File size: 17.81Kb
<?
session_start();
$title="Внутрення почта\n";
include ("header.php");
include ("func/aut.php");
print $div["header"];
print $div["end"];
$data=date("YmdHi");
$data4=date("Ymd");
$ref=rand(100000,1000000);
if (empty($mod)) $mod="index";
switch ($mod) {
case "index":
print $div["ten"];
$qi = mysql_query("select * from `letters` where ((`read`='0')and(`komu`='$login')and(`inout`='in'));");
$i=mysql_num_rows($qi);
$qir = mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='in'));");
$ir=mysql_num_rows($qir);
if (($autorize['id'] == '1') OR ($autorize['id'] == '6626')){
print "<img src=\"pics/st.gif\" alt=\"*\"/><b><a href=\"mail.php?mod=sub&".session_name()."=".session_id()."\">Рассылка</a></b><br/>";
}
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=input&".session_name()."=".session_id()."\">Входящие</a>($ir)[$i]<br/>";
$qir = mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='out'));");
$ir=mysql_num_rows($qir);
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=output&".session_name()."=".session_id()."\">Исходящие</a>($ir)<br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=sent&".session_name()."=".session_id()."\">Написать</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"search.php?mod=sent&".session_name()."=".session_id()."\">Поиск</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=delall&".session_name()."=".session_id()."\">Удалить все сообщения</a><br/>";
print "<br/><img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
break;
case "sub":
if (empty($message)){
if ($_SESSION['wap']=="xml"){
print "<form action=\"mail.php?mod=sub&".session_name()."=".session_id()."\" method=\"post\">";
print "<img src=\"../pics/st.gif\" alt=\"*\"/>";print "Сообщение: <br/>";
print "<input name=\"message\" maxlength=\"1500\" value=\"$msg_db\" title=\"Text\"/><br/>";
print "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
print "</form>";
}
}
else
{
$mess = htmlspecialchars($message);
$mess = stripslashes($mess);
$xfile = mysql_query("select * from `uzvers`;");
$datamsg=date("d.m.Y H:i");
while ($udata = @mysql_fetch_array ($xfile)){
$radd = mysql_query("insert into letters set who='Admin',komu='".$udata['log']."',msg='".$mess."', data='".$datamsg."', inout='in';") or die ('Error!');
}
print "Рассылка успешна!<br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"mail.php?op=default&".session_name()."=".session_id()."\">Назад</a><br/>";
}
include ("footer.php");
exit();
break;
case "input":
$page=@$_GET['page'];
if (!isset($page) || $page=='' || $page<1 ) {
$page=1;}
$max_lines_on_page=$autorize['letmsg'];
$maxpages=5;
$t=2;
$limit=($page-1)* $max_lines_on_page;
$q=mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='in'));");
$all=mysql_num_rows($q);
$query = mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='in')) order by `id` DESC;");
print $div["ten"];
print "<b>Входящие:</b><br/>";
if ($_SESSION['wap']!="xml") {print "-<br/>";}
if (mysql_affected_rows()==0)
{
print "Сообщений нет!<br/>";
}
else
{
while ($field=mysql_fetch_array($query))
{
$id=$field['id'];
$who=$field['who'];
$data_msg=$field['data'];
$read=$field['read'];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=read&msgid=$id&".session_name()."=".session_id()."\">$who</a>[$data_msg]";if ($read==0){ print "<b>[NEW]</b>"; }
print "<br/>";
}
}
print $div["end"];
//функция навигации
function PRINT_NUM_PAGE(){
//global $page,$all, $max_lines_on_page, $max_pages_on_page, $maxpages, $t, $p;
//$maxpage=ceil($all/$max_lines_on_page);
if ($maxpage>0&&$maxpage!=1){
if ($page>1) print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=".($page-1)."&".session_name()."=".session_id()."\">«-</a>";
else print "«-";
print " | </small><input name=\"page\" maxlength=\"3\" value=\"1\" size=\"3\"/><small>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=$(page)&".session_name()."=".session_id()."\">»</a> | ";
if ($page<$maxpage) print " <img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=".($page+1)."&".session_name()."=".session_id()."\">-»</a> <br/>";
else print " -» <br/>";
if ($page>4) {print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=1\">1</a> ... "; }
if ($t=='2'){
$l=$page - floor($maxpages/2);
$r=$page + floor($maxpages/2);
if ($l<1){$l='1'; $r=$maxpages;}
if ($r>$maxpage){$r=$r+$r/2;}
if (($page-1)>$maxpages-3/2){ $ll=$l+1; print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=$ll&".session_name()."=".session_id()."\">«</a> ";
}
}else{
$l = ceil($page/$maxpages)*$maxpages+1- $maxpages;
$r = ceil($page/$maxpages)*$maxpages;
}
$l=$l;
for ($l; $l<=$r; $l++){
if ($l>$maxpage)break;
if ($l == $page){
print " <b>$page</b> ";
}else{
print " <img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=$l&".session_name()."=".session_id()."\">$l</a> ";}
}
if ($maxpage>$r) { $ll=$r+1;
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"".$PHP_SELF."?mod=input&page=$ll&".session_name()."=".session_id()."\">»</a> ";}
if ($page<$maxpage-2) {print "<img src=\"pics/st.gif\" alt=\"*\"/>... <a href=\"".$PHP_SELF."?mod=input&page=$maxpage&".session_name()."=".session_id()."\">$maxpage</a> ";}
print "<br/>";
}
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=index&".session_name()."=".session_id()."\">Внутреняя почта</a>";
print "<br/><img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
}
print $div["ten"];
PRINT_NUM_PAGE();
break;
case "output":
$page=@$_GET['page'];
if (!isset($page) || $page=='' || $page<1 ) {
$page=1;}
$max_lines_on_page=$autorize['letmsg'];
$maxpages=5;
$t=2;
$limit=($page-1)* $max_lines_on_page;
$q= mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='out'));");
$all=mysql_num_rows($q);
$query = mysql_query("select * from `letters` where ((`komu`='$login')and(`inout`='out')) order by `id`;");
print $div["ten"];
print "<b>Отправленные:</b><br/>";
if ($_SESSION['wap']!="xml") {print "-<br/>";}
if (mysql_affected_rows()==0)
{
print "Сообщений нет!<br/>";
}
else
{
while ($field=mysql_fetch_array($query))
{
$id=$field['id'];
$who=$field['who'];
$data_msg=$field['data'];
$read=$field['read'];
print "<a href=\"mail.php?mod=readout&msgid=$id&".session_name()."=".session_id()."\">$who</a>[$data_msg]";
print "<br/>";
}
}
print $div["end"];
//функция навигации
function PRINT_NUM_PAGE(){
//global $page,$all, $max_lines_on_page, $max_pages_on_page, $maxpages, $t, $p;
//$maxpage=ceil($all/$max_lines_on_page);
if ($maxpage>0&&$maxpage!=1){
if ($page>1) print "<a href=\"".$PHP_SELF."?mod=output&?page=".($page-1)."&".session_name()."=".session_id()."\">«-</a>";
else print "«-";
print " | </small><input name=\"page\" maxlength=\"3\" value=\"1\" size=\"3\"/><small>";
print "<a href=\"".$PHP_SELF."?mod=output&page=$(page)&".session_name()."=".session_id()."\">»</a> | ";
if ($page<$maxpage) print " <a href=\"".$PHP_SELF."?mod=output&page=".($page+1)."&".session_name()."=".session_id()."\">-»</a> <br/>";
else print " -» <br/>";
if ($page>4) {print "<a href=\"".$PHP_SELF."?mod=output&page=1\">1</a> ... "; }
if ($t=='2'){
$l=$page - floor($maxpages/2);
$r=$page + floor($maxpages/2);
if ($l<1){$l='1'; $r=$maxpages;}
if ($r>$maxpage){$r=$r+$r/2;}
if (($page-1)>$maxpages-3/2){ $ll=$l+1; print "<a href=\"".$PHP_SELF."?mod=output&page=$ll&".session_name()."=".session_id()."\">«</a> ";
}
}else{
$l = ceil($page/$maxpages)*$maxpages+1- $maxpages;
$r = ceil($page/$maxpages)*$maxpages;
}
$l=$l;
for ($l; $l<=$r; $l++){
if ($l>$maxpage)break;
if ($l == $page){
print " <b>$page</b> ";
}else{
print " <a href=\"".$PHP_SELF."?mod=output&page=$l&".session_name()."=".session_id()."\">$l</a> ";}
}
if ($maxpage>$r) { $ll=$r+1;
print "<a href=\"".$PHP_SELF."?mod=output&page=$ll&".session_name()."=".session_id()."\">»</a> ";}
if ($page<$maxpage-2) {print "... <a href=\"".$PHP_SELF."?mod=output&page=$maxpage&".session_name()."=".session_id()."\">$maxpage</a> ";}
print "<br/>";
}
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=index&".session_name()."=".session_id()."\">Внутреняя почта</a>";
print "<br/><img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
print $div["end"];
}
print $div["ten"];
PRINT_NUM_PAGE();
break;
case "read":
$q_msg = mysql_query("select * from `letters` where ((`komu`='$login')and(`id`='$msgid')and(`inout`='in'));");
if (mysql_affected_rows()==0)
{
print "Нет такого сообщения!<br/>";
print $div["div"];
}
else
{
print $div["ten"];
$row_msg=mysql_fetch_array($q_msg);
$who=$row_msg['who'];
$db_data=$row_msg['data'];
$msg=$row_msg['msg'];
print "<b>Сообщение от:</b> $who<br/>";
print "<b>Дата:</b> $db_data<br/>";
print "<b>Текст: </b>$msg<br/>";
@mysql_query("UPDATE `letters` SET `read`='1' WHERE `id`='$msgid';");
}
print $div["end"];
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=sent&user=$who&".session_name()."=".session_id()."\">Ответить</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=delin&delid=$msgid&".session_name()."=".session_id()."\">Удалить</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=input&".session_name()."=".session_id()."\">Входящие</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
break;
case "readout":
$q_msg = mysql_query("select * from `letters` where ((`komu`='$login')and(`id`='$msgid')and(`inout`='out'));");
if (mysql_affected_rows()==0)
{
print $div["header"];
print "Нет такого сообщения!<br/>";
print $div["end"];
}
else
{
print $div["ten"];
$row_msg=mysql_fetch_array($q_msg);
$who=$row_msg['who'];
$db_data=$row_msg['data'];
$msg=$row_msg['msg'];
print "<b>Сообщение от:</b>$who<br/>";
print "<b>Дата:</b> $db_data<br/>";
print "<b>Сообщение:</b> $msg<br/>";
@mysql_query("UPDATE `letters` SET `read`='1' WHERE `id`='$msgid';");
print $div["end"];
}
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=sent&user=$who&".session_name()."=".session_id()."\">Ответить</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=delout&delid=$msgid&".session_name()."=".session_id()."\">Удалить</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=output&".session_name()."=".session_id()."\">Отправленные</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
break;
case "sent":
$uname = $_GET['uname'];
if (empty($go)){
print $div["ten"];
print "Написать: <br/>";
print $div["end"];
print $div["ten"];
if ($_SESSION['wap']=="xml")
{
$_SESSION['pswd']=rand(10000,99999);
print "<form action=\"mail.php?mod=sent&go=add&".session_name()."=".session_id()."\" method=\"post\">";
print "<div>";
print "Кому: <br/>";
print "<input name=\"komu\" value=\"$user\" title=\"Text\"/><br/>";
print "Сообщение: <br/>";
print "<input name=\"msg\" title=\"Text\"/><br/>";
print "Введите число на картинке: ";
print "<img src=\"pic.php?".session_name()."=".session_id()."\" alt=\"...\"/><br/>";
print "<input name=\"psw\" maxlength=\"5\"/><br/>";
print "<input class=\"ibutton\" type=\"submit\" value=\"Отправить\"/>";
print "</div>";
print "</form>";
}
else
{
print "Кому: <br/>";
print "</small><input name=\"komu".$ref."\" maxlength=\"20\" value=\"$user\" title=\"Text\"/><br/><small>";
print "Сообщение: <br/>";
print "</small><input name=\"msg".$ref."\" maxlength=\"200\" title=\"Text\"/><br/><small>";
print "<img src=\"pics/st.gif\" alt=\"*\"/><anchor title=\"send\">Отправить<go href=\"mail.php?mod=sent&go=add&".session_name()."=".session_id()."\" method=\"post\">";
print "<postfield name=\"komu\" value=\"$(komu".$ref.")\"/>";
print "<postfield name=\"msg\" value=\"$(msg".$ref.")\"/>";
print "</go></anchor><br/>";
}
print $div["end"];
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=index&".session_name()."=".session_id()."\">Сообщения</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
}
else
{
$q = mysql_query("select * from `uzvers` where `log`='$komu';");
if (mysql_affected_rows()==0)
{
print "Нет такого пользователя!<br/>";
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=index&".session_name()."=".session_id()."\">Сообщения</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
}
elseif ($_SESSION['pswd']!=$psw) { print 'Число на картинке и ваше не совпадают!'; print $div["ten"];
$_SESSION['pswd']=rand(10000,99999); }
else
{
if (!empty($msg))
{
print $div["ten"];
$datamsg=date("d.m.Y H:i");
$k=$autorize['log'];
@mysql_query("insert into `letters` values(0,'$k','$komu','$msg','$datamsg','0','in');")or die ("FUCK");
@mysql_query("insert into `letters` values(0,'$komu','$k','$msg','$datamsg','0','out');")or die ("FUCK");
print "Сообщение отправленно!<br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"mail.php?op=default&".session_name()."=".session_id()."\">Назад</a><br/>";
print $div["end"];
}
else
{
print $div["ten"];
print "Сообщение не может быть пустым!<br/>";
}
print $div["ten"];
}
}
break;
case "delall":
print $div["ten"];
mysql_query("delete from `letters` where ((`komu`='$login')and(`inout`='in'))");
mysql_query("delete from `letters` where ((`who`='$login')and(`inout`='out'))");
print "Сообщения удалены!<br/>";
print $div["end"];
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=index&".session_name()."=".session_id()."\">Сообщения</a><br/>";
print "<img src=\"pics/st.gif\" alt=\"*\"/>";print "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>";
break;
case "delin":
print $div["ten"];
mysql_query("delete from `letters` where ((`komu`='$login')and(`inout`='in')and(`id`='$delid'))");
print "Сообщение удалено!<br/>";
print $div["end"];
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=input&".session_name()."=".session_id()."\">Входящие</a><br/>";
break;
case "delout":
print $div["ten"];
mysql_query("delete from `letters` where ((`who`='$login')and(`inout`='out')and(`id`='$delid'))");
print "Сообщение удалено!<br/>";
print $div["end"];
print $div["ten"];
print "<img src=\"pics/st.gif\" alt=\"*\"/><a href=\"mail.php?mod=output&".session_name()."=".session_id()."\">Исходящие</a><br/>";
break;
}
if ($_SESSION['wap']!="xml") {print "-<br/>";}
print $div["end"];
include ("footer.php");
?>