Файл: mlord.ru/mail.php
Строк: 133
<?
// Автор проекта GEARBAKC
// Офф.сайт GEARNET.RU
// http://gearnet.ru/users/1
// Только эксклюзивные скрипты!
require_once('core/index.php');
require_once('core/func.php');
avt();
$title='Почта';
require_once('design/head.php');
if(isset($_GET['id'])){
if($user['id']==intval($_GET['id'])){header('Location: /mail');}
$ank=$db->query('SELECT * FROM `users` WHERE `id`="'.$_GET['id'].'" LIMIT 1')->fetch();
$stmt = $db->prepare("UPDATE `mail` SET `read` = ? WHERE `id_ank` = ? AND `id_user` = ?");
$stmt -> execute(array('0', $user['id'], num($_GET['id'])));
$count=$db->query("SELECT id FROM `friends` WHERE (`id_user`='".$user['id']."' AND `id_ank`='".$ank['id']."' or `id_user`='".$ank['id']."' AND `id_ank`='".$user['id']."') AND `st`='2'")->rowCount();
if($count==0 && $ank['mail_review']==2){echo '<div class="h2">Игрок ограничил круг людей, которые могут писать в почту.</div><div class="h2"><a href=/mail>Назад</a></div>'; require_once('design/foot.php'); exit();}
if(isset($_POST['text'])){
##########################Добавление контакта
$qq=$db->query("SELECT * FROM `contact` WHERE `id_user` = '$user[id]' AND `id_ank` = '$_GET[id]'")->rowCount();
if($qq==0)
{
$stmt = $db->prepare('INSERT INTO `contact` SET `id_user` = ?,`id_ank` = ?');
$stmt -> execute(array($user['id'], $_GET['id']));
}
$ww=$db->query("SELECT * FROM `contact` WHERE `id_user` = '$_GET[id]' AND `id_ank` = '$user[id]'")->rowCount();
if($ww==0)
{
$stmt = $db->prepare('INSERT INTO `contact` SET `id_ank` = ?, `time` = ?, `id_user` = ?');
$stmt -> execute(array($user['id'], time(), $_GET['id']));
}
##############################################
if(empty( $_POST ['post' ]) || (strlen ($_POST ['post' ])< 1 || strlen ($_POST ['post' ])>2000)){ $err ='Сообщение должно быть от 1 до 2000 символов' ;}
if($ank['mail_access']==2){$err='Игрок закрыл почту';}
if(!isset($err))
{
$text=$_POST['post'];
$stmt = $db->prepare("INSERT INTO `mail` (`id_user`, `id_ank`, `read`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
$stmt -> execute(array($user['id'], $_GET['id'], '1', $text, time()));
$_SESSION['msg']='Сообщение отправлено';
$stmt = $db->prepare("UPDATE `contact` SET `time` = ? WHERE `id_user` = ? AND `id_ank` = ?");
$stmt -> execute(array(time(), $_GET['id'], $user['id']));
$stmt = $db->prepare("UPDATE `contact` SET `time` = ? WHERE `id_user` = ? AND `id_ank` = ?");
$stmt -> execute(array(time(), $_GET['id'], $user['id']));
header('Location:?');
}else{
$_SESSION['msg']=$err;
header('Location:?');
}
}
///////////////////////////////////////////////
if($ank['mail_access']==1){
echo '<div class="h1">';
echo '<form action="?" method="post">';
echo 'Сообщение:<br/><textarea name="post" rows = "4" style="width:99%"></textarea><br/>';
echo '<input type="submit" name="text" value="Отправить"><br/><a href=/smile>Смайлы</a> | <a href=/bb-code>BB-коды</a>';
echo '</form>';
echo '</div>';
}else{
echo '<div class="h2">Игрок закрыл почту.</div><div class="rzd"></div>';
}
$count=$db->query("SELECT id FROM `mail` WHERE `id_user` = '$user[id]' AND `id_ank` = '$_GET[id]' OR `id_user` = '$_GET[id]' AND `id_ank` = '$user[id]'")->rowCount();
if($count==0){echo '<div class="page">Сообщений нет.</div>';}
require 'core/pagination.php';
$pagination = new Pagination;
$pagination->sett($count, 10, true);
$res = $db->query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_ank` = '$_GET[id]' OR `id_user` = '$_GET[id]' AND `id_ank` = '$user[id]' ORDER BY `id` DESC " . $pagination->limit());
foreach($res as $post){
$ank = $db->query('SELECT * FROM `users` WHERE `id`="'.$post['id_user'].'"')->fetch();
echo '<div class="h2">';
echo us($ank['id']).' '.vremya($post['time']);
if ($post['read']==1)echo '<div style="float:right;"><small>(не прочитано)</small></div>';echo '<br />';
echo bb($post['text']).($user['id']!=$post['id_user']?'<a href=/user/complaint/mail/'.$post['id'].'> [жал]</a>':null);
echo '</div>';
}
echo $pagination->get();
echo '<div class="h2"> <img src="/design/ico/png/mail.png"> <a href=/mail> Контакты</a></div>';
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
}else{
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
if(isset($_GET['read'])){
request("UPDATE `mail` SET `read`='0' WHERE `id_ank`=? AND `read`='1'",array($user['id']));
$_SESSION['msg']='Отмечено';
header('Location:?');
}
$count=$db->query("SELECT * FROM `contact` WHERE `id_user`='".$user['id']."'")->rowCount();
if($count==0){echo '<div class="h2">Контактов нет.</div>';}
require 'core/pagination.php';
$pagination = new Pagination;
$pagination->sett($count, 10, true);
$res = $db->query("SELECT * FROM `contact` WHERE `id_user`='".$user['id']."' ORDER BY time DESC " . $pagination->limit());
foreach($res as $post){
$ank=$db->query('SELECT * FROM `users` WHERE `id`="'.$post['id_ank'].'" LIMIT 1')->fetch();
$k_ank=$db->query("SELECT * FROM `mail` WHERE `id_user` = '$ank[id]' AND `id_ank` = '$user[id]'")->rowCount();
$k_new=$db->query("SELECT * FROM `mail` WHERE `id_user` = '$ank[id]' AND `id_ank` = '$user[id]' AND `read`='1'")->rowCount();
$k_user=$db->query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'")->rowCount();
echo '<div class="h2">';
echo us($ank['id']).' [<a href=/mail/'.$ank['id'].'>диалог</a>] ['.$k_new.'/'.($k_ank+$k_user).']';
echo '</div>';
}
echo $pagination->get();
$count=$db->query("SELECT * FROM `mail` WHERE `id_ank` = '$user[id]' AND `read`='1'")->rowCount();
if($count!=0){
echo '<div class="h2"> <img src="/design/ico/png/ok.png"> <a href=?read>Отметить все, как прочитанное</a></div>';
}
echo '<div class="h2"><img src="/design/ico/png/settings.png"> <a href=/user/settings_mail>Настройки</a></div>';
}
echo '<div class="h2"> <img src="/design/ico/png/users.png"> <a href=/user/friends>Мои друзья</a></div>';
require_once('design/foot.php');
?>