2012-09-01 08:00:24 +00:00
|
|
|
<?
|
|
|
|
|
if ($IDs = $_POST['id']) {
|
|
|
|
|
$Queries = array();
|
|
|
|
|
foreach ($IDs as &$ID) {
|
|
|
|
|
$ID = (int)$ID;
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
// Check if conversation belongs to user
|
|
|
|
|
$DB->query("SELECT UserID, AssignedToUser FROM staff_pm_conversations WHERE ID=$ID");
|
|
|
|
|
list($UserID, $AssignedToUser) = $DB->next_record();
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
if ($UserID == $LoggedUser['ID'] || $DisplayStaff == '1' || $UserID == $AssignedToUser) {
|
|
|
|
|
// Conversation belongs to user or user is staff, queue query
|
|
|
|
|
$Queries[] = "UPDATE staff_pm_conversations SET Status='Resolved', ResolverID=".$LoggedUser['ID']." WHERE ID=$ID";
|
|
|
|
|
} else {
|
|
|
|
|
// Trying to run disallowed query
|
|
|
|
|
error(403);
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
// Run queries
|
|
|
|
|
foreach ($Queries as $Query) {
|
|
|
|
|
$DB->query($Query);
|
|
|
|
|
}
|
|
|
|
|
// Clear cache for user
|
|
|
|
|
$Cache->delete_value('staff_pm_new_'.$LoggedUser['ID']);
|
|
|
|
|
$Cache->delete_value('num_staff_pms_'.$LoggedUser['ID']);
|
|
|
|
|
|
|
|
|
|
// Done! Return to inbox
|
|
|
|
|
header("Location: staffpm.php");
|
2013-02-22 08:00:24 +00:00
|
|
|
|
2012-09-01 08:00:24 +00:00
|
|
|
} else {
|
|
|
|
|
// No id
|
|
|
|
|
header("Location: staffpm.php");
|
|
|
|
|
}
|
|
|
|
|
?>
|
