<?php

class ModelSearchMessage extends Model {

   public $encoding_aliases = array(
                                     'GB2312'   => 'GBK',
                                     'GB231280' => 'GBK'
                                   );


   public function verify_message($id = '', $data = '') {
      if($id == '') { return 0; }

      $q = $this->db->query("SELECT `size`, `hlen`, `digest`, `bodydigest`,`attachments` FROM " . TABLE_META . " WHERE piler_id=?", array($id));

      $digest = $q->row['digest'];
      $bodydigest = $q->row['bodydigest'];
      $size = $q->row['size'];
      $hlen = $q->row['hlen'];
      $attachments = $q->row['attachments'];

      $_digest = openssl_digest($data, "SHA256");
      $_bodydigest = openssl_digest(substr($data, $hlen), "SHA256");

      if($_digest == $digest && $_bodydigest == $bodydigest) { return 1; }

      return 0;
   }


   public function get_file_size($sd, $id = '') {
      fputs($sd, "STAT $id\r\n");
      $s = fgets($sd, 8192);

      $a = explode(" ", $s);
      if(isset($a[2]) && $a[2] > 0) { return $a[2]; }

      return 0;
   }


   public function read_file($sd, $f = '', $size = 0) {
      global $start;
      $s = '';
      $len = 0;

      if($size <= 0) { return $s; }

      fputs($sd, "RETR $f\r\n");

      while(!safe_feof($sd, $start) && (microtime(true) - $start) < PILERGETD_TIMEOUT) {
         $s .= fread($sd, PILERGETD_READ_LENGTH);
         $len += PILERGETD_READ_LENGTH;
         if($len >= $size) break;
      }

      return $s;
   }


   public function connect_to_pilergetd() {
      if(PILERGETD_HOST) {
         $sd = fsockopen(PILERGETD_HOST, PILERGETD_PORT);
         if(!$sd) { return FALSE; }

         $l = fgets($sd, 4096);

         if(substr(PILERGETD_HOST, 0, 6) == 'ssl://') {
            fputs($sd, "AUTH " . PILERGETD_PASSWORD . "\r\n");
            $l = fgets($sd, 4096);
         }

         Registry::set('sd', $sd);
      }
   }


   public function disconnect_from_pilergetd() {
      if(PILERGETD_HOST) {
         $sd = Registry::get('sd');

         fputs($sd, "QUIT\r\n");

         fclose($sd);
      }
   }


   public function get_raw_message($id = '') {
      $s = '';

      if($id == '' || !preg_match("/^([0-9a-f]+)$/", $id)) { return $s; }

      if(PILERGETD_HOST) {

         $sd = Registry::get('sd');

         fputs($sd, "MESSAGE $id\r\n");

         $l = fgets($sd, 8192);
         $message = explode(" ", rtrim($l));

         while(list($k, $v) = each($message)) {
            if($k == 0) {
               $size = $this->get_file_size($sd, $v);

               $s = $this->read_file($sd, $v, $size);
               $s = gzuncompress($s);
            }
            else {
               $size = $this->get_file_size($sd, $v);
               $a = $this->read_file($sd, $v, $size);
               $a = gzuncompress($a);

               $repl = "ATTACHMENT_POINTER_" . $id . ".a" . $k . "_XXX_PILER";

               $s = preg_replace("/$repl/", $a, $s);

               $a = '';
            }
         }
      }
      else {
         $handle = popen(DECRYPT_BINARY . " $id", "r");
         while(($buf = fread($handle, DECRYPT_BUFFER_LENGTH))) {
            $s .= $buf;
         }
         pclose($handle);

         if($s == '') {
            $handle = popen(DECRYPT_BINARY . " $id nocrypt", "r");
            while(($buf = fread($handle, DECRYPT_BUFFER_LENGTH))) {
               $s .= $buf;
            }
            pclose($handle);
         }
      }


      if(Registry::get('auditor_user') == 0 && HEADER_LINE_TO_HIDE) {
         $s = preg_replace("/" . HEADER_LINE_TO_HIDE . ".{1,}(\n(\ |\t){1,}.{1,}){0,}" . "\n/i", "", $s);
      }

      return $s;
   }


   public function get_attachment($piler_id = '', $attachment_id = '') {
      $data = '';

      if($piler_id == '' || $attachment_id == '' || !preg_match("/^([0-9a-f]+)$/", $piler_id) || !preg_match("/^([0-9m]+)$/", $attachment_id)) { return $data; }

      if(PILERGETD_HOST) {
         $sd = fsockopen(PILERGETD_HOST, PILERGETD_PORT);
         if(!$sd) { return $data; }

         $l = fgets($sd, 4096);

         $size = $this->get_file_size($sd, $piler_id . ".a" . $attachment_id);

         $data = $this->read_file($sd, $piler_id . ".a" . $attachment_id, $size);
         $data = gzuncompress($data);

         fclose($sd);
      }
      else {
         $handle = popen(DECRYPT_ATTACHMENT_BINARY . " $piler_id $attachment_id", "r");
         while(($buf = fread($handle, DECRYPT_BUFFER_LENGTH))){
            $data .= $buf;
         }
         pclose($handle);
      }

      /* check if it's a base64 encoded stuff */

      $s = substr($data, 0, 4096);
      $s = preg_replace("/(\r|\n)/", "", $s);

      if(!preg_match("/\s/", $s)) {
         return base64_decode(preg_replace("/\s/", "", $data));
      }

      return $data;
   }


   public function get_message_headers($id = '') {
      $data = '';

      $this->connect_to_pilergetd();
      $msg = $this->get_raw_message($id);
      $this->disconnect_from_pilergetd();

      $has_journal = $this->remove_journal($msg);

      if(Registry::get('auditor_user') == 0 && HEADER_LINE_TO_HIDE) {
         $msg = preg_replace("/" . HEADER_LINE_TO_HIDE . ".{1,}(\n(\ |\t){1,}.{1,}){0,}" . "\n/i", "", $msg);
      }

      $pos = strpos($msg, "\n\r\n");
      if($pos == false) {
         $pos = strpos($msg, "\n\n");
      }

      if($pos == false) { return $msg; }

      $data = substr($msg, 0, $pos);
      $msg = '';

      $data = preg_replace("/\</", "&lt;", $data);
      $data = preg_replace("/\>/", "&gt;", $data);

      return array('headers' => $data, 'has_journal' => $has_journal);
   }


   public function get_message_journal($id = '') {
      $data = '&lt; &gt;';
      $boundary = '';

      $this->connect_to_pilergetd();
      $msg = $this->get_raw_message($id);
      $this->disconnect_from_pilergetd();

      $hdr = substr($msg, 0, 8192);

      $s = preg_split("/\n/", $hdr);
      while(list($k, $v) = each($s)) {
         if(preg_match("/boundary\s{0,}=\s{0,}\"{0,}([\w\_\-\@\.]+)\"{0,}/i", $v, $m)) {
            if(isset($m[1])) { $boundary = $m[1]; break; }
         }
      }


      $p = strstr($msg, "\nX-MS-Journal-Report:");
      $msg = '';

      if($p) {

         $s = preg_split("/\n/", $p);

         $i=0; $j=0; $data = '';

         while(list($k, $v) = each($s)) {
            if(strstr($v, $boundary)) { $i++; }
            if($i > 0 && preg_match("/^\s{1,}$/", $v)) { $j++; }

            if($j == 1) {
               $data .= "$v\n";
            }

            if($i >= 2) { break; } 
         }

         $p = '';

         $data = preg_replace("/\</", "&lt;", $data);
         $data = preg_replace("/\>/", "&gt;", $data);

      }

      return $data;
   }


   public function remove_journal(&$msg = '') {
      $p = $q = '';
      $boundary = '';
      $has_journal = 0;

      $hdr = substr($msg, 0, 4096);

      $s = preg_split("/\n/", $hdr);
      while(list($k, $v) = each($s)) {
         if(preg_match("/boundary\s{0,}=\s{0,}\"{0,}([\w\_\-\@\.]+)\"{0,}/i", $v, $m)) {
            if(isset($m[1])) { $boundary = $m[1]; break; }
         }
      }

      $p = strstr($msg, "\nX-MS-Journal-Report:");

      if($p) {
         $has_journal = 1;

         $msg = '';
         $q = strstr($p, "Received: from");
         if($q) {
            $p = '';
            $msg = $q;
            $q = '';
         }
         else {
            $msg = $p;
            $p = '';
         }
      }

      if($boundary) {
         $msg = substr($msg, 0, strlen($msg) - strlen($boundary) - 6);
      }

      return $has_journal;
   }


   public function extract_message($id = '', $terms = '') {
      $header = "";
      $body_chunk = "";
      $is_header = 1;
      $state = "UNDEF";
      $b = array();
      $boundary = array();
      $text_plain = 1;
      $text_html = 0;
      $charset = "";
      $qp = $base64 = 0;
      $has_text_plain = 0;
      $rfc822 = 0;
      $_1st_header = 1;
      $verification = 1;

      $from = $to = $subject = $date = $text_message = $html_message = "";

      $this->connect_to_pilergetd();
      $msg = $this->get_raw_message($id);

      if(ENABLE_ON_THE_FLY_VERIFICATION == 0) {
         $verification = $this->verify_message($id, $msg);
      }

      $this->disconnect_from_pilergetd();

      $has_journal = $this->remove_journal($msg);

      $a = explode("\n", $msg); $msg = "";

      while(list($k, $l) = each($a)){
            $l .= "\n";

            if(($l[0] == "\r" && $l[1] == "\n" && $is_header == 1) || ($l[0] == "\n" && $is_header == 1) ){
               $is_header = $_1st_header = 0;

               if($rfc822 == 1) { $rfc822 = 0; $is_header = 1; }

            }

            if($is_header == 1 && preg_match("/^Content-Type:/i", $l)) $state = "CONTENT_TYPE";
            if($is_header == 1 && preg_match("/^Content-Transfer-Encoding:/i", $l)) $state = "CONTENT_TRANSFER_ENCODING";

            if($state == "CONTENT_TYPE"){

               $x = stristr($l, "boundary");
               if($x){

                  $s1 = explode(";", $x);
                  $x = $s1[0];

                  $x = preg_replace("/boundary\s{0,}=\s{0,}/i", "boundary=", $x);
                  //$x = preg_replace("/boundary= /i", "boundary=", $x);

                  $x = preg_replace("/\"\;{0,1}/", "", $x);
                  $x = preg_replace("/\'/", "", $x);

                  $b = explode("boundary=", $x);

                  $__boundary = rtrim($b[count($b)-1]);

                  if($__boundary) { array_push($boundary, $__boundary); }

               }

               if(preg_match("/charset/i", $l)){
                  $types = explode(";", $l);
                  foreach ($types as $type){
                     if(preg_match("/charset/i", $type)){
                        $type = preg_replace("/[\"\'\ ]/", "", $type);

                        $x = explode("=", $type);
                        $charset = rtrim(strtoupper($x[1]));

                        if(isset($this->encoding_aliases[$charset])) { $charset = $this->encoding_aliases[$charset]; }

                     }
                  }
               }

               if(strstr($l, "message/rfc822")) { $rfc822 = 1; }

               if(stristr($l, "text/plain")){ $text_plain = 1; $text_html = 0; $has_text_plain = 1; }
               if(stristr($l, "text/html")){ $text_html = 1; $text_plain = 0; }
            }

            if($state == "CONTENT_TRANSFER_ENCODING"){
               if(preg_match("/quoted-printable/i", $l)){ $qp = 1; }
               if(preg_match("/base64/i", $l)){ $base64 = 1; }
            }


            if($is_header == 1){
               if($l[0] != " " && $l[0] != "\t"){ $state = "UNDEF"; }
               if(preg_match("/^From:/i", $l)){ $state = "FROM"; }
               if(preg_match("/^To:/i", $l) || preg_match("/^Cc:/i", $l)){ $state = "TO"; }
               if(preg_match("/^Date:/i", $l)){ $state = "DATE"; }
               if(preg_match("/^Subject:/i", $l)){ $state = "SUBJECT"; }
               if(preg_match("/^Content-Type:/", $l)){ $state = "CONTENT_TYPE"; }
               if(preg_match("/^Content-Disposition:/", $l)){ $state = "CONTENT_DISPOSITION"; }

               $l = preg_replace("/</", "&lt;", $l);
               $l = preg_replace("/>/", "&gt;", $l);

               if($_1st_header == 1) {
                  if($state == "FROM"){ $from .= preg_replace("/\r|\n/", "", $l); }
                  if($state == "TO"){ $to .= preg_replace("/\r|\n/", "", $l); }
                  if($state == "SUBJECT"){ $subject .= preg_replace("/\r|\n/", "", $l); }
                  if($state == "DATE"){ $date .= preg_replace("/\r|\n/", "", $l); }
               }
            }
            else {

               if($this->check_boundary($boundary, $l) == 1){

                  if($text_plain == 1 || $has_text_plain == 0) {
                     $text_message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
                  }

                  if($text_html == 1) {
                     $html_message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
                  }

                  $text_plain = $text_html = $qp = $base64 = 0;

                  $charset = $body_chunk = "";

                  $is_header = 1;

                  continue;
               }

               else if(($l[0] == "\r" && $l[1] == "\n") || $l[0] == "\n"){
                  $state = "BODY";
                  $body_chunk .= $l;
               }

               else if($state == "BODY"){
                  if($text_plain == 1 || $text_html == 1){ $body_chunk .= $l; }
               }

            }


         }

      if($body_chunk) {
         if($text_plain == 1 || $has_text_plain == 0) {
            $text_message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
         }

         if($text_html == 1) {
            $html_message .= $this->flush_body_chunk($body_chunk, $charset, $qp, $base64, $text_plain, $text_html);
         }
      }


      if(strlen($html_message) > 20) {
         $message = $this->highlight_search_terms($html_message, $terms, 1);
      } else {
         $message = $this->highlight_search_terms($text_message, $terms);
      }

      return array('from' => $this->decode_my_str($from),
                   'to' => $this->decode_my_str($to),
                   'subject' => $this->highlight_search_terms($this->decode_my_str($subject), $terms),
                   'date' => $this->decode_my_str($date),
                   'message' => $message,
                   'has_journal' => $has_journal,
                   'verification' => $verification
            );
   }


   private function highlight_search_terms($s = '', $terms = '', $html = 0) {
      $fields = array("from:", "to:", "subject:", "body:");

      $terms = preg_replace("/(\'|\"|\=|\>|\<)/", "", $terms);

      $a = explode(" ", $terms);
      $terms = array();

      while(list($k, $v) = each($a)) {
         if(strlen($v) >= 3 && !in_array($v, $fields)) {
            //$v = preg_replace("/\W/", "", $v);
            if($v) { array_push($terms, $v); }
         }
      }

      if(count($terms) <= 0) { return $s; }


      if($html == 0) {
         while(list($k, $v) = each($terms)) {
            $s = preg_replace("/$v/i", "<span class=\"message_highlight\">$v</span>", $s);
         }

         return $s;
      }


      $tokens = preg_split("/\</", $s);
      $s = '';

      while(list($k, $token) = each($tokens)) {

         $pos = strpos($token, ">");
         if($pos > 0) {
            $len = strlen($token);

            $s .= '<' . substr($token, 0, $pos) . '>';

            if($len > $pos+1) {
               $str = substr($token, $pos+1, $len);

               reset($terms);
               while(list($k, $v) = each($terms)) {
                  $str = preg_replace("/$v/i", "<span class=\"message_highlight\">$v</span>", $str);
               }

               $s .= $str;
            }

         }
      }

      return $s;
   }


   private function check_boundary($boundary, $line) {

      for($i=0; $i<count($boundary); $i++){
         if(strstr($line, $boundary[$i])){
            return 1;
         }
      }

      return 0;
   }


   private function flush_body_chunk($chunk, $charset, $qp, $base64, $text_plain, $text_html) {

      if($qp == 1){
         $chunk = $this->qp_decode($chunk);
      }

      if($base64 == 1){
         $chunk = base64_decode($chunk);
      }

      if($charset && !preg_match("/utf-8/i", $charset)){
         $s = @iconv($charset, 'utf-8' . '//IGNORE', $chunk);
         if($s) { $chunk = $s; $s = ''; }
      }

      if($text_plain == 1){
         $chunk = preg_replace("/</", "&lt;", $chunk);
         $chunk = preg_replace("/>/", "&gt;", $chunk);

         $chunk = preg_replace("/\n/", "<br />\n", $chunk);
         $chunk = "\n" . $this->print_nicely($chunk);
      }

      if($text_html == 1){

         $h = preg_split("/\<style/i", $chunk);
         $chunk = '';

         for($i=0; $i<count($h); $i++) {
            $pos = stripos($h[$i], "</style>");
            if($pos != FALSE) {
               $s = substr($h[$i], $pos+8, strlen($h[$i]));
               $chunk .= $s . "\n";
            }
            else { $chunk .= $h[$i] . "\n"; }
         }


         if(ENABLE_REMOTE_IMAGES == 0) {
            $chunk = preg_replace("/style([\s]{0,}=[\s]{0,})\"([^\"]+)/", "style=\"xxxx", $chunk);
            $chunk = preg_replace("/style([\s]{0,}=[\s]{0,})\'([^\']+)/", "style='xxxx", $chunk);
         }

         $chunk = preg_replace("/\<body ([\w\s\;\"\'\#\d\:\-\=]+)\>/i", "<body>", $chunk);

         if(ENABLE_REMOTE_IMAGES == 0) { $chunk = preg_replace("/\<img([^\>]+)\>/i", "<img src=\"" . REMOTE_IMAGE_REPLACEMENT . "\" />", $chunk); }

         /* prevent scripts in the HTML part */

         $chunk = preg_replace("/document\.write/", "document.writeee", $chunk);
         $chunk = preg_replace("/<\s{0,}script([\w\W]+)\/script\s{0,}\>/i", "<!-- disabled javascript here -->", $chunk);
      }

      return $chunk;
   }


   private function print_nicely($chunk) {
      $k = 0;
      $nice_chunk = "";

      $x = explode(" ", $chunk);

      for($i=0; $i<count($x); $i++){
         $nice_chunk .= "$x[$i] ";
         $k += strlen($x[$i]);

         if(strstr($x[$i], "\n")){ $k = 0; }

         if($k > 70){ $nice_chunk .= "\n"; $k = 0; }
      }

      return $nice_chunk;
   }


   public function NiceSize($size) {
      if($size < 1000) return "1k";
      if($size < 100000) return round($size/1000) . "k";

      return sprintf("%.1f", $size/1000000) . "M";
   }


   private function qp_decode($l) {
      $res = "";
      $c = "";

      if($l == ""){ return ""; }

      /* remove soft breaks at the end of lines */

      if(preg_match("/\=\r\n/", $l)){ $l = preg_replace("/\=\r\n/", "", $l); }
      if(preg_match("/\=\n/", $l)){ $l = preg_replace("/\=\n/", "", $l); }

      for($i=0; $i<strlen($l); $i++){
         $c = $l[$i];

         if($c == '=' && ctype_xdigit($l[$i+1]) && ctype_xdigit($l[$i+2])){
            $a = $l[$i+1];
            $b = $l[$i+2];

            $c = chr(16*hexdec($a) + hexdec($b));

            $i += 2;
         }

         $res .= $c;

      }

      return $res;
   }


   public function decode_my_str($what = '') {
      $result = "";

      $what = rtrim($what);

      $a = preg_split("/\s/", $what);

      while(list($k, $v) = each($a)){
         $x = preg_match("/\?\=$/", $v);

         if( ($x == 0 && $k > 0) || ($x == 1 && $k == 1) ){
            $result .= " ";
         }

         $result .= $this->fix_encoded_string($v);
      }

      return $result;
   }


   private function fix_encoded_string($what = '') {
      $s = "";

      $what = rtrim($what, "\"\r\n");
      $what = ltrim($what, "\"");

      if(preg_match("/^\=\?/", $what) && preg_match("/\?\=$/", $what)){
         $what = preg_replace("/^\=\?/", "", $what);
         $what = preg_replace("/\?\=$/", "", $what);

         $encoding = strtoupper(substr($what, 0, strpos($what, '?')));
         if(isset($this->encoding_aliases[$encoding])) { $encoding = $this->encoding_aliases[$encoding]; }

         if(preg_match("/\?Q\?/i", $what)){
            $x = preg_replace("/^([\w\-]+)\?Q\?/i", "", $what);

            $s = quoted_printable_decode($x);
            $s = preg_replace("/_/", " ", $s);
         }

         if(preg_match("/\?B\?/i", $what)){
            $x = preg_replace("/^([\w\-]+)\?B\?/i", "", $what);

            $s = base64_decode($x);
            $s = preg_replace('/\0/', "*", $s);
         }

         if(!preg_match("/utf-8/i", $encoding)){
            $s = iconv($encoding, 'utf-8' . '//IGNORE', $s);
         }

      }
      else {
         $s = utf8_encode($what);
      }

      return $s;
   }


   public function get_piler_id_by_id($id = 0) {
      $query = $this->db->query("SELECT `piler_id` FROM `" . TABLE_META . "` WHERE id=?", array($id));
      if(isset($query->row['piler_id'])) { return $query->row['piler_id']; }
      return '';
   }


   public function get_id_by_piler_id($piler_id = '') {
      if($piler_id == '') { return -1; }

      $query = $this->db->query("SELECT `id` FROM `" . TABLE_META . "` WHERE piler_id=?", array($piler_id));
      if(isset($query->row['id'])) { return $query->row['id']; }

      return -1;
   }


   public function get_attachment_by_id($id = 0) {
      if($id <= 0) { return array(); }

      $query = $this->db->query("SELECT id, piler_id, attachment_id, name, type, ptr FROM " . TABLE_ATTACHMENT . " WHERE id=?", array($id));

      if(isset($query->row)) {
         $metaid = $this->get_id_by_piler_id($query->row['piler_id']);

         if($metaid > 0 && $this->model_search_search->check_your_permission_by_id($metaid) == 1) {
            if($query->row['ptr'] > 0) {
               $query = $this->db->query("SELECT id, piler_id, attachment_id, name, type FROM " . TABLE_ATTACHMENT . " WHERE id=?", array($query->row['ptr']));
            }

            $attachment = $this->get_attachment($query->row['piler_id'], $query->row['attachment_id']);

            return array('filename' => fix_evolution_mime_name_crap($query->row['name']), 'piler_id' => $query->row['piler_id'], 'attachment' => $attachment);
         }
      }

      return array();
   }


   public function get_attachment_list($piler_id = 0) {
      $data = array();

      if($piler_id == '') { return array(); }

      $query = $this->db->query("SELECT id, name, type, ptr FROM " . TABLE_ATTACHMENT . " WHERE piler_id=?", array($piler_id));

      if(!isset($query->rows)) { return array(); }

      foreach($query->rows as $q) {
         $q['name'] = fix_evolution_mime_name_crap($q['name']);
         array_push($data, $q);
      }

      return $data;
   }


   public function is_message_spam($id = 0) {
      $spam = 0;

      if($id > 0 && DEFAULT_RETENTION > 30) {
         $query = $this->db->query("SELECT spam FROM " . TABLE_META . " WHERE id=?", array($id));

         if(isset($query->row['spam'])) { $spam = $query->row['spam']; }
      }

      return $spam;
   }


   public function not_spam($id = 0) {

      if($id > 0) {
         $query = $this->db->query("UPDATE " . TABLE_META . " SET spam=0, retained=? WHERE id=?", array(NOW + (DEFAULT_RETENTION*86400), $id));
      }

   }


   public function get_message_tag($id = '', $uid = 0) {
      if($id == '' || $uid <= 0) { return ''; }

      $query = $this->db->query("SELECT `tag` FROM " . TABLE_TAG . " WHERE uid=? AND id=?", array($uid, $id));

      if(isset($query->row['tag'])) { return strip_tags($query->row['tag']); }

      return '';
   }


   public function add_message_tag($id = '', $uid = 0, $tag = '') {
      if($id == '' || $uid <= 0) { return 0; }

      if($tag == '') {
         $query = $this->db->query("DELETE FROM " . TABLE_TAG . " WHERE uid=? AND id=?", array($uid, $id));
      } else {
         $query = $this->db->query("UPDATE " . TABLE_TAG . " SET tag=? WHERE uid=? AND id=?", array($tag, $uid, $id));
         if($this->db->countAffected() == 0) {
            $query = $this->db->query("INSERT INTO " . TABLE_TAG . " (id, uid, tag) VALUES(?,?,?)", array($id, $uid, $tag));
         }
      }

      return 1;
   }


   public function bulk_add_message_tag($ids = array(), $uid = 0, $tag = '', $q = '') {
      $arr = array_merge(array($uid), $ids);

      $query = $this->db->query("DELETE FROM " . TABLE_TAG . " WHERE uid=? AND id IN ($q)", $arr);

      if($tag) {
         foreach ($ids as $id) {
            $query = $this->db->query("INSERT INTO " . TABLE_TAG . " (id, uid, tag) VALUES(?,?,?)", array($id, $uid, $tag));
         }
      } 
   }


   public function get_message_note($id = '', $uid = 0) {
      if($id == '' || $uid <= 0) { return ''; }

      $query = $this->db->query("SELECT `note` FROM " . TABLE_NOTE . " WHERE uid=? AND id=?", array($uid, $id));

      if(isset($query->row['note'])) { return strip_tags(urldecode($query->row['note'])); }

      return '';
   }


   public function add_message_note($id = '', $uid = 0, $note = '') {
      if($id == '' || $uid <= 0) { return 0; }

      if($note == '') {
         $query = $this->db->query("DELETE FROM " . TABLE_NOTE . " WHERE uid=? AND id=?", array($uid, $id));
      } else {
         $query = $this->db->query("UPDATE " . TABLE_NOTE . " SET note=? WHERE uid=? AND id=?", array($note, $uid, $id));
         if($this->db->countAffected() == 0) {
            $query = $this->db->query("INSERT INTO " . TABLE_NOTE . " (id, uid, note) VALUES(?,?,?)", array($id, $uid, $note));
         }
      }

      return 1;
   }


}

?>