Просмотр файла SYSTEM/mail/create.php

Размер файла: 3.2Kb
<?
if (!isset($_GET['id'])){
$q = mysql_query("SELECT COUNT(id) FROM `$mysql[pref]kont` WHERE `id_user` = '$user[id]';");
if (mysql_result($q, 0)==0){header ("Location: mail.php?".SID."");exit;}
echo "<div class=\"h\">Выберите адресата</div><hr />\n";
echo "<form method=\"get\" action=\"mail.php\">\n";
echo "<input name=\"act\" class=\"form\" value=\"crt\" type=\"hidden\" />\n";
echo "<select class=\"form\" name=\"id\">\n";
$q = mysql_query("SELECT * FROM `$mysql[pref]kont` WHERE `id_user` = '$user[id]';");
while ($kont = mysql_fetch_array($q)){
echo "<option value=\"$kont[id_kont]\">$kont[nick]</option>\n";}
echo "</select><br />\n";
echo "<br /><input value=\"Написать\" class=\"form\" type=\"submit\" />\n";
echo "</form>\n";
echo "<hr />";
echo "<a href=\"mail.php\">&lt;&lt; Почта</a><br />\n";
echo "<a href=\"index.php\">&lt;&lt; На главную</a>\n";

foot();
}
$id_kont=intval($_GET['id']);

$q = mysql_query("SELECT COUNT(id) FROM `$mysql[pref]users` WHERE `id` = '$id_kont';");
if (mysql_result($q, 0)==0){header ("Location: mail.php?".SID."");exit;}

$q = mysql_query("SELECT * FROM `$mysql[pref]users` WHERE `id` = '$id_kont';");
$ank = mysql_fetch_array($q, 1);


if (isset($_GET['send']) && $_GET['send']=='ok' && isset($_POST['msg']))
{
$msg=$_POST['msg'];
$msg = iconv('utf-8', 'windows-1251', $msg);
$msg=substr($msg, 0, 512);
$msg = iconv('windows-1251', 'utf-8', $msg);
$msg=stripcslashes(htmlspecialchars($msg));

if (isset($_POST['tr'])){
$msg=translit($msg);}


if ($msg==''){header("Location: mail.php?".SID."");
exit;}

$time_q=$time-300;
$q = mysql_query("SELECT COUNT(*) FROM `$mysql[pref]mail` WHERE `id_in_user` = '$id_kont' AND `id_out_user` = '$user[id]' AND `time` > '$time_q' AND `text` = '$msg';");
$repeat=mysql_result($q, 0);

if ($repeat==0)
mysql_query("INSERT INTO `$mysql[pref]mail` (id_in_user, time, id_out_user, text, nick) values('$id_kont', '$time', '$user[id]', '$msg', '$user[nickname]')");

header("Location: mail.php?".SID."&msg=send_ok");
exit;
}
$cit='';
if (isset($_GET['id_mess']))
{
$id_mess=intval($_GET['id_mess']);
$q = mysql_query("SELECT COUNT(*) FROM `$mysql[pref]mail` WHERE `id_in_user` = '$user[id]' AND `id` = '$id_mess';");
if(mysql_result($q, 0)==0){header ("Location: mail.php?".SID."&act=in");exit;}

$q = mysql_query("SELECT * FROM `$mysql[pref]mail` WHERE `id_in_user` = '$user[id]' AND `id` = '$id_mess' LIMIT 1;");
$mess = mysql_fetch_array($q);

$cit="&gt;&gt; ";

$cit.=preg_replace('/(&gt;&gt;).*((\r\n)|(\r)|(\n))/i',"",$mess['text']);

$cit=eregi_replace("(\r\n)|(\r)|(\n)","\n&gt;&gt; ",$cit);
$cit.="\n";


}




echo "<div class=\"h\">Письмо для $ank[nickname]</div><hr />\n";

echo "<form method=\"post\" action=\"mail.php?act=crt&amp;id=$id_kont&amp;send=ok\">\n";


echo "<b>Сообщение:</b><br />\n<textarea name=\"msg\" class=\"form\" rows=\"3\">$cit</textarea><br />\n";
echo "<input type=\"checkbox\" name=\"tr\" value=\"1\" /> Транслит<br />\n";

echo "<input value=\"Отправить\" class=\"form\" type=\"submit\" />\n";

echo "</form>\n";



echo "<hr />";
echo "<a href=\"mail.php\">&lt;&lt; Почта</a><br />\n";
?>