<?php$user_id = intval($_GET["user_id"]);$message = clean($_GET['message']);

1. <?php
2.  
3. $user_id = intval($_GET["user_id"]);
4. $message = clean($_GET['message']);
5. $sticker_id = clean($_GET['sticker_id']);
6. $access_token = clean($_GET['access_token']);
7.  
8. //запросы для проверки токена
9. $row_token = mysqli_fetch_assoc(mysqli_query($dbConnect, "SELECT user_id, access_token FROM `api_token` WHERE access_token = '$access_token' "));
10.  
11. $row_user = mysqli_fetch_array(mysqli_query($dbConnect, "SELECT id, ban FROM `users` WHERE id = '$user_id' LIMIT 1 "));
12.  
13. $row_chat = mysqli_fetch_array(mysqli_query($dbConnect, "SELECT id, prof, friend FROM `chat` WHERE ( prof = '$row_token[user_id]' AND friend = '$user_id' ) OR ( prof = '$user_id' AND friend = '$row_token[user_id]' ) LIMIT 1 "));
14.  
15. if(!$row_chat) {
16. mysqli_query($dbConnect, "INSERT INTO chat (prof, friend) VALUES ('$row_token[user_id]', '$user_id')" );
17. }
18.  
19. $chat_id = $row_chat['id'];
20.  
21. $date = time();
22.  
23. $sticker = explode(',', $sticker_id, 2);
24. $sticker_pack = intval($sticker[0]);
25. $sticker_index = intval($sticker[1]);
26.  
27. if($access_token) {
28.  
29. if($access_token == $row_token['access_token']) {
30.  
31. if($user_id) {
32.  
33. if($user_id == $row_user['id']) {
34.  
35. if($row_user['ban'] == 0) {
36.  
37. if ($message OR $sticker_id) {
38.  
39. if ($message) {
40.  
41. mysqli_query($dbConnect, "INSERT INTO `dialogues` SET chat_id = '$chat_id', prof = '$row_token[user_id]', friend = '$user_id', text = '$message', img = '0', img_small = '', img_medium = '', img_big = '', sticker = '0', sticker_pack = '0', sticker_index = '0', gif = '', audios = '', videos = '', sendtime = '$date', viewtime = '0', prof_hide = '0', friend_hide = '0' ");
42.  
43. } else if ($sticker_id) {
44.  
45. mysqli_query($dbConnect, "INSERT INTO `dialogues` SET chat_id = '$chat_id', prof = '$row_token[user_id]', friend = '$user_id', text = '', img = '0', img_small = '', img_medium = '', img_big = '', sticker = '1', sticker_pack = '$sticker_pack', sticker_index = '$sticker_index', gif = '', audios = '', videos = '', sendtime = '$date', viewtime = '0', prof_hide = '0', friend_hide = '0' ");
46.  
47. }
48.  
49. $row_dialogues = mysqli_fetch_array(mysqli_query($dbConnect, "SELECT id FROM `dialogues` WHERE chat_id = '$chat_id' AND sendtime = '$date' "));
50. mysqli_query($dbConnect, "UPDATE `chat` SET `count` = `count` + 1, date = '$date' WHERE prof = '$row_token[user_id]' AND friend = '$user_id' ");
51.  
52. $response = array( 'response' => $row_dialogues['id'] );
53. echo json_encode_cyr($response);
54.  
55. } else {
56. error(4, 'not found message');
57. }
58.  
59. } else {
60. error(0, 'user was deleted or banned');
61. }
62.  
63. } else {
64. error(2, 'invalid user - '.$user_id);
65. }
66.  
67. } else {
68. error(1, 'not found user_id');
69. }
70.  
71. } else {
72. error(3, 'invalid peer_id');
73. }
74.  
75. } else {
76. error(4, 'not found peer_id');
77. }
78.  
79. ?>