Notebubble/action.php

<?php
error_reporting(0);
header('Expires: Sun, 01 Jan 2014 00:00:00 GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Pragma: no-cache');
include "include/init.php";
date_default_timezone_set($settings['timezone']);
include "include/sqlcon.php";
include "include/functions.php";
if (isset($_POST['mode'])) {
    switch ($_POST['mode']) {
        case "setsettings":
            foreach ($_POST['settings'] as $key => $setting) {
                $settings[$key] = $setting;
            }
            
            if ($system['os'] == "w") {
		        $sfile = file_get_contents($system['workdir'] . "settings.php");
		        if (!is_numeric(strpos($sfile, "path"))) {
		            unset($settings['path']);
		        }
            }
            
            unset($settings['locale_not_set']);
            if ($system['os'] == "w") {
                file_put_contents($system['workdir'] . "settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
            } else {
                file_put_contents("$home_dir/.local/share/notebubble/settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
            }
            header("location: index.php?loadpage=appsettings");
        break;
        case "openlink":
            $link = html_entity_decode($_POST['link']);
            if (get_os() == "w") {
                exec("start \"\" \"$link\"");
            } else {
                exec("DISPLAY=:0 dbus-launch xdg-open \"$link\"");
            }
        break;
        case "newmessage":
            include "system/newmessage.php";
            echo "ok";
        break;
        case "addchat":
            if (!empty($_FILES["picture"]["name"])) {
                $target_file = basename($_FILES["picture"]["name"]);
                if (move_uploaded_file($_FILES["picture"]["tmp_name"], $target_file)) {
                }
            } else {
                $target_file = time() . ".jpg";
                if (get_os() == "w") {
                    exec('magick -size 512x512 canvas:"' . $_POST['color'] . '" -gravity center -fill white -font Arial -pointsize 200 -annotate 0 "' . ucfirst(substr($_POST['name'], 0, 1)) . '" ' . $target_file);
                } else {
                    exec('convert -size 512x512 canvas:"' . $_POST['color'] . '" -gravity center -fill white -font Arial -pointsize 200 -annotate 0 "' . ucfirst(substr($_POST['name'], 0, 1)) . '" ' . $target_file);
                }
            }
            if (empty($_FILES["picture"]["name"]) && isset($_POST['edit'])) {
                $image = PDO_FetchAll("SELECT image FROM chat WHERE id = " . $_POST['edit']) [0]['image'];
            } else {
                if (get_os() == "w") {
                    exec("magick \"" . $target_file . "\" -resize 100x100 temp.jpg");
                } else {
                    exec("convert \"" . $target_file . "\" -resize 100x100 temp.jpg");
                }
                unlink($target_file);
                $image = base64_encode(file_get_contents("temp.jpg"));
            }
            $name = $_POST['name'];
            $desc = $_POST['desc'];
            $color = $_POST['color'];
            $pass = $_POST['pass'];
            @unlink($target_file);
            @unlink("temp.jpg");
            if (isset($_POST['edit'])) {
                PDO_Execute("UPDATE chat SET name = \"$name\",desc = \"$desc\",image = \"$image\",color = \"$color\",pass = \"$pass\" WHERE id = " . $_POST['edit']);
            } else {
                PDO_Execute("INSERT INTO chat (name,desc,image,color,pass) VALUES (\"$name\",\"$desc\",\"$image\",\"$color\",\"$pass\")");
            }
            header("location: index.php");
        break;
    }
}
@$id = $_GET['id'];
if (isset($_GET['mode'])) {
    switch ($_GET['mode']) {
        case "downloadfile":
            $file = PDO_FetchAll("SELECT name,type,size,content FROM attachment WHERE message_id = $id") [0];
            header('Content-type:  ' . $file['type']);
            header('Content-Length: ' . $file['size']);
            header('Content-Disposition: attachment; filename="' . $file['name'] . '"');
            if (is_numeric(strpos($file['type'], "image"))) {
                file_put_contents($file['name'], base64_decode($file['content']));
                readfile($file['name']);
                @unlink($file['name']);
            } else {
                $tmpname = time() . ".7z";
                file_put_contents("./tmp/" . $tmpname, base64_decode($file['content']));
                exec("7z x \"./tmp/$tmpname\" -o./tmp/ -y");
                readfile("./tmp/" . $file['name']);
                @unlink("./tmp/" . $file['name']);
                @unlink("./tmp/" . $tmpname);
            }
            die();
        break;
        case "deletemsg":
            PDO_Execute("DELETE FROM message WHERE id = $id");
            PDO_Execute("DELETE FROM urlpreview WHERE message_id = $id");
            PDO_Execute("DELETE FROM attachment WHERE message_id = $id");
            PDO_Execute("DELETE FROM reminder WHERE message_id = $id");
            PDO_Execute("DELETE FROM todo WHERE message_id = $id");
            PDO_Execute("VACUUM");
        break;
        case "pinchat":
            PDO_Execute("UPDATE chat SET pinned = 1 WHERE id = $id");
            include "system/sidebar.php";
        break;
        case "unpinchat":
            PDO_Execute("UPDATE chat SET pinned = 0 WHERE id = $id");
            include "system/sidebar.php";
        break;
        case "highlight":
            PDO_Execute("UPDATE message SET highlight = 1 WHERE id = $id");
        break;
        case "unhighlight":
            PDO_Execute("UPDATE message SET highlight = 0 WHERE id = $id");
        break;
        case "pinmessage":
            $chat_id = PDO_FetchAll("SELECT chat.id as chat_id FROM message LEFT JOIN chat ON chat_id = chat.id WHERE message.id = $id") [0]['chat_id'];
            PDO_Execute("UPDATE message SET pinned = 0 WHERE chat_id = $chat_id");
            PDO_Execute("UPDATE message SET pinned = 1 WHERE id = $id");
            @$message = PDO_FetchAll("SELECT message.*,urlpreview.url,urlpreview.site,urlpreview.title,urlpreview.desc,urlpreview.image,attachment.name as fname,attachment.type as ftype,attachment.size as fsize,attachment.content as fcontent,chat.color as color FROM message LEFT JOIN urlpreview ON urlpreview.message_id = message.id LEFT JOIN attachment ON attachment.message_id = message.id LEFT JOIN chat ON chat_id = chat.id WHERE message.id = $id AND message.pinned = 1") [0];
            $image = "";
            if (!empty($message)) {
                if (!empty($message['fname'])) {
                    if (is_numeric(strpos($message['ftype'], "image"))) {
                        $preview = "data:" . $message['ftype'] . ";base64," . $message['fcontent'];
                    } else {
                        $preview = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOEAAADhCAMAAAAJbSJIAAAAe1BMVEX///8AAAD7+/vY2NhsbGzJycnNzc3i4uLr6+tYWFj4+PhlZWXy8vLn5+fW1tZVVVUxMTFHR0cNDQ1bW1srKysWFhYaGho8PDyhoaElJSWzs7OOjo5CQkJ5eXk0NDSsrKy9vb1NTU2VlZV2dnaFhYWkpKQYGBiBgYEgICDZ46A9AAAKeklEQVR4nO2d53biMBCFMaEtkAQIS08wbcn7P+HGNp2Zq2KNJHL4fmNZg6ZpVFypPHny5MlvpN0O3QNR0trXdPrVmYXuhxTpKDnyO2XcJhdsQvdGgFpyRS10f5xzI2CSTEL3yDGdWwGTpBW6T04hBEzmoTvlkjsVzRiH7pVDSAGTpBu6X86gVDSjGbpjrmBGMEneQvfMEayAv8WZcir6w+/IwYGAvyOr4VU0SeqhO+cCJOAqdOdcAFTU0M9U2+3uD+2qVFftgALqhoruS329+Vj08rnld2/R2e8azUh8FFJRTSNsTN5H1NPDzvJFuPcawBFsaDSQwhaS5FOnEUFKCtjYY/FyRvOAiV85FU37GvLldEINZCkBZ1+68mWsgshYRkUb/0zky2X0r6slBHyFo88x9xw+SqjoxEa+H6apH9EK7AVsf1gK+MPWl3hlVLQxsBcwSRavngSEIwgFtNXQE2l4AaGKbtGTeiw9CGivoooUTY91vAJWVy4ElPc31ira1s7SwopoLWDVmYCyCz72Kjp2J6Cku4lEQLkKVxQqWiCzHmId6KsLjT4P+vvJbrncTTY6492XEFBQRcf79Kos10xrU8UjAiuTciO4p2py7bpijuXcFMVscMKa1Cus43w7FlBKRXH0bqGplls9FRJQXZuoA3t0uXInpKI66VeXH8aOK/HEBEz13r5mG3BWgRNSUe0F8CXXwocD4TLsBURhYmBQHky5RtwsbMioqImA/Cg62RsoE+gHhiUlzhYduFMhGzSumTEetXxJIwYVzenSVcihvWgFQmHCZg2iTjdV0tfIqKipDR6g9bRczSYWGyxoko19ldnXEI0NHtiQ7ZVYdbMX0FWgv+GFbND+REBUNlhAWuKnbWtCgb7USi6ZvH1ZNhabDRaQjdotDQsl22VX/8huWUXEuMLEGTIBt3E1capohQmJFosYEaVqt1DtmjvTCMPECcrKjfewRupkCqi0xvTQSrQ2mEPtAzCcQMUY6C+YE42PjFqI2QYzqGLGwKSByEeQ3o5jImHEYeIApaX/9B+P2osWlPM0saZql3wSL9COFnGHiQMr4hW6ET9+G8ygXqF5tCr2MFHQol6il3k/gJPJmFFv0Zo9PYQNVphqm84iYvSB/gj5Ho29Q48QJnLIwv5UXRJ+FBVleqpeQnyMMJFBetJkp3rsMcJEDr1JXPVXPowNckM4VJRLH8cGuYUZRR3qcWyQW5dRRMMgNtjczefrmfkG2CH5MlzCCLFPJj3+Nx3DCzOoeVOi2L0XQEWvTnUZbS0kM1LF2wKMYOt6n6HBjRLMNgW47StAmGj9vfmx9mYYxsvAjgYIE617X6HpdN+494HpPWO3agEr1jZICKi5t5AdwSRln6GKcidkwsSdiuborN/yAvJDCI852u+6hwJ+k4+kZQTkV385z5vjzQZzlBMDJCA7b+I8bw4cQXsBue3oyj1bQEBWxenNUzoCOrbBDFWdDAnIVqBQPz2PoLJOhgRkdRQdQ5FJ1TgbzMBbfJGAbHmG3ROeSNVFGS+ag/czIQHZ//TVUkCo22ap2iUwt4ACsodIgar5DRM5MPVmU7UMNqPdCQhobYPJGFU64QiypYsu/4zvMPFDD6VsUED+vBM/obBP1eAIAidTQsA/7GMN9pkANthDlRosIK/crLKlSEBXM3pnAvLPsW4GHd93OKO/EtBaRd9BX7mrb1AtQSRV+4n0aARhmPgA/pc7/oUOYgqFCXsVfUcBhnkG1f1LpGrkTYhHAQW8aIWf9qLCrL0NBhCQ6y2YoAmFCRkbZOcUC/AIvHUsQJiANlipvBt3FFVUQ6RqWEWZ1UVUJkH1uBCBXlVapfs74t9nNfvMBfSeqhX0yMf4ZKZKP5CDR9B3sn2Arq+B1UWko9Y2CJfcbVO1A3QVny/HMmabEV+YyKEDMP97UJCzFnAoFSb45/lg32ZfFmGYyKEzNr5WyS9N2ZYNhQWk13tBgOG6KmSDOA7qnNWuktcu8wV1ttoR14z+AjJWDPiXcn4mrhn9JeTcF0x86TmF0Iy+VKp2hFy055WUCYZoIhkqVTuyop7mR4ReQUXrYCG9aEaVNBH+92TGhq4pDJaqHSHjN1gUITeqpkDAYKnaEfKPAjVScuprKaBoqnaCzGhAHf8P8XO+2hEwVTtB2hX4b6kSIqvUoZ1MDhksgA5QVTluwS50mCigslJUY1sRv2f8WtBU7QxVZkPHMMg8nRYwaKp2hkrC9uD3pFZTCUKAxRcaamaBdluRs0PigRCLLzSUt0N7rOn58t0gBlmboKHWDdGaIV2Yu93LGZGA5LIa2jHXprXvOiQ2g6dqF1AOD+4hZ5Zk+hf9RpvH/NpgBuXx4FkHdofttpjltxsrKKBfFa3QvhRFC7SxaLHZf3ZQFPQZ6E+YxkPFyqECb6naBdRcAR9X4bcWqQX0rqIVer6nuEvC+mMUPmb095DFQawR0FUCfIeJA+T8UHHDMLMorsDPjP4eckAUn06AG/o5gtgg27bqKAd/03t8AtK1NuWl+ytTAYUXXxBVMkdWPQXCPkmJVK2kfBU6IKrvxIS9uhcwSJg4Qk7a1d+EguejbpBffIGQmbRGy/qpTT9AqnYJ7fo17tzXVVTotkS96BEyCdP5dFlLK/LDqZi4DeaQKxF6ravj4ggmD3Kp2hWmezEuaSq+1rSFR3kFU7XrXpIv0L3TIAUzjRq+A8OLDebQpVvti7Dr9PUE073iGhp/AjLWZHCJcmt3O+8ffdZV/5CHMHGCOXZo9pKX5fpjPPz73etvJrOyscbtCFboNUHZz3l6ChMn6OMkA5cfLrvBU5g4weyRsf5yghKfNljAXNZieNGPNn5tMIeZKPREXubbBguYI0wCX/P0b4MFXIFQ4MO6vlK1W5htIe79aQAbLOBWlFybRTABuQ37qlUaU/yHiTPssqBLbxNwBCugBKq+6UeXIGHiDO/E7b97pfuGRDBMXMDfYeZmFGH9UTBMnKny73dhi/CGLXEbVPahvEeFd6R5EpAp8B+0yPxK0Uuq8Bo/HzZYwHzNM2dQJoGDO4g8eNEzsFJv/8VL9qvLOd5UNAdembiw+9B1E29PcfVtaV1WsDcbC2uEf5p4qnYPMsUM0/LUTNGeXxXNgYnHD4O1/ji2l2ifcIZPJ3NCvfS51bsctrVGZxFy/IWJK2DyUbBYKmv+KQiupxEMIyC8t+3Mn2WT61+1NYMXEZ+a8CrVFQr3d2RUm7w1r62y+/qy3IAbFyIRUFvEjO/+R+1zPllO5vtNp6/yLBd0QqloAcyTnSBXUNdEw92UQqQSa4bJfhlz3FVGSmC268mMNLRwBd2VkHzfIt/wsMJik6UGm7BO9Jo6PlpghavKnSO6GrmXEb14NPQInp+bEkGQuKeL7vg2oyPxoScXvKycyDcUWIx0RurA44huXnHAjLynR3/8JtqbyMKR2p0jyRjPHkC+jDe7U2v9mO3vlvYS3t5N8DUR3FklQ3Oi2DR7wXiuPNUQJ6+zvbpQMdrs2ELOQ9BNt7x3HW6WD6ebNN23dF177y/Gvelo2hsv+u+dedr4JcLd0O4+SDx48uTJEwn+AzoBoqGPZHDsAAAAAElFTkSuQmCC";
                    }
                    $image = "<div style='display:inline-block; min-width:40px; background-image:url($preview); background-size:cover; background-position:;center; margin-right:5px;'>.</div>";
                }
                $text = $message['text'];
                if (empty($text)) {
                    if (is_numeric(strpos($message['ftype'], "image"))) {
                        $text = "Imagen";
                    } else {
                        $text = "Archivo";
                    }
                }
                echo "<div class='pinned-message' style='border-bottom:1px solid " . $message['color'] . "' onClick='document.getElementById(\"" . $message['id'] . "\").scrollIntoView();'>
					<div style='display:flex;'>
						$image 
						<div style=''><b style='color:" . $message['color'] . ";'>Mensaje Fijado</b>
							<div style='color:black; width:100%; height:1em; overflow:hidden;'>" . $text . "</div>
						
						</div>
					</div>
					</div>";
            }
        break;
        case "unpinmessage":
            PDO_Execute("UPDATE message SET pinned = 0 WHERE id = $id");
        break;
        case "deletechat":
            $messages = PDO_FetchAll("SELECT id from message WHERE chat_id = $id");
            foreach ($messages as $msg) {
                PDO_Execute("DELETE FROM urlpreview WHERE message_id = " . $msg['id']);
                PDO_Execute("DELETE FROM attachment WHERE message_id = " . $msg['id']);
                PDO_Execute("DELETE FROM todo WHERE message_id = " . $msg['id']);
                PDO_Execute("DELETE FROM reminder WHERE message_id = " . $msg['id']);
            }
            PDO_Execute("DELETE FROM message WHERE chat_id = $id");
            PDO_Execute("DELETE FROM chat WHERE id = $id");
            PDO_Execute("VACUUM");
            include "system/sidebar.php";
        break;
        case "getpage":
            include "./pages/$id.php";
        break;
        case "getmsg":
            $text = html_entity_decode(PDO_FetchAll("SELECT * FROM message WHERE id = $id") [0]['text']);
            $matches = [];
            preg_match_all('/^>>.*/m', $text, $matches);
            if (!empty($matches[0])) {
                $todo = PDO_FetchAll("SELECT * FROM todo where message_id = " . $id);
                $c = 0;
                foreach ($matches[0] as $match) {
                    $match = str_replace("<br />", "", $match);
                    if (is_numeric(strpos($match, ">>>"))) {
                        $cleanmatch = trim(str_replace(">", "", $match));
                        if ($cleanmatch == html_entity_decode($todo[$c]['text'])) {
                            if ($todo[$c]['completed'] == "false") {
                                $text = str_replace_once($text, trim($match), ">> " . trim(html_entity_decode($todo[$c]['text'])));
                            }
                        }
                    } else {
                        $cleanmatch = trim(str_replace(">", "", $match));
                        if ($cleanmatch == html_entity_decode($todo[$c]['text'])) {
                            if ($todo[$c]['completed'] == "true") {
                                $text = str_replace_once($text, trim($match), ">>> " . trim(html_entity_decode($todo[$c]['text'])));
                            }
                        }
                    }
                    $c++;
                }
            }
            echo $text;
        break;
        case "getmessages":
            include "system/getmessages.php";
        break;
        case "search":
            include "system/search.php";
        break;
        case "getstring":
            echo (isset($loc_string[$id]) ? $loc_string[$id] : "");
        break;
        case "getmessage":
            include "system/getmessage.php";
            $message = PDO_FetchAll("SELECT message.*,urlpreview.url,urlpreview.site,urlpreview.title,urlpreview.desc,urlpreview.image,attachment.name as fname,attachment.type as ftype,attachment.size as fsize, reminder.date as reminder, reminder.active FROM message LEFT JOIN urlpreview ON urlpreview.message_id = message.id LEFT JOIN attachment ON attachment.message_id = message.id LEFT JOIN reminder ON reminder.message_id = message.id WHERE message.id = $id") [0];
            echo renderMessage($message);
        break;
        case "checkreminders":
            echo date("h:i", time());
            @$reminder = PDO_FetchAll("select message.*,chat.name as chat from reminder LEFT JOIN message on message.id = reminder.message_id LEFT JOIN chat on chat.id = message.chat_id where reminder.date < " . time() . " AND reminder.active = 1") [0];
            if (!empty($reminder)) {
				
				@$text = explode("\n",$reminder['text'])[0];
				
                PDO_Execute("UPDATE reminder SET active = 0 WHERE message_id = " . $reminder['id']);
                if ($system['os'] == "w") {
                    exec("nircmd trayballoon \"" . $reminder['chat'] . "\" \"" . $text . "\" \"shell32.dll,16783\" 15000");
                } else {
                    exec("zenity --warning --text=\"" . $text . "\" --title=\"" . $reminder['chat'] . "\" --display=:0");
                }
            }
        break;
        case "toggleTodo":
            $todo = PDO_FetchAll("SELECT completed FROM todo where id = " . $id) [0]['completed'];
            if ($todo == "true") {
                echo "1";
                PDO_Execute("UPDATE todo SET completed = \"false\" WHERE id = " . $id);
            } else {
                echo "2";
                PDO_Execute("UPDATE todo SET completed = \"true\" WHERE id = " . $id);
            }
        break;
        case "getdialog":
            include "system/dialog.php";
        break;
        case "setlocale":
            $settings['locale'] = $_GET['value'];
            
            unset($settings['locale_not_set']);
            
            if ($system['os'] == "w") {
	            $sfile = file_get_contents($system['workdir'] . "settings.php");
	            if (!is_numeric(strpos($sfile, "path"))) {
	                unset($settings['path']);
	            }
	        }
	        
            if ($system['os'] == "w") {
                copy($system['workdir'] . "settings.php", $system['workdir'] . "settings_bak.php");
                file_put_contents($system['workdir'] . "settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
            } else {
                file_put_contents("$home_dir/.local/share/notebubble/settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
            }
            header("location: index.php?localeset=true");
        break;
        case "movedatabase":
            $path = $_GET['path'];
            $onlyloc = $_GET['onlyloc'];
            if ($path != $settings['path'] && !empty($path)) {
                $PDO = null;
                if ($onlyloc == "false") {
                    rename($settings['path'] . "database.db", $path . "database.db");
                }
                $settings['path'] = $path;
                if ($system['os'] == "w") {
                    copy($system['workdir'] . "settings.php", $system['workdir'] . "settings_bak.php");
                    file_put_contents($system['workdir'] . "settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
                } else {
                    copy("$home_dir/.local/share/notebubble/settings.php", "$home_dir/.local/share/notebubble/settings_bak.php");
                    file_put_contents("$home_dir/.local/share/notebubble/settings.php", "<?php\r\n" . '$settings = ' . var_export($settings, true) . ";");
                }
            }
        break;
    }
}
?>