File size: 6.01Kb
<?php
#-----------------------------------------------------#
# ********* Бизнес Сайты ********* #
# Made by : BIZON #
# E-mail : [email protected] #
# Site : http://f913218p.bget.ru #
# Вы не имеете право вносить изменения в код скрипта #
# это может повлечь неработоспособность сайта #
#-----------------------------------------------------#
if($numaz == 0){
header ('Location: /?'.SID); exit;
}else{
$title="Почта (".s_userdan(login).")";
$link="/?p=$pages&";
$P_avatar=s_userdan(avatar);
if(empty($P_avatar)) $P_av="0.gif"; else $P_av=check($P_avatar);
if(isset($_GET['start'])){$start = (int)$_GET['start'];} else {$start = 0;}
if(isset($_GET['st'])){$st=(int)$_GET["st"];}else{unset($st);}
if(isset($_GET['is'])){$is=(int)$_GET['is'];}else{$is=0;}
if($st==3){
if(isset($_POST["vost"])){
$korzina = check($_POST["vost"]);
$korzina = (int)$korzina;
if($is==0)
$db_k = "SELECT * FROM s_vhmail WHERE `id`='$korzina' and `user`='".s_userdan(id)."'";
else
$db_k = "SELECT * FROM s_ismail WHERE `id`='$korzina' and `avtor`='".s_userdan(id)."'";
$db_kk = mysql_query($db_k);
$tkk = mysql_num_rows($db_kk);
if($tkk==0) {unset($tkk); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$uskk = mysql_fetch_array($db_kk);
if($uskk['status']==2 && $is==0) $stst_db=mysql_query("UPDATE `s_vhmail` SET `status`='1' WHERE `id`='$korzina' and `user`='".s_userdan(id)."'");
if($uskk['status']==2 && $is!=0) $stst_db=mysql_query("UPDATE `s_ismail` SET `status`='0' WHERE `id`='$korzina' and `avtor`='".s_userdan(id)."'");
}
}
if($is==3){
$del_v =mysql_query("DELETE FROM s_vhmail WHERE `status`='2' and `user`='".s_userdan(id)."'");
$del_i =mysql_query("DELETE FROM s_ismail WHERE `status`='2' and `avtor`='".s_userdan(id)."'");
header ('Location: /?p='.$pages.'&st='.$st.'&'.SID); exit;
}
if(isset($_POST["delet"])){
$delet_m = check($_POST["delet"]);
$delet_m = (int)$delet_m;
if($is==0)
$db_k = "SELECT * FROM s_vhmail WHERE `id`='$delet_m' and `user`='".s_userdan(id)."'";
else
$db_k = "SELECT * FROM s_ismail WHERE `id`='$delet_m' and `avtor`='".s_userdan(id)."'";
$db_kk = mysql_query($db_k);
$tkk = mysql_num_rows($db_kk);
if($tkk==0) {unset($tkk); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$uskk = mysql_fetch_array($db_kk);
if($uskk['status']==2 && $is==0) $stst_db=mysql_query("DELETE FROM s_vhmail WHERE `status`='2' and `id`='$delet_m' and `user`='".s_userdan(id)."'");
if($uskk['status']==2 && $is!=0) $stst_db=mysql_query("DELETE FROM s_ismail WHERE `status`='2' and `id`='$delet_m' and `avtor`='".s_userdan(id)."'");
}}
}
if(isset($_POST["korzina"])){
$korzina = check($_POST["korzina"]);
$korzina = (int)$korzina;
$db_k = "SELECT * FROM s_vhmail WHERE `id`='$korzina' and `user`='".s_userdan(id)."'";
$db_kk = mysql_query($db_k);
$tkk = mysql_num_rows($db_kk);
if($tkk==0) {unset($tkk); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$uskk = mysql_fetch_array($db_kk);
if($uskk['status']!=2) $stst_db=mysql_query("UPDATE `s_vhmail` SET `status`='2' WHERE `id`='$korzina' and `user`='".s_userdan(id)."'");
}
}
if(isset($_POST["korzis"])){
$korzina = check($_POST["korzis"]);
$korzina = (int)$korzina;
$db_k = "SELECT * FROM s_ismail WHERE `id`='$korzina' and `avtor`='".s_userdan(id)."'";
$db_kk = mysql_query($db_k);
$tkk = mysql_num_rows($db_kk);
if($tkk==0) {unset($tkk); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$uskk = mysql_fetch_array($db_kk);
if($uskk['status']!=2) $stst_db=mysql_query("UPDATE `s_ismail` SET `status`='2' WHERE `id`='$korzina' and `avtor`='".s_userdan(id)."'");
}
}
if(isset($_POST["addm"])){
$addm = check($_POST["addm"]);
}else{unset($addm);}
if(($st==2)&&($addm=="go")){
$komu_m=check($_POST["komu"]);
$tema_m=check($_POST["tema"]);
$text_m=check($_POST["text"]);
$bd_prlog= "SELECT * FROM s_useres WHERE login = '".$komu_m."'";
$reslog = mysql_query($bd_prlog) or die(mysql_error());
$numlog = mysql_num_rows($reslog);
if($numlog != 0){
if(s_userdan(login)!=$komu_m){
if((strlen($tema_m)>=5)&&(strlen($tema_m)<=150)){
if((strlen($text_m)>=10)&&(strlen($text_m)<=500)){
$user=prof_danlog(id,$komu_m);
$db_mvh = mysql_query("INSERT INTO s_vhmail (id,avtor,user,text,admin,status,time,tema) Values ('','".s_userdan(id)."','$user','$text_m','".s_userdan(admin)."','0','".time()."','$tema_m')",$db);
$db_mis = mysql_query("INSERT INTO s_ismail (id,avtor,user,text,admin,status,time,tema) Values ('','".s_userdan(id)."','$user','$text_m','".s_userdan(admin)."','0','".time()."','$tema_m')",$db);
header ('Location: /?p='.$pages.'&'.SID); exit;
}else{$N_error="В тексте указано менее 10 символов или более 500.";}
}else{$N_error="В теме указано менее 5 символов или более 150.";}
}else{$N_error="Себе отправить письмо невозможно.";}
}else{$N_error="Указанного вами пользователя не существует.";}
}
if (isset($_GET['mailv']) && empty($_GET['maili']) && empty($_GET['mailk']))
{
$mailv = check($_GET["mailv"]);
$db_p = "SELECT * FROM s_vhmail WHERE `status`!='2' and `id`='$mailv' and `user`='".s_userdan(id)."'";
$db_pp = mysql_query($db_p);
$tpp = mysql_num_rows($db_pp);
if($tpp==0) {unset($tpp); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$usma = mysql_fetch_array($db_pp);
if($usma['status']==0) $stst_db=mysql_query("UPDATE `s_vhmail` SET `status`='1' WHERE `id`='$mailv' and `user`='".s_userdan(id)."'");
}
}
if (isset($_GET['maili']) && empty($_GET['mailv']) && empty($_GET['mailk']))
{
$maili = check($_GET["maili"]);
$db_p = "SELECT * FROM s_ismail WHERE `status`!='2' and `id`='$maili' and `avtor`='".s_userdan(id)."'";
$db_pp = mysql_query($db_p);
$tpp = mysql_num_rows($db_pp);
if($tpp==0) {unset($tpp); header ('Location: /?p='.$pages.'&'.SID); exit;}else{
$usma = mysql_fetch_array($db_pp);
}
}
}
?>