NG_JUN_KAI/worknova.manus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
worknova.manus/inbox.php
LAPTOP-V9RRD1TL\Michelle's Computer f8f8fcaf96 first commit
2025-07-21 21:38:17 +08:00

639 lines
27 KiB
PHP
Raw Blame History

<?php
include 'connect/cms-config.php' ;
include 'requires/function.php' ;
include 'requires/session.php' ;
// include the class
include 'requires/class_resize.php' ;
// check permission
if ( !permissionCheck($row_user, 'inbox-view') ){
header('Location: index.php') ;
exit ;
}
// keep parameter in value
$page = escapeString($_GET['page']) ;
$page_mode = escapeString($_GET['page_mode']) ;
$type = escapeString($_GET['type']) ;
$search = escapeString($_GET['search']) ;
// active inbox bar
$active_main_menu = 'service' ;
$active_sub_menu = 'inbox' ;
$active_menu = 'inbox' ;
$get_user_tier = userTierQuery( $row_user ) ;
// mode type | all list | new | edit
switch($page_mode){
// edit
case 'new' :
case 'edit' :
// check permission
if ( !permissionCheck($row_user, 'inbox-new') && $page_mode == 'new' ){
header('Location: index.php') ;
exit ;
}
// check query exsits
$submit_type = 'new' ;
$mysqli_page = $mysqli->query("SELECT * FROM inbox
WHERE inbox_id = '".$page."' LIMIT 1");
if ($mysqli_page->num_rows > 0){
// keep query value in array
$row_page = $mysqli_page->fetch_array(MYSQLI_ASSOC) ;
$submit_type = 'edit' ;
}
// update database
if ( isset($type) && ( $type == 'new' || $type == 'edit' ) && $_POST['hide'] == 1 ){
$title = escapeString($_POST['title']) ;
$description = escapeString($_POST['description']) ;
if ( $page == '' ){
$mysqli->query("INSERT INTO inbox ( user_id, created_at ) VALUES ( '".$row_user['user_id']."', '".TODAYDATE."' )") ;
$page = $mysqli->insert_id ;
}
// resize image
// set image in variable
$image = $_FILES["image"]["name"] ;
$image_query = '' ;
$remove_photo = $_POST['remove_photo'] ;
if ( $remove_photo == 1 ){
$image = '' ;
$image_query = "file = '',
file_type = ''," ;
}else{
if ( $image != '' ){
$get_image = pathinfo($image) ;
if ( $get_image['extension'] == 'pdf' ){
$file_name = $page.'-'.time().'.pdf' ;
copy($_FILES["image"]["tmp_name"], 'uploads/Inbox/'.$file_name) ;
$image_query= "file = '".$file_name."',
file_type = 'pdf'," ;
}else{
$create_image = reCreateImage('Inbox', $page, $page, '', $image, $_FILES["image"]["type"], $_FILES['image']['tmp_name']) ;
// Image uploads when exists
if ($create_image['result'] && is_array($create_image['crop']) && count($create_image['result']) > 0){
$resizeObj = new resize($create_image['original']) ; // Initialise load image
foreach($create_image['crop'] as $value){
// Resize image (options: exact, portrait, landscape, auto, crop)
$resizeObj -> resizeImage($value['width'], $value['height'], $value['type']) ;
$resizeObj -> saveImage($value['source'], 70) ; // Save image
}
$get_image = pathinfo($create_image['image']) ;
$image_query = "file = '".$create_image['image']."',
file_type = '".$create_image['extension']."'," ;
}
}
}
}
// delete all department & receiver
$receiver_type = dataFilter($_POST['receiver_type']) ;
$receiver_to = $_POST['receiver_to'] ;
$receiver_to_dept = $_POST['receiver_to_dept'] ;
$selected_staff = [] ;
$selected_depart = [] ;
if ( $receiver_type == '1' ){
if( !empty( $receiver_to ) ){
for ( $i = 0 ; $i < count($receiver_to) ; $i++ ){
if ( $receiver_to[$i] != '' ){
$reset_staff = $receiver_to[$i] ;
$selected_staff[$reset_staff] = $reset_staff ;
}
}
}
}else{
if( !empty( $receiver_to_dept ) ){
$array_depart = [] ;
for ( $i = 0 ; $i < count($receiver_to_dept) ; $i++ ){
$department_id = $receiver_to_dept[$i] ;
if ( $department_id != '' ){
// save into department
$selected_depart[]= $department_id ;
// check department staff
$reset_depart = str_replace( ['(', ')'], '', $department_id ) ;
$get_depart_staff = $mysqli->query( "SELECT staff_id FROM staff_department
WHERE deleted_at IS NULL AND department_id = '".$reset_depart."'") ;
if ( $get_depart_staff->num_rows > 0 ){
while ( $row_depart_staff = $get_depart_staff->fetch_assoc() ){
if ( !in_array($row_depart_staff['staff_id'], $array_depart) ){
$array_depart[] = $row_depart_staff['staff_id'] ;
$selected_staff[$row_depart_staff['staff_id']] = $row_depart_staff['staff_id'] ;
}
}
}
}
}
}
}
$related_staff = $selected_staff ;
$selected_staff = ( arrayCheck($selected_staff) ? '/'.implode( '/', $selected_staff ).'/' : '' ) ;
$selected_depart = ( arrayCheck($selected_depart) ? '/'.implode( '/', $selected_depart ).'/' : '' ) ;
// update database
$mysqli->query("UPDATE inbox SET
".$image_query."
staff_id = '".$selected_staff."',
department_id = '".$selected_depart."',
receiver_type = '".escapeString($_POST['receiver_type'])."',
view_format = '".escapeString($_POST['view_format'])."',
title = '".$title."',
description = '".$description."',
content = '".escapeString($_POST['content'])."',
video_url = '".escapeString($_POST['video_url'])."'
WHERE inbox_id = '".$page."'") ;
$mysqli->query( "UPDATE `staff_inbox_view` SET deleted_at = '".TODAYDATE."' WHERE inbox_id = '".$page."'" ) ;
foreach ( $related_staff as $k => $v ){
pushToUserCron( 'inbox', $page, $v, $title, $description, $page ) ;
$mysqli->query( "INSERT INTO staff_inbox_view ( inbox_id, staff_id, is_read ) VALUES ( '".$page."', '".$v."', '0' )" ) ;
}
// refresh page
header("Location:inbox.php?page_mode=edit&page=".$page."&success=1") ;
$_SESSION['system_result'] = 'success-updated' ;
exit ;
}
// get all requires
// get all staff
$staff_list = [] ;
$mysqli_staff = $mysqli->query("SELECT staff_id, staff_name, staff_idno FROM staff
WHERE ( staff_date_resigned IS NULL || staff_date_resigned = '0000-00-00' || staff_date_resigned >= '".TODAYDATE."' ) AND deleted_at IS NULL ".$user_branch_permission_sql . ( $get_user_tier['check'] ? " AND staff_tier IN ( ".implode(', ', $get_user_tier['tiers'])." )" : '' ) ) ;
if ( $mysqli_staff->num_rows > 0 ){
while ( $row_staff = $mysqli_staff->fetch_assoc() ){
$staff_list[$row_staff['staff_id']] = dataFilter($row_staff['staff_name']) . ' ( ' . dataFilter($row_staff['staff_idno']) . ' )' ;
}
}
// get all requires
$department_list = [] ;
$mysqli_department = $mysqli->query("SELECT a.department_id, b.department_desc FROM setting_department a
LEFT JOIN setting_department_translation b ON ( a.department_id = b.department_id )
WHERE a.deleted_at IS NULL AND b.lang = 'en'") ;
if ( $mysqli_department->num_rows > 0 ){
while ( $row_department = $mysqli_department->fetch_assoc() ){
$department_list[$row_department['department_id']] = dataFilter($row_department['department_desc']) ;
}
}
// get all selected staff & department
$receiver_staff = ( $row_page['staff_id'] != '' ? explode('/', $row_page['staff_id']) : [] ) ;
$receiver_depart = ( $row_page['department_id'] != '' ? explode('/', $row_page['department_id']) : [] ) ;
// start header here
include 'requires/page_header.php';
include 'requires/page_top.php';
?>
<style>
.stafflist_check, .departmentlist_check{
margin-top:5px;
margin-bottom:5px;
}
.form-group-pdf, .form-group-message, .form-group-video, .form-group-pdf-message{
display:none;
}
</style>
<script>
$(document).ready(function(){
$(".view_format").change(function(){
var thisKey = $(this) ;
if ( thisKey.val() == 'pdf' ){
$(".form-group-pdf").show() ;
$(".form-group-message").hide() ;
$(".form-group-pdf-message").show() ;
$(".form-group-video").hide() ;
}else if ( thisKey.val() == 'video' ){
$(".form-group-pdf").hide() ;
$(".form-group-message").hide() ;
$(".form-group-pdf-message").hide() ;
$(".form-group-video").show() ;
}else{
$(".form-group-pdf").hide() ;
$(".form-group-message").show() ;
$(".form-group-pdf-message").show() ;
$(".form-group-video").hide() ;
}
}) ;
$("#checkAll").click(function(){
$("#selectuser option").prop("selected","selected");
$("#selectuser").trigger("change");
});
$("#unCheckAll").click(function(){
$("#selectuser option").removeAttr("selected");
$("#selectuser").trigger("change");
});
$("#checkAllDept").click(function(){
$("#selectdept option").prop("selected","selected");
$("#selectdept").trigger("change");
});
$("#unCheckAllDept").click(function(){
$("#selectdept option").removeAttr("selected");
$("#selectdept").trigger("change");
});
$('input[type=radio][name=receiver_type]').on('change', function(){
hideshowlist($(this).val()) ;
});
<?php if ( $submit_type == 'edit' ){ ?>
hideshowlist('<?= $row_page['receiver_type'] ?>') ;
<?php }else{ ?>
hideshowlist(1) ;
<?php } ?>
$('input[type=radio][name=receiver_type]').on('change', function(){
hideshowlist($(this).val()) ;
});
function hideshowlist(id){
if( id == '1' ){
$('.stafflist').show();
$('.departmentlist').hide();
}else{
$('.stafflist').hide();
$('.departmentlist').show();
}
}
function hideshowlist(id){
if ( id == '1' ){
$('.stafflist').show();
$('.stafflist').next(".select2-container").show();
$('.departmentlist').hide();
$('.departmentlist').next(".select2-container").hide();
}else{
$('.stafflist').hide();
$('.stafflist').next(".select2-container").hide();
$('.departmentlist').show();
$('.departmentlist').next(".select2-container").show();
}
}
}) ;
</script>
<div class="warper container-fluid">
<div class='container' style="background-color: white; border-radius: 10px;">
<div class="page-header" style="margin: 30px 0px 0px 0px;padding: 0px;">
<h1>Inbox <small><?= $lang[$page_mode] ?></small></h1>
</div>
<?php
if ( $_SESSION['system_result'] != '' ){
switch($_SESSION['system_result']){
case 'success-updated' :
echo '<div class="result_success">'.$lang['Thank you details has been updated'].'</div>' ;
break ;
}
unset($_SESSION['system_result']) ;
}
?>
<div class="panel panel-default">
<div class="panel-heading"></div>
<div class="panel-body">
<form method="post" class="form-horizontal" id="quotationForm" enctype="multipart/form-data" action="inbox.php?page_mode=edit&page=<?= $page ?>&type=edit" novalidate="novalidate">
<div class="form-group">
<div class="col-sm-2 control-label">To</div>
<div class="col-sm-9">
<div class="div_radio">
<label><input type="radio" name="receiver_type" id="type1" value="1" <?= ( $row_page['receiver_type'] == '' || $row_page['receiver_type'] == '1' ? 'checked' : '' ) ?> required /> Individual</label>&nbsp;&nbsp;&nbsp;
<label><input type="radio" name="receiver_type" value="2" <?= ( $row_page['receiver_type'] == '2' ? 'checked' : '' ) ?> required /> </i> Department</label>
</div>
<div class="div_radio_select">
<div class="stafflist">
<div class="stafflist_select">
<select name="receiver_to[]" id="selectuser" class="chosen-select form-control tab_index ui-dropdown-select ui-search-input select2-basic-single" multiple>
<?php
if ( count($staff_list) > 0 ){
foreach ( $staff_list as $k => $v ){
echo '<option value="'.$k.'" '.( in_array( $k, $receiver_staff ) ? 'selected' : '').'>'.$v.'</option>' ;
}
}
?>
</select>
</div>
<div class="stafflist_check">
<a class="btn btn-xs btn-danger" id="checkAll"><i class="fa fa-check-circle"></i> </i> <?= $lang['Check All']?></a>
<a class="btn btn-xs btn-danger" id="unCheckAll"><i class="fa fa-times-circle"></i> </i> <?= $lang['Uncheck All']?></a>
</div>
</div>
<div class="departmentlist">
<div class="departmentlist_select">
<select name="receiver_to_dept[]" id="selectdept" class="chosen-select form-control tab_index ui-dropdown-select ui-search-input select2-basic-single" multiple>
<?php
if ( count($department_list) > 0 ){
foreach ( $department_list as $k => $v ){
echo '<option value="'.$k.'" '.( in_array( $k, $receiver_depart ) ? 'selected' : '').'>'.$v.'</option>' ;
}
}
?>
</select>
</div>
<div class="stafflist_check">
<a class="btn btn-xs btn-danger" id="checkAllDept"><i class="fa fa-check-circle"></i> <?= $lang['Check All']?></a>
<a class="btn btn-xs btn-danger" id="unCheckAllDept"><i class="fa fa-times-circle"></i> <?= $lang['Uncheck All']?></a>
</div>
</div>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-2 control-label"><?= $lang['title'] ?></div>
<div class="col-sm-9">
<input type="text" name="title" class="form-control ui-search-input" value="<?= dataFilter($row_page['title']) ?>" placeholder="<?= $lang['title'] ?>" >
</div>
</div>
<div class="form-group">
<div class="col-sm-2 control-label"><?= $lang['Description'] ?></div>
<div class="col-sm-9">
<input type="text" name="description" class="form-control ui-search-input" value="<?= dataFilter($row_page['description']) ?>" placeholder="<?= $lang['Description'] ?>" >
</div>
</div>
<hr />
<div class="form-group">
<div class="col-sm-2 control-label">Format</div>
<div class="col-sm-9">
<label><input type="radio" name="view_format" class="view_format" <?= ( $row_page['view_format'] == '' || $row_page['view_format'] == 'pdf' ? 'checked' : '' ) ?> value="pdf" /> PDF</label>
<label style="margin-left:10px;"><input type="radio" name="view_format" class="view_format" <?= ( $row_page['view_format'] == 'message' ? 'checked' : '' ) ?> value="message" /> Message</label>
<label style="margin-left:10px;"><input type="radio" name="view_format" class="view_format" <?= ( $row_page['view_format'] == 'video' ? 'checked' : '' ) ?> value="video" /> Video</label>
</div>
</div>
<div class="form-group form-group-message" <?= ( $row_page['view_format'] == 'message' ? 'style="display:block;"' : '' ) ?> >
<div class="col-sm-2 control-label">Message</div>
<div class="col-sm-9">
<textarea name="content" class="content" id="editor1" rows="10" cols="80"><?= dataFilter($row_page['content']) ?></textarea>
<script> CKEDITOR.replace('editor1') ; </script>
</div>
</div>
<div class="form-group form-group-video" <?= ( $row_page['view_format'] == 'video' ? 'style="display:block;"' : '' ) ?> >
<div class="col-sm-2 control-label">Video</div>
<div class="col-sm-9">
<textarea name="video_url" class="video form-control ui-search-input"><?= dataFilter($row_page['video_url']) ?></textarea>
</div>
</div>
<div class="form-group form-group-pdf-message" <?= ( $row_page['view_format'] == '' || $row_page['view_format'] == 'message' || $row_page['view_format'] == 'pdf' ? 'style="display:block;"' : '' ) ?> >
<div class="col-sm-2 control-label">Photo</div>
<div class="col-sm-9">
<div class="file_upload">
<div class="file_form">
<input type="hidden" name="hide_image" value="<?= dataFilter($row_page['file']) ?>" />
<input type="hidden" name="remove_photo" value="">
<input type="file" name="image" class="file_button control-label" />
</div>
</div>
</div>
</div>
<div class="form-group form-group-pdf-message" <?= ( $row_page['view_format'] == '' || $row_page['view_format'] == 'message' || $row_page['view_format'] == 'pdf' ? 'style="display:block;"' : '' ) ?> >
<div class="col-sm-2 control-label">Preview</div>
<div class="col-sm-9">
<?php
if ( $row_page['file'] != '' ){
echo '
<label class="remove_photo"><input type="checkbox" name="remove_photo" class="ui-checkbox tick" value="1">&nbsp;Remove</label>
<a href="'.PATH.'uploads/Inbox/'.dataFilter($row_page['file']).'" target="_blank">Download</a>' ;
}else{
echo '
<input type="hidden" name="remove_photo" value="" >' ;
}
?>
</div>
</div>
<?php if ( $page_mode == 'new' || $row_user['user_permission'] == 'admin' || $row_user['user_id'] == $row_page['user_id'] ){ ?>
<div class="form-group">
<div class="col-sm-2 control-label"></div>
<div class="col-sm-9">
<button type="submit" class="btn" style="color:white;background-color: #5e5bd0;float:right; margin-top: 5px;width: 100px;"><?= $lang['submit'] ?></button>
<input type="hidden" name="hide" value="1">
<input type="hidden" name="page_status" value="<?= $submit_type ?>">
</div>
</div>
<?php } ?>
</form>
</div>
</div>
</div>
</div>
<?php
break ;
// all list
case 'all' :
default :
$search_title = escapeString($_GET['search_title']) ;
$search_description = escapeString($_GET['search_description']) ;
$search_date = ( $_GET['search_date']!= '' ? date('Y-m-d', strtotime($_GET['search_date'])) : '' ) ;
// query type
$search_query = '' ;
// search query
if( $search_title != ''){
$search_query .= " AND title LIKE '%".$search_title."%'" ;
}
if( $search_description != ''){
$search_query .= " AND a.description LIKE '%".$search_description."%'" ;
}
if ( $search_date != '' ){
$search_query .= " AND a.created_at like '%".$search_date."%' " ;
}
$search_query .= ( $get_user_tier['check'] ? " AND ( b.user_tier LIKE '%|" . implode( "|%' OR b.user_tier LIKE '%|", $get_user_tier['tiers'] ) . "|%' )" : "" ) ;
// form submit
if ($_POST['hide'] == '1' && $_POST['hide_status'] == 'action'){
// trash item
switch($_POST['page_action']){
case 'trash':
$mysqli_query = "UPDATE inbox SET
deleted_at = '".TODAYDATE."'
WHERE inbox_id = " ;
$trash_page = trashPage('inbox', $mysqli, $mysqli_query, $_POST['multiple_trash']) ;
break;
}
}
// pagination
if (isset($page) && !empty($page)) { $product_page = $page ; } else { $product_page = 1 ; } // next and prev page (5 thing need to change)
$start_from = ($product_page - 1) * LIMIT ; //end next and prev page
// set search url
$search_url = 'page_mode=list&search='.$search.'&search_description='.$search_description.'&search_title='.$search_title.'&search_date='.$search_date ;
// page query
$mysqli_query = "SELECT * FROM inbox a
LEFT JOIN system_user b ON ( a.user_id = b.user_id )
WHERE a.deleted_at IS NULL AND a.receiver_type IN ( '1', '2' ) " . $search_query ;
$mysqli_page = $mysqli->query( $mysqli_query." ORDER BY inbox_id LIMIT $start_from, " . LIMIT ) ;
// load pagination
$page_pagination = nextPrevious($product_page, LIMIT, $search_url, $mysqli_query) ;
// start header here
include 'requires/page_header.php' ;
include 'requires/page_top.php' ;
?>
<!-- Header Ends -->
<div class="warper container-fluid">
<div class='container' style="background-color: white; border-radius: 10px;">
<div class="page-header" style="margin: 30px 0px 0px 0px;padding: 0px;">
<div class="row">
<div class="pull-left col">
<h1>Inbox <small><?= $lang['list'] ?></small></h1>
</div>
<div class="pull-right col">
<?php if ( permissionCheck($row_user, 'inbox-new') ){ ?>
<a href="inbox.php?page_mode=new" class="btn" style="color:white;margin:5px;background-color: #5e5bd0;margin-top: 5px;" target="_blank"><?= $lang['add_new'] ?></a>
<?php } ?>
</div>
</div>
</div>
<div class="panel panel-default" id="basic-table-title">
<div class="panel-heading"></div>
<div class="panel-body">
<form method="get" class="form-horizontal">
<div class="form-group">
<label class="col-sm-2 control-label"><?= $lang['title'] ?></label>
<div class="col-sm-9">
<input type="text" name="search_title" value="<?= $search_title ?>" class="form-control" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label"><?= $lang['Description'] ?></label>
<div class="col-sm-9">
<input type="text" name="search_description" value="<?= $search_description ?>" class="form-control" />
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label"><?= $lang['date'] ?></label>
<div class="col-sm-9">
<input class="form-control" name="search_date" type="date" value="<?= $search_date ?>" placeholder="Date Resigned">
</div>
</div>
<div class="form-group">
<div class="col-sm-11">
<input type="hidden" name="page_mode" value="<?= $page_mode ?>" />
<input type="hidden" name="search" value="<?= $search ?>" />
<button type="submit" class="btn" style="margin-top:5px;float:right;width:100px;color:white;background-color: #5e5bd0;"><?= $lang['submit'] ?></button>
</div>
</div>
</form>
</div>
</div>
<form method="post">
<?php if ( permissionCheck($row_user, 'inbox-trash') ){ ?>
<!-- trash -->
<div class="panel panel-default">
<div class="panel-body">
<select name="page_action" class="form-control selectpicker">
<option value=""><?= $lang['select'] ?></option>
<option value="trash"><?= $lang['move_to_trash'] ?></option>
</select>
<input type="hidden" name="hide" value="1" />
<input type="hidden" name="hide_status" value="action" />
<input type="submit" class="btn" style="width:100px;color:white;background-color: #5e5bd0;" value="<?= $lang['submit'] ?>" />
</div>
</div>
<!-- end trash -->
<?php } ?>
<div class="panel panel-default">
<div class="panel-heading"></div>
<div class="panel-body">
<table cellpadding="0" cellspacing="0" border="0" class="listing-table responsive table table-striped table-bordered" id="basic-datatable">
<thead>
<tr>
<th><?= $lang['Action'] ?></th>
<th><?= $lang['title'] ?></th>
<th><?= $lang['Description'] ?></th>
<th><?= $lang['date'] ?></th>
<th width="50"><?= $lang['trash'] ?></th>
</tr>
</thead>
<tbody>
<?php
if ($mysqli_page->num_rows > 0){
while ($row_page = $mysqli_page->fetch_array(MYSQLI_ASSOC)){
$id = $row_page['inbox_id'] ;
$title = dataFilter($row_page['title']) ;
echo '
<tr class="odd gradeX">
<td class="align_center">
<a title="'.$lang['Edit'].'" href="inbox.php?page_mode=edit&page='.$id.'"><i class="fa fa-edit"></i></a>
</td>
<td><a href="inbox.php?page_mode=edit&page='.$id.'">'.$title.'</a></td>
<td>'.dataFilter($row_page['description']).'</td>
<td>'.resetDateFormat($row_page['created_at']).'</td>
<td>
<div class="checkbox multiple_trash">
<input type="checkbox" name="multiple_trash['.$id.']" class="trash_button" value="1">
<label for="checkbox1"></label>
</div>
</td>
</tr>';
}
}else{
echo '
<tr class="odd gradeX">
<td class="border_none">'.$lang['no_data'].' </td>
<td class="border_none"></td>
<td class="border_none"></td>
<td class="border_none"></td>
<td class="border_none"></td>
</tr>' ;
}
?>
</tbody>
</table>
<?= $page_pagination['page_pagination'] ?>
</div>
</div>
</form>
</div>
</div>
<?php
break ;
}
// footer
include 'requires/page_footer.php' ;
?>
Reference in New Issue View Git Blame Copy Permalink