Файл: mail.php
Строк: 189
<?
include_once 'sys/includes/start.php';
include_once 'sys/includes/compress.php';
include_once 'sys/includes/sess.php';
include_once 'sys/includes/home.php';
include_once 'sys/includes/settings.php';
include_once 'sys/includes/db_connect.php';
include_once 'sys/includes/ipua.php';
include_once 'sys/includes/fnc.php';
include_once 'sys/includes/user.php';
only_reg();
if (!isset($_GET['id']))
{
header("Location: /konts.php?".SID);
exit;
}
$ank=get_user($_GET['id']);
if (!$ank)
{
header("Location: /konts.php?".SID);
exit;
}
$set['title']='Почта: '.$ank['nick'];
include_once 'sys/includes/header.php';
title();
auter();
if ($user['add_konts']==2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"),0)==0)
{
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('".$user['id']."', '".$ank['id']."', '".$time."')");
}
mysql_query("UPDATE `users_konts` SET `new_msg` = '0' WHERE `id_kont` = '".$ank['id']."' AND `id_user` = '".$user['id']."' LIMIT 1");
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '".$user['id']."' AND `id_user` = '".$ank['id']."'");
if (isset($_POST['refresh']))
{
header("Location: /mail.php?id=$ank[id]".SID);
exit;
}
if (isset($_POST['msg']) && $_POST['send'] && $ank['id']!=0)
{
if ($user['level']==0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]'"), 0)==0)
{
if (!isset($_SESSION['captcha']))
{
$err='Ошибка проверочного числа!';
}
if (!isset($_POST['chislo']))
{
$err='Введите проверочное число!';
}
else if ($_POST['chislo']==null)
{
$err='Введите проверочное число!';
}
else if ($_POST['chislo']!=$_SESSION['captcha'])
{
$err='Проверьте правильность ввода проверочного числа!';
}
}
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)
{
$msg=translit($msg);
}
if (strlen2($msg)>1024)
{
$err='Сообщение превышает 1024 символа!';
}
if (strlen2($msg)<2)
{
$err='Слишком короткое сообщение!';
}
$mat=antimat($msg);
if ($mat)
{
$err='В тексте сообщения обнаружен мат: '.$mat;
}
if (!isset($err) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' AND `time` > '".($time-360)."' AND `msg` = '".my_esc($msg)."'"),0)==0)
{
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('".$user['id']."', '".$ank['id']."', '".my_esc($msg)."', '".$time."')");
if ($user['add_konts']==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."'"),0)==0)
{
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('".$user['id']."', '".$ank['id']."', '".$time."')");
}
mysql_query("UPDATE `users_konts` SET `time` = '$time' WHERE `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."' OR `id_user` = '".$ank['id']."' AND `id_kont` = '".$user['id']."'");
msg('Сообщение успешно отправлено');
}
}
err();
if ($ank['id']!=0)
{
echo "<table style='width:100%' cellspacing='1' cellpadding='1'><tr>";
echo "<td class='u_menu'><center>";
echo "<a href='/konts.php?".(isset($kont)?'type='.$kont['type']:null)."'>";
echo "<img src='/s-klub/img/kontakt.png'> ";
echo "<b>Все контакты</b>";
echo "</a>";
echo "</center></td>";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"), 0)==1)
{
echo "<td class='u_menu'><center>";
$kont=mysql_fetch_array(mysql_query("SELECT * FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]'"));
echo "<a href='/konts.php?type=$kont[type]&act=del&id=$ank[id]'>";
echo "<img src='/s-klub/img/del.png'> ";
echo "<b>Удалить из списка контактов</b>";
echo "</a>";
echo "</center></td>";
}else{
echo "<td class='u_menu'><center>";
echo "<a href='/konts.php?type=common&act=add&id=$ank[id]'>";
echo "<img src='/s-klub/img/yes.png'> ";
echo "<b>Добавить в список контактов</b>";
echo "</a>";
echo "</center></td>";
}
echo "</tr></table>";
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0)
{
echo "<table style='width:100%' cellspacing='1' cellpadding='1'><tr>";
echo "<td class='err'>";
echo "<b>Нет сообщений!</b>";
echo "</td>";
echo "</tr></table>";
}
if ($ank['id']!=0)
{
echo "<form method='post' name='message' action='/mail.php?id=$ank[id]&$passgen'>";
echo "<div class='forum_tema'>";
echo "<input type='submit' name='refresh' value='Обновить страницу' />";
echo "</div>";
echo "<div class='forum_tema'>";
echo "<img src='/s-klub/img/post.png'> ";
echo "<b>Сообщение:</b><br />";
bb_panel();
echo "<textarea name='msg'></textarea><br />";
echo "</div>";
if ($user['set_translit']==1)
{
echo "<div class='forum_tema'>";
echo "<label><input type='checkbox' name='translit' value='1' /> <b>Транслит</b></label><br />";
echo "</div>";
}
if ($user['level']==0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ank[id]'"), 0)==0)
{
echo "<div class='forum_tema'>";
cap_image();
echo "</div>";
}
echo "<div class='forum_tema'>";
echo "<input type='submit' name='send' value='Отправить' />";
echo "</div>";
echo "</form>";
}
$q=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post=mysql_fetch_array($q))
{
echo "<table style='width:100%' cellspacing='1' cellpadding='1'><tr>";
$ank2=get_user($post['id_user']);
echo " <td class='icon14'>";
avatar_mini($ank2['id']);
echo "</td>";
echo "<td class='p_t'>";
if ($ank2)
{
if ($ank2['id']==0)
{
echo "".status($ank2['id'])." ";
echo "<b> ".$ank2['nick']."</b> ";
echo "".online($ank2['id'])."";
}else{
echo "".status($ank2['id'])."<b> <a href='/info.php?id=$ank2[id]'>";
echo GradientText("$ank2[nick]", "$ank2[ncolor]", "$ank2[ncolor2]");
echo "</b></a> ";
echo "".online($ank2['id'])."";
}
}else{
echo "<img src='/s-klub/img/who.png'> ";
echo "<b>[Удален!] (+$kont[count])</b>";
}
if ($post['read']==0)
{
echo " <b>(Не прочитано)</b>";
}
echo "<br /><img src='/s-klub/img/time.png'> ";
echo "".vremja($post['time'])."<br />";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<td class='p_m' colspan='2'><b>";
echo "<img src='/s-klub/img/post.png'> ";
echo output_text($post['msg'])."";
echo "</b></td>";
echo "</tr></table>";
}
if ($k_page>1)
{
str("mail.php?id=$ank[id]&",$k_page,$page);
}
echo "<a href='umenu.php'>";
echo "<div class='foot'>";
echo "<img src='/s-klub/img/set.png'> ";
echo "<b>Мое меню</b>";
echo "</div>";
echo "</a>";
include_once 'sys/includes/footer.php';
?>