Файл: vsime.com/mail/inc/act_cont.php
Строк: 499
<?
if (isset($_GET['id']) && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id` = '".intval($_GET['id'])."' AND `id_user` = '$user[id]'"))!=0)
{
$cont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id` = '".intval($_GET['id'])."' AND `id_user` = '$user[id]'"));
mysqli_query($dbi, "UPDATE `mail_conts` SET `count` = '0' WHERE `id` = '$cont[id]'");
$ank = profile($cont['id_ank']);
if ($cont['type']=='favorite' || $cont['type']=='arhive')
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"))!=0)
{
$cont2=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"));
$fl=1;
if ($cont['type']=='favorite')$flf=1;
}
}
$title .= ' - Переписка с '.$cont['nick'];
ex_head();
if (isset($_GET['reply']) && intval($_GET['reply'])!=NULL && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_cont` = '$cont[id]' AND `id` = '".intval($_GET['reply'])."' LIMIT 1"))!=0)
{
$msg = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_cont` = '$cont[id]' AND `id` = '".intval($_GET['reply'])."'"));
if ($msg['type']=='to')
{
echo "<div class='list'>n";
echo "<div class='left'>n";
show_avatar($ank['id'], 'small');
echo "</div>n";
echo "<div class='overfl_hid'>n";
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id']).":<br/>n";
echo output_text($msg['msg'], $ank['id'])."<br/>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
echo "<form method='post' action='?act=cont&id=$cont[id]' class='multi'>n";
echo "<div class='grand_h'>n";
input_bbs('textarea', 0);
echo "<textarea name='msg' id='textarea' rows='8' style='width:90%' placeholder='Введите ваш ответ...'></textarea><br/>n";
echo "</div>n";
echo "<div class='list'>n";
echo "<input type='hidden' name='mdp' value='$mdp'/>n";
echo "<input type='submit' name='submited' value='Отправить' />n";
echo "</div>n";
echo "</form>n";
echo "<div class='foot'>n";
echo image_back()." <a href='/mail'>Назад</a>n";
echo "</div>n";
ex_foot();
}
}
// помечаем сообщения как прочитанные
mysqli_query($dbi, "UPDATE `mail` SET `read` = '1' WHERE `id_cont` = '$cont[id]' AND `id_user` = '$user[id]'");
// Delete message
if (isset($_GET['delete']) && intval($_GET['delete'])!=NULL && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id` = '".intval($_GET['delete'])."' AND `id_user` = '$user[id]' AND `id_cont` = '$cont[id]' LIMIT 1"))!=0)
{
if ($cont['type']=='trash')mysqli_query($dbi, "DELETE FROM `mail` WHERE `id` = '".intval($_GET['delete'])."' AND `id_user` = '$user[id]'");
else
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'trash'"))==0)
{
mysqli_query($dbi, "INSERT INTO `mail_conts` (`id_user`, `id_ank`, `time`, `nick`, `type`, `time_last`) VALUES ('$user[id]', '$ank[id]', '$time', '$ank[nick]', 'trash', '$time')");
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '".mysqli_insert_id($dbi)."' WHERE `id` = '".intval($_GET['delete'])."'");
}
else
{
$tcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'trash'"));
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '$tcont[id]' WHERE `id` = '".intval($_GET['delete'])."'");
}
}
header("Location: ?act=cont&id=$cont[id]");
exit;
}
if (($cont['type']=='all' || $cont['type']=='arhive' || $cont['type']=='favorite') && isset($_GET['favorite']) && intval($_GET['favorite'])!=NULL && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id` = '".intval($_GET['favorite'])."' AND `id_user` = '$user[id]' LIMIT 1"))!=0)
{
$fav=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id` = '".intval($_GET['favorite'])."' AND `id_user` = '$user[id]' LIMIT 1"));
$fcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id` = '$fav[id_cont]' AND `id_user` = '$user[id]'"));
if ($fcont['type']=='all' || $fcont['type']=='arhive')
{
if ($fav['favorite']==1)$fav_new=0;else $fav_new=1;
mysqli_query($dbi, "UPDATE `mail` SET `favorite` = '$fav_new' WHERE `id` = '$fav[id]'");
}
elseif ($cont2['id']==$fcont['id'])mysqli_query($dbi, "UPDATE `mail` SET `favorite` = '0' WHERE `id` = '$fav[id]'");
}
// Reset message
if (isset($_GET['reset']) && intval($_GET['reset'])!=NULL && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id` = '".intval($_GET['reset'])."' AND `id_user` = '$user[id]' AND `id_cont` = '$cont[id]' LIMIT 1"))!=0)
{
if ($cont['type']=='trash')
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"))==0)
{
mysqli_query($dbi, "INSERT INTO `mail_conts` (`id_user`, `id_ank`, `time`, `nick`, `type`, `time_last`) VALUES ('$user[id]', '$ank[id]', '$time', '$ank[nick]', 'all', '$time')");
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '".mysqli_insert_id($dbi)."' WHERE `id` = '".intval($_GET['reset'])."'");
}
else
{
$tcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"));
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '$tcont[id]' WHERE `id` = '".intval($_GET['reset'])."'");
}
}
header("Location:?act=cont&id=$cont[id]");
exit;
}
//////////////////In arhive
if (isset($_GET['in_arhive']) && $cont['type']=='all')
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'arhive'"))==0)mysqli_query($dbi, "UPDATE `mail_conts` SET `type` = 'arhive', `time_last` = '$time' WHERE `id` = '$cont[id]'");
else
{
$tcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'arhive'"));
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '$tcont[id]' WHERE `id_cont` = '$cont[id]'");
mysqli_query($dbi, "DELETE FROM `mail_conts` WHERE `id` = '$cont[id]'");
}
msg_sess("Контакт <b>$ank[nick]</b> успешно перенесен в архив");
header("Location:/mail");
exit;
}
////////////////////// In trash
if (isset($_GET['in_trash']) && $cont['type']!='favorite')
{
if ($cont['type']=='trash')
{
mysqli_query($dbi, "DELETE FROM `mail_conts` WHERE `id` = '$cont[id]'");
mysqli_query($dbi, "DELETE FROM `mail` WHERE `id_cont` = '$cont[id]'");
msg_sess("Контакт <b>$ank[nick]</b> успешно удален");
}
else
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'trash'"))==0)mysqli_query($dbi, "UPDATE `mail_conts` SET `type` = 'trash', `time_last` = '$time' WHERE `id` = '$cont[id]'");
else
{
$tcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'trash'"));
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '$tcont[id]' WHERE `id_cont` = '$cont[id]'");
mysqli_query($dbi, "DELETE FROM `mail_conts` WHERE `id` = '$cont[id]'");
}
msg_sess("Контакт <b>$ank[nick]</b> успешно перенесен в корзину");
}
header("Location:/mail");
exit;
}
/////////////////////// Out trash
if (isset($_GET['out_trash']))
{
if ($cont['type']=='trash')
{
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"))==0)mysqli_query($dbi, "UPDATE `mail_conts` SET `type` = 'all', `time_last` = '$time' WHERE `id` = '$cont[id]'");
else
{
$tcont=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]' AND `type` = 'all'"));
mysqli_query($dbi, "UPDATE `mail` SET `id_cont` = '$tcont[id]' WHERE `id_cont` = '$cont[id]'");
mysqli_query($dbi, "DELETE FROM `mail_conts` WHERE `id` = '$cont[id]'");
}
msg_sess("Контакт <b>$ank[nick]</b> успешно восстановлен");
}
header("Location:/mail");
exit;
}
///////////////////// Write message
if (isset($_POST['msg']) && $ank['id']!=0)
{
if (@$_POST['mdp']==$mdp)
{
if_user('activated');
$msg=$_POST['msg'];
if (strlen($msg) > 10000)$error[]='Сообщение превышает 10000 символов';
if (strlen(trim($msg)) < 1)$error[]='Слишком короткое сообщение';
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"))!=0)$error[] = 'Пользователь находится в Вашем Черном списке.';
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `blacklist` WHERE `id_user` = '$ank[id]' AND `id_ank` = '$user[id]'"))!=0)$error[] = 'Пользователь добавил Вас в свой Черный список.';
if (!isset($error) && mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_cont` = '".(!isset($fl)?"$cont[id]":"$cont2[id]")."' AND `time` > '".($time-360)."' AND `msg` = '".my_esc($msg)."'"))==0)
{
// отправка сообщения
$hid = write_mail($user['id'], $ank['id'], $msg);
header("Location:?act=cont&id=$hid");
echo (!isset($fl)?msg('Сообщение успешно отправлено'):header("Location:?act=cont&id=$cont2[id]"));
}
} else hacked_by_Killer();
}
//////////////////// List
if ($cont['type']=='arhive')unset($fl);
echo "<div class='menu'><img src='/i/site/new_mail.png' /> <a href='?act=new_message&id=$ank[id]'>Написать $cont[nick]</a></div>n";
if ($cont['type']=='all')echo "<div class='menu'><img src='/i/site/archive.png' /> <a href='?act=cont&id=$cont[id]&in_arhive'>В архив $cont[nick]</a></div>n";
if ($cont['type']!='trash')
{
if ($cont['type']=='favorite')
{
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` INNER JOIN `mail` ON `mail`.`id_cont`=`mail_conts`.`id` WHERE `mail`.`favorite` = '1' AND `mail`.`id_user` = '$user[id]' AND (`mail_conts`.`type` = 'all' OR `mail_conts`.`type` = 'arhive') AND `mail`.`id_cont` = '$cont2[id]'"));
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
if ($count_results != 0)$last=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail_conts` INNER JOIN `mail` ON `mail`.`id_cont`=`mail_conts`.`id` WHERE `mail`.`favorite` = '1' AND `mail`.`id_user` = '$user[id]' AND (`mail_conts`.`type` = 'all' OR `mail_conts`.`type` = 'arhive') AND `mail`.`id_cont` = '$cont2[id]' ORDER BY `mail`.`time` DESC LIMIT $start, 1"));
} else {
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_cont` = '".(!isset($fl)?"$cont[id]":"$cont2[id]")."' AND `id_user` = '$user[id]'".(isset($flf)?" AND `favorite` = '1'":null).""));
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
if ($count_results != 0)$last=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_cont` = '".(!isset($fl)?"$cont[id]":"$cont2[id]")."' AND `id_user` = '$user[id]'".(isset($flf)?" AND `favorite` = '1'":null)." ORDER BY id DESC LIMIT $start, 1"));
}
show_errors();
if (isset($last))
{
echo "<div class='list'>";
echo ($last['type']=='to'?null:"<span style='font-weight:bold;color:#209143'>Я</span> > ");
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id']);
echo " (".vremja($last['time']).")n";
echo "<span class='right'>n";
if ($cont['type']=='all' || $cont['type']=='arhive' || $cont['type']=='favorite')echo "<a href='?act=cont&id=$cont[id]&favorite=$last[id]'><img src='/i/site/".($last['favorite']==0?"no_":NULL)."favourite.png' /></a>n";
echo "<a href='?act=cont&id=$cont[id]&delete=$last[id]'>$config[code_delete]</a>n";
echo "</span>n";
if ($last['type']=='at')$last2=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_user` = '$ank[id]' AND `id` = '".($last['id']-1)."'"));
if (isset($last2) && $last2['read']==0 && $last['type']=='at')echo " <span style='font-size:small;color:red'>(не прочитано)</span>";
echo "<br/>";
echo output_text($last['msg'], ($last['type']=='to'?$ank['id']:$user['id']))."<br />n";
if ($last['type'] == 'to')if ($cont['type'] == 'all')echo "<a href='?act=cont&id=$cont[id]&reply=$last[id]'>Ответ</a>";
echo "</div>n";
}
echo "<div class='foot'>n";
?>
<script type="text/javascript">
function ctrlEnter(event, formElem) {
if((event.ctrlKey) && ((event.keyCode == 0xA)||(event.keyCode == 0xD)))
{
var hd = document.createElement('input');
hd.type = 'hidden';
hd.name = 'enter';
hd.value = 1;
formElem.appendChild(hd);
formElem.submit();
}
}
</script>
<?
echo "<form method='POST' name='message' action='?act=cont&id=$cont[id]&$passgen'>n";
echo "<textarea name='msg' rows='4' onkeypress='ctrlEnter(event, this.form)'; style='width:90%'></textarea><br />n";
echo "<input type='hidden' name='mdp' value='".$mdp."'>n";
echo "<input class='main_submit' type='submit' value='Отправить'/> (Ctrl + Enter)n";
echo "</form>n";
echo "</div>n";
}
if ($cont['type']=='favorite') {
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail_conts` INNER JOIN `mail` ON `mail`.`id_cont`=`mail_conts`.`id` WHERE `mail`.`favorite` = '1' AND `mail`.`id_user` = '$user[id]' AND (`mail_conts`.`type` = 'all' OR `mail_conts`.`type` = 'arhive') AND `mail`.`id_cont` = '$cont2[id]'".(isset($last)?" AND `mail`.`id` != '$last[id]'":NULL).""));
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
$query = mysqli_query($dbi, "SELECT * FROM `mail_conts` INNER JOIN `mail` ON `mail`.`id_cont`=`mail_conts`.`id` WHERE `mail`.`favorite` = '1' AND `mail`.`id_user` = '$user[id]' AND (`mail_conts`.`type` = 'all' OR `mail_conts`.`type` = 'arhive') AND `mail`.`id_cont` = '$cont2[id]'".(isset($last)?" AND `mail`.`id` != '$last[id]'":NULL)." ORDER BY `mail`.`time` DESC LIMIT $start, $config[rop]");
} else {
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_cont` = '".(!isset($fl)?"$cont[id]":"$cont2[id]")."' AND `id_user` = '$user[id]'".(isset($last)?" AND `id` != '$last[id]'":NULL)."".(isset($flf)?" AND `favorite` = '1'":null).""));
$count_pages = navi :: count_pages($count_results);
$page = navi :: page();
$start = navi :: start_pages();
$query = mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_cont` = '".(!isset($fl)?"$cont[id]":"$cont2[id]")."' AND `id_user` = '$user[id]'".(isset($last)?" AND `id` != '$last[id]'":NULL)."".(isset($flf)?" AND `favorite` = '1'":null)." ORDER BY `time` DESC LIMIT $start, $config[rop]");
}
while ($post = mysqli_fetch_array($query)) {
echo "<div class='list'>";
echo ($post['type']=='to'?null:"<span style='font-weight:bold;color:#209143'>Я</span> > ");
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id']);
echo " (".vremja($post['time']).")n";
echo "<span class='right'>";
if ($cont['type']=='all' || $cont['type']=='arhive' || $cont['type']=='favorite')echo "<a href='?act=cont&id=$cont[id]&favorite=$post[id]'><img src='/i/site/".($post['favorite']==0?"no_":NULL)."favourite.png' /></a>";
echo ($cont['type']=='trash'?"<a href='?act=cont&id=$cont[id]&reset=$post[id]'>$config[code_restore]</a> ":NULL)."<a href='?act=cont&id=$cont[id]&delete=$post[id]'>$config[code_delete]</a>n";
echo "</span>n";
if ($post['type']=='at')$post2=mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `mail` WHERE `id_user` = '$ank[id]' AND `id` = '".($post['id']-1)."'"));
if (isset($post2) && $post2['read']==0 && $post['type']=='at')echo " <span style='font-size:small;color:red'>(не прочитано)</span>";
echo "<br/>";
echo output_text($post['msg'], ($post['type']=='to'?$ank['id']:$user['id']))."<br />n";
if ($post['type'] == 'to')if ($cont['type'] == 'all')echo "<a href='?act=cont&id=$cont[id]&reply=$post[id]'>Ответ</a>";
echo "</div>n";
}
navi :: pages_show("?act=cont&id=$cont[id]&");
if ($cont['type']=='trash' || ($cont['type']!='favorite' && $cont['type']!='trash') || mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"))==0)echo "<div class='mod_grad'>n";
if (mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"))==0 && $ank['id'] != 0)echo "<a href='/blacklist/?act=add&id=$ank[id]'><img src='/i/site/blist.png' /> Занести в Черный список</a><br />n";
if ($cont['type']=='trash')echo "$config[code_restore] <a href='?act=cont&id=$cont[id]&out_trash'>Восстановить контакт $ank[nick]</a><br />";
if ($cont['type']!='favorite' && $cont['type']!='trash')echo "$config[code_delete] <a href='?act=cont&id=$cont[id]&in_trash'>Удалить контакт $ank[nick]</a><br />n";
if ($cont['type']=='trash' || ($cont['type']!='favorite' && $cont['type']!='trash') || mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"))==0)echo "</div>n";
echo "<div class='foot'>n";
echo image_back()." <a href='/mail'>Контакты</a>n";
echo "</div>n";
ex_foot();
}
?>