Файл: user/mail.php
Строк: 170
<?
require_once '../core/system.php';
$req = mysql_query("SELECT * from `ban` where `id_us` = '".$user['id']."' and `time`>'".$_SERVER['REQUEST_TIME']."'");
$ban = mysql_fetch_array($req);
if($ban['ban'] == 3){
header('Location: /moduls/ban');
}
if($ban['ban'] == 2){
header('Location: /');
$_SESSION['err'] = "Вы находитесь в бане!";
exit;
}
if(empty($_GET['id'])){
header('Location: /user/newmsg');
exit;
}
if(!isset($user['id'])) header('Location: /');
if(isset($_GET['id'])){
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".abs(intval($_GET['id']))."' LIMIT 1"));
mysql_query("UPDATE `users_konts` SET `new_msg` = '0' WHERE `id_kont` = '".$ank['id']."' AND `id_user` = '".$user['id']."' LIMIT 1");
$header = 'Почта / '.$ank['nick'].'';
require_once '../core/head.php';
if($user['save'] < 1){
header('Location: /');
}
if(isset($_GET['udal'])){
if($user['prava'] < 2){
$_SESSION['error'] = 'Ошибка!';
header("Location: ?");
exit;
}
$id_chmsg = intval($_GET['id_msg']);
$del_chat_msg = mysql_query("DELETE FROM `mail` WHERE `id` = '".$id_chmsg."'");
header("Location: ?id=".$ank['id']."");
}
if($user['mesto'] != 'Почта') mysql_query("UPDATE `user` set `mesto` = 'Почта' where `id` = '".$user['id']."'");
echo "<div class='foot'>
<a href='?id=".$ank['id']."'>
<img src='/images/icon/reload.png'> Обновить</a>
<span class='float-right'>
<a href='/moduls/smiles'>
<img src='/images/icon/smiley.png'>
Смайлики
</a>
</span>
</div>
<hr>
</div>";
$req = mysql_query("SELECT * from `ban` where `id_us` = '".$user['id']."' and `time`>'".$_SERVER['REQUEST_TIME']."'");
$ban = mysql_fetch_array($req);
$avto = mysql_num_rows($req);
if($avto == 0){
echo '<div class="head">
<div class="empty"></div>
<form method="post" action='."?id=".$ank['id']."".'>
<textarea rows="3" class="chat-area" name="msg">
</textarea>
<input type="submit" class="inpc-ar form-submit" value="Отправить">
</span>
</form>
</div>';
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `unlink` != '".$user['id']."' AND `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."' and `del_user`!='".$user['id']."' and `del_kont`!='".$user['id']."' OR `id_user` = '".$ank['id']."' and `del_user`!='".$user['id']."' and `del_kont`!='".$user['id']."' AND `id_kont` = '".$user['id']."' AND `unlink` != '".$user['id']."'"),0);
$k_page = k_page($k_post,10);
$page = page($k_page);
$start = 10*$page-10;
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` != '".$user['id']."' AND `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."' and `del_user`!='".$user['id']."' and `del_kont`!='".$user['id']."' OR `id_user` = '".$ank['id']."' AND `id_kont` = '".$user['id']."' and `del_user`!='".$user['id']."' and `del_kont`!='".$user['id']."' AND `unlink` != '".$user['id']."' ORDER BY id DESC LIMIT ".$start.", 10");
$erq = mysql_num_rows($q);
if($erq > 0 and $avto == 0){
echo "<hr>";
}
if($erq == 0){
if($avto == 0){
echo "<hr>";
}
echo"<div class='player'>Нет сообщений</div>";
}
while($post = mysql_fetch_array($q)) {
mysql_query("UPDATE `mail` SET `read` = '0' WHERE `id` = '".$post['id']."' AND `id_user` = '".$ank['id']."' LIMIT 1");
$ank2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = ".$post['id_user']." LIMIT 1"));
if($ank2['prava'] == 5){
$status = "<font color='ffc22b'>[A]</font>";
$tcolor = 'F7990D';
}
if($ank2['prava'] == 4){
$status = "<font color='ffc22b'>[a]</font>";
$tcolor = 'EBC621';
}
if($ank2['prava'] == 3){
$status = "<font color='ffc22b'>[M]</font>";
}
if($ank2['prava'] == 2){
$status = "<font color='ffc22b'>[m]</font>";
}
echo "<div class='player'>";
echo online($ank2['id']);
echo " <a href='/user/".$ank2['id']."/'>
<font color='".$ank2['font']."'>
".$ank2['nick']."
</font>
</a>";
if($ank2['prava'] > 1){
echo' '.$status.' ';
}
if($user['prava'] > 3){
echo' <a href="?id='.intval($_GET['id']).'&udal&id_msg='.$post['id'].'">[X]</a> ';
}
$req = mysql_query("SELECT id from `ban` where `id_us` = '".$ank2['id']."' and `time`>'".$_SERVER['REQUEST_TIME']."'");
$avto = mysql_num_rows($req);
if($avto > 0){
echo"<span class='float-right grey'>
".vremja($post['time'])."
</span>
<br>
<span class='grey'>
</span>
<br>";
} else {
if($post['read'] == 1){
echo " <span class='float-right white'>
".vremja($post['time'])."
</span>";
if ($ank2['prava'] >= 4){
echo "<br>
<div class='forum-text'>
<span class='white'>
".smiles(($post['msg']))."
</span></div>
<br>";
} else {
echo "<br><div class='forum-text'>
<span class='white'>
".smiles(antimat($post['msg']))."
</span></div>
<br>";
}
} else {
echo "<span class='float-right grey'>
".vremja($post['time'])."
</span>";
if ($ank2['prava'] >= 4){
echo "<br><div class='forum-text'>
<font color='".$tcolor."'>
".smiles(($post['msg']))."
</font></div>
<br>";
} else{
echo "<br><div class='forum-text'>
<span class='grey'>
".smiles(antimat($post['msg']))."
</span></div>
<br>";
}
}
}
echo "</div>
<hr>";
}
if(isset($_POST['msg'])){
if(mysql_result(mysql_query("SELECT count(id) from `ignor` where `kto` = '".$ank['id']."' and `kogo` = '".$user['id']."'"),0) >= 1){
$err = 'Вы находитесь в чёрном списке у этого игрока</div>';
}
if($user['level'] < 5){
$err = 'Писать сообщения можно только с 5 уровня!';
}
$msg = check($_POST['msg']);
$lelfi = $_SERVER['REQUEST_TIME'] - 60;
$elfilox = mysql_result(mysql_query("SELECT COUNT(id) FROM `mail` WHERE `msg` LIKE '%".$msg."%' and `id_user` = '".$user['id']."' and `time`>".$lelfi.""),0);
if($elfilox > 0 && $user['prava'] < 4) {
$err = 'Сообщение повторяет предыдущее!';
header('Location: ?id='.$ank['id'].' ');
}
if(empty($_GET['id'])){
$err = 'Игрок не найден';
header("Location: / ");
}
if($user['prava'] < 5){
if(strlen($msg) < 1 or strlen($msg) > 1000) $err = 'Длина сообщения должна быть от 1 до 1000 символов';
}
if(!isset($err)) {
$time = $_SERVER['REQUEST_TIME'];
$timer = $_SERVER['REQUEST_TIME'] + 1296000;
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`,`timer`, `read`) values('".$user['id']."', '".$ank['id']."', '".$msg."', '".$time."','".$timer."', '1')");
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`,`timer`) VALUES ('".$user['id']."', '".$ank['id']."', '".$time."','".$timer."')");
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`,`timer`) VALUES ('".$ank['id']."', '".$user['id']."', '".$time."','".$timer."')");
mysql_query("UPDATE `users_konts` SET `new_msg` = '1', `time`='".$time."' WHERE `id_kont` = '".$user['id']."' AND `id_user` = '".$ank['id']."'");
mysql_query("UPDATE `users_konts` SET `del` = '0', `time`='".$time."' WHERE `id_kont` = '".$user['id']."' AND `id_user` = '".$ank['id']."'");
mysql_query("UPDATE `users_konts` SET `del` = '0', `time`='".$time."' WHERE `id_kont` = '".$ank['id']."' AND `id_user` = '".$user['id']."'");
header("Location: ?id=".$ank['id']."");
$_SESSION['message'] = 'Сообщение отправлено';
exit();
} else {
header("Location: ?id=".$ank['id']."");
$_SESSION['err'] = $err;
exit();
}
}
if($k_page > 1) str('mail?id=' . intval($_GET['id']) . '&',$k_page,$page);
if($k_page > 1) echo"<hr>";
if($k_post > 0) echo "<div class='but-list'>
<a href='/user/newmsg?del=msg&id=".$ank['id']."'>
<img src='/images/icon/error.png'>
Удалить всю переписку с ".$ank['nick']."
</div>
</a>";
echo"<hr>
<div class='but-list'>
<a href='newmsg'>
<img src='/images/icon/mail.png'>
Мои сообщения
</a>
</div>
</div>";
}
require_once '../core/foot.php';
?>