Файл: mail.php
Строк: 421
<?php
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/user.php';
only_reg();
################################################################################
$timediff=mysql_result(mysql_query("SELECT `time` FROM `user` WHERE `id` = '$user[id]' LIMIT 1",$db), 0);
$oneMinute=60;
$oneHour=60*60;
$oneDay=60*60*24;
$dayfield=floor($timediff/$oneDay);
$hourfield=floor(($timediff-$dayfield*$oneDay)/$oneHour);
$minutefield=floor(($timediff-$dayfield*$oneDay-$hourfield*$oneHour)/$oneMinute);
$secondfield=floor(($timediff-$dayfield*$oneDay-$hourfield*$oneHour-$minutefield*$oneMinute));
$sMinsLeft =$minutefield;
$sMinsText = "минут";
$nMinsLeftLength = strlen($sMinsLeft);
$m_1=substr($sMinsLeft,-1,1);
if ($nMinsLeftLength>1 && substr($sMinsLeft,-2,1) != 1)
{
if ($m_1== 2 || $m_1== 3 || $m_1== 4)
{
$sMinsText = "минуты";
}
else if ($m_1== 1)
{
$sMinsText = "минута";
}
}
if ($nMinsLeftLength==1)
{
if ($m_1== 2 || $m_1==3 || $m_1== 4)
{
$sMinsText = "минуты";
}
elseif ($m_1== "1")
{
$sMinsText = "минута";
}
}
$sSecsLeft = $secondfield;
$sSecsText = "секунд";
$s_1=substr($sSecsLeft,-1,1);
$nSecsLeftLength = strlen($sSecsLeft);
if (substr($sSecsLeft,-2,1)!= 1 && $nSecsLeftLength>1)
{
if ($s_1== 2 || $s_1== 3 || $s_1== 4)
{
$sSecsText = "секунды";
}
elseif ($s_1== 1)
{
$sSecsText = "секунда";
}
}
if ($nSecsLeftLength==1)
{
if ($s_1== 2 || $s_1== 3 || $s_1== 4)
{
$sSecsText = "секунды";
}
elseif ($sSecsLeft== "1")
{
$sSecsText = "секунда";
}
}
$displaystring="".
$sMinsLeft." ".
$sMinsText." ".
$sSecsLeft." ".
$sSecsText;
if ($timediff<0) $displaystring='дата уже наступила';
################################################################################
if ((!isset($_SESSION['refer']) || $_SESSION['refer']==NULL)
&& isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!=NULL &&
!preg_match('#mail.php#',$_SERVER['HTTP_REFERER']))
$_SESSION['refer']=str_replace('&','&',preg_match('#^http://[^/]*/#','/', $_SERVER['HTTP_REFERER']));
################################################################################
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."'"),0)==1)
{
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = ".intval($_GET['id'])." LIMIT 1"));
$set['title']='Почта: '.$ank['nick'];
include_once 'sys/inc/thead.php';
title();
if ($user['id']!=$ank['id'] && $ank['autorization']==1 &&
mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_aut` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' AND `aut` = 'ok'"), 0)==0)
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_aut` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' AND `aut` = 'ignor'"), 0)==1)
{
$err[]='Пользователь обитателем Вам писать к нему в приват';
}else{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_getaut` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0)==1)
{
msg("Ожидание подтверждения авторизации");
}
elseif(isset($_POST['getaut']) && isset($_SESSION['chislo']) && isset($_POST['chislo']))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_aut` WHERE `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts_aut` (`id_user`, `id_kont`, `aut`) VALUES ('$ank[id]','$user[id]', 'ok')");
}else{
mysql_query("UPDATE `konts_aut` SET `aut` = 'ok' WHERE `id_user`='$ank[id]' AND `id_kont`='$user[id]' LIMIT 1");
}
$msg="Пользователь $user[nick] запросил авторизациюn";
if (isset($_POST['msg']))
{
$msg2=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg2=translit($msg2);
if (strlen2($msg2)<1024 && strlen2($msg2)>2)
$msg.="Причина:n".$msg2;
}
$msg=mysql_real_escape_string($msg);
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '$msg', '$time')");
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts` WHERE `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts` (`id_kont`, `id_user`, `time`) values('$user[id]', '$ank[id]', '$time')");
}
if ($user['id']!=$ank['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts` (`id_user`, `id_kont`, `time`) values('$user[id]', '$ank[id]', '$time')");
msg(""$ank[nick]" добавлен в ваш список контактов");
}
mysql_query("UPDATE `konts` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'");
mysql_query("INSERT INTO `konts_getaut` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ank[id]', '$time')");
msg("Авторизация успешно запрошена");
}
else
msg("Для общения с этим обитателем необходима авторизация");
}
err();
aut();
if (!isset($err)){
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_getaut` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0)==0)
{
echo "<form method="post" name='message' action="mail.php?id=$ank[id]">n";
echo "Причина авторизации:<br />n<textarea name="msg"></textarea><br />n";
if ($user['set_translit']==1)echo "<input type="checkbox" name="translit" value="1" /> Транслит<br />n";
echo "<img src="/guest/img.php?".SID."" width="100" height="30" alt="Проверочное число"/><br />n<input name="chislo" size="5" maxlength="5" value="" type="text" /><br/>n";
echo "<input value="Запросить авторизацию" name='getaut' type="submit" />n";
echo "</form>n";
}
}
echo "<div class='foot'>n";
echo "«<a href="/mail.php">Контакты</a><br />n";
if(isset($_SESSION['refer']) && $_SESSION['refer']!=NULL && otkuda($_SESSION['refer']))
echo "«<a href='$_SESSION[refer]'>".otkuda($_SESSION['refer'])."</a><br />n";
echo "«<a href='umenu.php'>Мое меню</a><br />n";
echo "</div>n";
include_once 'sys/inc/tfoot.php';
}
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]' AND `read` = '0'");
if (isset($_POST['msg']))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>1024)$err='Сообщение превышает 1024 символа';
if (strlen2($msg)<2)$err='Слишком короткое сообщение';
if (!isset($err) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' AND `msg` = '".mysql_escape_string($msg)."' LIMIT 1"),0)==0)
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts` WHERE `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts` (`id_kont`, `id_user`, `time`) values('$user[id]', '$ank[id]', '$time')");
}
################################################################################
if (isset($user) & $user['time']<=900)
{
echo "<div class='err'>Чтобы писать сообщения нужно пробыть хотябы <b>15</b>минут.<br/>У вас <b>$displaystring</b>.</div>n";
}
else
{
$msg=mysql_escape_string($msg);
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '$msg', '$time')");
mysql_query("UPDATE `konts` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'");
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
msg('Сообщение успешно отправлено');
}}}
aut();
if ($user['id']!=$ank['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts` (`id_user`, `id_kont`, `time`) values('$user[id]', '$ank[id]', '$time')");
msg(""$ank[nick]" добавлен в ваш список контактов");
}
if (isset($_GET['aut']) )
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_aut` WHERE `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0)==0)
{
mysql_query("INSERT INTO `konts_aut` (`id_user`, `id_kont`, `aut`) VALUES ('$ank[id]','$user[id]', 'ok')");
}else{
mysql_query("UPDATE `konts_aut` SET `aut` = 'ok' WHERE `id_user`='$ank[id]' AND `id_kont`='$user[id]' LIMIT 1");
}
$msg="Авторизация одобрена";
$msg=mysql_escape_string($msg);
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '$msg', '$time')");
mysql_query("DELETE FROM `konts_getaut` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]' LIMIT 1");
mysql_query("DELETE FROM `konts_getaut` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' LIMIT 1");
msg('Контакт успешно авторизован');
}
err();
echo "<div class='niz2'><form action='/mail.php?id=".$ank["id"]."' method='POST'><input type='submit' name='' value='Обновить' /> | <a href='/smiles/'>Смайлы</a> | <a href="/mail.php">Контакты</a></form></div>";
##########
?>
<script>
function emoticon(text) {
var txtarea = document.message.msg;
text = ' ' + text + ' ';
if (txtarea.createTextRange && txtarea.caretPos) {
var caretPos = txtarea.caretPos;
caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? caretPos.text + text + ' ' : caretPos.text + text;
txtarea.focus();
} else {
txtarea.value += text;
txtarea.focus();
}
}
</script>
<?
echo "<form method="post" name='message' action="mail.php?id=$ank[id]">n";
echo "<div class='f1'>";
echo "Сообщение:<br />n";
echo "</div>n";
?>
<div class='glav'>
<a href="javascript:emoticon('[b][/b]')"><img src="/style/bb/bb_bold.gif" alt="bb"/></a>
<a href="javascript:emoticon('[i][/i]')"><img src="/style/bb/bb_italic.gif" alt="bb"/></a>
<a href="javascript:emoticon('[u][/u]')"><img src="/style/bb/bb_underline.gif" alt="bb"/></a>
<a href="javascript:emoticon('[red][/red]')"><img src="/style/bb/red.png" alt="bb"/></a>
<a href="javascript:emoticon('[blue][/blue]')"><img src="/style/bb/blue.png" alt="bb"/></a>
<a href="javascript:emoticon('[yellow][/yellow]')"><img src="/style/bb/yellow.png" alt="bb"/></a>
</div>
<?
echo "<div class='f1'>";
echo "<textarea name="msg"></textarea><br />n";
echo "</div>n";
?>
<div class='glav'>
<a href="javascript:emoticon(':-)')"><img src="/style/smiles/smile.gif" alt="smile"/></a>
<a href="javascript:emoticon(':-D')"><img src="/style/smiles/biggrin.gif" alt="biggrin"/></a>
<a href="javascript:emoticon('=]')"><img src="/style/smiles/eqr.gif" alt="eqr"/></a>
<a href="javascript:emoticon('=))')"><img src="/style/smiles/biggrin2.gif" alt="biggrin2"/></a>
<a href="javascript:emoticon('8-)')"><img src="/style/smiles/poh.gif" alt="poh"/></a>
<a href="javascript:emoticon(';-)')"><img src="/style/smiles/wink.gif" alt="wink"/></a><br />
<a href="javascript:emoticon('.2пал.')"><img src="/style/smiles/2pal.gif" alt="smile"/></a>
<a href="javascript:emoticon('.хлопает.')"><img src="/style/smiles/hlopaet.gif" alt="smile"/></a>
<a href="javascript:emoticon('.нея.')"><img src="/style/smiles/nea.gif" alt="smile"/></a>
<a href="javascript:emoticon('.дружба.')"><img src="/style/smiles/druzhba.gif" alt="smile"/></a>
</div>
<?
echo "<div class='f1'>";
echo "<input value="Отправить" type="submit" />n";
echo "</form>n";
echo "</div>n";
##########
echo "<table class='post'>n";
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0)
{
echo " <tr>n";
echo " <td class='p_t'>n";
echo "Нет сообщенийn";
echo " </td>n";
echo " </tr>n";
}
$q=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q))
{
$ank2=get_user($post['id_user']);
echo " <tr>n";
echo " <td class='icon14'>n";
echo "".status($ank2['id'])."";
echo " </td>n";
echo " <td class='p_t'>n";
if ($ank2){
echo "<a href='/id$ank2[id]'><span style='color:$ank2[ncolor]'>$ank2[nick]</span></a>n";
echo "".medal($ank2['id'])." ".online($ank2['id'])." (".vremja($post['time']).")";
}
else{
echo "[Удален!] (+$kont[count])n";
echo "(".vremja($post['time']).")n";}
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($set['set_show_icon'])echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
if ($post['read']==0)echo "(не прочитано)<br />n";
echo trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg'])))))))."<br />n";
echo "[<a href='/pages/delete.php?id=$post[id]'>Удалить</a>]n";
echo '[<a href="/pages/spam.php?id='.$post['id'].'">Это спам</a>]<br />';
echo " </td>n";
echo " </tr>n";
}
echo "</table>n";
if ($k_page>1)str("mail.php?id=$ank[id]&",$k_page,$page); // Вывод страниц
if ($user['id']!=$ank['id'] && $user['autorization']==1 &&
mysql_result(mysql_query("SELECT COUNT(*) FROM `konts_aut` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]' AND `aut` = 'ok'"), 0)==0)
{
echo "<a href="/mail.php?id=$ank[id]&aut">Авторизовать</a><br />n";
}
include_once 'sys/inc/tfoot.php';
}
$set['title']='Мои контакты';
include_once 'sys/inc/thead.php';
title();
if (isset($_GET['delete']) && is_numeric($_GET['delete']))
{
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$user[id]' AND `id_user` = '".intval($_GET['delete'])."' AND `read` = '0'");
mysql_query("DELETE FROM `konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '".intval($_GET['delete'])."' LIMIT 1");
mysql_query("DELETE FROM `konts_aut` WHERE `id_kont` = '$user[id]' AND `id_user` = '".intval($_GET['delete'])."' LIMIT 1");
mysql_query("OPTIMIZE TABLE `konts`");
msg('Контакт успешно удален');
}
aut();
$k_konts=mysql_result(mysql_query("SELECT COUNT(*) FROM `konts` WHERE `id_user` = '$user[id]'"), 0);
echo "<table class='post'>n";
if ($k_konts==0)
{
echo " <tr>n";
echo " <td class='p_t'>n";
echo "Нет контактовn";
echo " </td>n";
echo " </tr>n";
}
$k_page=k_page($k_konts,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q = mysql_query("SELECT * FROM `konts` WHERE `id_user` = '$user[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while ($konts = mysql_fetch_array($q))
{
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $konts[id_kont] LIMIT 1"));
echo " <tr>n";
echo " <td class='icon14'>n";
echo "".status($ank['id'])."";
echo " </td>n";
echo " <td class='p_t'>n";
echo "<a href='/mail.php?id=$ank[id]'><span style='color:$ank[ncolor]'>$ank[nick]</span></a>n";
echo '('.mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"), 0);
echo '/<font color=red>';
echo mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]' AND `read` = '0'"), 0).'</font>) ';
echo "".medal($ank['id'])." ".online($ank['id'])."";
echo " ".city($ank['id'])."";
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($set['set_show_icon'])echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
echo "<a href="/info.php?id=$ank[id]">Анкета</a><br />n";
echo "<a href="/mail.php?delete=$ank[id]">Удалить</a><br />n";
echo " </td>n";
echo " </tr>n";
}
echo "</table>n";
if ($k_page>1)str("mail.php?",$k_page,$page); // Вывод страниц
include_once 'sys/inc/tfoot.php';
?>