Gazelle/sections/staffpm/multiresolve.php

<?
if ($IDs = $_POST['id']) {
	$Queries = array();
	foreach ($IDs as &$ID) {
		$ID = (int)$ID;

		// Check if conversation belongs to user
		$DB->query("
			SELECT UserID, AssignedToUser
			FROM staff_pm_conversations
			WHERE ID = $ID");
		list($UserID, $AssignedToUser) = $DB->next_record();

		if ($UserID == $LoggedUser['ID'] || $DisplayStaff == '1' || $UserID == $AssignedToUser) {
			// Conversation belongs to user or user is staff, queue query
			$Queries[] = "
				UPDATE staff_pm_conversations
				SET Status = 'Resolved', ResolverID = ".$LoggedUser['ID']."
				WHERE ID = $ID";
		} else {
			// Trying to run disallowed query
			error(403);
		}
	}

	// Run queries
	foreach ($Queries as $Query) {
		$DB->query($Query);
	}
	// Clear cache for user
	$Cache->delete_value('staff_pm_new_'.$LoggedUser['ID']);
	$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);

	// Done! Return to inbox
	header("Location: staffpm.php");

} else {
	// No ID
	header("Location: staffpm.php");
}
?>
Empty commit 2012-09-01 08:00:24 +00:00			`<?`
			`if ($IDs = $_POST['id']) {`
			`$Queries = array();`
			`foreach ($IDs as &$ID) {`
			`$ID = (int)$ID;`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2012-09-01 08:00:24 +00:00			`// Check if conversation belongs to user`
Empty commit 2013-07-02 08:01:37 +00:00			`$DB->query("`
			`SELECT UserID, AssignedToUser`
			`FROM staff_pm_conversations`
			`WHERE ID = $ID");`
Empty commit 2012-09-01 08:00:24 +00:00			`list($UserID, $AssignedToUser) = $DB->next_record();`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2012-09-01 08:00:24 +00:00			`if ($UserID == $LoggedUser['ID'] \|\| $DisplayStaff == '1' \|\| $UserID == $AssignedToUser) {`
			`// Conversation belongs to user or user is staff, queue query`
Empty commit 2013-07-02 08:01:37 +00:00			`$Queries[] = "`
			`UPDATE staff_pm_conversations`
			`SET Status = 'Resolved', ResolverID = ".$LoggedUser['ID']."`
			`WHERE ID = $ID";`
Empty commit 2012-09-01 08:00:24 +00:00			`} else {`
			`// Trying to run disallowed query`
			`error(403);`
			`}`
			`}`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2012-09-01 08:00:24 +00:00			`// Run queries`
			`foreach ($Queries as $Query) {`
			`$DB->query($Query);`
			`}`
			`// Clear cache for user`
			`$Cache->delete_value('staff_pm_new_'.$LoggedUser['ID']);`
			`$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);`

			`// Done! Return to inbox`
			`header("Location: staffpm.php");`
Empty commit 2013-02-22 08:00:24 +00:00
Empty commit 2012-09-01 08:00:24 +00:00			`} else {`
Empty commit 2013-07-02 08:01:37 +00:00			`// No ID`
Empty commit 2012-09-01 08:00:24 +00:00			`header("Location: staffpm.php");`
			`}`
			`?>`