Файл: modules/user_mail.php
Строк: 86
<?
////////////////////////////////////////
///// Основа ApiCMS //////
///// Автор биллинга - IvanDanilov /////
///// Автор биллинга - IvanDanilov /////
///// ICQ 936545, mail: KyberID@ya.ru //
////////////////////////////////////////
/////////////////////////////////////////
$title = 'Приватная почта';
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
/////////////////////////////////////////
if (!isset($_GET['id'])){header("Location: /");exit;}
$ank = intval($_GET['id']);
if (!$ank){header("Location: /");exit;}
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$ank' LIMIT 1"));
if ($user['id']==$ank['id']){header("Location: /");exit;}
mysql_query("UPDATE `user_mail` SET `views` = '1' WHERE `id_recipient` = '$user[id]' AND `id_sender` = '$ank[id]'");
if (isset($_POST['txt'])){
$text = mysql_real_escape_string($_POST['txt']);
if (strlen($text)>1024)$err = '<div class="erors"><center>Очень длинное сообщение</center></div>';
if (strlen($text)<3)$err = '<div class="erors"><center>Короткое сообщение</center></div>';
if (!isset($err)){
mysql_query("INSERT INTO `user_mail` (`txt`, `id_sender`, `id_recipient`, `time`) VALUES ('$text', '$user[id]', '$ank[id]', '$time')");
////////////////////////////////////
$plus_fishka = $user['fishka'] + $api_settings['fishka_mail'];
mysql_query("UPDATE `users` SET `fishka` = '".intval($plus_fishka)."' WHERE `id` = '$user[id]' LIMIT 1");
echo '<div class="content"><center>Сообщение успешно добавлено</center></div>';
}else{
apicms_error($err);
}
}
/////////////////////////////////////////
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `user_mail` WHERE `id_recipient` = '$user[id]' AND `id_sender` = '$ank[id]' OR `id_recipient` = '$ank[id]' AND `id_sender` = '$user[id]'"),0);
$k_page=k_page($k_post,$api_settings['on_page']);
$page=page($k_page);
$start=$api_settings['on_page']*$page-$api_settings['on_page'];
if ($k_post==0)echo "<div class='erors'><center>Вы еще не вели диалогов</center></div>";
/////////////////////////////////////////
$qii=mysql_query("SELECT * FROM `user_mail` WHERE `id_recipient` = '$user[id]' AND `id_sender` = '$ank[id]' OR `id_recipient` = '$ank[id]' AND `id_sender` = '$user[id]' ORDER BY time DESC LIMIT $start, $api_settings[on_page]");
while ($post_mail = mysql_fetch_assoc($qii)){
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $post_mail[id_sender] LIMIT 1"));
echo '<div class="subhead"><table width="100%" ><tr><td width="20%"><center>';
echo apicms_ava32($ank2['id']);
echo "</center></td><td width='80%'>".htmlspecialchars($ank2['login'])." ";
echo "<span style='float:right'> ".apicms_data($post_mail['time'])." ";
echo " </span>";
if ($post_mail['views']==0){
echo "</br><font color='red'> <b>".apicms_bb_code(apicms_smiles(apicms_br(htmlspecialchars($post_mail['txt']))))."</b> </font></td></tr></table></div>";
}else{
echo "</br> <b>".apicms_bb_code(apicms_smiles(apicms_br(htmlspecialchars($post_mail['txt']))))."</b></td></tr></table></div>";
}
}
/////////////////////////////////////////
if ($user['id']){
echo "<form name="message" action="/modules/user_mail.php?id=".$ank['id']."&ok" method="post">n";
echo ''.auto_bb("message","txt").'';
echo "<div class='content'><center><textarea name="txt"></textarea><br />n";
echo "<input type='submit' value='Добавить'/></form></center></div>n";
}else{
echo "<div class='content'>Извините вы неможете писать в почту</div>n";
}
/////////////////////////////////////////
if ($k_page > 1){
echo '<div class="subhead"><center>';
str('/modules/user_mail.php?id='.$ank['id'].'&',$k_page,$page); // генерируем постраничную навигацию
echo '</center></div>';
}
apicms_foot();
?>