<?php
//POWERED by ILI
// ICQ : 197042
//site: ili.wab.ru
// ilichat v4.0
error_reporting(0);
require_once"./includes/functions/gzip.php";
include('start.php');
include("config.php");
include("./includes/constants/letters");
include("./includes/".$ver."/banned");
$old_letters = 7; //DAYS
$fd = fopen("letters.dat", "r");
$clear_time = intval(fgets($fd));
fclose($fd);
if($clear_time < time())
{
$delete = mysql_query("DELETE FROM `chat_letters` WHERE `time` < '".(time() - (3600 * 24 * $old_letters))."';");
$fd = fopen("letters.dat", "w");
flock($fd, LOCK_EX);
$puts = fputs($fd, (time() + 3600 * 24 * $old_letters));
flock($fd, LOCK_UN);
fclose($fd);
}
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;
$nocache = rand(1000, 9999);
switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_affected_rows() == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"ERROR\" ontimer=\"index.php?ver=wml\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Ошибка авторизации!<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
else
{
$nickname = mysql_result($q, 0, 'nickname');
}
//END AUTH
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"".TITLE."\"><p align=\"left\">\n";
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'inbox':
echo INBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."';");
$all = mysql_result($q, 0);
if(isset($_GET['page']))
{
$page = intval($_GET['page']);
}
else
{
$page = 0;
}
if($page < 0) $page = 0;
if($page > intval($all/ONPAGE)) $page = intval($all/ONPAGE);
$limit = ($page * ONPAGE).", ".($page * ONPAGE + ONPAGE);
$q = mysql_query("SELECT `lid`, `subject`, `read` FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."' ORDER BY `lid` DESC LIMIT ".$limit.";");
if(mysql_num_rows($q) == 0)
{
echo INBOX_IS_NOT."<br/>\n";
}
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
$read = $letter['read'];
if($read == 0)
{
echo "[NEW] <a href=\"letters.php?".SID."&ver=wml&mod=view&lid=$lid\">$title</a><br/>\n";
}
else
{
echo "<a href=\"letters.php?".SID."&ver=wml&mod=view&lid=$lid\">$title</a><br/>\n";
}
}
if($page > 0)
{
echo "<a href='letters.php?".SID."&mod=inbox&ver=wml&page=".($page - 1)."'>".htmlspecialchars("<<<")."</a><br />\n";
}
if($all > $page * ONPAGE + ONPAGE)
{
echo "<a href='letters.php?".SID."&mod=inbox&ver=wml&page=".($page + 1)."'>".htmlspecialchars(">>>")."</a><br />\n";
}
break;
case 'outbox':
echo OUTBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."';");
$all = mysql_result($q, 0);
if(isset($_GET['page']))
{
$page = intval($_GET['page']);
}
else
{
$page = 0;
}
if($page < 0) $page = 0;
if($page > intval($all/ONPAGE)) $page = intval($all/ONPAGE);
$limit = ($page * ONPAGE).", ".($page * ONPAGE + ONPAGE);
$q = mysql_query("SELECT `lid`, `subject` FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."' ORDER BY `lid` DESC;");
if ($start > 10) print "<a href=\"letters.php?".SID."&mod=outbox&start=0&ver=wml\"><<<<</a><br/>";
if ($start > 0) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($start-10)."&ver=wml\"><<<</a><br/>";
if(mysql_num_rows($q) == 0)
{
echo OUTBOX_IS_NOT."<br/>\n";
}
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
echo "<a href=\"letters.php?".SID."&ver=wml&mod=view&lid=$lid\">$title</a><br/>\n";
}
if ($all > $start + 5) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($start + 5)."&ver=wml\">>>></a><br/>";
if ($all - $start > 10) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($all - 5)."&ver=wml\">>>>></a><br/>";
break;
case 'view':
$lid = intval($_GET['lid']);
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '".$lid."' AND `id` = '".$id."';");
if(mysql_num_rows($q) == 0)
{
echo LETTER_DOES_NOT_EXISTS."<br/>";
echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
mysql_query("UPDATE `chat_letters` SET `read` = 1 WHERE `lid` = '".$lid."';");
$letter = mysql_fetch_array($q);
$lid = $letter['lid'];
$to = $letter['to'];
$from = $letter['from'];
$title = $letter['subject'];
$text = $letter['body'];
$date = $letter['date'];
if($to == $id)
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_FROM.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=send&toid=$from&nocache=$nocache\">Ответить</a><br/>\n";
}
else
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$to."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_TO.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
echo "<a href=\"letters.php?".SID."&ver=wml&mod=delete&lid=$lid&nocache=$nocache\">Удалить</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=deleteallfrom&drom=$from&nocache=$nocache\">Удалить все от $nick</a><br/>\n";
break;
case 'send':
if(!isset($_POST['action']))
{
if(isset($_GET['toid']))
{
$toid = intval($_GET['toid']);
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$toid."';");
$nick = mysql_result($q, 0);
}
else
{
$nick = "";
}
echo LETTER_TITLE.":<br/>\n";
echo "<input name=\"title$nocache\" maxlength=\"15\" title=\"title\"/><br/>\n";
echo LETTER_TO.":<br/>\n";
echo "<input name=\"nick$nocache\" value=\"$nick\" maxlength=\"15\" title=\"nick\"/><br/>\n";
echo LETTER_BODY.":<br/>\n";
echo "<input name=\"text$nocache\" value=\"\" maxlength=\"300\" title=\"text\"/><br/>\n";
echo "Транслитировать:<br/>\n";
echo "<select multiple=\"true\" name=\"translit$nocache\">\n";
echo "<option value=\"tt\">Залоговок</option>\n";
echo "<option value=\"nt\">Кому</option>\n";
echo "<option value=\"text\">".LETTER_BODY."</option>\n";
echo "</select><br/>\n";
echo "<anchor>[Отправить]<go href=\"letters.php?".SID."&ver=wml&mod=send&nocache=$nocache\" method=\"post\" sendreferer=\"true\">\n";
echo "<postfield name=\"title\" value=\"$(title$nocache)\"/>\n";
echo "<postfield name=\"nick\" value=\"$(nick$nocache)\"/>\n";
echo "<postfield name=\"text\" value=\"$(text$nocache)\"/>\n";
echo "<postfield name=\"translit\" value=\"$(translit$nocache)\"/>\n";
echo "<postfield name=\"action\" value=\"send\"/>\n";
echo "</go></anchor><br/>\n";
}
else
{
$lat = array("Ch", "ch", "Ye", "ye", "Yu", "yu", "Ya", "ya", "Shc", "shc", "Sh", "sh", "Yo", "yo", "Q", "q", "'", "A", "a", "B", "b", "C", "c", "D", "d", "E", "e", "F", "f", "G", "g", "H", "h", "I", "i", "J", "j", "K", "k", "L", "l", "M", "m", "N", "n", "O", "o", "P", "p", "R", "r", "S", "s", "T", "t", "U", "u", "V", "v", "X", "x", "Z", "z");
$rus = array("Ч", "ч", "Э", "э", "Ю", "ю", "Я", "я", "Щ", "щ", "Ш", "ш", "Ё", "ё", "Ь", "ь", "ъ", "А", "а", "Б", "б", "Ц", "ц", "Д", "д", "Е", "е", "Ф", "ф", "Г", "г", "Х", "х", "И", "и", "Ж", "ж", "К", "к", "Л", "л", "М", "м", "Н", "н", "О", "о", "П", "п", "Р", "р", "С", "с", "Т", "т", "У", "у", "В", "в", "Х", "х", "З", "з");
$title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
$nick = htmlspecialchars(mysql_escape_string(trim($_POST['nick'])));
$text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
$translit = $_POST['translit'];
if(substr_count($translit, "tt") != 0)
{
$title = str_replace($lat, $rus, $title);
}
if(substr_count($translit, "nt") != 0)
{
$nick = str_replace($lat, $rus, $nick);
}
if(substr_count($translit, "text") != 0)
{
$text = str_replace($lat, $rus, $text);
}
$q = mysql_query("SELECT * FROM `chat_users` WHERE `nickname` = '".$nick."';");
if(mysql_affected_rows() == 0)
{
echo USER_WAS_NOT_FOUND."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
else
{
$user_data = mysql_fetch_array($q);
$toid = $user_data['id'];
$system = $user_data['system'];
$place = $user_data['place'];
$key = $user_data['key'];
$user_pass = $user_data['password'];
$time = $user_data['time'];
$place = $user_data['place'];
}
if(empty($title))
{
echo ERROR_TITLE_IS_EMPTY."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
if(empty($text))
{
echo ERROR_BODY_IS_EMPTY."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
$date = date("d-m-Y H:i:s");
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `subject` = '".$title."' AND `body` = '".$text."' AND `to` = '".$toid."';");
if(mysql_num_rows($q) != 0)
{
echo ERROR_SPAM."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
$query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$toid."', '".$toid."', '".$id."', '".$title."', '".$text."', '".$date."', '".time()."', 0);");
if($toid != $id)
{
$query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$id."', '".$toid."', '".$id."', '".$title."', '".$text."', '".$date."', '".time()."', 0);");
}
//Avtootvet
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$toid."';");
$avtootvet = mysql_result($q, 0);
if(!empty($avtootvet)) mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$id."', '".$id."', '".$toid."', '".$nick."(avtoanswer)', '".addslashes($avtootvet)."', '".$date."', '".time()."', 0);");
//END Avtootvet
if($system == 1 && $time >= time())
{
$bot = file("bots/bots.dat");
$system_bot = trim($bot[3]);
$message = "$nick, Вам пришло новое письмо от пользователя \"".$nickname."\" с заголовком \"".$title."\".<br />\n";
$message .= "<a href=\'letters.php?<usersid>&mod=inbox\'>[Просмотреть]</a>\n";
mysql_query("INSERT INTO `chat".$place."` VALUES(0, '5', '".$system_bot."', '".$message."', '".$toid."', '".date("H:i:s")."', ".time().");");
}
if($query)
{
echo LETTER_SEND_SUCCESS."<br/>\n";
}
else
{
echo LETTER_SEND_ERROR."<br/>\n";
echo "<u>".mysql_error()."</u><br/>\n";
}
}
break;
case 'clear':
$q = mysql_query("DELETE FROM `chat_letters` WHERE `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo LETTERS_ARE_REMOVED."<br/>\n";
}
else
{
echo MAILBOX_IS_EMPTY."<br/>\n";
}
break;
case 'delete':
$lid = intval($_GET['lid']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '".$lid."' AND `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo LETTER_ARE_REMOVED."<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'deleteallfrom':
$drom= intval($_GET['drom']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `from` = '".$drom."' AND `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo "Письма от Этого ника удалены<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'avtootvet4ik':
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$id."';");
$avtotext = mysql_result($q, 0);
if($_POST['action'] !== "setavtootvet4ik")
{
echo "Текст:<br/>\n";
echo "<input name=\"avtotext$nocache\" value=\"$avtotext\" maxlength=\"15\" title=\"avtotext\"/><br/>\n";
echo "<anchor>[Задать]<go href=\"letters.php?".SID."&ver=wml&mod=avtootvet4ik&nocache=$nocache\" method=\"post\" sendreferer=\"true\">\n";
echo "<postfield name=\"avtotext\" value=\"$(avtotext$nocache)\"/>\n";
echo "<postfield name=\"action\" value=\"setavtootvet4ik\"/>\n";
echo "</go></anchor><br/>\n";
}
else
{
$avtotext = htmlspecialchars(addslashes($_POST['avtotext']));
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
mysql_query("INSERT INTO `chat_autoans` SET `auans` = '".$avtotext."', `id` = '".$id."';");
}
else{
mysql_query("UPDATE `chat_autoans` SET `auans` = '".$avtotext."' WHERE `id` = '".$id."';");
}
echo "Автотекст задан!<br/>\n";
}
break;
default:
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."' AND `read` = 0;");
$newto = mysql_result($q, 0);
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."';");
$to = mysql_result($q, 0);
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."';");
$from = mysql_result($q, 0);
echo "Письма, которые находятся в базе данных больше недели - удаляются.<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=inbox\">".INBOX." ($newto/$to)</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=outbox\">".OUTBOX." ($from)</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=send\">Написать</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=clear\">Удалить все письма</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=wml&mod=avtootvet4ik\">Задать текст для автоответчика</a><br/>\n";
echo "<a href=\"frlist.php?".SID."&ver=wml\">Список друзей</a><br/>\n";
break;
}
if(!empty($mod)) echo "<a href=\"letters.php?".SID."&ver=wml\">Почта</a><br/>\n";
echo "<br/><a href=\"my.php?".SID."&ver=wml\">Личный Кабинет</a>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
break;
////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
$my_title = "Письма";
if(!isset($_COOKIE['theme'])) $_COOKIE['theme'] = 1;
include_once "themes/".intval($_COOKIE['theme'])."/index.php";
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_affected_rows() == 0)
{
echo "Ошибка авторизации!<br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
else
{
$nickname = mysql_result($q, 0, 'nickname');
}
//END AUTH
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'inbox':
echo INBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."';");
$all = mysql_result($q, 0);
if(isset($_GET['start'])) $start = $_GET['start'];
else $start = 0;
if($start < 0) $start = 0;
if($start > $all) $start = 0;
$q = mysql_query("SELECT `lid`, `subject`, `read` FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."' ORDER BY `lid` DESC LIMIT $start, 5;");
if ($start > 10) print "<a href=\"letters.php?".SID."&mod=inbox&start=0&ver=html\"><<<<</a><br/>";
if ($start > 0) print "<a href=\"letters.php?".SID."&mod=inbox&start=".($start-5)."&ver=html\"><<<</a><br/>";
if(mysql_num_rows($q) == 0)
{
echo INBOX_IS_NOT."<br/>\n";
}
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
$read = $letter['read'];
if($read == 0)
{
echo "[NEW] <a href=\"letters.php?".SID."&ver=html&mod=view&lid=$lid\">$title</a><br/>\n";
}
else
{
echo "<a href=\"letters.php?".SID."&ver=html&mod=view&lid=$lid\">$title</a><br/>\n";
}
}
if ($all > $start + 5) print "<a href=\"letters.php?".SID."&mod=inbox&start=".($start+5)."&ver=html\">>>></a><br/>";
if ($all - $start > 10) print "<a href=\"letters.php?".SID."&mod=inbox&start=".($all-5)."&ver=html\">>>>></a><br/>";
break;
case 'outbox':
echo OUTBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."';");
$all = mysql_result($q, 0);
if(isset($_GET['start'])) $start = $_GET['start'];
else $start = 0;
if($start < 0) $start = 0;
if($start > $all) $start = 0;
$q = mysql_query("SELECT `lid`, `subject` FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."' ORDER BY `lid` DESC;");
if ($start > 10) print "<a href=\"letters.php?".SID."&mod=outbox&start=0&ver=html\"><<<<</a><br/>";
if ($start > 0) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($start-10)."&ver=html\"><<<</a><br/>";
if(mysql_num_rows($q) == 0)
{
echo OUTBOX_IS_NOT."<br/>\n";
}
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
echo "<a href=\"letters.php?".SID."&ver=html&mod=view&lid=$lid\">$title</a><br/>\n";
}
if ($all > $start + 5) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($start + 5)."&ver=html\">>>></a><br/>";
if ($all - $start > 10) print "<a href=\"letters.php?".SID."&mod=outbox&start=".($all - 5)."&ver=html\">>>>></a><br/>";
break;
case 'view':
$lid = intval($_GET['lid']);
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '".$lid."' AND `id` = '".$id."';");
if(mysql_num_rows($q) == 0)
{
echo LETTER_DOES_NOT_EXISTS."<br/>";
echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
mysql_query("UPDATE `chat_letters` SET `read` = 1 WHERE `lid` = '".$lid."';");
$letter = mysql_fetch_array($q);
$lid = $letter['lid'];
$to = $letter['to'];
$from = $letter['from'];
$title = $letter['subject'];
$text = $letter['body'];
$date = $letter['date'];
if($to == $id)
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_FROM.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=send&toid=$from&nocache=$nocache\">Ответить</a><br/>\n";
}
else
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$to."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_TO.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
echo "<a href=\"letters.php?".SID."&ver=html&mod=delete&lid=$lid&nocache=$nocache\">Удалить</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=deleteallfrom&drom=$from&nocache=$nocache\">Удалить все от $nick</a><br/>\n";
break;
case 'send':
if(!isset($_POST['action']))
{
if(isset($_GET['toid']))
{
$toid = intval($_GET['toid']);
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$toid."';");
$nick = mysql_result($q, 0);
}
else
{
$nick = "";
}
echo "<form method=\"post\" action=\"letters.php?".SID."&nocache=$nocache&ver=html&mod=send\">\n";
echo LETTER_TITLE.":<br/>\n";
echo "<input name=\"title\" type=\"text\" value=\"\" size=\"15\" maxlength=\"15\"/><br/>\n";
echo LETTER_TO.":<br/>\n";
echo "<input name=\"nick\" type=\"text\" value=\"$nick\" size=\"15\" maxlength=\"20\"/><br/>\n";
echo LETTER_BODY.":<br/>\n";
echo "<input name=\"text\" type=\"text\" value=\"\" size=\"15\" maxlength=\"300\"/><br/>\n";
echo "Транслитировать:<br/>\n";
echo "<select multiple=\"multiple\" name=\"translit$nocache\">\n";
echo "<option value=\"name\">Название</option>\n";
echo "<option value=\"topic\">".LETTER_TITLE."</option>\n";
echo "</select><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"send\"/>";
echo "<input type=\"submit\" value=\"Отправить\"/></form><br/>\n";
}
else
{
$lat = array("Ch", "ch", "Ye", "ye", "Yu", "yu", "Ya", "ya", "Shc", "shc", "Sh", "sh", "Yo", "yo", "Q", "q", "'", "A", "a", "B", "b", "C", "c", "D", "d", "E", "e", "F", "f", "G", "g", "H", "h", "I", "i", "J", "j", "K", "k", "L", "l", "M", "m", "N", "n", "O", "o", "P", "p", "R", "r", "S", "s", "T", "t", "U", "u", "V", "v", "X", "x", "Z", "z");
$rus = array("Ч", "ч", "Э", "э", "Ю", "ю", "Я", "я", "Щ", "щ", "Ш", "ш", "Ё", "ё", "Ь", "ь", "ъ", "А", "а", "Б", "б", "Ц", "ц", "Д", "д", "Е", "е", "Ф", "ф", "Г", "г", "Х", "х", "И", "и", "Ж", "ж", "К", "к", "Л", "л", "М", "м", "Н", "н", "О", "о", "П", "п", "Р", "р", "С", "с", "Т", "т", "У", "у", "В", "в", "Х", "х", "З", "з");
$title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
$nick = htmlspecialchars(mysql_escape_string(trim($_POST['nick'])));
$text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
$translit = $_POST['translit'];
if(substr_count($translit, "tt") != 0)
{
$title = str_replace($lat, $rus, $title);
}
if(substr_count($translit, "nt") != 0)
{
$nick = str_replace($lat, $rus, $nick);
}
if(substr_count($translit, "text") != 0)
{
$text = str_replace($lat, $rus, $text);
}
$q = mysql_query("SELECT * FROM `chat_users` WHERE `nickname` = '".$nick."';");
if(mysql_affected_rows() == 0)
{
echo USER_WAS_NOT_FOUND."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
else
{
$user_data = mysql_fetch_array($q);
$toid = $user_data['id'];
$system = $user_data['system'];
$place = $user_data['place'];
$key = $user_data['key'];
$user_pass = $user_data['password'];
$time = $user_data['time'];
$place = $user_data['place'];
}
if(empty($title))
{
echo ERROR_TITLE_IS_EMPTY."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
if(empty($text))
{
echo ERROR_BODY_IS_EMPTY."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
$date = date("d-m-Y H:i:s");
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `subject` = '".$title."' AND `body` = '".$text."' AND `to` = '".$toid."';");
//SPAM
if(mysql_num_rows($q) != 0)
{
echo ERROR_SPAM."<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
//END SPAM
$query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$toid."', '".$toid."', '".$id."', '".$title."', '".$text."', '".$date."', '".time()."', 0);");
if($toid != $id)
{
$query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$id."', '".$toid."', '".$id."', '".$title."', '".$text."', '".$date."', '".time()."', 0);");
}
//Avtootvet
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$toid."';");
$avtootvet = mysql_result($q, 0);
if(!empty($avtootvet)) mysql_query("INSERT INTO `chat_letters` VALUES(0, '".$id."', '".$id."', '".$toid."', '".$nick."(avtoanswer)', '".addslashes($avtootvet)."', '".$date."', '".time()."', 0);");
//END Avtootvet
if($system == 1 && $time >= time())
{
$bot = file("bots/bots.dat");
$system_bot = trim($bot[3]);
$message = "$nick, Вам пришло новое письмо от пользователя \"".$nickname."\" с заголовком \"".$title."\".<br />\n";
$message .= "<a href=\'letters.php?<usersid>&mod=inbox&ver=html\'>[Просмотреть]</a>\n";
mysql_query("INSERT INTO `chat".$place."` VALUES(0, '5', '".$system_bot."', '".$message."', '".$toid."', '".date("H:i:s")."', ".time().");");
}
if($query)
{
echo LETTER_SEND_SUCCESS."<br/>\n";
}
else
{
echo LETTER_SEND_ERROR."<br/>\n";
echo "<u>".mysql_error()."</u><br/>\n";
}
}
break;
case 'clear':
$q = mysql_query("DELETE FROM `chat_letters` WHERE `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo LETTERS_ARE_REMOVED."<br/>\n";
}
else
{
echo MAILBOX_IS_EMPTY."<br/>\n";
}
break;
case 'delete':
$lid = intval($_GET['lid']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '".$lid."';");
if(mysql_affected_rows() != 0)
{
echo LETTER_ARE_REMOVED."<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'deleteallfrom':
$drom= intval($_GET['drom']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `from` = '".$drom."' AND `id` = '".$id."';");
if(mysql_affected_rows() != 0)
{
echo "Письма от Этого ника удалены<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'avtootvet4ik':
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$id."';");
$avtotext = mysql_result($q, 0);
if($_POST['action'] !== "setavtootvet4ik")
{
echo "<form method=\"post\" action=\"letters.php?".SID."&nocache=$nocache&ver=html&mod=avtootvet4ik\">\n";
echo "Text:<br/>\n";
echo "<input name=\"avtotext\" type=\"text\" value=\"$avtotext\" size=\"15\" maxlength=\"200\"/><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"setavtootvet4ik\"/>";
echo "<input type=\"submit\" value=\"Отправить\"/></form><br/>\n";
}
else
{
$avtotext = htmlspecialchars(addslashes($_POST['avtotext']));
$q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '".$id."';");
if(mysql_affected_rows() == 0)
{
mysql_query("INSERT INTO `chat_autoans` SET `auans` = '".$avtotext."', `id` = '".$id."';");
}
else{
mysql_query("UPDATE `chat_autoans` SET `auans` = '".$avtotext."' WHERE `id` = '".$id."';");
}
echo "Автотекст задан!<br/>\n";
}
break;
default:
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."' AND `read` = 0;");
$newto = mysql_result($q, 0);
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `to` = '".$id."';");
$to = mysql_result($q, 0);
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '".$id."' AND `from` = '".$id."';");
$from = mysql_result($q, 0);
echo "Письма, которые находятся в базе данных больше недели - удаляются.<br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=inbox\">".INBOX." ($newto/$to)</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=outbox\">".OUTBOX." ($from)</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=send\">Написать</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=clear\">Удалить все письма</a><br/>\n";
echo "<a href=\"letters.php?".SID."&ver=html&mod=avtootvet4ik\">Задать текст для автоответчика</a><br/>\n";
echo "<a href=\"frlist.php?".SID."&ver=html\">Список друзей</a><br/>\n";
break;
}
if(!empty($mod)) echo "<a href=\"letters.php?".SID."&ver=html\">Почта</a><br/>\n";
echo "<br/><a href=\"my.php?".SID."&ver=html\">Личный Кабинет</a>\n";
echo "<br/><a href=\"menu.php?".SID."&ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
break;
}
?>