Просмотр файла gta/mes.php

Конкурс дизайнеров на 15000 рублей
Скрипты | CMS | Боты
Размер файла: 3.01Kb 
  1. <?php
  2. include "ini.php";
  3. include "includes/header.php";
  4. include "includes/inc_online.php";
  5. print "<p><small>";
  6.  
  7. $id=cyr(htmlspecialchars(stripslashes(trim($id))));
  8. $pass=cyr(htmlspecialchars(stripslashes(trim($pass))));
  9. $dbid=cyr(htmlspecialchars(stripslashes(trim($_GET[dbid]))));
  10.  
  11. if(!empty($id)) 
  12. {
  13. $q = mysql_query("select id,login,pass from users where id='".$id."';"); 
  14. }
  15. else
  16. {
  17. die ($lang['empty_login']."</small></p></card></wml>");
  18. }
  19.  
  20. if($dbid!=0)
  21. {
  22. if(!empty($dbid)) 
  23. {
  24. $qdb = mysql_query("select id,login,pass from users where id='".$dbid."';"); 
  25. }
  26. else
  27. {
  28. die ($lang['select_user_false']."</small></p></card></wml>");
  29. }
  30. }
  31. $data = mysql_fetch_array($q);
  32.  
  33. $id=$data['id'];
  34. $login=$data['login'];
  35.  
  36. if($dbid!=0)
  37. {
  38. $dbdata = mysql_fetch_array($qdb);
  39. $dblogin=$dbdata['login'];
  40. $dbpass=$dbdata['pass'];
  41. }
  42.  
  43. if($pass!=$data['pass'])
  44. {
  45. die ($lang['empty_login']."</small></p></card></wml>");
  46. }
  47.  
  48.  
  49.  
  50. mysql_query("update users set last='".time()."',city='0' where id='".$id."';");
  51.  
  52.  
  53. switch ($mode) 
  54. {  
  55.   case "del":
  56.     mysql_query("delete from messagi where kto='".$dbid."' and komu='".$id."' limit 1;");
  57.     print $lang['mes_deleted']."<br/>";
  58.     break;
  59.   case "reply":
  60.     mysql_query("DELETE FROM messagi WHERE kto='".$dbid."' and komu='".$id."' limit 1;");
  61.     if(!empty($a))
  62. {
  63. if(empty($messaga)) print $lang['mes_empty']."<br/>";
  64. else
  65. {
  66. $predl_que=mysql_query("select komu from messagi where kto='$id' and komu='$dbid';");
  67. $predl_data = mysql_fetch_array($predl_que);
  68. if(!empty($predl_data['komu'])) print $lang['patience']."<br/>";
  69. else
  70. {
  71. print $lang['mes_succes1']." $dblogin ".$lang['mes_succes2']."<br/>";
  72.  
  73. $messaga=htmlspecialchars(stripslashes(trim($messaga)));
  74. $messaga="<b>".$lang['mes_mes1']." $login:</b><br/>".$messaga."<br/>[<a href=\"./../mes.php?pass=$dbpass&amp;id=$dbid&amp;dbid=$id&amp;mode=reply\">".$lang['mes_reply']."</a>/<a href=\"./../mes.php?pass=$dbpass&amp;id=$dbid&amp;dbid=$id&amp;mode=del\">".$lang['mes_del']."</a>]";
  75. mysql_query("insert into messagi values(0,'$id','$dbid','$messaga');");
  76. }
  77. }
  78. }
  79. else
  80. {
  81. print $lang['mes_for']." <b>$dblogin</b>:";
  82. print "</small><br/>";
  83. print "<input name=\"messaga\" type=\"text\"/><br/><small>";
  84. print "<anchor>".$lang['ok']."
  85. <go href=\"mes.php?id=$id&amp;dbid=$dbid&amp;pass=$pass&amp;mode=reply\" method=\"post\">
  86. <postfield name=\"messaga\" value=\"$(messaga)\"/>
  87. <postfield name=\"a\" value=\"b\"/>
  88. </go>
  89. </anchor><br/>";
  90. }
  91.     break;
  92.   default:
  93.     print $lang['mes_empty']."<br/></small></p></card></wml>";
  94.     exit;
  95.   break;
  96. }
  97.  
  98. $ref=mysql_fetch_array(mysql_query("select refer from refers where userid='".$id."';"));
  99. $link=$ref['refer'];
  100. if(empty($link))
  101. print "---<br/>&gt;<anchor>".$lang['back']."<prev/></anchor><br/>";
  102. else
  103. {
  104. $link=preg_replace ("'&'", "&amp;", $link);
  105. print "---<br/>&gt;<a href=\"".$link."\">".$lang['back']."</a><br/>";
  106. }
  107.  
  108. print "&gt;&gt;<a href=\"game.php?id=$id&amp;pass=$pass\">".$lang['menu']."</a><br/>";
  109.  
  110. mysql_close();
  111. print "</small></p></card></wml>";
  112. ?>