prepare("SELECT id FROM $table WHERE id = ?"); $check->execute([$id]); if ($check->fetch()) { $type = $t; break; } } } if (!$type) redirect('index.php'); $table_mail = $type . '_mail'; $table_attachments = $type . '_attachments'; $table_comments = $type . '_comments'; $stmt = db()->prepare("SELECT m.*, u1.full_name as assigned_name, u2.full_name as creator_name, s.name as status_name, s.color as status_color FROM $table_mail m LEFT JOIN users u1 ON m.assigned_to = u1.id LEFT JOIN users u2 ON m.created_by = u2.id LEFT JOIN mailbox_statuses s ON m.status_id = s.id WHERE m.id = ?"); $stmt->execute([$id]); $mail = $stmt->fetch(); if (!$mail) redirect('index.php'); // Add back the type for logic below $mail['type'] = $type; // Check if user has view permission for this mail type if (!canView($type)) { redirect('index.php'); } // Security check for internal mail: only sender or recipient can view if ($type === 'internal') { if ($mail['created_by'] != $_SESSION['user_id'] && $mail['assigned_to'] != $_SESSION['user_id']) { redirect('internal_inbox.php'); } } $success = ''; $error = ''; // Handle Comment submission if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['add_comment'])) { if ($type !== 'internal' && !canEdit($type)) { $error = 'عذراً، ليس لديك الصلاحية لإضافة تعليقات'; } else { $comment = $_POST['comment'] ?? ''; $referred_user_id = $_POST['referred_user_id'] ?: null; if ($comment) { $stmt = db()->prepare("INSERT INTO $table_comments (mail_id, user_id, comment, referred_user_id) VALUES (?, ?, ?, ?)"); $stmt->execute([$id, $_SESSION['user_id'], $comment, $referred_user_id]); // Send email notification if referred if ($referred_user_id) { $stmt_u = db()->prepare("SELECT email, full_name FROM users WHERE id = ?"); $stmt_u->execute([$referred_user_id]); $referred_user = $stmt_u->fetch(); if ($referred_user && !empty($referred_user['email'])) { $sender_name = $_SESSION['name'] ?? 'زميلك'; $mail_subject = "إحالة بريد: " . $mail['subject']; $mail_link = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]" . dirname($_SERVER['PHP_SELF']) . "/view_mail.php?id=" . $id . "&type=" . $type; $html = "

مرحباً " . htmlspecialchars($referred_user['full_name']) . "

قام " . htmlspecialchars($sender_name) . " بإحالة بريد إليك مع التعليق التالي:

" . nl2br(htmlspecialchars($comment)) . "

تفاصيل البريد:

عرض البريد

"; $txt = "قام {$sender_name} بإحالة بريد إليك: {$mail['subject']}\n\nالتعليق: {$comment}\n\nعرض البريد: {$mail_link}"; MailService::sendMail($referred_user['email'], $mail_subject, $html, $txt); } } $_SESSION['success'] = 'تم إضافة التعليق بنجاح'; redirect("view_mail.php?id=$id&type=$type"); } } } // Handle Attachment upload if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['attachment'])) { if ($type !== 'internal' && !canEdit($type)) { $error = 'عذراً، ليس لديك الصلاحية لرفع مرفقات'; } else { $file = $_FILES['attachment']; $display_name = $_POST['display_name'] ?? ''; if ($file['error'] === 0) { $upload_dir = 'uploads/attachments/'; if (!is_dir($upload_dir)) mkdir($upload_dir, 0777, true); $file_name = time() . '_' . basename($file['name']); $target_path = $upload_dir . $file_name; if (move_uploaded_file($file['tmp_name'], $target_path)) { $stmt = db()->prepare("INSERT INTO $table_attachments (mail_id, display_name, file_path, file_name, file_size) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$id, $display_name, $target_path, $file['name'], $file['size']]); $_SESSION['success'] = 'تم رفع الملف بنجاح'; redirect("view_mail.php?id=$id&type=$type"); } else { $error = 'فشل في رفع الملف'; } } } } // Handle Attachment deletion if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_attachment'])) { if ($type !== 'internal' && !canDelete($type)) { $error = 'عذراً، ليس لديك الصلاحية لحذف المرفقات'; } else { $attachment_id = $_POST['attachment_id'] ?? 0; if ($attachment_id) { $stmt = db()->prepare("SELECT * FROM $table_attachments WHERE id = ?"); $stmt->execute([$attachment_id]); $attachment = $stmt->fetch(); if ($attachment) { if (file_exists($attachment['file_path'])) { unlink($attachment['file_path']); } $stmt = db()->prepare("DELETE FROM $table_attachments WHERE id = ?"); $stmt->execute([$attachment_id]); $_SESSION['success'] = 'تم حذف المرفق بنجاح'; redirect("view_mail.php?id=$id&type=$type"); } } } } // Get session messages if (isset($_SESSION['success'])) { $success = $_SESSION['success']; unset($_SESSION['success']); } if (isset($_SESSION['error'])) { $error = $_SESSION['error']; unset($_SESSION['error']); } $comments_stmt = db()->prepare("SELECT c.*, u.full_name, ru.full_name as referred_name FROM $table_comments c LEFT JOIN users u ON c.user_id = u.id LEFT JOIN users ru ON c.referred_user_id = ru.id WHERE c.mail_id = ? ORDER BY c.created_at DESC"); $comments_stmt->execute([$id]); $mail_comments = $comments_stmt->fetchAll(); $attachments_stmt = db()->prepare("SELECT * FROM $table_attachments WHERE mail_id = ? ORDER BY created_at DESC"); $attachments_stmt->execute([$id]); $mail_attachments = $attachments_stmt->fetchAll(); // Fetch all users for referral dropdown $stmt_users = db()->prepare("SELECT id, full_name, role FROM users WHERE id != ? ORDER BY full_name ASC"); $stmt_users->execute([$_SESSION['user_id']]); $all_users = $stmt_users->fetchAll(); function isPreviewable($fileName) { $ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); return in_array($ext, ['pdf', 'png', 'jpg', 'jpeg', 'gif', 'webp']); } $type_label = 'بريد وارد'; if ($type == 'outbound') $type_label = 'بريد صادر'; if ($type == 'internal') $type_label = 'رسالة داخلية'; $back_link = $type . '.php'; if ($type == 'internal') { $back_link = ($mail['created_by'] == $_SESSION['user_id']) ? 'internal_outbox.php' : 'internal_inbox.php'; } ?>

تفاصيل

عودة للقائمة تعديل البيانات طباعة طباعة
المعلومات الأساسية

غير محدد

لا يوجد محتوى إضافي'; } else { echo nl2br(htmlspecialchars($mail['description'] ?: 'لا يوجد محتوى إضافي')); } ?>

الردود والمتابعة
إحالة إلى:

لا توجد ردود بعد

المرفقات
KB

لا توجد مرفقات