File size: 1.5Kb
<?php defined('ACCESS') OR die('No direct script access...');
/**
* Author - koder_alex
* ISQ - 669906617
* VK - https://vk.com/koder_alex
* It is forbidden to give, sell, modify.
*/
if (isset($_POST['peer']) && is_numeric($_POST['peer']) && mysql_result(mysql_query("SELECT COUNT(id) FROM user WHERE `id` = '".(int) $_POST['peer']."'", $db), 0))
$peer = d_user((int) $_POST['peer'], false);
else
$peer = d_user(0, false);
if(empty($_POST['dataID']))
{
$_SESSION['_VK_mail'] = array(
'text' => 'Ошибка доступа.',
'type' => 'error'
);
setData(array());
}
$_POST['dataID'] = my_esc($_POST['dataID']);
if(!mysql_result(mysql_query("SELECT COUNT(id) FROM `mail` WHERE `id` IN (".$_POST['dataID'].") AND (`id_user` = '".$user['id']."' OR `id_kont` = '".$user['id']."') AND unlink != '".$user['id']."'"), 0))
{
$_SESSION['_VK_mail'] = array(
'text' => 'Ошибка доступа.',
'type' => 'error'
);
setData(array());
}
foreach (explode(',', $_POST['dataID']) as $key => $value)
if(!mysql_result(mysql_query("SELECT COUNT(id) FROM `mail_important` WHERE `id_user` = '".$user['id']."' AND `id_mail` = '".$value."'"), 0))
mysql_query("INSERT INTO `mail_important` (`id_user`, `id_kont`, `id_mail`) values('".$user['id']."', '".$peer['id']."', '".$value."')");
else
mysql_query("DELETE FROM `mail_important` WHERE `id_user` = '".$user['id']."' AND `id_kont` = '".$peer['id']."' AND `id_mail` = '".$value."' LIMIT 1");
setData(array());