Файл: mylaf.ru/system_panel/mailshpion.php
Строк: 122
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/adm_check.php';
include_once '../sys/inc/user.php';
user_access('adm_mysql',null,'index.php?'.SID);
adm_check();
$set['title']='mail Шпион';
include_once '../sys/inc/thead.php';
title();
if (user_access('adm_mysql')){
if (isset($_POST['write']) && isset($_POST['write2']))
{
$timeclear1=0;
if ($_POST['write2']=='sut')$timeclear1=$time-intval($_POST['write'])*60*60*24;
if ($_POST['write2']=='mes')$timeclear1=$time-intval($_POST['write'])*60*60*24*30;
$q = mysql_query("SELECT * FROM `mail` WHERE `time` < '$timeclear1'",$db);
$del_th=0;
while ($post = mysql_fetch_assoc($q))
{
mysql_query("DELETE FROM `mail` WHERE `id` = '$post[id]'",$db);
$del_th++;
}
mysql_query("OPTIMIZE TABLE `mail`",$db);
msg ("Удалено $del_th сообщений");
}
}
if(isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id` = '".intval($_GET['edit'])."'"),0)!=0 && isset($user) && $user['level']>4){
$edit=mysql_fetch_array(mysql_query("SELECT * FROM `mail` WHERE `id` = '".intval($_GET['edit'])."'"));
if (isset($_POST['ok'])){
$msg=my_esc($_POST['msg']);
if (strlen2($msg)<3)$err[]="Короткое сообщение";
if (strlen2($msg)>1024)$err[]="Длинное сообщение";
if (!isset($err)){
mysql_query("UPDATE `mail` SET `msg` = '$msg' WHERE `id` = '$edit[id]'");
msg("Сообщение успешно изменено");
}
}
err();
echo "<div class='forum'>";
echo "От: ";
echo "".us($edit['id_user'])."";
echo "<br/>К: ";
echo "".us($edit['id_kont'])."";
echo "<br/>Время:";
echo "".vremja($edit['time'])."";
echo "</div>";
echo "<form method='post' action='?edit=$edit[id]&$passgen'>";
echo "Сообщение: <br/><textarea name='msg'>".htmlspecialchars($edit['msg'])."</textarea>";
echo "<input type='submit' name='ok' value='Редактивировать' style='width:100%'>";
echo "<a href='?'><div class='gmenu'><img src='/style/glavnaya.gif'> Назад в MAIL-Шпион</div></a>";
include_once '../sys/inc/tfoot.php';
}
if(isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id` = '".intval($_GET['delete'])."'"),0)!=0 && isset($user) && $user['level']>=4){
mysql_query("DELETE FROM `mail` WHERE `id` = '".intval($_GET['delete'])."'");
msg("сообщение удалено");
}
err();
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id_user`!='2' AND `id_kont`!='2'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
echo "<div class='gmenu'><center>Всего сообщений: $k_post </center></div>n";
if ($k_post==0)
{
msg("Нет сообщений");
}
$q=mysql_query("SELECT * FROM `mail` WHERE `id_user`!='2' AND `id_kont`!='2' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q))
{
if ($post['id_user']==0)
{
$ank['id']=0;
$ank['pol']='mail';
$ank['level']=0;
}
else
$ank=get_user($post['id_user']);
$ank2=get_user($post['id_kont']);
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
echo " <div class='forum'>n";
echo "От:";
echo "".us($ank['id'])."";
echo "(<a href='mailshpion3.php?id=$ank[id]'>Исх.</a>/<a href='mailshpion2.php?id=$ank[id]'>Вход.</a>)</a></br>n";
echo "<br/>К:";
echo "".us($ank2['id'])."";
echo "(<a href='mailshpion3.php?id=$ank2[id]'>Исх.</a>/<a href='mailshpion2.php?id=$ank2[id]'>Вход.</a>)</a></br>(Отправленно:".vremja($post['time']).")n";
if ($post['read']==0)echo "<b><font color='red'>(не прочитано)</font></b><br />n";
echo output_text($post['msg'])."<br />n";
if (user_access('adm_mysql'))
echo "<a href='?delete=$post[id]'>Удалить</a> | <a href='?edit=$post[id]'>Изменить</a>";
echo " </div>n";
}
if ($k_page>1)str('?',$k_page,$page); // Вывод страниц
if (user_access('adm_mysql'))
{
if (isset($_GET['act']) && $_GET['act']=='create')
{
echo "<form method="post" action="?">n";
echo "Будут удалены сообщения, написаные ... тому назад<br />n";
echo "<input name="write" value="12" type="text" size='3' />n";
echo "<select name="write2">n";
echo "<option value=""> </option>n";
echo "<option value="mes">Месяцев</option>n";
echo "<option value="sut">Суток</option>n";
echo "</select><br />n";
echo "<input value="Очистить" type="submit" /><br />n";
echo "<a href="?">Отмена</a><br />n";
echo "</form>n";
}
}
echo "<a href='/system_panel/'><div class='gmenu'><img src='/style/glavnaya.gif'> В админку</div></a>n";
echo "<a href="?act=create"><div class='gmenu'><img src='/style/glavnaya.gif'> Очистить почту(по времени)</div></a>n";
include_once '../sys/inc/tfoot.php';
?>