monitor-frontend/pmfunctions.inc.php

<?php
/*
 *      PHP Frontend for pocsag monitor
 *
 *      Copyright (C) 2004-2005
 *          Manuel Weiser (manuelw@fire-devils.org)
 *
 *      This program is free software; you can redistribute it and/or modify
 *      it under the terms of the GNU General Public License as published by
 *      the Free Software Foundation; either version 2 of the License, or
 *      (at your option) any later version.
 *
 *      This program is distributed in the hope that it will be useful,
 *      but WITHOUT ANY WARRANTY; without even the implied warranty of
 *      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *      GNU General Public License for more details.
 *
 *      You should have received a copy of the GNU General Public License
 *      along with this program; if not, write to the Free Software
 *      Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */

require_once("config.inc.php");

if( $_GET["pmdo"] == "reply" )
{
	$result	= mysqli_query($dbconn, "SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysqli_error($dbconn));
	$row = mysqli_fetch_array($result);
	eval ("\$message_field .= \"".gettemplate($template_dir."body_message_reply")."\";");
	
	echo $message_field;
}
elseif( $_GET["pmdo"] == "doreply" )
{
	$result 	= mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
	$result 	= mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysqli_error($dbconn));
	
	echo gohome($_SERVER["PHP_SELF"]);
}

elseif( $_GET["pmdo"] == "write" )
{
	$select_msg_to = '
							<select name="userid_to" id="userid_to">
									<option value="0">Empf<EFBFBD>nger</option>
									<option>--------------------</option>
					                <option value="0">Alle</option>';

		$result	= mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error($dbconn));
		while($row = mysqli_fetch_array($result))
		{
			if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
			$select_msg_to .= '
				<option value="'.$row["id"].'" '.$selected.'>'.$row["real_name"].'</option>
			';
		}

	$select_msg_to .= '
               				 </select>
	';
	
	if( $_GET["msg_to"] && empty($can_pm) )
	{
		// pm_allow ist auf 0
		$message_field .= "<b><font color=\"red\"><br>Der User darf keine PM Empfangen/Senden</font></b><br><br>";
	}
	else
	{
		//pm_allow ist auf 1
		eval ("\$message_field .= \"".gettemplate($template_dir."body_message_write")."\";");
	}
	
	echo $message_field;
}
elseif( $_GET["pmdo"] == "dowrite" )
{
	if( $_REQUEST["userid_to"] != '0' )
	{
		// an einen bestimmten User
		$result 	= mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
	}
	else
	{
		// an alle User die PM d<>rfen
		$result	= mysqli_query($dbconn, "SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error($dbconn));
		while($row = mysqli_fetch_array($result))
		{
			$result_msg 	= mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')");
		}
	}
	
	echo gohome($_SERVER["PHP_SELF"]);
}

elseif( $_GET["pmdo"] == "deletepm" )
{
	$result 	= mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error($dbconn));
}
?>