Просмотр файла privat.php

Размер файла: 11.2Kb
<?
session_start();

include "file/db.php";
include "file/config.php";
include "style/".$autorize['skin']."/head.php";
include "file/aut.php";

echo "</center><div class='menu'><center><b>Приват:</b> $autorize[log]<br/></center></div><div class='tab'>";
$n=$autorize['id'];
if (empty($m)) $m="file";
switch ($m) {
case "file":
$login = $autorize['log'];
echo "<div class='hr'></div><img src=\"style/".$autorize['skin']."/new.png\" alt=\"*\"/><a href=\"privat.php?m=new&amp;".session_name()."=".session_id()."\">Написать</a><br/>";
$q=mysql_query("select* from `privat` where `komu`='$login';");
$vho=mysql_num_rows($q);
$qy=mysql_query("select* from `privat` where (`komu`='$login' && `status`='0');");
$ne=mysql_num_rows($qy);
$qp=mysql_query("select* from `privat` where `kogo`='$login';");
$ot=mysql_num_rows($qp);
echo "<div class='hr'></div><img src=\"style/".$autorize['skin']."/vhod.png\" alt=\"*\"/><a href=\"privat.php?m=vhod&amp;".session_name()."=".session_id()."\">Входящие</a> [<b>$ne</b>/$vho]<br/>";
echo "<div class='hr'></div><img src=\"style/".$autorize['skin']."/ishod.png\" alt=\"*\"/><a href=\"privat.php?m=ishod&amp;".session_name()."=".session_id()."\">Исходящие</a> [$ot]<br/>";
break;

case "new":
echo "<p align='center'>";
echo "<a class=\"main\" href=\"smile.php?".session_name()."=".session_id()."\"><b>Смайлы</b></a>";
echo "<a class=\"main\" href=\"bb.php?".session_name()."=".session_id()."\"><b>BB-Коды</b></a>";
print "</p>";
echo "<div class='hr'></div><form action=\"privat.php?m=pismonew&amp;".session_name()."=".session_id()."\" method=\"post\">";
echo "Кому<b> (Логин): </b><div class='hr'></div>";
echo "<input type=\"text\" name=\"komu\" size=\"6\" value=\"$kom_otvet\" class=\"main\"/><br/>";
echo "<div class='hr'></div>Сообщение: <div class='hr'></div>";
print "<textarea name='msg' class='main' cols='25' rows='3'></textarea><br/>";
echo "<input class=\"main\" type=\"submit\" value=\"Послать\"/></form>";
print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";
break;

case "pismonew":
$error='';
if(empty($_POST['msg'])) $error.='Отсутствует сообщение<br/>';
if(preg_match("/^[\s]+[\s]+$/",$_POST['msg']))$error.='Отсутствует сообщение<br/>';
if(empty($_POST['komu'])) $error.='Не заполнено поле кому<br/>';
if(preg_match("/^[\s]+[\s]+$/",$_POST['komu']))$error.='Не заполнено поле кому<br/>';
$komu = trim($_POST['komu']);
$qi = mysql_query("select * from `uzvers` where `log`='$komu';");
if (mysql_affected_rows()==0) $error.='Нет такого Логина!<br />';

if(!empty($error))
{
print "<center><b>Ошибка!!!&nbsp; ";
print " Причина:".$error."</b></center><div class='hr'></div>";
}
if(empty($error))
{
$msg=iconv_substr($_POST['msg'],0,1000,'utf-8');
$msg=str_replace("'","`",$msg);
$msg=mysql_escape_string($msg);
$msg=trim(htmlspecialchars($msg));
$smile_arr=scandir('smile');
$smile_arr[1]=natsort($smile_arr);
$fr=array();
$n=1;
foreach($smile_arr as $key => $value)
{
if(preg_match("/[gif]+$/",$value))
{
array_push($fr,':'.$n.':');
$n++;
}
}
$sm=array();
for($i=1; $i<=sizeof($fr); $i++)
{
array_push($sm,'<img src="smile/'.$i.'.gif" alt="smile"/>');}
$msg = str_replace($fr,$sm,$msg);
function links_preg1($arr)
{
return '<a href="'.$arr[2].'">'.$arr[2].'</a>';
}
function links_preg2($arr)
{
return $arr[1].'<a href="'.$arr[2].'">'.$arr[3].'</a>'.$arr[4];
}
  $msg = str_replace("[small]","<small>",$msg );
  $msg = str_replace("[/small]","</small>",$msg);
  $msg = str_replace("[black]","<font color = \"black\">",$msg );
  $msg = str_replace("[/black]","</font>",$msg);
  $msg = str_replace("[blue]","<font color = \"blue\">",$msg );
  $msg = str_replace("[/blue]","</font>",$msg);
  $msg = str_replace("[white]","<font color = \"white\">",$msg );
  $msg = str_replace("[/white]","</font>",$msg);
  $msg = str_replace("[green]","<font color = \"green\">",$msg );
  $msg = str_replace("[/green]","</font>",$msg);
  $msg = str_replace("[red]","<font color = \"red\">",$msg );
  $msg = str_replace("[/red]","</font>",$msg);
  $msg = str_replace("[big]","<big>",$msg );
  $msg = str_replace("[/big]","</big>",$msg);
  $msg = str_replace("[b]","<b>",$msg );
  $msg = str_replace("[/b]","</b>",$msg);
  $msg = str_replace("[i]","<i>",$msg);
  $msg = str_replace("[/i]","</i>",$msg);
  $msg = str_replace("[s]","<s>",$msg);
  $msg = str_replace("[/s]","</s>",$msg);
  $msg = str_replace("[u]","<u>",$msg);
  $msg = str_replace("[/u]","</u>",$msg);
  $msg=preg_replace_callback('~\[url=([a-z]+://[^ \r\n\t`\'"]+)\](.*?)\[/url\]~iu', 'links_preg1', $msg);
  $msg=preg_replace_callback('~(^|\s)([a-z]+://([^ \r\n\t`\'"]+))(\s|$)~iu', 'links_preg2', $msg);
  $login = $autorize['log'];
mysql_query("insert into privat set kogo='$login',komu='$komu',date='$date',status='0',mess='$msg';") or die ('Ошибка повторите попытку !!!');
echo "<center><b>Ваше письмо успешно отправлено!</b></center>";
}
print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;

case "vhod":
$login = $autorize['log'];
$num = 5;
if(empty($_GET['page']) || $_GET['page']<0)$_GET['page']=1;
$page = intval($_GET['page']);
$results = mysql_query("SELECT * FROM `privat` WHERE `komu`= '$login'");
$posts = mysql_num_rows($results);
$total = intval(($posts-1)/$num)+1;
if($page>$total) $page = $total;
$start = $page*$num-$num;


$q=mysql_query("select* from `privat` where `komu`='$login' order by `id` DESC LIMIT $start, $num;");

if(mysql_affected_rows()==0)
{
 echo "<div class='hr'></div><b>Пусто...</b><br/>";
}
else
{
while ($row=mysql_fetch_array($q))
{
$id=$row['id'];
$l1=$row['kogo'];
$l2=$row['date'];
$l3=$row['status'];
print "<img src=\"style/".$autorize['skin']."/privat/$l3.png\" alt=\"*\"/>";
echo " <b>$l1</b> <a href=\"privat.php?m=vhodmess&amp;id=$id&amp;".session_name()."=".session_id()."\"><u>$l2</u></a>&nbsp;[<a href=\"privat.php?m=delitvhod&amp;id=$id&amp;".session_name()."=".session_id()."\">del</a>]<div class='hr'></div>";
}
print '<div class="str"><b>Стр:</b>';

$num_pages=ceil($posts/$num);
if($page>$num_pages || $page<1)
{
$page=1;
$start=0;
}
for($pr='', $i=1; $i<=$num_pages; $i++)
{
print $pr=(($i == 1 || $i == $num_pages || abs($i-$page) < 2) ? ($i == $page ? " <b>$i</b> " :
' <a href="'.$_SERVER['SCRIPT_NAME'].'?m=vhod&amp;page='.$i.'&amp;'.session_name().'='.session_id().'">'.$i.'</a> ') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
}
 print "</div>";
}
print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;

case "vhodmess":
$id = $_GET['id'];
$q=mysql_query("select * from `privat` where `id`='$id';");
$row=mysql_fetch_array($q);
$l1=$row['kogo'];
$l2=$row['date'];
$l4=$row['mess'];
echo "<u>От:</u> <b>$l1</b><u> $l2</u><div class='hr'></div>";
echo "<b>Сообщение:</b> <u>$l4</u><div class='hr'></div>";
@mysql_query("UPDATE `privat` SET `status`='1' where `id`='$id'");
echo "<img src=\"style/".$autorize['skin']."/otvet.png\" alt=\"*\"/><a href=\"privat.php?m=new&amp;kom_otvet=$l1&amp;".session_name()."=".session_id()."\">Ответить</a>";
print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;

case "ishod";
$login = $autorize['log'];
$num = 5;
if(empty($_GET['page']) || $_GET['page']<0)$_GET['page']=1;
$page = intval($_GET['page']);
$results = mysql_query("SELECT * FROM `privat` WHERE `kogo`= '$login'");
$posts = mysql_num_rows($results);
$total = intval(($posts-1)/$num)+1;
if($page>$total) $page = $total;
$start = $page*$num-$num;
$q=mysql_query("select* from `privat` where `kogo`='$login' order by `id` DESC LIMIT $start, $num;");
if(mysql_affected_rows()==0)
{
 echo "<div class='hr'></div><b>Пусто...</b><br/>";
}
else
{
while ($row=mysql_fetch_array($q))
{
$id=$row['id'];
$l1=$row['komu'];
$l2=$row['date'];
$l3=$row['status'];

echo "<div class='hr'></div><img src=\"style/".$autorize['skin']."/privat/$l3.png\" alt=\"*\"/><b>Кому:</b> $l1 <u><a href=\"privat.php?m=ishodmess&amp;id=$id&amp;".session_name()."=".session_id()."\">$l2</a></u>&nbsp;[<a href=\"privat.php?m=delitishod&amp;id=$id&amp;".session_name()."=".session_id()."\">del</a>]<div class='hr'></div>";
}
print '<div class="str"><b>Стр:</b>';

$num_pages=ceil($posts/$num);
if($page>$num_pages || $page<1)
{
$page=1;
$start=0;
}
for($pr='', $i=1; $i<=$num_pages; $i++)
{
print $pr=(($i == 1 || $i == $num_pages || abs($i-$page) < 2) ? ($i == $page ? " <b>$i</b> " :
' <a href="'.$_SERVER['SCRIPT_NAME'].'?m=ishod&amp;page='.$i.'&amp;'.session_name().'='.session_id().'">'.$i.'</a> ') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
}
 print "</div>";
}
 print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;

case "ishodmess":
$id = $_GET['id'];
$q=mysql_query("select * from `privat` where `id`='$id';");
$row=mysql_fetch_array($q);
echo "<div class='hr'></div><b>Кому:</b> <u>".$row['komu']."</u> <small>(".$row['date'].")</small><div class='hr'></div>";
echo "<b>Сообщение:</b> <u>".$row['mess']."</u><div class='hr'></div>";
if ($row['status'] == 0)
{
print "<img src=\"style/".$autorize['skin']."/privat/".$row['status'].".png\" alt=\"*\"/>Не прочитано";
}
else
{
print "<img src=\"style/".$autorize['skin']."/privat/".$row['status'].".png\" alt=\"*\"/>Прочитано";
}
print "<br/>";

 print "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;
 case "delitishod";
$q=mysql_query("select* from `privat` where `kogo`='$login' order by `id` desc;");
$row=mysql_fetch_array($q);
mysql_query("DELETE FROM `privat` WHERE `id` = '".$_GET['id']."';");
print "<center>Удалено !!!<div class='hr'></div></center>";

print "<img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;

case "delitvhod";
$q=mysql_query("select * from `privat` where `id`='$id';");
$row=mysql_fetch_array($q);

mysql_query("DELETE FROM `privat` WHERE `id` = '".$_GET['id']."';");
print "<center>Удалено !!!<div class='hr'></div></center>";
print "<img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/><a href=\"privat.php?".session_name()."=".session_id()."\">Приват</a>";

break;
}




echo "<div class='hr'></div><img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/>";echo "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><div class='hr'></div>";
print "</div>";
include "style/".$autorize['skin']."/foot2.php";

?>