summaryrefslogtreecommitdiff
path: root/includes/model/Message_model.php
blob: e998ba041a8e57152d7765833c19bb68e44461b3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php

/**
 * Returns Message id array
 *
 * @return array|false
 */
function Message_ids()
{
    return sql_select('SELECT `id` FROM `Messages`');
}

/**
 * Returns message by id.
 *
 * @param int $message_id message ID
 * @return array|false|null
 */
function Message($message_id)
{
    $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1");
    if ($message_source === false) {
        return false;
    }
    if (count($message_source) > 0) {
        return $message_source[0];
    }
    return null;
}

/**
 * TODO: use validation functions, return new message id
 * TODO: global $user con not be used in model!
 * send message
 *
 * @param int    $receiver_user_id User ID of Reciever
 * @param string $text             Text of Message
 * @return bool
 */
function Message_send($receiver_user_id, $text)
{
    global $user;

    $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
    $receiver_user_id = preg_replace('/([^0-9]{1,})/ui', '', strip_tags($receiver_user_id));

    if (
        ($text != '' && is_numeric($receiver_user_id))
        && (sql_num_query("
            SELECT *
            FROM `User`
            WHERE `UID`='" . sql_escape($receiver_user_id) . "'
            AND NOT `UID`='" . sql_escape($user['UID']) . "'
            LIMIT 1
        ") > 0)
    ) {
        sql_query("
            INSERT INTO `Messages`
            SET `Datum`='" . sql_escape(time()) . "',
                `SUID`='" . sql_escape($user['UID']) . "',
                `RUID`='" . sql_escape($receiver_user_id) . "',
                `Text`='" . sql_escape($text) . "'
        ");
        return true;
    }

    return false;
}