Просмотр файла mail.php

Свежие Креативы и море позитива !!!
Размер файла: 8.05Kb 
<?php
include_once("incs/conf.php");
include_once("incs/fmysql.php");
include_once("incs/fnc.php");
include_once("incs/head.php");

$id=intval($_GET['id']);
$id_k=fil($_GET['id_k']);
$act=fil($_GET['act']);
$id_msg=fil($_GET['msg']);
$ids=fil($_GET['ids']);

if($on==1){
$user_kont_msg=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$id'"));

if($id!=""){
if($user_kont_msg[nick]==""){
head("Ошибка",$meuser,$auth);
echo "<div class='rowup'>";
include_once("incs/title.php");
echo "<a href=\"?\">Почта</a> - Ошибка</div>";
echo"Такого пользователя не существует!<br>";
include_once("incs/down.php");
}

if($user[id]==$id){
head("Ошибка",$meuser,$auth);
echo "<div class='rowup'>";
include_once("incs/title.php");
echo "<a href=\"?\">Почта</a> - Ошибка</div>";
echo"Вы не можете написать самому себе!<br>";
include_once("incs/down.php");
}
}

head("Почта",$meuser,$auth);

switch($id){
case '':
echo "<div class='rowup'>";
include_once("incs/title.php");
echo "Почта $user[nick]</div>";

$ban_ok=$user[ban]-$time;
if($ban_ok>0){
echo "Вы забанены по причине:<br>";
echo "<b>$user[ban_prich]</b><br>";
echo "До окончания бана осталось: $ban_ok сек.<br>";
echo "Старайтесь больше не нарушать <a href=\"rules.php\">правила</a> сайта!<br>";
include_once("incs/down.php");
}

if($id_k!=""){
$del_all_msg_kon=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_otrim` = '$id_k' OR `id_user` = '$id_k' AND `id_otrim` = '$user[id]'");
while ($del_all_msg = mysql_fetch_array($del_all_msg_kon))
{
mysql_query("DELETE FROM `mail` WHERE `id` = '$del_all_msg[id]'");
$sis_msg="История очищена!<br>";
}
echo "$sis_msg";
}

if($ids!=""){
mysql_query("DELETE FROM `mail_kontakt` WHERE `id_user` = '$ids' AND `id_kontakt` = '$user[id]' OR `id_user` = '$user[id]' AND `id_kontakt` = '$ids'");
$del_all_msg_kon=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_otrim` = '$ids' OR `id_user` = '$ids' AND `id_otrim` = '$user[id]'");
while ($del_all_msg = mysql_fetch_array($del_all_msg_kon))
{
mysql_query("DELETE FROM `mail` WHERE `id` = '$del_all_msg[id]'");
$sis_msg="Контакт удален!<br>";
}
echo "$sis_msg";
}

$kont_mail = mysql_num_rows(mysql_query("SELECT `id` FROM `mail_kontakt` WHERE `id_user` = '$user[id]' OR `id_kontakt` = '$user[id]'"));
if($kont_mail==0)
{
echo "Нет контактов<br>";
}

if($on==1){
$end=$user[msg_for_page];
}else{
$end=10;}
$skok_pages=ceil($kont_mail/$end);
if(!isset($_GET['page'])){
$page=1;
}else{
$page=intval($_GET['page']);
if($page<1){$page=1;}
if($page>$skok_pages){$page=1;}
}
if($page==1 OR $page<1){
$start=0;
}else{
$start=($page-1)*$end;
}

$mail_kontakt=mysql_query("SELECT * FROM `mail_kontakt` WHERE `id_user` = '$user[id]' OR `id_kontakt` = '$user[id]' ORDER BY time DESC LIMIT $start,$end");
while ($kont_mail = mysql_fetch_array($mail_kontakt))
{
if($kont_mail[id_user]!=$user[id]){
$kont_mail_us=$kont_mail[id_user];
}else{
$kont_mail_us=$kont_mail[id_kontakt];
}
$v=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$kont_mail_us'"));
$kol_msg=mysql_num_rows(mysql_query("SELECT `id` FROM `mail` WHERE `id_user` = '$user[id]' AND `id_otrim` = '$v[id]' OR `id_user` = '$v[id]' AND `id_otrim` = '$user[id]'"));
$kol_msg_new=mysql_num_rows(mysql_query("SELECT `id` FROM `mail` WHERE `id_user` = '$v[id]' AND `id_otrim` = '$user[id]' AND `read` = '0'"));
if($num==1){ 
echo "<div class='reki'>"; 
$num=0;
}else{ 
echo "<div class='rek'>"; 
$num=1;}
echo "<a href=\"mail.php?id=$v[id]\">$v[nick]</a><br>";
echo "Новых писем ($kol_msg_new)<br>";
echo "Всево писем ($kol_msg)<br>";
echo "[<a href='mail.php?ids=$v[id]'>Удалить контакт</a>]<br>[<a href='mail.php?id_k=$v[id]'>Очистить историю</a>]</div>";
}


if($skok_pages>1){
for($i=1;$i<=$skok_pages;$i++){
if($i==$page){
echo "<span class=\"str_t\">$i</span>";
}else{
echo "<span class=\"str_l\"><a href='?page=$i'>$i</a></span>";
}}}
include_once("incs/down.php");
break;
}

switch($act){

case 'add_msg':
$povtor=mysql_fetch_array(mysql_query("SELECT * FROM `mail` WHERE `id` != '0' ORDER BY id DESC LIMIT 1"));
if($povtor[msg]!=filtr($_POST['msg'])){
$msg=filtr($_POST['msg']);
$msg=bbcode(smiles($msg));
if($msg!=""){
mysql_query("INSERT INTO `mail` (`id_user`, `id_otrim`, `msg`, `time`) values('$user[id]', '$id', '$msg', '".date('Y.m.d/H:i')."')");
mysql_query("UPDATE `mail_kontakt` SET `time` = '".$time."' WHERE `id_user` = '$user[id]' AND `id_kontakt` = '$id' OR `id_user` = '$id' AND `id_kontakt` = '$user[id]'");
$sis_msg="Сообщение успешно отправлено";
}else{
$sis_msg="Сообщение пустое!";
}
}else{
$sis_msg="Сообщение повторяетса!";
}
break;

case 'spam':
$user_spam=mysql_fetch_array(mysql_query("SELECT * FROM `mail` WHERE `id` = '$id_msg'"));

$send_spa=mysql_query("SELECT * FROM `user` WHERE `level` > '1'");
while ($send_spam = mysql_fetch_array($send_spa))
{
mysql_query("INSERT INTO `spam` (`id_user`, `id_otrim`, `id_otprav`, `msg`, `time`) values('$user[id]', '$send_spam[id]', '$user_spam[id_user]', '$user_spam[msg]', '$user_spam[time]')");
}
$sis_msg="Администрация уведомлена о спаме! Спасибо.";
break;

case 'del_msg':
if($id_msg!=""){
$de_msg=mysql_fetch_array(mysql_query("SELECT * FROM `mail` WHERE `id` = '$id_msg' AND `id_user` = '$user[id]' OR `id` = '$id_msg' AND `id_otrim` = '$user[id]'"));
if($id_msg==$de_msg[id]){
mysql_query("DELETE FROM `mail` WHERE `id` = '$id_msg'");
$sis_msg="Сообщение удалено!";
}
}
break;
}

if($id!="" && $id!==$user[id]){

$kont=mysql_fetch_array(mysql_query("SELECT * FROM `mail_kontakt` WHERE `id_user` = '$user[id]' AND `id_kontakt` = '$id' OR `id_user` = '$id' AND `id_kontakt` = '$user[id]'"));

echo "<div class='rowup'>";
include_once("incs/title.php");
echo "<a href='mail.php'>Почта</a> $user[nick] - <a href='my.php?id=$id'>$user_kont_msg[nick]</a></div>";

if($kont[id]==""){
mysql_query("INSERT INTO `mail_kontakt` (`id_user`, `id_kontakt`) values('$user[id]', '$id')");
echo "Пользователь <b>$user_kont_msg[nick]</b> добавлен в контакты<br>";
}
echo "$sis_msg<br>";

echo "<form method=\"post\" action=\"?id=$id&act=add_msg\">";
echo 'Сообщение:<br/><textarea name="msg"></textarea><br>';
echo '<input value="Отправить" type="submit"/></form>';
}

$msg_mail = mysql_num_rows(mysql_query("SELECT `id` FROM `mail` WHERE `id_user` = '$user[id]' AND `id_otrim` = '$id' OR `id_user` = '$id' AND `id_otrim` = '$user[id]'"));
if($msg_mail==0)
{
echo "Нет сообщений<br>";
}

if($on==1){
$end=$user[msg_for_page];
}else{
$end=10;}
$skok_pages=ceil($msg_mail/$end);
if(!isset($_GET['page'])){
$page=1;
}else{
$page=intval($_GET['page']);
if($page<1){$page=1;}
if($page>$skok_pages){$page=1;}
}
if($page==1 OR $page<1){
$start=0;
}else{
$start=($page-1)*$end;
}

$mail_msg=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '$user[id]' AND `id_otrim` = '$id' OR `id_user` = '$id' AND `id_otrim` = '$user[id]' ORDER BY id DESC LIMIT $start,$end");
while ($mail_msg_user = mysql_fetch_array($mail_msg))
{
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_otrim` = '$user[id]' AND `id_user` = '$id'");
$v_msg=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$mail_msg_user[id_user]'"));
if($num==1){ 
echo "<div class='reki'>"; 
$num=0;
}else{ 
echo "<div class='rek'>"; 
$num=1;}
echo "<a href=\"my.php?id=$v_msg[id]\">$v_msg[nick]</a> ($mail_msg_user[time]) ";
if($mail_msg_user[id_user]==$user[id] && $mail_msg_user[read]==0){echo " (Не прочитано)";}
echo "<br>$mail_msg_user[msg]<br>";
echo "[<a href='mail.php?id=$id&act=del_msg&msg=$mail_msg_user[id]'>Удалить</a>] [<a href='mail.php?id=$id&act=spam&msg=$mail_msg_user[id]'>Спам</a>]</div>";
}

if($skok_pages>1){
for($i=1;$i<=$skok_pages;$i++){
if($i==$page){
echo "<span class=\"str_t\">$i</span>";
}else{
echo "<span class=\"str_l\"><a href='?id=$id&page=$i'>$i</a></span>";
}}}
}else{
head("Ошибка",$meuser,$auth);
echo "<div class='rowup'>";
include_once("incs/title.php");
echo "<a href=\"?\">Почта</a> - Ошибка</div>";
echo"Вы не авторизованы!<br>";
}
include_once("incs/down.php");
?>