<?php
$file = "Messages";
$filename = "mesages.fpd";

define('FA_SYSTEM', true);

require ("./core.fpd");
require ("./header.fpd");

function security_strip($value) {
	return str_replace("=","",$value);
}

if(!$user_id) {
	require ("my.query.fpd");
	eval("dooutput(\"".gettemplate("access_error")."\");");
	exit();
}

if($config['readonly'] == true) {
	$output="Fur Affinity is read-only mode, you cannot make any replies.";
	$link="index.fpd";
	require ("my.query.fpd");
	eval("dooutput(\"".gettemplate("redirect")."\");");
	exit();
}

if($_REQUEST['action'] == "resetmessages") {
	$sql->query("UPDATE iworks_usermessages_Comments SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Submissions SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Watches SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Notes SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Journals SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Favorites SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
	$sql->query("UPDATE iworks_usermessages_Shouts SET isread='0' WHERE isread='1' AND targetid='$user_info[userid]'");
}

if($_REQUEST['action'] == "viewnote") {
	$note = $sql->query_first("SELECT * FROM iworks_usermessages_Notes WHERE thisdate='$_REQUEST[i]' AND targetid='$user_info[userid]'");
	if($note['isread'] != "1") {
		$sql->query("UPDATE iworks_usermessages_Notes SET isread='1' WHERE thisdate='$_REQUEST[i]' AND targetid='$user_info[userid]'");
		$sql->get_count("rowid","iworks_usermessages_Notes","targetid='$user_info[userid]' AND isread='0'");
		$sql->query("UPDATE iworks_users SET notescount='$mynotescount' WHERE userid='$user_info[userid]'");
	}
	$date = XBdate($config['longdateformat'],$_REQUEST['i'],1);
	
	$note['message'] = nl2br($note['message']);
	$note['message'] = docode($note['message']);

	require ("my.query.fpd");
	eval("dooutput(\"".gettemplate("viewnote")."\");");
	exit();
}

if($_REQUEST['action'] == "sendnote") {
	$user = $sql->query_first("SELECT username, userid, strlower FROM iworks_users WHERE strlower='".strlower($_REQUEST[name])."'");
	if($_REQUEST['send'] == "send" && $user['userid']) {
		send_message($user['userid'],$user['username'],$user_info['username'],"Notes",$_REQUEST['title'],time(),"messages.fpd",$_REQUEST['message']);
		
		$notecount = $sql->get_count("rowid","iworks_usermessages_Notes","isread='0' AND targetid='$user[userid]'");		
		$sql->query("UPDATE iworks_users SET notescount='$notecount' WHERE userid='$user[userid]'");
		
		$output="Note has been sent!";
		$link="messages.fpd?view=messages3";
		header("LOCATION: $link");
		exit();
	} else {
		$output="Note could not be sent, please type in the name again.";
		$link="messages.fpd?view=messages3";
		require ("my.query.fpd");
		eval("dooutput(\"".gettemplate("redirect")."\");");
		exit();
	}
}

if($action == "markread") {
	if($_REQUEST['view'] == "messages1") {
		$thissubmission = $_REQUEST['submissions'];
		for($i=0;$i<count($_REQUEST['submissions']);$i++) {
			$thissubmission[$i] = addslashes(security_strip($thissubmission[$i]));
			$idlist .= ",$thissubmission[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Submissions SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$leftcount = $sql->get_count("rowid","iworks_usermessages_Submissions","isread='0' AND targetid='$user_info[userid]'");
		$sql->query("UPDATE iworks_users SET submissioncount = '$leftcount' WHERE userid='$user_info[userid]'");
	}
	
	if($_REQUEST['view'] == "messages2") {
		//Watches
		$thiswatch = $_REQUEST['watches'];
		for($i=0;$i<count($_REQUEST['watches']);$i++) {
			$thiswatch[$i] = addslashes(security_strip($thiswatch[$i]));
			$idlist .= ",$thiswatch[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Watches SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$watchleftcount = $sql->get_count("rowid","iworks_usermessages_Watches","isread='0' AND targetid='$user_info[userid]'");
		$sql->query("UPDATE iworks_users SET watchcount = '$watchleftcount' WHERE userid='$user_info[userid]'");
		
		//Favorites
		$thisfavorite = $_REQUEST['favorites'];
		for($i=0;$i<count($_REQUEST['favorites']);$i++) {
			$thisfavorite[$i] = addslashes(security_strip($thisfavorite[$i]));
			$idlist .= ",$thisfavorite[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Favorites SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$favoritesleftcount = $sql->get_count("rowid","iworks_usermessages_Favorites","isread='0' AND targetid='$user_info[userid]'");
		$sql->query("UPDATE iworks_users SET favoritescount = '$favoritesleftcount' WHERE userid='$user_info[userid]'");
		
		//Comments
		$thiscoment = $_REQUEST['comments'];
		for($i=0;$i<count($_REQUEST['comments']);$i++) {
			$thiscoment[$i] = addslashes(security_strip($thiscoment[$i]));
			$idlist .= ",$thiscoment[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Comments SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		//Shouts
		$thisshout = $_REQUEST['shouts'];
		for($i=0;$i<count($_REQUEST['shouts']);$i++) {
			$thisshout[$i] = addslashes(security_strip($thisshout[$i]));
			$idlist .= ",$thisshout[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Shouts SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$shoutleftcount = $sql->get_count("rowid","iworks_usermessages_Shouts","isread='0' AND targetid='$user_info[userid]'");
		$commentleftcount = $sql->get_count("rowid","iworks_usermessages_Comments","isread='0' AND targetid='$user_info[userid]'");
		$commentleftcount = $commentleftcount + $shoutleftcount;
		
		$sql->query("UPDATE iworks_users SET commentcount = '$commentleftcount' WHERE userid='$user_info[userid]'");
		
		//Journals
		$thisjournal = $_REQUEST['journals'];
		for($i=0;$i<count($_REQUEST['journals']);$i++) {
			$thisjournal[$i] = addslashes(security_strip($thisjournal[$i]));
			if(is_numeric($thisjournal[$i])) $idlist .= ",$thisjournal[$i]";
		}
			$sql->query("UPDATE iworks_usermessages_Journals SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$journalleftcount = $sql->get_count("rowid","iworks_usermessages_Journals","isread='0' AND targetid='$user_info[userid]'");
		$sql->query("UPDATE iworks_users SET journalcount = '$journalleftcount' WHERE userid='$user_info[userid]'");
	}
	
	if($_REQUEST['view'] == "messages3") {
		for($i=0;$i<count($_REQUEST['rnotes']);$i++) {
			$rnotes = $_REQUEST['rnotes'];
			$idlist .= ",$rnotes[$i]";
		}
		
		$sql->query("UPDATE iworks_usermessages_Notes SET isread='1' WHERE rowid IN (0$idlist) AND targetid='$user_info[userid]'");
		
		$leftcount = $sql->get_count("rowid","iworks_usermessages_Notes","isread='0' AND targetid='$user_info[userid]'");
		$sql->query("UPDATE iworks_users SET notescount = '$leftcount' WHERE userid='$user_info[userid]'");
		
	}
	
	$output="Messages marked as read...";
	$link="messages.fpd?view=$view";
	header("LOCATION: $link");
	exit();
}

/*
if($_REQUEST['view']) {
	
	$budslist = $sql->query("SELECT 
		iworks_tracking.targetusername,
		iworks_tracking.target,
		iworks_useronline.online,
		iworks_useronline.invisible
		FROM iworks_tracking
		LEFT JOIN iworks_useronline ON iworks_tracking.target=iworks_useronline.userid
		WHERE iworks_tracking.user='$user_info[userid]'");
	
	
	while($row = $sql->fetch_array($budslist)) {
		if($row['online']) { $tag1 = ""; $tag2 = " (online)"; }
		if(!$row['online']) { $tag1 = ""; $tag2 = " (offline)"; }
		if($row['invisible'] == 1) { $tag1 = "<i>"; $tag2 = "</i>"; }
		$buddylist .= $tag1."$row[targetusername]".$tag2."<BR>";
		unset($tag1,$tag2);
	}
	$sql->free_result($budslist);
}
*/

if($_REQUEST['view'] == "messages1") {
	$maxpages = 15;
	$totalpages = $sql->get_count("rowid","iworks_usermessages_Submissions","isread='0' AND targetid='$user_info[userid]'");
	if(!$page) $page=1;
	$pages=ceil($totalpages/$maxpages);
	if($pages>1) $showingpages = makepagelink("messages.fpd?view=messages1", $page, $pages);
	if(!$pages || $pages == 1) $showingpages="No pages to show";
	
	$submissions = $sql->query("SELECT * FROM iworks_usermessages_Submissions WHERE isread='0' AND targetid='$user_info[userid]' ORDER BY thisdate DESC LIMIT ".($maxpages*($page-1)).",".$maxpages);
	while ($row = $sql->fetch_array($submissions)) {
		$i++;
		$row['title'] = stripslashes(stripslashes($row['title']));
		$thesesubmissions[$i] = $row;
	}
	$sql->free_result($result);
	
	$images.="<tr>";
	$i=1;
	
	for($j=1;$j<=count($thesesubmissions);$j++) {
		$rowsub = $thesesubmissions[$j];
		$thisdate = XBdate($config['today'],$rowsub['thisdate']);
		
		eval ("\$images .= \"".gettemplate("msg_submissions")."\";");
		if($i == 5){
			$images.="</tr><tr>";
			$i=0;
		}
		$i++;
	}
	
	$images.="</tr>";
	
	eval ("\$thismessagepage = \"".gettemplate("messagepage1")."\";");
	$view = "Submissions";
} elseif($_REQUEST['view'] == "messages2") {
	$comments = $sql->query("SELECT * FROM iworks_usermessages_Comments WHERE isread='0' AND targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($comments)) {
		if($row['originator'] == "") { $thisname = strlower($row['recipient']); }
		else { $thisname = strlower($row['originator']); }
		if(!$row['title']) $row['title'] = "No Subject";
		if($row['message']>0) $jumpid = "#$row[message]";
		if($row['targetfile'] == "news.fpd") {
			eval ("\$thesecomments .= \"".gettemplate("msg_newscomments")."\";");
		} else {
			eval ("\$thesecomments .= \"".gettemplate("msg_comments")."\";");
		}
		unset($jumpid);
		$comcount++;
	}
	$sql->free_result($comments);
	if(!$comcount) $comcount = 0;
	
	$shouts = $sql->query("SELECT * FROM iworks_usermessages_Shouts WHERE isread='0' AND targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($shouts)) {
		$thisname = strlower($row['recipient']);
		$row['message'] = nohtml($row['message']);
		$row['message'] = nl2br($row['message']);
		$row['message'] = docode($row['message']);
		eval ("\$thesecomments .= \"".gettemplate("msg_shouts")."\";");
		
		$shoutcount++;
	}
	$sql->free_result($shouts);
	if(!$shoutcount) $shoutcount = 0;
	
	$journals = $sql->query("SELECT * FROM iworks_usermessages_Journals WHERE isread='0' AND targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($journals)) {
		if(!$row['title']) $row['title'] = "No Subject";
		eval ("\$thesejournals .= \"".gettemplate("msg_journals")."\";");
		$journcount++;
	}
	$sql->free_result($journals);
	if(!$journcount) $journcount = 0;
	
	$favs = $sql->query("SELECT * FROM iworks_usermessages_Favorites WHERE isread='0' AND targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($favs)) {
		if(!$row['title']) $row['title'] = "No Subject";
		$thisname = strlower($row['recipient']);
		eval ("\$thesefavorites .= \"".gettemplate("msg_favorites")."\";");
		$favoritescount++;
	}
	$sql->free_result($favs);
	if(!$favoritescount) $favoritescount = 0;
	
	$watches = $sql->query("SELECT * FROM iworks_usermessages_Watches WHERE isread='0' AND targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($watches)) {
		eval ("\$thesewatches .= \"".gettemplate("msg_watches")."\";");
		$watchcount++;
	}
	$sql->free_result($watches);
	if(!$watchcount) $watchcount = 0;
	
	eval ("\$thismessagepage = \"".gettemplate("messagepage2")."\";");
	$view = "Comments, Journals, and misc. messages";
} elseif($_REQUEST['view'] == "messages3") {
	//Notes
	$notes = $sql->query("SELECT * FROM iworks_usermessages_Notes WHERE targetid='$user_info[userid]'");
	while ($row = $sql->fetch_array($notes)) {
		if(!$row['title']) $row['title'] = "No Subject";
		$thisdate = XBdate($config['today'],$row['thisdate']);
		if($row['isread'] == "1") $thisread = "<img src='{imagefolder}/old.gif'>"; else $thisread = "<img src='{imagefolder}/new.gif'>";
		eval ("\$recievednotes .= \"".gettemplate("msg_rnotes")."\";");
		$mynotecount++;
	}
	$sql->free_result($notes);
	
	if(!$mynotecount) $mynotecount=0;
	
	$notes = $sql->query("SELECT * FROM iworks_usermessages_Notes WHERE sender='$user_info[username]'");
	while ($row = $sql->fetch_array($notes)) {
		if(!$row['title']) $row['title'] = "No Subject";
		$thisdate = XBdate($config['today'],$row['thisdate']);
		if($row['isread'] == "1") $thisread = "<img src='{imagefolder}/old.gif'>"; else $thisread = "<img src='{imagefolder}/new.gif'>";
		eval ("\$sentnotes .= \"".gettemplate("msg_snotes")."\";");
	}
	$sql->free_result($notes);
	
	if($_REQUEST['title']) $replytitle = "RE: ".$_REQUEST['title'];
	
	$user = $sql->query_first("SELECT username, userid, strlower FROM iworks_users WHERE strlower='$_REQUEST[name]'");
	
	if($_REQUEST['box'] == "outbox") {
		eval ("\$thesenotes = \"".gettemplate("messagepage3_sentnotes")."\";");
	} else {
		eval ("\$thesenotes = \"".gettemplate("messagepage3_mynotes")."\";");
	}
	
	eval ("\$thismessagepage = \"".gettemplate("messagepage3")."\";");
	$view = "Notes";
} elseif($_REQUEST['view'] == "messages4") {
	$notes = $sql->query("SELECT * FROM iworks_usermessages_admin");
	while ($row = $sql->fetch_array($notes)) {
		if(!$row['title']) $row['title'] = "No Subject";
		$thisdate = XBdate($config['today'],$row['thisdate']);
		eval ("\$notices .= \"".gettemplate("msg_adminnotes")."\";");
	}
	$sql->free_result($notes);
	
	if(!$notices) $notices = "<tr><td bgcolor='{var2color}'>There are no administration notices...</td></tr>";
	
	eval ("\$thismessagepage = \"".gettemplate("messagepage4")."\";");
	$view = "Administration notices";
} else {
	header("LOCATION: messages.fpd?view=messages1");
}

$messages = $returned['var'];
$filecount = $returned['filecount'];

require ("my.query.fpd");
eval("dooutput(\"".gettemplate("messages")."\");");
?>