File size: 1.55Kb
<?php defined('ACCESS') OR die('No direct script access...');
/**
* Author - koder_alex
* ISQ - 669906617
* VK - https://vk.com/koder_alex
* It is forbidden to give, sell, modify.
*/
if (isset($_POST['peer']) && is_numeric($_POST['peer']) && mysql_result(mysql_query("SELECT COUNT(id) FROM user WHERE `id` = '".(int) $_POST['peer']."'", $db), 0))
$peer = d_user((int) $_POST['peer'], false);
else
$peer = d_user(0, false);
if(empty($_POST['dataID']))
{
$_SESSION['_VK_mail'] = array(
'text' => 'Ошибка доступа.',
'type' => 'error'
);
setData(array());
}
$_POST['dataID'] = my_esc($_POST['dataID']);
if(!mysql_result(mysql_query("SELECT COUNT(id) FROM `mail` WHERE `id` IN (".$_POST['dataID'].") AND (`id_user` = '".$user['id']."' OR `id_kont` = '".$user['id']."') AND unlink != '".$user['id']."'"), 0))
{
$_SESSION['_VK_mail'] = array(
'text' => 'Ошибка доступа.',
'type' => 'error'
);
setData(array());
}
if(mysql_result(mysql_query("SELECT COUNT(id) FROM `mail_files_vk` WHERE `id_user` = '$user[id]' AND `id_kont` = '$peer[id]' AND `folder` = 'reply' AND `action` = 'prepare'"), 0))
mysql_query("UPDATE `mail_files_vk` SET `name` = '".$_POST['dataID']."', `time` = '$time' WHERE `id_user` = '$user[id]' AND `id_kont` = '$peer[id]' AND `folder` = 'reply' AND `action` = 'prepare'");
else
mysql_query("INSERT INTO `mail_files_vk` (`id_user`, `id_kont`, `time`, `name`, `folder`) values('".$user['id']."', '".$peer['id']."', '".$time."', '".$_POST['dataID']."', 'reply')");
setData(array());