diff --git a/app/messages/app_config.php b/app/messages/app_config.php
index 7b48744f74..8f1ee86928 100644
--- a/app/messages/app_config.php
+++ b/app/messages/app_config.php
@@ -237,5 +237,13 @@
$apps[$x]['default_settings'][$y]['default_setting_value'] = "";
$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "true";
$apps[$x]['default_settings'][$y]['default_setting_description'] = "HTTP Authentication password.";
+ $y++;
+ $apps[$x]['default_settings'][$y]['default_setting_uuid'] = "882007e2-582a-47d6-a830-139c59888ae9";
+ $apps[$x]['default_settings'][$y]['default_setting_category'] = "message";
+ $apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "display_last";
+ $apps[$x]['default_settings'][$y]['default_setting_name'] = "text";
+ $apps[$x]['default_settings'][$y]['default_setting_value'] = "25 messages";
+ $apps[$x]['default_settings'][$y]['default_setting_enabled'] = "false";
+ $apps[$x]['default_settings'][$y]['default_setting_description'] = "Define the maximum messages, or past time frame of messages, loaded for display.";
-?>
+?>
\ No newline at end of file
diff --git a/app/messages/message_media.php b/app/messages/message_media.php
index 279cac7a26..df2c60c67f 100644
--- a/app/messages/message_media.php
+++ b/app/messages/message_media.php
@@ -47,7 +47,7 @@
//get media
if (is_uuid($message_media_uuid)) {
- $sql = "select message_media_type, message_media_content from v_message_media ";
+ $sql = "select message_media_type, message_media_url, message_media_content from v_message_media ";
$sql .= "where message_media_uuid = '".$message_media_uuid."' ";
$sql .= "and user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
@@ -79,16 +79,17 @@
switch ($action) {
case 'download':
- header("Content-type: ".$content_type);
- header("Content-Length: ".strlen($media['message_media_content']));
- header("Content-Disposition: attachment; filename=\"".$message_media_source."_".$message_media_uuid.".".strtolower($media['message_media_type'])."\"");
+ header("Content-type: ".$content_type."; charset=utf-8");
+ $filename = $message_media_source != '' ? $message_media_source."_".$message_media_uuid.".".strtolower($media['message_media_type']) : $media['message_media_url'];
+ header("Content-Disposition: attachment; filename=\"".$filename."\"");
+ header("Content-Length: ".strlen(base64_decode($media['message_media_content'])));
echo base64_decode($media['message_media_content']);
break;
case 'display':
echo " \n";
echo " \n";
echo " \n";
- echo " ![](\"data:".$content_type.";base64, "\\"Click") \n";
+ echo " ![](\"data:".$content_type.";base64,".$media['message_media_content']."\" "\\"Click") \n";
echo " | \n";
echo "
\n";
echo "
\n";
@@ -97,4 +98,4 @@
}
-?>
+?>
\ No newline at end of file
diff --git a/app/messages/message_send.php b/app/messages/message_send.php
index c8d4546fa6..05ce8e299e 100644
--- a/app/messages/message_send.php
+++ b/app/messages/message_send.php
@@ -30,10 +30,7 @@
//check permissions
require_once "resources/check_auth.php";
- if (permission_exists('message_add') || permission_exists('message_edit')) {
- //access granted
- }
- else {
+ if (!permission_exists('message_add') && !permission_exists('message_edit')) {
echo "access denied";
exit;
}
@@ -42,15 +39,12 @@
$language = new text;
$text = $language->get();
-//action add or update
- $action = "add";
-
//define the http request
function http_request($url, $method, $headers = null, $content) {
$options = array(
'http'=>array(
'method'=>$method,
- 'header'=> $headers,
+ 'header'=>$headers,
'content'=>$content
));
$context = stream_context_create($options);
@@ -63,10 +57,10 @@
//get http post variables and set them to php variables
if (is_array($_POST)) {
- $message_type = check_str($_POST["message_type"]);
$message_from = check_str($_POST["message_from"]);
$message_to = check_str($_POST["message_to"]);
$message_text = check_str($_POST["message_text"]);
+ $message_media = $_FILES["message_media"];
}
//process the user data and save it to the database
@@ -76,13 +70,34 @@
$phone_number = preg_replace('{[\D]}', '', $message_to);
//error check
- if (
- ($message_type != 'sms' && $message_type != 'mms' && $message_type != 'chat') ||
- !is_numeric($message_from) ||
- !is_numeric($message_to) ||
- $message_text == '') {
- exit;
- }
+ if (
+ !is_numeric($message_from) ||
+ !is_numeric($message_to) ||
+ $message_text == '') {
+ exit;
+ }
+
+
+
+ // handle media (if any)
+ if (is_array($message_media) && sizeof($message_media) != 0) {
+ // reorganize media array, ignore errored files
+ $f = 0;
+ foreach ($message_media['error'] as $index => $error) {
+ if ($error == 0) {
+ $tmp_media[$f]['uuid'] = uuid();
+ $tmp_media[$f]['name'] = $message_media['name'][$index];
+ $tmp_media[$f]['type'] = $message_media['type'][$index];
+ $tmp_media[$f]['tmp_name'] = $message_media['tmp_name'][$index];
+ $tmp_media[$f]['size'] = $message_media['size'][$index];
+ $f++;
+ }
+ }
+ $message_media = $tmp_media;
+ unset($tmp_media, $f);
+ }
+ $message_type = is_array($message_media) && sizeof($message_media) != 0 ? 'mms' : 'sms';
+
//get the contact uuid
//$sql = "SELECT trim(c.contact_name_given || ' ' || c.contact_name_family || ' (' || c.contact_organization || ')') AS name, p.phone_number AS number ";
@@ -98,23 +113,31 @@
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
$contact_uuid = $row['contact_uuid'];
- //set the message id
- $message_uuid = uuid();
-
//build the message array
- $message['domain_uuid'] = $_SESSION["domain_uuid"];
- $message['message_uuid'] = uuid();
- $message['user_uuid'] = $_SESSION["user_uuid"];
- $message['contact_uuid'] = $contact_uuid;
- $message['message_type'] = $message_type;
- $message['message_direction'] = 'outbound';
- $message['message_date'] = 'now()';
- $message['message_from'] = $message_from;
- $message['message_to'] = $message_to;
- $message['message_text'] = $message_text;
+ $message_uuid = uuid();
+ $array['messages'][0]['domain_uuid'] = $_SESSION["domain_uuid"];
+ $array['messages'][0]['message_uuid'] = $message_uuid;
+ $array['messages'][0]['user_uuid'] = $_SESSION["user_uuid"];
+ $array['messages'][0]['contact_uuid'] = $contact_uuid;
+ $array['messages'][0]['message_type'] = $message_type;
+ $array['messages'][0]['message_direction'] = 'outbound';
+ $array['messages'][0]['message_date'] = 'now()';
+ $array['messages'][0]['message_from'] = $message_from;
+ $array['messages'][0]['message_to'] = $message_to;
+ $array['messages'][0]['message_text'] = $message_text;
- //prepare the array
- $array['messages'][0] = $message;
+ //build message media array (if necessary)
+ if (is_array($message_media)) {
+ foreach($message_media as $index => $media) {
+ $array['message_media'][$index]['message_media_uuid'] = $media['uuid'];
+ $array['message_media'][$index]['message_uuid'] = $message_uuid;
+ $array['message_media'][$index]['domain_uuid'] = $_SESSION["domain_uuid"];
+ $array['message_media'][$index]['user_uuid'] = $_SESSION["user_uuid"];
+ $array['message_media'][$index]['message_media_type'] = strtolower(pathinfo($media['name'], PATHINFO_EXTENSION));
+ $array['message_media'][$index]['message_media_url'] = $media['name'];
+ $array['message_media'][$index]['message_media_content'] = base64_encode(file_get_contents($media['tmp_name']));
+ }
+ }
//save to the data
$database = new database;
@@ -123,18 +146,24 @@
$database->uuid($message_uuid);
$database->save($array);
$message = $database->message;
+ unset($array, $message);
//debug info
- //echo "";
- //print_r($message);
- //echo "
";
- //exit;
+ //echo "".print_r($message, true)."
"; exit;
- //send the message to the provider
- $array["to"] = $message_to;
- $array["text"] = $message_text;
- //$array["media"] = '';
- $http_content = json_encode($array);
+ //santize the from
+ $message_from = preg_replace('{[\D]}', '', $message_from);
+
+ //prepare message to send
+ $message['to'] = $message_to;
+ $message['text'] = $message_text;
+ if (is_array($message_media) && sizeof($message_media) != 0) {
+ $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? 'https://' : 'http://';
+ foreach ($message_media as $index => $media) {
+ $message['media'][] = $protocol.$_SERVER['HTTP_HOST'].'/app/messages/message_media.php?id='.$media['uuid'].'&action=download';
+ }
+ }
+ $http_content = json_encode($message);
//settings needed for REST API
$http_method = $_SESSION['message']['http_method']['text'];
@@ -145,9 +174,6 @@
$http_auth_user = $_SESSION['message']['http_auth_user']['text'];
$http_auth_password = $_SESSION['message']['http_auth_password']['text'];
- //santize the from
- $message_from = preg_replace('{[\D]}', '', $message_from);
-
//exchange variable name with their values
$http_destination = str_replace("\${from}", $message_from, $http_destination);
@@ -157,11 +183,11 @@
$headers[] = "Authorization: Basic ".base64_encode($http_auth_user.':'.$http_auth_password);
}
$response = http_request($http_destination, $http_method, $headers, $http_content);
- //echo $response;
+ //echo $http_content."
".$response;
//redirect the user
//$_SESSION["message"] = $text['message-sent'];
return true;
} //(is_array($_POST) && strlen($_POST["persistformvar"]) == 0)
-?>
+?>
\ No newline at end of file
diff --git a/app/messages/messages.php b/app/messages/messages.php
index 5c54ad0b31..c2b661d7fb 100644
--- a/app/messages/messages.php
+++ b/app/messages/messages.php
@@ -106,8 +106,7 @@
echo " \n";
echo " \n";
echo " | \n";
- echo " |
\n";
@@ -281,14 +264,17 @@
echo " $('#message_new').submit(function(event) {\n";
echo " event.preventDefault();\n";
echo " $.ajax({\n";
- echo " url: 'message_send.php',\n";
- echo " type: 'POST',\n";
- echo " data: $('#message_new').serialize(),\n";
+ echo " url: $(this).attr('action'),\n";
+ echo " type: $(this).attr('method'),\n";
+ echo " data: new FormData(this),\n";
+ echo " processData: false,\n";
+ echo " contentType: false,\n";
+ echo " cache: false,\n";
echo " success: function(){\n";
- echo " document.getElementById('message_new').reset();\n";
- echo " $('#message_new_layer').fadeOut(400);\n";
- echo " refresh_contacts();\n";
- echo " }\n";
+ echo " document.getElementById('message_new').reset();\n";
+ echo " $('#message_new_layer').fadeOut(400);\n";
+ echo " refresh_contacts();\n";
+ echo " }\n";
echo " });\n";
echo " });\n";
@@ -308,4 +294,4 @@
//include the footer
require_once "resources/footer.php";
-?>
+?>
\ No newline at end of file
diff --git a/app/messages/messages_contacts.php b/app/messages/messages_contacts.php
index 32b753841f..519589640e 100644
--- a/app/messages/messages_contacts.php
+++ b/app/messages/messages_contacts.php
@@ -121,11 +121,11 @@
foreach($numbers as $number) {
echo " | ";
if ($contact[$number]['contact_name_given'] != '' || $contact[$number]['contact_name_family'] != '') {
- echo " ".$contact[$number]['contact_name_given'].' '.$contact[$number]['contact_name_family'].'';
- echo "".format_phone($number).'';
+ echo " ".escape($contact[$number]['contact_name_given'].' '.$contact[$number]['contact_name_family']).'';
+ echo "".escape(format_phone($number)).'';
}
else {
- echo " ".format_phone($number);
+ echo " ".escape(format_phone($number));
}
echo " |
\n";
$c = $c == 0 ? 1 : 0;
diff --git a/app/messages/messages_thread.php b/app/messages/messages_thread.php
index e78f8aea2f..20e4fe310c 100644
--- a/app/messages/messages_thread.php
+++ b/app/messages/messages_thread.php
@@ -46,16 +46,29 @@
$refresh = $_GET['refresh'] == 'true' ? true : false;
//get messages
- $since = date("Y-m-d H:i:s", strtotime("-24 hours"));
+ if (isset($_SESSION['message']['display_last']['text']) && $_SESSION['message']['display_last']['text'] != '') {
+ $array = explode(' ',$_SESSION['message']['display_last']['text']);
+ if (is_array($array) && is_numeric($array[0]) && $array[0] > 0) {
+ if ($array[1] == 'messages') {
+ $limit = "limit ".$array[0]." offset 0 ";
+ }
+ else {
+ $since = "and message_date >= '".date("Y-m-d H:i:s", strtotime('-'.$_SESSION['message']['display_last']['text']))."' ";
+ }
+ }
+ }
+ if ($limit == '' && $since == '') { $limit = "limit 25 offset 0"; } //default (message count)
$sql = "select * from v_messages ";
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
- //$sql .= "and message_date >= '".$since."' ";
+ $sql .= $since;
$sql .= "and (message_from like '%".$number."' or message_to like '%".$number."') ";
- $sql .= "order by message_date asc ";
+ $sql .= "order by message_date desc ";
+ $sql .= $limit;
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$messages = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+ $messages = array_reverse($messages);
unset ($prep_statement, $sql);
//get media (if any)
@@ -154,7 +167,7 @@
//message bubble
echo "";
if ($message['message_text'] != '') {
- echo str_replace("\n",'
',$message['message_text'])."
\n";
+ echo str_replace("\n",'
',escape($message['message_text']))."
\n";
}
if (is_array($message_media[$message['message_uuid']]) && sizeof($message_media[$message['message_uuid']]) != 0) {
@@ -172,10 +185,10 @@
}
}
}
- echo "".format_when_local($message['message_date'])."\n";
+ echo " ".format_when_local($message['message_date'])."\n";
echo "\n";
}
- echo " \n";
+ echo "\n";
}
if (!$refresh) {
@@ -183,18 +196,23 @@
if (permission_exists('message_add')) {
//output input form
- echo "\n";
//js to load messages for clicked number
@@ -203,9 +221,12 @@
echo " $('#message_compose').submit(function(event) {\n";
echo " event.preventDefault();\n";
echo " $.ajax({\n";
- echo " url: 'message_send.php',\n";
- echo " type: 'POST',\n";
- echo " data: $('#message_compose').serialize(),\n";
+ echo " url: $(this).attr('action'),\n";
+ echo " type: $(this).attr('method'),\n";
+ echo " data: new FormData(this),\n";
+ echo " processData: false,\n";
+ echo " contentType: false,\n";
+ echo " cache: false,\n";
echo " success: function(){\n";
echo " document.getElementById('message_compose').reset();\n";
if (!http_user_agent('mobile')) {
@@ -228,6 +249,4 @@
}
}
-
-
?>
\ No newline at end of file
diff --git a/core/default_settings/app_languages.php b/core/default_settings/app_languages.php
index 99f51afc72..5d7ff04d6f 100644
--- a/core/default_settings/app_languages.php
+++ b/core/default_settings/app_languages.php
@@ -581,6 +581,66 @@ $text['label-12-hour']['ru-ru'] = "12-часовой";
$text['label-12-hour']['sv-se'] = "12-timmars";
$text['label-12-hour']['uk-ua'] = "12-годинний";
+$text['label-hours']['en-us'] = "Hour(s)";
+$text['label-hours']['ar-eg'] = "";
+$text['label-hours']['de-at'] = "";
+$text['label-hours']['de-ch'] = "";
+$text['label-hours']['de-de'] = "";
+$text['label-hours']['es-cl'] = "";
+$text['label-hours']['es-mx'] = "";
+$text['label-hours']['fr-ca'] = "";
+$text['label-hours']['fr-fr'] = "";
+$text['label-hours']['he-il'] = "";
+$text['label-hours']['it-it'] = "";
+$text['label-hours']['nl-nl'] = "";
+$text['label-hours']['pl-pl'] = "";
+$text['label-hours']['pt-br'] = "";
+$text['label-hours']['pt-pt'] = "";
+$text['label-hours']['ro-ro'] = "";
+$text['label-hours']['ru-ru'] = "";
+$text['label-hours']['sv-se'] = "";
+$text['label-hours']['uk-ua'] = "";
+
+$text['label-days']['en-us'] = "Day(s)";
+$text['label-days']['ar-eg'] = "";
+$text['label-days']['de-at'] = "";
+$text['label-days']['de-ch'] = "";
+$text['label-days']['de-de'] = "";
+$text['label-days']['es-cl'] = "";
+$text['label-days']['es-mx'] = "";
+$text['label-days']['fr-ca'] = "";
+$text['label-days']['fr-fr'] = "";
+$text['label-days']['he-il'] = "";
+$text['label-days']['it-it'] = "";
+$text['label-days']['nl-nl'] = "";
+$text['label-days']['pl-pl'] = "";
+$text['label-days']['pt-br'] = "";
+$text['label-days']['pt-pt'] = "";
+$text['label-days']['ro-ro'] = "";
+$text['label-days']['ru-ru'] = "";
+$text['label-days']['sv-se'] = "";
+$text['label-days']['uk-ua'] = "";
+
+$text['label-messages']['en-us'] = "Message(s)";
+$text['label-messages']['ar-eg'] = "";
+$text['label-messages']['de-at'] = "";
+$text['label-messages']['de-ch'] = "";
+$text['label-messages']['de-de'] = "";
+$text['label-messages']['es-cl'] = "";
+$text['label-messages']['es-mx'] = "";
+$text['label-messages']['fr-ca'] = "";
+$text['label-messages']['fr-fr'] = "";
+$text['label-messages']['he-il'] = "";
+$text['label-messages']['it-it'] = "";
+$text['label-messages']['nl-nl'] = "";
+$text['label-messages']['pl-pl'] = "";
+$text['label-messages']['pt-br'] = "";
+$text['label-messages']['pt-pt'] = "";
+$text['label-messages']['ro-ro'] = "";
+$text['label-messages']['ru-ru'] = "";
+$text['label-messages']['sv-se'] = "";
+$text['label-messages']['uk-ua'] = "";
+
$text['header-default_settings']['en-us'] = "Default Settings";
$text['header-default_settings']['ar-eg'] = "";
$text['header-default_settings']['de-at'] = "Standard Einstellungen"; //copied from de-de
diff --git a/core/default_settings/default_setting_edit.php b/core/default_settings/default_setting_edit.php
index 0e981f2971..093aeb1187 100644
--- a/core/default_settings/default_setting_edit.php
+++ b/core/default_settings/default_setting_edit.php
@@ -497,6 +497,18 @@
echo " \n";
echo " \n";
}
+ elseif ($category == "message" && $subcategory == "display_last" && $name == "text") {
+ $array = explode(' ',$default_setting_value);
+ if (!is_numeric($array[0])) { $array[1] = $array[0]; $array[0] = ''; }
+ echo " \n";
+ echo " \n";
+ echo " \n";
+ unset($array);
+ }
elseif ($category == "theme" && $subcategory == "domain_visible" && $name == "text" ) {
echo "