Файл: dialog.php
Строк: 51
<?php
include_once ('core/base.php');
falseauth();
$id = abs(intval($_GET['id']));
$mess = $base -> query("SELECT * FROM `users` WHERE `id` = '".$id."' LIMIT 1") -> fetch_assoc();
$header = 'Диалог c '.$mess['login'];
include_once ('core/head.php');
$messages = $base -> query("SELECT * FROM `message` WHERE `komy` = '".$u['id']."' AND `readlen` = '0' LIMIT 1") -> num_rows;
if($messages > 0){
$base -> query("UPDATE `message` SET `readlen` = '1' WHERE `komy`='".$u['id']."'");
}
if(!isset($mess['id']) or $u['id'] == $mess['id']) {
$_SESSION['message'] = 'Ошибка.';
header("Location: /");
exit;
}
$contact = $base -> query("SELECT * FROM `message_c` WHERE `kogo` = '".$mess['id']."' and `kto` = '".$u['id']."' LIMIT 1") -> num_rows;
if($contact == 0) {
$base -> query("INSERT INTO `message_c` SET `kto` = '".$u['id']."', `kogo` = '".$mess['id']."', `time` = '".time()."', `posl_time` = '".time()."'");
$base -> query("INSERT INTO `message_c` SET `kto` = '".$mess['id']."', `kogo` = '".$u['id']."', `time` = '".time()."', `posl_time` = '".time()."'");
}
if(isset($_POST['insert'])){
$msg = fl($_POST['msg']);
$tim = $base -> query("SELECT * FROM `message` WHERE `kto` = '".$u['id']."' ORDER BY `time` DESC") -> fetch_assoc();
if(strlen($msg) < '3' or strlen($msg) > '500'){ $_SESSION['message'] = 'Сообщение должно содержать от 3 до 500 символов.';}
elseif((time() - $tim['time']) < 5) { $_SESSION['message'] = 'Писать сообщения можно один раз в 5 секунд.';}
else{
$base -> query("UPDATE `message_c` SET `posl_time`='".time()."' WHERE `kogo` = '".$u['id']."' and `kto`='".$id."' limit 1");
$base -> query("UPDATE `message_c` SET `posl_time`='".time()."' WHERE `kto` = '".$u['id']."' and `kogo`='".$id."' limit 1");
$base -> query("INSERT INTO `message` SET `text` = '".$msg."', `kto` = '".$u['id']."', `komy` = '".$mess['id']."', `time` = '".time()."', `readlen` = '0'");
header('Location:/dialog/'.$mess['id'].'/');
}
}
echo '<div class="b">';
echo '<div class="title">Диалог с '.$mess['login'].'</div>';
echo '<center><form action="" method="POST">
<textarea name="msg"></textarea><br/>
<input type="submit" value="Отправить" name="insert"/>
</form></center>';
$k_post = $base->query("SELECT * FROM `message` WHERE `kto` = '".$u['id']."' and `komy` = '".$mess['id']."' or `kto` = '".$mess['id']."' and `komy` = '".$u['id']."'") -> num_rows;
$k_page = k_page($k_post,10);
$page = page($k_page);
$start = 10*$page-10;
$msg = $base->query("SELECT * FROM `message` WHERE `kto` = '".$u['id']."' and `komy` = '".$mess['id']."' or `kto` = '".$mess['id']."' and `komy` = '".$u['id']."' ORDER BY `time` DESC LIMIT $start, 10");
while($m = $msg->fetch_assoc()){
echo '<div class="event">';
echo ''.name($m['kto']).' '.($m['readlen']==0?'<font color="red">(нп)</font>':'').' <span style="float:right">('.tm($m['time']).')</span><br/>';
echo '<div class="text_line"></div>';
echo '<font color="#FFF">'.smiles($m['text']).'</font>';
echo '</div>';
}
if($k_post < 1) $_SESSION['message'] = 'Переписка с '.login($mess['id']).' еще не состоялась!';
if ($k_page > 1) echo str('?id='.$mess['id'].'&',$k_page,$page); // Вывод страниц
echo '<a class="btn" href="/mail/"><img src="/images/icons/back.png"> Назад</a>';
echo '</div>';
include_once ('core/foot.php');
?>