Файл: world-faces.ru/world-faces.ru/chat/index.php
Строк: 62
<?php
include_once '../i.php';
only_reg();
if(isset($user)){
mysql_query("DELETE FROM `chat_who` WHERE `id_user` = '$user[id]'");
}
mysql_query("DELETE FROM `chat_who` WHERE `time` < '".($time-120)."'");
mysql_query("DELETE FROM `chat_post` WHERE `time` < '".($time-86400)."'");
$_GET['msg'] = (isset($_GET['msg'])) ? htmlspecialchars(mysql_real_escape_string(trim($_GET['msg']))) : NULL;
$_GET['id'] = (isset($_GET['id'])) ? htmlspecialchars(mysql_real_escape_string(trim($_GET['id']))) : NULL;
if(isset($user) && isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `chat_rooms` WHERE `id` = '".intval($_GET['id'])."'"),0)==1 && isset($_GET['msg']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['msg'])."'"),0)==1){
$room=mysql_fetch_array(mysql_query("SELECT * FROM `chat_rooms` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET['msg'])."' LIMIT 1"));
if(isset($user)){
mysql_query("INSERT INTO `chat_who` (`id_user`, `time`, `room`) values('$user[id]', '$time', '$room[id]')");
}
$set['title']='Чат - '.$room['name'].' ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `chat_who` WHERE `room` = '$room[id]'"),0).')';
verh();
aut();
echo '<div class="p_m"><a href="/info.php?id='.$ank['id'].'">Посмотреть анкету</a><br/>';
echo '<a href="/smiles/index.php">Смайлы</a><br/>';
echo '<form method="post" action="/chat/room/'.$room['id'].'/'.rand(1000,9999).'/">';
echo 'Сообщение:<br/><textarea name="msg">'.$ank['nick'].', </textarea><br/>';
echo '<label><input type="checkbox" name="privat" value="'.$ank['id'].'"/> Приватно</label><br/>';
if($user['set_translit']==1){
echo '<label><input type="checkbox" name="translit" value="1"/> Транслит</label><br/>';
}
if($room['barmen'] == 1) echo '<div class="p_m">• <a href="/chat/menubar.php?id='.$room['id'].'&mid='.$ank['id'].'&do=for">Угостить '.$ank['nick'].'</a></div>';
echo '<input value="Отправить" type="submit"/></form>';
echo '</div>';
echo '<a href="/chat/'.$room['id'].'/'.rand(1000,9999).'/">В комнату</a><br/>';
echo '<a href="/chat/">Прихожая</a></div><br />';
include_once '../sys/inc/tfoot.php';
}else if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `chat_rooms` WHERE `id` = '".intval($_GET['id'])."'"),0)==1){
$room=mysql_fetch_array(mysql_query("SELECT * FROM `chat_rooms` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
if(isset($user)){
mysql_query("INSERT INTO `chat_who` (`id_user`, `time`, `room`) values('$user[id]', '$time', '$room[id]')");
}
if($set['time_chat']!=0){
header("Refresh: $set[time_chat]; url=/chat/room/$room[id]/".rand(1000,9999).'/');
}
$set['title']='Чат - '.$room['name'].' ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `chat_who` WHERE `room` = '$room[id]'"),0).')';
include_once '../sys/inc/thead.php';
title();
aut();
include 'inc/room.php';
echo '<a href="/chat/">Прихожая</a></div>';
niz();
}else{
$set['title']='Чат - прихожая';
verh();
aut();
echo '<div class="p_m">';
if(isset($user)){
include 'inc/admin_act.php';
}
err();
echo"<img src='/img/add_fav.gif' alt='' class='icon'/> <a href='/chat/iq.php'>Рейтинг умников</a><br>";
echo"<img src='/img/faq.gif' alt='' class='icon'/> <a href='/chat/who.php'>Кто-где?</a><br>";
echo '</div>';
echo '<table class="post">';
$q=mysql_query("SELECT * FROM `chat_rooms` ORDER BY `pos` ASC");
if(mysql_num_rows($q)==0){
echo '<tr><td class="p_t">Нет комнат</td></tr>';
}
while($room = mysql_fetch_array($q)){
echo '<tr><td class="icon14"><img src="/style/themes/'.$set['set_them'].'/chat/room.png" alt=""/></td>';
echo '<td class="p_t"><a href="/chat/room/'.$room['id'].'/'.rand(1000,9999).'/">'.$room['name'].'</a> ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `chat_who` WHERE `room` = '$room[id]'"),0).')</td></tr>';
echo '<tr><td class="p_m" colspan="2">';
if($room['opis']!=NULL){
echo output_text($room['opis']).'<br/>';
}
if(isset($user) && $user['level']>3){
echo '<a href="?set='.$room['id'].'">Параметры</a><br/>';
}
echo '</td></tr>';
}
echo '</table>';
if(isset($user) && $user['level']>3){
include 'inc/admin_form.php';
}
echo '</div>';
niz();
}
?>