Файл: sysadm/rassylka_script.php
Строк: 36
<?
define('GCMS',true);
define('ROOT','../');
require_once (ROOT.'system/power.php');
if($aut){
if ($ya['level'] > 6) {
$_POST['sid']=abs(intval($_POST['sid']));
$_POST['id']=abs(intval($_POST['id']));
$_POST['rass_type']=abs(intval($_POST['rass_type']));
$_POST['text']=shit($_POST['text']);
if($_POST['sid']=='1'){
$us= $db -> query("SELECT `id`,`email` FROM `users` where `id`='".$_POST['id']."' and `id`<>'1' and `id`<>'2'");
if($us->num_rows>0){
$sq1 = $db -> query("SELECT `id` FROM `dialogs` WHERE `user`='".$_POST['id']."' and `oid`='".$_POST['rass_type']."' LIMIT 1");
$sq2= $db -> query("SELECT `id` FROM `dialogs` WHERE `oid`='".$_POST['id']."' and `user`='".$_POST['rass_type']."' LIMIT 1");
if (($sq1-> num_rows == 0)and($sq2-> num_rows == 0)) {
$db -> query("INSERT INTO `dialogs` (`user`,`oid`,`time`) VALUES ('".$user['id']."','".$_POST['rass_type']."','".time()."')");
$dialog = $db -> insert_id;
$db -> query("INSERT INTO `mail` (`fid`,`oid`,`dialog`,`text`,`time`) VALUES ('".$_POST['id']."','".$_POST['rass_type']."','".$dialog."','".$_POST['text']."','".time()."')");
}else{
if ($sq1-> num_rows > 0){$d=$sq1->fetch_assoc();}elseif($sq2-> num_rows > 0){$d=$sq2->fetch_assoc();}
$dialog=$d['id'];
$db -> query("INSERT INTO `mail` (`fid`,`oid`,`dialog`,`text`,`time`) VALUES ('".$_POST['id']."','".$_POST['rass_type']."','".$dialog."','".$_POST['text']."','".time()."')");
$db -> query("Update `dialogs` set `time`='".time()."' where `id`='".$dialog."'");
}
}
}elseif($_POST['sid']=='2'){
$us= $db -> query("SELECT `id`,`email` FROM `users` where `id`='".$_POST['id']."' and `email`<>'' and `id`<>'1' and `id`<>'2'");
if($us->num_rows>0){
$user=$us -> fetch_assoc();
$my_mail="info@".$perf;
$tema = 'Рассылка от '.$func->famname($_POST['rass_type'],0);
$textx = '<strong>'.$func->famname($user['id']).'</strong>,Здравствуйте!<br />
<b>'.$_POST['text'].'</b>';
$header.="From: "".$my_mail."" <".$my_mail.">n";
$header.="Subject: ".$theme."n";
$header.="Content-type: text/html; charset="utf-8"n";
mail($user['email'],$tema,$textx,$header);
}
}
echo $_POST['id'];
}else header('location: index.php');
}
?>