Вы находитесь на странице: 1из 4

<?

php
$pagetitle="������� ��������";
include('header.php');
require_once('.zsecurity.php');
?>

<script type="text/javascript">
function setChecked(obj){
var check = document.getElementsByName("chkb[]");
for (var i=0; i<check.length; i++) {check[i].checked = obj.checked;}
}
</script>

<?php

if(!isset($_SESSION["userLog"]) && !isset($_SESSION["userPas"]))


{
echo '<font color="red"><b>������! �� ������� � ������ �������� ����������
�����������������!</b></font><br /><br />';
include('footer.php');
exit();
}else{
require('config.php');

echo '<a href="'.$_SERVER["PHP_SELF"].'" class="block1"><b>�������


��������</b></a> | <a href="/outbox.php"><b>�������� ��������</b></a> | <a
href="/newmsg.php"><b>����� ���������</b></a><br /><br />';

$username = uc($_SESSION["userLog"]);

$KOL_ZP = "20";
if (isset($_GET["page"]))
{
if(preg_match("|^[\d]*$|",$_GET['page']))
{
$page = (int)limpiar($_GET["page"]);
if($page>0) {$start = abs(($page - 1) *
$KOL_ZP);}else{$page = "1"; $start = "0";}
}else{
$page = "1";
$start = "0";
}
}else{
$start = "0";
$page = "1";
}

if(isset($_GET["option"]))
{
$option = limpiar($_GET["option"]);

if($option=="del")
{
if(isset($_POST['chkb']))
{
$chkb = $_POST['chkb'];
$chkb = array_map('intval',$chkb);
$chkb = array_map('mysql_real_escape_string',$chkb);
$chkb = implode("','",$chkb);
mysql_query("DELETE FROM `tb_mail_in` WHERE (`id` IN
('$chkb') AND `namein`='$username')") or die(mysql_error());
}
}
}

if(isset($_GET["view"]))
{
if(preg_match("|^[\d]*$|",$_GET['view']))
{
$view = (int)limpiar($_GET["view"]);

function readBR($mensaje){
$mensaje = str_replace("----- Original Message
-----","<br /><br />----- <i>Original Message</i> -----<br />",$mensaje);
return $mensaje;
}

if($view > 0)
{
$sql = mysql_query("SELECT * FROM tb_mail_in WHERE
id='$view' AND namein='$username'");
if(mysql_num_rows($sql)>0)
{
$row = mysql_fetch_assoc($sql);

$id = $row["id"];
$nameout = $row["nameout"];
$subject = $row["subject"];
$message = readBR($row["message"]);
$status = $row["status"];

if($status=="0") {
mysql_query("UPDATE tb_mail_in SET
status='1' WHERE id='$id'") or die(mysql_error());
mysql_query("UPDATE tb_mail_out SET
status='1' WHERE ident='$id'") or die(mysql_error());
}

echo "<b>�� ����:</b>&nbsp;$nameout<br />";


echo "<b>����:</b>&nbsp;$subject<br />";
echo "<b>���������:</b>&nbsp;<br
/>$message<br /><br />";
echo '<font color="red">��������! ������������
������� �� ���������� ����� � ������ � ����� �������������! ����� ������������� -
admin.</font><br /><br />';
echo '<form action="newmsg.php?re='.$id.'"
method="get"><input type="hidden" name="re" value="'.$id.'"><input type="submit"
value="�������� �� ���������" /></form>';

include('footer.php');
exit();
}else{
echo '<font color="red"><b>������! ������
�������� ���!</b></font>';
include('footer.php');
exit();
}
}else{
echo '<font color="red"><b>������! ������ �������� ���!
</b></font>';
include('footer.php');
exit();
}
}else{
echo '<font color="red"><b>������! ������ �������� ���!
</b></font>';
include('footer.php');
exit();
}
}

$sql_page = mysql_query("SELECT id FROM tb_mail_in WHERE namein='$username'");


$kol_page = mysql_num_rows($sql_page);

?><form action="<?php echo $_SERVER['PHP_SELF'];?>?option=del" method="post">


<table class="tables">
<thead><tr>
<th class="top">����</th>
<th class="top">�����������</th>
<th class="top">����</th>
<th class="top">��������</th>
<th class="top"><input type="checkbox" name="set"
onclick="setChecked(this)" /></th>
</tr></thead><?

$sql = mysql_query("SELECT * FROM tb_mail_in WHERE namein='$username' ORDER BY id


DESC limit $start,$KOL_ZP");
if(mysql_num_rows($sql)>0)
{
while ($row = mysql_fetch_assoc($sql))
{
$id = $row["id"];
$nameout = $row["nameout"];
$subject = $row["subject"];
$date = DATE("d.m.Y�. � H:i",$row["date"]);

$img = ($row["status"]==0) ? "messnoread.ico" :


"messread.ico";
$title = ($row["status"]==0) ? "��������� �� ���������" :
"��������� ���������";

?><tr>
<td align="center"><?php echo $date;?></td>
<td align="center"><?php echo $nameout;?></td>
<td align="center"><?php echo $subject;?></td>
<td align="center"><img src="img/<?=$img?>"
width="16" height="16" border="0" align="absmiddle" alt="" title="<?=$title?>"
/>&nbsp;<a href="<?=$_SERVER['PHP_SELF']?>?view=<?=$id?>">��������</a></td>
<td align="center"><input type="checkbox"
name="chkb[]" value="<?php echo $id;?>" /></td>
</tr><?
}
}else{
echo '<tr align="center"><td colspan="5"><b>���������
���</b></td></tr>';
}

echo "</table>";
if($kol_page>0) {echo '<br><input type="submit" class="sub-blue160"
style="float:right; display:block;" value="������� ����������" /><br>';}
echo "</form>";

if($kol_page>$KOL_ZP){
echo '<br /><b>��������:</b>&nbsp;';
$num_pages=ceil($kol_page/$KOL_ZP);
for($i=1;$i<=$num_pages;$i++)
{
if($i == $page)
{
echo '<font color="red"><b>'.$i.'</b></font>&nbsp;';
}else{
echo '<a href="'.$_SERVER['PHP_SELF'].'?page='.$i.'"><b>'.
$i.'</b></a>&nbsp;';
}
}
}

}
?>

<?php include('footer.php');?>

Оценить