. /** * A page displaying the user's contacts and messages * * @package core_message * @copyright 2010 Andrew Davis * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ require_once('../config.php'); require_once('lib.php'); require_once('send_form.php'); require_login(0, false); if (isguestuser()) { redirect($CFG->wwwroot); } if (empty($CFG->messaging)) { print_error('disabled', 'message'); } //'viewing' is the preferred URL parameter but we'll still accept usergroup in case its referenced externally $usergroup = optional_param('usergroup', MESSAGE_VIEW_UNREAD_MESSAGES, PARAM_ALPHANUMEXT); $viewing = optional_param('viewing', $usergroup, PARAM_ALPHANUMEXT); $history = optional_param('history', MESSAGE_HISTORY_SHORT, PARAM_INT); $search = optional_param('search', '', PARAM_CLEAN); //TODO: use PARAM_RAW, but make sure we use s() and p() properly //the same param as 1.9 and the param we have been logging. Use this parameter. $user1id = optional_param('user1', $USER->id, PARAM_INT); //2.0 shipped using this param. Retaining it only for compatibility. It should be removed. $user1id = optional_param('user', $user1id, PARAM_INT); //the same param as 1.9 and the param we have been logging. Use this parameter. $user2id = optional_param('user2', 0, PARAM_INT); //The class send_form supplies the receiving user id as 'id' $user2id = optional_param('id', $user2id, PARAM_INT); $addcontact = optional_param('addcontact', 0, PARAM_INT); // adding a contact $removecontact = optional_param('removecontact', 0, PARAM_INT); // removing a contact $blockcontact = optional_param('blockcontact', 0, PARAM_INT); // blocking a contact $unblockcontact = optional_param('unblockcontact', 0, PARAM_INT); // unblocking a contact $deletemessageid = optional_param('deletemessageid', 0, PARAM_INT); $deletemessageconfirm = optional_param('deletemessageconfirm', 0, PARAM_BOOL); if ($deletemessageid) { $deletemessagetype = required_param('deletemessagetype', PARAM_ALPHAEXT); } //for search $advancedsearch = optional_param('advanced', 0, PARAM_INT); //if they have numerous contacts or are viewing course participants we might need to page through them $page = optional_param('page', 0, PARAM_INT); $url = new moodle_url('/message/index.php', array('user1' => $user1id)); if ($user2id !== 0) { $url->param('user2', $user2id); //Switch view back to contacts if: //1) theyve searched and selected a user //2) they've viewed recent messages or notifications and clicked through to a user if ($viewing == MESSAGE_VIEW_SEARCH || $viewing == MESSAGE_VIEW_RECENT_NOTIFICATIONS) { $viewing = MESSAGE_VIEW_CONTACTS; } } if ($viewing != MESSAGE_VIEW_UNREAD_MESSAGES) { $url->param('viewing', $viewing); } $PAGE->set_url($url); // Disable message notification popups while the user is viewing their messages $PAGE->set_popup_notification_allowed(false); $user1 = null; $currentuser = true; $showactionlinks = true; if ($user1id != $USER->id) { $user1 = $DB->get_record('user', array('id' => $user1id)); if (!$user1) { print_error('invaliduserid'); } $currentuser = false;//if we're looking at someone else's messages we need to lock/remove some UI elements $showactionlinks = false; } else { $user1 = $USER; } unset($user1id); $user2 = null; if (!empty($user2id)) { $user2 = core_user::get_user($user2id); if (!$user2) { print_error('invaliduserid'); } } unset($user2id); $user2realuser = !empty($user2) && core_user::is_real_user($user2->id); $showactionlinks = $showactionlinks && $user2realuser; $systemcontext = context_system::instance(); if ($currentuser === false && !has_capability('moodle/site:readallmessages', $systemcontext)) { print_error('accessdenied','admin'); } if (substr($viewing, 0, 7) == MESSAGE_VIEW_COURSE) { $courseid = intval(substr($viewing, 7)); require_login($courseid); require_capability('moodle/course:viewparticipants', context_course::instance($courseid)); $PAGE->set_pagelayout('incourse'); } else { $PAGE->set_pagelayout('standard'); } // Page context should always be set to user. $PAGE->set_context(context_user::instance($user1->id)); if (!empty($user1->id) && $user1->id != $USER->id) { $PAGE->navigation->extend_for_user($user1); } if (!empty($user2->id) && $user2realuser && ($user2->id != $USER->id)) { $PAGE->navigation->extend_for_user($user2); } $strmessages = get_string('messages', 'message'); if ($user2realuser) { $user2fullname = fullname($user2); $PAGE->set_title("$strmessages: $user2fullname"); $PAGE->set_heading("$strmessages: $user2fullname"); } else { $PAGE->set_title("{$SITE->shortname}: $strmessages"); $PAGE->set_heading("{$SITE->shortname}: $strmessages"); } /// Process any contact maintenance requests there may be if ($addcontact and confirm_sesskey()) { message_add_contact($addcontact); redirect($CFG->wwwroot . '/message/index.php?viewing=contacts&id='.$addcontact); } if ($removecontact and confirm_sesskey()) { message_remove_contact($removecontact); } if ($blockcontact and confirm_sesskey()) { message_block_contact($blockcontact); } if ($unblockcontact and confirm_sesskey()) { message_unblock_contact($unblockcontact); } if ($deletemessageid and confirm_sesskey()) { // Check that the message actually exists. if ($message = $DB->get_record($deletemessagetype, array('id' => $deletemessageid))) { // Check that we are allowed to delete this message. if (message_can_delete_message($message, $user1->id)) { if (!$deletemessageconfirm) { $confirmurl = new moodle_url('/message/index.php', array('user1' => $user1->id, 'user2' => $user2->id, 'viewing' => $viewing, 'deletemessageid' => $message->id, 'deletemessagetype' => $deletemessagetype, 'deletemessageconfirm' => 1, 'sesskey' => sesskey())); $confirmbutton = new single_button($confirmurl, get_string('delete'), 'post'); $strdeletemessage = get_string('deletemessage', 'message'); $PAGE->set_title($strdeletemessage); echo $OUTPUT->header(); echo $OUTPUT->heading($strdeletemessage); echo $OUTPUT->confirm(get_string('deletemessageconfirmation', 'message'), $confirmbutton, $url); echo $OUTPUT->footer(); exit(); } message_delete_message($message, $user1->id); } } redirect($url); } //was a message sent? Do NOT allow someone looking at someone else's messages to send them. $messageerror = null; if ($currentuser && !empty($user2) && has_capability('moodle/site:sendmessage', $systemcontext)) { // Check that the user is not blocking us!! if (message_is_user_blocked($user2, $user1)) { $messageerror = get_string('userisblockingyou', 'message'); } // Check that we're not non-contact block by the user. if (message_is_user_non_contact_blocked($user2, $user1)) { $messageerror = get_string('userisblockingyounoncontact', 'message', fullname($user2)); } if (empty($messageerror)) { $mform = new send_form(); $defaultmessage = new stdClass; $defaultmessage->id = $user2->id; $defaultmessage->viewing = $viewing; $defaultmessage->message = ''; //Check if the current user has sent a message $data = $mform->get_data(); if (!empty($data) && !empty($data->message)) { if (!confirm_sesskey()) { print_error('invalidsesskey'); } $messageid = message_post_message($user1, $user2, $data->message, FORMAT_MOODLE); if (!empty($messageid)) { //including the id of the user sending the message in the logged URL so the URL works for admins //note message ID may be misleading as the message may potentially get a different ID when moved from message to message_read redirect($CFG->wwwroot . '/message/index.php?viewing='.$viewing.'&id='.$user2->id); } } } } $strmessages = get_string('messages', 'message'); if ($user2realuser) { $user2fullname = fullname($user2); $PAGE->set_title("$strmessages: $user2fullname"); } else { $PAGE->set_title("{$SITE->shortname}: $strmessages"); } $PAGE->set_heading(fullname($user1)); // Remove the user node from the main navigation for this page. $usernode = $PAGE->navigation->find('users', null); $usernode->remove(); $settings = $PAGE->settingsnav->find('messages', null); $settings->make_active(); // Get the renderer and the information we are going to be use. $renderer = $PAGE->get_renderer('core_message'); $requestedconversation = false; if (!$user2realuser) { $conversations = \core_message\api::get_conversations($user1->id, 0, 0, 20); $contacts = $conversations->contacts; if (!empty($contacts)) { // If there are conversations then render the most recent one by default. $contact = reset($contacts); $otheruserid = $contact->userid; $conversations->otheruserid = $otheruserid; // Mark the conversation as read. if ($currentuser) { $contact->isread = 1; message_mark_all_read_for_user($user1->id, $otheruserid); } $messages = \core_message\api::get_messages($user1->id, $otheruserid, 0, 20, 'timecreated DESC'); } else { $messages = null; } } else { // Mark the conversation as read. if ($currentuser) { message_mark_all_read_for_user($user1->id, $user2->id); } $conversations = \core_message\api::get_conversations($user1->id, $user2->id, 0, 20); $messages = \core_message\api::get_messages($user1->id, $user2->id); // The user has specifically requested to see this conversation. Add the flag // to the context so that we can render the messaging app appropriately. $requestedconversation = true; } $messagearea = new \core_message\output\messagearea\message_area($user1->id, $conversations, $messages, $requestedconversation); // Now the page contents. echo $OUTPUT->header(); // Display a message that the user is viewing someone else's messages. if (!$currentuser) { $notify = new \core\output\notification(get_string('viewinganotherusersmessagearea', 'message'), \core\output\notification::NOTIFY_WARNING); echo $OUTPUT->render($notify); } echo $renderer->render($messagearea); echo $OUTPUT->footer();