Файл: setk/ajax/newModal/mail/msg.php
Строк: 89
<?
if(!(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')) die;
include_once $_SERVER['DOCUMENT_ROOT'] . '/sys/inc/home.php';
include_once H.'sys/inc/start.php';
include_once H.'sys/inc/compress.php';
include_once H.'sys/inc/sess.php';
include_once H.'sys/inc/settings.php';
include_once H.'sys/inc/db_connect.php';
include_once H.'sys/inc/ipua.php';
include_once H.'sys/inc/fnc.php';
include_once H.'sys/inc/user.php';
// $ank = get_user($_GET['id']);
$ID = $_SESSION['id_user'];
if (isset($_GET['id']))
$ank = intval($_GET['id']);
else
exit;
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` != '$ID' AND `id_user` = '$ID' AND `id_kont` = '$ank' OR `id_user` = '$ank' AND `id_kont` = '$ID' AND `unlink` != '$ID' ORDER BY id DESC LIMIT 7");
while ($post = mysql_fetch_array($q))
{
// Лесенка
echo '<div class="sms_bubble' . ($post['id_user'] == $ank ? " blue-right" : null) . '" style="opacity:1; font-size:14px; float:none; clear:none;">';
$num++;
echo user::avatar($post['id_user'], 2) . user::nick($post['id_user'], 1, 1, 1) . ' (' . vremja($post['time']) . ') ';
if ($post['read'] == 0 && $post['id_user'] == $ID)
echo '<span class="no_ready">не прочитано</span>';
elseif ($post['read'] == 0)
echo '<span class="no_ready">новое сообщение</span>';
?><br /><?
if ($post['msg'])
echo output_text($post['msg']) . '<br />';
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `mail_files` WHERE `id_post` = '$post[id]'"),0) > 0)
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$post[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
if (@file_get_contents(H.'sys/mail/screen/' . $file['id'] . '.png'))
echo '<img src="/sys/mail/screen/' . $file['id'] . '.png" width="128" /><br />';
if ($file['ras'] == 'mp3' && $webbrowser)
{
?>
<a href="#" onclick="playMusic('/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>', '<?=text($file['name'])?>')">
<img src="/style/icons/play.png" width="16"/>
</a>
<?
}
else
{
?><img src="/ajax/newModal/img/file.png"> <?
}
?> <a href="/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>" target="_blank"><?=text($file['name'])?>.<?=text($file['ras'])?></a> <br /><?
}
}
?>
<div style='text-align: right; margin-top: -16px;'>
<a href="mail.php?id=<?=$ank?>&page=<?=$page?>&delete=<?=$post['id']?>"><img src="/style/icons/delete.gif" alt="*" title="Удалить это сообщение"></a>
</div>
</div>
<?
}
if (isset($ID) && isset($ank) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE (`id_kont` = '$ank' OR `id_user` = '$ank') AND (`id_kont` = '$ID' OR `id_user` = '$ID') AND `read` = '0'"), 0) > 0)
{
?>
<script>
<?if (mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_kont` = '$ID' AND `id_user` = '$ank' AND `read` = '0'"), 0) > 0){?>
audio1.play();
<?}?>
</script>
<?
// помечаем сообщения как прочитанные
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$ID' AND `id_user` = '$ank'");
}
exit;
?>