Файл: gonki.us/mail.php
Строк: 74
<?php
require_once('system/incfiles/core.php');
$title='Почта';
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
echo '<style type="text/css">
.page
{
padding: 5px;
background-color: #000;
text-align: center;
color: #fff;
}
.page a
{
background-color: #fff;
border: 1px solid #ccc;
margin: 4px;
border-radius: 5px;
-moz-border-radius: 5px;
-webkit-border-radius: 5px;
padding: 4px;
}
</style>';
if (!isset($user)) header('location: /');
$opt=(isset($_GET['opt']) ? $_GET['opt'] : 'index');
switch ($opt)
{
case 'read';
$im=abs(intval($_GET['im']));
if ($db->query('SELECT `id` FROM `user` WHERE `id` = "'.$im.'"')->num_rows == 0) header('location: ?opt=index');
if ($db->query('SELECT * FROM `mail_c` WHERE `kto` = "'.$user['id'].'" AND `kogo` = "'.$im.'"')->num_rows == 0)
{
$db->query('INSERT INTO `mail_c` SET `id` = "", `kto` = "'.$user['id'].'", `kogo` = "'.$im.'", `time` = "'.time().'"');
}
if ($db->query('SELECT * FROM `mail_c` WHERE `kto` = "'.$im.'" AND `kogo` = "'.$user['id'].'"')->num_rows == 0)
{
$db->query('INSERT INTO `mail_c` SET `id` = "", `kto` = "'.$im.'", `kogo` = "'.$user['id'].'", `time` = "'.time().'"');
}
include 'pg.php';
if (isset($_GET['add']))
{
$error=array();
if (empty($_POST['text'])) $error[]='Не ввели текст сообщения';
if (empty($error))
{
$db->query('UPDATE `mail_c` SET `time` = "'.time().'" WHERE `kto` = "'.$user['id'].'" AND `kogo` = "'.$im.'"');
$db->query('UPDATE `mail_c` SET `time` = "'.time().'" WHERE `kto` = "'.$im.'" AND `kogo` = "'.$user['id'].'"');
$db->query('INSERT INTO `mail_m` SET `id` = "", `kto` = "'.$user['id'].'", `komy` = "'.$im.'", `text` = "'.$db->real_escape_string(htmlspecialchars($_POST['text'])).'", `open` = "1", `time` = "'.time().'"');
header('location: ?opt=read&im='.$im.'');
}
else
{
foreach ($error as $err)
{
echo '<div class="error">'.$err.'</div>';
}
}
}
$pg=new pagination;
$pg->init(array(
'num'=>6,
'posts'=>$db->query('SELECT * FROM `mail_m` WHERE (`kto` = "'.$user['id'].'" AND `komy` = "'.$im.'") or (`kto` = "'.$im.'" AND `komy` = "'.$user['id'].'")')
->num_rows,
'page' => (isset($_GET['page']) ? $_GET['page'] : 1)
));
$query=$db->query('SELECT * FROM `mail_m` WHERE (`kto` = "'.$user['id'].'" AND `komy` = "'.$im.'") or (`kto` = "'.$im.'" AND `komy` = "'.$user['id'].'") ORDER BY `id` DESC LIMIT '.$pg->start.', '.$pg->num.'');
require_once(ROOT.'system/incfiles/header.php');
echo quickpaste('text');
echo '<div class="razd4" style="text-align:center;">'.quicksmiles().'</div><div class="razd4" style="text-align:center;">
<form id="form" action="?opt=read&im='.$_GET['im'].'&add" method="POST">
<input type="text" name="text">
<input type="submit" value="Go">
</form>
</div>';
while ($row=$query->fetch_assoc())
{
echo '<div class="razd4">'.user($row['kto'], TRUE).' <font style="color: #ccc; font-size: 10px;">написал '.ustime($row['time']).':</font><br>
<div style="'.($user['id'] == $row['kto'] ? 'margin-left: 30px;' : 'margin-right: 30px;').'padding: 5px; border-radius: 5px; -moz-border-radius: 5px;
-webkit-border-radius: 5px; '.(($row['open'] == 1) ? 'background-color: #ccd; border: 1px solid red;' : 'background-color: #fff;').' border: 1px solid #ccc;
color: #555;
">'.sm_replace($row['text']).'</div></div>';
}
echo '<div class="page">'.$pg->display('?opt=read&im='.$im.'&page=').'</div>';
$db->query('UPDATE `mail_m` SET `open` = "0" WHERE `komy` = "'.$user['id'].'" AND `kto` = "'.$im.'"');
break;
case 'index':
require_once(ROOT.'system/incfiles/header.php');
$query=$db->query('SELECT * FROM `mail_c` WHERE `kto` = "'.$user['id'].'" ORDER BY `time` DESC');
if ($query->num_rows == 0)
{
echo '<div class="razd4" style="text-align: center;">У вас нет контактов</div>';
}
else
{
while ($row=$query->fetch_assoc())
{
$count=$db->query('SELECT * FROM `mail_m` WHERE `komy` = "'.$user['id'].'" AND `kto` = "'.$row['kogo'].'" AND `open` = "1"')->num_rows;
if ($count > 0)
$coun='<font color="red">+'.$count.'</font>';
else
$coun='';
echo '<div class="razd4" style="border-bottom: 1px solid #ddd;">'.ava($row['kogo']).'<a class=""><a href="?opt=read&im='.$row['kogo'].'">'.user($row['kogo']).'</a> '.$coun.'</div>';
}
$db->query('UPDATE `mail_m` SET `open` = "0" WHERE `komy` = "'.$user['id'].'"');
}
break;
// how ?!!?!? ....
default:
header('location: ?opt=index');
break;
}
require_once(ROOT.'system/incfiles/footer.php');
?>