Файл: neuder/game/msg.php
Строк: 90
<?
require_once ('../config/func.php');
auth();
if($user['level'] < 2){
$_SESSION['notif'] = 'Почта доступна с 2 уровня';
header('Location: /game');
exit();
}
$title = 'Почта';
if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_GET['id'])."'"),0) == true){
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
header('Location: /game/');
die();
}
if($user['id'] == $ank['id']){
header('Location: /game/');
}
mysql_query("UPDATE `kont` SET `new_msg` = '0' WHERE `id_kont` = '".$ank['id']."' AND `id_user` = '".$user['id']."' LIMIT 1");
require_once ('../config/header.php');
echo '<center> <div class="stone"></div><div class="list"><li><a href="?id='.$ank['id'].'"> Обновить </a></li></div><div class="stone"></div></center>';
echo '<div class="r6">
<table width="100%" border="0" cellpadding="1" cellspacing="1">
<tbody><tr>
<ul class="jclisticon-bubble">
<li>';
require_once ('../config/smile.php');
echo ' <div class="block center"><form action="?id='.$ank['id'].'" name="message" method="post">Сообщение:<br/><textarea name="msg" class = "text large"></textarea><br/><span class="button_on"><input class="button_on" type="submit" value="Отправить"></span></div></form>';
$max = 10;
$k_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `mail` WHERE `id_user` = '".$user['id']."' and `id_kont` = '".$ank['id']."'"),0);
$k_page = k_page($k_post,$max);
$page = page($k_page);
$start = $max*$page-$max;
$q=mysql_query("SELECT * FROM `mail` WHERE `id_user` = '".$user['id']."' AND `id_kont` = '".$ank['id']."' OR `id_user` = '".$ank['id']."' AND `id_kont` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start, $max");
while($post = mysql_fetch_assoc($q)) {
mysql_query("UPDATE `mail` SET `read` = '0' WHERE `id` = '".$post['id']."' AND `id_user` = '".$ank['id']."' LIMIT 1");
$ank2 = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$post['id_user']."' LIMIT 1"));
if($post['read'] == 1){
$read = '<span class="float-right"><font size="1"></font> <font color="#8B0000">'.vremja($post['time']).'</font></span>';
}else{
$read = '<span class="float-right"><font size="1"> </font><font color="#008000"> '.vremja($post['time']).' </font></span>';
}
echo '
<div class="q1"></div>
<div class="q2" style="clear: right;">
<img src="/style/race/'.$ank2['side'].'.png"><a href="/pers/'.$ank2['id'].'/">'.$ank2['login'].'</a>'.$read.'<br> '.
smile($post['msg']).'<br>
</div>
';
}
if(isset($_POST['msg'])){
$msg = text($_POST['msg']);
if(strlen($msg) < 1 or strlen($msg) > 500)
$err = 'Длина сообщения должна быть в пределах 1 - 500 символов';
if($ank['msg_st'] == 'close') $err = 'Игрок предпочел закрыть почту';
if(!isset($err)){
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`, `read`) values('".$user['id']."', '".$ank['id']."', '".$msg."', '".time()."', '1')");
mysql_query("INSERT INTO `kont` (`id_user`, `id_kont`, `time`) VALUES ('".$user['id']."', '".$ank['id']."', '".time()."')");
mysql_query("INSERT INTO `kont` (`id_user`, `id_kont`, `time`) VALUES ('".$ank['id']."', '".$user['id']."', '".time()."')");
mysql_query("UPDATE `kont` SET `new_msg` = `new_msg` + 1 WHERE `id_kont` = '".$user['id']."' AND `id_user` = '".$ank['id']."'");
header('Location: /pers/msg/?id='.$ank['id'].'');
exit;
}else{
header('Location: /pers/msg/?id='.$ank['id'].'');
$_SESSION['notif'] = $err;
exit;
}
}
if ($k_page > 1) {
echo str('/pers/msg/?id='.$ank['id'].'&',$k_page,$page);
}
require_once ('../config/footer.php');
?>