View file znwap/mes.php

File size: 17.64Kb
<?php



if ($mode=='sendok') {
	if (checkantirep()){
		$l=delhtml($_REQUEST['l']);
		$body=insertsmiles(delhtml($_POST['body']));
		if ((trim($l)!="") && ($l!=$login)) {
			if (trim($body)!="") {
				$res=mysql_query("SELECT * FROM zn_anket WHERE login='$l'");
				if (mysql_num_rows($res)!=0) {
					$a=mysql_fetch_array($res);
					$f=mysql_query("SELECT * FROM zn_friends WHERE alogin='$login' AND flogin='$l'");
					if (mysql_num_rows($f)==0) {
						mysql_query("INSERT INTO zn_friends VALUES('$login', '$l')");
					}
					$f=mysql_query("SELECT * FROM zn_friends WHERE alogin='$l' AND flogin='$login'");
					if (mysql_num_rows($f)==0) {
						mysql_query("INSERT INTO zn_friends VALUES('$l', '$login')");
					}
					mysql_query("INSERT INTO zn_messages(komu, ot, body, new, date) VALUES('$l', '$login', '$body', '1', CURRENT_TIMESTAMP())");
					if (($a['emailactive']==1) && ($a['mesmail']==1)) {
						$mailmes="";
						$mailmes.="Привет, $l!\r\n";
						$mailmes.="У тебя новое сообщение от $login\r\n\r\n";
						$mailmes.=str_replace("\n", "\r\n", $_REQUEST['body']);
						$mailmes.="\r\n\r\nВнимание! Это всего лишь уведомление. Не нужно отвечать на это письмо!\r\n";
						$mailmes.="Изменить настройки уведомлений можно в своем аккаунте на $backlink\r\n";
						$mailmes.="http://$_SERVER[HTTP_HOST]$workdir/?mode=menu&login=".urlencode($a['login'])."&pass=".urlencode($a['pass'])."\r\n";
						$mailmes=utf8win1251($mailmes);
						$headers = 'Content-type: text/plain; charset="windows-1251"' . "\r\n";
						$headers .= "From: $login <$adminemail>" . "\r\n";
						@mail($a['email'], $backlink, $mailmes, $headers);
					}
					$mode='showmes';
				} else {
					echo "Человека с nickом $l здесь нет<br/>";
					$mode='showmes';
				}
			} else {
				echo "Что, нечего писать?<br/>";
				$mode='showmes';
			}
		} else {
			echo "Неверный nick<br/>";
			$mode='showmes';
		}
	} else {
		$mode='showmes';
	}
}
//------------------------------------------------------------------------------------
if ($mode=='write') {
	echo "<form action=\"$workdir/\" method=\"post\">
<input name=\"mode\" type=\"hidden\" value=\"sendok\"/>".getantirep();

if (isset($_REQUEST['l'])) {
	$l=delhtml($_REQUEST['l']);
	echo "<input name=\"l\" type=\"hidden\" value=\"$l\"/>Nick: $l";
} else {
	echo "Nick:<br/><input name=\"l\" type=\"text\"/>";
}

echo "<br/>
Сообщение:<br/>
<textarea rows=\"3\" cols=\"20\" name=\"body\"></textarea>&nbsp;<br/>
<input type=\"submit\" name=\"submit\" value=\"Отправить\"/>&nbsp;<br/>
</form>\n";
	echo "&#187; <a href=\"$workdir/?mode=smiles\">Смайлы</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a><br/>";

}
//------------------------------------------------------------------------------------
if ($mode=='showmes') {
	$l=delhtml($_REQUEST['l']);
	if (isset($_REQUEST['n'])) {$n=intval($_REQUEST['n']);} else {$n=0;}
	$redirecturl="http://$_SERVER[HTTP_HOST]$workdir/?mode=showmes&amp;n=$n&amp;l=".urlencode($l)."&amp;sid=".session_id();
	echo "&#187; <a href=\"$workdir/?mode=write&amp;l=".urlencode($l)."\">Ответить</a><br/>";
	
	$a=mysql_fetch_array(mysql_query("SELECT COUNT(*) AS c FROM zn_messages WHERE (ot='$l' AND komu='$login') OR (ot='$login' AND komu='$l')"));
	$c=$a['c'];
	$res=mysql_query("SELECT *,DATE_FORMAT(date, '%d.%m.%y %H:%i') AS date  FROM zn_messages WHERE (ot='$l' AND komu='$login') OR (ot='$login' AND komu='$l') ORDER BY id DESC LIMIT $n,$mesonpage");
	for ($i=0; $i<mysql_num_rows($res); $i++) {
		$a=mysql_fetch_array($res);
		echo "<b>$a[date]</b> ";
		if ($a['ot']==$login) {echo "<font color=\"green\">$a[ot]</font>";} else {echo "<font color=\"red\">$a[ot]</font>";}
		echo "<br/>";
		echo "$a[body]<br/></div><div class=\"b\">";
		if (($a['new']==1) && ($a['komu']==$login)) {
			mysql_query("UPDATE zn_messages SET new='0' WHERE komu='$a[komu]' AND ot='$a[ot]'");
		}
	}

	if ($c>$mesonpage) {
		if ($n>0) {
			$pp=$n-$mesonpage;
			if ($pp<0) {$pp=0;}
			echo "<a href=\"$workdir/?mode=showmes&amp;l=".urlencode($l)."&amp;n=$pp\">&lt;&lt;&lt;</a> ";
		}
		if ($n<$c) {
			$np=$n+$mesonpage;
			if ($np<=$c) {
				echo "<a href=\"$workdir/?mode=showmes&amp;l=".urlencode($l)."&amp;n=$np\">&gt;&gt;&gt;</a>";
			}
		}
		echo "<br/>";
	}
	
	echo "&#187; <a href=\"$workdir/?mode=write&amp;l=".urlencode($l)."\">Ответить</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=showanket&amp;l=".urlencode($l)."\">Анкета $l</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=frienddel&amp;l=".urlencode($l)."\">Удалить $l</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=ignormove&amp;l=".urlencode($l)."\">Перенести $l в игнор</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=friends\">Назад</a><br/>";
	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a><br/>";
}

//------------------------------------------------------------------------------------
if ($mode=='friendadd') {
	$l=delhtml($_REQUEST['l']);
	$res=mysql_query("SELECT * FROM zn_anket WHERE login='$l'");
	if (mysql_num_rows($res)!=0) {
		$res=mysql_query("SELECT * FROM zn_friends WHERE alogin='$login' AND flogin='$l'");
		if (mysql_num_rows($res)==0) {
			mysql_query("INSERT INTO zn_friends VALUES('$login', '$l')");
			echo "$l успешно добавлен(а)<br/>";
		}
	} else {
		echo "Человека с nickом $l здесь нет<br/>";
	}
	$mode='friends';
}
//------------------------------------------------------------------------------------
if ($mode=='frienddel') {
	$l=delhtml($_REQUEST['l']);
	mysql_query("DELETE FROM zn_friends WHERE alogin='$login' AND flogin='$l'");
	echo "$l успешно удален(а)<br/>";
	$mode='friends';
}
//------------------------------------------------------------------------------------
if ($mode=='friends') {
	if (isset($_REQUEST['n'])) {
		$n=intval($_REQUEST['n']);
		$_SESSION['onlyonline']=$n;
	} else {
		if (isset($_SESSION['onlyonline'])) {$n=$_SESSION['onlyonline'];} else {$n=0;}
	}
	$a=mysql_fetch_array(mysql_query("SELECT COUNT(*) AS c FROM zn_friends WHERE alogin='$login'"));
	$c=$a['c'];
	
	$nm=array();
	$res=mysql_query("SELECT ot, COUNT(*) AS n FROM zn_messages WHERE komu='$login' AND new=1 GROUP BY (ot)");
	while ($a=mysql_fetch_array($res)) {
		$nm[$a['ot']]=$a['n'];
	}
	
	$res=mysql_query("SELECT a.alogin, a.flogin FROM zn_friends a, zn_anket b WHERE a.alogin='$login' AND a.flogin=b.login AND b.online=1");
	if (!mysql_num_rows($res)) {
		if ($n!=1) {
			echo "Ваших друзей нет в OnLine";
		}
	} else {
		echo "<font color=\"green\">OnLine</font>:<br/>";
		while ($a=mysql_fetch_array($res)) {
			$flogin=$a['flogin'];
			echo "<a href=\"$workdir/?mode=showmes&amp;l=".urlencode($flogin)."\">$flogin</a>";
			if (isset($nm[$flogin])) {
				echo " ($nm[$flogin])";
			}
			echo "<br/>";
		}
	}
	
	if ($n==1) {
		$res=mysql_query("SELECT a.alogin, a.flogin FROM zn_friends a, zn_anket b WHERE a.alogin='$login' AND a.flogin=b.login AND b.online=0 ORDER BY b.lastdate DESC");
		if (mysql_num_rows($res)) {
			echo "<font color=\"red\">OffLine</font>:<br/>";
			while ($a=mysql_fetch_array($res)) {
				$flogin=$a['flogin'];
				echo "<a href=\"$workdir/?mode=showmes&amp;l=".urlencode($flogin)."\">$flogin</a>";
				if (isset($nm[$flogin])) {
					echo " ($nm[$flogin])";
				}
				echo "<br/>";
			}
		}
	}
	echo "<br/>";
	if ($n==1) {
		echo "&#187; <a href=\"$workdir/?mode=friends&amp;n=0\">Показать только OnLine-контакты</a><br/>";
	} else {
		echo "&#187; <a href=\"$workdir/?mode=friends&amp;n=1\">Показать все контакты и сообщения</a><br/>";
	}
	echo "</div><div class=\"b\"><form action=\"$workdir/\" method=\"post\">
<input name=\"mode\" type=\"hidden\" value=\"friendadd\"/>
Nick:<br/>
<input name=\"l\" type=\"text\"/>&nbsp;<br/>
<input type=\"submit\" value=\"Добавить\"/>&nbsp;<br/>
</form>\n";

	echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";

}


// вывод результатов поиска
if ($mode=='searchok') {
// пол
if (isset($_REQUEST['s'])) {$s=delhtml($_REQUEST['s']);} else {$s="";}
// возраст
if (isset($_REQUEST['v'])) {$v=delhtml($_REQUEST['v']);} else {$v="";}
// ориентация
if (isset($_REQUEST['so'])) {$so=delhtml($_REQUEST['so']);} else {$so="";}
// город
if (isset($_REQUEST['region'])) {$region=intval($_REQUEST['region']);} else {$region=0;}
// только online
if (isset($_REQUEST['on'])) {$on=delhtml($_REQUEST['on']);} else {$on=0;}
// только с фото
if (isset($_REQUEST['of'])) {$of=delhtml($_REQUEST['of']);} else {$of=0;}
// порядковый номер анкеты
if (isset($_REQUEST['n'])) {$n=intval($_REQUEST['n']);} else {$n='0';}

// формируем запрос
if ($s) {$where=" sex='$s' ";} else {$where=" sex!='0' ";}
if ($v) {$where.=" AND vozrast='$v' ";}
if ($so) {$where.=" AND so='$so' ";}
if ($region) {$where.=" AND region='$region' ";}
if ($on==1) {$where.=" AND online='1' ";}
if ($of==1) {$where.=" AND photo='1' ";}
$bl=getbl();

// получаем количество анкет
$a=mysql_fetch_array(mysql_query("SELECT COUNT(*) AS c FROM zn_anket WHERE $where"));
$c=$a['c'];
if ($c==0) {echo "Никого не найдено<br/>\n";}

$res=mysql_query("SELECT * FROM zn_anket WHERE $where ORDER BY best DESC, lastdate DESC LIMIT $n,$caponpage");


for($i=0; $i<mysql_num_rows($res); $i++) {
	$a=mysql_fetch_array($res);
	$anick=$a['login'];
	$aname=$a['name'];
	$av=$a['vozrast'];
	if (!isset($anick)) {break;}
	if (!isset($aname) || ($aname=="")) {$aname=$anick;}
	echo "<a href=\"$workdir/?mode=showanket&amp;l=".urlencode($anick)."$bl\">$anick</a>";
	if ($av!="") {
		echo ", $av";
	}
	if (($aname!="") && ($anick!=$aname)) {
		echo " ($aname)";
	}
	echo "<br/>";
}
echo "</div><div class=\"b\">";
$bl=getbl(false);
if ($c>$caponpage) {
	if ($n>0) {
		$pp=$n-$caponpage;
		if ($pp<0) {$pp=0;}
		echo "<a href=\"$workdir/?mode=searchok&amp;n=$pp$bl\">&lt;&lt;&lt;</a> ";
	}
	if ($n<$c) {
		$np=$n+$caponpage;
		if ($np<=$c) {
			echo "<a href=\"$workdir/?mode=searchok&amp;n=$np$bl\">&gt;&gt;&gt;</a>";
		}
	}
}

echo "<br/>&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a>";
}

//------------------------------------------------------------------------------------
// вывод формы поиска
if ($mode=='search') {

echo "<form action=\"$workdir/\" method=\"post\">
<input type=\"hidden\" name=\"mode\" value=\"searchok\"/>
Искать:<br/>
<select name=\"s\">
<option value=\"m\">парня</option>
<option value=\"w\">девушку</option>
</select><br/>
Возраст:<br/>
<input type=\"text\" name=\"v\"/><br/>
Ориентация:<br/>
<select name=\"so\">
<option value=\"\"></option>
<option value=\"n\">Гетеро</option>
<option value=\"b\">Би</option>
<option value=\"l\">Лесби</option>
<option value=\"g\">Гей</option>
</select><br/>
Регион:<br/>";
echo "<select name=\"region\">";
$regions=file('region.txt');
array_unshift($regions, "");
foreach ($regions as $n=>$region) {
echo "<option value=\"$n\">".trim($region)."</option>";
}
echo "</select><br/>";
echo "Только OnLine?
<select name=\"on\">
<option value=\"0\">Нет</option>
<option value=\"1\">Да</option>
</select><br/>
Только с фото?
<select name=\"of\">
<option value=\"0\">Нет</option>
<option value=\"1\">Да</option>
</select><br/>
<input type=\"submit\" name=\"submit\" value=\"Искать\"/><br/>
</form>
&#187; <a href=\"$workdir/?mode=menu\">Меню</a>\n";

}

//------------------------------------------------------------------------------------
// добавление в игнор
if ($mode=='ignoradd') {
	$l=delhtml($_REQUEST['l']);
	mysql_query("INSERT INTO zn_ignor VALUES('$login', '$l')");
	echo "$l успешно добавлен(а) в игнор<br/>";
	$mode='ignor';
}
//------------------------------------------------------------------------------------
// удаление из игнора
if ($mode=='ignordel') {
	$l=delhtml($_REQUEST['l']);
	mysql_query("DELETE FROM zn_ignor WHERE alogin='$login' AND ignlogin='$l'");
	echo "$l успешно удален(а)<br/>";
	$mode='ignor';
}
//------------------------------------------------------------------------------------
if ($mode=='ignormove') {
	$l=delhtml($_REQUEST['l']);
	mysql_query("DELETE FROM zn_friends WHERE alogin='$login' AND flogin='$l'");
	mysql_query("INSERT INTO zn_ignor VALUES('$login', '$l')");
	echo "$l успешно добавлен(а) в игнор<br/>";
	$mode='ignor';
}
//------------------------------------------------------------------------------------
// игнор
if ($mode=='ignor') {
	$res=mysql_query("SELECT * FROM zn_ignor WHERE alogin='$login'");
	if (mysql_num_rows($res)==0) {
		echo "Игнор пуст<br/>";
	}
	for ($i=0; $i<mysql_num_rows($res); $i++) {
		$a=mysql_fetch_array($res);
		$ignlogin=$a['ignlogin'];
		echo "<a href=\"$workdir/?mode=showanket&amp;l=".urlencode($ignlogin)."\">$ignlogin</a> ";
		echo "<a href=\"$workdir/?mode=ignordel&amp;l=".urlencode($ignlogin)."\">x</a><br/>";
	}
	echo "</div><div class=\"b\">&#187; <a href=\"$workdir/?mode=menu\">Меню</a>";
}
//------------------------------------------------------------------------------------
if ($mode=='setup') {
echo "&#187; <a href=\"$workdir/?mode=anket\">Изменить анкету</a><br/>
&#187; <a href=\"$workdir/?mode=photo\">Загрузить фото</a><br/>
&#187; <a href=\"$workdir/?mode=changepass\">Сменить пароль</a><br/>
&#187; <a href=\"$workdir/?mode=del\">Удалить анкету</a><br/><br/>";

list($mesmail)=mysql_fetch_row(mysql_query("SELECT mesmail FROM zn_anket WHERE login='$login'"));
$mon='';$moff='';
if ($mesmail) {$mon=' selected';} else {$moff=' selected';}

echo "<form action=\"$workdir/\" method=\"post\">
<input name=\"mode\" type=\"hidden\" value=\"setupsave\"/>
Email:<br/>
<input type=\"text\" name=\"email\" value=\"$userinfo[email]\"/><br/>
Получать личные сообщения на email
<select name=\"mesmail\">
<option value=\"on\"$mon>Да</option>
<option value=\"off\"$moff>Нет</option>
</select><br/>
Сообщений на страницу:<br/>
<input type=\"text\" name=\"mesonpage\" value=\"$userinfo[mesonpage]\"/><br/>
Заголовков на страницу:<br/>
<input type=\"text\" name=\"caponpage\" value=\"$userinfo[caponpage]\"/><br/>
Автообновление (сек):<br/>
<input type=\"text\" name=\"autoupdate\" value=\"$userinfo[autoupdate]\"/><br/>
<input type=\"submit\" name=\"submit\" value=\"Отправить\"/>&nbsp;<br/>
</form>\n";
echo "&#187; <a href=\"$workdir/?mode=menu\"><b>Меню</b></a><br/>";

}
//------------------------------------------------------------------------------------
if ($mode=='setupsave') {
	$email=delhtml($_POST['email']);
	$mesonpage=delhtml($_POST['mesonpage']);
	$caponpage=delhtml($_POST['caponpage']);
	$autoupdate=delhtml($_POST['autoupdate']);
	if (isset($_POST['mesmail']) && ($_POST['mesmail']=='on') && ($email!="")) {
		$mesmail=1;
	} else {
		$mesmail=0;
	}
	mysql_query("UPDATE zn_anket SET mesmail='$mesmail'");
	$emailactive=$userinfo['emailactive'];
	if (($email!="") && ($email!=$userinfo['email'])) {
		mysql_query("UPDATE zn_anket SET email='$email', emailactive='0' WHERE login='$login'");
		$emailactive=0;
	}
	if (($mesmail==1) && ($emailactive==0)) {
		sendactmail($login, $pass, $email, false);
		echo "Для включения уведомлений необходимо подтвердить email. На твой email отправлена ссылка для активации.<br/>";
	}

	$set="";
	if ($mesonpage=="") {$set.=" mesonpage=NULL ";} else {$set.=" mesonpage='$mesonpage' ";}
	if ($caponpage=="") {$set.=", caponpage=NULL ";} else {$set.=", caponpage='$caponpage' ";}
	if ($autoupdate=="") {$set.=", autoupdate=NULL ";} else {$set.=", autoupdate='$autoupdate' ";}
	if ($set!="") {
		mysql_query("UPDATE zn_anket SET $set WHERE login='$login'");
	}
	$mode='menu';

}
//------------------------------------------------------------------------------------
// сохранение пароля
if ($mode=='passsave') {
	$npass=delhtml($_REQUEST['npass']);
	if ($npass=="") {
		echo "Ошибка. Не указан пароль<br/>";
		$mode='changepass';
	} else {
		mysql_query("UPDATE zn_anket SET pass='$npass' WHERE login='$login'");
		echo "Пароль успешно изменен. Необходимо авторизироваться заново<br/>";
		$mode='main';
	}

}
//------------------------------------------------------------------------------------
// изменение пароля
if ($mode=='changepass') {

echo "<form action=\"$workdir/\" method=\"post\">
<input type=\"hidden\" name=\"mode\" value=\"passsave\"/>
Новый пароль:<br/>
<input type=\"password\" name=\"npass\"/><br/>
<input type=\"submit\" name=\"submit\" value=\"Изменить\"/><br/>
</form>
&#187; <a href=\"$workdir/?mode=menu\">Меню</a>\n";

}
//------------------------------------------------------------------------------------
if ($mode=='exit') {
	mysql_query("UPDATE zn_anket SET online=0 WHERE login='$login'");
	unset($_SESSION['login']);
	unset($_SESSION['pass']);
	$mode='main';
}
//------------------------------------------------------------------------------------





?>