Файл: 4wx.ru/scripts/mail/dialog.php
Строк: 74
<?
$title = 'Мои диалоги';
include_once '../../sys/fnc.php';
include_once '../../sys/head.php';
if (!isset($user)){header("Location: /");exit;}
$id=intval($_GET['id']);
if (!isset($_GET['id']))
{
header("Location: /scripts/mail");
exit;
}
if (isset($_GET['del']))
{
$del=intval($_GET['del']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `user` = '$user->id' AND `id` = '$del'"), 0)>0)
{
if(isset($_POST['yes']))
{
mysql_query("DELETE FROM `mail` WHERE `id` = '$del'");
header("Location: /scripts/mail/dialog.php?id=".$id);
}
elseif(isset($_POST['no'])) header("Location: /scripts/mail/dialog.php?id=".$id);
else
{
echo "<div class='post'><form method='post' action='?id=$id&del=$del'>Удалить сообщение?<br>";
echo '<input type="submit" name="yes" value="Удалить"/>';
echo '<input type="submit" name="no" value="Отмена"/>';
echo '</form></div>';
}
}
else
{
if(isset($_POST['yes']))
{
mysql_query("DELETE FROM `mail` WHERE `user` = '$user->id' AND `ank` = '$id'");
header("Location: /scripts/mail");
}
elseif(isset($_POST['no'])) header("Location: /scripts/mail/dialog.php?id=".$id);
else
{
echo "<div class='post'><form method='post' action='?id=$id&del'>Удалить весь диалог?<br>";
echo '<input type="submit" name="yes" value="Удалить"/>';
echo '<input type="submit" name="no" value="Отмена"/>';
echo '</form></div>';
}
}
}
$q=mysql_query("SELECT * FROM `mail` WHERE `user` = '$user->id' AND `ank` = '$id' ORDER BY `time` DESC");
if (mysql_num_rows($q)==0)
{
header("Location: /scripts/mail");
exit;
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `user` = '$user->id' AND `ank` = '$id' AND `read` = '0'"), 0)>0)
{
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `user` = '$user->id' AND `ank` = '$id'");
header("Location: /scripts/mail/dialog.php?id=".$id);
}
/*
if($f['user_1']==$user->id){$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[user_2]' LIMIT 1"));}
else{$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[user_1]' LIMIT 1"));}*/
if (isset($_POST['msg']) && strlen($_POST['msg'])>0)
{
$msg = html($_POST['msg']);
// mysql_query("INSERT INTO `mail` (`user`, `ank`, `msg`, `time`, `type`, `read`) values ('$user->id', '$id', '$msg', '".time()."', 'out', `1`)");
// mysql_query("INSERT INTO `mail` (`user`, `ank`, `msg`, `time`, `type`) values ('$id', '$user->id', '$msg', '".time()."', 'in')");
mysql_query("INSERT INTO `mail` (`user`, `ank`, `msg`, `time`, `type`) values ('$user->id', '".$id."', '$msg', '".time()."', 'out')");
mysql_query("INSERT INTO `mail` (`user`, `ank`, `msg`, `time`, `type`) values ('".$id."', '$user->id', '$msg', '".time()."', 'in')");
echo $div->div_err.' Сообщение добавлено</div>';
header("Location: dialog.php?id=".$id);
}
echo "<div class='post'><form action='?id=$id' method='POST'>Сообщение:<br><textarea name='msg'></textarea><br><input type='submit' value='Отправить'></form></div>";
$c_p = mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `user` = '$user->id' AND `ank` = '$id'"),0);
$p_page = '10';
$k_page = k_page($c_p, $p_page);
$page = page($k_page);
$start = $p_page*$page-$p_page;
$q=mysql_query("SELECT * FROM `mail` WHERE `user` = '$user->id' AND `ank` = '$id' ORDER BY `time` DESC LIMIT $start, ". $p_page);
while ($f=mysql_fetch_assoc($q))
{
if($f['type']=='in')$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$f['ank']."'"));
else $ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$f['user']."'"));
if($ank==NULL)$ank['login']='System';
if ($ank['position']=='admin'){$img='<img src='admin.png'>';}
else{$img='<img src='user.png'>';}
echo "<div class='post'>$img <a href='/user$ank[id]'>$ank[login]</a> ".ptime($f['time'])." <br />".output($f['msg'])."<br><a href='?id=$id&del=$f[id]'>[удалить]</a>";
// Удаляем сообщение
// if ($user->position == 'admin' || $user->position == 'mod')echo "<a href='/scripts/tickets/ticket.php?id=$id&delk=$fq[id]'>[<font color='red'>x</font> Удалить]</a>";
// if ($fq['time']>time()-600 && $fq['user']==$user->id)echo "[ <a href='?id=".$f['id']."&set=".$fq['id']."'>Изменить</a> <small>Осталось: ".($fq['time']+600-time())." сек</small>]n";
echo '</div>';
}
if ($k_page > 1) str('/scripts/mail/dialog.php?id='.$id.'&', $k_page, $page);
echo "<div class='post'>.: <a href='?id=$id&del'>Удалить диалог</a> :.</div>";
include_once '../../sys/foot.php';
?>