PageRenderTime 28ms CodeModel.GetById 15ms app.highlight 4ms RepoModel.GetById 2ms app.codeStats 0ms

/beta/home/message.asp

http://github.com/khaneh/Orders
ASP | 373 lines | 330 code | 23 blank | 20 comment | 46 complexity | 58f84c610d789d6355afad1145dfd815 MD5 | raw file
  1<%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><% 
  2'Home (0)
  3PageTitle= " ������� "
  4SubmenuItem=2
  5if not Auth(0 , 2) then NotAllowdToViewThisPage()
  6
  7sendTo = session("id")
  8%>
  9<!--#include file="top.asp" -->
 10<!--#include File="../include_farsiDateHandling.asp"-->
 11<!--#include File="../include_JS_InputMasks.asp"-->
 12<%
 13
 14function sqlSafe (s)
 15  st=s
 16  st=replace(St,"'","`")
 17  st=replace(St,chr(34),"`")
 18  sqlsafe=st
 19end function
 20if request("act")="show" then 
 21	if IsNumeric(request("id")) then 
 22		set rs=Conn.execute ("select Messages.*,userTo.realName as toName, userFrom.realName as fromName,message_types.name as typeName from Messages inner join users as userTo on Messages.msgTo=userTo.id inner join users as userFrom on Messages.msgFrom=userFrom.id inner join message_types on Messages.type=message_types.id where Messages.id=" & request("id"))
 23		if rs.eof then 
 24			ErrorMsg	= "���� ����!"
 25			response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
 26		end if
 27		select case Trim(rs("relatedTable"))
 28			case "accounts":
 29				response.redirect "../CRM/AccountInfo.asp?act=show&selectedCustomer="&rs("relatedID")
 30			case "invoices":
 31				response.redirect "../AR/AccountReport.asp?act=showInvoice&invoice="&rs("relatedID")
 32			case "orders":
 33				response.redirect "../order/TraceOrder.asp?act=show&order="&rs("relatedID")
 34			case "quotes" :
 35				response.redirect "../order/Inquiry.asp?act=show&quote="&rs("relatedID")
 36			case else 
 37%>
 38<br><br><br>
 39
 40<div align="right">
 41	<LI>����� �����: <span dir=ltr><%=RS("MsgDate")%></span>
 42	<LI>����: <%=RS("MsgTime")%>
 43	<li>��: <%=rs("fromName")%></li>
 44	<li>��: <%=rs("toName")%></li>
 45	<li><%=rs("typeName")%></li>
 46	<LI>����: <%=RS("MsgBody")%>
 47</div>
 48<%					
 49		end select
 50	else
 51		ErrorMsg	= "��� �� �����."
 52		response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
 53	end if
 54end if
 55
 56'-----------------------------------------------------------------------------------------------------
 57'------------------------------------------------------------------------------------ Send New Message
 58'-----------------------------------------------------------------------------------------------------
 59if request.form("Submit")="����� ����" then
 60	ON ERROR RESUME NEXT
 61
 62		ErrorFound		= false
 63		ErrorMsg		= ""
 64
 65		MsgTo			= cint(request.form("MsgTo"))
 66		msgTitle		= sqlSafe(request.form("msgTitle"))
 67		msgBody			= sqlSafe(left(request.form("msgBody"),1999))
 68		RelatedTable	= sqlSafe(request.form("RelatedTable"))
 69		relatedID		= sqlSafe(request.form("relatedID"))
 70		if relatedID<>"" then relatedID = clng(relatedID)
 71		replyTo			= sqlSafe(request.form("replyTo"))
 72		IsReply			= sqlSafe(request.form("IsReply"))
 73		urgent			= sqlSafe(request.form("urgent"))
 74		MsgFrom			= session("ID")
 75		MsgDate			= shamsiToday()
 76		MsgTime			= currentTime10()
 77
 78		returnURL		= request.form("retURL")
 79
 80		if instr(returnURL,"?") > 0 then
 81			returnURL = returnURL & "&"
 82		else
 83			returnURL = returnURL & "?"
 84		end if
 85		
 86		if IsNumeric(request.form("msgType")) then
 87			msgType = CInt(request.form("msgType"))
 88		else
 89			msgType=0
 90		end if
 91		
 92		if MsgTo <> -100 then
 93			set RS=Conn.Execute ("SELECT RealName FROM Users where ID="& MsgTo) 
 94			if RS.eof then
 95				ErrorFound	= true
 96				ErrorMsg	= "������ ���� ���� �����"
 97			else
 98				ReceiverName= RS("RealName")
 99			end if
100			RS.close
101		end if
102
103		if Err.Number<>0 then
104			ErrorFound	= true
105			ErrorMsg	= "��� �� �����."
106		end if
107	ON ERROR GOTO 0
108
109	if ErrorFound then
110		conn.close
111		response.redirect returnURL & "errMsg=" & Server.URLEncode(ErrorMsg)
112	end if
113
114	if MsgTo=-100 AND Auth(0 , 7) then '����� ���� �� ���
115		msg = "���� ���� "
116		writeAnd = ""
117		set RSV=Conn.Execute ("SELECT * FROM Users WHERE (ID <> 0) AND (Display = 1) ORDER BY RealName") 
118		Do while not RSV.eof
119			MsgTo=RSV("ID")
120			MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
121			conn.Execute MySQL 
122			msg = msg & writeAnd & RSV("RealName")
123			writeAnd = " � "
124			RSV.moveNext
125		Loop
126		RSV.close
127		msg = msg & " ����� ��."
128	else
129		MySQL = "INSERT INTO Messages (MsgFrom, MsgTo, MsgTime, MsgDate, IsRead, MsgTitle, MsgBody, replyTo, IsReply, relatedID, RelatedTable, urgent, type) VALUES ( "& MsgFrom & ", "& MsgTo & ", N'"& MsgTime & "', N'"& MsgDate & "', 0, N'"& MsgTitle & "', N'"& MsgBody & "', "& replyTo & ", "& IsReply & ", '"& relatedID & "', '"& RelatedTable & "', "& urgent & ", " & msgType & ")"
130		conn.Execute MySQL 
131		if MsgTo=0 then
132			msg = "������� ��� ��."
133		else
134			msg = "���� ���� " & ReceiverName &  " ����� ��."
135		end if
136	end if
137	response.redirect returnURL & "msg=" & Server.URLEncode(msg)
138end if
139
140'-----------------------------------------------------------------------------------------------------
141'-----------------------------------------------------------------------------------------------------
142'-----------------------------------------------------------------------------------------------------
143%>
144
145<center><BR><BR><BR>
146<TABLE>
147<TR>
148<%
149replyTo = "0"
150IsReply = "0"
151RelatedTable = "NaN"
152RelatedID = "0"
153msgBody = ""
154MsgTitle = ""
155
156'-----------------------------------------------------------------------------------------------------
157'------------------------------------------------------------------------------------------ Reply Form
158'-----------------------------------------------------------------------------------------------------
159if request("act") = "reply" then
160	response.write "<TD valign=top> "
161	replyTo = request("id")
162	IsReply = "1"
163	MySQL = "SELECT * FROM Messages WHERE (id = "& replyTo & ") and (MsgTo="& session("id") & ")"
164	set RSM = conn.Execute (MySQL)
165	if RSM.EOF then
166		response.write "<BR><BR><BR><BR><CENTER>����� ���� ����� ������ �� ������� �� �� ���� �� �����</CENTER>"
167		response.end
168	end if
169	sendTo			= RSM("MsgFrom")
170	RelatedTable	= trim(RSM("RelatedTable"))
171	RelatedID		= trim(RSM("RelatedID"))
172	'response.write RelatedTable
173	%>
174	<H3>���� �� ����</H3>
175	<TABLE style="border: solid 1pt black; width:220">
176	<TR>
177		<TD>
178			<LI>����� �����: <span dir=ltr><%=RSM("MsgDate")%></span>
179			<LI>����: <%=RSM("MsgTime")%>
180			<LI>����: <%=RSM("MsgBody")%>
181		</TD>
182	</TR>
183	</TABLE>
184	</td>
185	<%
186'-----------------------------------------------------------------------------------------------------
187'-------------------------------------------------------------------------------------------- FWD Form
188'-----------------------------------------------------------------------------------------------------
189elseif request("act") = "forward" then
190	fwMsg = request("id")
191	MySQL = "SELECT Messages.*, Users.RealName FROM Messages INNER JOIN Users ON Messages.MsgFrom = Users.ID WHERE (Messages.id = "& fwMsg & ") AND (Messages.MsgTo = "& session("id") & ")"
192	set RSM = conn.Execute (MySQL)
193	if RSM.EOF then
194		response.write "<BR><BR><BR><BR><CENTER>����� ���� ����� ������ �� ������� ��  �� ����� �� �����</CENTER>"
195		response.end
196	end if
197	sendTo = RSM("MsgFrom")
198	RelatedTable	= trim(RSM("RelatedTable"))
199	RelatedID		= trim(RSM("RelatedID"))
200	msgBody= "[���� ������ �� "& RSM("RealName")& "] " & RSM("MsgBody")
201	MsgTitle = "FWD"
202	%>
203	<TR>
204		<TD colspan=2 align=center><H3>����� ����</H3></TD>
205	</TR>
206	<%
207elseif  request("act") ="" then
208	%>
209	<TR>
210		<TD colspan=2 align=center><H3>����� ���� �� �����</H3></TD>
211	</TR>
212	<%
213end if
214
215'-----------------------------------------------------------------------------------------------------
216'------------------------------------------------------------------------------------ New Message Form
217'-----------------------------------------------------------------------------------------------------
218if request("act")<>"show" then
219
220	if request("act")<>"reply" and request("act")<>"forward"  then 
221		RelatedID=request("RelatedID")
222		RelatedTable=LCase(request("RelatedTable"))
223	end if
224	Select Case RelatedTable
225	Case "orders":
226		RelatedTableName = "����� �����"
227	Case "accounts":
228		RelatedTableName = "����� ����"
229	Case "invoices":
230		RelatedTableName = "������ �����"
231	Case "quotes":
232		RelatedTableName = "������� �����"
233	Case else:
234		RelatedTableName = RelatedTable
235	End Select
236	if request("sendTo") <> ""  then sendTo = request("sendTo")
237	'response.write sendTo
238	'response.write RelatedTable
239	%>
240	<TD  valign=top>
241	<FORM METHOD=POST ACTION="message.asp">
242	<INPUT TYPE="hidden" name="replyTo" value="<%=replyTo%>">
243	<INPUT TYPE="hidden" name="IsReply" value="<%=IsReply%>">
244	<TABLE>
245	<TR>
246		<TD align=left>������:</TD>
247		<TD align=right>
248			<INPUT TYPE="hidden" NAME="retURL" value="<%=request("retURL")%>">
249			<% if not (request("act") = "reply") then %>
250			<select name="MsgTo" class=inputBut >
251			<% set RSV=Conn.Execute ("SELECT * FROM Users WHERE Display=1 ORDER BY RealName") 
252			Do while not RSV.eof
253			%>
254				<option value="<%=RSV("ID")%>" <%
255					if cint(RSV("ID"))=cint(sendTo) then
256						response.write " selected "
257					end if
258					%>><%=RSV("RealName")%></option>
259			<%
260			RSV.moveNext
261			Loop
262			RSV.close
263			%>
264	<%		if Auth(0 , 7) then
265				' Has the Priviledge to SEND MESSAGE TO EVERYONE
266	%>			<option disabled value="0">----------------------</option>
267				<option value="-100">* ��� *</option>
268	<%		end if%>
269			</select> 
270			<% else 
271	
272			if request("sendTo")<>"" then
273			sendTo = request("sendTo")
274			end if
275	
276			set RSV=Conn.Execute ("SELECT RealName FROM Users where ID = " & sendTo) 
277			if RSV.EOF then
278				response.redirect "message.asp"
279			end if %>
280			<INPUT TYPE="hidden"  NAME="MsgTo" value="<%=sendTo%>"><INPUT readonly TYPE="text" NAME="MsgTo21" value="<%=RSV("RealName")%>">
281			<% end if %>
282			<span dir=ltr><%=shamsiToday()%></span><BR>
283		</TD>
284	</TR>
285	<TR>
286		<TD align=left><!--�����--></TD>
287		<TD align=right>
288			<INPUT TYPE="hidden" NAME="msgTitle"  class=inputBut size=31 value="<%=MsgTitle%>">
289		</TD>
290	</TR>
291	<TR>
292		<TD align=left>����</TD>
293		<TD align=right>
294			<TEXTAREA NAME="msgBody" ROWS="7"  class=inputBut COLS="32" maxlength=1999><%=msgBody%></TEXTAREA>
295		</TD>
296	</TR>
297	<TR>
298		<TD align=left>����� ��� �� </TD>
299		<TD align=right>
300			<% if RelatedID = "" then %>
301			<SELECT NAME="RelatedTable"  onchange="hideIT()" >
302				<option <% if RelatedTable="NaN" then %> selected <% end if %>value="NaN">����</option>
303				<option <% if RelatedTable="orders" then %> selected <% end if %>value="orders">�����/������� (�����)</option>
304				<option <% if RelatedTable="accounts" then %> selected <% end if %>value="accounts">���� (�����)</option>
305				<option <% if RelatedTable="invoices" then %> selected <% end if %>value="invoices">������ (�����)</option>
306	
307			</SELECT>
308			<span name="relatedIDSpan"  id="relatedIDSpan">
309				<INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>"  onKeyPress="return maskNumber(this);" >
310			</span>
311			<% else %>
312				<INPUT TYPE="hidden" NAME="RelatedTable" value="<%=RelatedTable%>"><INPUT TYPE="text" NAME="alak" value="<%=RelatedTableName%>"size=17 readonly> <INPUT TYPE="text" NAME="relatedID" size=9 value="<%=RelatedID%>"  readonly>
313			<% end if %>
314		</TD>
315	</TR>
316	<TR>
317		<TD align=left>������:</TD>
318		<TD align=right>
319			<span style="background-color:white"><INPUT TYPE="radio" NAME="urgent" value="0" checked>���� &nbsp;
320			<span style="background-color:#FFDDDD"><INPUT TYPE="radio" NAME="urgent" value="1">���� &nbsp;
321			<span style="background-color:yellow"><INPUT TYPE="radio" NAME="urgent" value="2">���� ���� &nbsp;
322		</TD>
323	</TR>
324	<tr>
325		<td align="left">���:</td>
326		<td align="right">
327			<select name="msgType">
328			<%
329			set rs= Conn.Execute("select * from message_types")
330			if request("typeID")<>"" then typeID=request("typeID")
331			while not rs.eof
332			%>
333				<option value="<%=rs("id")%>" <%if cint(typeID)=cint(rs("id")) then response.write(" selected ") %>><%=rs("name")%></option>
334			<%	
335				rs.moveNext
336			wend
337			%>
338			</select>
339		</td>
340	</tr>
341	<TR>
342		<TD align=left></TD>
343		<TD align=center><br><INPUT TYPE="submit" name="submit" value="����� ����"></TD>
344	</TR>
345	<TR>
346		<TD align=left></TD>
347		<TD align=right>
348		</TD>
349	</TR>
350	</TABLE>
351	</FORM>
352<%
353end if
354%>
355<SCRIPT type="text/javascript">
356	$(document).ready(function(){
357		hideIT();
358	});
359	function hideIT(){
360		if ($("select[name=RelatedTable]").val()=='NaN'){
361			$("#relatedIDSpan").css("visibility","hidden");
362		} else {
363			$("#relatedIDSpan").css("visibility","visible");
364			$("[name=relatedID]").focus();
365		}
366	}
367</SCRIPT>
368
369</TD>
370</TR>
371</TABLE>
372
373<!--#include file="tah.asp" -->