<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
user_access('adm_set_sys', null, '/'.SID);
if($user['level'] <= 3){
header("Location: /adm");
exit;
}
// Конфигурационный файл
require 'config.php';
$set['title'] = 'Почтовый шпион';
include_once '../sys/inc/thead.php';
if (isset($_GET['id'])){
$to = intval($_GET['id']);
$anks = get_user($to);
}
if (isset($_GET['to'])){
$ank['id'] = intval($_GET['to']);
$ank = get_user($ank['id']);
}
// Вывод смс с выбранным юзером
if (isset($_GET['to']) && isset($_GET['id'])){
// Удаление выбранного смс
if (isset($_GET['dell']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mail` WHERE `id` = '".intval($_GET['dell'])."'"),0) == 1)
{
$posti = mysql_fetch_assoc(mysql_query("SELECT * FROM `mail` WHERE `id` = '".intval($_GET['dell'])."' LIMIT 1"));
$anki = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = $posti[id_user] LIMIT 1"));
if (isset($user) && ($user['level'] > $anki['level']))
mysql_query("DELETE FROM `mail` WHERE `id` = '$posti[id]'");
mysql_query("UPDATE `mail` SET `read` = '1' WHERE `id` = '$posti[id]'");
mysql_query("DELETE FROM `mail_important` WHERE `id_user` = '".$anki['id']."' AND `id_mail` = '".$posti['id']."'");
header("Location: ?to=".$ank['id']."&id=".$anks['id']."");
exit;
}
// Удаление всех
if (isset($_GET['dell_all'])){
// Удаяет переписку и контак с юзером
mysql_query("DELETE FROM `mail` WHERE `id_user` = '$anks[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$anks[id]'");
$q = mysql_query("SELECT folder, tmp_name FROM mail_files_vk WHERE `action` = 'sent' AND `id_user` = '$anks[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$anks[id]'");
while($unlink = mysql_fetch_assoc($q))
unlink(H . 'mail/files/' . $unlink['folder'] . '/' . $unlink['tmp_name']);
mysql_query("DELETE FROM `mail_files_vk` WHERE `action` = 'sent' AND `id_user` = '$anks[id]' AND `id_kont` = '$ank[id]' OR `id_user` = '$ank[id]' AND `id_kont` = '$anks[id]'");
mysql_query("DELETE FROM `mail_important` WHERE `id_user` = '".$anks['id']."' AND `id_kont` = '".$ank['id']."'");
header("Location: ?to=".$ank['id']."&id=".$anks['id']."");
exit;
}
shapka_VK(true, '?to='.$ank['id'].'', 'Шпионим #id'.$ank['id'].' и #id'.$anks['id'].'');
if ($anks['id'] == 1){
$usank = u_nick($anks['id']);
$_SESSION['message'] = 'Уважаем'.($user['pol'] == 1 ? 'ый' : 'ая').' <b> '.u_nick($user['id']).' !</b><br />Шпионить за <b>'.$usank.'</b> ЗАПРЕЩЕНО!';
header("Location: ?to=".$ank['id']."");
exit;
}
uvedom();
?>
<style>
.mi_text img {
width: 60px;
}
.mi_text img.emoji-icon {
width: 20px;
}
</style>
<div class="basisDialogs pcont mail bl_cont vk_mail" style="padding-bottom: 0;">
<div class="head_actions_wrap<?= (isset($_GET['menu_opened']) ? ' head_actions_opened' : '') ?>">
<a class="link_header" href="?to=<?= $ank['id']?>&id=<?= $anks['id']?>&menu_opened" onclick="MessagesActions.actionsOpened(this, event);">
<h4 class="sub_header clearfix">
<span class="sub_header_label"><?= u_nick($ank['id'])?></span>
<span class="sub_header_rl"><i class="i_actions"> </i></span>
</h4>
</a>
<ul class="context_menu head_actions">
<li>
<a href="?to=<?= $ank['id']?>&id=<?= $anks['id']?>&dell_all" class="cm_item bli" onclick="return confirm('Вы действительно хотите удалить всю переписку с данным пользователем? Отменить это действие будет невозможно.');"><span class="cm_label">Очистить диалог</span></a>
</li>
</ul>
</div>
<?
err();
$set['p_str'] = '20';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM mail WHERE `unlink` != '$ank[id]' AND (`id_kont` = '$ank[id]' AND `id_user` = '" . $anks['id'] . "' OR `id_kont` = '" . $anks['id'] . "' AND `id_user` = '$ank[id]')"), 0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0) {
?>
<div class="service_msg_box">
<div class="service_msg service_msg_null">История сообщений пуста.</div>
</div>
<?
}
else{
?>
<span class="basisDialogs__writeButton new_item_link write_btn"> Всего сообщений: <?= $k_post?></span>
<div id="messages" class="messages bl_cont">
<?
$q = mysql_query("SELECT m.*, (SELECT COUNT(id) FROM mail_important WHERE `id_user` = '$ank[id]' and `id_mail` = m.`id` LIMIT 1) as important FROM mail as m
WHERE m.`unlink` != '$ank[id]' AND (m.`id_kont` = '$ank[id]' AND m.`id_user` = '" . $anks['id'] . "' OR m.`id_kont` = '" . $anks['id'] . "' AND m.`id_user` = '$ank[id]')
ORDER BY m.`id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q))
{
$ank1 = d_user($post['id_user'], true, 'mi_img');
?>
<div class="msg_item">
<div class="mi_iwrap">
<a href="/id<?= $ank1['id'] ?>"><?= avka50($ank1['id'], 'mi_img')?></a>
</div>
<div class="mi_cont">
<div class="mi_head" style="overflow: hidden;">
<span class="mi_date"><?= vremja($post['time'])?></span>
<div class="mi_author">
<a href="/id<?= $ank1['id'] ?>"><?= u_nick($ank1['id'])?> <?= on_($ank1['id'])?></a> <br />
<?
if($post['read'] == 0){
?>
<span style="color: red;">не прочитано</span>
<?
}
if($post['gift'] == 1){
?>
<div class="mi_medias_plain">Подарок</div>
<?
}
elseif($post['photo'] == 1){
?>
<div class="mi_medias_plain">Фотография</div>
<?
}
?>
</div>
</div>
<div class="mi_body">
<div class="mi_text">
<?= output_text($post['msg'])?>
</div>
<?
if ($post['attachments'])
showAttachmentss($post['id']);
?>
</div>
<a class="mi_date mi_author" href="?to=<?= $ank['id']?>&id=<?= $anks['id']?>&dell=<?= $post['id']?>">Удалить</a>
<br />
</div>
</div>
<?
}
?>
</div>
<?
}
if ($k_page>1)
str_vk('?to='.$ank['id'].'&id='.$anks['id'].'&',$k_page,$page); // Вывод страниц
?>
</div>
<?
}
// Вывод контактов юзера, которого выбрали
elseif (isset($_GET['to'])){
shapka_VK(true, '?', 'Шпионим #id'.$ank['id'].'');
?>
<div class="basisDialogs pcont mail bl_cont vk_mail">
<?
$q = mysql_query("SELECT IF(e.id_user = '" . $ank['id'] . "', e.id_kont, e.id_user) AS contact,
SUM(IF (e.read = '0' AND e.id_kont = '" . $ank['id'] . "', 1, 0)) AS inbox,
SUM(IF (e.read = '0' AND e.id_user = '" . $ank['id'] . "', 1, 0)) AS outbox
FROM mail AS e
WHERE (e.id_kont = '" . $ank['id'] . "' OR e.id_user = '" . $ank['id'] . "') AND `unlink` != '" . $ank['id'] . "'
GROUP BY contact");
$dataCount = array();
while ($dC = mysql_fetch_assoc($q))
$dataCount[$dC['contact']] = $dC;
mysql_free_result($q);
$set['p_str'] = '20';
$k_post = count($dataCount);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
uvedom();
if ($k_post) {
?>
<span class="basisDialogs__writeButton new_item_link write_btn"> Всего контактов: <?= $k_post?></span>
<?
$q = mysql_query("SELECT m.id, m.time, m.msg, m.attachments, m.gift, m.photo, IF(m.`id_user` = '" . $ank['id'] . "', m.`id_kont`, m.`id_user`) AS contact
FROM `mail` AS m , (SELECT MAX(id) AS id FROM `mail` WHERE `unlink` != '" . $ank['id'] . "' AND (`id_kont` = '" . $ank['id'] . "' OR `id_user` = '" . $ank['id'] . "') GROUP BY IF(`id_user` = '" . $ank['id'] . "', `id_kont`, `id_user`)) max
WHERE m.id = max.id AND (m.`id_kont` = '" . $ank['id'] . "' OR m.`id_user` = '" . $ank['id'] . "') AND m.`unlink` != '" . $ank['id'] . "'
GROUP BY contact ORDER BY m.id DESC LIMIT " . $start . ", " . $set['p_str']);
while ($post = mysql_fetch_assoc($q)) {
$d = d_user($post['contact']);
$d['nick'] = u_nick($d['id']);
$post = array_merge($post, $dataCount[$post['contact']]);
?>
<a class="dialog_item<?= ($post['outbox'] >= 1 ? ' di_unread_outbox' : '') . ($post['inbox'] >= 1 ? ' di_unread_inbox' : '') ?>"
href="?to=<?= $ank['id']?>&id=<?= $post['contact'] ?>" data-contact="<?= $post['contact'] ?>"
data-time="<?= $post['time'] ?>">
<div class="di_iwrap"><?= $d['avatar'] ?></div>
<div class="di_cont">
<span class="di_date"><?= vremja($post['time'])?></span>
<div class="di_head">
<span class="mi_author"><?=$d['nick'] . $d['online'] ?></span><?= ($post['inbox'] >= 1 ? '<span class="di_unread_cnt"><span class="di_hide"> (+</span>' . $post['inbox'] . '<span class="di_hide">)</span></span>' : '') ?>
</div>
<div class="di_body">
<?
if($post['gift'] == 1){
?>
<div class="mi_medias_plain">Подарок</div>
<?
}
elseif($post['photo'] == 1){
?>
<div class="mi_medias_plain">Фотография</div>
<?
}
else{
?>
<?= ($post['msg'] ? '<div class="di_text">' . hideLink(output_text(short_text($post['msg'], 15))) . '</div>' : '') ?>
<?
if ($post['attachments']) {
$cnt_files = mysql_fetch_assoc(mysql_query("SELECT folder, COUNT(id) as cnt FROM mail_files_vk WHERE `action` = 'sent' AND `id_mail` = '" . $post['id'] . "' LIMIT 1"));
echo '<div class="mi_medias_plain">';
if ($cnt_files['cnt'] == 1)
echo $config['folder'][$cnt_files['folder']];
else
echo des2num($cnt_files['cnt'], array(' вложение', ' вложения', ' вложений'));
echo '</div>';
}
}
?>
</div>
</div>
</a>
<?
}
mysql_free_result($q);
}
else{
?>
<div class="service_msg_box">
<div class="service_msg service_msg_null">У пользователя нет контактов.</div>
</div>
<?
}
?>
</div>
<?
if ($k_page > 1)
str_vk('?to='.$ank['id'].'&',$k_page,$page); // Вывод страниц
}
else{
shapka_VK(true, '/adm/', 'Шпион');
if (isset($_POST['cfms'])){
$id = intval($_POST['id']);
$usank = u_nick($id);
if ($id == 1)
$err[] = 'Уважаем'.($user['pol'] == 1 ? 'ый' : 'ая').' <b> '.u_nick($user['id']).' !</b><br />Шпионить за <b>'.$usank.'</b> ЗАПРЕЩЕНО!';
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$id' LIMIT 1"),0) == 0)
$err[] = 'Юзер с таким ID не обнаружен!';
if(!preg_match("#^([0-9\ ])+$#ui", $_POST['id']))
$err[] = 'Разрешено вводить только цифры!';
if (!$err){
header("Location: shp_us.php?to=".$id."");
exit;
}
}
?>
<div class="basisDefault">
<div class="basisDefault__row">
<div class="Pad">
<?
uvedom();
if (isset($err)){
?>
<div class="Row Row_style_tinyPaddingBottom"><div class="Pad__alert Alert Alert_theme_warning">
<?
err();
?>
</div></div>
<?
}
?>
<div class="Pad__header Row"><h3 class="Pad__title">Введите ID юзера, которого будем шпионить:</h3></div>
<div class="Pad__content">
<form action="shp_us.php" method="POST">
<div class="Row">
<label class="Input Input_prefixed">
<div class="Input__prefix Input__prefix_gray">http://xmyx.ru/id</div>
<div class="Input__nativeWrap"><input class="Input__native" name="id" value="" autocapitalize="off"></div>
</label>
</div>
<div class="Row Row_style_tinyPaddingTop"><button class="Btn Btn_theme_regular" name="cfms" type="submit">Продолжить</button></div>
</form>
</div></div></div>
</div>
<?
}
include_once H.'sys/inc/tfoot.php';
?>