Файл: moduls/mail/dialog.php
Строк: 57
<?php
include_once $_SERVER["DOCUMENT_ROOT"].'/system/base.php';
$id = abs(intval($_GET['id']));
$mess = $con->query("SELECT * FROM `user` WHERE `id` = '".$id."'")->fetch_assoc();
$title = 'Диалог с '.$mess['login'];
include_once $_SERVER["DOCUMENT_ROOT"].'/style/head.php';
aut();
if(!isset($mess['id']) or $user['id'] == $mess['id']) {err('Ошибка!');
include_once $_SERVER["DOCUMENT_ROOT"].'/style/foot.php';
exit();
}
$contact = $con->query("SELECT * FROM `message_c` WHERE `kogo` = '".$mess['id']."' and `kto` = '".$user['id']."' LIMIT 1")->num_rows;
if($contact == 0) {
$con->query("INSERT INTO `message_c` SET `kto` = '".$user['id']."', `kogo` = '".$mess['id']."', `time` = '".time()."', `posl_time` = '".time()."'");
$con->query("INSERT INTO `message_c` SET `kto` = '".$mess['id']."', `kogo` = '".$user['id']."', `time` = '".time()."', `posl_time` = '".time()."'");
}
if(isset($_POST['insert'])){
$msg = filtr($_POST['msg']);
$tim = $con->query("SELECT * FROM `message` WHERE `kto` = '".$user['id']."' ORDER BY `time` DESC")->fetch_assoc();
if(strlen($msg) < '3' or strlen($msg) > '500'){ err('Сообщение содержит меньше 3 или больше 500 символов');}
elseif((time()-$tim['time']) < 5) { err('Вы слишком часто пишите сообщения');}
else{
$con->query("UPDATE `message_c` SET `posl_time`='".time()."' WHERE `kogo` = '".$user['id']."' and `kto`='".$id."' limit 1");
$con->query("UPDATE `message_c` SET `posl_time`='".time()."' WHERE `kto` = '".$user['id']."' and `kogo`='".$id."' limit 1");
$con->query("INSERT INTO `message` SET `text` = '".$msg."', `kto` = '".$user['id']."', `komy` = '".$mess['id']."', `time` = '".time()."', `readlen` = '0'");
header('Location:?id='.$mess['id'].'');
}
}
echo '
<form action="" method="POST">
Введите сообщение: <br/>
<textarea name="msg"></textarea>
<center><input type="submit" value="Отправить" name="insert" title="Сообщение" /> <input type="button" value="Обновить" onclick="location.reload();"/></center>
</form>
';
$k_post = $con->query("SELECT * FROM `message` WHERE `kto` = '".$user['id']."' and `komy` = '".$mess['id']."' or `kto` = '".$mess['id']."' and `komy` = '".$user['id']."'")->num_rows;
$k_page = k_page($k_post,10);
$page = page($k_page);
$start = 10*$page-10;
$msg = $con->query("SELECT * FROM `message` WHERE `kto` = '".$user['id']."' and `komy` = '".$mess['id']."' or `kto` = '".$mess['id']."' and `komy` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start, 10");
while($m = $msg->fetch_assoc()){
echo '<div class="link">';
echo ''.user($m['kto']).' <small>['.data($m['time']).']</small> <br/>';
echo ''.text($m['text']).'<br>
'.($m['readlen']==0?'<font color="red">[Не прочитано]</font>':'<font color="green">Прочитано</font>').'
';
echo '</div>';
if($user['id'] == $m['komy']) {
$con->query("UPDATE `message` SET `readlen` = '1' WHERE `id`='".$m['id']."' limit 1");
}
}
if($k_post < 1) err('Переписка с '.user($mess['id']).' еще не состоялась!');
if ($k_page > 1) echo str('?id='.$mess['id'].'&',$k_page,$page); // Вывод страниц
include_once $_SERVER["DOCUMENT_ROOT"].'/style/foot.php';
?>