Просмотр файла mail.php

Размер файла: 7.66Kb
<? include("head.php");
if(!isset($_SESSION['user_id'])) die("Вы не авторизированы");

if(!isset($_GET['act'])){$mail_to=mysql_num_rows(mysql_query("select * from `sh_ls` where `to`='$me[login]'"));
$mail_from=mysql_num_rows(mysql_query("select * from `sh_ls` where `from`='$me[login]'"));

echo "<b>Личная почта</b><br/><br>
<a href=mail.php?act=to>Входящая</a> ($mail_to)<br/>
<a href=mail.php?act=from>Исходящая</a> ($mail_from)<br/>
<a href='mail.php?act=create'>Написать сообщение</a>";}



else if(isset($_GET['act']) and $_GET['act']=='to')
{//////////////////////////////////////////
$num = 10;
@$page = (int)$_GET['page'];
$result00 = mysql_query("SELECT COUNT(*) FROM `sh_ls` where `to`='$me[login]'");
$temp = mysql_fetch_array($result00);
if($temp[0]==0)die("Сообщений нет");
$posts = $temp[0];
$total = (($posts - 1) / $num) + 1;
$total =  intval($total);
$page = intval($page);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
///////////////////////////////////////////
$to_1=mysql_query("select * from `sh_ls` where `to`='$me[login]' order by date desc limit $start,$num");
$to_2=mysql_fetch_array($to_1);
mysql_query("update `sh_ls` set `chit`=1 where `to`='$me[login]'");
do{$user_from=mysql_fetch_array(mysql_query("select * from `sh_user` where login='$to_2[from]'"));
echo "<a href=user.php?id=$user_from[id]>$user_from[echologin]</a> [$to_2[date]]<br/><a href=mail.php?act=new&newto=$user_from[id]>[Ответить]</a><br/>$to_2[text]<hr color=white>";}
while($to_2=mysql_fetch_array($to_1));
//////////////////////////
$url_for_pstr="mail.php?act=to&page=";
if($page - 5 > 0) $page5left = ' <a href='.$url_for_pstr.($page - 5) .'>'. ($page - 5) .'</a> | ';
if($page - 4 > 0) $page4left = ' <a href='.$url_for_pstr.($page - 4) .'>'. ($page - 4) .'</a> | ';
if($page - 3 > 0) $page3left = ' <a href='.$url_for_pstr.($page - 3) .'>'. ($page - 3) .'</a> | ';
if($page - 2 > 0) $page2left = ' <a href='.$url_for_pstr.($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = ' <a href='.$url_for_pstr.($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 5 <= $total) $page5right = ' | <a href='.$url_for_pstr.($page + 5) .'>'. ($page + 5) .'</a>';
if($page + 4 <= $total) $page4right = ' | <a href='.$url_for_pstr.($page + 4) .'>'. ($page + 4) .'</a>';
if($page + 3 <= $total) $page3right = ' | <a href='.$url_for_pstr.($page + 3) .'>'. ($page + 3) .'</a>';
if($page + 2 <= $total) $page2right = ' | <a href='.$url_for_pstr.($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href='.$url_for_pstr.($page + 1) .'>'. ($page + 1) .'</a>';

if($page - 1 > 0) $nazad = '<a href='.$url_for_pstr.($page - 1) .'>Назад</a>';
if($page + 1 <= $total) $vpered = '<a href='.$url_for_pstr.($page + 1) .'>Далее</a>';

if ($total > 1)
{
Error_Reporting(E_ALL & ~E_NOTICE);
echo $pervpage.$page5left.$page4left.$page3left.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$page3right.$page4right.$page5right.$nextpage.'<br>'.$nazad.' | '.$vpered;
}
}



else if(isset($_GET['act']) and $_GET['act']=='from')
{
//////////////////////////////////////////
$num = 10;
@$page = (int)$_GET['page'];
$result00 = mysql_query("SELECT COUNT(*) FROM `sh_ls` WHERE `from`='$me[login]'");
$temp = mysql_fetch_array($result00);
if($temp[0]==0)die("Сообщений нет");
$posts=$temp[0];
$total = (($posts - 1) / $num) + 1;
$total =  intval($total);
$page = intval($page);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
///////////////////////////////////////////
$from_1=mysql_query("select * from `sh_ls` where `from`='$me[login]' order by date desc limit $start,$num");
$from_2=mysql_fetch_array($from_1);

do{$user_from=mysql_fetch_array(mysql_query("select * from `sh_user` where login='$from_2[to]'"));
echo "<a href=user.php?id=$user_from[id]>$user_from[echologin]</a> [$from_2[date]]<br/><a href=mail.php?act=new&newto=$user_from[id]>[Написать еще]</a><br/>$from_2[text]<hr color=white>";}
while($from_2=mysql_fetch_array($from_1));
//////////////////////////
$url_for_pstr="mail.php?act=from&page=";
if($page - 5 > 0) $page5left = ' <a href='.$url_for_pstr.($page - 5) .'>'. ($page - 5) .'</a> | ';
if($page - 4 > 0) $page4left = ' <a href='.$url_for_pstr.($page - 4) .'>'. ($page - 4) .'</a> | ';
if($page - 3 > 0) $page3left = ' <a href='.$url_for_pstr.($page - 3) .'>'. ($page - 3) .'</a> | ';
if($page - 2 > 0) $page2left = ' <a href='.$url_for_pstr.($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = ' <a href='.$url_for_pstr.($page - 1) .'>'. ($page - 1) .'</a> | ';

if($page + 5 <= $total) $page5right = ' | <a href='.$url_for_pstr.($page + 5) .'>'. ($page + 5) .'</a>';
if($page + 4 <= $total) $page4right = ' | <a href='.$url_for_pstr.($page + 4) .'>'. ($page + 4) .'</a>';
if($page + 3 <= $total) $page3right = ' | <a href='.$url_for_pstr.($page + 3) .'>'. ($page + 3) .'</a>';
if($page + 2 <= $total) $page2right = ' | <a href='.$url_for_pstr.($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href='.$url_for_pstr.($page + 1) .'>'. ($page + 1) .'</a>';

if($page - 1 > 0) $nazad = '<a href='.$url_for_pstr.($page - 1) .'>Назад</a>';
if($page + 1 <= $total) $vpered = '<a href='.$url_for_pstr.($page + 1) .'>Вперед</a>';

if ($total > 1)
{
Error_Reporting(E_ALL & ~E_NOTICE);
echo $pervpage.$page5left.$page4left.$page3left.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$page3right.$page4right.$page5right.$nextpage.'<br>'.$nazad.' | '.$vpered;
}
}

else if(isset($_GET['act']) and $_GET['act']=='create')
{if(!isset($_POST['sub']))echo "<form action='mail.php?act=create' method='post'>Логин пользователя<br/><input type='text' name='to'><br/>
<input type='submit' name='sub' value='далее'></form>";

else {$login=mysql_real_escape_string(trim($_POST['to']));
if($user=mysql_fetch_array(mysql_query("SELECT * FROM `sh_user` WHERE `echologin`='$login'")))header("Location: mail.php?act=new&newto=$user[id]");
}

}


else if(isset($_GET['act']) and $_GET['act']=='new' and isset($_GET['newto']))
{$newto = mysql_real_escape_string(trim($_GET['newto']));$newto=(int)$newto;
if(mysql_num_rows(mysql_query("select * from `sh_user` where `id`='$newto'"))>0){
$toto=mysql_fetch_array(mysql_query("select * from `sh_user` where id=$_GET[newto]"));
echo "Сообщение для $toto[echologin]";
echo '<form action="mail.php?act=new2" method="post"><textarea name="text" cols="25" rows="4"></textarea><br/><input name="newto" type="hidden" value="'.$toto['login'].'" /><input name="" type="submit" value="Отправить" /></form>';}
else die("Пользователь не найден<br/><a href='mail.php?act=create'>назад</a>");


}



else if(isset($_GET['act']) and $_GET['act']=='new2')
{if(isset($_POST['text']) and isset($_POST['newto'])){$text=code($_POST['text']);$to=code($_POST['newto']);}
else die();
$date=date("Y.m.d - H:i");$from=$me['login'];

@session_start();
$time_sec=45;
if (@$_SESSION['ls_spam']<time ())
{
$_SESSION['ls_spam']=time()+$time_sec;
$insert_post=mysql_query("insert into `sh_ls` set text='$text', `to`='$to', `from`='$from', date='$date'");
}
else die("Разрешается отправлять сообщения раз в $time_sec секунд");


if(isset($insert_post) and $insert_post)echo "Сообщение успешно отправлено<br>";
else echo "Сообщение не отправлено";


}
include("foot.php");
?>