Файл: vitaliy_nosov/public_html/game/msg.php
Строк: 111
<?
require_once ('../config/func.php');
auth();
$title = 'Почта';
if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."'"),0) == true){
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
header('Location: /game/');
die();
}
if($user['id'] == $ank['id']){
header('Location: /game/');
}
mysql_query("UPDATE `kont` SET `new_msg` = '0' WHERE `id_kont` = '".$ank['id']."' AND `id_user` = '".$user['id']."' LIMIT 1");
require_once ('../config/header.php');
echo '<div class="list"><li><a href="?id='.$ank['id'].'"><img src="/style/home.png"> Обновить </a></li></div>';
if($user['level'] < 3){
echo '<div class="block center">Отправлять сообщения можно с 3 уровня</div>';
}
if($user['level'] > 3){
require_once ('../config/smile.php');
echo ' <div class="block center"><form action="?id='.$ank['id'].'" name="message" method="post">Сообщение:<br/><textarea name="msg" class = "input"></textarea><br/><span class="button_on"><input class="button_on" type="submit" value="Отправить"></span></div></form>';
}
$max = 10;
$k_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `mail` WHERE `id_user` = '".$user['id']."' and `id_kont` = '".$ank['id']."'"),0);
$k_page = k_page($k_post,$max);
$page = page($k_page);
$start = $max*$page-$max;
$q=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."' OR `id_user` = '".$ank['id']."' AND `id_kont` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start, $max");
while($post = mysql_fetch_assoc($q)) {
mysql_query("UPDATE `mail` SET `read` = '0' WHERE `id` = '".$post['id']."' AND `id_user` = '".$ank['id']."' LIMIT 1");
$ank2 = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$post['id_user']."' LIMIT 1"));
if($ank['online'] > time() - 60) $onlines4 = 'user.png';
if($ank['online'] < time() - 60) $onlines4 = 'user_off.png';
if($ank2['online'] > time() - 60) $online5 = 'user.png';
if($ank2['online'] < time() - 60) $online5 = 'user_off.png';
if($post['read'] == 1){
$read = '<span class="float-right"><font size="1"></font> <font color="#8B0000">'.vremja($post['time']).'</font></span>';
}else{
$read = '<span class="float-right"><font size="1"> </font><font color="#008000"> '.vremja($post['time']).' </font></span>';
}
echo ' <div class="block"> <img src="/style/'.$online5.'"><a href="/pers/'.$ank2['id'].'/"><font color="'.$ank2['color'].'">'.$ank2['login'].'</font></a>'.$read.'<br> '.
smile($post['msg']).'<br></div>';
}
if(isset($_POST['msg'])){
$msg = text($_POST['msg']);
if(strlen($msg) < 1 or strlen($msg) > 500)
$err = 'Длина сообщения должна быть в пределах 1 - 500 символов';
if($ank['msg_close'] == '1') $err = 'Игрок предпочел закрыть почту';
if(!isset($err)){
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`, `read`) values('".$user['id']."', '".$ank['id']."', '".$msg."', '".time()."', '1')");
mysql_query("INSERT INTO `kont` (`id_user`, `id_kont`, `time`) VALUES ('".$user['id']."', '".$ank['id']."', '".time()."')");
mysql_query("INSERT INTO `kont` (`id_user`, `id_kont`, `time`) VALUES ('".$ank['id']."', '".$user['id']."', '".time()."')");
mysql_query("UPDATE `kont` SET `new_msg` = `new_msg` + 1 WHERE `id_kont` = '".$user['id']."' AND `id_user` = '".$ank['id']."'");
header('Location: /pers/msg/?id='.$ank['id'].'');
exit;
}else{
header('Location: /pers/msg/?id='.$ank['id'].'');
$_SESSION['notif'] = $err;
exit;
}
}
if ($k_page > 1) {
echo str('/pers/msg/?id='.$ank['id'].'&',$k_page,$page);
}
require_once ('../config/footer.php');
?>