3 files changed, 152 insertions, 0 deletions
diff --git a/www-ssl/inc/header.php b/www-ssl/inc/header.php
index 247320cd..91ba35ce 100755
--- a/www-ssl/inc/header.php
+++ b/www-ssl/inc/header.php
@@ -71,12 +71,28 @@ if( $Page["ShowTabel"]=="Y" )
 	<a name="#top"><img src="./inc/himmel<? if( isset($_SESSION['color'])) 
 						if ($_SESSION['color']==6) echo "_w"; ?>.png" alt="Unser Himmel"></a>
 	<p>
+<?
+//ausgabe new message
+if( isset($_SESSION['CVS']["nonpublic/messages.php"]))
+    if( $_SESSION['CVS']["nonpublic/messages.php"] == "Y")
+    {
+	$SQL = "SELECT `Datum` FROM `Messages` WHERE `RUID`=". $_SESSION["UID"]. " AND `isRead`='N'";
+	$erg = mysql_query($SQL, $con);
+	if( mysql_num_rows( $erg ) > 0 )
+		echo "<br><a href=\"". $url. substr($ENGEL_ROOT, 1).
+			"nonpublic/messages.php\">". Get_Text("pub_messages_new1").
+			" ".  mysql_num_rows( $erg ). " ".
+			Get_Text("pub_messages_new2"). "</a><br><br>";
+    }
+?>
 <table width="95%" align="center" border="0" cellpadding="7" cellspacing="0">
 	<tr>
 <?
+//ausgaeb Menu
 if( !isset($_SESSION['Menu']))		$_SESSION['Menu'] = "L";
 if( $_SESSION['Menu'] =="L")		include("./inc/menu.php");
 ?>
+
 		<td valign="top" align="center">
 <table border="0" width="100%" align="center" class="border" cellpadding="5" cellspacing="1">
 	<tr class="contenttopic">
diff --git a/www-ssl/nonpublic/menu.php b/www-ssl/nonpublic/menu.php
index af7981b3..c86115f9 100755
--- a/www-ssl/nonpublic/menu.php
+++ b/www-ssl/nonpublic/menu.php
@@ -16,6 +16,8 @@ $Menu["Entry"][5]["File"] = "wecken.php";
 $Menu["Entry"][5]["Name"] = Get_Text("pub_menu_Wecken");
 $Menu["Entry"][6]["File"] = "waeckliste.php";
 $Menu["Entry"][6]["Name"] = Get_Text("pub_menu_Waeckerlist");
+$Menu["Entry"][10]["File"] = "messages.php";
+$Menu["Entry"][10]["Name"] = Get_Text("pub_menu_messages");
 $Menu["Entry"][7]["File"] = "faq.php";
 $Menu["Entry"][7]["Name"] = Get_Text("pub_menu_questionEngel");
 $Menu["Entry"][8]["File"] = "einstellungen.php";
diff --git a/www-ssl/nonpublic/messages.php b/www-ssl/nonpublic/messages.php
new file mode 100755
index 00000000..0a444426
--- /dev/null
+++ b/www-ssl/nonpublic/messages.php
@@ -0,0 +1,134 @@
+<?php
+$title = "Himmel";
+$header = "";
+
+include ("./inc/header.php");
+include ("./inc/funktion_user.php");
+
+if( $_SESSION['CVS']["nonpublic/messages.php"] == "Y")
+{
+	$SQL = "SELECT `Datum` FROM `Messages` WHERE `RUID`=". $_SESSION["UID"]. " AND `isRead`='N'";
+	$erg = mysql_query($SQL, $con);
+	if( mysql_num_rows( $erg ) > 0 )
+		echo "<br><a href=\"". $url. substr($ENGEL_ROOT, 1). 
+			"nonpublic/messages.php\">". Get_Text("pub_messages_new1"). 
+			" ".  mysql_num_rows( $erg ). " ". 
+			Get_Text("pub_messages_new2"). "</a><br><br>";
+}
+
+
+If( !isset($_GET["action"]) ) 
+	$_GET["action"] = "start";
+
+switch( $_GET["action"])
+{
+	case "start":
+		echo Get_Text("Hello"). $_SESSION['Nick']. ", <br>\n";
+		echo Get_Text("pub_messages_text1"). "<br><br>\n";
+	
+		//#####################
+		//show exist Messages
+		//#####################
+		$SQL = "SELECT * FROM `Messages` WHERE `SUID`=". $_SESSION["UID"]. " OR `RUID`=". $_SESSION["UID"];
+		$erg = mysql_query($SQL, $con);
+	
+		echo "<table border=\"0\" class=\"border\" cellpadding=\"2\" cellspacing=\"1\">\n";
+		echo "<tr>\n";
+		echo "\t<td class=\"contenttopic\"><b>". Get_Text("pub_messages_Datum"). "</b></td>\n";
+		echo "\t<td class=\"contenttopic\"><b>". Get_Text("pub_messages_Von"). "</b></td>\n";
+		echo "\t<td class=\"contenttopic\"><b>". Get_Text("pub_messages_An"). "</b></td>\n";
+		echo "\t<td class=\"contenttopic\"><b>". Get_Text("pub_messages_Text"). "</b></td>\n";
+		echo "\t<td class=\"contenttopic\"></td>\n";
+		echo "</tr>\n";
+		
+		for( $i=0; $i<mysql_num_rows( $erg ); $i++ )
+		{
+			echo "<tr class=\"content\">\n";
+			echo "\t<td>". mysql_result( $erg, $i, "Datum" ). "</td>\n";
+			echo "\t<td>". UID2Nick( mysql_result( $erg, $i, "SUID" )). "</td>\n";
+			echo "\t<td>". UID2Nick( mysql_result( $erg, $i, "RUID" )). "</td>\n";
+			echo "\t<td>". mysql_result( $erg, $i, "Text" ). "</td>\n";
+			echo "\t<td>"; 
+					
+			if( mysql_result( $erg, $i, "RUID")==$_SESSION["UID"])
+			{
+				echo "<a href=\"?action=DelMsg&Datum=". mysql_result( $erg, $i, "Datum" ). 
+					"\">". Get_Text("pub_messages_DelMsg"). "</a>";
+				if( mysql_result( $erg, $i, "isRead")=="N")
+					echo "<br><br><a href=\"?action=MarkRead&Datum=". mysql_result( $erg, $i, "Datum" ). 
+						"\">". Get_Text("pub_messages_MarkRead"). "</a>";
+			}
+			echo "</td>\n";
+			echo "</tr>\n";
+		}
+		
+		//#####################
+		//send Messeges
+		//#####################
+		echo "<form action=\"". $_SERVER['SCRIPT_NAME']. "?action=SendMsg\" method=\"POST\" >";
+		echo "<tr class=\"content\">\n";
+		echo "\t<td></td>\n";
+		echo "\t<td></td>\n";
+		// Listet alle Nicks auf
+		echo "\t<td><select name=\"RUID\">\n";
+			$usql="select * from User order by Nick";
+			$uErg = mysql_query($usql, $con);
+			$urowcount = mysql_num_rows($uErg);
+			for ($k=0; $k<$urowcount; $k++)
+			{
+				echo "\t\t\t<option value=\"".mysql_result($uErg, $k, "UID")."\">".
+					mysql_result($uErg, $k, "Nick"). "</option>\n";
+			}
+		echo "</select></td>\n";
+		echo "\t<td><textarea name=\"Text\"  cols=\"30\" rows=\"10\"></textarea></td>\n";
+		echo "\t<td><input type=\"submit\" value=\"". Get_Text("save"). "\"></td>\n";
+		echo "</tr>\n";
+		echo "</form>";
+		
+		echo "</table>\n";
+		break;
+		
+	case "SendMsg":
+		echo Get_Text("pub_messages_Send1"). "...<br>\n";
+		
+		$SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (".
+			"'". gmdate("Y-m-j H:i:s", time()). "', ".
+			"'". $_SESSION["UID"]. "', ".
+			"'". $_POST["RUID"]."', ".
+			"'". $_POST["Text"]. "');";
+		
+		$Erg = mysql_query($SQL, $con);
+		if ($Erg == 1) 
+			echo Get_Text("pub_messages_Send_OK"). "\n";
+		else 
+			echo Get_Text("pub_messages_Send_Error"). "...\n(". mysql_error($con). ")";
+		break;
+	
+	case "MarkRead":
+		$SQL = "UPDATE `Messages` SET `isRead` = 'Y' ".
+			"WHERE `Datum` = '". $_GET["Datum"]. "' AND `SUID`=". $_SESSION["UID"]. " ".
+			"LIMIT 1 ;";
+		$Erg = mysql_query($SQL, $con);
+		if ($Erg == 1) 
+			echo Get_Text("pub_messages_MarkRead_OK"). "\n";
+		else 
+			echo Get_Text("pub_messages_MarkRead_KO"). "...\n(". mysql_error($con). ")";
+		break;
+	
+	case "DelMsg":
+		$SQL = "DELETE FROM `Messages` ".
+			"WHERE `Datum` = '". $_GET["Datum"]. "' AND `RUID` = ". $_SESSION["UID"]. " ".
+			"LIMIT 1;";
+		$Erg = mysql_query($SQL, $con);
+		if ($Erg == 1) 
+			echo Get_Text("pub_messages_DelMsg_OK"). "\n";
+		else 
+			echo Get_Text("pub_messages_DelMsg_KO"). "...\n(". mysql_error($con). ")";
+		break;
+		
+	default:
+		echo Get_Text("pub_messages_NoCommand");
+}
+
+include ("./inc/footer.php");
+?>