click-pm.php 1.79 KB
Newer Older
Scott committed
1 2
<?php
/*
3
	Question2Answer by Gideon Greenspan and contributors
Scott committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
	http://www.question2answer.org/

	Description: Server-side response to Ajax single clicks on private messages


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/

Scott committed
22 23 24 25
require_once QA_INCLUDE_DIR . 'app/messages.php';
require_once QA_INCLUDE_DIR . 'app/users.php';
require_once QA_INCLUDE_DIR . 'app/cookies.php';
require_once QA_INCLUDE_DIR . 'db/selects.php';
Scott committed
26 27


Scott committed
28 29
$loginUserId = qa_get_logged_in_userid();
$loginUserHandle = qa_get_logged_in_handle();
Scott committed
30

Scott committed
31 32 33 34
$fromhandle = qa_post_text('handle');
$start = (int)qa_post_text('start');
$box = qa_post_text('box');
$pagesize = qa_opt('page_size_pms');
Scott committed
35

Scott committed
36 37 38 39
if (!isset($loginUserId) || $loginUserHandle !== $fromhandle || !in_array($box, array('inbox', 'outbox'))) {
	echo "QA_AJAX_RESPONSE\n0\n";
	return;
}
Scott committed
40 41


Scott committed
42 43 44
$func = 'qa_db_messages_' . $box . '_selectspec';
$pmSpec = $func('private', $loginUserId, true, $start, $pagesize);
$userMessages = qa_db_select_with_pending($pmSpec);
Scott committed
45

Scott committed
46 47 48 49 50 51
foreach ($userMessages as $message) {
	if (qa_clicked('m' . $message['messageid'] . '_dodelete')) {
		if (qa_check_form_security_code('pm-' . $fromhandle, qa_post_text('code'))) {
			qa_pm_delete($loginUserId, qa_get_logged_in_handle(), qa_cookie_get(), $message, $box);
			echo "QA_AJAX_RESPONSE\n1\n";
			return;
Scott committed
52 53
		}
	}
Scott committed
54
}
Scott committed
55

Scott committed
56
echo "QA_AJAX_RESPONSE\n0\n";