View file English_ilichat41_RAZiB/'ilichat41/letters.php

File size: 39.67Kb
<?php 
error_reporting(0);
require_once"./includes/functions/gzip.php";
include('start.php');
include("config.php");
include("./includes/constants/letters");
include("./includes/" . $ver . "/banned");

$old_letters = 7; //DAYS

$fd = fopen("letters.dat", "r");
$clear_time = intval(fgets($fd));
fclose($fd);

if ($clear_time < time()) {
    $delete = mysql_query("DELETE FROM `chat_letters` WHERE `time` < '" . (time() - (3600 * 24 * $old_letters)) . "';");

    $fd = fopen("letters.dat", "w");
    flock($fd, LOCK_EX);
    $puts = fputs($fd, (time() + 3600 * 24 * $old_letters));
    flock($fd, LOCK_UN);
    fclose($fd);
} 

list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;

$nocache = rand(1000, 9999);

switch ($ver) {
    // //////////////////////////////////////////////////////
    // WML VERSION
    // //////////////////////////////////////////////////////
    case 'wml':
        header("Content-type: text/vnd.wap.wml; charset=utf-8");
        header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
        header("Cache-Control: no-cache, must-revalidate");
        // AUTH
        $id = intval($_SESSION['id']);
        $password = mysql_escape_string($_SESSION['password']);
        $q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '" . $id . "' AND `password` = '" . md5($password) . "';");

        if (mysql_affected_rows() == 0) {
            echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
            echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
            echo "<card title=\"ERROR\" ontimer=\"index.php?ver=wml\"><timer value=\"15\"/><p align=\"left\">\n";
            echo "<small>Not logged in!<br/>\n";
            list($msec, $sec) = explode(chr(32), microtime());
            echo "<br/>[" . round(($sec + $msec) - $headtime, 5) . "] sec<br/>\n";
            echo "</small>";
            require_once "includes/functions/gzip_foot.php";
            echo "</p></card></wml>";
            ob_end_flush();
            exit();
        } else {
            $nickname = mysql_result($q, 0, 'nickname');
        } 
        // END AUTH
        // ONLINE
        $online = time() + 60;
        $update = mysql_query("UPDATE `chat_users` SET `time` = '" . $online . "', `place` = 0, `ip` = '" . getenv('REMOTE_ADDR') . "', `ua` = '" . htmlspecialchars(getenv('HTTP_USER_AGENT')) . "' WHERE `id` = '" . $id . "';");
        // END ONLINE
        echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
        echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
        echo "<card title=\"" . TITLE . "\"><p align=\"left\">\n";

        if (isset($_GET['mod'])) {
            $mod = $_GET['mod'];
        } else {
            $mod = "";
        } 

        switch ($mod) {
            case 'inbox':
                echo INBOX . ":<br />\n";
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "';");
                $all = mysql_result($q, 0);

                if (isset($_GET['page'])) {
                    $page = intval($_GET['page']);
                } else {
                    $page = 0;
                } 

                if ($page < 0) $page = 0;
                if ($page > intval($all / ONPAGE)) $page = intval($all / ONPAGE);

                $limit = ($page * ONPAGE) . ", " . ($page * ONPAGE + ONPAGE);

                $q = mysql_query("SELECT `lid`, `subject`, `read`, `from` FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "' ORDER BY `lid` DESC LIMIT " . $limit . ";");

                if (mysql_num_rows($q) == 0) {
                    echo INBOX_IS_NOT . "<br/>\n";
                } while ($letter = mysql_fetch_array($q)) {
                    $lid = $letter['lid'];
                    $title = $letter['subject'];
                    $read = $letter['read'];
					$to = $letter['from'];
					$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $to . "';");
                    $nick = mysql_result($q, 0);
                    if ($read == 0) {
					
                        echo "[NEW] <a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=view&amp;lid=$lid\">$title $nick</a><br/>\n";
                    } else {
                        echo "[old] <a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=view&amp;lid=$lid\">$title $nick</a><br/>\n";
                    } 
                } 

                if ($page > 0) {
                    echo "<a href='letters.php?" . SID . "&amp;mod=inbox&amp;ver=wml&amp;page=" . ($page - 1) . "'>" . htmlspecialchars("<<<") . "</a><br />\n";
                } 

                if ($all > $page * ONPAGE + ONPAGE) {
                    echo "<a href='letters.php?" . SID . "&amp;mod=inbox&amp;ver=wml&amp;page=" . ($page + 1) . "'>" . htmlspecialchars(">>>") . "</a><br />\n";
                } 
                break;

            case 'outbox':
                echo OUTBOX . ":<br />\n";
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "';");
                $all = mysql_result($q, 0);

                if (isset($_GET['page'])) {
                    $page = intval($_GET['page']);
                } else {
                    $page = 0;
                } 

                if ($page < 0) $page = 0;
                if ($page > intval($all / ONPAGE)) $page = intval($all / ONPAGE);

                $limit = ($page * ONPAGE) . ", " . ($page * ONPAGE + ONPAGE);

                $q = mysql_query("SELECT `lid`, `subject` FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "' ORDER BY `lid` DESC;");

                if ($start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=0&amp;ver=wml\">&lt;&lt;&lt;&lt;</a><br/>";
                if ($start > 0) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($start-10) . "&amp;ver=wml\">&lt;&lt;&lt;</a><br/>";

                if (mysql_num_rows($q) == 0) {
                    echo OUTBOX_IS_NOT . "<br/>\n";
                } while ($letter = mysql_fetch_array($q)) {
                    $lid = $letter['lid'];
                    $title = $letter['subject'];
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=view&amp;lid=$lid\">$title</a><br/>\n";
                } 

                if ($all > $start + 5) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($start + 5) . "&amp;ver=wml\">&gt;&gt;&gt;</a><br/>";
                if ($all - $start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($all - 5) . "&amp;ver=wml\">&gt;&gt;&gt;&gt;</a><br/>";
                break;

            case 'view':
                $lid = intval($_GET['lid']);
                $q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '" . $lid . "' AND `id` = '" . $id . "';");

                if (mysql_num_rows($q) == 0) {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>";
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
                    echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
                    list($msec, $sec) = explode(chr(32), microtime());
                    echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
                    require_once "includes/functions/gzip_foot.php";
                    echo "</p></card></wml>";
                    ob_end_flush();
                    exit();
                } 

                mysql_query("UPDATE `chat_letters` SET `read` = 1 WHERE `lid` = '" . $lid . "';");

                $letter = mysql_fetch_array($q);
                $lid = $letter['lid'];
                $to = $letter['to'];
                $from = $letter['from'];
                $title = $letter['subject'];
                $text = $letter['body'];
                $date = $letter['date'];

                if ($to == $id) {
                    $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $from . "';");
                    $nick = mysql_result($q, 0);
                    echo "<u>" . LETTER_TITLE . ":</u> $title<br/>\n";
                    echo "<u>" . LETTER_FROM . ":</u> $nick<br/>\n";
                    echo "<u>" . LETTER_DATE . ":</u> $date<br/>\n";
                    echo "<u>" . LETTER_BODY . ":</u> $text<br/>\n";
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=send&amp;toid=$from&amp;nocache=$nocache\">Reply</a><br/>\n";
                } else {
                    $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $to . "';");
                    $nick = mysql_result($q, 0);
                    echo "<u>" . LETTER_TITLE . ":</u> $title<br/>\n";
                    echo "<u>" . LETTER_TO . ":</u> $nick<br/>\n";
                    echo "<u>" . LETTER_DATE . ":</u> $date<br/>\n";
                    echo "<u>" . LETTER_BODY . ":</u> $text<br/>\n";
                } 
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=delete&amp;lid=$lid&amp;nocache=$nocache\">Remove</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=deleteallfrom&amp;drom=$from&amp;nocache=$nocache\">Remove all letter frm $nick</a><br/>\n";
                break;

            case 'send':
                if (!isset($_POST['action'])) {
                    if (isset($_GET['toid'])) {
                        $toid = intval($_GET['toid']);
                        $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $toid . "';");
                        $nick = mysql_result($q, 0);
                    } else {
                        $nick = "";
                    } 
					echo LETTER_TO . ":<br/>\n";
                    echo "<input name=\"nick$nocache\" value=\"$nick\" maxlength=\"15\" title=\"nick\"/><br/>\n";
                    echo LETTER_TITLE . ":<br/>\n";
                    echo "<input name=\"title$nocache\" maxlength=\"15\" title=\"title\"/><br/>\n";
                    echo LETTER_BODY . ":<br/>\n";
                    echo "<input name=\"text$nocache\" value=\"\" maxlength=\"300\" title=\"text\"/><br/>\n";
                    ////echo "Транслитировать:<br/>\n";
                   // //echo "<select multiple=\"true\" name=\"translit$nocache\">\n";
                    ////echo "<option value=\"tt\">Залоговок</option>\n";
                    ////echo "<option value=\"nt\">Кому</option>\n";
                    echo "<option value=\"text\">" . LETTER_BODY . "</option>\n";
                    echo "</select><br/>\n";
                    echo "<anchor>[Submit]<go href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=send&amp;nocache=$nocache\" method=\"post\" sendreferer=\"true\">\n";
                    echo "<postfield name=\"title\" value=\"$(title$nocache)\"/>\n";
                    echo "<postfield name=\"nick\" value=\"$(nick$nocache)\"/>\n";
                    echo "<postfield name=\"text\" value=\"$(text$nocache)\"/>\n";
                    echo "<postfield name=\"action\" value=\"send\"/>\n";
                    echo "</go></anchor><br/>\n";
                } else {
    
                    $title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
                    $nick = htmlspecialchars(mysql_escape_string(trim($_POST['nick'])));
                    $text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
                    $translit = $_POST['translit'];
                    $q = mysql_query("SELECT * FROM `chat_users` WHERE `nickname` = '" . $nick . "';");

                    if (mysql_affected_rows() == 0) {
                        echo USER_WAS_NOT_FOUND . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
                        list($msec, $sec) = explode(chr(32), microtime());
                        echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
                        require_once "includes/functions/gzip_foot.php";
                        echo "</p></card></wml>";
                        ob_end_flush();
                        exit();
                    } else {
                        $user_data = mysql_fetch_array($q);
                        $toid = $user_data['id'];
                        $system = $user_data['system'];
                        $place = $user_data['place'];
                        $key = $user_data['key'];
                        $user_pass = $user_data['password'];
                        $time = $user_data['time'];
                        $place = $user_data['place'];
                    } 

                    if (empty($title)) {
                        echo ERROR_TITLE_IS_EMPTY . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
                        list($msec, $sec) = explode(chr(32), microtime());
                        echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
                        require_once "includes/functions/gzip_foot.php";
                        echo "</p></card></wml>";
                        ob_end_flush();
                        exit();
                    } 

                    if (empty($text)) {
                        echo ERROR_BODY_IS_EMPTY . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
                        list($msec, $sec) = explode(chr(32), microtime());
                        echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
                        require_once "includes/functions/gzip_foot.php";
                        echo "</p></card></wml>";
                        ob_end_flush();
                        exit();
                    } 

                    $date = date("d-m-Y H:i:s");

                    $q = mysql_query("SELECT * FROM `chat_letters` WHERE `subject` = '" . $title . "' AND `body` = '" . $text . "' AND `to` = '" . $toid . "';");

                    if (mysql_num_rows($q) != 0) {
                        echo ERROR_SPAM . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
                        list($msec, $sec) = explode(chr(32), microtime());
                        echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
                        require_once "includes/functions/gzip_foot.php";
                        echo "</p></card></wml>";
                        ob_end_flush();
                        exit();
                    } 

                    $query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $toid . "', '" . $toid . "', '" . $id . "', '" . $title . "', '" . $text . "', '" . $date . "', '" . time() . "', 0);");
                    if ($toid != $id) {
                        $query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $id . "', '" . $toid . "', '" . $id . "', '" . $title . "', '" . $text . "', '" . $date . "', '" . time() . "', 0);");
                    } 
                    // Avtootvet
                    $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $toid . "';");
                    $avtootvet = mysql_result($q, 0);
                    if (!empty($avtootvet)) mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $id . "', '" . $id . "', '" . $toid . "', '" . $nick . "(avtoanswer)', '" . addslashes($avtootvet) . "', '" . $date . "', '" . time() . "', 0);");
                    // END Avtootvet
                    if ($system == 1 && $time >= time()) {
                        $bot = file("bots/bots.dat");
                        $system_bot = trim($bot[3]);

                        $message = "$nick, You had a new letter from the userа\"" . $nickname . "\" with subject \"" . $title . "\".<br />\n";
                        $message .= "<a href=\'letters.php?<usersid>&amp;mod=inbox\'>[View]</a>\n";

                        mysql_query("INSERT INTO `chat" . $place . "` VALUES(0, '5', '" . $system_bot . "', '" . $message . "', '" . $toid . "', '" . date("H:i:s") . "', " . time() . ");");
                    } 

                    if ($query) {
                        echo LETTER_SEND_SUCCESS . "<br/>\n";
                    } else {
                        echo LETTER_SEND_ERROR . "<br/>\n";
                        echo "<u>" . mysql_error() . "</u><br/>\n";
                    } 
                } 
                break;

            case 'clear':
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `id` = '" . $id . "';");
                if (mysql_affected_rows() != 0) {
                    echo LETTERS_ARE_REMOVED . "<br/>\n";
                } else {
                    echo MAILBOX_IS_EMPTY . "<br/>\n";
                } 
                break;

            case 'delete':
                $lid = intval($_GET['lid']);
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '" . $lid . "' AND `id` = '" . $id . "';");
                if (mysql_affected_rows() != 0) {
                    echo LETTER_ARE_REMOVED . "<br/>\n";
                } else {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>\n";
                } 
                break;

            case 'deleteallfrom':
                $drom = intval($_GET['drom']);
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `from` = '" . $drom . "' AND `id` = '" . $id . "';");
                if (mysql_affected_rows() != 0) {
                    echo "Letters from the inbox removed<br/>\n";
                } else {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>\n";
                } 
                break;

            case 'avtootvet4ik':
                $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $id . "';");
                $avtotext = mysql_result($q, 0);
                if ($_POST['action'] !== "setavtootvet4ik") {
                    echo "Text:<br/>\n";
                    echo "<input name=\"avtotext$nocache\" value=\"$avtotext\" maxlength=\"15\" title=\"avtotext\"/><br/>\n";
                    echo "<anchor>[Set]<go href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=avtootvet4ik&amp;nocache=$nocache\" method=\"post\" sendreferer=\"true\">\n";
                    echo "<postfield name=\"avtotext\" value=\"$(avtotext$nocache)\"/>\n";
                    echo "<postfield name=\"action\" value=\"setavtootvet4ik\"/>\n";
                    echo "</go></anchor><br/>\n";
                } else {
                    $avtotext = htmlspecialchars(addslashes($_POST['avtotext']));
                    $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $id . "';");
                    if (mysql_affected_rows() == 0) {
                        mysql_query("INSERT INTO `chat_autoans` SET `auans` = '" . $avtotext . "', `id` = '" . $id . "';");
                    } else {
                        mysql_query("UPDATE `chat_autoans` SET `auans` = '" . $avtotext . "' WHERE `id` = '" . $id . "';");
                    } 
                    echo "AutoText raised!<br/>\n";
                } 
                break;

            default:
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "' AND `read` = 0;");
                $newto = mysql_result($q, 0);
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "';");
                $to = mysql_result($q, 0);
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "';");
                $from = mysql_result($q, 0);

                echo "Letters, которые forходятся больше недели - удаляются.<br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=inbox\">" . INBOX . " ($newto/$to)</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=outbox\">" . OUTBOX . " ($from)</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=send\">Send</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=clear\">Clear</a><br/>\n";
                //echo "<a href=\"letters.php?" . SID . "&amp;ver=wml&amp;mod=avtootvet4ik\">Set Text для автоответчика</a><br/>\n";
                echo "<a href=\"frlist.php?" . SID . "&amp;ver=wml\">List of Friends</a><br/>\n";
                break;
        } 

        if (!empty($mod)) echo "<a href=\"letters.php?" . SID . "&amp;ver=wml\">Mailbox</a><br/>\n";
        echo "<br/><a href=\"my.php?" . SID . "&amp;ver=wml\">Profile</a>\n";
        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=wml\">Hall</a><br/>\n";
        list($msec, $sec) = explode(chr(32), microtime());
        echo "<br/><small>[" . round(($sec + $msec) - $headtime, 5) . "] sec</small><br/>\n";
        require_once "includes/functions/gzip_foot.php";
        echo "</p></card></wml>";
        ob_end_flush();
        break;
    // //////////////////////////////////////////////////////
    // HTML VERSION
    // //////////////////////////////////////////////////////
    case 'html':
        $my_title = "Letters";
        if (!isset($_COOKIE['theme'])) $_COOKIE['theme'] = 1;
        include_once "themes/" . intval($_COOKIE['theme']) . "/index.php";
        // AUTH
        $id = intval($_SESSION['id']);
        $password = mysql_escape_string($_SESSION['password']);
        $q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '" . $id . "' AND `password` = '" . md5($password) . "';");

        if (mysql_affected_rows() == 0) {
            echo "Not logged in!<br/>\n";
            include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
            exit();
        } else {
            $nickname = mysql_result($q, 0, 'nickname');
        } 
        // END AUTH
        // ONLINE
        $online = time() + 60;
        $update = mysql_query("UPDATE `chat_users` SET `time` = '" . $online . "', `place` = 0, `ip` = '" . getenv('REMOTE_ADDR') . "', `ua` = '" . htmlspecialchars(getenv('HTTP_USER_AGENT')) . "' WHERE `id` = '" . $id . "';");
        // END ONLINE
        if (isset($_GET['mod'])) {
            $mod = $_GET['mod'];
        } else {
            $mod = "";
        } 

        switch ($mod) {
            case 'inbox':
                echo INBOX . ":<br />\n";
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "';");
                $all = mysql_result($q, 0);

                if (isset($_GET['start'])) $start = $_GET['start'];
                else $start = 0;
                if ($start < 0) $start = 0;
                if ($start > $all) $start = 0;

                $q = mysql_query("SELECT `lid`, `subject`, `read`, `from` FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "' ORDER BY `lid` DESC LIMIT $start, 5;");

                if ($start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=inbox&amp;start=0&amp;ver=html\">&lt;&lt;&lt;&lt;</a><br/>";
                if ($start > 0) print "<a href=\"letters.php?" . SID . "&amp;mod=inbox&amp;start=" . ($start-5) . "&amp;ver=html\">&lt;&lt;&lt;</a><br/>";

                if (mysql_num_rows($q) == 0) {
                    echo INBOX_IS_NOT . "<br/>\n";
                } while ($letter = mysql_fetch_array($q)) {
                    $lid = $letter['lid'];
                    $title = $letter['subject'];
                    $read = $letter['read'];
					$to = $letter['from'];
					$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $to . "';");
                    $nick = mysql_result($q, 0);
                    if ($read == 0) {
                        echo "[NEW] <a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=view&amp;lid=$lid\">$title $nick</a><br/>\n";
                    } else {
                        echo "[OLD]<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=view&amp;lid=$lid\">$title $nick</a><br/>\n";
                    } 
                } 

                if ($all > $start + 5) print "<a href=\"letters.php?" . SID . "&amp;mod=inbox&amp;start=" . ($start + 5) . "&amp;ver=html\">&gt;&gt;&gt;</a><br/>";
                if ($all - $start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=inbox&amp;start=" . ($all-5) . "&amp;ver=html\">&gt;&gt;&gt;&gt;</a><br/>";
                break;

            case 'outbox':
                echo OUTBOX . ":<br />\n";
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "';");
                $all = mysql_result($q, 0);

                if (isset($_GET['start'])) $start = $_GET['start'];
                else $start = 0;
                if ($start < 0) $start = 0;
                if ($start > $all) $start = 0;

                $q = mysql_query("SELECT `lid`, `subject` FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "' ORDER BY `lid` DESC;");

                if ($start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=0&amp;ver=html\">&lt;&lt;&lt;&lt;</a><br/>";
                if ($start > 0) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($start-10) . "&amp;ver=html\">&lt;&lt;&lt;</a><br/>";

                if (mysql_num_rows($q) == 0) {
                    echo OUTBOX_IS_NOT . "<br/>\n";
                } while ($letter = mysql_fetch_array($q)) {
                    $lid = $letter['lid'];
                    $title = $letter['subject'];
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=view&amp;lid=$lid\">$title</a><br/>\n";
                } 

                if ($all > $start + 5) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($start + 5) . "&amp;ver=html\">&gt;&gt;&gt;</a><br/>";
                if ($all - $start > 10) print "<a href=\"letters.php?" . SID . "&amp;mod=outbox&amp;start=" . ($all - 5) . "&amp;ver=html\">&gt;&gt;&gt;&gt;</a><br/>";
                break;

            case 'view':
                $lid = intval($_GET['lid']);
                $q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '" . $lid . "' AND `id` = '" . $id . "';");

                if (mysql_num_rows($q) == 0) {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>";
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
                    echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
                    include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
                    exit();
                } 

                mysql_query("UPDATE `chat_letters` SET `read` = 1 WHERE `lid` = '" . $lid . "';");

                $letter = mysql_fetch_array($q);
                $lid = $letter['lid'];
                $to = $letter['to'];
                $from = $letter['from'];
                $title = $letter['subject'];
                $text = $letter['body'];
                $date = $letter['date'];

                if ($to == $id) {
                    $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $from . "';");
                    $nick = mysql_result($q, 0);
                    echo "<u>" . LETTER_TITLE . ":</u> $title<br/>\n";
                    echo "<u>" . LETTER_FROM . ":</u> $nick<br/>\n";
                    echo "<u>" . LETTER_DATE . ":</u> $date<br/>\n";
                    echo "<u>" . LETTER_BODY . ":</u> $text<br/>\n";
                    echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=send&amp;toid=$from&amp;nocache=$nocache\">Reply</a><br/>\n";
                } else {
                    $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $to . "';");
                    $nick = mysql_result($q, 0);
                    echo "<u>" . LETTER_TITLE . ":</u> $title<br/>\n";
                    echo "<u>" . LETTER_TO . ":</u> $nick<br/>\n";
                    echo "<u>" . LETTER_DATE . ":</u> $date<br/>\n";
                    echo "<u>" . LETTER_BODY . ":</u> $text<br/>\n";
                } 
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=delete&amp;lid=$lid&amp;nocache=$nocache\">Remove</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=deleteallfrom&amp;drom=$from&amp;nocache=$nocache\">Remove all from $nick</a><br/>\n";
                break;

            case 'send':
                if (!isset($_POST['action'])) {
                    if (isset($_GET['toid'])) {
                        $toid = intval($_GET['toid']);
                        $q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '" . $toid . "';");
                        $nick = mysql_result($q, 0);
                    } else {
                        $nick = "";
                    } 

                    echo "<form method=\"post\" action=\"letters.php?" . SID . "&amp;nocache=$nocache&amp;ver=html&amp;mod=send\">\n";
					echo LETTER_TO . ":<br/>\n";
                    echo "<input name=\"nick\" type=\"text\" value=\"$nick\" size=\"15\" maxlength=\"20\"/><br/>\n";
                    echo LETTER_TITLE . ":<br/>\n";
                    echo "<input name=\"title\" type=\"text\" value=\"\" size=\"15\" maxlength=\"15\"/><br/>\n";
                    echo LETTER_BODY . ":<br/>\n";
                    echo "<input name=\"text\" type=\"text\" value=\"\" size=\"15\" maxlength=\"300\"/><br/>\n";
                    //echo "<option value=\"topic\">" . LETTER_TITLE . "</option>\n";
                    echo "</select><br/>\n";
                    echo "<input type=\"hidden\" name=\"action\" value=\"send\"/>";
                    echo "<input type=\"submit\" value=\"Submit\"/></form><br/>\n";
                } else {
                   
                    $title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
                    $nick = htmlspecialchars(mysql_escape_string(trim($_POST['nick'])));
                    $text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));

                    $q = mysql_query("SELECT * FROM `chat_users` WHERE `nickname` = '" . $nick . "';");

                    if (mysql_affected_rows() == 0) {
                        echo USER_WAS_NOT_FOUND . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
                        include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
                        exit();
                    } else {
                        $user_data = mysql_fetch_array($q);
                        $toid = $user_data['id'];
                        $system = $user_data['system'];
                        $place = $user_data['place'];
                        $key = $user_data['key'];
                        $user_pass = $user_data['password'];
                        $time = $user_data['time'];
                        $place = $user_data['place'];
                    } 

                    if (empty($title)) {
                        echo ERROR_TITLE_IS_EMPTY . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
                        include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
                        exit();
                    } 

                    if (empty($text)) {
                        echo ERROR_BODY_IS_EMPTY . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
                        include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
                        exit();
                    } 

                    $date = date("d-m-Y H:i:s");

                    $q = mysql_query("SELECT * FROM `chat_letters` WHERE `subject` = '" . $title . "' AND `body` = '" . $text . "' AND `to` = '" . $toid . "';");
                    // SPAM
                    if (mysql_num_rows($q) != 0) {
                        echo ERROR_SPAM . "<br/>\n";
                        echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
                        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
                        include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
                        exit();
                    } 
                    // END SPAM
                    $query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $toid . "', '" . $toid . "', '" . $id . "', '" . $title . "', '" . $text . "', '" . $date . "', '" . time() . "', 0);");
                    if ($toid != $id) {
                        $query = mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $id . "', '" . $toid . "', '" . $id . "', '" . $title . "', '" . $text . "', '" . $date . "', '" . time() . "', 0);");
                    } 
                    // Avtootvet
                    $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $toid . "';");
                    $avtootvet = mysql_result($q, 0);
                    if (!empty($avtootvet)) mysql_query("INSERT INTO `chat_letters` VALUES(0, '" . $id . "', '" . $id . "', '" . $toid . "', '" . $nick . "(avtoanswer)', '" . addslashes($avtootvet) . "', '" . $date . "', '" . time() . "', 0);");
                    // END Avtootvet
                    if ($system == 1 && $time >= time()) {
                        $bot = file("bots/bots.dat");
                        $system_bot = trim($bot[3]);

                        $message = "$nick, You had a new letter from the userа \"" . $nickname . "\" with subject \"" . $title . "\".<br />\n";
                        $message .= "<a href=\'letters.php?<usersid>&amp;mod=inbox&amp;ver=html\'>[View]</a>\n";

                        mysql_query("INSERT INTO `chat" . $place . "` VALUES(0, '5', '" . $system_bot . "', '" . $message . "', '" . $toid . "', '" . date("H:i:s") . "', " . time() . ");");
                    } 

                    if ($query) {
                        echo LETTER_SEND_SUCCESS . "<br/>\n";
                    } else {
                        echo LETTER_SEND_ERROR . "<br/>\n";
                        echo "<u>" . mysql_error() . "</u><br/>\n";
                    } 
                } 
                break;

            case 'clear':
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `id` = '" . $id . "';");
                if (mysql_affected_rows() != 0) {
                    echo LETTERS_ARE_REMOVED . "<br/>\n";
                } else {
                    echo MAILBOX_IS_EMPTY . "<br/>\n";
                } 
                break;

            case 'delete':
                $lid = intval($_GET['lid']);
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '" . $lid . "';");
                if (mysql_affected_rows() != 0) {
                    echo LETTER_ARE_REMOVED . "<br/>\n";
                } else {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>\n";
                } 
                break;

            case 'deleteallfrom':
                $drom = intval($_GET['drom']);
                $q = mysql_query("DELETE FROM `chat_letters` WHERE `from` = '" . $drom . "' AND `id` = '" . $id . "';");
                if (mysql_affected_rows() != 0) {
                    echo "Letters from the inbox removed<br/>\n";
                } else {
                    echo LETTER_DOES_NOT_EXISTS . "<br/>\n";
                } 
                break;

            case 'avtootvet4ik':
                $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $id . "';");
                $avtotext = mysql_result($q, 0);
                if ($_POST['action'] !== "setavtootvet4ik") {
                    echo "<form method=\"post\" action=\"letters.php?" . SID . "&amp;nocache=$nocache&amp;ver=html&amp;mod=avtootvet4ik\">\n";
                    echo "Text:<br/>\n";
                    echo "<input name=\"avtotext\" type=\"text\" value=\"$avtotext\" size=\"15\" maxlength=\"200\"/><br/>\n";
                    echo "<input type=\"hidden\" name=\"action\" value=\"setavtootvet4ik\"/>";
                    echo "<input type=\"submit\" value=\"Submit\"/></form><br/>\n";
                } else {
                    $avtotext = htmlspecialchars(addslashes($_POST['avtotext']));
                    $q = mysql_query("SELECT `auans` FROM `chat_autoans` WHERE `id` = '" . $id . "';");
                    if (mysql_affected_rows() == 0) {
                        mysql_query("INSERT INTO `chat_autoans` SET `auans` = '" . $avtotext . "', `id` = '" . $id . "';");
                    } else {
                        mysql_query("UPDATE `chat_autoans` SET `auans` = '" . $avtotext . "' WHERE `id` = '" . $id . "';");
                    } 
                    echo "AutoText raised!<br/>\n";
                } 
                break;

            default:
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "' AND `read` = 0;");
                $newto = mysql_result($q, 0);
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `to` = '" . $id . "';");
                $to = mysql_result($q, 0);
                $q = mysql_query("SELECT COUNT(*) FROM `chat_letters` WHERE `id` = '" . $id . "' AND `from` = '" . $id . "';");
                $from = mysql_result($q, 0);

                echo "Letters, которые forходятся больше недели - удаляются.<br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=inbox\">" . INBOX . " ($newto/$to)</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=outbox\">" . OUTBOX . " ($from)</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=send\">Send</a><br/>\n";
                echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=clear\">Clear</a><br/>\n";
                //echo "<a href=\"letters.php?" . SID . "&amp;ver=html&amp;mod=avtootvet4ik\">Set Text для автоответчика</a><br/>\n";
                echo "<a href=\"frlist.php?" . SID . "&amp;ver=html\">List of Friends</a><br/>\n";
                break;
        } 

        if (!empty($mod)) echo "<a href=\"letters.php?" . SID . "&amp;ver=html\">Mailbox</a><br/>\n";
        echo "<br/><a href=\"my.php?" . SID . "&amp;ver=html\">Profile</a>\n";
        echo "<br/><a href=\"menu.php?" . SID . "&amp;ver=html\">Hall</a><br/>";
        include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
        break;
} 

?>