-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnachrichten.php
145 lines (132 loc) · 6.27 KB
/
nachrichten.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
<?php
/*
* MIT Licence
* Copyright (c) 2023 Simon Frankenberger
*
* Please see LICENCE.md for complete licence text.
*/
require_once __DIR__ . '/../include/functions.inc.php';
require_once __DIR__ . '/../include/database.class.php';
ob_start();
requireLogin();
restrictSitter('Nachrichten');
switch (getOrDefault($_GET, 'a', 0)) {
// send message
case 1:
$receiver = getOrDefault($_POST, 'receiver');
$subject = getOrDefault($_POST, 'subject');
$message = getOrDefault($_POST, 'message');
$broadcast = getOrDefault($_POST, 'broadcast', 0);
$base_link = sprintf('/?p=nachrichten_schreiben&receiver=%s&subject=%s&broadcast=1&message=%s',
urlencode($receiver), urlencode($subject), urlencode($message));
if (strlen($message) < 8) {
redirectTo($base_link, 128, __LINE__);
}
if (strlen($subject) < 4) {
redirectTo($base_link, 128, __LINE__);
}
if ($broadcast == 1) {
if (!isAdmin()) {
redirectTo($base_link, 112, __LINE__);
}
$data = Database::getInstance()->getAllPlayerIdsAndName();
Database::getInstance()->begin();
foreach ($data as $player) {
if (Database::getInstance()->createTableEntry(Database::TABLE_MESSAGES, array(
'Von' => $player['ID'] == $_SESSION['blm_user'] ? 0 : $_SESSION['blm_user'],
'An' => $player['ID'],
'Nachricht' => $message,
'Betreff' => $subject
)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 141, __LINE__);
}
if (Database::getInstance()->updateTableEntryCalculate(Database::TABLE_USERS, $player['ID'], array('IgmEmpfangen' => 1)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 142, __LINE__);
}
}
if (Database::getInstance()->updateTableEntryCalculate(Database::TABLE_USERS, $_SESSION['blm_user'], array('IgmGesendet' => 1)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 142, __LINE__);
}
if (Database::getInstance()->createTableEntry(Database::TABLE_LOG_MESSAGES, array(
'senderId' => $_SESSION['blm_user'],
'senderName' => Database::getInstance()->getPlayerNameById($_SESSION['blm_user']),
'subject' => $subject,
'message' => $message,
'receiverName' => 'Rundmail'
)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 141, __LINE__);
}
} else {
$receiverID = Database::getInstance()->getPlayerIDByName($receiver);
requireEntryFound($receiverID, $base_link, 118, __LINE__);
if ($receiverID === $_SESSION['blm_user']) {
redirectTo($base_link, 168, __LINE__);
}
Database::getInstance()->begin();
if (Database::getInstance()->createTableEntry(Database::TABLE_MESSAGES, array(
'Von' => $_SESSION['blm_user'],
'An' => $receiverID,
'Nachricht' => $message,
'Betreff' => $subject
)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 141, __LINE__);
}
if (Database::getInstance()->updateTableEntryCalculate(Database::TABLE_USERS, $receiverID, array('IgmEmpfangen' => 1)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 142, __LINE__);
}
if (Database::getInstance()->updateTableEntryCalculate(Database::TABLE_USERS, $_SESSION['blm_user'], array('IgmGesendet' => 1)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 142, __LINE__);
}
if (Database::getInstance()->createTableEntry(Database::TABLE_LOG_MESSAGES, array(
'senderId' => $_SESSION['blm_user'],
'senderName' => Database::getInstance()->getPlayerNameById($_SESSION['blm_user']),
'receiverId' => $receiverID,
'receiverName' => Database::getInstance()->getPlayerNameById($receiverID),
'subject' => $subject,
'message' => $message
)) !== 1) {
Database::getInstance()->rollBack();
redirectTo($base_link, 141, __LINE__);
}
}
Database::getInstance()->commit();
redirectTo('/?p=nachrichten_liste', 204);
break;
// delete message
case 2:
requireXsrfToken('/?p=nachrichten_liste');
$id = getOrDefault($_GET, 'id', 0);
$offset_in = getOrDefault($_GET, 'o_in', 0);
$offset_out = getOrDefault($_GET, 'o_out', 0);
$data = Database::getInstance()->getMessageByIdAndAnOrVonEquals($id, $_SESSION['blm_user']);
requireEntryFound($data, '/?p=nachrichten_liste');
if ($data['Von'] == $_SESSION['blm_user'] && $data['Gelesen'] == 1) {
redirectTo('/?p=nachrichten_liste&o_in=' . $offset_in . '&o_out=' . $offset_out, 112);
}
Database::getInstance()->begin();
if (Database::getInstance()->deleteTableEntry(Database::TABLE_MESSAGES, $id) !== 1) {
Database::getInstance()->rollBack();
redirectTo('/?p=nachrichten_liste&o_in=' . $offset_in . '&o_out=' . $offset_out, 143, __LINE__);
}
Database::getInstance()->commit();
redirectTo('/?p=nachrichten_liste&o_in=' . $offset_in . '&o_out=' . $offset_out, 211);
break;
// delete all messages
case 3:
requireXsrfToken('/?p=nachrichten_liste');
Database::getInstance()->begin();
if (Database::getInstance()->deleteAllMessagesForUser($_SESSION['blm_user']) === null) {
Database::getInstance()->rollBack();
redirectTo('/?p=nachrichten_liste', 143, __LINE__);
}
Database::getInstance()->commit();
redirectTo('/?p=nachrichten_liste', 212);
break;
}