Файл: modules/mail/write.php
Строк: 32
<?php
if(!isset($user) || !isset($_GET['user_id']) || $_GET['user_id'] == 0 || $user['id'] == $_GET['user_id'] || $db->query("SELECT * FROM `users` WHERE `id` = '". abs(intval($_GET['user_id'])) ."'")->rowCount() == 0) {
header('location: /');
exit;
}
if ($db->query("SELECT * FROM `mail_chat` WHERE (`user_id` = '$user[id]' OR `who_id` = '$user[id]') AND (`who_id` = '". abs(intval($_GET['user_id'])) ."' OR `user_id` = '". abs(intval($_GET['user_id'])) ."')")->rowCount() == 0) {
$db->query("INSERT INTO `mail_chat` SET `user_id` = '$user[id]', `who_id` = '". abs(intval($_GET['user_id'])) ."', `time_last_message` = '". time() ."'");
// print_r($db->errorInfo());
header('Location: /mail/chat/'. abs(intval($_GET['user_id'])) .'/');
exit;
}
$locate = 'in_mail';
$title = $lang->word('w_mail');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('w_mail'));
$tpl->div('menu', ' <form action="/mail/chat/'.abs(intval($_GET['user_id'])).'/?act=send" method="post">
<textarea name="text" rows="5" cols="26">[b]'.tnick(abs(intval($_GET['user_id']))).'[/b], </textarea><br/>
<input name="send" type="submit" value="'. $lang->word('send').'"/>
</form>');
$tpl->div('block', NAV .'<a href="/user/'.abs(intval($_GET['user_id'])).'/">'. $lang->word('back') .'</a><br/>'
. HICO .'<a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
?>