b2evolution PHP Cross Reference Blogging Systems

Source: /inc/messaging/contacts.ctrl.php - 166 lines - 5309 bytes - Text - Print

Description: This file is part of b2evolution - {@link http://b2evolution.net/} See also {@link http://sourceforge.net/projects/evocms/}.

   1  <?php
   2  /**
   3   * This file is part of b2evolution - {@link http://b2evolution.net/}
   4   * See also {@link http://sourceforge.net/projects/evocms/}.
   5   *
   6   * @copyright (c)2009-2014 by Francois PLANQUE - {@link http://fplanque.net/}
   7   * Parts of this file are copyright (c)2009 by The Evo Factory - {@link http://www.evofactory.com/}.
   8   *
   9   * Released under GNU GPL License - {@link http://b2evolution.net/about/license.html}
  10   *
  11   * {@internal Open Source relicensing agreement:
  12   * The Evo Factory grants Francois PLANQUE the right to license
  13   * The Evo Factory's contributions to this file and the b2evolution project
  14   * under any OSI approved OSS license (http://www.opensource.org/licenses/).
  15   * }}
  16   *
  17   * @package messaging
  18   *
  19   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}
  20   * @author efy-maxim: Evo Factory / Maxim.
  21   * @author fplanque: Francois Planque.
  22   *
  23   * @version $Id: contacts.ctrl.php 6136 2014-03-08 07:59:48Z manuel $
  24   */
  25  if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' );
  26  
  27  /**
  28   * @var User
  29   */
  30  global $DB, $current_User;
  31  
  32  // Check minimum permission:
  33  if( !$current_User->check_perm( 'perm_messaging', 'reply' ) )
  34  {
  35      $Messages->add( 'Sorry, you are not allowed to view cotnacts!' );
  36      header_redirect( $admin_url );
  37  }
  38  
  39  // Set options path:
  40  $AdminUI->set_path( 'messaging', 'contacts' );
  41  
  42  // Get action parameter from request:
  43  param_action();
  44  
  45  $mct_blocked = NULL;
  46  switch( $action )
  47  {
  48      case 'block': // Block selected contact
  49          // Check that this action request is not a CSRF hacked request:
  50          $Session->assert_received_crumb( 'messaging_contacts' );
  51          $mct_blocked = 1;
  52          break;
  53  
  54      case 'unblock': // Unblock selected contact
  55          // Check that this action request is not a CSRF hacked request:
  56          $Session->assert_received_crumb( 'messaging_contacts' );
  57          $mct_blocked = 0;
  58          break;
  59  
  60      case 'remove_user': // Remove user from contacts group
  61          // Check that this action request is not a CSRF hacked request:
  62          $Session->assert_received_crumb( 'messaging_contacts' );
  63  
  64          $user_ID = param( 'user_ID', 'integer', 0 );
  65          $group_ID = param( 'group_ID', 'integer', 0 );
  66          if( $user_ID > 0 && $group_ID > 0 )
  67          {    // Remove user from selected group
  68              if( remove_contacts_group_user( $group_ID, $user_ID ) )
  69              {    // User has been removed from the group
  70                  // Redirect to the contacts list
  71                  header_redirect( url_add_param( $admin_url, 'ctrl=contacts', '&' ) );
  72              }
  73          }
  74          break;
  75  
  76      case 'add_group': // Add users to the group
  77          // Check that this action request is not a CSRF hacked request:
  78          $Session->assert_received_crumb( 'messaging_contacts' );
  79  
  80          $group = param( 'group', 'string', '' );
  81          $users = param( 'users', 'string', '' );
  82  
  83          if( $result = create_contacts_group_users( $group, $users ) )
  84          {    // Users have been added to the group
  85              $Messages->add( sprintf( T_('%d contacts have been added to the &laquo;%s&raquo; group.'), $result['count_users'], $result['group_name'] ), 'success' );
  86              header_redirect( url_add_param( $admin_url, 'ctrl=contacts' ) );
  87          }
  88          break;
  89  
  90      case 'rename_group': // Rename the group
  91          // Check that this action request is not a CSRF hacked request:
  92          $Session->assert_received_crumb( 'messaging_contacts' );
  93  
  94          $group_ID = param( 'group_ID', 'integer', true );
  95  
  96          if( rename_contacts_group( $group_ID ) )
  97          {
  98              $Messages->add( T_('The group has been renamed.'), 'success' );
  99              header_redirect( url_add_param( $admin_url, 'ctrl=contacts&g='.$group_ID, '&' ) );
 100          }
 101          break;
 102  
 103      case 'delete_group': // Delete the group
 104          // Check that this action request is not a CSRF hacked request:
 105          $Session->assert_received_crumb( 'messaging_contacts' );
 106  
 107          $group_ID = param( 'group_ID', 'integer', true );
 108  
 109          if( delete_contacts_group( $group_ID ) )
 110          {
 111              $Messages->add( T_('The group has been deleted.'), 'success' );
 112              header_redirect( url_add_param( $admin_url, 'ctrl=contacts', '&' ) );
 113          }
 114          break;
 115  }
 116  
 117  if( isset( $mct_blocked ) )
 118  {
 119      set_contact_blocked( param( 'user_ID', 'integer' ), $mct_blocked );
 120  
 121      // Memorize params for the function regenerate_url()
 122      param( 's', 'string', '', true );
 123      param( 'g', 'integer', 0, true );
 124      param( 'results_mct_page', 'integer', 0, true );
 125      param( 'results_mct_order', 'string', '', true );
 126      // Redirect so that a reload doesn't write to the DB twice:
 127      header_redirect( regenerate_url( '', '', '', '&' ), 303 ); // Will EXIT
 128      // We have EXITed already at this point!!
 129      break;
 130  }
 131  
 132  $AdminUI->breadcrumbpath_init( false );  // fp> I'm playing with the idea of keeping the current blog in the path here...
 133  $AdminUI->breadcrumbpath_add( T_('Messages'), '?ctrl=threads' );
 134  $AdminUI->breadcrumbpath_add( T_('Contacts'), '?ctrl=contacts' );
 135  
 136  // Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
 137  $AdminUI->disp_html_head();
 138  
 139  // Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
 140  $AdminUI->disp_body_top();
 141  
 142  $AdminUI->disp_payload_begin();
 143  
 144  /**
 145   * Display payload:
 146   */
 147  switch( $action )
 148  {
 149      case 'nil':
 150          // Do nothing
 151          break;
 152  
 153      case 'block':
 154      case 'unblock':
 155      default:
 156          // Display contacts:
 157          $AdminUI->disp_view( 'messaging/views/_contact_list.view.php' );
 158          break;
 159  }
 160  
 161  $AdminUI->disp_payload_end();
 162  
 163  // Display body bottom, debug info and close </html>:
 164  $AdminUI->disp_global_footer();
 165  
 166  ?>

title

Description

title

Description

title

Description

title

title

Body