<?php
if($authorize)
{
//////////////////////////////////////////////////////
$id = intval($_GET['id']);
if( !mysql_result(mysql_query("SELECT COUNT(*) FROM `rating` WHERE rat_user = $id AND `moder` = '$username'"), 0))
{
if(($status == "moderator" OR $status == "admin") AND !empty($_GET['rat']) AND $_GET['rat'] == 1)
{
mysql_query("UPDATE users
SET rating=rating+".intval($_GET['rat'])."
WHERE id=".$id);
mysql_query("INSERT INTO `rating` VALUES('".$username."', '".$id."')");
//header("Location: ".$_SERVER['PHP_SELF'].'?p=24&v=xhtml&sid='.$sid.'&uid='.$id.'&d=1.');
}
if(($status == "moderator" OR $status == "admin") AND !empty($_GET['antirat']) AND $_GET['antirat'] == 1)
{
mysql_query("UPDATE users
SET antirating = antirating + ".intval($_GET['antirat'])."
WHERE id=".$id);
mysql_query("INSERT INTO `rating` VALUES('".$username."', '".$id."')");
header("Location: ".$_SERVER['PHP_SELF'].'?p=24&v=xhtml&sid='.$sid.'&uid='.$id.'&d=1.');
}
}
/////////////////////////////////////////////////////////////////////////////////
switch($_GET['d'])
{
default:
if(!empty($_GET['new']))
{
$new = "AND new=1 ";
}
if($version == "xhtml")
{
$thisPageSize = 1500;
}
else
{
$thisPageSize = 1500;
}
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Приват - ".$username).$tag);
echo('<a href="./?p=24&d=1&sid='.$sid.'&v=wml">Сказать</a><br />
<a href="./?p=24&v=wml&sid='.$sid."\">Начало</a><br /><br />\r\n");
if( isset($_GET['clear']) )
{
echo("Вы уверены, что хотите удалить все сообщения?\r\n");
echo("<a href='./?p=24&d=4&v=wml&sid=$sid'>Да</a> | <a href='./?p=24&v=wml&sid=$sid'>Нет</a><br />\r\n");
}
$sql = "SELECT *
FROM private
WHERE name = '".$username."'
".$new."
ORDER BY `id` DESC ";
$count = mysql_num_rows(mysql_query($sql));
$start = intval($_GET['s']);
if(!empty($start))
{
$limit = "LIMIT ".$start.", ".abs($count - $start);
$int = $start;
}
else
{
$int = 0;
}
$sql .= $limit;
$query = mysql_query($sql);
while($mess = mysql_fetch_assoc($query))
{
static $s;
if($mess['new'] == 1 AND $mess['mod'] == 'i')
{
echo('*');
}
echo(date("d.m H:i", $mess['time']).']');
if($mess['mod'] == "o" AND preg_match("|^$username|iu", $mess['name']))
{
echo("<b>Я><a href=\"./?p=24&v=wml&sid=".$sid."&uid=".username2id($mess['tname'])."&d=1\">".$mess['tname']."</a></b><br />\r\n");
}
else
{
echo("<b><a href=\"./?p=24&v=wml&sid=".$sid."&d=1&uid=".username2id($mess['tname'])."\">".$mess['tname']."</a></b><br />\r\n");
}
echo(nl2br($mess['mess'])."<br />\r\n");
$int++;
$s += strlen($mess['time'].$mess['name'].$mess['tname'].$mess['mess']);
if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
{
if($int != $count)
{
$next = $int;
}
break;
}
}
echo("- - - - <br />\r\n");
if(!empty($next))
{
echo("<a accesskey=\"3\" href=\"" . $_SERVER['PHP_SELF'] . "?p=24&v=wml&sid=".$sid."&s=".$next."\">Дальше...(3)</a><br />\r\n");
}
echo("<a href='./?p=24&sid=$sid&v=wml&clear=1'>Очистить приват</a><br />\r\n");
echo("<a href=\"./?p=0&v=wml&sid=".$sid."\" accesskey=\"1\">В форум</a>\r\n");
echo($tagC."</p></card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Приват - '.$username.'</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Приват - '.$username.'</b></font>
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
<a href="./?p=24&v=xhtml&sid='.$sid.'&d=1">Сказать</a><br/>
<a href="./?p=24&v=xhtml&sid='.$sid.'">Начало</a><br />');
if( isset($_GET['clear']) )
{
echo("Вы уверены, что хотите удалить все сообщения?\r\n");
echo("<a href='./?p=24&d=4&v=html&sid=$sid'>Да</a> | <a href='./?p=24&v=html&sid=$sid'>Нет</a><br />\r\n");
}
echo($tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag);
$sql = "SELECT *
FROM private
WHERE name = '".$username."'
".$new."
ORDER BY `id` DESC ";
$count = mysql_num_rows(mysql_query($sql));
$start = intval($_GET['s']);
if(!empty($start))
{
$limit = "LIMIT ".$start.", ".abs($count - $start);
$int = $start;
}
else
{
$int = 0;
}
$sql .= $limit;
$query = mysql_query($sql);
while($mess = mysql_fetch_assoc($query))
{
static $s;
if($mess['new'] == 1 AND $mess['mod'] == 'i')
{
echo('*');
}
echo(date("d.m H:i", $mess['time']).']');
if($mess['mod'] == "o" AND preg_match("|^$username|iu", $mess['name']))
{
echo("<b>Я><a href=\"./?p=24&v=xhtml&sid=".$sid."&uid=".username2id($mess['tname'])."&d=1\">".$mess['tname']."</a></b><br/>\r\n");
}
else
{
echo("<b><a href=\"./?p=24&v=xhtml&sid=".$sid."&d=1&uid=".username2id($mess['tname'])."\">".$mess['tname']."</a></b><br/>\r\n");
}
echo(nl2br($mess['mess'])."<br />\r\n");
$int++;
$s += strlen($mess['time'].$mess['name'].$mess['tname'].$mess['mess']);
if($s + $thisPageSize + (110 * abs($int - $start)) > $pageSize)
{
if($int != $count)
{
$next = $int;
}
break;
}
}
echo($tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td>'.$tag);
if(!empty($next))
{
echo("<a href=\"" . $_SERVER['PHP_SELF'] . "?p=24&v=".$version."&sid=".$sid."&s=".$next."\">Дальше...</a><br />\r\n");
}
echo("<a href='./?p=24&sid=$sid&v=xhtml&clear=1'>Очистить приват</a><br />\r\n");
echo("<a href=\"./?p=0&v=xhtml&sid=".$sid."\">В форум </a>\r\n");
echo($tagC.'</td></tr></table>
</body></html>');
}
mysql_query("UPDATE private SET new=0 WHERE name='".$username."'");
break;
case 1:
if($version == "wml")
{
header("content-type: text/vnd.wap.wml; charset=utf-8");
header("Cache-Control: no-cache");
echo(doctype("Приват - ".$username).$tag);
if(!empty($_GET['uid']))
{
$uid = intval($_GET['uid']);
$usernamee = mysql_query("SELECT username FROM users WHERE id=".$uid);
$query = mysql_query("SELECT * FROM users WHERE id=".$uid);
$q = mysql_fetch_assoc($query);
}
if(@mysql_num_rows($usernamee) != 0)
{
$link = mysql_fetch_assoc($usernamee);
echo("Кому: [".$link['username']."] <a href=\"./?p=6&v=wml&id=".$uid."&th=".$color."\">[Анкета]</a> Рейтинг: \r\n".$tagC);
if(($status == "moderator" OR $status == "admin") AND (!mysql_result(mysql_query("SELECT COUNT(*) FROM `rating` WHERE rat_user = $uid AND `moder` = '$username'"), 0)) AND ($username != $q['username']))
{
echo("<b><a href=\"./?p=6&rat=1&id=".$uid."&sid=".$sid."&v=wml\">+</a>".$q['rating']."/<a href=\"./?p=6&antirat=1&id=".$uid."&sid=".$sid."&v=wml\">-</a>" . $q['antirating'] . "</b><br />");
}
else
{
echo("<b>+".$q['rating']."/-" . $q['antirating'] . "</b><br />");
}
if($q['username'] != $username)
{
echo("<a href='./?p=24&d=3&uid=$uid&v=wml&sid=$sid'>[В игнор]</a>\r\n");
echo(" <a href='./?p=24&d=5&uid=$uid&v=html&sid=$sid'>[В контакты]</a>\r\n");
if( in_array($status, array('admin', 'moderator')) )
{
echo("<a href='./?p=26&v=wml&back=" . base64_encode(htmlspecialchars($_SERVER['REQUEST_URI'])) . "&username=" . $link['username'] . "&sid=$sid'>[Бан]</a>");
}
}
if($status == "admin")
{
echo('<br />Дата регистрации: '.date("d.m.Y H:s", $q['regdate']).' <br />
Последний раз появлялся: '.date('d.m.Y H:i:s', $q['last_time']).' <br />
Постов: '.mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `name`='".$q['username']."'"), 0).'<br />');
}
}
else
{
echo($tag."Кому:".$tagC." <input type=\"text\" name=\"to\" maxlength=\"15\" /><br />");
$sql = mysql_query("SELECT * FROM `contact` WHERE `uid` = $infoUserRows[id]");
if( mysql_num_rows($sql) )
{
echo('или <select name="contact">');
echo("<option></option>");
while($contacts = mysql_fetch_assoc($sql))
{
$print[] = "<option value='" . $contacts['contact_user'] . "'>" . $contacts['contact_user'] . "</option>\r\n";
}
echo("" . join($print) . "");
echo("</select>");
}
}
echo("<br />" . $tag."Сообщение:".$tagC." <input type=\"text\" name=\"mess\" /><br />
<anchor>[Сказать]
<go href=\"./?p=24&v=wml&sid=".$sid."&d=2&uid=" . $_GET['uid'] . "\" method=\"post\">
<postfield name=\"mess\" value=\"$(mess)\" />
<postfield name=\"to\" value=\"$(to)".$link['username']."\" />
</go></anchor><br />
".$tag."");
if($status == "admin" and $arruser != $username)
{
echo('<a href="./?p=27&v=wml&sid='.$sid.'&mode=moder&m=1&id='.$id.'">В модеры</a><br />');
}
echo("- - - - <br />
<a href='./?p=24&d=3&v=wml&sid=$sid'>Игнор-лист</a><br />
<a href='./?p=24&d=5&v=wml&sid=$sid'>Контакты</a><br />
<anchor>Назад<prev /></anchor><br />
<a href=\"./?p=24&v=wml&sid=".$sid."\">В приват</a>
".$tagC."</p>
</card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Приват - '.$username.'</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="./?p=24&v=xhtml&sid='.$sid.'&d=2&uid=' . $_GET['uid'] . '" method="post">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr bgcolor="'.$style['title'].'"><td align="center" colspan="2">
<font color="#FFFFFF"><b>Приват - '.$username.'</b></font>
</td></tr>
<tr bgcolor="'.$style['bottom'].'">
<td colspan="2">
</td></tr>
<tr bgcolor="'.$style['text'].'"><td>');
if(!empty($_GET['uid']))
{
$uid = intval($_GET['uid']);
$usernamee = mysql_query("SELECT username FROM users WHERE id=".$uid);
$query = mysql_query("SELECT * FROM users WHERE id=".$uid);
$q = mysql_fetch_assoc($query);
}
if(@mysql_num_rows($usernamee) > 0)
{
$link = mysql_fetch_assoc($usernamee);
echo($tag."Кому:</td><td> [".$link['username']."] ");
if(empty($q['name']) and empty($q['realname']) and empty($q['rdate']) and empty($q['icq']) and empty($q['site']) and empty($q['mail']) and $q['sex'] == "n" and empty($q['about']))
{
echo("");
}
else
{
echo("<a href=\"./?p=6&v=xhtml&id=".$uid."&th=".$color."\">[Анкета]</a> ");
}
echo("Рейтинг: ");
if(($status == "moderator" OR $status == "admin") AND (!mysql_result(mysql_query("SELECT COUNT(*) FROM `rating` WHERE rat_user = $uid AND `moder` = '$username'"), 0)) AND ($username != $q['username']))
{
echo("<b><a href=\"./?p=24&rat=1&id=".$uid."&sid=".$sid."&v=xhtml\">+</a>".$q['rating']."/<a href=\"./?p=24&antirat=1&id=".$uid."&sid=".$sid."&v=xhtml\">-</a>" . $q['antirating'] . "</b><br/>");
}
else
{
echo("+".$q['rating']."/-" . $q['antirating'] . "");
}
if($q['username'] != $username)
{
echo("<br /><a href='./?p=24&d=3&uid=$uid&v=html&sid=$sid'>[В игнор]</a>\r\n");
echo(" <a href='./?p=24&d=5&uid=$uid&v=html&sid=$sid'>[В контакты]</a>\r\n");
if( in_array($status, array('admin', 'moderator')) )
{
echo("<a href='./?p=26&v=xhtml&back=" . base64_encode(htmlspecialchars($_SERVER['REQUEST_URI'])) . "&username=" . $link['username'] . "&sid=$sid'>[Бан]</a>\r\n $tagC");
}
}
$hidden = "<input type=\"hidden\" name=\"to\" value=\"".$link['username']."\" />\r\n";
if($status == "admin")
{
echo('<br />Дата регистрации: '.date("d.m.Y H:s", $q['regdate']).' <br />
Последний раз появлялся: '.date('d.m.Y H:i:s', $q['last_time']).' <br />
Постов: '.mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `name`='".$q['username']."'"), 0).'<br />');
}
echo("</td></tr>");
}
else
{
echo($tag."Кому:".$tagC."</td><td> <input type=\"text\" name=\"to\" maxlength=\"15\"/><br/>");
$sql = mysql_query("SELECT * FROM `contact` WHERE `uid` = $infoUserRows[id]");
if( mysql_num_rows($sql) )
{
echo('или <select name="contact">');
echo("<option></option>");
while($contacts = mysql_fetch_assoc($sql))
{
$print[] = "<option value='" . $contacts['contact_user'] . "'>" . $contacts['contact_user'] . "</option>\r\n";
}
echo("" . join($print) . "");
echo("</select>");
}
echo("</td></tr>\r\n");
}
echo("<tr bgcolor=\"".$style['text']."\"><td>
".$tag."Сообщение:".$tagC."</td><td><textarea name=\"mess\" cols=\"30\" rows=\"5\"></textarea></td></tr>
<tr bgcolor=\"".$style['text']."\"><td align=\"center\" colspan=\"2\">
".$hidden."
<input type=\"submit\" value=\"Сказать\"/></td></tr>
<tr bgcolor=\"".$style['bottom']."\"><td colspan=\"2\">
$tag");
if($status == "admin" and $q['username'] != $username)
{
echo("<a href=\"./?p=27&v=xhtml&sid=".$sid."&mode=moder&m=1&id=".$uid."\">В модеры</a><br />");
}
echo("<a href=\"./?p=24&d=3&v=html&sid=".$sid."\">Игнор-лист</a><br />
<a href=\"./?p=24&d=5&v=html&sid=".$sid."\">Контакты</a><br />
<a href='javascript:history.back()'>Назад</a><br/>
<a href=\"./?p=24&v=xhtml&sid=".$sid."\">В приват</a> $tagC
</td></tr></table>
</form>
</body></html>");
}
break;
case 2:
$mess = $_POST['mess'];
$to = translatenick(trim(chop(sql($_POST['to']))));
if(empty($to))
{
$to = $_POST['contact'];
}
if($transl == "on")
{
$mess = translate($mess);
}
$mess = preg_replace("|[\r\n]+|", " \r\n", $mess);
$mess = preg_replace("|[\n]+|", "\n", $mess);
$mess = sql(htmlspecialchars(trim(cutString($mess, 1024))));
$mess = preg_replace_callback("|<(\d{1,20})>|", "smile", $mess);
if($status == "admin" or $status == "moderator")
{
$mess = preg_replace("|\[b\](.*)\[/b\]|i", "<b>\\1</b>", $mess);
$mess = preg_replace("|\[i\](.*)\[/i\]|i", "<i>\\1</i>", $mess);
}
if($status == "admin" or $status == "moderator")
{
if(strpos($mess, "http://") !== false)
{
$mess = preg_replace("|\[url=(.*)\](.*)\[/url\]|is", "<a href=\"go/?\\1\">\\2</a>", $mess);
$mess = preg_replace("|(http://[^\s]+)|i", "<a href=\"go/?\\1\">\\1</a>", $mess);
}}
if($status == "user"){
if(strpos($mess, "http://") !== false)
{
$mess = preg_replace("|(http://[^\s]+)|i", "[Реклама запрещена!]", $mess);
}
else
{
$mess = preg_replace("|\[urltag=(.*)\](.*)\[/url\]|is", "[Реклама запрещена!]", $mess);
}
$mess=preg_replace("|([^\s]+).ru|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).cn|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).net|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).su|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).com|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).info|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).in|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).name|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).org|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).ws|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).eu|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).mobi|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).biz|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).us|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).kz|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).com.ru|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).net.ru|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).org.ru|i","[Реклама запрещена!]",$mess);
$mess=str_replace("|([^\s]+).pp.ru|i","[Реклама запрещена!]",$mess);
$mess=preg_replace("|([^\s]+).tk|i","[Реклама запрещена!]",$mess);}
$to = translatenick(substr($to, 0, 25));
////////////////////////////////////////////////////////Антифлуд
$R = mysql_query("SELECT * FROM `private`
WHERE `name`='".$username."'");
$aR = mysql_fetch_array($R);
$messR=$aR['mess'];
////////////////////////////////////////////////////////
if($status == "admin") $ip = "127.0.0.1"; else $ip = empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['REMOTE_ADDR'] : $_SERVER['HTTP_X_FORWARDED_FOR'] ;
$ip = htmlspecialchars(sql($ip));
if($status == "admin") $user = "Admin"; else $user = htmlspecialchars(sql($_SERVER['HTTP_USER_AGENT']));
///////////Выбор писаря в приват
$pww = mysql_query("SELECT * FROM `users`
WHERE `username`='".$to."'");
$apww = mysql_fetch_array($pww);
$pw=$apww['pw'];
///////////
if(!mysql_result(mysql_query("SELECT COUNT(*) FROM users WHERE username='".$to."'"), 0))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Пользователя не существует!<br/>
- - - - <br />
<anchor>Назад<prev /></anchor><br />
<a href="./?p=24&v=wml&sid='.$sid.'">В приват</a>
'.$tag.'
</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Ошибка</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">
'.$tag.'Пользователя не существует!'.$tagC.'
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">
'.$tag.'<a href="./?p=24&v=xhtml&sid='.$sid.'">В приват</a>'.$tagC.'
</td></tr></table>
</body></html>');
}
}
elseif(ban($username, $user, $ip))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Ошибка! Вы заблокированы модератором '.$modername.'. <br />
Причина: '.$banmess.'! <br />
-
<a href="'.$_SERVER['HTTP_REFERER'].'">Назад</a><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
} elseif($version == "xhtml")
{
if($ban_info!="")
if($ban_info=="admin"){ $info_s="админиcтpaтop";}
if($ban_info=="moderator"){ $info_s="модератор";}
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr align="center" bgcolor="'.$style['title'].'"><td colspan="2">
<font color="#FFFFFF"><b>Ошибка</b></font>
<tr bgcolor="'.$style['text'].'"><td colspan="2">'.$tag.'Вы заблокированы '.$info_s.'ом: '.$modername.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Причина:'.$tagC.'</td><td>'.$tag.$banmess.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Вы забанены до:'.$tagC.'</td><td>'.$tag.date('d.m.Y H:i:s',$time).$tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">'.$tag.'
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</body></html>');
}
}
elseif($pw == "ce")
{
if(!mysql_result(mysql_query("SELECT COUNT(*) FROM `contact` WHERE `contact_user` = '$username' AND `uid` = '$uid'"), 0))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Вы не можете писать этому пользователю в приват, т.к. Вы не добавлены у него в список Контактов. <br />
- - - - <br />
<anchor>Назад<prev /></anchor><br />
<a href="./?p=24&v=wml&sid='.$sid.'">В приват</a>
'.$tag.'
</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Ошибка</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">
'.$tag.'Вы не можете писать этому пользователю в приват, т.к. Вы не добавлены у него в список Контактов. <br />'.$tagC.'
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">
'.$tag.'<a href="./?p=24&v=xhtml&sid='.$sid.'">В приват</a>'.$tagC.'
</td></tr></table>
</body></html>');
}
}
}
elseif($pw == "ci")
{
header("Location: ".$_SERVER['PHP_SELF'].'?p=24&v='.$version.'&sid='.$sid);
}
else
{
if(!empty($_POST['mess']) && $to != $username && strtolower($mess) != strtolower($messR))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM private WHERE name='".$username."' AND `mod`='o'"), 0) > 15)
{
mysql_query("DELETE FROM private WHERE name='".$username."' AND `mod`='o' ORDER BY id LIMIT 1");
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM private WHERE name='".$to."' AND `mod`='i'"), 0) > 15)
{
mysql_query("DELETE FROM private WHERE name='".$to."' AND `mod`='i' ORDER BY id LIMIT 1");
}
$uid = (int)$_GET['uid'];
if(!mysql_result(mysql_query("SELECT COUNT(*) FROM `ignore` WHERE uid = $uid AND `ignore_user` = '$username'"), 0))
{
mysql_query("INSERT INTO private VALUES(0, '".$mess."', '".$to."', 'i', '".$username."', 1, ".time().")");
mysql_query("INSERT INTO private VALUES(0, '".$mess."', '".$username."', 'o', '".$to."', 1, ".time().")");
}
}
header("Location: ".$_SERVER['PHP_SELF'].'?p=24&v='.$version.'&sid='.$sid);
}
break;
case 3:
if( isset($_GET['uid']) )
{
if( mysql_result(
mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = " . intval($_GET['uid'])), 0))
{
$uid2name = mysql_fetch_assoc(mysql_query("SELECT username FROM users WHERE id = " . intval($_GET['uid'])));
if( !mysql_result(mysql_query("SELECT COUNT(*) FROM `ignore` WHERE uid = $infoUserRows[id] AND `ignore_user` = '$uid2name[username]'"), 0))
{
mysql_query("INSERT INTO `ignore` VALUES(0, $infoUserRows[id], '" . $uid2name['username'] . "')");
}
}
}
if( isset($_GET['del']) )
{
$id = (int)$_GET['id'];
if( mysql_result(mysql_query(
"SELECT COUNT(*) FROM `ignore` WHERE id = $id AND uid = $infoUserRows[id]"), 0) )
{
mysql_query("DELETE FROM `ignore` WHERE id = $id");
}
}
$sql = mysql_query("SELECT * FROM `ignore` WHERE `uid` = $infoUserRows[id]");
if( !mysql_num_rows($sql) )
{
$print[] = "Список игнорируемых пуст!<br />";
}
else
{
while($contacts = mysql_fetch_assoc($sql))
{
$sqlc = mysql_query("SELECT * FROM `users` WHERE `username` = '".$contacts['ignore_user']."'");
$idd = mysql_fetch_assoc($sqlc);
$dd = $idd['id'];
$print[] = "<a href=\"./?p=24&v=".$version."&sid=".$sid."&d=1&uid=".$dd."\"><b>" . $contacts['ignore_user'] . "</b></a> - <a href='./?p=24&del=1&sid=$sid&d=3&id=" . $contacts['id'] . "&v=" . $version . "'>[Удалить]</a><br />\r\n";
}
}
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Игнор") . $tag .
" <br /> \r\n" .
join($print) . "
- - - - <br />
<anchor>Назад<prev /></anchor><br />
<a href='./?p=24&v=wml&sid=$sid'>В приват</a>
".$tag."
</p></card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Игнор</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Игнор</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">
'.$tag . join($print) . $tagC.'
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">
'.$tag.'<a href="./?p=24&v=xhtml&sid='.$sid.'">В приват</a>'.$tagC.'
</td></tr></table>
</body></html>');
}
break;
case 4:
mysql_query("DELETE FROM private WHERE name = '$username'");
header("Location: ".$_SERVER['PHP_SELF'].'?p=24&v='.$version.'&sid='.$sid);
break;
case 5:
if( isset($_GET['uid']) )
{
if( mysql_result(
mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = " . intval($_GET['uid'])), 0))
{
$uid2name = mysql_fetch_assoc(mysql_query("SELECT username FROM users WHERE id = " . intval($_GET['uid'])));
if( !mysql_result(mysql_query("SELECT COUNT(*) FROM `contact` WHERE uid = $infoUserRows[id] AND `contact_user` = '$uid2name[username]'"), 0))
{
mysql_query("INSERT INTO `contact` VALUES(0, $infoUserRows[id], '" . $uid2name['username'] . "')");
}
}
}
if( isset($_GET['del']) )
{
$id = (int)$_GET['id'];
if( mysql_result(mysql_query(
"SELECT COUNT(*) FROM `contact` WHERE id = $id AND uid = $infoUserRows[id]"), 0) )
{
mysql_query("DELETE FROM `contact` WHERE id = $id");
}
}
$sql = mysql_query("SELECT * FROM `contact` WHERE `uid` = $infoUserRows[id]");
if( !mysql_num_rows($sql) )
{
$print[] = "Список контактов пуст!<br />";
}
else
{
while($contacts = mysql_fetch_assoc($sql))
{
$sqlc = mysql_query("SELECT * FROM `users` WHERE `username` = '".$contacts['contact_user']."'");
$idd = mysql_fetch_assoc($sqlc);
$dd = $idd['id'];
$print[] = "<a href=\"./?p=24&v=".$version."&sid=".$sid."&d=1&uid=".$dd."\"><b>" . $contacts['contact_user'] . "</b></a> - <a href='./?p=24&del=1&sid=$sid&d=5&id=" . $contacts['id'] . "&v=" . $version . "'>[Удалить]</a><br />\r\n";
}
}
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Контакты") . $tag .
" <br /> \r\n" .
join($print) . "
- - - - <br />
<anchor>Назад<prev /></anchor><br />
<a href='./?p=24&v=wml&sid=$sid'>В приват</a>
".$tag."
</p></card></wml>");
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Контакты</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Контакты</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">
'.$tag . join($print) . $tagC.'
</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">
'.$tag.'<a href="./?p=24&v=xhtml&sid='.$sid.'">В приват</a>'.$tagC.'
</td></tr></table>
</body></html>');
}
break;
}
}
?>