Файл: mail.php
Строк: 363
<?
/**
* & CMS Name :: DCMS-Social
* & Author :: Alexandr Andrushkin
* & Contacts :: ICQ 587863132
* & Site :: http://dcms-social.ru
*/
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/user.php';
only_reg();
$ID = intval($_GET['id']);
if (!isset($ID))
{
$_SESSION['err'] = 'Не указан ID контакта';
header('Location: /konts.php');
exit;
}
$ank = get_user($_GET['id']);
if (!$ank)
{
$_SESSION['err'] = 'Контакт не существует';
header('Location: /konts.php');
exit;
}
if (isset($_POST['refresh']))
{
header('Location: /mail.php?id=' . $ID);
exit;
}
$k_kont = mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'"), 0);
if ($user['level'] == 0 && $k_kont == 0)
{
$webbrowser = false;
}
// Отправка сообщения
if (isset($_POST['msg']) && $ID != 0)
{
if ($user['level'] == 0 && $k_kont == 0)
{
if (!isset($_SESSION['captcha']))$err[] = 'Ошибка проверочного числа';
if (!isset($_POST['chislo']))$err[] = 'Введите проверочное число';
elseif ($_POST['chislo'] == null)$err[] = 'Введите проверочное число';
elseif ($_POST['chislo'] != $_SESSION['captcha'])$err[] = 'Проверьте правильность ввода проверочного числа';
}
// Выгрузка файла
if (isset($_FILES['uploadfile']) && !isset($err))
{
$name = my_esc(preg_replace('#.[^.]*$#', NULL, $_FILES['uploadfile']['name']));
$ras = my_esc(strtolower(preg_replace('#^.*.#', NULL, $_FILES['uploadfile']['name'])));
mysql_query("INSERT INTO `mail_files` (`id_kont`, `name`, `ras`) VALUES ('$user[id]', '$name', '$ras')");
$ID_FILE = mysql_insert_id();
if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], H.'sys/mail/files/' . $ID_FILE . '.dat'))
{
if ($imgc = @imagecreatefromstring(file_get_contents(H.'sys/mail/files/' . $ID_FILE . '.dat')))
{
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
if ($img_x == $img_y)
{
$dstW = 220; // ширина
$dstH = 220; // высота
}
elseif ($img_x > $img_y)
{
$prop = $img_x / $img_y;
$dstW = 220;
$dstH = ceil($dstW/$prop);
}
else
{
$prop = $img_y/$img_x;
$dstH = 220;
$dstW = ceil($dstH/$prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
//$screen=img_copyright($screen); // наложение копирайта
imagegif($screen,H."sys/mail/screen/$ID_FILE.png");
@chmod(H.'sys/mail/screen/' . $ID_FILE . '.png', 0666);
imagedestroy($screen);
}
@chmod(H.'sys/mail/files/' . $ID_FILE . '.dat', 0666);
}
else
{
// Если файл не был загружен, удаляем запись..
mysql_query("DELETE FROM `mail_files` WHERE `id` = '" . $ID_FILE . "'");
}
}
$msg = $_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit'] == 1)$msg = translit($msg);
if (strlen2($msg) > 1024)$err[] = 'Сообщение превышает 1024 символа';
if (strlen2($msg) < 2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail_files` WHERE `id_kont` = '$user[id]' AND `id_post` = '0'"), 0) == 0)$err[] = 'Слишком короткое сообщение';
$mat = antimat($msg);
if ($mat)$err[] = 'В тексте сообщения обнаружен мат: '.$mat;
if (!isset($err))
{
// отправка сообщения
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ID', '" . my_esc($msg) . "', '$time')");
$id_post = mysql_insert_id();
// крепим файлы
mysql_query("UPDATE `mail_files` SET `id_post` = '$id_post' WHERE `id_kont` = '$user[id]' AND `id_post` = '0'");
// добавляем в контакты
if ($user['add_konts'] == 1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"),0) == 0)
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ID', '$time')");
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]'");
if (!isset($_GET['ajax']))
{
$_SESSION['message'] = 'Сообщение успешно отправлено';
header('Location: ?id=' . $ID);
}
exit;
}
if (isset($_GET['ajax']) && $err)
{
?><script>alert('<?=$err?>');</script><?
exit;
}
}
// помечаем сообщения как прочитанные
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'");
// добавляем в контакты
if ($user['add_konts'] == 2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"),0) == 0)
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ID', '$time')");
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `new_msg` = '0' WHERE `id_kont` = '$ID' AND `id_user` = '$user[id]' LIMIT 1");
// Удаление сообщения
if (isset($_GET['delete']) && $_GET['delete'] != 'add')
{
$mess = mysql_fetch_assoc(mysql_query("SELECT * FROM `mail` WHERE `id` = '" . intval($_GET['delete']) . "' limit 1"));
if ($mess['id_user'] == $user['id'] || $mess['id_kont'] == $user['id'])
{
if ($mess['unlink'] != $user['id'] && $mess['unlink'] != 0)
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$mess[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
mysql_query("DELETE FROM `mail_files` WHERE `id` = '$file[id]'");
@unlink(H."sys/mail/screen/$file[id].png");
@unlink(H."sys/mail/files/$file[id].dat");
}
mysql_query("DELETE FROM `mail` WHERE `id` = '$mess[id]'");
}
else
mysql_query("UPDATE `mail` SET `unlink` = '$user[id]' WHERE `id` = '$mess[id]' LIMIT 1");
$_SESSION['message'] = 'Сообщение удалено';
header('Location: ?id=' . $ID);
exit;
}
}
// Очистка почты
if (isset($_GET['delete']) && $_GET['delete'] == 'add')
{
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` = '$ID' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` = '$ID'");
while ($post = mysql_fetch_array($q))
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$post[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
mysql_query("DELETE FROM `mail_files` WHERE `id` = '$file[id]'");
@unlink(H."sys/mail/screen/$file[id].png");
@unlink(H."sys/mail/files/$file[id].dat");
}
}
mysql_query("DELETE FROM `mail` WHERE `unlink` = '$ID' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` = '$ID'");
mysql_query("UPDATE `mail` SET `unlink` = '$user[id]' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]'");
$_SESSION['message'] = 'Сообщения удалены';
header('Location: ?id=' . $ID);
exit;
}
$set['title'] = 'Переписка с ' . user::nick($ID, 0);
include_once 'sys/inc/thead.php';
title();
aut();
err();
?><link rel="stylesheet" type="text/css" href="/ajax/newModal/mail/style.css"><?
// Приватность почты пользователя
$block = true;
$uSet = mysql_fetch_array(mysql_query("SELECT * FROM `user_set` WHERE `id_user` = '$ID' LIMIT 1"));
$frend = mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ID') OR (`user` = '$ID' AND `frend` = '$user[id]') LIMIT 1"),0);
$frend_new = mysql_result(mysql_query("SELECT COUNT(*) FROM `frends_new` WHERE (`user` = '$user[id]' AND `to` = '$ID') OR (`user` = '$ID' AND `to` = '$user[id]') LIMIT 1"),0);
if ($user['group_access'] == 0)
{
if ($uSet['privat_mail'] == 2 && $frend != 2) // Если только для друзей
{
?>
<div class="mess">
Писать сообщения пользователю, могут только его друзья!
</div>
<?
$block = false;
}
// Если закрыта
if ($uSet['privat_mail'] == 0)
{
?>
<div class="mess">
Пользователь запретил писать ему сообщения!
</div>
<?
$block = false;
}
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `unlink` != '$user[id]' AND `id_user` = '$user[id]' AND `id_kont` = '$ID]' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` != '$user[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($ID != 0 && $block == true)
{
if (isset($webbrowser))
{
?>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script type="text/javascript" src="/ajax/newModal/ajax_files_upload.js"></script>
<script type="text/javascript" src="/ajax/js/audio-player.js"></script>
<audio preload="auto" id="sound1" ><source src="/ajax/newModal/mail/ReceivedMessage.mp3" /><source src="/ajax/newModal/mail/ReceivedMessage.ogg" /></audio>
<audio preload="auto" id="sound2" ><source src="/ajax/newModal/mail/SentMessage.mp3" /><source src="/ajax/newModal/mail/SentMessage.ogg" /></audio>
<script type="text/javascript" >
var audio1 = document.getElementById("sound1");
var audio2 = document.getElementById("sound2");
$(function()
{
var btnUpload = $('#upload');
var status = $('#status');
new AjaxUpload(btnUpload, {
action: '/ajax/newModal/mail/upload.php?id=<?=$ID?>',
name: 'uploadfile',
onSubmit: function(file, ext)
{
$('#upload').css({'display':'none'});
$('#loader').css({'display':'inline-block'});
},
onComplete: function(file, response){
if(response === "success")
{
$('<div class="upload_success"></div>').appendTo('#files').html(file + ' <a href="#" onclick="delete_file('' + file + '')"><img src="/style/icons/delete.gif" alt="*" /></a>').addClass('error');
}
else
{
$('<div class="upload_error"></div>').appendTo('#files').text(' ' + file).addClass('error');
}
$('#upload').css({'display':'inline-block'});
$('#loader').css({'display':'none'});
}
});
});
$.ajax({
url: "/ajax/newModal/mail/list.php?list",
cache: false,
success: function(html){
$("#files").html(html);
}
});
function mail_list()
{
$.ajax({
url: "/ajax/newModal/mail/msg.php?id=<?=$ID?>",
cache: false,
success: function(html){
$("#LoadMsg").html(html);
}
});
}
<?if ($page == 1){?>
setInterval("mail_list()", 5000);
<?}?>
function delete_file(id_file)
{
$.ajax({
url: "/ajax/newModal/mail/list.php?delete=" + id_file,
cache: false,
success: function(html){
$("#files").html(html);
}
});
}
function clicktext(type)
{
if (type == 'open')
{
$('#message').css({'height':'88px'});
}
if (type == 'close')
{
$('#message').css({'height':'48px'});
}
}
// Отправка комментария
$(function()
{
$("#dcms-komm-send").click(function()
{
var chislo = $("#chislo").val();
var reply = $("#reply").val();
var msg = $("#message").val();
$("#reply").val("");
$("#message").val("");
$("#chislo").val("");
audio2.play();
document.getElementById('files').innerHTML = '';
// Анимация отправки
document.getElementById('dcms-modal-status').innerHTML = ' <img src="/ajax/newModal/img/upload.gif" alt="load.."/>';
$.ajax({
type: "POST",
url: "/mail.php?id=<?=$ID?>&ajax",
data: {"reply": reply, "msg": msg},
cache: false,
success: function(response)
{
if(response == 0)
{
$("#reply").val("");
$("#message").val("");
$("#chislo").val("");
// Выключаем анимацию отправки сообщения
document.getElementById('dcms-modal-status').innerHTML = '';
mail_list('load');
}
else
{
// Выводим сообщение об ошибке
document.getElementById('dcms-modal-status').innerHTML = '<font style="color:red;">' + response + '</font>';
}
}
});
return false;
});
});
AudioPlayer.setup
(
"/ajax/js/player.swf",
{
width:"100%",
animation:"yes",
encode:"no",
initialvolume:"100",
remaining:"yes",
noinfo:"no",
buffer:"2",
checkpolicy:"no",
rtl:"no",
bg:"064a91",
text:"000000",
leftbg:"064a91",
lefticon:"fee300",
volslider:"fee300",
voltrack:"ffffff",
rightbg:"064a91",
rightbghover:"064a91",
righticon:"fee300",
righticonhover:"fee300",
track:"FFFFFF",
loader:"fee300",
border:"D2F0FF",
tracker:"fee300",
skip:"ff284b",
pagebg:"064a91",
transparentpagebg:"yes"
}
);
function playMusic(file, title)
{
AudioPlayer.embed
(
"audioplayer",
{
soundFile: file,
titles: title,
artists: "",
autostart: "yes"
}
);
}
</script>
<?
}
?>
<form method="post" name="message" id="reply_msg" class="dcms-modal-form" action="/mail.php?id=<?=$ID?>" style="" enctype="multipart/form-data"><?
if (!$set['web'])
{
echo $tPanel;
}else{
include H.'/111.php';
}
?>
<table cellpadding="0" cellspacing="4">
<tr>
<td style="width: 50px; vertical-align: top; height: 50px; margin: 0; padding:0; border: 0;" id="mail_avatar">
<?=user::avatar($user['id'], 1)?>
</td>
<td style="vertical-align: top;" id="mail_textarea">
<textarea id="message" name="msg" class="dcms-modal-textarea" style="height: 48px; margin: 0; margin-top: 2px; margin-left: -3px; padding:0;" onclick="clicktext('open')"></textarea>
</td>
</tr>
</table>
<?
?><div id="files"></div><?
if ($user['level'] == 0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'"), 0) == 0)
echo '<img src="/captcha.php?SESS=' . $sess . '" width="100" height="30" alt="Captcha" /><br /><input name="chislo" size="5" maxlength="5" value="" type="text" /><br />';
?>
<input type="submit" name="send" id="dcms-komm-send" value="Отправить" />
<?if ($webbrowser){?>
<div id="upload" style="display: inline-block;">
<span class="fileinput">Файл<span>
</div>
<span id="dcms-modal-status"></span>
<img src="/ajax/newModal/img/upload.gif" style="display:none" id="loader" /> <span id="audioplayer"></span>
<?}else{?>
<input name="uploadfile" type="file" style="width:100px; padding:2px;" />
<?}?>
</form>
<?
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"), 0) != 1)
{
$kont = mysql_fetch_array(mysql_query("SELECT * FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"));
?>
<div class="foot"><img src="/style/icons/str.gif" alt="*">
<a href="/konts.php?type=common&act=add&id=<?=$ID?>">Добавить в список контактов</a>
</div>
<?
}
}
if ($k_post == 0)
{
?>
<div class="mess">
Нет сообщений
</div>
<?
}
?><table class="post"><div id="LoadMsg"><?
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` != '$user[id]' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` != '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q))
{
// Лесенка
echo '<div class="sms_bubble' . ($post['id_user'] == $ID ? " blue-right" : null) . '" style="opacity:1; font-size:14px; float:none; clear:none;">';
$num++;
echo user::avatar($post['id_user'], 2) . user::nick($post['id_user'], 1, 1, 1) . ' (' . vremja($post['time']) . ') ';
if ($post['read'] == 0)
echo '<span class="no_ready">не прочитано</span>';
?><br /><?
if ($post['msg'])
echo output_text($post['msg']) . '<br />';
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `mail_files` WHERE `id_post` = '$post[id]'"),0) > 0)
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$post[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
if (@file_get_contents(H.'sys/mail/screen/' . $file['id'] . '.png'))
echo '<img src="/sys/mail/screen/' . $file['id'] . '.png" width="128" /><br />';
if ($file['ras'] == 'mp3' && $webbrowser)
{
?>
<a href="#" onclick="playMusic('/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>', '<?=text($file['name'])?>')">
<img src="/style/icons/play.png" width="16"/>
</a>
<?
}
else
{
?><img src="/ajax/newModal/img/file.png"> <?
}
?> <a href="/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>" target="_blank"><?=text($file['name'])?>.<?=text($file['ras'])?></a> <br /><?
}
}
?>
<div style='text-align: right; margin-top: -16px;'>
<a href="mail.php?id=<?=$ID?>&page=<?=$page?>&delete=<?=$post['id']?>"><img src="/style/icons/delete.gif" alt="*" title="Удалить это сообщение"></a>
</div>
</div>
<?
}
?></div></table><?
// Вывод страниц
if ($k_page > 1)str('mail.php?id=' . $ID . '&', $k_page, $page);
?>
<div class="foot">
<img src="/style/icons/str.gif" alt="*"> <a href="mail.php?id=<?=$ID?>&page=<?=$page?>&delete=add">Очистить почту</a><br />
<img src="/style/icons/str2.gif" alt="*"> <a href="konts.php">Мои контакты</a><br />
</div>
<?
include_once 'sys/inc/tfoot.php';
?>