Commit 32ffddb2 authored by Nigel McNie's avatar Nigel McNie
Browse files

Overhauled the friends listing script. Now returns a lot more information...

Overhauled the friends listing script. Now returns a lot more information about the friends a user has, so that the friends screen can have more functionality, such as sending messages and managing the friendship relationship
parent a05fe497
......@@ -30,7 +30,7 @@ define('JSON', 1);
require(dirname(dirname(__FILE__)) . '/init.php');
$pending = param_boolean('pending');
$filter = param_integer('filter');
$limit = param_integer('limit', 10);
$offset = param_integer('offset', 0);
$control = param_boolean('control');
......@@ -46,67 +46,129 @@ if ($control) {
$values['id'] = param_integer('id');
$values['rejectreason'] = param_variable('rejectreason', null);
$values['rejectsubmit'] = param_alpha('rejectsubmit', null);
$values['reason'] = param_variable('reason', null);
}
catch (ParameterException $e) {
json_reply(true, $e->getMessage());
}
$user = get_record('usr', 'id', $values['id']);
if ($values['type'] == 'message') {
try {
send_user_message($user, param_variable('message'));
json_reply(false, get_string('messagesent'));
}
catch (AccessDeniedException $e) {
json_reply(true, get_string('messagenotsent'));
}
exit;
}
// FIXME: there's no validation here, and possibly none on the user view
// page, for people submitting friend requests to users who do not want them.
// See bug #741. Language string not translated so people will not forget
// this
if ($values['type'] == 'request' && $values['id'] == $USER->get('id')) {
json_reply(true, 'You cannot request a friendship with yourself');
}
friend_submit(null, $values);
exit;
}
// normal processing (getting friends list)
if (empty($pending)) {
$data = array();
if ($filter == 1) {
$count = count_records_select('usr_friend', 'usr1 = ? OR usr2 = ?', array($userid, $userid));
$sql = 'SELECT u.id, u.username, u.firstname, u.lastname, u.preferredname, u.staff
$sql = 'SELECT u.id, u.username, u.firstname, u.lastname, u.preferredname,
(SELECT a.title FROM {artefact} a WHERE a.owner = u.id AND a.artefacttype = \'introduction\') AS introduction,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages
FROM {usr} u
WHERE u.id IN (
SELECT (CASE WHEN usr1 = ? THEN usr2 ELSE usr1 END) AS userid
FROM {usr_friend} WHERE (usr1 = ? OR usr2 = ?))';
if (!$data = get_records_sql_assoc($sql, array($userid, $userid, $userid), $offset, $limit)) {
$data = array();
}
if (!$views = get_views(array_keys($data), null, null)) {
FROM {usr_friend} WHERE (usr1 = ? OR usr2 = ?))
ORDER BY u.id';
$data = get_records_sql_assoc($sql, array($userid, $userid, $userid), $offset, $limit);
if (!$data || !$views = get_views(array_keys($data), null, null)) {
$views = array();
}
$data = array_values($data);
}
else {
$count = count_records('usr_friend_request' , 'owner', array($userid));
$sql = 'SELECT u.id, u.firstname, u.lastname, u.preferredname, u.username, fr.reason
else if ($filter == 2) {
$count = count_records('usr_friend_request', 'owner', array($userid));
$sql = 'SELECT u.id, u.username, u.firstname, u.lastname, u.preferredname, fr.reason, 1 AS pending,
(SELECT a.title FROM {artefact} a WHERE a.owner = u.id AND a.artefacttype = \'introduction\') AS introduction,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages
FROM {usr} u
JOIN {usr_friend_request} fr ON fr.requester = u.id
WHERE fr.owner = ?';
WHERE fr.owner = ?
ORDER BY u.id';
$data = get_records_sql_array($sql, array($userid), $offset, $limit);
$views = array();
}
if (empty($data)) {
$data = array();
else {
$count = count_records_select('usr_friend', 'usr1 = ? OR usr2 = ?', array($userid, $userid))
+ count_records('usr_friend_request', 'owner', array($userid));
$sql = 'SELECT u.id, u.username, u.firstname, u.lastname, u.preferredname, NULL as reason, 0 AS pending,
(SELECT a.title FROM {artefact} a WHERE a.owner = u.id AND a.artefacttype = \'introduction\') AS introduction,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages
FROM {usr} u
WHERE u.id IN (
SELECT (CASE WHEN usr1 = ? THEN usr2 ELSE usr1 END) AS userid
FROM {usr_friend} WHERE (usr1 = ? OR usr2 = ?))
UNION
SELECT u.id, u.username, u.firstname, u.lastname, u.preferredname, fr.reason, 1 AS pending,
(SELECT a.title FROM {artefact} a WHERE a.owner = u.id AND a.artefacttype = \'introduction\') AS introduction,
COALESCE((SELECT ap.value FROM {usr_account_preference} ap WHERE ap.usr = u.id AND ap.field = \'messages\'), \'allow\') AS messages
FROM {usr} u
JOIN {usr_friend_request} fr ON fr.requester = u.id
WHERE fr.owner = ?
ORDER BY pending DESC, id';
$data = get_records_sql_assoc($sql, array($userid, $userid, $userid, $userid));
if (!$data || !$views = get_views(array_keys($data), null, null)) {
$views = array();
}
}
foreach ($data as $d) {
$d->name = display_name($d);
if ($data) {
$data = array_values($data);
foreach ($data as $d) {
$d->name = display_name($d);
if (isset($d->introduction)) {
$d->introduction = format_introduction($d->introduction);
}
$d->messages = ($d->messages == 'allow' || is_friend($userid, $d->id) && $d->messages == 'friends' || $USER->get('admin')) ? 1 : 0;
}
}
json_headers();
$viewcount = array_map('count', $views);
// since php is so special and inconsistent, we can't use array_map for this because it breaks the top level indexes.
$cleanviews = array();
foreach ($views as $userindex => $viewarray) {
$cleanviews[$userindex] = array_slice($viewarray, 0, 5);
// Don't reveal any more about the view than necessary
foreach ($cleanviews as $userviews) {
foreach ($userviews as &$view) {
foreach (array_keys(get_object_vars($view)) as $key) {
if ($key != 'id' && $key != 'title') {
unset($view->$key);
}
}
}
}
}
print json_encode(array(
json_reply(false, array(
'count' => $count,
'limit' => $limit,
'offset' => $offset,
'data' => $data,
'pending' => $pending,
'views' => $cleanviews,
'filter' => $filter,
'views' => $cleanviews,
'numviews' => $viewcount,
));
exit;
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment