Размер файла: 3.26Kb
<?php
include 'sys/db.php';
include 'sys/conf.php';
include 'sys/start.php';
include 'sys/functions.php';
if(isset($_POST['addmsg'])){
$id=intval($_POST['id']);
$msg=strip($_POST['msg']);
$query_send=mysql_query("SELECT id FROM `users` WHERE id = '$user[id]' LIMIT 1;")or die(mysql_error());
if(mysql_num_rows($query_send)==0){
header("location: mail.php?&re=nouser");
exit;
}elseif(strlen($msg)<2 && strlen($msg)<4048){
header("location: mail.php?add=".$uid."&re=ermsg");
exit;
}else{
$rec_id=intval(mysql_result($query_send,0,0));
if($id==$rec_id){
header("location: mail.php?add=".$uid."&re=selfmsg");
exit;
}else{
mysql_query("INSERT INTO `mail` (send, rec, msg, time) VALUES('$id','$user[id]','$msg','".time()."') ;")or die(mysql_error());
header("location: mail.php?re=send_ok");
exit;
};
};
}elseif(isset($_GET['delsend']) && intval($_GET['delsend'])>0){
$mid=intval($_GET['delsend']);
$rand=intval($_GET['r']);
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE rec = '$user[id]' AND id = '$mid' AND outbox = '1';"),0)==0){
unset($_SESSION['rand']);
header("location: mail.php?send&re=404");
exit;
}elseif(!isset($rand) || $rand!=$_SESSION['rand']){
unset($_SESSION['rand']);
header("location: mail.php?send&re=vzlom");
exit;
}else{
unset($_SESSION['rand']);
mysql_query("UPDATE `mail` SET outbox = '0' WHERE id = '$mid' LIMIT 1;")or die(mysql_error());
mysql_query("DELETE FROM `mail` WHERE inbox = '0' AND outbox = '0';")or die(mysql_error());
header("location: mail.php?send&re=del_ok");
exit;
};
}elseif(isset($_GET['delallsend'])){
$rand=intval($_GET['r']);
if(!isset($rand) || $rand!=$_SESSION['rand']){
unset($_SESSION['rand']);
header("location: mail.php?send&re=vzlom");
exit;
}else{
unset($_SESSION['rand']);
mysql_query("UPDATE `mail` SET outbox = '0' WHERE send = '$id';")or die(mysql_error());
mysql_query("DELETE FROM `mail` WHERE inbox = '0' AND outbox = '0';")or die(mysql_error());
header("location: mail.php?send&re=del_ok");
exit;
};
}elseif(isset($_GET['delrec']) && intval($_GET['delrec'])>0){
$mid=intval($_GET['delrec']);
$rand=intval($_GET['r']);
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE send = '$user[id]' AND id = '$mid' AND inbox = '1';"),0)==0){
unset($_SESSION['rand']);
header("location: mail.php?re=404");
exit;
}elseif(!isset($rand) || $rand!=$_SESSION['rand']){
unset($_SESSION['rand']);
header("location: mail.php?re=vzlom");
exit;
}else{
unset($_SESSION['rand']);
mysql_query("UPDATE `mail` SET inbox = '0' WHERE id = '$mid' LIMIT 1;")or die(mysql_error());
mysql_query("DELETE FROM `mail` WHERE inbox = '0' AND outbox = '0';")or die(mysql_error());
header("location: mail.php?re=del_ok");
exit;
};
}elseif(isset($_GET['delallrec'])){
$rand=intval($_GET['r']);
if(!isset($rand) || $rand!=$_SESSION['rand']){
unset($_SESSION['rand']);
header("location: mail.php?re=vzlom");
exit;
}else{
unset($_SESSION['rand']);
mysql_query("UPDATE `mail` SET inbox = '0' WHERE rec = '$id';")or die(mysql_error());
mysql_query("DELETE FROM `mail` WHERE inbox = '0' AND outbox = '0';")or die(mysql_error());
header("location: mail.php?re=del_ok");
exit;
};
}
?>