Файл: chat/index.php
Строк: 126
<?php
require '../sys/sid.php';
require '../sys/config.php';
include '../sys/user.php';
include '../sys/head.php';
include '../sys/navigator.php';
visit(0, 'chat');
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM users WHERE onl + '300' > '$rtime' AND `where` = 'chat'"), 0);
echo '<a href="/chat/?'.mt_rand(100, 999).'">Обновить</a> | <a href="online.php">Онлайн (' . $count . ')</a> | <a href="smiles.php">Смайлы</a>' . separator;
$do = isset($_GET['do']) ? $_GET['do'] : NULL;
switch($do)
{
default:
if (isset($_GET['flood']) && $_SESSION['chat_int_time'] > $rtime) err('Нельзя писать сообщения чаще, чем через 10 сек.');
if (isset($_POST['save']))
{
$nmsg = number($_POST['nmsg']);
if ($nmsg < 5) $v = 5;
elseif ($nmsg > 25) $v = 25;
else $v = $nmsg;
mysql_query("UPDATE users SET nmsg = '$v' WHERE id = '$user[id]' LIMIT 1");
header('location: /chat/');
}
if (isset($_POST['send']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
$tr = number($_POST['tr']);
if (mb_strlen($msg, 'UTF8') > 1024) $msg = mb_substr($msg, 0, 1024, 'UTF8');
if ($tr == 1) $msg = translit($O[1]);
if (!empty($msg))
{
if (!isset($_SESSION['chat_int_time'])) $_SESSION['chat_int_time'] = 0;
if ($_SESSION['chat_int_time'] > $rtime)
{
$mess = mysql_result(mysql_query("SELECT COUNT(*) FROM chat WHERE
user = '$user[id]'
AND
time < '" . $_SESSION['chat_int_time'] . "'"), 0);
if ($mess > 0)
{
header('location: /chat/?flood');
die();
}
}
$r = mt_rand(100000, 999999);
#$msg = preg_replace('~(:[0-9]:){3,}~isu', '111', $msg);
mysql_query("INSERT INTO chat SET id = '$r', user = '$user[id]', msg = '$msg', time = '$rtime'");
$_SESSION['chat_int_time'] = $rtime + 10;
header('location: /chat/');
} else header('location: /chat/');
}
if (isset($_GET['x']))
{
$x = number($_GET['x']);
$isset = mysql_result(mysql_query("SELECT COUNT(*) FROM chat WHERE id = '$x' LIMIT 1"), 0);
if ($isset == 0)
{
header('location: /chat/');
}
elseif ($user['level'] < 1)
{
header('location: /chat/');
}
else
{
mysql_query("DELETE FROM chat WHERE id = '$x' LIMIT 1");
header('location: /chat/');
}
}
echo 'Сообщение [1-1024]:<br/>
<form method="post" action="/chat/">
<textarea name="msg" cols="20" rows="4" maxlength="1024"></textarea>
<br/>
<input type="checkbox" name="tr" value="1"/> Транслит
<br/>
<input type="submit" name="send" value="Отправить"/>
</form>';
$sql = mysql_result(mysql_query("SELECT COUNT(*) FROM chat"), 0);
if ($sql != 0)
{
$n = new navigator($sql, $user['nmsg'], '/chat/?&');
$select = mysql_query("SELECT * FROM chat ORDER BY time DESC {$n->limit}");
echo $n->navi() . separator;
while($q = mysql_fetch_assoc($select))
{
if (user($q['user'], 'level') == 1) $adm = '<span class="war">[Мд]</span>';
elseif (user($q['user'], 'level') == 2) $adm = '<span class="war">[Адм]</span>';
else $adm = '';
$to = (!empty($q['to'])) ? ' для <a href="/userinfo_'.$q['to'].'"><u>' . $q['to'] . '</u></a>' : '';
$del = ($user['level'] == 2 || $user['level'] == 1) ? '<a href="delete'.$q['id'].'">[X]</a> ' : '';
$q['msg'] = ($q['user'] == $user['id']) ? '<span style="color:#35708e;">' . $q['msg'] . '</span>' : $q['msg'];
if ($q['pr'] == 1 && $q['user'] == $user['id'])
{
echo '<div style="background:#bfb513;padding:3px;margin:2px;">' . $del . date('H:i', $q['time']) . ' - <a href="speak_'.user($q['user'], 'nick').'&'.mt_rand(1000, 9999).'"><b>' . user($q['user'], 'nick') . '</b></a> ' . $adm . ' ' . $to . ' <b>[!ЛС]</b><br/>' . smiles($q['msg'], 1) . '</div>';
}
elseif ($q['pr'] == 0)
{
echo '<div style="padding:3px;margin:2px;">' . $del . date('H:i', $q['time']) . ' - <a href="speak_'.user($q['user'], 'nick').'&'.mt_rand(1000, 9999).'"><b>' . user($q['user'], 'nick') . '</b></a> ' . $adm . ' ' . $to . '<br/>' . smiles($q['msg'], 1) . '</div>';
}
}
echo $n->navi();
}
else echo 'Сообщенией нет.';
echo separator . '<form method="post" action="/chat/">
Сообщений на стр:<br/>
<input type="text" name="nmsg" value="'.$user['nmsg'].'" size="2" maxlength="2"/>
<input type="submit" name="save" value="OK"/>
</form>';
break;
case speak:
$us = trim(mysql_real_escape_string(char($_GET['us'], 0)));
if (!user($us))
{
err('Непредсказуемая ошибка!');
}
else
{
if (isset($_POST['send']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
$tr = number($_POST['tr']);
$mail = number($_POST['mail']);
$to = (isset($_POST['whom'])) ? char($_POST['whom'], 0) : NULL;
if (mb_strlen($msg, 'UTF8') > 1024) $msg = mb_substr($msg, 0, 1024, 'UTF8');
if ($tr == 1) $msg = translit($msg);
if (!empty($msg) && $mail != 1)
{
if (!isset($_SESSION['chat_int_time'])) $_SESSION['chat_int_time'] = 0;
if ($_SESSION['chat_int_time'] > $rtime)
{
$mess = mysql_result(mysql_query("SELECT COUNT(*) FROM chat WHERE
user = '$user[id]'
AND
time < '" . $_SESSION['chat_int_time'] . "'"), 0);
if ($mess > 0)
{
header('location: /chat/?flood');
die();
}
}
$r = mt_rand(100000, 999999);
$msg = preg_replace('/(:[0-9]:){3,}/', '111', $msg);
mysql_query("INSERT INTO chat SET id = '$r', user = '$user[id]', msg = '$msg', time = '$rtime', `to` = '$to'");
$_SESSION['chat_int_time'] = $rtime + 10;
header('location: /chat/');
}
elseif (!empty($msg) && $mail == 1)
{
if (!isset($_SESSION['chat_int_time'])) $_SESSION['chat_int_time'] = 0;
if ($_SESSION['chat_int_time'] > $rtime)
{
$mess = mysql_result(mysql_query("SELECT COUNT(*) FROM chat WHERE
user = '$user[id]'
AND
time < '" . $_SESSION['chat_int_time'] . "'"), 0);
if ($mess > 0)
{
header('location: /chat/?flood');
die();
}
}
if (user($us, 'id') == $user['id'])
{
err('Зачем писать себе в лс?');
}
else
{
mysql_query("INSERT INTO `letters` (`id`, `who`, `idwho`, `message`, `data`, `read`, `mod`)
VALUES ('" . mt_rand(1000000, 9999999) . "', '" . $user['id'] . "', '" . user($us, 'id') . "', '$msg', '$rtime', '0', 'i')");
mysql_query("INSERT INTO `letters` (`id`, `who`, `idwho`, `message`, `data`, `read`, `mod`)
VALUES ('" . mt_rand(1000000, 9999999) . "', '" . user($us, 'id') . "', '" . $user['id'] . "', '$msg', '$rtime', '1', 'o')");
$msg = preg_replace('/(:[0-9]:){3,}/', '111', $msg);
mysql_query("INSERT INTO chat SET id = '" . mt_rand(100000, 999999) . "', user = '$user[id]', msg = '$msg', time = '$rtime', pr = '1', `to` = '$to'");
$_SESSION['chat_int_time'] = $rtime + 10;
header('location: /chat/');
}
} else header('location: /chat/');
}
echo 'Сообщение [1-1024]:<br/>
<form method="post" action="speak_'.$us.'&'.mt_rand(1000, 9999).'">
' . $us . ' <a href="/userinfo_'.$us.'">Анкета</a><br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024"></textarea>
<br/>
<input type="checkbox" name="tr" value="1"/> Транслит
<br/>
<input type="checkbox" name="mail" value="1"/> Личное
<br/>
<input type="hidden" name="whom" value="'.$us.'"/>
<input type="submit" name="send" value="Отправить"/>
</form>
<a href="/chat/">Вернуться</a><br/>';
}
break;
}
echo '<a href="/">На главную</a>';
include '../sys/foot.php';
?>