File size: 2.45Kb
<?php
include ("../conf.php");
include ("../lock.php");
$add = "add";
if($_GET['page'] == $add)
{
if ($user == $myrow["user"] && $pass == $myrow["pass"])
{
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
include ("../head.php");
echo "<div class='nav'><form name='form' action='add.php?page=s&user=$user&pass=$pass' method='post'>";
echo "<input name='id_user' type='hidden' value='".$myrow['id']."'><input name='user2' type='hidden' value='".$myrow['user']."'>";
echo <<<sss
Сообщение:<br /><textarea name="text" rows="5" cols="25"></textarea><br />
<input type="submit" value="Отправить">
</form></div>
<div class='nav'>• <a href='index.php?user=$user&pass=$pass'>Назад</a></div>
sss;
include ("../foot.php");
exit();
}
else
{
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
include ("../head.php");
echo "<div class='nav'>";
echo "Ошибка! <br />Неверный <b>Ник</b> или<b>Пароль</b>!<br /></div>";
echo "<div class='nav'><a href='index.php'>На главную</a></div>";
include ("../foot.php");
}
}
$s = "s";
if($_GET['page']==$s)
{
if ($user == $myrow["user"] && $pass == $myrow["pass"])
{
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
include ("../head.php");
$text = htmlspecialchars(mysql_real_escape_string(trim($_POST['text']))); if ($text == ''){unset($text); }
$id_user = htmlspecialchars(mysql_real_escape_string(trim($_POST['id_user']))); if ($id_user == ''){unset($id_user); }
$user2 = htmlspecialchars(mysql_real_escape_string(trim($_POST['user2']))); if ($user2 == ''){unset($user2); }
$date = date("Y.m.d");
if (isset($text))
{
$result = mysql_query("INSERT INTO chat (text,date,id_user,user2) VALUES ('$text','$date','$id_user','$user2')");
if ($result == 'true')
{
echo "<div class='nav'>Сообщение успешно отправлено!</div>";
echo "<div class='nav'>• <a href='index.php?user=$user&pass=$pass'>В чат</a></div>";
include ("../foot.php");
}
}
else
{
echo "<div class='nav'>Ошибка! Сообщение не отправлено!</div>";
echo "<div class='nav'>• <a href='index.php?user=$user&pass=$pass'>В чат</a></div>";
include ("../foot.php");
exit();
}
}
else
{
echo "<link rel='stylesheet' type='text/css' href='../style.css'/>";
include ("../head.php");
echo "<div class='nav'>";
echo "Ошибка! <br />Неверный <b>Ник</b> или<b>Пароль</b>!<br /></div>";
echo "<div class='nav'><a href='index.php'>На главную</a></div>";
include ("../foot.php");
}
}
?>