2012-09-01 08:00:24 +00:00
|
|
|
<?
|
|
|
|
if ($IDs = $_POST['id']) {
|
|
|
|
$Queries = array();
|
|
|
|
foreach ($IDs as &$ID) {
|
|
|
|
$ID = (int)$ID;
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
// Check if conversation belongs to user
|
2013-07-02 08:01:37 +00:00
|
|
|
$DB->query("
|
|
|
|
SELECT UserID, AssignedToUser
|
|
|
|
FROM staff_pm_conversations
|
|
|
|
WHERE ID = $ID");
|
2012-09-01 08:00:24 +00:00
|
|
|
list($UserID, $AssignedToUser) = $DB->next_record();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
if ($UserID == $LoggedUser['ID'] || $DisplayStaff == '1' || $UserID == $AssignedToUser) {
|
|
|
|
// Conversation belongs to user or user is staff, queue query
|
2013-07-02 08:01:37 +00:00
|
|
|
$Queries[] = "
|
|
|
|
UPDATE staff_pm_conversations
|
|
|
|
SET Status = 'Resolved', ResolverID = ".$LoggedUser['ID']."
|
|
|
|
WHERE ID = $ID";
|
2012-09-01 08:00:24 +00:00
|
|
|
} else {
|
|
|
|
// Trying to run disallowed query
|
|
|
|
error(403);
|
|
|
|
}
|
|
|
|
}
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
// Run queries
|
|
|
|
foreach ($Queries as $Query) {
|
|
|
|
$DB->query($Query);
|
|
|
|
}
|
|
|
|
// Clear cache for user
|
|
|
|
$Cache->delete_value('staff_pm_new_'.$LoggedUser['ID']);
|
|
|
|
$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);
|
|
|
|
|
|
|
|
// Done! Return to inbox
|
|
|
|
header("Location: staffpm.php");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
} else {
|
2013-07-02 08:01:37 +00:00
|
|
|
// No ID
|
2012-09-01 08:00:24 +00:00
|
|
|
header("Location: staffpm.php");
|
|
|
|
}
|
|
|
|
?>
|