 End Select 236 if request("sendTo") <> "" then sendTo = request("sendTo") 237 'response.write sendTo 238 'response.write RelatedTable 239 %> 240 <TD valign=top> 241 <FORM METHOD=POST ACTION="message.asp"> 242 <INPUT TYPE="hidden" name="replyTo" value="<%=replyTo%>"> 243 <INPUT TYPE="hidden" name="IsReply" value="<%=IsReply%>"> 244 <TABLE> 245 <TR> 246 <TD align=left>������:</TD> 247 <TD align=right> 248 <INPUT TYPE="hidden" NAME="retURL" value="<%=request("retURL")%>"> 249 <% if not (request("act") = "reply") then %> 250 <select name="MsgTo" class=inputBut > 251 <% set RSV=Conn.Execute ("SELECT * FROM Users WHERE Display=1 ORDER BY RealName") 252 Do while not RSV.eof 253 %> 254 <option value="<%=RSV("ID")%>" <% 255 if cint(RSV("ID"))=cint(sendTo) then 256 response.write " selected " 257 end if 258 %>><%=RSV("RealName")%></option> 259 <% 260 RSV.moveNext 261 Loop 262 RSV.close 263 %> 264 <% if Auth(0 , 7) then 265 ' Has the Priviledge to SEND MESSAGE TO EVERYONE 266 %> <option disabled value="0">----------------------</option> 267 <option value="-100">* ��� *</option> 268 <% end if%> 269 </select> 270 <% else 271 272 if request("sendTo")<>"" then 273 sendTo = request("sendTo") 274 end if 275 276 set RSV=Conn.Execute ("SELECT RealName FROM Users where ID = " & sendTo) 277 if RSV.EOF then 278 response.redirect "message.asp" 279 end if %> 280 <INPUT TYPE="hidden" NAME="MsgTo" value="<%=sendTo%>"><INPUT readonly TYPE="text" NAME="MsgTo21" value="<%=RSV("RealName")%>"> 281 <% end if %> 282 <span dir=ltr><%=shamsiToday()%></span><BR> 283 </TD> 284 </TR> 285 <TR> 286 <TD align=left><!--�����--></TD> 287 <TD align=right> 288 <INPUT TYPE="hidden" NAME="msgTitle" class=inputBut size=31 value="<%=MsgTitle%>"> 289 </TD> 290 </TR> 291 <TR> 292 <TD align=left>����</TD> 293 <TD align=right> 294 <TEXTAREA NAME="msgBody" ROWS="7" class=inputBut COLS="32" maxlength=1999><%=msgBody%></TEXTAREA> 295 </TD> 296 </TR> 297 <TR> 298 <TD align=left>����� ��� �� </TD> 299 <TD align=right> 300 <% if RelatedID = "" then %> 301 <SELECT NAME="RelatedTable" onchange="hideIT()" > 302 <option <% if RelatedTable="NaN" then %> selected <% end if %>value="NaN">����</option> 303 <option <% if RelatedTable="orders" then %> selected <% end if %>value="orders">�����/������� (�����)</option> 304 <option <% if RelatedTable="accounts" then %> selected <% end if %>value="accounts">���� (�����)</option> 305 <option <% if RelatedTable="invoices" then %> selected <% end if %>value="invoices">������ (�����)</option> 306 307 </SELECT> 308 <span name="relatedIDSpan" id="relatedIDSpan"> 309 <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" onKeyPress="return maskNumber(this);" > 310 </span> 311 <% else %> 312 <INPUT TYPE="hidden" NAME="RelatedTable" value="<%=RelatedTable%>"><INPUT TYPE="text" NAME="alak" value="<%=RelatedTableName%>"size=17 readonly> <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>" readonly> 313 <% end if %> 314 </TD> 315 </TR> 316 <TR> 317 <TD align=left>������:</TD> 318 <TD align=right> 319 <span style="background-color:white"><INPUT TYPE="radio" NAME="urgent" value="0" checked>���� 320 <span style="background-color:#FFDDDD"><INPUT TYPE="radio" NAME="urgent" value="1">���� 321 <span style="background-color:yellow"><INPUT TYPE="radio" NAME="urgent" value="2">���� ���� 322 </TD> 323 </TR> 324 <tr> 325 <td align="left">���:</td> 326 <td align="right"> 327 <select name="msgType"> 328 <% 329 set rs= Conn.Execute("select * from message_types") 330 if request("typeID")<>"" then typeID=request("typeID") 331 while not rs.eof 332 %> 333 <option value="<%=rs("id")%>" <%if cint(typeID)=cint(rs("id")) then response.write(" selected ") %>><%=rs("name")%></option> 334 <% 335 rs.moveNext 336 wend 337 %> 338 </select> 339 </td> 340 </tr> 341 <TR> 342 <TD align=left></TD> 343 <TD align=center><br><INPUT TYPE="submit" name="submit" value="����� ����"></TD> 344 </TR> 345 <TR> 346 <TD align=left></TD> 347 <TD align=right> 348 </TD> 349 </TR> 350 </TABLE> 351 </FORM> 352<% 353end if 354%> 355<SCRIPT type="text/javascript"> 356 $(document).ready(function(){ 357 hideIT(); 358 }); 359 function hideIT(){ 360 if ($("select[name=RelatedTable]").val()=='NaN'){ 361 $("#relatedIDSpan").css("visibility","hidden"); 362 } else { 363 $("#relatedIDSpan").css("visibility","visible"); 364 $("[name=relatedID]").focus(); 365 } 366 } 367</SCRIPT> 368 369</TD> 370</TR> 371</TABLE> 372 373<!--#include file="tah.asp" -->