messages.php
4.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<? // Ïîäêëþ÷åíèå
include_once($_SERVER['DOCUMENT_ROOT']."/account/autorizator.php");
// ==============================
// ======== Îáðàáîòêà ===========
// ==============================
if ((isset($_POST["send"])) && ($_POST["send"] == "ok")) {
$sql = sprintf("INSERT INTO zlo_users_message (`date`, `from`, `to`, `text`, `status`) VALUES (NOW(), %s, 1, %s, 1) ",
GetSQLValueString($_SESSION['user']['id'], "text"),
GetSQLValueString($_POST['text'], "text"));
$result = mysql_query($sql) or die(mysql_error());
eMailing('MessageToAdmin', $_SESSION['user']['id']);
echo "<script language=\"JavaScript\">{ location.href=\"/account/messages/\"; self.focus(); } </script>";
}
// ==============================
// ========== Âûâîä =============
// ==============================
// =============
// ==== All ====
// =============
if ((!isset($GET["action"]))) {
echo"<div class='title'>Ëè÷íûå ñîîáùåíèÿ</div>";
echo"<div class='message'>";
// Âûâîä message
$sql = "SELECT * FROM zlo_users_message WHERE `from` = '".$_SESSION['user']['id']."' OR `to`= '".$_SESSION['user']['id']."' ORDER BY `date` DESC";
$result = mysql_query($sql) or die(mysql_error());
if (mysql_affected_rows()!=0) { $i=0;
echo"<table>";
while ($message=mysql_fetch_assoc($result)) { $i++;
if ($message['status']==3) { $unread='class="unread-by-admin"'; $unread2='unread'; } else { $unread=''; $unread2='';}
echo"<tr $unread>";
echo"<td class='num'>$i</td>";
echo"<td><img src='/account/pic/mail_$unread2.png' width='18px' ></td>";
echo"<td class='date'><a href='/account/messages/?action=show&message=".$message['id']."'>".$message['date']."</a></td>";
echo"<td class='from'>".viewBook('zlo_users', $message['from'], 'id', 'username')."</td>";
if (strlen($message['text']) > 40 ) { $message['text']=substr(strip_tags($message['text']),0,40)."...";}
echo"<td class='text'>".$message['text']."</td>";
echo"</tr>";
}
echo"</table>";
} else { echo"Ó Âàñ íåò ñîîáùåíèé";}
echo"<a class='button-add' href='/account/messages/?action=add'>Ñîçäàòü</a>";
echo"</div>";
}
// =============
// ==== add ====
// =============
if ((isset($GET["action"])) && ($GET["action"] == "add")) {
echo"<div class='message'>";
// Âûâîä message
echo"<div class='text-full'>
<form method='post' action='/account/messages/'>
<textarea name='text' cols='150' class='input_form' rows='15'></textarea>
<input type='hidden' name='send' value='ok'>
<input type='submit' name='button' class='button-send' value='Îòïðàâèòü'>
</form>
</div>";
echo"</div>";
}
// =============
// ====show ====
// =============
if ((isset($GET["action"])) && ($GET["action"] == "show")) {
// Èçìåíÿåì ñòàòóñ íà "ïðî÷èòàíî"
$sql = "UPDATE zlo_users_message
SET status=4
WHERE id='".$GET['message']."' AND `status`=3";
$result = mysql_query($sql) or die(mysql_error());
if (mysql_affected_rows()!=0) {
$_SESSION['user']['notify']['new_mail']=0;
}
echo"<div class='message'>";
// Âûâîä message
$sql = "SELECT * FROM zlo_users_message WHERE id='".$GET['message']."'";
$result = mysql_query($sql) or die(mysql_error());
if (mysql_affected_rows()!=0) {
$message=mysql_fetch_assoc($result);
echo"<div class='text-full'>
<div class='date'>".$message['date']."</div>
<div class='from'><label>Îò: </label>".viewBook('zlo_users', $message['from'], 'id', 'username')."</div>
<div class='text'>".$message['text']."</div>
</div>";
}
echo"</div>";
}
?>