2012-01-26 08:00:25 +00:00
|
|
|
<?
|
|
|
|
|
if ($Message = db_string($_POST['message'])) {
|
|
|
|
|
if ($Subject = db_string($_POST['subject'])) {
|
2013-05-16 16:15:57 +00:00
|
|
|
// New staff PM conversation
|
2012-01-26 08:00:25 +00:00
|
|
|
$Level = db_string($_POST['level']);
|
|
|
|
|
$DB->query("
|
2013-02-22 08:00:24 +00:00
|
|
|
INSERT INTO staff_pm_conversations
|
2012-01-26 08:00:25 +00:00
|
|
|
(Subject, Status, Level, UserID, Date)
|
|
|
|
|
VALUES
|
|
|
|
|
('$Subject', 'Unanswered', $Level, ".$LoggedUser['ID'].", '".sqltime()."')"
|
|
|
|
|
);
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
// New message
|
|
|
|
|
$ConvID = $DB->inserted_id();
|
|
|
|
|
$DB->query("
|
|
|
|
|
INSERT INTO staff_pm_messages
|
|
|
|
|
(UserID, SentDate, Message, ConvID)
|
|
|
|
|
VALUES
|
|
|
|
|
(".$LoggedUser['ID'].", '".sqltime()."', '$Message', $ConvID)"
|
|
|
|
|
);
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
header('Location: staffpm.php');
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
} elseif ($ConvID = (int)$_POST['convid']) {
|
|
|
|
|
// Check if conversation belongs to user
|
|
|
|
|
$DB->query("SELECT UserID, AssignedToUser FROM staff_pm_conversations WHERE ID=$ConvID");
|
|
|
|
|
list($UserID, $AssignedToUser) = $DB->next_record();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
if ($UserID == $LoggedUser['ID'] || $IsFLS || $UserID == $AssignedToUser) {
|
|
|
|
|
// Response to existing conversation
|
|
|
|
|
$DB->query("
|
|
|
|
|
INSERT INTO staff_pm_messages
|
|
|
|
|
(UserID, SentDate, Message, ConvID)
|
|
|
|
|
VALUES
|
|
|
|
|
(".$LoggedUser['ID'].", '".sqltime()."', '$Message', $ConvID)"
|
|
|
|
|
);
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
// Update conversation
|
|
|
|
|
if ($IsFLS) {
|
|
|
|
|
// FLS/Staff
|
2013-05-16 16:15:57 +00:00
|
|
|
$DB->query("
|
|
|
|
|
UPDATE staff_pm_conversations
|
|
|
|
|
SET Date='".sqltime()."', Unread=true, Status='Open'
|
|
|
|
|
WHERE ID=$ConvID");
|
2012-01-26 08:00:25 +00:00
|
|
|
$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);
|
|
|
|
|
} else {
|
|
|
|
|
// User
|
2013-05-16 16:15:57 +00:00
|
|
|
$DB->query("
|
|
|
|
|
UPDATE staff_pm_conversations
|
|
|
|
|
SET Date='".sqltime()."', Unread=true, Status='Unanswered'
|
|
|
|
|
WHERE ID=$ConvID");
|
2012-01-26 08:00:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Clear cache for user
|
|
|
|
|
$Cache->delete_value('staff_pm_new_'.$UserID);
|
|
|
|
|
$Cache->delete_value('staff_pm_new_'.$LoggedUser['ID']);
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
header("Location: staffpm.php?action=viewconv&id=$ConvID");
|
|
|
|
|
} else {
|
|
|
|
|
// User is trying to respond to conversation that does no belong to them
|
|
|
|
|
error(403);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2013-05-16 16:15:57 +00:00
|
|
|
// Message but no subject or conversation ID
|
2012-01-26 08:00:25 +00:00
|
|
|
header("Location: staffpm.php?action=viewconv&id=$ConvID");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
}
|
|
|
|
|
} elseif ($ConvID = (int)$_POST['convid']) {
|
2013-05-16 16:15:57 +00:00
|
|
|
// No message, but conversation ID
|
2012-01-26 08:00:25 +00:00
|
|
|
header("Location: staffpm.php?action=viewconv&id=$ConvID");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-01-26 08:00:25 +00:00
|
|
|
} else {
|
2013-05-16 16:15:57 +00:00
|
|
|
// No message or conversation ID
|
2012-01-26 08:00:25 +00:00
|
|
|
header('Location: staffpm.php');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
