//################### Вывод всех полученных сообщений ###################//
if ($user_info['user_msg_type'] == 1) {
$spBar = false;
include ENGINE_DIR . '/modules/im.php';
} else {
$metatags['title'] = $lang['msg_inbox'];
$user_speedbar = $lang['msg_inbox'];
//Вывод информации после отправки сообщения
if ($_GET['info'] == 1) {
msgbox('', '<script type="text/javascript">setTimeout(\'$(".err_yellow").fadeOut()\', 1500);</script>Ваше сообщение успешно отправлено.', 'info');
}
//Для поиска
$se_query = $db->safesql(ajax_utf8(strip_data(urldecode($_GET['se_query']))));
if (isset($se_query) and !empty($se_query)) {
$search_sql = "AND tb2.user_search_pref LIKE '%{$se_query}%'";
$query_string = '&se_query=' . strip_data($_GET['se_query']);
} else {
$se_query = 'Поиск по полученным сообщениям';
$search_sql = '';
}
//Запрос в БД на вывод сообщений
$query = "SELECT SQL_CALC_FOUND_ROWS tb1.id, theme, text, for_user_id, from_user_id, date, pm_read, attach, tb2.user_search_pref, user_photo, user_last_visit FROM `" . PREFIX . "_messages` tb1, `" . PREFIX . "_users` tb2 WHERE tb1.for_user_id = '{$user_id}' AND tb1.folder = 'inbox' AND tb1.from_user_id = tb2.user_id {$search_sql} ORDER by `date` DESC LIMIT {$limit_page}, {$gcount}";
$sql_ = $db->super_query($query, 1);
//Если есть ответ из БД, то считаем кол-вот ответа
if ($sql_) {
$msg_count = $db->super_query("SELECT COUNT(id) AS cnt FROM `" . PREFIX . "_messages` tb1, `" . PREFIX . "_users` tb2 WHERE tb1.for_user_id = '{$user_id}' AND tb1.folder = 'inbox' AND tb1.from_user_id = tb2.user_id {$search_sql}");
}
//header сообщений
$tpl->load_template('messages/head.tpl');
if ($user_info['user_msg_type'] == 0) {
$tpl->set('{msg-type}', 'Показать в виде диалогов');
<?php
session_start();
require "./../config.php";
require "../functions.php";
$connect = mysql_connect($db_hostname, $db_username, $db_password);
if (!$connect) {
die('Connection to mysql failed, error : ' . mysql_error());
}
if (!mysql_select_db($db_db)) {
die('Cannot connect to db : $db_db, ' . mysql_error());
}
$username = $_POST['username'];
$password = $_POST['password'];
$username = strip_data($username);
$password = strip_data($password);
$user_pass_sql = "SELECT username, password \n FROM registered_users \n WHERE username = \"{$username}\"";
$registered_users = mysql_query($user_pass_sql);
if (!$registered_users) {
$error_mesage = 'Invalid query error: ' . mysql_error() . "\n";
$error_mesage .= 'Desired query: ' . $user_pass_sql;
die($error_mesage);
}
if (mysql_num_rows($registered_users) === 1) {
$user = mysql_fetch_assoc($registered_users);
if ($user["username"] == $username && $user["password"] == $password) {
$_SESSION['is_logged_in'] = true;
$_SESSION['username'] = $username;
mysql_close($connect);
if (!redirect_messenger()) {
die('did not redirect to messenger from signin error#10011');
$sql_ = $db->super_query($sql_query, 1);
}
//Считаем кол-во ответов из БД
if ($sql_count and $sql_) {
$count = $db->super_query($sql_count);
}
//Head поиска
$tpl->load_template('search/head.tpl');
if ($query) {
$tpl->set('{query}', stripslashes(stripslashes(strtr($query, array('%' => ' ')))));
} else {
$tpl->set('{query}', 'Начните вводить любое слово или имя');
}
$_GET['query'] = $db->safesql(ajax_utf8(strip_data(urldecode($_GET['query']))));
if ($_GET['n']) {
$_GET['query'] = $db->safesql(strip_data(urldecode($_GET['query'])));
}
$tpl->set('{query-people}', str_replace(array('&type=2', '&type=3', '&type=4', '&type=5'), '&type=1', $_SERVER['QUERY_STRING']));
$tpl->set('{query-videos}', '&type=2&query=' . $_GET['query']);
$tpl->set('{query-notes}', '&type=3&query=' . $_GET['query']);
$tpl->set('{query-groups}', '&type=4&query=' . $_GET['query']);
$tpl->set('{query-audios}', '&type=5&query=' . $_GET['query']);
$tpl->set('{query-recommendation}', '&type=6&query=' . $_GET['query']);
if ($online) {
$tpl->set('{checked-online}', 'online');
} else {
$tpl->set('{checked-online}', '0');
}
if ($user_photo) {
$tpl->set('{checked-user-photo}', 'user_photo');
} else {
break;
//################### Общие настройки ###################//
//################### Общие настройки ###################//
default:
$row = $db->super_query("SELECT user_name, user_lastname, user_email FROM `" . PREFIX . "_users` WHERE user_id = '{$user_id}'");
//Загружаем вверх
$tpl->load_template('settings/general.tpl');
$tpl->set('{name}', $row['user_name']);
$tpl->set('{lastname}', $row['user_lastname']);
$tpl->set('{id}', $user_id);
//Завершении смены E-mail
$tpl->set('{code-1}', 'no_display');
$tpl->set('{code-2}', 'no_display');
$tpl->set('{code-3}', 'no_display');
$code1 = strip_data($_GET['code1']);
$code2 = strip_data($_GET['code2']);
if (strlen($code1) == 32) {
$code2 = '';
$check_code1 = $db->super_query("SELECT email FROM `" . PREFIX . "_restore` WHERE hash = '{$code1}' AND ip = '{$_IP}'");
if ($check_code1['email']) {
$check_code2 = $db->super_query("SELECT COUNT(*) AS cnt FROM `" . PREFIX . "_restore` WHERE hash != '{$code1}' AND email = '{$check_code1['email']}' AND ip = '{$_IP}'");
if ($check_code2['cnt']) {
$tpl->set('{code-1}', '');
} else {
$tpl->set('{code-1}', 'no_display');
$tpl->set('{code-3}', '');
//Меняем
$db->query("UPDATE `" . PREFIX . "_users` SET user_email = '{$check_code1['email']}' WHERE user_id = '{$user_id}'");
$row['user_email'] = $check_code1['email'];
}
$db->query("DELETE FROM `" . PREFIX . "_restore` WHERE hash = '{$code1}' AND ip = '{$_IP}'");
$rand_lost .= $salt[rand(0, 33)];
}
$newhash = md5($server_time . $row['email'] . rand(0, 100000) . $rand_lost);
$tpl->set('{hash}', $newhash);
$db->query("UPDATE `" . PREFIX . "_restore` SET hash = '{$newhash}' WHERE email = '{$row['email']}'");
$tpl->compile('content');
} else {
$speedbar = $lang['no_infooo'];
msgbox('', $lang['restore_badlink'], 'info');
}
break;
//################### Смена пароля ###################//
//################### Смена пароля ###################//
case "finish":
NoAjaxQuery();
$hash = $db->safesql(strip_data($_POST['hash']));
$row = $db->super_query("SELECT email FROM `" . PREFIX . "_restore` WHERE hash = '{$hash}' AND ip = '{$_IP}'");
if ($row) {
$_POST['new_pass'] = ajax_utf8($_POST['new_pass']);
$_POST['new_pass2'] = ajax_utf8($_POST['new_pass2']);
$new_pass = md5(md5($_POST['new_pass']));
$new_pass2 = md5(md5($_POST['new_pass2']));
if (strlen($new_pass) >= 6 and $new_pass == $new_pass2) {
$db->query("UPDATE `" . PREFIX . "_users` SET user_password = '******' WHERE user_email = '{$row['email']}'");
$db->query("DELETE FROM `" . PREFIX . "_restore` WHERE email = '{$row['email']}'");
}
}
die;
break;
default:
$tpl->load_template('restore/main.tpl');
$sql_find = "";
// Минимальное количество символов в слове поиска
$config['search_length_min'] = 4;
$tpl->load_template('search.tpl');
$config['search_number'] = intval($config['search_number']);
if ($config['search_number'] < 1) {
$config['search_number'] = 1;
}
$this_date = date("Y-m-d H:i:s", $_TIME);
if ($config['no_date'] and !$config['news_future']) {
$this_date = " AND " . PREFIX . "_post.date < '" . $this_date . "'";
} else {
$this_date = "";
}
if (isset($_REQUEST['story'])) {
$story = dle_substr(strip_data(rawurldecode($_REQUEST['story'])), 0, 90, $config['charset']);
} else {
$story = "";
}
if (isset($_REQUEST['search_start'])) {
$search_start = intval($_REQUEST['search_start']);
} else {
$search_start = 0;
}
if (isset($_REQUEST['titleonly'])) {
$titleonly = intval($_REQUEST['titleonly']);
} else {
$titleonly = 0;
}
if (isset($_REQUEST['searchuser'])) {
$searchuser = dle_substr($_REQUEST['searchuser'], 0, 40, $config['charset']);
file_put_contents($file_open, '');
fputs($file, $content);
fclose($file);
echo 'Файл шаблона был успешно сохранён!';
} else {
echo 'Файл шаблона не найден';
}
die;
break;
//################### Главная ###################//
//################### Главная ###################//
default:
echoheader(900);
//Если загружаем другой шаблон
if (isset($_POST['chahe_skin'])) {
$config['temp'] = strip_data($_POST['newtemp']);
}
echohtmlstart("Управление шаблонами");
//Чтение всех шаблон в папке "templates"
$root = ROOT_DIR . '/templates/';
$root_dir = scandir($root);
foreach ($root_dir as $templates) {
if ($templates != '.' && $templates != '..' && $templates != '.htaccess') {
$for_select .= str_replace('value="' . $config['temp'] . '"', 'value="' . $config['temp'] . '" selected', '<option value="' . $templates . '">' . $templates . '</option>');
}
}
echo "<form method=\"POST\" action=\"\"><div class=\"fllogall\" style=\"width:240px\">Выбранный шаблон для редактирования:</div>\r\n\t\t<select name=\"newtemp\" class=\"inpu fl_l\">{$for_select}</select>\r\n\t\t<div class=\"button_div fl_l\" style=\"margin-left:10px;margin-top:-10px;margin-bottom:5px\"><button name=\"chahe_skin\" class=\"inp\" >Выполнить</button></div>\r\n\t\t<div class=\"mgcler\"></div></form>";
htmlclear();
echohtmlstart("Редактирование разделов шаблона: <u>{$config['temp']}</u>");
$temp_dir = ROOT_DIR . '/templates/' . $config['temp'];
if (is_dir($temp_dir)) {
<?php
session_start();
require '../config.php';
require '../functions.php';
if (!$_SESSION['is_logged_in']) {
if (!redirect_signin()) {
die('Something went wrong on the add_friend page. error#10221');
}
}
$current_username = strip_data($_SESSION['username']);
$connect = mysql_connect($db_hostname, $db_username, $db_password);
if (!$connect) {
die('Connection to mysql failed, error : ' . mysql_error());
}
if (!mysql_select_db($db_db)) {
die('Cannot connect to db : $db_db, ' . mysql_error());
}
$find_friend_requests_sql = "SELECT requestor_name, receiver_name, are_friends \n FROM friend_combinations \n WHERE (requestor_name = '{$current_username}'\n AND are_friends = false)\n OR (receiver_name = '{$current_username}'\n AND are_friends = false)";
$find_friend_requests = mysql_query($find_friend_requests_sql);
$friends = array();
$count_of_friends = 0;
if (mysql_num_rows($find_friend_requests) >= 1) {
while ($friend_request = mysql_fetch_assoc($find_friend_requests)) {
if ($friend_request['receiver_name'] === $current_username) {
$friend = array('name' => $friend_request['requestor_name']);
array_push($friends, $friend);
$count_of_friends++;
}
}
mysql_close($connect);
} else {
$tpl->set('{my-ava}', '/images/no_ava_50.png');
}
$tpl->compile('content');
}
AjaxTpl();
die;
break;
//################### Обновление диалогов ###################//
//################### Обновление диалогов ###################//
case "upDialogs":
NoAjaxQuery();
$update = mozg_cache('user_' . $user_id . '/im_update');
if ($update) {
$sql_ = $db->super_query("SELECT SQL_CALC_FOUND_ROWS tb1.msg_num, im_user_id FROM `" . PREFIX . "_im` tb1, `" . PREFIX . "_users` tb2 WHERE tb1.iuser_id = '" . $user_id . "' AND tb1.im_user_id = tb2.user_id AND msg_num > 0 ORDER by `idate` DESC LIMIT 0, 50", 1);
foreach ($sql_ as $row) {
$res .= '$("#upNewMsg' . $row['im_user_id'] . '").html(\'<div class="im_new fl_l" id="msg_num' . $row['im_user_id'] . '">' . $row['msg_num'] . '</div>\').show();';
}
if ($user_info['user_pm_num']) {
$user_pm_num_2 = "+" . $user_info['user_pm_num'];
$doc_title = 'document.title = \'(' . $user_info['user_pm_num'] . ') Новые сообщения\';';
} else {
$doc_title = 'document.title = \'Диалоги\';';
mozg_create_cache('user_' . $user_id . '/im_update', '0');
}
echo '<script type="text/javascript">
' . $doc_title . '
$(\'#new_msg\').html(\'' . $user_pm_num_2 . '\');
' . $res . '
</script>';
}
mozg_clear_cache_file("groups/audio{$pid}");
}
exit;
break;
//################### Поиск ###################//
//################### Поиск ###################//
case "search":
NoAjaxQuery();
$sql_limit = 20;
if ($_POST['page'] > 0) {
$page_cnt = intval($_POST['page']) * $sql_limit;
} else {
$page_cnt = 0;
}
$pid = intval($_POST['pid']);
$query = $db->safesql(ajax_utf8(strip_data($_POST['query'])));
$query = strtr($query, array(' ' => '%'));
//Замеянем пробелы на проценты чтоб тоиск был точнее
$adres = strip_tags($_POST['adres']);
$row_count = $db->super_query("SELECT COUNT(*) AS cnt FROM `" . PREFIX . "_audio` WHERE MATCH (name, artist) AGAINST ('%{$query}%') OR artist LIKE '%{$query}%' OR name LIKE '%{$query}%'");
$sql_ = $db->super_query("SELECT SQL_CALC_FOUND_ROWS " . PREFIX . "_audio.aid, url, artist, name, auser_id, " . PREFIX . "_users.user_search_pref FROM " . PREFIX . "_audio LEFT JOIN " . PREFIX . "_users ON " . PREFIX . "_audio.auser_id = " . PREFIX . "_users.user_id WHERE MATCH (name, artist) AGAINST ('%{$query}%') OR artist LIKE '%{$query}%' OR name LIKE '%{$query}%' ORDER by `adate` DESC LIMIT {$page_cnt}, {$sql_limit}", 1);
$infoGroup = $db->super_query("SELECT admin FROM `" . PREFIX . "_communities` WHERE id = '{$pid}'");
if (stripos($infoGroup['admin'], "u{$user_id}|") !== false) {
$public_admin = true;
} else {
$public_admin = false;
}
$tpl->load_template('public_audio/search_result.tpl');
$jid = intval($page_cnt);
if ($sql_) {
if (!$page_cnt) {
}
if ($config['full_search']) {
if (isset($_REQUEST['sortby'])) {
$sortby = strip_data($_REQUEST['sortby']);
} else {
$sortby = "";
}
} else {
if (isset($_REQUEST['sortby'])) {
$sortby = strip_data($_REQUEST['sortby']);
} else {
$sortby = "date";
}
}
if (isset($_REQUEST['resorder'])) {
$resorder = strip_data($_REQUEST['resorder']);
} else {
$resorder = "desc";
}
if (isset($_REQUEST['showposts'])) {
$showposts = intval($_REQUEST['showposts']);
} else {
$showposts = 0;
}
if (isset($_REQUEST['result_from'])) {
$result_from = intval($_REQUEST['result_from']);
} else {
$result_from = 1;
}
// Показать страницу с результатом № ХХХ
$full_search = intval($_REQUEST['full_search']);
error_reporting(E_ERROR | E_PARSE);
require '../config.php';
require '../functions.php';
if (!$_SESSION['is_logged_in']) {
if (!redirect_signin()) {
die('Something went wrong on the messenger page.');
}
}
$connect = mysql_connect($db_hostname, $db_username, $db_password);
if (!$connect) {
die('Connection to mysql failed, error : ' . mysql_error());
}
if (!mysql_select_db($db_db)) {
die('Cannot connect to db : $db_db, ' . mysql_error());
}
$username = strip_data($_SESSION['username']);
$friend_data = json_decode(file_get_contents('php://input'), true);
$friend_username = $friend_data['friend'];
$all_messages_sql = "SELECT message, date_created, id, sender\n FROM messages\n WHERE (receiver = '{$friend_username}'\n AND sender = '{$username}')\n OR \t(receiver = '{$username}'\n AND sender = '{$friend_username}')";
$all_messages_data = mysql_query($all_messages_sql);
$all_messages = array();
while ($all_message_data = mysql_fetch_assoc($all_messages_data)) {
$message['sender'] = $username === $all_message_data['sender'] ? 'current_user' : 'friend';
$message['id'] = $all_message_data['id'];
$message['message'] = $all_message_data['message'];
$message['date_created'] = $all_message_data['date_created'];
array_push($all_messages, $message);
}
$latest_message_sql = "SELECT id FROM messages ORDER BY id DESC LIMIT 1";
$latest_message = mysql_query($latest_message_sql);
$latest_message_data = mysql_fetch_assoc($latest_message);
require "../functions.php";
$connect = mysql_connect($db_hostname, $db_username, $db_password);
if (!$connect) {
die('Connection to mysql failed, error : ' . mysql_error());
}
if (!mysql_select_db($db_db)) {
die('Cannot connect to db : $db_db, ' . mysql_error());
}
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password_first'];
$conf_pas = $_POST['password_second'];
$username = strip_data($username);
$email = strip_data($email);
$password = strip_data($password);
$conf_pas = strip_data($conf_pas);
if ($password != $conf_pas) {
die('Passwords are different');
}
if (empty($username) || empty($email) || empty($password)) {
if (!redirect_register()) {
die('something terrible has gone wrong in the registration due to empty arguments');
}
}
$check_if_exists_user_sql = "SELECT username \n FROM registered_users \n WHERE username = \"{$username}\"";
$registered_users = mysql_query($check_if_exists_user_sql);
if (!$registered_users) {
$error_mesage = 'Invalid query error: ' . mysql_error() . "\n";
$error_mesage .= 'Desired query: ' . $user_pass_sql;
die($error_mesage);
}
$img = '/uploads/apps/no.gif';
} else {
$img = '/uploads/apps/' . $sql['id'] . '/' . $sql['img'];
}
$text = $sex . ' приложение <a href="/apps?i=' . $sql['id'] . '" onclick="apps.view(\'' . $attach_type[1] . '\', this.href, \' \'); return false;">' . $sql['title'] . '</a>. Присоединяйся!';
$attach = 'apps|' . $sql['id'] . '|' . $sql['img'] . '||';
$db->query("INSERT INTO `" . PREFIX . "_wall` (author_user_id,add_date,text,attach,for_user_id) VALUES ('" . $user_id . "','" . $server_time . "','" . $text . "','" . $attach . "','" . $user_id . "')");
$db->query("UPDATE `" . PREFIX . "_users` SET user_wall_num = user_wall_num+1 WHERE user_id = '{$user_id}'");
//Чистим кеш
mozg_clear_cache_file('user_' . $user_id . '/profile_' . $user_id);
mozg_clear_cache();
break;
//############### Поиск по приложениям ##################
//############### Поиск по приложениям ##################
case "search":
$application = $db->safesql(ajax_utf8(strip_data(urldecode($_POST['query_application']))));
$application = strtr($application, array(' ' => '%'));
$sql = $db->super_query("SELECT * FROM `" . PREFIX . "_apps` WHERE title LIKE '%{$application}%'", 1);
foreach ($sql as $row_app) {
$num = $row_app['cols'];
//Если нету Изображение Приложения то ставим стандарт..
if ($row_app['img']) {
$application_img = $config['home_url'] . 'uploads/apps/' . $row_app['id'] . '/' . $row_app['img'];
} else {
$application_img = '/images/no_apps.gif';
}
$search_aps .= '
<div class="apps_application apps_application2 apps_last_new" id="{id}">
<a class="apps_mr" href="/apps?i=' . $row_app['id'] . '" onClick="apps.view(\'' . $row_app['id'] . '\', this.href, \'/apps\'); return false">
$db->query("INSERT INTO `" . PREFIX . "_photos_mark` SET muser_id = '" . $muser_id . "', mphoto_id = '" . $photo_id . "', mdate = '" . $server_time . "', msettings_pos = '" . $msettings_pos . "', mapprove = '" . $approve . "', mmark_user_id = '" . $user_id . "'");
if ($user_id != $muser_id) {
$db->query("UPDATE `" . PREFIX . "_users` SET user_new_mark_photos = user_new_mark_photos+1 WHERE user_id = '" . $muser_id . "'");
}
} else {
$db->query("INSERT INTO `" . PREFIX . "_photos_mark` SET muser_id = '" . rand(0, 100000) . "', mphoto_id = '" . $photo_id . "', mdate = '" . $server_time . "', msettings_pos = '" . $msettings_pos . "', mphoto_name = '" . $mphoto_name . "', mmark_user_id = '" . $user_id . "', mapprove = 1");
}
}
mozg_clear_cache_file('photos_mark/p' . $photo_id);
break;
//################### Удаление отметки ###################//
//################### Удаление отметки ###################//
case "mark_del":
$photo_id = intval($_POST['photo_id']);
$muser_id = intval($_POST['user_id']);
$mphoto_name = ajax_utf8(strip_data(textFilter($_POST['user_name'], false, true)));
$row = $db->super_query("SELECT user_id FROM `" . PREFIX . "_photos` WHERE id = '" . $photo_id . "'");
if ($mphoto_name and $muser_id == 0) {
$row_mark = $db->super_query("SELECT mmark_user_id FROM `" . PREFIX . "_photos_mark` WHERE mphoto_id = '" . $photo_id . "' AND mphoto_name = '" . $mphoto_name . "'");
} else {
$row_mark = $db->super_query("SELECT mmark_user_id, mapprove FROM `" . PREFIX . "_photos_mark` WHERE mphoto_id = '" . $photo_id . "' AND muser_id = '" . $muser_id . "'");
}
if ($row['user_id'] == $user_id or $user_id == $muser_id or $user_id == $row_mark['mmark_user_id']) {
if ($mphoto_name and $muser_id == 0) {
$db->query("DELETE FROM `" . PREFIX . "_photos_mark` WHERE mphoto_id = '" . $photo_id . "' AND mphoto_name = '" . $mphoto_name . "'");
} else {
$db->query("DELETE FROM `" . PREFIX . "_photos_mark` WHERE mphoto_id = '" . $photo_id . "' AND muser_id = '" . $muser_id . "' AND mphoto_name = ''");
if (!$row_mark['mapprove']) {
$db->query("UPDATE `" . PREFIX . "_users` SET user_new_mark_photos = user_new_mark_photos-1 WHERE user_id = '" . $muser_id . "'");
}
}
<?php
error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING);
//убираем варнинги, пускай кулхацкеры поебут позги
$name = strip_data($_GET['command_name']);
//эта шняга делает хотя бы минимальную фильтрацию говна, которое вводит юзер. Функция внизу, суперсложную систему защиты на уровне скрипта делать влом, разрулю средствами СУБД
$info = strip_data($_GET['command_info']);
$email = strip_data($_GET['command_email']);
if (!$name) {
echo 'Не введено имя';
} elseif (!$info) {
echo 'Нет описания';
} elseif (!$email) {
echo 'Не указан почтовый адрес';
} else {
$db_connect = mysql_connect('localhost', '', '');
mysql_select_db('', $db_connect);
mysql_query("SET CHARACTER SET `utf8`") or die(mysql_error());
mysql_query("SET NAMES `utf8`") or die(mysql_error());
mysql_query("SET character_set_client=`utf8`");
mysql_query("SET character_set_results=`utf8`");
mysql_query("SET collation_connection=`utf8`");
mysql_query("COLLATE `utf8`", $db_connect);
$query = "SELECT `name` FROM `participants` WHERE name={$name} LIMIT 1";
$sql = mysql_query($query);
if (mysql_num_rows($sql) > 0) {
echo '</br>Увы, это имя занято!</br>';
} else {
$query = "INSERT INTO `participants`\r\n\t\t\t\t (`name`,`info`,`mail`) \r\n\t\t\t\t VALUES\r\n\t\t\t\t (\r\n\t\t\t\t '{$name}', \r\n\t\t\t\t '{$info}',\r\n\t\t\t\t '{$email}'\r\n\t\t\t\t )";
mysql_query($query) or die(mysql_error());
//mail("*****@*****.**", {$name}, "Line 1\nLine 2\nLine 3");
