File size: 3.2Kb
<?
if (!isset($_GET['id'])){
$q = mysql_query("SELECT COUNT(id) FROM `$mysql[pref]kont` WHERE `id_user` = '$user[id]';");
if (mysql_result($q, 0)==0){header ("Location: mail.php?".SID."");exit;}
echo "<div class=\"h\">Выберите адресата</div><hr />\n";
echo "<form method=\"get\" action=\"mail.php\">\n";
echo "<input name=\"act\" class=\"form\" value=\"crt\" type=\"hidden\" />\n";
echo "<select class=\"form\" name=\"id\">\n";
$q = mysql_query("SELECT * FROM `$mysql[pref]kont` WHERE `id_user` = '$user[id]';");
while ($kont = mysql_fetch_array($q)){
echo "<option value=\"$kont[id_kont]\">$kont[nick]</option>\n";}
echo "</select><br />\n";
echo "<br /><input value=\"Написать\" class=\"form\" type=\"submit\" />\n";
echo "</form>\n";
echo "<hr />";
echo "<a href=\"mail.php\"><< Почта</a><br />\n";
echo "<a href=\"index.php\"><< На главную</a>\n";
foot();
}
$id_kont=intval($_GET['id']);
$q = mysql_query("SELECT COUNT(id) FROM `$mysql[pref]users` WHERE `id` = '$id_kont';");
if (mysql_result($q, 0)==0){header ("Location: mail.php?".SID."");exit;}
$q = mysql_query("SELECT * FROM `$mysql[pref]users` WHERE `id` = '$id_kont';");
$ank = mysql_fetch_array($q, 1);
if (isset($_GET['send']) && $_GET['send']=='ok' && isset($_POST['msg']))
{
$msg=$_POST['msg'];
$msg = iconv('utf-8', 'windows-1251', $msg);
$msg=substr($msg, 0, 512);
$msg = iconv('windows-1251', 'utf-8', $msg);
$msg=stripcslashes(htmlspecialchars($msg));
if (isset($_POST['tr'])){
$msg=translit($msg);}
if ($msg==''){header("Location: mail.php?".SID."");
exit;}
$time_q=$time-300;
$q = mysql_query("SELECT COUNT(*) FROM `$mysql[pref]mail` WHERE `id_in_user` = '$id_kont' AND `id_out_user` = '$user[id]' AND `time` > '$time_q' AND `text` = '$msg';");
$repeat=mysql_result($q, 0);
if ($repeat==0)
mysql_query("INSERT INTO `$mysql[pref]mail` (id_in_user, time, id_out_user, text, nick) values('$id_kont', '$time', '$user[id]', '$msg', '$user[nickname]')");
header("Location: mail.php?".SID."&msg=send_ok");
exit;
}
$cit='';
if (isset($_GET['id_mess']))
{
$id_mess=intval($_GET['id_mess']);
$q = mysql_query("SELECT COUNT(*) FROM `$mysql[pref]mail` WHERE `id_in_user` = '$user[id]' AND `id` = '$id_mess';");
if(mysql_result($q, 0)==0){header ("Location: mail.php?".SID."&act=in");exit;}
$q = mysql_query("SELECT * FROM `$mysql[pref]mail` WHERE `id_in_user` = '$user[id]' AND `id` = '$id_mess' LIMIT 1;");
$mess = mysql_fetch_array($q);
$cit=">> ";
$cit.=preg_replace('/(>>).*((\r\n)|(\r)|(\n))/i',"",$mess['text']);
$cit=eregi_replace("(\r\n)|(\r)|(\n)","\n>> ",$cit);
$cit.="\n";
}
echo "<div class=\"h\">Письмо для $ank[nickname]</div><hr />\n";
echo "<form method=\"post\" action=\"mail.php?act=crt&id=$id_kont&send=ok\">\n";
echo "<b>Сообщение:</b><br />\n<textarea name=\"msg\" class=\"form\" rows=\"3\">$cit</textarea><br />\n";
echo "<input type=\"checkbox\" name=\"tr\" value=\"1\" /> Транслит<br />\n";
echo "<input value=\"Отправить\" class=\"form\" type=\"submit\" />\n";
echo "</form>\n";
echo "<hr />";
echo "<a href=\"mail.php\"><< Почта</a><br />\n";
?>