From 239c2b168411c110b1f884f6ef0df172cb913b4b Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Tue, 7 Jan 2014 15:50:16 +0100
Subject: reviewed cookies api

---
 includes/model/Message_model.php | 94 ++++++++++++++++++++--------------------
 1 file changed, 46 insertions(+), 48 deletions(-)

(limited to 'includes/model/Message_model.php')

diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php
index d42dca5f..1e1923e8 100644
--- a/includes/model/Message_model.php
+++ b/includes/model/Message_model.php
@@ -1,51 +1,49 @@
-<?php
-
+<?php
+
 /**
  * Returns Message id array
- */
-function mMessageList() {
-	$message_source = sql_select("SELECT `id` FROM `Messages`");
-	if ($message_source === false)
-		return false;
-	if (count($message_source) > 0)
-		return $message_source;
-	return null;
-}
-
-/**
- * Returns message by id.
- *
- * @param $id message ID
- */
-function mMessage($id) {
-	$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
-	if ($message_source === false)
-		return false;
-	if (count($message_source) > 0)
-		return $message_source[0];
-	return null;
-}
-
-
-/**
- * send message
- *
- * @param $id User ID of Reciever
- * @param $text Text of Message
- */
-function mMessage_Send($id, $text) {
-	global $user;
-	
-  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
-  $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags( $id));
-
-  if (($text != "" && is_numeric($to)) && 
-      (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) ) {
-    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
-    return true;
-  } else {
-    return false;
-  }
- }
-
+ */
+function Message_ids() {
+  return sql_select("SELECT `id` FROM `Messages`");
+}
+
+/**
+ * Returns message by id.
+ *
+ * @param $id message
+ *          ID
+ */
+function Message($id) {
+  $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+  if ($message_source === false)
+    return false;
+  if (count($message_source) > 0)
+    return $message_source[0];
+  return null;
+}
+
+/**
+ * TODO: use validation functions, return new message id
+ * TODO: global $user con not be used in model!
+ * send message
+ *
+ * @param $id User
+ *          ID of Reciever
+ * @param $text Text
+ *          of Message
+ */
+function Message_send($id, $text) {
+  global $user;
+  
+  $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
+  $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
+  
+  if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) {
+    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+    return true;
+  } else {
+    return false;
+  }
+}
+
 ?>
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf