Файл: public_html/inbox.php
Строк: 89
<?
require_once('zsecurity.php');
session_start();
if(!(isset($_SESSION["username"]) && isset($_SESSION["password"])))
{
?>
<script type="text/javascript">
location.replace("login.php");
</script>
<noscript>
<meta http-equiv="refresh" content="0; url=login.php">
</noscript>
<?
exit();
}
$user=$_SESSION["username"];
if(isset($_POST["id"]))
{
$id=$_POST["id"];
$action=$_POST["action"];
if($action=='delete')
{
require('config.php');
mysql_query("delete from tb_mail where id='$id'");
mysql_close($con);
}
if($action=='view')
{
require('config.php');
$res=mysql_query("select * from tb_mail where id='$id'");
$res=mysql_fetch_array($res);
mysql_query("update tb_mail set status='1' where id='$id'");
mysql_close($con);
?>
<div id="tables"><table width="100%">
<tr><th class="top">Тема:</th><td><?=$res["subject"]?></td></tr>
<tr><th class="top">От:</th><td><?=$res["sender"]?></td></tr>
<tr><th class="top">Дата и время:</th><td><?=date("d.m.Y H:i",$res["data"])?></td></tr>
<tr><th class="top">Сообщение:</th><td><?=$res["message"]?></td></tr>
<tr><td align=right><a href="mail.php?p=sendmessage&name=<?=$res["sender"]?>"><input type="button" value="Ответить"></a></td>
<td align=left>
<form method="post" action="mail.php?p=inbox">
<input type="hidden" value="<?=$res["id"] ?>" name="id">
<input type="hidden" value="delete" name="action">
<input type="submit" value="Удалить">
</form>
</td></tr>
</table></div>
<?
}
}
require('config.php');
?>
<div id="tables">
<table width="100%">
<tr>
<th align="center" class="top">Дата и время</th>
<th align="center" class="top">Отправитель</th>
<th align="center" class="top">Тема</th>
<th align="center" class="top"></th>
<th align="center" class="top"></th>
</tr>
<?
$res=mysql_query("select count(*) as kolvo from tb_mail where recipient='$user' order by id desc");
$res=mysql_fetch_array($res);
if($res["kolvo"]<1)
{
echo "</table></div>";
echo "<center>Входящих сообщений нет</center>";
}else{
$res=mysql_query("select * from tb_mail where recipient='$user' order by id desc");
while($row=mysql_fetch_array($res))
{
if($row["status"]=='0') { $cvet='00cc00'; $bold='bold'; }else{ $cvet='000000'; $bold='normal'; }
echo "<tr><td align="center" style="color: #$cvet; font-weight: $bold">";
echo date("d.m.Y H:i",$row["data"]);
echo "</td><td align="center" style="color: #$cvet; font-weight: $bold">". $row["sender"] ."</td><td align="center" style="color: #$cvet; font-weight: $bold">". $row["subject"] ."</td><td align="center">";
?>
<form method="post" action="mail.php?p=inbox">
<input type="hidden" value="<?=$row["id"] ?>" name="id">
<input type="hidden" value="view" name="action">
<input type="submit" value="Просмотреть">
</form>
</td><td align="center">
<form method="post" action="mail.php?p=inbox">
<input type="hidden" value="<?=$row["id"] ?>" name="id">
<input type="hidden" value="delete" name="action">
<input type="submit" value="Удалить">
</form>
</td></tr>
<?
}
echo "</table></div>";
}
?>