Файл: modules/privat/index.php
Строк: 160
<?php
include '../../system/core.php';
include '../../system/header.php';
echo "<a href='/'><div class='logo'><img src='/images/cornerhat.png' class='snoww'><span style='font-family: drunkC; font-size:22px;'>Моя почта</span></div> </a>";
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><font color="white"><b>Почта</font></b></b></div>';
if(!$user['id'])
{
header('Location: /?'); exit;
}
switch($_GET['m']){
case 'dc':
$id = TextGuard($_GET['id']);
if(empty($id) or $id == $user['id']){
header('Location: /privat'); exit;
}
$pc1 = mysql_fetch_array(mysql_query('select * from `privat_contact` where `who` = "'.$user['id'].'" and `ho` = "'.$id.'"'));
$pc2 = mysql_fetch_array(mysql_query('select * from `privat_contact` where `ho` = "'.$user['id'].'" and `who` = "'.$id.'"'));
if($pc1 == 0 or $pc2 == 0){
header('Location: /privat'); exit;
}
$privat = mysql_query("SELECT * FROM `privat` WHERE `who`='".$user['id']."' and `ho` = '".$id."' or `who` = '".$id."' and `ho` = '".$user['id']."'");
while($privat2 = mysql_fetch_assoc($privat)){
mysql_query("DELETE FROM `privat` WHERE `id` = '".$privat2['id']."'");
}
mysql_query("DELETE FROM `privat_contact` WHERE `who`='".$id."' and `ho` = '".$user['id']."'");
mysql_query("DELETE FROM `privat_contact` WHERE `ho`='".$id."' and `who` = '".$user['id']."'");
header('Location: /privat'); exit;
break;
#Главная
default:
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `privat_contact` where `who` = '".$user['id']."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$privat = mysql_query("SELECT * FROM `privat_contact` where `who` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start,$cop");
while($privat2 = mysql_fetch_assoc($privat)){
echo '<div class="post1">'.ustatus($privat2['ho']).' <a href="/us'.$privat2['ho'].'">'.uname($privat2['ho']).'</a> '.uaccess($privat2['ho']).' [<a href="?m=dialog&id='.$privat2['ho'].'">в переписку</a>] [<b>'.mysql_result(mysql_query('select count(`id`) from `privat` where `who`="'.$privat2['ho'].'" and `ho` = "'.$user['id'].'" and `read` = "0"'),0).'</b>/'.(mysql_result(mysql_query('select count(`id`) from `privat` where `who` = "'.$user['id'].'" and `ho` = "'.$privat2['ho'].'"'),0)+mysql_result(mysql_query('select count(`id`) from `privat` where `who` = "'.$privat2['ho'].'" and `ho` = "'.$user['id'].'"'),0)).'] ['.times($privat2['time']).']</div>';
}
echo '<div class="levo">Стр. ';
if($p-2>0) echo ' <a href="/privat?p=1"><<</a> ';
if($p-1>0) echo '<a href="/privat?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/privat?p='.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/privat?p='.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/privat?p='.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/privat?p='.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/privat?p='.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/privat?p='.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/privat?p='.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/privat?p='.ceil($ca/$cop).'">>></a>';
echo '</div>';
echo '<div class="tegi">
<img src="/images/pose.png"> <a href="/users.php?m=search">Поиск контакта</a>
<img src="/images/il.png"> <a href="/privat?m=ignor">Игнор-лист</a><br>
</div></div>';
break;
case 'dialog':
$id = TextGuard($_GET['id']);
if(empty($id) or $id == $user['id']){
header('Location: /privat'); exit;
}
$pcu = mysql_fetch_array(mysql_query('select * from `user` where `id` = "'.$id.'" limit 1'));
if($pcu == 0){
header('Location: /privat'); exit;
}
$privat_contact = mysql_fetch_array(mysql_query('select * from `privat_contact` where `who` = "'.$user['id'].'" and `ho` = "'.$id.'" limit 1'));
if($privat_contact == 0){
mysql_query("INSERT INTO `privat_contact`(
`who`,
`ho`,
`time`,
`ignor`
)VALUES(
'".$user['id']."',
'".$id."',
'".time()."',
'0'
)");
echo '<div class="post1">Контакт успешно добавлен...</div>';
}
$privat_contact2 = mysql_fetch_array(mysql_query('select * from `privat_contact` where `ho` = "'.$user['id'].'" and `who` = "'.$id.'" limit 1'));
if($privat_contact2 == 0){
mysql_query("INSERT INTO `privat_contact`(
`who`,
`ho`,
`time`,
`ignor`
)VALUES(
'".$id."',
'".$user['id']."',
'".time()."',
'0'
)");
}
if(isset($_GET['file'])){
if($user['file'] == 0) $file = 1; else $file = 0;
mysql_query("UPDATE `user` SET `file`='".$file."' WHERE `id`='".$user['id']."' limit 1");
header('Location: /privat?m=dialog&id='.$id.''); exit;
}
if(mysql_result(mysql_query('select count(`id`) from `forum_m` where `author` = "'.$user['id'].'"'),0) < 0)
{
echo '<div class="err"><b>Для того чтобы начать писать, Вам нужно набрать 10 постов на форуме!</b></div>';
}
else
{
if($privat_contact2['ignor'] == 0)
{
if($privat_contact['ignor'] == 0) $ignor = 'вкл'; elseif($privat_contact['ignor'] == 1) $ignor = 'выкл';
echo '<div class="start">';
echo '<div class="glav">
<form action="/privat?m=dialog&id='.$id.'" method="post" enctype="multipart/form-data">
Сообщение: (<a href="/privat?m=dialog&id='.$id.'">обн</a>/игнор [<a href="/privat?m=dialog&id='.$id.'&ignor">'.$ignor.'</a>])<br><textarea name="text" style="width:98%;" rows="3"></textarea><br>';
if($user['file'] == 1) echo 'Файл:<br><input type="file" name="filename"/><br>';
echo '<input type="submit" value="Отправить" name="submit"/>
</form></div>';
if(isset($_GET['ignor'])){
if($privat_contact['ignor'] == 0) $ignor = 1; elseif($privat_contact['ignor'] ==1) $ignor = 0;
mysql_query("UPDATE `privat_contact` SET `ignor`='".$ignor."' WHERE `who` = '".$user['id']."' and `ho`='".$id."' limit 1");
header('Location: /privat?m=dialog&id='.$id.''); exit;
}
if(isset($_POST['submit'])){
$text = TextGuard($text);
if(empty($text)) $err[] = 'Сообщение осталось пустым...';
$pm = mysql_query("SELECT * FROM `privat` WHERE `who`='".$user['id']."' and `ho` = '".$id."' ORDER BY `time` desc");
while($pm2 = mysql_fetch_assoc($pm)){
$pm_timeout = $pm2['time'];
if((time()-$pm_timeout) < 5) $err[] = 'Писать можно только раз в 5 секунд...';
}
if($user['file'] == 1){
if(@file_exists($_FILES['filename']['tmp_name'])){
if($_FILES['filename']['size'] != 0 and $_FILES['filename']['size'] > 5024000) $err[] = 'Слишком большой файл...';
$filetype = array ( 'jpg', 'gif', 'png', 'jpeg', 'bmp', 'zip', 'rar', '7z', 'txt', 'mp3', 'avi', 'mp4', '3gp' );
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], "." )+1);
if(!in_array($upfiletype,$filetype)) $err[] = 'Вы пытаетесь загрузить недопустимый формат файла...';
}}
if(!$err){
if($user['file'] == 1){
if(@file_exists($_FILES['filename']['tmp_name'])) $fn = date('dmY').'_fn'.rand(1234,5678).'_'.$_FILES['filename']['name']; else $fn = NULL;
if(@file_exists($_FILES['filename']['tmp_name'])){
move_uploaded_file($_FILES['filename']['tmp_name'], "files/".$fn."");
}}
mysql_query("INSERT INTO `privat`(
`who`,
`ho`,
`text`,
`time`,
`read`,
`file`
)VALUES(
'".$user['id']."',
'".$id."',
'".$text."',
'".time()."',
'0',
'".$fn."'
)");
mysql_query("UPDATE `privat_contact` SET `time`='".time()."' WHERE `who` = '".$user['id']."' and `ho`='".$id."' limit 1");
mysql_query("UPDATE `privat_contact` SET `time`='".time()."' WHERE `ho` = '".$user['id']."' and `who`='".$id."' limit 1");
header('Location: /privat?m=dialog&id='.$id.''); exit;
}else{
echo '<div class="err">';
foreach($err as $err_info){
echo $err_info.'<br>';
}
echo '</div>';
}}
echo '<div class="err"><b>Прикрипления файлов:</b> <a href="/privat?m=dialog&id='.$id.'&file">';
if($user['file'] == 0) echo 'вкл'; elseif($user['file'] == 1) echo 'выкл';
echo '</a></div>';
}
else
{
echo '<div class="stat">Вы не можете писать сообщения '.ustatus($id).' <a href="/us'.$id.'">'.uname($id).'</a> '.uaccess($id).' т.к. он вас добавил в игнор-лист!</div>';
}
}
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `privat` WHERE `who`='".$user['id']."' and `ho` = '".$id."' or `who` = '".$id."' and `ho` = '".$user['id']."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
if($ca == 0){ echo '<div class="post1" ><b>Сообщений нет!</b></div>'; }else{
$privat = mysql_query("SELECT * FROM `privat` WHERE `who`='".$user['id']."' and `ho` = '".$id."' or `who` = '".$id."' and `ho` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start,$cop");
while($privat2 = mysql_fetch_assoc($privat)){
echo '<div class="post1">'.ustatus($privat2['who']).' <a href="/us'.$privat2['who'].'">'.uname($privat2['who']).'</a> '.uaccess($privat2['who']).'';
if($privat2['read'] == 0) echo ' [<font color="red"><b>непрочитано</b></font>]';
echo ' ['.times($privat2['time']).']<br>'.antispam(smiles(bbcode($privat2['text']))).'<br>';
if(!empty($privat2['file'])) echo '<br><b>Прикрепленный файл: <a href="/modules/privat/files/'.$privat2['file'].'">'.$privat2['file'].'</a> ('.round(filesize('files/'.$privat2['file'].'')/1024).' кб)</b>';
echo '</div>';
if($privat2['ho'] == $user['id'] && $privat2['read'] == 0){
mysql_query("UPDATE `privat` SET `read`='1' WHERE `id`='".$privat2['id']."' limit 1");
}
}
echo '<div class="levo">Стр. ';
if($p-2>0) echo '<a href="/privat?m=dialog&id='.$id.'&p=1"><<</a> ';
if($p-1>0) echo '<a href="/privat?m=dialog&id='.$id.'&p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/privat?m=dialog&id='.$id.'&p='.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/privat?m=dialog&id='.$id.'&p='.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/privat?m=dialog&id='.$id.'&p='.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/privat?m=dialog&id='.$id.'&p='.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/privat?m=dialog&id='.$id.'&p='.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/privat?m=dialog&id='.$id.'&p='.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/privat?m=dialog&id='.$id.'&p='.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/privat?m=dialog&id='.$id.'&p='.ceil($ca/$cop).'">>></a>';
echo '</div><div class="tegi"><img src="/images/vper.png"/>
<a href="/privat"> Все диалоги</a>
</div></div></div>';
}
break;
}
include '../../system/footer.php';
?>