Файл: mail.php
Строк: 149
<?php
require_once 'sys/inc/start.php';
require_once 'sys/inc/compress.php';
require_once 'sys/inc/sess.php';
require_once 'sys/inc/settings.php';
require_once 'sys/inc/db_connect.php';
require_once 'sys/inc/ipua.php';
require_once 'sys/inc/fnc.php';
require_once 'sys/inc/user.php';
only_reg();
if ((!isset($_SESSION['refer']) || $_SESSION['refer'] == NULL) && isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != NULL && !preg_match('#mail.php#', $_SERVER['HTTP_REFERER'])) {
$_SESSION['refer'] = str_replace('&', '&', preg_replace('#^http://[^/]*/#i', '/', $_SERVER['HTTP_REFERER']));
}
if (!isset($_GET['id'])) {
header("Location: /user/konts.php?" . SID);
exit;
}
$ank = get_user($_GET['id']);
if (!$ank) {
header("Location: /user/konts.php?" . SID);
exit;
}
$set['title'] = 'Почта: ' . $ank['nick'];
require_once 'sys/inc/thead.php';
// добавляем в контакты
if ($user['add_konts'] == 2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0) == 0) {
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ank[id]', '$time')");
}
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `new_msg` = '0' WHERE `id_kont` = '$ank[id]' AND `id_user` = '$user[id]' LIMIT 1");
// помечаем сообщения как прочитанные
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]'");
if (isset($_POST['msg']) && $ank['id'] != 0) {
$msg = $_POST['msg'];
if (utf8_strlen($msg) > 10024) {
$err[] = 'Сообщение превышает 10024 символа';
}
if (utf8_strlen($msg) < 2) {
$err[] = 'Слишком короткое сообщение';
}
$mat = antimat($msg);
if ($mat) {
$err[] = 'В тексте сообщения обнаружен мат: ' . $mat;
}
if (!isset($err) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' AND `time` > '" . ($time - 360) . "' AND `msg` = '" . mysql_real_escape_string($msg) . "'"), 0) == 0) {
// отправка сообщения
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '" . mysql_real_escape_string($msg) . "', '$time')");
// добавляем в контакты
if ($user['add_konts'] == 1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0) == 0) {
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ank[id]', '$time')");
}
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'");
header("Location: /mail.php?id=$ank[id]");
exit;
}
}
aut();
err();
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
$q = mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)) {
$ank2 = get_user($post['id_user']);
if ($post['read'] == 0) {
echo "<table class = 'mail_hidden'><tr><td class = 'icon14'>";
} else {
echo "<table class = 'mail'><tr><td class = 'icon14'>";
}
avatar($ank2['id'], '25');
echo "</td><td class='null'>";
echo "<div class = 'right'><font color = 'grey'>" . vremja($post['time']) . "</font></div>";
if ($ank2) {
echo "<a href = '/info.php?id=$ank2[id]'><b>";
echo text::gradient("$ank2[nick]", "$ank2[ncolor]", "$ank2[ncolor2]");
echo "</b></a><br />";
} else {
echo "[DELETED] (+$kont[count])n";
}
echo output_text($post['msg']) . "n";
echo " </td>n";
echo " </tr>n";
echo "</table>n";
}
if ($k_page > 1) {
str("mail.php?id=$ank[id]&", $k_page, $page);
}
if ($ank['id'] != 0) {
echo "<form method='post' name='message' action='/mail.php?id=$ank[id]&$passgen'>n";
echo "<table class = 'blok'><tr><td class = 'icon48'>";
avatar($user['id'], '30');
echo "</td><td class='null'>";
echo "<textarea aria-required = 'true' aria-invalid = 'false' required = 'required' name="msg" rows='1' style='width:70%'></textarea><br />n";
echo "<div class = 'button_blue'>";
echo "<button>Отправить</button>";
echo "</div>";
echo "</td></tr></table></form>";
}
echo "<div class='blok'>";
if ($ank['id'] != 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0) == 1) {
$kont = mysql_fetch_array(mysql_query("SELECT * FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"));
echo "<a href='/user/konts.php?type=$kont[type]&act=del&id=$ank[id]'>Удалить контакт из списка</a><br />n";
} else {
echo "<a href='/user/konts.php?type=common&act=add&id=$ank[id]'>Добавить в список контактов</a><br />n";
}
}
echo "<a href='/user/konts.php?" . (isset($kont) ? 'type=' . $kont['type'] : null) . "'>Список контактов</a><br />n";
echo "</div>n";
echo "<div class='foot'>n";
if (isset($_SESSION['refer']) && $_SESSION['refer'] != NULL && otkuda($_SESSION['refer'])) {
echo "«<a href='$_SESSION[refer]'>" . otkuda($_SESSION['refer']) . "</a><br />n";
}
echo "«<a href='umenu.php'>Мое меню</a><br />n";
echo "</div>n";
require_once 'sys/inc/tfoot.php';