Implement private message delete button

qa-content/qa-user.js

@@ -95,4 +95,39 @@ function qa_wall_post_click(messageid, target)
 	qa_show_waiting_after(target, false);
 
 	return false;
-}
\ No newline at end of file
+}
+
+
+function qa_pm_click(messageid, target, box)
+{
+	var params = {};
+
+	params.messageid = messageid;
+	params.box = box;
+	params.handle = document.forms.pmessage.handle.value;
+	params.code = document.forms.pmessage.code.value;
+
+	params[target.name] = target.value;
+
+	qa_ajax_post('click_pm', params,
+		function (lines) {
+			if (lines[0]=='1') {
+				var l = document.getElementById('m'+messageid);
+				var h = lines.slice(1).join("\n");
+
+				if (h.length)
+					qa_set_outer_html(l, 'pmessage', h)
+				else
+					qa_conceal(l, 'pmessage');
+
+			} else {
+				document.forms.pmessage.qa_click.value = target.name;
+				document.forms.pmessage.submit();
+			}
+		}
+	);
+
+	qa_show_waiting_after(target, false);
+
+	return false;
+}

qa-include/qa-ajax-click-pm.php

+<?php
+
+/*
+	Question2Answer (c) Gideon Greenspan
+
+	http://www.question2answer.org/
+
+
+	File: qa-include/qa-ajax-click-pm.php
+	Version: See define()s at top of qa-include/qa-base.php
+	Description: Server-side response to Ajax single clicks on private messages
+
+
+	This program is free software; you can redistribute it and/or
+	modify it under the terms of the GNU General Public License
+	as published by the Free Software Foundation; either version 2
+	of the License, or (at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	More about this license: http://www.question2answer.org/license.php
+*/
+
+	require_once QA_INCLUDE_DIR.'qa-app-messages.php';
+	require_once QA_INCLUDE_DIR.'qa-app-users.php';
+	require_once QA_INCLUDE_DIR.'qa-app-cookies.php';
+	require_once QA_INCLUDE_DIR.'qa-db-selects.php';
+
+
+	$loginUserId = qa_get_logged_in_userid();
+	$loginUserHandle = qa_get_logged_in_handle();
+
+	$fromhandle = qa_post_text('handle');
+	$start = (int)qa_post_text('start');
+	$box = qa_post_text('box');
+	$pagesize = qa_opt('page_size_pms');
+
+	if ( !isset($loginUserId) || $loginUserHandle !== $fromhandle || !in_array($box, array('inbox', 'outbox')) ) {
+		echo "QA_AJAX_RESPONSE\n0\n";
+		return;
+	}
+
+
+	$func = 'qa_db_messages_'.$box.'_selectspec';
+	$pmSpec = $func('private', $loginUserId, true, $start, $pagesize);
+	$userMessages = qa_db_select_with_pending($pmSpec);
+
+	foreach ($userMessages as $message) {
+		if (qa_clicked('m'.$message['messageid'].'_dodelete')) {
+			if (qa_check_form_security_code('pm-'.$fromhandle, qa_post_text('code'))) {
+				qa_pm_delete($loginUserId, qa_get_logged_in_handle(), qa_cookie_get(), $message, $box);
+				echo "QA_AJAX_RESPONSE\n1\n";
+				return;
+			}
+		}
+	}
+
+	echo "QA_AJAX_RESPONSE\n0\n";

qa-include/qa-ajax.php

@@ -76,6 +76,7 @@
 		'show_cs' => 'qa-ajax-show-comments.php',
 		'wallpost' => 'qa-ajax-wallpost.php',
 		'click_wall' => 'qa-ajax-click-wall.php',
+		'click_pm' => 'qa-ajax-click-pm.php',
 	);
 
 	$operation=qa_post_text('qa_operation');

qa-include/qa-app-messages.php

@@ -188,6 +188,20 @@
 	}
 
 
+	function qa_pm_delete($userid, $handle, $cookieid, $message, $box)
+/*
+	Hides the private message described in $message (as obtained via qa_db_messages_inbox_selectspec() or qa_db_messages_outbox_selectspec()).
+	If both sender and receiver have hidden the message, it gets deleted from the database.
+	Note: currently no event is reported here, so $handle/$cookieid are unused.
+*/
+	{
+		require_once QA_INCLUDE_DIR.'qa-db-messages.php';
+
+		qa_db_message_user_hide($message['messageid'], $box);
+		qa_db_message_delete($message['messageid'], false);
+	}
+
+
 /*
 	Omit PHP closing tag to help avoid accidental output
 */
\ No newline at end of file

qa-include/qa-db-messages.php

@@ -45,13 +45,30 @@
 	}
 
 
-	function qa_db_message_delete($messageid)
+	function qa_db_message_user_hide($messageid, $box)
 /*
-	Delete the message with $messageid from the database
+	Hide the message with $messageid, in $box (inbox|outbox) from the user.
 */
 	{
+		$field = ($box === 'inbox' ? 'tohidden' : 'fromhidden');
+
+		qa_db_query_sub(
+			"UPDATE ^messages SET $field=1 WHERE messageid=#",
+			$messageid
+		);
+	}
+
+
+	function qa_db_message_delete($messageid, $public=true)
+/*
+	Delete the message with $messageid from the database.
+*/
+	{
+		// delete PM only if both sender and receiver have hidden it
+		$clause = $public ? '' : ' AND fromhidden=1 AND tohidden=1';
+
 		qa_db_query_sub(
-			'DELETE FROM ^messages WHERE messageid=#',
+			'DELETE FROM ^messages WHERE messageid=#'.$clause,
 			$messageid
 		);
 	}

qa-include/qa-lang-profile.php

@@ -35,6 +35,7 @@
 		'bonus_points' => 'Bonus points:',
 		'comments' => 'Comments:',
 		'delete_wall_post_popup' => 'Delete this wall post',
+		'delete_pm_popup' => 'Delete this private message',
 		'extra_privileges' => 'Extra privileges:',
 		'gave_out' => 'Gave out:',
 		'my_account_title' => 'My account',

qa-include/qa-page-messages.php

@@ -79,10 +79,21 @@
 
 	$qa_content = qa_content_prepare();
 	$qa_content['title'] = qa_lang_html('misc/pm_'.$showBox.'_title');
+	$qa_content['script_rel'][] = 'qa-content/qa-user.js?'.QA_VERSION;
 
 	$qa_content['message_list'] = array(
 		'tags' => 'id="privatemessages"',
 		'messages' => array(),
+		'form' => array(
+			'tags' => 'name="pmessage" method="post" action="'.qa_self_html().'"',
+			'style' => 'tall',
+			'hidden' => array(
+				'qa_click' => '', // for simulating clicks in Javascript
+				'handle' => qa_html($loginUserHandle),
+				'start' => qa_html($start),
+				'code' => qa_get_form_security_code('pm-'.$loginUserHandle),
+			),
+		),
 	);
 
 	$htmlDefaults = qa_message_html_defaults();
@@ -100,6 +111,11 @@
 					'tags' => 'onclick="window.location.href=\''.qa_path_html('message/'.$replyHandle).'\'"',
 					'label' => qa_lang_html('question/reply_button'),
 				),
+				'delete' => array(
+					'tags' => 'name="m'.qa_html($message['messageid']).'_dodelete" onclick="return qa_pm_click('.qa_js($message['messageid']).', this, '.qa_js($showBox).');"',
+					'label' => qa_lang_html('question/delete_button'),
+					'popup' => qa_lang_html('profile/delete_pm_popup'),
+				),
 			),
 		);