Файл: modules/mail/write.php
Строк: 55
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
if(!User::logged() || !isset($_GET['user_id']) || $_GET['user_id'] == 0 || $user['id'] == $_GET['user_id'] || $db->query("SELECT * FROM `users` WHERE `id` = '". abs(intval($_GET['user_id'])) ."'")->rowCount() == 0) {
header('location: /');
exit;
}
if ($db->query("SELECT * FROM `mail_chat` WHERE (`user_id` = '$user[id]' OR `who_id` = '$user[id]') AND (`who_id` = '". abs(intval($_GET['user_id'])) ."' OR `user_id` = '". abs(intval($_GET['user_id'])) ."')")->rowCount() == 0)
{
header('Location: /mail/chat/'. abs(intval($_GET['user_id'])));
exit;
}
$locate = 'in_cabinet';
$title = _t('w_mail');
include_header($title);
$tpl->div('title', _t('w_mail'));
$black_list_us = $db->query("SELECT * FROM `black_list` WHERE `user_id` = '".$user['id']."' AND `block_id` = '". abs(intval($_GET['user_id'])) ."'")->rowCount();
$black_list_id = $db->query("SELECT * FROM `black_list` WHERE `user_id` = '".abs(intval($_GET['user_id']))."' AND `block_id` = '". $user['id'] ."'")->rowCount();
if ($black_list_us == 0 && $black_list_id == 0)
{
$tpl->div('menu', '<b>'._t('reply') .'</b>:<br/>
<form action="/mail/chat/'.abs(intval($_GET['user_id'])).'/?act=send" method="post">
<textarea name="text" rows="5" cols="26">[b]'.tnick(abs(intval($_GET['user_id']))).'[/b], </textarea><br/>
<input name="send" type="submit" value="'. _t('send').'"/>
</form>');
}
elseif($black_list_us != 0)
{
$tpl->div('menu', _t('user_black_list'));
}
elseif($black_list_id != 0)
{
$tpl->div('menu', _t('stop_black_list'));
}
$tpl->div('block', NAV .'<a href="/user/profile/'.abs(intval($_GET['user_id'])).'/">'. _t('back') .'</a><br/>'
. HICO .'<a href="/">'. _t('home') .'</a>');
include_footer();
?>