diff options
| author | Philip Häusler <msquare@notrademark.de> | 2014-01-07 15:50:16 +0100 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2014-01-07 15:50:16 +0100 |
| commit | 239c2b168411c110b1f884f6ef0df172cb913b4b (patch) | |
| tree | 2d0e6721b2818afb24701428fb83d5843985d288 /includes/model/Message_model.php | |
| parent | e10e16a96ab1cfaf08bf867ca412767e3d3ca347 (diff) | |
reviewed cookies api
Diffstat (limited to 'includes/model/Message_model.php')
| -rw-r--r-- | includes/model/Message_model.php | 94 |
1 files changed, 46 insertions, 48 deletions
diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php index d42dca5f..1e1923e8 100644 --- a/includes/model/Message_model.php +++ b/includes/model/Message_model.php @@ -1,51 +1,49 @@ -<?php
-
+<?php + /**
* Returns Message id array
- */
-function mMessageList() {
- $message_source = sql_select("SELECT `id` FROM `Messages`");
- if ($message_source === false)
- return false;
- if (count($message_source) > 0)
- return $message_source;
- return null;
-}
-
-/**
- * Returns message by id.
- *
- * @param $id message ID
- */
-function mMessage($id) {
- $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
- if ($message_source === false)
- return false;
- if (count($message_source) > 0)
- return $message_source[0];
- return null;
-}
-
-
-/**
- * send message
- *
- * @param $id User ID of Reciever
- * @param $text Text of Message
- */
-function mMessage_Send($id, $text) {
- global $user;
-
- $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
- $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
-
- if (($text != "" && is_numeric($to)) &&
- (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
- sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
- return true;
- } else {
- return false;
- }
- }
-
+ */ +function Message_ids() { + return sql_select("SELECT `id` FROM `Messages`"); +} + +/** + * Returns message by id. + * + * @param $id message + * ID + */ +function Message($id) { + $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + if ($message_source === false) + return false; + if (count($message_source) > 0) + return $message_source[0]; + return null; +} + +/** + * TODO: use validation functions, return new message id + * TODO: global $user con not be used in model! + * send message + * + * @param $id User + * ID of Reciever + * @param $text Text + * of Message + */ +function Message_send($id, $text) { + global $user; + + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); + $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id)); + + if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) { + sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); + return true; + } else { + return false; + } +} + ?>
\ No newline at end of file |