Файл: include/mail_form_ajax.php
Строк: 32
<?
require_once ('../system/func.php');
$id = num($_GET['id']);
$prof = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$id."'"));
if(isset($_POST['text'])){
$text = text($_POST['text']);
$ban = mysql_query('SELECT * FROM `ban` WHERE `id_user` = "'.$myID.'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban = mysql_fetch_array($ban);
if(strlen($text) < 3 or strlen($text) > 1000)$err = 'Длина сообщения должна быть в пределах 3 - 1000 символов';
if($ban)$err = "На вас наложен, бан осталось ".tl($ban[last]-time());
$ban_ip = mysql_query('SELECT * FROM `ban` WHERE `ip` = "'.$user['ip'].'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban_ip = mysql_fetch_array($ban_ip);
if($ban_ip)$err = "Ваш IP совпадает с нарушителем!<br>Осталось: ".tl($ban_ip['last']-time());
if(!$err){
mysql_query("INSERT INTO `mail` SET `in` = '$myID', `out` = '".$prof['id']."', `text` = '$text' , `time` = '".time()."'");
$kont = mysql_fetch_assoc(mysql_query("SELECT * FROM `kont` WHERE `id_user` = '".$myID."' && `id_kont` = '".$prof['id']."' LIMIT 1"));
if($kont['id_kont'] != $prof['id']){
mysql_query("INSERT INTO `kont` SET `id_user` = '".$prof['id']."', `id_kont` = '".$myID."', `time` = '".time()."'");
mysql_query("INSERT INTO `kont` SET `id_user` = '$myID', `id_kont` = '".$prof['id']."', `time` = '".time()."'");
}else{
mysql_query("update `kont` set `time` = '".time()."' WHERE `id_user` = '".$myID."' && `id_kont` = '".$prof['id']."'");
mysql_query("update `kont` set `time` = '".time()."' WHERE `id_user` = '".$prof['id']."' && `id_kont` = '".$myID."'");
}
}else{
echo $err;
}
}else{
echo "Введите сообщение";
}
?>