From c6cb25129c14368aeda53056d25d05789260964e Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Sat, 28 Feb 2026 07:59:16 +0000
Subject: [PATCH] installation

---
 inbound.php          | 90 ++++++++++++++++++++++++++++++++------------
 includes/footer.php  |  6 +++
 internal_outbox.php  | 25 +++++++++---
 mail/MailService.php |  6 ++-
 outbound.php         | 13 +++++--
 5 files changed, 107 insertions(+), 33 deletions(-)

diff --git a/inbound.php b/inbound.php
index 605747e..bbd4575 100644
--- a/inbound.php
+++ b/inbound.php
@@ -70,6 +70,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         $id = $_POST['id'] ?? 0;
 
         if ($ref_no && $subject) {
+            $should_notify = false;
             try {
                 db()->beginTransaction();
                 if ($action === 'add') {
@@ -78,7 +79,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                     $mail_id = db()->lastInsertId();
                     
                     if ($assigned_to) {
-                        sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                        $should_notify = true;
                     }
                     
                     $_SESSION['success'] = 'تمت إضافة البريد بنجاح';
@@ -93,7 +94,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                     $stmt->execute([$ref_no, $date_registered, $due_date, $sender, $recipient, $subject, $description, $status_id, $assigned_to, $id]);
                     
                     if ($assigned_to && $assigned_to != $old_assigned_to) {
-                        sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                        $should_notify = true;
                     }
                     
                     $_SESSION['success'] = 'تم تحديث البيانات بنجاح';
@@ -117,9 +118,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                 }
 
                 db()->commit();
+                
+                // Notify after commit to avoid holding locks during email sending
+                if ($should_notify) {
+                    sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                }
+                
                 redirect('inbound.php');
             } catch (PDOException $e) {
-                db()->rollBack();
+                if (db()->inTransaction()) db()->rollBack();
                 if ($e->getCode() == 23000) {
                     $error = 'رقم القيد مستخدم مسبقاً';
                 } else {
@@ -404,7 +411,7 @@ function getStatusBadgeInList($mail) {
                         </div>
                         <div class="col-12">
                             <label class="form-label fw-bold">الوصف / ملاحظات</label>
-                            <textarea name="description" id="modalDescription" class="form-control" rows="3"></textarea>
+                            <textarea name="description" id="modalDescription" class="form-control" rows="5"></textarea>
                         </div>
                         <div class="col-12">
                             <label class="form-label fw-bold">المرفقات</label>
@@ -445,8 +452,27 @@ function getStatusBadgeInList($mail) {
 </div>
 
 <script>
+let descriptionEditor;
 let mailModal;
 
+function initEditors() {
+    if (typeof ClassicEditor === 'undefined') {
+        console.error('CKEditor not loaded');
+        return Promise.resolve();
+    }
+    
+    const config = {
+        language: 'ar',
+        toolbar: ['heading', '|', 'bold', 'italic', 'link', 'bulletedList', 'numberedList', 'undo', 'redo']
+    };
+
+    return ClassicEditor.create(document.querySelector('#modalDescription'), config)
+        .then(editor => { descriptionEditor = editor; })
+        .catch(err => {
+            console.error('CKEditor Init Error:', err);
+        });
+}
+
 function openMailModal(action, data = null) {
     if (!mailModal) {
         const modalEl = document.getElementById('mailModal');
@@ -469,7 +495,6 @@ function openMailModal(action, data = null) {
         sender: document.getElementById('modalSender'),
         recipient: document.getElementById('modalRecipient'),
         subject: document.getElementById('modalSubject'),
-        description: document.getElementById('modalDescription'),
         status_id: document.getElementById('modalStatusId'),
         assigned_to: document.getElementById('modalAssignedTo')
     };
@@ -487,37 +512,49 @@ function openMailModal(action, data = null) {
                 else fields[key].value = '';
             }
         });
+
+        if (descriptionEditor) descriptionEditor.setData('');
+        else document.getElementById('modalDescription').value = '';
     } else {
         label.textContent = 'تعديل البريد الوارد';
         modalId.value = data.id;
         Object.keys(fields).forEach(key => {
             if (fields[key]) fields[key].value = data[key] || '';
         });
+
+        if (descriptionEditor) descriptionEditor.setData(data.description || '');
+        else document.getElementById('modalDescription').value = data.description || '';
     }
     
     mailModal.show();
 }
 
 document.addEventListener('DOMContentLoaded', function() {
-    <?php if ($deepLinkData): ?>
-        openMailModal('edit', <?= json_encode($deepLinkData) ?>);
-    <?php elseif ($error && isset($_POST['action'])): ?>
-        const errorData = <?= json_encode([
-            'id' => $_POST['id'] ?? 0,
-            'ref_no' => $_POST['ref_no'] ?? '',
-            'date_registered' => $_POST['date_registered'] ?? date('Y-m-d'),
-            'due_date' => $_POST['due_date'] ?? '',
-            'sender' => $_POST['sender'] ?? '',
-            'recipient' => $_POST['recipient'] ?? '',
-            'subject' => $_POST['subject'] ?? '',
-            'description' => $_POST['description'] ?? '',
-            'status_id' => $_POST['status_id'] ?? $default_status_id,
-            'assigned_to' => $_POST['assigned_to'] ?? ''
-        ]) ?>;
-        openMailModal('<?= $_POST['action'] ?>', errorData);
-    <?php elseif (isset($_GET['action']) && $_GET['action'] === 'add'): ?>
-        openMailModal('add');
-    <?php endif; ?>
+    initEditors().finally(() => {
+        <?php if ($deepLinkData): ?>
+            openMailModal('edit', <?= json_encode($deepLinkData) ?>);
+        <?php elseif ($error && isset($_POST['action'])): ?>
+            const errorData = <?= json_encode([
+                'id' => $_POST['id'] ?? 0,
+                'ref_no' => $_POST['ref_no'] ?? '',
+                'date_registered' => $_POST['date_registered'] ?? date('Y-m-d'),
+                'due_date' => $_POST['due_date'] ?? '',
+                'sender' => $_POST['sender'] ?? '',
+                'recipient' => $_POST['recipient'] ?? '',
+                'subject' => $_POST['subject'] ?? '',
+                'description' => $_POST['description'] ?? '',
+                'status_id' => $_POST['status_id'] ?? $default_status_id,
+                'assigned_to' => $_POST['assigned_to'] ?? ''
+            ]) ?>;
+            openMailModal('<?= $_POST['action'] ?>', errorData);
+        <?php elseif (isset($_GET['action']) && $_GET['action'] === 'add'): ?>
+            openMailModal('add');
+        <?php endif; ?>
+    });
+
+    document.getElementById('mailForm').addEventListener('submit', function() {
+        if (descriptionEditor) descriptionEditor.updateSourceElement();
+    });
 });
 
 function confirmDelete(id) {
@@ -546,6 +583,11 @@ function confirmDelete(id) {
 <?php endif; ?>
 
 <style>
+    .ck-editor__editable_inline {
+        min-height: 250px;
+        direction: rtl;
+        text-align: right;
+    }
     .modal-content {
         border-radius: 15px;
         overflow: hidden;
diff --git a/includes/footer.php b/includes/footer.php
index 89e5306..8e8e6c7 100644
--- a/includes/footer.php
+++ b/includes/footer.php
@@ -38,7 +38,13 @@
     }
 </style>
 
+<!-- Bootstrap Bundle -->
 <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
+<!-- CKEditor -->
+<script src="https://cdn.ckeditor.com/ckeditor5/40.0.0/classic/ckeditor.js"></script>
+<!-- SweetAlert2 -->
+<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+<!-- Main App JS -->
 <script src="assets/js/main.js?v=<?= time() ?>"></script>
 <script>
     // Sidebar Toggle for Mobile
diff --git a/internal_outbox.php b/internal_outbox.php
index 0d6da21..e5a3c8a 100644
--- a/internal_outbox.php
+++ b/internal_outbox.php
@@ -24,6 +24,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
         $default_status_id = db()->query("SELECT id FROM mailbox_statuses WHERE is_default = 1 LIMIT 1")->fetchColumn() ?: 1;
 
         if ($recipient_id && $subject) {
+            $should_notify = false;
+            $recipient_email = '';
             try {
                 db()->beginTransaction();
                 $stmt = db()->prepare("INSERT INTO mailbox (type, ref_no, date_registered, subject, description, status_id, assigned_to, created_by) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
@@ -47,12 +49,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
                     }
                 }
                 
-                // Notify recipient
+                // Get recipient info for notification
                 $stmt_recp = db()->prepare("SELECT full_name, email FROM users WHERE id = ?");
                 $stmt_recp->execute([$recipient_id]);
                 $recipient = $stmt_recp->fetch();
                 
                 if ($recipient && !empty($recipient['email'])) {
+                    $should_notify = true;
+                    $recipient_email = $recipient['email'];
+                }
+                
+                db()->commit();
+
+                // Notify after commit
+                if ($should_notify) {
                     $email_subject = "رسالة داخلية جديدة من " . $_SESSION['name'];
                     $htmlBody = "
                         <div dir='rtl' style='font-family: Arial, sans-serif;'>
@@ -65,14 +75,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
                             <p>يمكنك الرد من خلال النظام.</p>
                         </div>
                     ";
-                    MailService::sendMail($recipient['email'], $email_subject, $htmlBody);
+                    MailService::sendMail($recipient_email, $email_subject, $htmlBody);
                 }
                 
-                db()->commit();
                 $_SESSION['success'] = 'تم إرسال الرسالة بنجاح';
                 redirect('internal_outbox.php');
             } catch (PDOException $e) {
-                db()->rollBack();
+                if (db()->inTransaction()) db()->rollBack();
                 $error = 'حدث خطأ: ' . $e->getMessage();
             }
         } else {
@@ -271,7 +280,7 @@ function getStatusBadgeInternal($mail) {
                         <div class="col-md-12">
                             <label class="form-label fw-bold">إلى <span class="text-danger">*</span></label>
                             <select name="recipient_id" class="form-select border-2" required>
-                                <option value="">-- اختر המوظف --</option>
+                                <option value="">-- اختر الموظف --</option>
                                 <?php foreach ($users_list as $u): ?>
                                     <option value="<?= $u['id'] ?>"><?= htmlspecialchars($u['full_name'] . ' (@' . $u['username'] . ')') ?></option>
                                 <?php endforeach; ?>
@@ -301,6 +310,7 @@ function getStatusBadgeInternal($mail) {
 </div>
 
 <script>
+let composeEditor;
 document.addEventListener('DOMContentLoaded', function() {
     if (typeof ClassicEditor !== 'undefined') {
         ClassicEditor
@@ -310,6 +320,7 @@ document.addEventListener('DOMContentLoaded', function() {
                 direction: 'rtl'
             })
             .then(editor => {
+                composeEditor = editor;
                 // Force RTL style on editable area
                 editor.ui.view.editable.element.style.direction = 'rtl';
                 editor.ui.view.editable.element.style.textAlign = 'right';
@@ -319,6 +330,10 @@ document.addEventListener('DOMContentLoaded', function() {
             });
     }
 
+    document.getElementById('composeForm').addEventListener('submit', function() {
+        if (composeEditor) composeEditor.updateSourceElement();
+    });
+
     <?php if (isset($_GET['action']) && $_GET['action'] === 'compose'): ?>
         var myModal = new bootstrap.Modal(document.getElementById('composeModal'));
         myModal.show();
diff --git a/mail/MailService.php b/mail/MailService.php
index b922e84..3fac56c 100644
--- a/mail/MailService.php
+++ b/mail/MailService.php
@@ -60,6 +60,10 @@ class MailService
             $mail->SMTPAuth   = true;
             $mail->Username   = $cfg['smtp_user'] ?? '';
             $mail->Password   = $cfg['smtp_pass'] ?? '';
+            
+            // Set timeout to 10 seconds to prevent long hangs
+            $mail->Timeout    = 10;
+            $mail->SMTPKeepAlive = false;
 
             $fromEmail = $opts['from_email'] ?? ($cfg['from_email'] ?? 'no-reply@localhost');
             $fromName  = $opts['from_name']  ?? ($cfg['from_name']  ?? 'App');
@@ -184,4 +188,4 @@ class MailService
         
         return self::sendMail($to, $subject, $html, $message, ['reply_to' => $email]);
     }
-}
+}
\ No newline at end of file
diff --git a/outbound.php b/outbound.php
index efeb0b8..551f99a 100644
--- a/outbound.php
+++ b/outbound.php
@@ -82,6 +82,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         $id = $_POST['id'] ?? 0;
 
         if ($ref_no && $subject) {
+            $should_notify = false;
             try {
                 db()->beginTransaction();
                 if ($action === 'add') {
@@ -90,7 +91,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                     $mail_id = db()->lastInsertId();
                     
                     if ($assigned_to) {
-                        sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                        $should_notify = true;
                     }
                     
                     $_SESSION['success'] = 'تمت إضافة البريد الصادر بنجاح';
@@ -106,7 +107,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                     $stmt->execute([$ref_no, $date_registered, $due_date, $sender, $recipient, $subject, $description, $status_id, $assigned_to, $mail_id]);
                     
                     if ($assigned_to && $assigned_to != $old_assigned_to) {
-                        sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                        $should_notify = true;
                     }
                     
                     $_SESSION['success'] = 'تم تحديث البيانات بنجاح';
@@ -130,9 +131,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                 }
 
                 db()->commit();
+                
+                // Notify after commit
+                if ($should_notify) {
+                    sendAssignmentNotification($assigned_to, $ref_no, $subject);
+                }
+                
                 redirect('outbound.php');
             } catch (PDOException $e) {
-                db()->rollBack();
+                if (db()->inTransaction()) db()->rollBack();
                 if ($e->getCode() == 23000) {
                     $error = 'رقم القيد مستخدم مسبقاً';
                 } else {