Commit | Line | Data |
---|---|---|
e586807d H |
1 | <?php |
2 | function send() { | |
3 | global $db; | |
4 | if (empty($_SESSION['user_id']) || empty($_SESSION['user_name'])) { | |
5 | global $error; | |
6 | $error="user_id or user_name empty. try again or fck.off if u'r hackin"; | |
7 | return false; | |
8 | } | |
9 | ||
10 | $user_id=$_SESSION['user_id']; | |
11 | $user_name=$_SESSION['user_name']; | |
12 | $mail_name=$_POST['mail_to']; | |
13 | $mail_to=explode(";",$mail_name); | |
14 | $mail_text=$_POST['mail_text']; | |
15 | $nohtml=$_POST['nohtml']; | |
16 | ||
17 | if (count($mail_to)==1) { | |
18 | $q="select user_id from users where login='$mail_name'"; | |
19 | $result=$db->query($q); | |
20 | $result->next(); | |
21 | $to=$result->getRecord(); | |
22 | $mail_to_id[]=$to['user_id']; | |
23 | } | |
24 | ||
25 | elseif (count($mail_to)>1) { | |
26 | foreach ($mail_to as $mail_to_exploded) { | |
27 | $q="select user_id from users where login='$mail_to_exploded'"; | |
28 | $result=$db->query($q); | |
29 | $result->next(); | |
30 | $to=$result->getRecord(); | |
31 | $mail_to_id[]=$to['user_id']; | |
32 | } | |
33 | } | |
34 | ||
35 | ||
36 | if (empty($mail_text)) { | |
37 | global $error; | |
38 | $error="Prilis kratka sprava. Syr vesela krava, student prava a ci dobra trava?"; | |
39 | return false; | |
40 | } | |
41 | ||
42 | if ($mail_to_id) { | |
43 | ||
44 | $mail_text=nodes::processContent($mail_text); | |
45 | global $htmlparse; | |
46 | if ($htmlparse) { | |
47 | $error=$htmlparse; | |
48 | return false; | |
49 | } | |
50 | foreach ($mail_to_id as $mail_to_id_send) { | |
51 | $q="insert into mail set mail_user='$user_id',mail_read='no', mail_from='$user_id',mail_text='$mail_text',mail_to='$mail_to_id_send',mail_timestamp=NOW()"; | |
52 | $result=$db->query($q); | |
53 | $duplicate_id=$db->getLastInsertId(); | |
54 | $q="insert into mail set mail_duplicate_id='$duplicate_id', mail_read='no',mail_user='$mail_to_id_send',mail_from='$user_id',mail_text='$mail_text', mail_to='$mail_to_id_send',mail_timestamp=NOW()"; | |
55 | $result=$db->query($q); | |
56 | $db->query("update users set user_mail=user_mail+1, user_mail_name='$user_name' where user_id='$mail_to_id_send'"); | |
57 | } | |
58 | return true; | |
59 | ||
60 | } | |
61 | ||
62 | else { | |
63 | global $error; | |
64 | $error="user $mail_to does not exist"; | |
65 | return false; | |
66 | } | |
67 | } | |
68 | ||
69 | ||
70 | ?> |