<?
/**
* & CMS Name :: DCMS-Social
* & Author :: Alexandr Andrushkin
* & Contacts :: ICQ 587863132
* & Site :: http://dcms-social.ru
*/
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/user.php';
only_reg();
$ID = intval($_GET['id']);
if (!isset($ID))
{
$_SESSION['err'] = 'Не указан ID контакта';
header('Location: /konts.php');
exit;
}
$ank = get_user($_GET['id']);
if (!$ank)
{
$_SESSION['err'] = 'Контакт не существует';
header('Location: /konts.php');
exit;
}
if (isset($_POST['refresh']))
{
header('Location: /mail.php?id=' . $ID);
exit;
}
$k_kont = mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'"), 0);
if ($user['level'] == 0 && $k_kont == 0)
{
$webbrowser = false;
}
// Отправка сообщения
if (isset($_POST['msg']) && $ID != 0)
{
if ($user['level'] == 0 && $k_kont == 0)
{
if (!isset($_SESSION['captcha']))$err[] = 'Ошибка проверочного числа';
if (!isset($_POST['chislo']))$err[] = 'Введите проверочное число';
elseif ($_POST['chislo'] == null)$err[] = 'Введите проверочное число';
elseif ($_POST['chislo'] != $_SESSION['captcha'])$err[] = 'Проверьте правильность ввода проверочного числа';
}
// Выгрузка файла
if (isset($_FILES['uploadfile']) && !isset($err))
{
$name = my_esc(preg_replace('#\.[^\.]*$#', NULL, $_FILES['uploadfile']['name']));
$ras = my_esc(strtolower(preg_replace('#^.*\.#', NULL, $_FILES['uploadfile']['name'])));
mysql_query("INSERT INTO `mail_files` (`id_kont`, `name`, `ras`) VALUES ('$user[id]', '$name', '$ras')");
$ID_FILE = mysql_insert_id();
if (move_uploaded_file($_FILES['uploadfile']['tmp_name'], H.'sys/mail/files/' . $ID_FILE . '.dat'))
{
if ($imgc = @imagecreatefromstring(file_get_contents(H.'sys/mail/files/' . $ID_FILE . '.dat')))
{
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
if ($img_x == $img_y)
{
$dstW = 220; // ширина
$dstH = 220; // высота
}
elseif ($img_x > $img_y)
{
$prop = $img_x / $img_y;
$dstW = 220;
$dstH = ceil($dstW/$prop);
}
else
{
$prop = $img_y/$img_x;
$dstH = 220;
$dstW = ceil($dstH/$prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
//$screen=img_copyright($screen); // наложение копирайта
imagegif($screen,H."sys/mail/screen/$ID_FILE.png");
@chmod(H.'sys/mail/screen/' . $ID_FILE . '.png', 0666);
imagedestroy($screen);
}
@chmod(H.'sys/mail/files/' . $ID_FILE . '.dat', 0666);
}
else
{
// Если файл не был загружен, удаляем запись..
mysql_query("DELETE FROM `mail_files` WHERE `id` = '" . $ID_FILE . "'");
}
}
$msg = $_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit'] == 1)$msg = translit($msg);
if (strlen2($msg) > 1024)$err[] = 'Сообщение превышает 1024 символа';
if (strlen2($msg) < 2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail_files` WHERE `id_kont` = '$user[id]' AND `id_post` = '0'"), 0) == 0)$err[] = 'Слишком короткое сообщение';
$mat = antimat($msg);
if ($mat)$err[] = 'В тексте сообщения обнаружен мат: '.$mat;
if (!isset($err))
{
// отправка сообщения
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ID', '" . my_esc($msg) . "', '$time')");
$id_post = mysql_insert_id();
// крепим файлы
mysql_query("UPDATE `mail_files` SET `id_post` = '$id_post' WHERE `id_kont` = '$user[id]' AND `id_post` = '0'");
// добавляем в контакты
if ($user['add_konts'] == 1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"),0) == 0)
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ID', '$time')");
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]'");
if (!isset($_GET['ajax']))
{
$_SESSION['message'] = 'Сообщение успешно отправлено';
header('Location: ?id=' . $ID);
}
exit;
}
if (isset($_GET['ajax']) && $err)
{
?><script>alert('<?=$err?>');</script><?
exit;
}
}
// помечаем сообщения как прочитанные
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'");
// добавляем в контакты
if ($user['add_konts'] == 2 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"),0) == 0)
mysql_query("INSERT INTO `users_konts` (`id_user`, `id_kont`, `time`) VALUES ('$user[id]', '$ID', '$time')");
// обновление сведений о контакте
mysql_query("UPDATE `users_konts` SET `new_msg` = '0' WHERE `id_kont` = '$ID' AND `id_user` = '$user[id]' LIMIT 1");
// Удаление сообщения
if (isset($_GET['delete']) && $_GET['delete'] != 'add')
{
$mess = mysql_fetch_assoc(mysql_query("SELECT * FROM `mail` WHERE `id` = '" . intval($_GET['delete']) . "' limit 1"));
if ($mess['id_user'] == $user['id'] || $mess['id_kont'] == $user['id'])
{
if ($mess['unlink'] != $user['id'] && $mess['unlink'] != 0)
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$mess[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
mysql_query("DELETE FROM `mail_files` WHERE `id` = '$file[id]'");
@unlink(H."sys/mail/screen/$file[id].png");
@unlink(H."sys/mail/files/$file[id].dat");
}
mysql_query("DELETE FROM `mail` WHERE `id` = '$mess[id]'");
}
else
mysql_query("UPDATE `mail` SET `unlink` = '$user[id]' WHERE `id` = '$mess[id]' LIMIT 1");
$_SESSION['message'] = 'Сообщение удалено';
header('Location: ?id=' . $ID);
exit;
}
}
// Очистка почты
if (isset($_GET['delete']) && $_GET['delete'] == 'add')
{
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` = '$ID' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` = '$ID'");
while ($post = mysql_fetch_array($q))
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$post[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
mysql_query("DELETE FROM `mail_files` WHERE `id` = '$file[id]'");
@unlink(H."sys/mail/screen/$file[id].png");
@unlink(H."sys/mail/files/$file[id].dat");
}
}
mysql_query("DELETE FROM `mail` WHERE `unlink` = '$ID' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` = '$ID'");
mysql_query("UPDATE `mail` SET `unlink` = '$user[id]' WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]'");
$_SESSION['message'] = 'Сообщения удалены';
header('Location: ?id=' . $ID);
exit;
}
$set['title'] = 'Переписка с ' . user::nick($ID, 0);
include_once 'sys/inc/thead.php';
title();
aut();
err();
?><link rel="stylesheet" type="text/css" href="/ajax/newModal/mail/style.css"><?
// Приватность почты пользователя
$block = true;
$uSet = mysql_fetch_array(mysql_query("SELECT * FROM `user_set` WHERE `id_user` = '$ID' LIMIT 1"));
$frend = mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ID') OR (`user` = '$ID' AND `frend` = '$user[id]') LIMIT 1"),0);
$frend_new = mysql_result(mysql_query("SELECT COUNT(*) FROM `frends_new` WHERE (`user` = '$user[id]' AND `to` = '$ID') OR (`user` = '$ID' AND `to` = '$user[id]') LIMIT 1"),0);
if ($user['group_access'] == 0)
{
if ($uSet['privat_mail'] == 2 && $frend != 2) // Если только для друзей
{
?>
<div class="mess">
Писать сообщения пользователю, могут только его друзья!
</div>
<?
$block = false;
}
// Если закрыта
if ($uSet['privat_mail'] == 0)
{
?>
<div class="mess">
Пользователь запретил писать ему сообщения!
</div>
<?
$block = false;
}
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `unlink` != '$user[id]' AND `id_user` = '$user[id]' AND `id_kont` = '$ID]' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` != '$user[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($ID != 0 && $block == true)
{
if (isset($webbrowser))
{
?>
<script src="http://code.jquery.com/jquery-1.9.1.js"></script>
<script type="text/javascript" src="/ajax/newModal/ajax_files_upload.js"></script>
<script type="text/javascript" src="/ajax/js/audio-player.js"></script>
<audio preload="auto" id="sound1" ><source src="/ajax/newModal/mail/ReceivedMessage.mp3" /><source src="/ajax/newModal/mail/ReceivedMessage.ogg" /></audio>
<audio preload="auto" id="sound2" ><source src="/ajax/newModal/mail/SentMessage.mp3" /><source src="/ajax/newModal/mail/SentMessage.ogg" /></audio>
<script type="text/javascript" >
var audio1 = document.getElementById("sound1");
var audio2 = document.getElementById("sound2");
$(function()
{
var btnUpload = $('#upload');
var status = $('#status');
new AjaxUpload(btnUpload, {
action: '/ajax/newModal/mail/upload.php?id=<?=$ID?>',
name: 'uploadfile',
onSubmit: function(file, ext)
{
$('#upload').css({'display':'none'});
$('#loader').css({'display':'inline-block'});
},
onComplete: function(file, response){
if(response === "success")
{
$('<div class="upload_success"></div>').appendTo('#files').html(file + ' <a href="#" onclick="delete_file(\'' + file + '\')"><img src="/style/icons/del.png"></a>').addClass('error');
}
else
{
$('<div class="upload_error"></div>').appendTo('#files').text(' ' + file).addClass('error');
}
$('#upload').css({'display':'inline-block'});
$('#loader').css({'display':'none'});
}
});
});
$.ajax({
url: "/ajax/newModal/mail/list.php?list",
cache: false,
success: function(html){
$("#files").html(html);
}
});
function mail_list()
{
$.ajax({
url: "/ajax/newModal/mail/msg.php?id=<?=$ID?>",
cache: false,
success: function(html){
$("#LoadMsg").html(html);
}
});
}
<?if ($page == 1){?>
setInterval("mail_list()", 5000);
<?}?>
function delete_file(id_file)
{
$.ajax({
url: "/ajax/newModal/mail/list.php?delete=" + id_file,
cache: false,
success: function(html){
$("#files").html(html);
}
});
}
function clicktext(type)
{
if (type == 'open')
{
$('#message').css({'height':'48px'});
}
if (type == 'close')
{
$('#message').css({'height':'38px'});
}
}
// Отправка комментария
$(function()
{
$("#dcms-komm-send").click(function()
{
var chislo = $("#chislo").val();
var reply = $("#reply").val();
var msg = $("#message").val();
$("#reply").val("");
$("#message").val("");
$("#chislo").val("");
audio2.play();
document.getElementById('files').innerHTML = '';
// Анимация отправки
document.getElementById('dcms-modal-status').innerHTML = ' <img src="/ajax/newModal/img/upload.gif" alt="load.."/>';
$.ajax({
type: "POST",
url: "/mail.php?id=<?=$ID?>&ajax",
data: {"reply": reply, "msg": msg},
cache: false,
success: function(response)
{
if(response == 0)
{
$("#reply").val("");
$("#message").val("");
$("#chislo").val("");
// Выключаем анимацию отправки сообщения
document.getElementById('dcms-modal-status').innerHTML = '';
mail_list('load');
}
else
{
// Выводим сообщение об ошибке
document.getElementById('dcms-modal-status').innerHTML = '<font style="color:red;">' + response + '</font>';
}
}
});
return false;
});
});
AudioPlayer.setup
(
"/ajax/js/player.swf",
{
width:"100%",
animation:"yes",
encode:"no",
initialvolume:"100",
remaining:"yes",
noinfo:"no",
buffer:"2",
checkpolicy:"no",
rtl:"no",
bg:"064a91",
text:"000000",
leftbg:"064a91",
lefticon:"fee300",
volslider:"fee300",
voltrack:"ffffff",
rightbg:"064a91",
rightbghover:"064a91",
righticon:"fee300",
righticonhover:"fee300",
track:"FFFFFF",
loader:"fee300",
border:"D2F0FF",
tracker:"fee300",
skip:"ff284b",
pagebg:"064a91",
transparentpagebg:"yes"
}
);
function playMusic(file, title)
{
AudioPlayer.embed
(
"audioplayer",
{
soundFile: file,
titles: title,
artists: "",
autostart: "yes"
}
);
}
</script>
<?
}
?>
<form method="post" name="message" id="reply_msg" action="/mail.php?id=<?=$ID?>" style="" enctype="multipart/form-data"><?
?>
<div style="margin-bottom:10px;" class="pmenu">
<textarea placeholder="Напишите сообщение" id="message" name="msg" onclick="clicktext('open')"></textarea>
<?
?><div id="files"></div><?
if ($user['level'] == 0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_kont` = '$user[id]' AND `id_user` = '$ID'"), 0) == 0)
echo '<img src="/captcha.php?SESS=' . $sess . '" width="100" height="30" alt="Captcha" /><br /><input name="chislo" size="5" maxlength="5" value="" type="text" /><br />';
?>
<input style="width:79%;" type="submit" name="send" id="dcms-komm-send" value="Отправить" />
<?if ($webbrowser){?>
<div id="upload" style="display: inline-block;">
<span class="fileinput"><i style="color: #757577; font-size: 18px;" class="fas fa-cloud-upload-alt"></i> <span>
</div>
<a href="#" onclick="$('.spoiler').toggle();return false;"><i style="color: #757577; font-size: 18px;" class="far fa-smile"></i></a>
<span id="dcms-modal-status"></span>
<img src="/ajax/newModal/img/upload.gif" style="display:none" id="loader" /> <span id="audioplayer"></span>
<?}else{?>
<input name="uploadfile" type="file" style="width:100px; padding:2px;" />
<?}?>
</form>
</div>
<?include ('js/smile.php');?>
<?
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"), 0) != 1)
{
$kont = mysql_fetch_array(mysql_query("SELECT * FROM `users_konts` WHERE `id_user` = '$user[id]' AND `id_kont` = '$ID'"));
?>
<a class="link" href="/konts.php?type=common&act=add&id=<?=$ID?>"><img src="/style/icons/plus.png"> Добавить в список контактов</a>
<?
}
}
if ($k_post == 0)
{
?>
<div class="mess">
Нет сообщений
</div>
<?
}
?><table class="post"><div id="LoadMsg"><?
$q = mysql_query("SELECT * FROM `mail` WHERE `unlink` != '$user[id]' AND `id_user` = '$user[id]' AND `id_kont` = '$ID' OR `id_user` = '$ID' AND `id_kont` = '$user[id]' AND `unlink` != '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q))
{
// Лесенка
echo '<div class="sms_bubble' . ($post['id_user'] == $ID ? " blue-right" : null) . '" style="opacity:1; font-size:14px; float:none; clear:none;">';
$num++;
echo '<span style="float: left; margin: -4px 5px 0px 0px;">' . avatar($post['id_user'], 0) . '</span>' . user::avatar($post['id_user'], 2) . user::nick($post['id_user'], 2) . '';
echo online($post['id_user']) . '';
echo '<span style="float:right;font-size: .6em;"><i class="far fa-clock"></i> ' . vremja($post['time']) . '</span>';
if ($post['read'] == 0)
echo '<span class="no_ready">Не прочитано</span>';
?><br /><?
if ($post['msg'])
echo output_text($post['msg']) . '<br />';
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `mail_files` WHERE `id_post` = '$post[id]'"),0) > 0)
{
$f = mysql_query("SELECT * FROM `mail_files` WHERE `id_post` = '$post[id]' ORDER BY id ASC");
while ($file = mysql_fetch_array($f))
{
if (@file_get_contents(H.'sys/mail/screen/' . $file['id'] . '.png'))
echo '<img style="width:100px;margin:10px;" src="/sys/mail/screen/' . $file['id'] . '.png"><br />';
if ($file['ras'] == 'mp3' && $webbrowser)
{
?>
<a href="#" onclick="playMusic('/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>', '<?=text($file['name'])?>')">
<img src="/style/icons/play.png" width="16"/>
</a>
<?
}
else
{
?><i class="fas fa-file"></i> <?
}
?> <a href="/file<?=$file['id']?>/<?=text(retranslit($file['name']))?>.<?=text($file['ras'])?>" target="_blank"><?=text($file['name'])?>.<?=text($file['ras'])?></a> <br /><?
}
}
?>
<div style='text-align: right; margin-top: -16px;'>
<a href="mail.php?id=<?=$ID?>&page=<?=$page?>&delete=<?=$post['id']?>"><i class="fas fa-times-circle"></i></a>
</div>
</div>
<?
}
?></div></table><?
// Вывод страниц
if ($k_page > 1)str('mail.php?id=' . $ID . '&', $k_page, $page);
?>
<a class="link" href="mail.php?id=<?=$ID?>&page=<?=$page?>&delete=add"><i class="fas fa-trash-alt"></i> Очистить почту</a>
<?
include_once 'sys/inc/tfoot.php';
?>