<?php
$json['answer'] = false;
if (isset($_POST['csrf']) && isset($_SESSION['chat_csrf']) && $_SESSION['chat_csrf'] == $_POST['csrf'] && isset($_POST['msg']) && actions::post_chat_message($_POST['msg'])) {
$json['answer'] = true;
}
echo json_encode($json);
<div class="el-row-body"' . (!empty($show_chat) ? ' style="display: none;"' : '') . '>
<div id="post-chat">';
$chat_csrf = \site\utils::str_random(10);
if (ab_to(array('chat' => 'add'))) {
echo '<form action="#" method="POST">
<input type="text" name="text" value="" placeholder="' . $LANG['chat_write_input'] . '" />
<button class="btn">' . $LANG['chat_write_button'] . '</button>
<a href="#" class="btn useggfont" title="Reload">Z</a>
<input type="hidden" name="chat_csrf" value="' . $chat_csrf . '" />
</form>';
}
echo '</div>';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['chat_csrf']) && check_csrf($_POST['chat_csrf'], 'chat_csrf') && isset($_POST['text'])) {
actions::post_chat_message($_POST['text']);
}
}
$_SESSION['chat_csrf'] = $chat_csrf;
echo '<ul class="elements-list" id="chat-msgs-list">';
if ($chatmsgs = admin_query::chat_messages() > 0) {
foreach (admin_query::while_chat_messages(array('max' => 5, 'orderby' => 'date DESC')) as $item) {
echo '<li>
<div style="display: table;">
<img src="' . \query\main::user_avatar($item->user_avatar) . '" alt="" />
<div class="info-div"><h2>' . $item->user_name . '
<span class="fright date">' . date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)) . '</span></h2>
<div class="info-bar">' . \site\utils::bbcodes($item->text) . '</div>
</div></div>
</li>';
}