diff --git a/mail/convo.php b/mail/convo.php
new file mode 100644
index 0000000..9b9ecfe
--- /dev/null
+++ b/mail/convo.php
@@ -0,0 +1,134 @@
+<?php
+$this_page = "mail";
+$this_sub_page = "mail_convo";
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  header("location: /mail");
+  exit();
+}
+#   #   #   #   #   #   #
+#    WEBSITE LOCATION   #
+#   #   #   #   #   #   #
+if($u_siteloc != '/mail') {
+  $loc_desc = "conversatin\' in mail";
+  mysqli_query($conx, "UPDATE accounts SET site_locdesc='$loc_desc' WHERE uid='$u_uid'");
+  mysqli_query($conx, "UPDATE accounts SET site_locurl='/mail' WHERE uid='$u_uid'");
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Mail - Misdew</title>
+  <meta charset="utf-8">
+  <meta name="description" content="We are a fairly cool social network.">
+  <meta name="keywords" content="Misdew, MD, Social, Network, Communication, 3DS, DSi, Nintendo">
+  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+  <meta name="google" value="notranslate">
+  <meta name="theme-color" content="<?php echo $meta_theme_color; ?>">
+  <?php
+  if($css_type == "sheet") {
+    echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$g_sheet\">";
+  }
+  if($css_type == "raw") {
+    echo "<style type=\"text/css\">$g_raw</style>";
+  }
+  ?>
+  <link rel="icon" type="image/png" href="/img/favicon.png">
+  <link rel="apple-touch-icon" href="/img/logo.png">
+  <style type="text/css">
+  body {
+    background-color: <?php echo $bgcolor; ?>;
+  }
+  #header_tds {
+    color: <?php echo $tdcolor; ?> !important;
+  }
+  </style>
+  <!-- Global site tag (gtag.js) - Google Analytics -->
+<script async src="https://www.googletagmanager.com/gtag/js?id=UA-81238250-2"></script>
+<script>
+  window.dataLayer = window.dataLayer || [];
+  function gtag(){dataLayer.push(arguments);}
+  gtag('js', new Date());
+
+  gtag('config', 'UA-81238250-2');
+</script>
+
+</head>
+<body onload="goOnline()">
+  <center>
+    <?php
+    $back_button = true;
+    $linebreak = false;
+    $alerts = false;
+    require_once("../inc/header.php");
+    ?>
+    <div id="action_bar" class="mail_actbar">
+      <table style="width: 100%; text-align: center;">
+        <tr>
+          <td id="messagesTab" onclick="toMessages()" class="action_bar_tab" style="border-bottom: 1px solid #fff;">
+            Messages
+          </td>
+          <td id="membersTab" onclick="toMembers()" class="action_bar_tab">
+            Members
+          </td>
+          <td id="settingsTab" onclick="toSettings()" class="action_bar_tab">
+            Settings
+          </td>
+        </tr>
+      </table>
+    </div> <br>
+    <?php //require_once("../inc/load_alerts.php"); ?>
+    <div id="action_bar_page">
+      <?php require_once("convo_messages.php"); ?>
+    </div>
+    <?php
+    require_once("../inc/footer.php");
+    ?>
+  </center>
+  <script>
+  function goOnline() {
+    $.get("online_upd.php?i=<?php echo $cv_uqid; ?>", function(d) {
+      $("#onlupd").html(d);
+    });
+  };
+  function toMessages() {
+    goOnline();
+    document.getElementById('messagesTab').innerHTML = "Messages..";
+    $.get("convo_messages.php?i=<?php echo $cv_uqid; ?>", function(d) {
+      document.getElementById('messagesTab').innerHTML = "Messages";
+      document.getElementById("messagesTab").style.borderBottom = '1px solid #fff';
+      document.getElementById("membersTab").style.borderBottom = 'none';
+      document.getElementById("settingsTab").style.borderBottom = 'none';
+      $("#action_bar_page").html(d);
+    });
+  }
+  function toMembers() {
+    goOnline();
+    document.getElementById('membersTab').innerHTML = "Members..";
+    $.get("convo_members.php?i=<?php echo $cv_uqid; ?>", function(d) {
+      document.getElementById('membersTab').innerHTML = "Members";
+      document.getElementById("messagesTab").style.borderBottom = 'none';
+      document.getElementById("membersTab").style.borderBottom = '1px solid #fff';
+      document.getElementById("settingsTab").style.borderBottom = 'none';
+      $("#action_bar_page").html(d);
+    });
+  }
+  function toSettings() {
+    goOnline();
+    document.getElementById('settingsTab').innerHTML = "Settings..";
+    $.get("convo_settings.php?i=<?php echo $cv_uqid; ?>", function(d) {
+      document.getElementById('settingsTab').innerHTML = "Settings";
+      document.getElementById("messagesTab").style.borderBottom = 'none';
+      document.getElementById("membersTab").style.borderBottom = 'none';
+      document.getElementById("settingsTab").style.borderBottom = '1px solid #fff';
+      $("#action_bar_page").html(d);
+    });
+  }
+  </script>
+</body>
+</html>
diff --git a/mail/convo_create.php b/mail/convo_create.php
new file mode 100644
index 0000000..6cf98b0
--- /dev/null
+++ b/mail/convo_create.php
@@ -0,0 +1,59 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+$c_uid = safe($_GET['u']);
+if($c_uid == $u_uid) {
+  exit();
+}
+$cu_slc = mysqli_query($conx, "SELECT username,who_can_mail FROM accounts WHERE uid='$c_uid'");
+if(mysqli_num_rows($cu_slc) == '0') {
+  exit();
+}
+$cu_rw = mysqli_fetch_assoc($cu_slc);
+$cu_who_cmail = $cu_rw['who_can_mail'];
+if($cu_who_cmail == 'nobody') {
+  die("nobody");
+}
+if($cu_who_cmail == 'friends') {
+  $f_q = mysqli_query($conx, "SELECT uid_rec FROM friends WHERE uid_req='$u_uid' AND uid_rec='$c_uid' AND accepted='yes' ORDER BY id DESC");
+  $fr_ct = mysqli_num_rows($f_q);
+  if($fr_ct == '0') {
+    exit();
+  }
+}
+if($u_mail_rand == 'on') {
+  # CHOOSE A RANDOM IMAGE
+  $cv_pic = rand(1,30);
+  $cv_pic = "/img/random/$cv_pic.jpg";
+  # CHOOSE A RANDOM NAME
+  $names = Array("Misdew Gang","Misdew Crew","Untitled","Dew Crew","Best Friends","BFFs","Misdew","Misdewians","Dewds","Homies","Nerds","Friends","Losers","Hangout","Cool Kids","Rename","Name Me","Default","Turnt","Lit","MD","MDv5","New Convo");
+  $cv_name = array_rand($names, 1);
+  $cv_name = $names[$cv_name];
+  # CHOOSE A RANDOM MESSAGE
+  $messages = Array("Sup B\)","Hey.","Hey!","How are you?","Welcome!","Misdew is lit!","Conversation created.","Created.","Done.",":\)","Woo-hoo!","Yay!","This convo is awesome.","Sweet!","Rad.","B\) Yo.","Hi! :\)","Start chatting!");
+  $cv_message = array_rand($messages, 1);
+  $cv_message = $messages[$cv_message];
+  # CHOOSE A RANDOM COLOR
+  $colors = Array("blue","pink","red","orange","green","violet","indigo","#309dfc","#a64ca6","1985db","lime","hotpink","#5BEAD0","#5bea89","#5151CC","#8F51CC","#E0115F","#7b7d41","#87435a","#ff5c00","#aeb2c3","#15284F","#5b265b");
+  $cv_color = array_rand($colors, 1);
+  $cv_color = $colors[$cv_color];
+}
+else {
+  $cv_pic = "/img/logo.png";
+  $cv_name = "Untitled";
+  $cv_message = "Created.";
+  $cv_color = "blue";
+}
+# GENERATE A RANDOM STRING
+function genRand($length = 15) {
+  return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
+}
+$rstr = genRand();
+mysqli_query($conx, "INSERT INTO mail_convo (uqid, uid_owner, name, picture, main_color, can_add) VALUES ('$rstr','$u_uid','$cv_name','$cv_pic','$cv_color','no')");
+mysqli_query($conx, "INSERT INTO mail_memb (uqid, uid, last_active, rank, latest_read) VALUES ('$rstr','$u_uid','$tstamp','admin','yes')");
+mysqli_query($conx, "INSERT INTO mail_memb (uqid, uid, last_active, latest_read, sent) VALUES ('$rstr','$c_uid','$tstamp','yes','no')");
+mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp) VALUES ('$rstr','6','$cv_message','$tstamp')");
+?>
diff --git a/mail/convo_members.php b/mail/convo_members.php
new file mode 100644
index 0000000..273fddb
--- /dev/null
+++ b/mail/convo_members.php
@@ -0,0 +1,159 @@
+<?php
+$this_page = "mail";
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows($cvo_slc = mysqli_query($conx, "SELECT id,rank FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  echo "<div class=\"mail_cont\"><br><span class=\"no_mail\">You do not belong to this conversation.</span><br><br></div>";
+  exit();
+}
+$cvo_rw = mysqli_fetch_array($cvo_slc);
+$cvo_rank = $cvo_rw['rank'];
+$cva_s = mysqli_query($conx, "SELECT can_add FROM mail_convo WHERE uqid='$cv_uqid'");
+$cva_r = mysqli_fetch_array($cva_s);
+$cvo_cadd = $cva_r['can_add'];
+
+if($cvo_cadd == 'yes') {
+  echo "<div class=\"mail_addm\">
+    <input id=\"search_query\" class=\"mail_addm_input\" placeholder=\"Add Member\" onkeypress=\"search()\" onkeyup=\"search()\">
+  </div>
+  <div id=\"addm_results\" class=\"mail_addm\" style=\"display: none;\">
+    <div id=\"search_results\"></div>
+  </div> <br>";
+}
+?>
+<?php
+$mmb_q = mysqli_query($conx, "SELECT id,uid,chat_time FROM mail_memb WHERE uqid='$cv_uqid' ORDER BY chat_time DESC");
+while($mmb_r = mysqli_fetch_assoc($mmb_q)) {
+  $mmb_id = $mmb_r['id'];
+  $mmb_uid = $mmb_r['uid'];
+  $chat_time = $mmb_r['chat_time'];
+  $musr_q = mysqli_query($conx, "SELECT username,picture,md_verf FROM accounts WHERE uid='$mmb_uid'");
+  while($musr_r = mysqli_fetch_assoc($musr_q)) {
+    $mmb_username = $musr_r['username'];
+    $mmb_picture = $musr_r['picture'];
+    $mmb_verf = $musr_r['md_verf'];
+    if($mmb_verf == 'yes') {
+      $verif_check = "<i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+    //
+    //  DATA SAVER
+    if($u_datasaver == 'on' && $mmb_uid != $u_uid) {
+      $mmb_picture = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQAAAAA3bvkkAAAACklEQVR4AWNoAAAAggCBTBfX3wAAAABJRU5ErkJggg==";
+    }
+    // DATA SAVER
+    //
+  }
+  $usri_q = mysqli_query($conx, "SELECT username_color,text_color FROM user_theme_colors WHERE uid='$mmb_uid' && theme_id='$g_themeid'");
+  while($usri_r = mysqli_fetch_assoc($usri_q)) {
+    $username_color = $usri_r['username_color'];
+    $chat_tcolor = $usri_r['text_color'];
+  }
+  $HUAHHH = time() - $chat_time;
+  $mens = round($HUAHHH / 60);
+  if($mens <= 1) {
+    $cv_activeness = "#00FF00";
+  }
+  elseif($mens <= 2) {
+    $cv_activeness = "#FFA500";
+  }
+  elseif($mens < 5) {
+    $cv_activeness = "#FF0000";
+  }
+  else {
+    $cv_activeness = "#FF0000";
+  }
+  echo "<div class=\"mail_cont\">
+      <table style=\"text-align: center; width: 100%;\">
+        <tr>
+          <td style=\"width: 20%;\" onclick=\"window.location='/canvas/$mmb_username';\">
+            <div class=\"mphoto_contain_size\">
+            <div class=\"mphoto_activity_dot\" style=\"background-color: $cv_activeness;\"></div> <img src=\"$mmb_picture\" class=\"list_picture\">
+            </div>
+            </div>
+          </td>
+          <td style=\"width: 50%; text-align: left;\">
+            <span style=\"color: $username_color; font-weight: bold;\" onclick=\"window.location='/canvas/$mmb_username';\">$mmb_username $verif_check</span>
+          </td>
+          <td style=\"width: 20%;\">";
+          if($cvo_rank == 'admin') {
+            echo "<i id=\"mdel_$mmb_id\" class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>";
+          }
+          elseif($mmb_username == $u_username) {
+            echo "<i id=\"mdel_$mmb_id\" class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>";
+          }
+          else {
+            echo "<i class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: transparent;\"></i>";
+          }
+          echo "</td>
+          </tr>
+      </table>
+    </div>";
+
+  /*
+  echo "<div class=\"mail_cont\">
+    <table style=\"text-align: center; width: 100%;\">
+      <tr>
+        <td style=\"width: 20%;\" onclick=\"window.location='/canvas/$mmb_username';\">
+          <img class=\"mail_friend_picture\" src=\"$mmb_picture\" alt=\"\">
+        </td>
+        <td style=\"width: 50%; text-align: left;\" onclick=\"window.location='/canvas/$mmb_username';\">
+          <span style=\"color: $username_color; font-weight: bold;\">$mmb_username</span>
+        </td>
+        <td style=\"width: 20%;\">
+        <i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"$cv_activeness\"></i> &nbsp;&nbsp;";
+          if($cvo_rank == 'admin') {
+            echo "<i id=\"mdel_$mmb_id\" class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>";
+          }
+          elseif($mmb_username == $u_username) {
+            echo "<i id=\"mdel_$mmb_id\" class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>";
+          }
+          else {
+            echo "<i class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: transparent;\"></i>";
+          }
+        echo "</td>
+      </tr>
+    </table>
+  </div>";*/
+}
+?>
+<script>
+var Del = document.querySelectorAll("i[id^=mdel_]");
+[].forEach.call(Del, function(dt){
+  dt.onclick = function(e){
+    if (confirm("Exit this member?")) {
+      var dto = new XMLHttpRequest();
+      dto.open("GET", "exit.php?i=" + dt.id.match(/([0-9]*)$/)[0], true);
+      dto.onreadystatechange = function(){
+        if (dto.readyState == 4)
+          if(dto.status == 200) {
+            toMembers();
+          }
+          else {
+            alert("error");
+          }
+      };
+      dto.send();
+      return false;
+    }
+  };
+});
+function search() {
+  var searchQ = document.getElementById("search_query");
+  var q = searchQ.value;
+  var sb = document.getElementById("addm_results");
+  var q = q.replace(/[^a-z0-9]/gi,'');
+  if(q == '') {
+    sb.style.display = 'none';
+  }
+  else {
+    sb.style.display = '';
+  }
+  document.getElementById("search_results").innerHTML = '<span class=\"no_results\">searching..</span>';
+  $.get("members_search_results.php?i=<?php echo $cv_uqid; ?>&&q=" + q, function(d) {
+    $("#search_results").html(d);
+  });
+}
+</script>
diff --git a/mail/convo_messages.php b/mail/convo_messages.php
new file mode 100644
index 0000000..18eae26
--- /dev/null
+++ b/mail/convo_messages.php
@@ -0,0 +1,105 @@
+<?php
+$this_page = "mail";
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  echo "<div class=\"mail_cont\"><br><span class=\"no_mail\">You do not belong to this conversation.</span><br><br></div>";
+  exit();
+}
+?>
+<div class="maild_send">
+  <form id="chats_form" autocomplete="off">
+    <span class="noselect"><i onclick="more('show');goOnline();" class="fa fa-plus" aria-hidden="true" id="chat_more"></i></span>
+    <input name="msg" id="result" class="mail_input" type="text" placeholder="type something...">
+    <span id="loader"><i onclick="selectFile();" id="fPath" class="fa fa-paperclip fa-lg" aria-hidden="true"></i></span>
+    <input class="mail_btn" type="submit" value="send">
+  </form>
+</div>
+<div id="show" class="mail_dismore" style="display: none;">
+  <form id="imgUpl" action="img_upload.php" enctype="multipart/form-data" method="post">
+    <input id="fBrowse" name="img" type="file" style="display: none;">
+    <div id="online">
+      <?php require_once("online.php"); ?>
+    </div>
+  </form>
+</div>
+<div id="chat">
+  <?php require_once("convo_msgs.php"); ?>
+</div>
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
+<script>
+window.onfocus = function() {
+  $.get("online_upd.php?i=<?php echo $cv_uqid; ?>", function(d) {
+    $("#onlupd").html(d);
+  });
+};
+function more(id) {
+  var e = document.getElementById(id);
+  if(e.style.display == '') {
+    e.style.display = 'none';
+    document.getElementById('chat_more').className = "fa fa-plus";
+  }
+  else {
+    e.style.display = '';
+    document.getElementById('chat_more').className = "fa fa-times";
+  }
+}
+function sendBox(num) {
+  var txt=document.getElementById("result").value;
+  txt=txt + num;
+  document.getElementById("result").value=txt;
+  document.getElementById("result").focus();
+}
+function selectFile() {
+  document.getElementById('fBrowse').click();
+  document.getElementById('fPath').value = document.getElementById('fBrowse').value;
+}
+function upChat() {
+  $.get("convo_msgs.php?i=<?php echo $cv_uqid; ?>", function(d) {
+    $("#chat").html(d);
+  });
+}
+setInterval('upChat()', 1000);
+function upOnline() {
+  $.get("online.php?i=<?php echo $cv_uqid; ?>", function(d) {
+    $("#online").html(d);
+  });
+}
+setInterval('upOnline()', 1000);
+$("#chats_form").submit(function(e){
+  e.preventDefault();
+  if($("input[name=msg]").val().trim() == "")
+  return;
+  $.post("send.php?i=<?php echo $cv_uqid; ?>", {body: $("input[name=msg]").val(), submit: "send"}, function(data) {
+    if(data != '') {
+      upChat();
+    }
+    else {
+      upChat();
+    }
+  });
+  $("input[name=msg]").val("");
+});
+var form = document.forms.namedItem("imgUpl");
+form.addEventListener('change', function(ev) {
+  var oOutput = document.querySelector("div"),
+  oData = new FormData(form);
+  var oReq = new XMLHttpRequest();
+  if(confirm('Upload this image?')) {
+  document.getElementById('loader').innerHTML = "<img src='https://i.imgur.com/pvQ0NaJ.gif' height='12' width='12' alt='' style='border:0;'>";
+  oReq.open("POST", "img_upload.php?i=<?php echo $cv_uqid; ?>", true);
+}
+else {
+  form.reset();
+}
+  oReq.onload = function(oEvent) {
+    if (oReq.status == 200) {
+      upChat();
+      document.getElementById('loader').innerHTML = "<i onclick='selectFile();' id='fPath' class='fa fa-paperclip fa-lg' aria-hidden='true'></i>";
+      form.reset();
+    }
+  };
+  oReq.send(oData);
+  ev.preventDefault();
+}, false);
+</script>
diff --git a/mail/convo_msgs.php b/mail/convo_msgs.php
new file mode 100644
index 0000000..10285aa
--- /dev/null
+++ b/mail/convo_msgs.php
@@ -0,0 +1,115 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  die("<center><span class=\"no_mail\"><br>You do not belong to this conversation.<br><br></span></center>");
+  exit();
+}
+mysqli_query($conx, "UPDATE mail_memb SET latest_read='yes' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+mysqli_query($conx, "UPDATE mail_memb SET sent='no' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+$chat_q = mysqli_query($conx, "SELECT id,uid_from,message,timestamp,display_name,mtype,imgurl FROM mail WHERE uqid='$cv_uqid' ORDER BY id DESC LIMIT 75");
+while($chat_r = mysqli_fetch_assoc($chat_q)) {
+  $chat_id = $chat_r['id'];
+  $chat_uid = $chat_r['uid_from'];
+  $string = $chat_r['message'];
+  $chat_tstamp = $chat_r['timestamp'];
+  $msg_type = $chat_r['msgtype'];
+  $displayname = $chat_r['display_name'];
+  $mtype = $chat_r['mtype'];
+  $c_imgurl = $chat_r['imgurl'];
+  include("../inc/replace.php");
+  $usr_q = mysqli_query($conx, "SELECT username,md_verf FROM accounts WHERE uid='$chat_uid'");
+  while($usr_r = mysqli_fetch_assoc($usr_q)) {
+    $chat_username = $usr_r['username'];
+    $chat_verif = $usr_r['md_verf'];
+    if($chat_verif == 'yes') {
+      $verif_check = " <i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+    $usri_q = mysqli_query($conx, "SELECT username_color,text_color FROM user_theme_colors WHERE uid='$chat_uid' && theme_id='$g_themeid'");
+    while($usri_r = mysqli_fetch_assoc($usri_q)) {
+      $username_color = $usri_r['username_color'];
+      $chat_tcolor = $usri_r['text_color'];
+    }
+  }
+  if($chat_username == $u_username) {
+    if($displayname == 'no') {
+      $chat_username = "";
+      $verif_check = "";
+    }
+    echo "<div style=\"display:block\"><table style=\"float: right; width: 100%; text-align: right;\"><tr><td style=\"color: $username_color; font-family: 'Dosis', sans-serif; font-weight: bold;\">$chat_username$verif_check</td></tr></table>";
+    // if message is an image
+    if($mtype == 'img') {
+      //
+      // Data Saver
+      if($u_datasaver == 'on') {
+        echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; border-radius: 20px; font-family: 'Dosis', sans-serif; display: inline-block; float: right; max-width: 60%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\">[view image]</div>";
+      }
+      else {
+        echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; border-radius: 20px; font-family: 'Dosis', sans-serif; display: inline-block; float: right; max-width: 60%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\"><img src=\"$c_imgurl\" alt=\"\" width=\"100%\" style=\"display: block; height: auto;\"></div>";
+      }
+      // Data Saver
+      //
+    }
+    // if message is normal
+    else {
+      echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; background-color: $username_color; padding: 10px; padding-left: 25px; padding-right: 25px; border-radius: 20px; color: $chat_tcolor; font-family: 'Dosis', sans-serif; display: inline-block; float: right; max-width: 90%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\">" . $string . "</div>";
+    }
+    echo "<table id=\"$chat_id\" style=\"display: none; float: right; width: 100%; text-align: right;\"><tr>";
+    if($mtype == 'img') {
+      echo "<td class=\"tago\"><a href=\"$c_imgurl\" class=\"link_view\" target=\"_blank\">view image</a> <br>";
+      echo "sent "; echo timeago($chat_tstamp); echo " ago</td></tr></table></div>";
+    }
+    else {
+      echo "<td class=\"tago\">sent "; echo timeago($chat_tstamp); echo " ago</td></tr></table></div>";
+    }
+  }
+  else {
+    if($displayname == 'no') {
+      $chat_username = "";
+      $verif_check = "";
+    }
+    echo "<div style=\"display:block\"><table style=\"float: left; width: 100%; text-align: left;\"><tr><td style=\"color: $username_color; font-family: 'Dosis', sans-serif; font-weight: bold;\">$chat_username$verif_check</td></tr></table>";
+    // if message is an image
+    if($mtype == 'img') {
+      //
+      // Data Saver
+      if($u_datasaver == 'on') {
+        echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; border-radius: 20px; font-family: 'Dosis', sans-serif; display: inline-block; float: left; max-width: 60%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\">[view image]</div>";
+      }
+      else {
+        echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; border-radius: 20px; font-family: 'Dosis', sans-serif; display: inline-block; float: left; max-width: 60%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\"><img src=\"$c_imgurl\" alt=\"\" width=\"100%\" style=\"display: block; height: auto;\"></div>";
+      }
+      // Data Saver
+      //
+    }
+    // if message is normal
+    else {
+      echo "<div onclick=\"expand('$chat_id')\" style=\"word-wrap: break-word; background-color: $username_color; padding: 10px; padding-left: 25px; padding-right: 25px; border-radius: 20px; color: $chat_tcolor; font-family: 'Dosis', sans-serif; display: inline-block; float: left; max-width: 90%; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;\">" . $string . "</div>";
+    }
+    echo "<table id=\"$chat_id\" style=\"display: none; float: right; width: 100%; text-align: left;\"><tr>";
+    if($mtype == 'img') {
+      echo "<td class=\"tago\"><a href=\"$c_imgurl\" class=\"link_view\" target=\"_blank\">view image</a> <br>";
+      echo "sent "; echo timeago($chat_tstamp); echo " ago</td></tr></table></div>";
+    }
+    else {
+      echo "<td class=\"tago\">sent "; echo timeago($chat_tstamp); echo " ago</td></tr></table></div>";
+    }
+  }
+}
+?>
+<script>
+function expand(id) {
+  var e = document.getElementById(id);
+  if(e.style.display == '')
+  e.style.display = 'none';
+  else
+  e.style.display = '';
+}
+</script>
diff --git a/mail/convo_settings.php b/mail/convo_settings.php
new file mode 100644
index 0000000..e206705
--- /dev/null
+++ b/mail/convo_settings.php
@@ -0,0 +1,137 @@
+<?php
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows($cvo_slc = mysqli_query($conx, "SELECT id,rank FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  echo "<div class=\"mail_cont\"><br><span class=\"no_mail\">You do not belong to this conversation.</span><br><br></div>";
+  exit();
+}
+$cvo_rw = mysqli_fetch_array($cvo_slc);
+$cvo_rank = $cvo_rw['rank'];
+$cv_sel = mysqli_query($conx, "SELECT name,picture,main_color,main_color,can_add FROM mail_convo WHERE uqid='$cv_uqid'");
+$cv_row = mysqli_fetch_assoc($cv_sel);
+$string = $cv_row['name'];
+$cv_name = $cv_row['name'];
+$cv_pic = $cv_row['picture'];
+$cv_color = $cv_row['main_color'];
+$can_add = $cv_row['can_add'];
+include("../inc/replace.php");
+if($can_add == 'yes') {
+  $yes_add = " selected";
+}
+else {
+  $no_add = " selected";
+}
+echo "<div id=\"changes_update\" class=\"convo_settings\">no changes detected</div>";
+echo "<div class=\"mail_cont\"><span id=\"convo_nameu\" style=\"font-weight: bold; color: $cv_color;\">$string</span> <br> <img id=\"convo_imgu\" src=\"$cv_pic\" alt=\"\" class=\"mail_picture\" style=\"display: block; height: 80px; width: 80px; border: 2px solid transparent;\"></div>";
+if($cvo_rank == 'admin') {
+  echo "<div class=\"mail_cont\" style=\"text-align: left;\">
+  <table style=\"width: 100%; text-align: left;\"><tr><td id=\"sub_settings_admin\" style=\"color: $cv_color; font-weight: bold; font-size: 14px;\">Admin</td></tr></table>
+  <table><tr>
+  <td>
+  <select id=\"memberAdd\" onchange=\"memberAdd();\">
+  <option value=\"yes\"$yes_add>\"Add member\" on</option>
+  <option value=\"no\"$no_add>\"Add member\" off</option>
+  </select>
+  </td>
+  </tr></table>
+  </div>";
+}
+echo "<div class=\"mail_cont\" style=\"text-align: left;\">
+<table style=\"width: 100%; text-align: left;\"><tr><td id=\"sub_settings_pref\" style=\"color: $cv_color; font-weight: bold; font-size: 14px;\">Preferences</td></tr></table>
+<span class=\"convo_settings\">Name</span> <br>
+<input onkeyup=\"saveName()\" onkeypress=\"saveName()\" id=\"cv_name\" type=\"text\" value=\"$cv_name\" placeholder=\"Convo Name\" class=\"mail_convo_settings\">
+<span class=\"convo_settings\">Picture</span> <br>
+&nbsp; <span onclick=\"selectFile();\" id=\"pPath\"><i class=\"fa fa-paperclip\" aria-hidden=\"true\"></i> Select a Photo</span> <br>
+<form id=\"imgUpl\" action=\"picture_upl.php\" enctype=\"multipart/form-data\" method=\"post\">
+<input id=\"fBrowse\" name=\"img\" type=\"file\" style=\"display: none;\">
+</form>
+<span class=\"convo_settings\">Color</span> <br>
+<input onkeyup=\"saveColor()\" onkeypress=\"saveColor()\" id=\"cv_color\" type=\"text\" value=\"$cv_color\" placeholder=\"Convo Color\" class=\"mail_convo_settings\">
+</div>";
+echo "<div class=\"convo_settings\" style=\"font-size: 10px;\">hit enter to ensure save <br> all fields required to function <br> emoji in name &rarr; tap settings to see</div>";
+?>
+<script>
+function memberAdd() {
+  var selectBox = document.getElementById("memberAdd");
+  var selectedValue = selectBox.options[selectBox.selectedIndex].value;
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "convo_settings_save.php?i=<?php echo $cv_uqid; ?>&&memb_add=" + selectedValue, true);
+  xhr.onreadystatechange = function(){
+    if(xhr.readyState == 4)
+      if(xhr.status == 200) {
+        document.getElementById('changes_update').innerHTML = "changes saved";
+      }
+      else {
+        alert("error");
+      }
+    };
+  xhr.send();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  return false;
+}
+function saveName() {
+  var cv_name = $("#cv_name").val();
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "convo_settings_save.php?i=<?php echo $cv_uqid; ?>&&cv_name=" + encodeURIComponent(cv_name), true);
+  xhr.onreadystatechange = function(){
+    if(xhr.readyState == 4)
+      if(xhr.status == 200) {
+        document.getElementById('changes_update').innerHTML = "changes saved";
+        document.getElementById("convo_nameu").innerHTML = cv_name;
+      }
+      else {
+        alert("error");
+      }
+    };
+  xhr.send();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  return false;
+}
+function selectFile() {
+  document.getElementById('fBrowse').click();
+  document.getElementById('pPath').value = document.getElementById('fBrowse').value;
+}
+var form = document.forms.namedItem("imgUpl");
+form.addEventListener('change', function(ev) {
+  var oOutput = document.querySelector("div"),
+  oData = new FormData(form);
+  var oReq = new XMLHttpRequest();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  oReq.open("POST", "picture_upl.php?i=<?php echo $cv_uqid; ?>", true);
+  oReq.onload = function(oEvent) {
+    if (oReq.status == 200) {
+      var cnv_pic = oReq.responseText;
+      if(cnv_pic != '') {
+        document.getElementById("convo_imgu").src = cnv_pic;
+        document.getElementById('changes_update').innerHTML = "changes saved";
+      }
+      else {
+        document.getElementById('changes_update').innerHTML = "save failed";
+        form.reset();
+      }
+    }
+  };
+  oReq.send(oData);
+  ev.preventDefault();
+}, false);
+function saveColor() {
+  var cv_color = $("#cv_color").val();
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "convo_settings_save.php?i=<?php echo $cv_uqid; ?>&&cv_color=" + encodeURIComponent(cv_color), true);
+  xhr.onreadystatechange = function(){
+    if(xhr.readyState == 4)
+      if(xhr.status == 200) {
+        document.getElementById('changes_update').innerHTML = "changes saved";
+        document.getElementById('sub_settings_admin').style.color = cv_color;
+        document.getElementById('sub_settings_pref').style.color = cv_color;
+        document.getElementById("convo_nameu").style.color = cv_color;
+      }
+      else {
+        alert("error");
+      }
+    };
+  xhr.send();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  return false;
+}
+</script>
diff --git a/mail/convo_settings_save.php b/mail/convo_settings_save.php
new file mode 100644
index 0000000..6fe8789
--- /dev/null
+++ b/mail/convo_settings_save.php
@@ -0,0 +1,26 @@
+<?php
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+$memb_add = safe($_GET['memb_add']);
+$cv_name = safe($_GET['cv_name']);
+$cv_color = safe($_GET['cv_color']);
+if(mysqli_num_rows($cvo_slc = mysqli_query($conx, "SELECT id,rank FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  echo "<div class=\"mail_cont\"><br><span class=\"no_mail\">You do not belong to this conversation.</span><br><br></div>";
+  exit();
+}
+$cvo_rw = mysqli_fetch_array($cvo_slc);
+$cvo_rank = $cvo_rw['rank'];
+if($cvo_rank == 'admin') {
+  if($memb_add) {
+    if($memb_add == 'yes' OR $memb_add == 'no') {
+      mysqli_query($conx, "UPDATE mail_convo SET can_add='$memb_add' WHERE uqid='$cv_uqid'");
+    }
+  }
+}
+if($cv_name) {
+  mysqli_query($conx, "UPDATE mail_convo SET name='$cv_name' WHERE uqid='$cv_uqid'");
+}
+if($cv_color) {
+  mysqli_query($conx, "UPDATE mail_convo SET main_color='$cv_color' WHERE uqid='$cv_uqid'");
+}
+?>
diff --git a/mail/enc-test.php b/mail/enc-test.php
new file mode 100644
index 0000000..a4ff81e
--- /dev/null
+++ b/mail/enc-test.php
@@ -0,0 +1,64 @@
+<?php
+require_once("../inc/conx.php");
+$enc_txt = mysqli_real_escape_string($conx, htmlentities($_POST['txt']));
+
+$enc_string = mysqli_real_escape_string($conx, htmlentities($_POST['string']));
+$secret_key = mysqli_real_escape_string($conx, htmlentities($_POST['1']));
+$secret_iv = mysqli_real_escape_string($conx, htmlentities($_POST['2']));
+
+
+function genRand1($length = 16) {
+  return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
+}
+function genRand2($length = 16) {
+  return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
+}
+$gensecret_key = genRand1();
+$gensecret_iv = genRand2();
+
+function encrypt_decrypt($action, $string, $secret_key, $secret_iv)
+    {
+        $output = false;
+        $encrypt_method = "AES-256-CBC";
+        // hash
+        $key = hash('sha256', $secret_key);
+        // iv - encrypt method AES-256-CBC expects 16 bytes
+        $iv = substr(hash('sha256', $secret_iv), 0, 16);
+        if ( $action == 'encrypt' ) {
+            $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
+            $output = base64_encode($output);
+        } else if( $action == 'decrypt' ) {
+            $output = openssl_decrypt(base64_decode($string), $encrypt_method, $key, 0, $iv);
+        }
+        return $output;
+    }
+
+    if($enc_string != '' && $secret_key != '' && $secret_iv != '') {
+      echo encrypt_decrypt("decrypt","$enc_string","$secret_key","$secret_iv");
+      echo "<br><br>";
+    }
+    if($enc_txt != '') {
+      echo "string: ";
+      echo encrypt_decrypt("encrypt","$enc_txt","$gensecret_key","$gensecret_iv");
+      echo "<br>";
+      echo "key #1: $gensecret_key";
+
+      echo "<br>";
+      echo "key #2: $gensecret_iv";
+      echo "<br><br>";
+
+    }
+?>
+<form method="post">
+  decrypt a message: <br>
+<input id="string" name="string" type="password" placeholder="enter string"> <br>
+<input id="1" name="1" type="password" placeholder="enter key #1"> <br>
+<input id="2" name="2" type="password" placeholder="enter key #2"> <br>
+<input type="submit" value="decrypt">
+</form>
+<br>
+<form method="post">
+  encrypt a message: <br>
+<input id="txt" name="txt" type="text" placeholder="enter text"> <br>
+<input type="submit" value="encrypt">
+</form>
diff --git a/mail/exit.php b/mail/exit.php
new file mode 100644
index 0000000..f1f8ee8
--- /dev/null
+++ b/mail/exit.php
@@ -0,0 +1,53 @@
+<?php
+$this_page = "mail";
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+// Get the member's ID of the conversation.
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows($cv_slc = mysqli_query($conx, "SELECT id,uqid,uid FROM mail_memb WHERE id='$cv_uqid'")) == '0') {
+  echo "You do not belong to this conversation.";
+  exit();
+}
+// Select original member conversation info.
+$cv_rw = mysqli_fetch_array($cv_slc);
+$cvo_uqid = $cv_rw['uqid'];
+$cv_uid = $cv_rw['uid'];
+// Check if the user is in the conversation and select their own member info.
+$cv_cnt = mysqli_num_rows($cvo_slc = mysqli_query($conx, "SELECT uid,rank FROM mail_memb WHERE uqid='$cvo_uqid' && uid='$u_uid'"));
+$cvo_rw = mysqli_fetch_array($cvo_slc);
+$cvo_uid = $cvo_rw['uid'];
+$cvo_rank = $cvo_rw['rank'];
+// If the member is an admin.
+if($cvo_rank == 'admin') {
+  // Remove the member from the conversation.
+  // If they are removing themself.
+  $add_q = mysqli_query($conx, "SELECT username FROM accounts WHERE uid='$cv_uid'");
+  $add_r = mysqli_fetch_assoc($add_q);
+  $removed_username = $add_r['username'];
+  if($cvo_uid == $cv_uid) {
+    $del_uid = $u_uid;
+    $who = "@$u_username exited the conversation.";
+  }
+  // If they are removing another member.
+  else {
+    $del_uid = $cv_uid;
+    $who = "@$u_username exited @$removed_username from the conversation.";
+  }
+  mysqli_query($conx, "DELETE FROM mail_memb WHERE id='$cv_uqid' && uid='$del_uid'");
+  mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp) VALUES ('$cvo_uqid','6', '$who', '$tstamp')");
+}
+// If the member is not an admin and is only removing themself.
+elseif($cv_cnt == '1' && $cvo_uid == $cv_uid) {
+  // Remove the member from the conversation.
+  mysqli_query($conx, "DELETE FROM mail_memb WHERE id='$cv_uqid' && uid='$u_uid'");
+  mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp) VALUES ('$cvo_uqid','6', '@$u_username exited the conversation.', '$tstamp')");
+}
+// The member does not meet any of the above checks.
+else {
+  echo "You do not belong to this conversation.";
+  exit();
+}
+?>
diff --git a/mail/friends.php b/mail/friends.php
new file mode 100644
index 0000000..7508d33
--- /dev/null
+++ b/mail/friends.php
@@ -0,0 +1,140 @@
+<div class="mail_addm">
+  <input id="search_query" class="mail_addm_input" placeholder="Search Members" onkeypress="search()" onkeyup="search()">
+</div>
+<div id="addm_results" class="mail_addm" style="display: none;">
+  <div id="search_results">
+    <?php require_once("friends_search_results.php"); ?>
+  </div>
+</div> <br>
+<?php
+$f_q = mysqli_query($conx, "SELECT uid_rec FROM friends WHERE uid_req='$u_uid' AND accepted='yes' ORDER BY tstamp DESC");
+$fr_ct = mysqli_num_rows($f_q);
+if($fr_ct == '0') {
+  echo "<div class=\"mail_cont\">
+    <table style=\"text-align: center; width: 100%;\">
+      <tr>
+        <td style=\"width: 100%;\">
+          <span class=\"no_mail\"><br>No friends. <i class=\"fa fa-frown-o\" aria-hidden=\"true\"></i><br><br></span>
+        </td>
+      </tr>
+    </table>
+  </div>";
+}
+while($f_r = mysqli_fetch_assoc($f_q)) {
+  $fuid_rec = $f_r['uid_rec'];
+  $fusr_q = mysqli_query($conx, "SELECT username,picture,online_time,md_verf FROM accounts WHERE uid='$fuid_rec'");
+  while($fusr_r = mysqli_fetch_assoc($fusr_q)) {
+    $f_username = $fusr_r['username'];
+    $f_picture = $fusr_r['picture'];
+    $fonline_time = $fusr_r['online_time'];
+    $f_verf = $fusr_r['md_verf'];
+    if($f_verf == 'yes') {
+      $verif_check = "<i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+    //
+    //  DATA SAVER
+    if($u_datasaver == 'on') {
+      $f_picture = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQAAAAA3bvkkAAAACklEQVR4AWNoAAAAggCBTBfX3wAAAABJRU5ErkJggg==";
+    }
+    // DATA SAVER
+    //
+  }
+  $usri_q = mysqli_query($conx, "SELECT username_color,text_color FROM user_theme_colors WHERE uid='$fuid_rec' && theme_id='$g_themeid'");
+  while($usri_r = mysqli_fetch_assoc($usri_q)) {
+    $username_color = $usri_r['username_color'];
+    $chat_tcolor = $usri_r['text_color'];
+  }
+  $HUAHHH = time() - $fonline_time;
+  $mens = round($HUAHHH / 60);
+  if($mens <= 1) {
+    $cv_activeness = "#00FF00";
+  }
+  elseif($mens <= 2) {
+    $cv_activeness = "#FFA500";
+  }
+  elseif($mens < 5) {
+    $cv_activeness = "#FF0000";
+  }
+  else {
+    $cv_activeness = "#FF0000";
+  }
+  if($fr_ct > 0) {
+    echo "<div class=\"mail_cont\">
+        <table style=\"text-align: center; width: 100%;\">
+          <tr>
+            <td style=\"width: 20%;\" onclick=\"window.location='/canvas/$f_username';\">
+              <div class=\"mphoto_contain_size\">
+              <div class=\"mphoto_activity_dot\" style=\"background-color: $cv_activeness;\"></div> <img src=\"$f_picture\" class=\"list_picture\">
+              </div>
+              </div>
+            </td>
+            <td style=\"width: 50%; text-align: left;\">
+              <span style=\"color: $username_color; font-weight: bold;\" onclick=\"window.location='/canvas/$f_username';\">$f_username $verif_check</span>
+            </td>
+            <td style=\"width: 20%;\">
+            <i id=\"cuid_$fuid_rec\" class=\"fa fa-comment\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>
+            </td>
+            </tr>
+        </table>
+      </div>";
+    /*echo "<div class=\"mail_cont\">
+      <table style=\"text-align: center; width: 100%;\">
+        <tr>
+          <td style=\"width: 20%;\" onclick=\"window.location='/canvas/$f_username';\">
+            <img class=\"mail_friend_picture\" src=\"$f_picture\" alt=\"\">
+          </td>
+          <td style=\"width: 50%; text-align: left;\" onclick=\"window.location='/canvas/$f_username';\">
+            <span style=\"color: $username_color; font-weight: bold;\">$f_username</span>
+          </td>
+          <td style=\"width: 20%;\">
+            <i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"$f_activeness\"></i> &nbsp;&nbsp;
+            <i id=\"cuid_$fuid_rec\" class=\"fa fa-comment\" aria-hidden=\"true\" style=\"color: $username_color;\"></i>
+          </td>
+        </tr>
+      </table>
+    </div>";*/
+  }
+}
+?>
+<script>
+function search() {
+  var searchQ = document.getElementById("search_query");
+  var q = searchQ.value;
+  var sb = document.getElementById("addm_results");
+  var q = q.replace(/[^a-z0-9]/gi,'');
+  if(q == '') {
+    sb.style.display = 'none';
+  }
+  else {
+    sb.style.display = '';
+  }
+  document.getElementById("search_results").innerHTML = '<span class=\"no_results\">searching..</span>';
+  $.get("friends_search_results.php?q=" + q, function(d) {
+    $("#search_results").html(d);
+  });
+}
+var Msg = document.querySelectorAll("i[id^=cuid_]");
+[].forEach.call(Msg, function(ms){
+  ms.onclick = function(e){
+    if (confirm("Message?")) {
+      var mso = new XMLHttpRequest();
+      mso.open("GET", "convo_create.php?u=" + ms.id.match(/([0-9]*)$/)[0], true);
+      mso.onreadystatechange = function(){
+        if (mso.readyState == 4)
+          if(mso.status == 200) {
+            var convo_url = mso.responseText
+            toMessages();
+          }
+          else {
+            alert("error");
+          }
+      };
+      mso.send();
+      return false;
+    }
+  };
+});
+</script>
diff --git a/mail/friends_search_results.php b/mail/friends_search_results.php
new file mode 100644
index 0000000..77ae509
--- /dev/null
+++ b/mail/friends_search_results.php
@@ -0,0 +1,80 @@
+<?php
+require_once("../inc/conx.php");
+$q = safe($_GET['q']);
+if(ctype_alnum($q) != true) {
+  $q = null;
+}
+if($q) {
+  $search_q = mysqli_query($conx, "SELECT uid,username,who_can_mail,md_verf FROM accounts WHERE username LIKE '$q%' && verified='yes'");
+  $result_cnt = mysqli_num_rows($search_q);
+  if($result_cnt == '0') {
+    echo "<span class=\"no_results\">no results</span>";
+  }
+  while($search_r = mysqli_fetch_assoc($search_q)) {
+    $s_uid = $search_r['uid'];
+    $s_username = $search_r['username'];
+    $s_whocan = $search_r['who_can_mail'];
+    $s_verf = $search_r['md_verf'];
+    if($s_verf == 'yes') {
+      $verif_check = " <i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+    $usri_q = mysqli_query($conx, "SELECT username_color,text_color FROM user_theme_colors WHERE uid='$s_uid' && theme_id='$g_themeid'");
+    while($usri_r = mysqli_fetch_assoc($usri_q)) {
+      $username_color = $usri_r['username_color'];
+      $chat_tcolor = $usri_r['text_color'];
+    }
+    if($s_uid == $u_uid) {
+      echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+      echo "<span style=\"color: #808080; font-size: 10px;\">&bull; you</span>";
+    }
+    else {
+      if($s_whocan == 'nobody') {
+        echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+        echo "<span style=\"color: #808080; font-size: 10px;\">&bull; unavailable</span>";
+      }
+      if($s_whocan == 'friends') {
+        $f_q = mysqli_query($conx, "SELECT uid_rec FROM friends WHERE uid_req='$u_uid' AND uid_rec='$s_uid' AND accepted='yes' ORDER BY id DESC");
+        $fr_ct = mysqli_num_rows($f_q);
+         if($fr_ct != '0') {
+          echo "<span id=\"uid_$s_uid\" style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+          echo "<span style=\"color: #808080; font-size: 10px;\">&bull; available</span>";
+        }
+      else {
+        echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+        echo "<span style=\"color: #808080; font-size: 10px;\">&bull; unavailable</span>";
+      }
+    }
+    if($s_whocan == 'anyone') {
+      echo "<span id=\"uid_$s_uid\" style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+      echo "<span style=\"color: #808080; font-size: 10px;\">&bull; available</span>";
+    }
+    }
+    echo "<br>";
+  }
+}
+?>
+<script>
+var Message = document.querySelectorAll("span[id^=uid_]");
+[].forEach.call(Message, function(msg){
+  msg.onclick = function(e){
+    if (confirm("Message?")) {
+      var msgo = new XMLHttpRequest();
+      msgo.open("GET", "convo_create.php?u=" + msg.id.match(/([0-9]*)$/)[0], true);
+      msgo.onreadystatechange = function(){
+        if (msgo.readyState == 4)
+          if(msgo.status == 200) {
+            toMessages();
+          }
+          else {
+            alert("error");
+          }
+      };
+      msgo.send();
+      return false;
+    }
+  };
+});
+</script>
diff --git a/mail/img_upload.php b/mail/img_upload.php
new file mode 100644
index 0000000..919b10b
--- /dev/null
+++ b/mail/img_upload.php
@@ -0,0 +1,54 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+$uploc = "Mail";
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  header("location: /mail");
+  exit();
+}
+if ( isset($_FILES['img']) ) {
+ $filename  = $_FILES['img']['tmp_name'];
+ $handle    = fopen($filename, "r");
+ $data      = fread($handle, filesize($filename));
+ $required_key = "jCt5XrF4mwDntqsQD7NxX5TBuXAjFdPL";
+ $POST_DATA = array(
+   'file' => base64_encode($data),
+   'key' => urlencode($required_key),
+   'user' => urlencode($u_uid),
+   'imagetype' => urlencode($u_uid),
+   'imaeg' => urlencode($u_cloudterms),
+   'fieltyp' => urlencode($u_cloudterms),
+   'usernaem' => urlencode($u_username),
+   'filextension' => urlencode($u_username),
+   'uvia' => urlencode($uploc)
+ );
+ $curl = curl_init();
+ curl_setopt($curl, CURLOPT_URL, 'https://upl.justa.us/image.php');
+ curl_setopt($curl, CURLOPT_TIMEOUT, 30);
+ curl_setopt($curl, CURLOPT_POST, 1);
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($curl, CURLOPT_POSTFIELDS, $POST_DATA);
+ $url = curl_exec($curl);
+ if($url!=""){
+   $disq = mysqli_query($conx, "SELECT id,uid_from FROM mail ORDER BY id DESC LIMIT 1");
+   $disr = mysqli_fetch_assoc($disq);
+   $dis_id = $disr['id'];
+   $dis_uid = $disr['uid_from'];
+   if($dis_uid == $u_uid) {
+     if($msgtype != 'pm') {
+       mysqli_query($conx, "UPDATE mail SET display_name='no' WHERE id='$dis_id'");
+     }
+   }
+   mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp, mtype, imgurl) VALUES ('$cv_uqid','$u_uid', '$url', '$tstamp','img','$url')");
+   mysqli_query($conx, "UPDATE mail_memb SET last_active='$tstamp' WHERE uqid='$cv_uqid'");
+ }
+ else {
+   // there was an error uploading the image
+ }
+ curl_close ($curl);
+}
+?>
diff --git a/mail/index.php b/mail/index.php
index 8b13789..5c6f1ef 100644
--- a/mail/index.php
+++ b/mail/index.php
@@ -1 +1,119 @@
-
+<?php
+$this_page = "mail";
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+#   #   #   #   #   #   #
+#    WEBSITE LOCATION   #
+#   #   #   #   #   #   #
+if($u_siteloc != '/mail') {
+  $loc_desc = "conversatin\' in mail";
+  mysqli_query($conx, "UPDATE accounts SET site_locdesc='$loc_desc' WHERE uid='$u_uid'");
+  mysqli_query($conx, "UPDATE accounts SET site_locurl='/mail' WHERE uid='$u_uid'");
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Mail - Misdew</title>
+  <meta charset="utf-8">
+  <meta name="description" content="We are a fairly cool social network.">
+  <meta name="keywords" content="Misdew, MD, Social, Network, Communication, 3DS, DSi, Nintendo">
+  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+  <meta name="google" value="notranslate">
+  <meta name="theme-color" content="<?php echo $meta_theme_color; ?>">
+  <?php
+  if($css_type == "sheet") {
+    echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$g_sheet\">";
+  }
+  if($css_type == "raw") {
+    echo "<style type=\"text/css\">$g_raw</style>";
+  }
+  ?>
+  <link rel="icon" type="image/png" href="/img/favicon.png">
+  <link rel="apple-touch-icon" href="/img/logo.png">
+  <style type="text/css">
+  body {
+    background-color: <?php echo $bgcolor; ?>;
+  }
+  #header_tds {
+    color: <?php echo $tdcolor; ?> !important;
+  }
+  </style>
+</head>
+<body>
+  <center>
+    <?php
+    $back_button = true;
+    $linebreak = false;
+    $alerts = false;
+    require_once("../inc/header.php");
+    ?>
+    <div id="action_bar" class="mail_actbar">
+      <table style="width: 100%; text-align: center;">
+        <tr>
+          <td id="messagesTab" onclick="toMessages()" class="action_bar_tab" style="border-bottom: 1px solid #fff;">
+            Messages
+          </td>
+          <td id="friendsTab" onclick="toFriends()" class="action_bar_tab">
+            Friends
+          </td>
+          <td id="settingsTab" onclick="toSettings()" class="action_bar_tab">
+            Settings
+          </td>
+        </tr>
+      </table>
+    </div> <br>
+    <?php //require_once("../inc/load_alerts.php"); ?>
+    <div id="action_bar_page">
+      <?php require_once("messages.php"); ?>
+    </div>
+    <?php
+    echo "<br>";
+    echo "<span style=\"font-family: 'Dosis', sans-serif; color: #808080; font-size: 12px;\">Mail is not private or secure. Your messages can/may be read at any time. <br> They are stored in plaintext on our server. <br></span>";
+    require_once("../inc/footer.php");
+    ?>
+  </center>
+  <script>
+  function toMessages() {
+    document.getElementById('messagesTab').innerHTML = "Messages..";
+    $.get("messages.php", function(d) {
+      document.getElementById('messagesTab').innerHTML = "Messages";
+      document.getElementById("messagesTab").style.borderBottom = '1px solid #fff';
+      document.getElementById("friendsTab").style.borderBottom = 'none';
+      document.getElementById("settingsTab").style.borderBottom = 'none';
+      $("#action_bar_page").html(d);
+    });
+  }
+  function toFriends() {
+    document.getElementById('friendsTab').innerHTML = "Friends..";
+    $.get("friends.php", function(d) {
+      document.getElementById('friendsTab').innerHTML = "Friends";
+      document.getElementById("messagesTab").style.borderBottom = 'none';
+      document.getElementById("friendsTab").style.borderBottom = '1px solid #fff';
+      document.getElementById("settingsTab").style.borderBottom = 'none';
+      $("#action_bar_page").html(d);
+    });
+  }
+  function toSettings() {
+    document.getElementById('settingsTab').innerHTML = "Settings..";
+    $.get("settings.php", function(d) {
+      document.getElementById('settingsTab').innerHTML = "Settings";
+      document.getElementById("messagesTab").style.borderBottom = 'none';
+      document.getElementById("friendsTab").style.borderBottom = 'none';
+      document.getElementById("settingsTab").style.borderBottom = '1px solid #fff';
+      $("#action_bar_page").html(d);
+    });
+  }
+  </script>
+  <script>function expand(id) {
+    var e = document.getElementById(id);
+    if(e.style.display == 'block')
+    e.style.display = 'none';
+    else
+    e.style.display = 'block';
+  }</script>
+</body>
+</html>
diff --git a/mail/members_add.php b/mail/members_add.php
new file mode 100644
index 0000000..c171456
--- /dev/null
+++ b/mail/members_add.php
@@ -0,0 +1,42 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+// Get the member's ID of the conversation.
+$cv_uqid = safe($_GET['i']);
+$cv_adduid = safe($_GET['u']);
+if(mysqli_num_rows($cv_slc = mysqli_query($conx, "SELECT id,uqid,uid,rank FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  echo "You do not belong to this conversation.";
+  exit();
+}
+// Select original member conversation info.
+$cv_rw = mysqli_fetch_array($cv_slc);
+$cv_uid = $cv_rw['uid'];
+$cv_rank = $cv_rw['rank'];
+$add_q = mysqli_query($conx, "SELECT username FROM accounts WHERE uid='$cv_adduid'");
+$add_r = mysqli_fetch_assoc($add_q);
+$add_username = $add_r['username'];
+$c_memb = mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$cv_adduid'"));
+$cva_s = mysqli_query($conx, "SELECT can_add FROM mail_convo WHERE uqid='$cv_uqid'");
+$cva_r = mysqli_fetch_array($cva_s);
+$cvo_cadd = $cva_r['can_add'];
+// If the member is an admin.
+if($cvo_cadd == 'yes' && $c_memb == '0') {
+  mysqli_query($conx, "INSERT INTO mail_memb (uqid, uid, last_active) VALUES ('$cv_uqid', '$cv_adduid','$tstamp')");
+  mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp) VALUES ('$cv_uqid','6', '@$add_username has been added.', '$tstamp')");
+  function genRand2($length = 10) {
+    return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
+  }
+  $rstrTWO = genRand2();
+  if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM user_apps WHERE uid='$cv_adduid' && app_uqid='mail' && snooze='no'")) != '0') {
+    mysqli_query($conx, "INSERT INTO notifs (rstring, uid, snoozeable, app_uqid, message, view_link, tstamp) VALUES ('$rstrTWO','$cv_adduid','yes','mail','<span style=\"font-weight: bold;\">$u_username</span> added you to a conversation.','/mail/convo.php?i=$cv_uqid','$tstamp')");
+  }
+}
+// The member does not meet any of the above checks.
+else {
+  echo "You do not belong to this conversation.";
+  exit();
+}
+?>
diff --git a/mail/members_search_results.php b/mail/members_search_results.php
new file mode 100644
index 0000000..b6d6bc2
--- /dev/null
+++ b/mail/members_search_results.php
@@ -0,0 +1,81 @@
+<?php
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+$q = safe($_GET['q']);
+if(ctype_alnum($q) != true) {
+  $q = null;
+}
+if($q) {
+  $search_q = mysqli_query($conx, "SELECT uid,username,who_can_mail,md_verf FROM accounts WHERE username LIKE '$q%' && verified='yes'");
+  $result_cnt = mysqli_num_rows($search_q);
+  if($result_cnt == '0') {
+    echo "<span class=\"no_results\">no results</span>";
+  }
+  while($search_r = mysqli_fetch_assoc($search_q)) {
+    $s_uid = $search_r['uid'];
+    $s_username = $search_r['username'];
+    $s_whocan = $search_r['who_can_mail'];
+    $s_verf = $search_r['md_verf'];
+    if($s_verf == 'yes') {
+      $verif_check = " <i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+    $usri_q = mysqli_query($conx, "SELECT username_color,text_color FROM user_theme_colors WHERE uid='$s_uid' && theme_id='$g_themeid'");
+    while($usri_r = mysqli_fetch_assoc($usri_q)) {
+      $username_color = $usri_r['username_color'];
+      $chat_tcolor = $usri_r['text_color'];
+    }
+    if($s_uid == $u_uid) {
+      echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+      echo "<span style=\"color: #808080; font-size: 10px;\">&bull; you</span>";
+    }
+    else {
+      if($s_whocan == 'nobody') {
+        echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+        echo "<span style=\"color: #808080; font-size: 10px;\">&bull; unavailable</span>";
+      }
+      if($s_whocan == 'friends') {
+        $f_q = mysqli_query($conx, "SELECT uid_rec FROM friends WHERE uid_req='$u_uid' AND uid_rec='$s_uid' AND accepted='yes' ORDER BY id DESC");
+        $fr_ct = mysqli_num_rows($f_q);
+         if($fr_ct != '0') {
+          echo "<span id=\"uid_$s_uid\" style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+          echo "<span style=\"color: #808080; font-size: 10px;\">&bull; available</span>";
+        }
+      else {
+        echo "<span style=\"color: $username_color; font-weight: bold;\">$s_username$verif_check</span> ";
+        echo "<span style=\"color: #808080; font-size: 10px;\">&bull; unavailable</span>";
+      }
+    }
+    if($s_whocan == 'anyone') {
+      echo "<span id=\"uid_$s_uid\" style=\"color: $username_color; font-weight: bold;\">$s_username $verif_check</span> ";
+      echo "<span style=\"color: #808080; font-size: 10px;\">&bull; available</span>";
+    }
+    }
+    echo "<br>";
+  }
+}
+?>
+<script>
+var Add = document.querySelectorAll("span[id^=uid_]");
+[].forEach.call(Add, function(ad){
+  ad.onclick = function(e){
+    if (confirm("Add member?")) {
+      var ado = new XMLHttpRequest();
+      ado.open("GET", "members_add.php?i=<?php echo $cv_uqid; ?>&&u=" + ad.id.match(/([0-9]*)$/)[0], true);
+      ado.onreadystatechange = function(){
+        if (ado.readyState == 4)
+          if(ado.status == 200) {
+            toMembers();
+          }
+          else {
+            alert("error");
+          }
+      };
+      ado.send();
+      return false;
+    }
+  };
+});
+</script>
diff --git a/mail/messages.php b/mail/messages.php
new file mode 100644
index 0000000..5f27a10
--- /dev/null
+++ b/mail/messages.php
@@ -0,0 +1,97 @@
+<?php
+$this_page = "mail";
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+// Which conversations are you a member of?
+$m_csel = mysqli_query($conx, "SELECT id,uqid,last_active FROM mail_memb WHERE uid='$u_uid' ORDER BY last_active DESC");
+if(mysqli_num_rows($m_csel) == 0) {
+  echo "<div class=\"mail_cont\" onclick=\"toFriends();\"><br><span class=\"no_mail\">No conversations. <i class=\"fa fa-frown-o\" aria-hidden=\"true\"></i><br><i class=\"fa fa-plus-circle\" aria-hidden=\"true\"></i> Create</span><br><br></div>";
+}
+while($m_crow = mysqli_fetch_assoc($m_csel)) {
+  $m_id = $m_crow['id'];
+  $m_cuqid = $m_crow['uqid'];
+  $m_last_active = $m_crow['last_active'];
+  // What exactly are these conversations?
+  $cv_sel = mysqli_query($conx, "SELECT name,picture,main_color,main_color FROM mail_convo WHERE uqid='$m_cuqid'");
+  while($cv_row = mysqli_fetch_assoc($cv_sel)) {
+    $string = $cv_row['name'];
+    $cv_pic = $cv_row['picture'];
+    $cv_color = $cv_row['main_color'];
+    //
+    //  DATA SAVER
+    if($u_datasaver == 'on') {
+      $cv_pic = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQAAAAA3bvkkAAAACklEQVR4AWNoAAAAggCBTBfX3wAAAABJRU5ErkJggg==";
+    }
+    // DATA SAVER
+    //
+    include("../inc/replace.php");
+    echo "<div class=\"mail_cont\">
+      <table class=\"mail_header\">
+        <tr>
+          <td class=\"mail_picture_td\" onclick=\"window.location='convo.php?i=$m_cuqid';\">
+            <img class=\"mail_picture\" src=\"$cv_pic\" alt=\"\">
+          </td>
+          <td class=\"mail_details\" onclick=\"window.location='convo.php?i=$m_cuqid';\">
+            <span style=\"color: $cv_color\">$string</span>
+          </td>
+          <td class=\"tago\">
+            ";
+            echo timeago($m_last_active);
+            echo "&nbsp;&nbsp; <i id=\"cdel_$m_id\" class=\"fa fa-sign-out\" aria-hidden=\"true\" style=\"color: $cv_color;\"></i>
+          </td>
+        </tr>
+      </table>
+      <table class=\"mail_message_qv\" onclick=\"window.location='convo.php?i=$m_cuqid';\">
+        <tr>
+          <td>";
+        // Latest message in this conversation?
+        $msg_sel = mysqli_query($conx, "SELECT uid_from,message FROM mail WHERE uqid='$m_cuqid' ORDER BY id DESC LIMIT 1");
+        while($msg_row = mysqli_fetch_assoc($msg_sel)) {
+          $msg_from = $msg_row['uid_from'];
+          $string = trim(substr($msg_row['message'],0,30));
+          include("../inc/replace.php");
+          // Latest message is from...?
+          $u_sel = mysqli_query($conx, "SELECT username FROM accounts WHERE uid='$msg_from'");
+          while($u_row = mysqli_fetch_assoc($u_sel)) {
+            $msg_from = $u_row['username'];
+            if($msg_from == $u_username) {
+              $msg_from = "You";
+            }
+          }
+          echo "<span style=\"font-weight: bold;\">$msg_from:</span> $string";
+          if(strlen($msg_row['message']) > 30) {
+            echo "..";
+          }
+        }
+          echo "</td>
+        </tr>
+      </table>
+    </div>";
+  }
+}
+?>
+<script>
+var Del = document.querySelectorAll("i[id^=cdel_]");
+[].forEach.call(Del, function(dt){
+  dt.onclick = function(e){
+    if (confirm("Exit this conversation?")) {
+      var dto = new XMLHttpRequest();
+      dto.open("GET", "exit.php?i=" + dt.id.match(/([0-9]*)$/)[0], true);
+      dto.onreadystatechange = function(){
+        if (dto.readyState == 4)
+          if(dto.status == 200) {
+            toMessages();
+          }
+          else {
+            alert("error");
+          }
+      };
+      dto.send();
+      return false;
+    }
+  };
+});
+</script>
diff --git a/mail/online.php b/mail/online.php
new file mode 100644
index 0000000..d837b0b
--- /dev/null
+++ b/mail/online.php
@@ -0,0 +1,65 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  exit();
+}
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  die("You do not belong to this conversation.");
+  exit();
+}
+$new = $tstamp - 29.9;
+// if active, display them
+$sc_onl = mysqli_query($conx, "SELECT uid FROM mail_memb WHERE uqid='$cv_uqid' && chat_time >= $new ORDER BY uid");
+$l_cnt = mysqli_num_rows($sc_onl);
+$onlci = mysqli_query($conx, "SELECT timestamp FROM mail WHERE uqid='$cv_uqid' ORDER BY id DESC LIMIT 1");
+$cironl = mysqli_fetch_assoc($onlci);
+$chatac = $cironl['timestamp'];
+
+$HUAHHH = time() - $chatac;
+$mens = round($HUAHHH / 60);
+if($mens <= 1) {
+echo "<i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"color_go\"></i> <span style=\"font-weight: bold;\">$l_cnt</span> online.<br>";
+}
+elseif($mens <= 2) {
+  echo "<i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"color_slow\"></i> <span style=\"font-weight: bold;\">$l_cnt</span> online.<br>";
+}
+elseif($mens < 5) {
+  echo "<i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"color_slow\"></i> <span style=\"font-weight: bold;\">$l_cnt</span> online.<br>";
+}
+else {
+  echo "<i class=\"fa fa-circle\" aria-hidden=\"true\" id=\"color_dead\"></i> <span style=\"font-weight: bold;\">$l_cnt</span> online.<br>";
+}
+?>
+<span class="online_list">
+  <?php
+  // selects user accounts
+  $slct_onl = mysqli_query($conx, "SELECT chat_time,uid FROM mail_memb WHERE uqid='$cv_uqid' ORDER BY chat_time DESC");
+  $separator = '';
+  while($slc_on = mysqli_fetch_array($slct_onl))
+    {
+  $online_time = $slc_on['chat_time'];
+  $online_uid = $slc_on['uid'];
+  $usr_q = mysqli_query($conx, "SELECT username,md_verf FROM accounts WHERE uid='$online_uid'");
+  while($usr_r = mysqli_fetch_assoc($usr_q)) {
+    $online_username = $usr_r['username'];
+    $online_verf = $usr_r['md_verf'];
+    if($online_verf == 'yes') {
+      $verif_check = "<i style=\"font-size: 14px;\" class=\"fa fa-check-circle\" aria-hidden=\"true\"></i>";
+    }
+    else {
+      $verif_check = "";
+    }
+  }
+  // math stuff for time ago function
+  $differ = time() - $online_time;
+  $mins = round($differ / 60);
+
+  // if active, display them
+  if ($mins < .30) {
+    echo $separator;
+    echo "<a href=\"/canvas/$online_username\" class=\"mail_onl_username\">$online_username $verif_check</a>";
+    if (!$separator) $separator = ', ';
+  }
+}
+?>
diff --git a/mail/online_upd.php b/mail/online_upd.php
new file mode 100644
index 0000000..d12589a
--- /dev/null
+++ b/mail/online_upd.php
@@ -0,0 +1,16 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  die("You do not belong to this conversation.");
+  exit();
+}
+// update online time
+mysqli_query($conx, "UPDATE mail_memb SET chat_time='$tstamp' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+mysqli_query($conx, "UPDATE mail_memb SET latest_read='yes' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+mysqli_query($conx, "UPDATE mail_memb SET sent='no' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+?>
diff --git a/mail/picture_upl.php b/mail/picture_upl.php
new file mode 100644
index 0000000..bf761e2
--- /dev/null
+++ b/mail/picture_upl.php
@@ -0,0 +1,35 @@
+<?php
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows($cvo_slc = mysqli_query($conx, "SELECT id,rank FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  exit();
+}
+$uploc = "Mail";
+if ( isset($_FILES['img']) ) {
+ $filename  = $_FILES['img']['tmp_name'];
+ $handle    = fopen($filename, "r");
+ $data      = fread($handle, filesize($filename));
+ $required_key = "make ur own";
+ $POST_DATA = array(
+   'file' => base64_encode($data),
+   'key' => urlencode($required_key),
+   'user' => urlencode($u_uid),
+   'imagetype' => urlencode($u_uid),
+   'imaeg' => urlencode($u_cloudterms),
+   'fieltyp' => urlencode($u_cloudterms),
+   'usernaem' => urlencode($u_username),
+   'filextension' => urlencode($u_username),
+   'uvia' => urlencode($uploc)
+ );
+ $curl = curl_init();
+ curl_setopt($curl, CURLOPT_URL, 'https://upl.justa.us/image.php');
+ curl_setopt($curl, CURLOPT_TIMEOUT, 30);
+ curl_setopt($curl, CURLOPT_POST, 1);
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($curl, CURLOPT_POSTFIELDS, $POST_DATA);
+ $url = curl_exec($curl);
+ mysqli_query($conx, "UPDATE mail_convo SET picture='$url' WHERE uqid='$cv_uqid'");
+ echo trim($url);
+ curl_close ($curl);
+}
+?>
diff --git a/mail/send.php b/mail/send.php
new file mode 100644
index 0000000..3648c7b
--- /dev/null
+++ b/mail/send.php
@@ -0,0 +1,44 @@
+<?php
+require_once("../inc/conx.php");
+$cv_uqid = safe($_GET['i']);
+if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM mail_memb WHERE uqid='$cv_uqid' && uid='$u_uid'")) == '0') {
+  die("You do not belong to this conversation.");
+  exit();
+}
+$chat_txt = mysqli_real_escape_string($conx, htmlentities($_POST['body']));
+
+if($chat_txt && $post != 'n') {
+	$disq = mysqli_query($conx, "SELECT id,uid_from,pmuid FROM mail WHERE uqid='$cv_uqid' ORDER BY id DESC LIMIT 1");
+	$disr = mysqli_fetch_assoc($disq);
+	$dis_id = $disr['id'];
+	$dis_uid = $disr['uid_from'];
+	$dis_pmuid = $disr['pmuid'];
+	if($dis_uid == $u_uid) {
+		if($msgtype != 'pm') {
+			mysqli_query($conx, "UPDATE mail SET display_name='no' WHERE id='$dis_id'");
+		}
+	}
+	// update online time
+	mysqli_query($conx, "UPDATE mail_memb SET chat_time='$tstamp' WHERE uqid='$cv_uqid' && uid='$u_uid'");
+	mysqli_query($conx, "INSERT INTO mail (uqid, uid_from, message, timestamp) VALUES ('$cv_uqid','$u_uid', '$chat_txt', '$tstamp')");
+  mysqli_query($conx, "UPDATE mail_memb SET last_active='$tstamp' WHERE uqid='$cv_uqid'");
+  sleep(2);
+  mysqli_query($conx, "UPDATE mail_memb SET latest_read='no' WHERE uqid='$cv_uqid' && uid!='$u_uid'");
+  sleep(8);
+  $notur_s = mysqli_query($conx, "SELECT uid FROM mail_memb WHERE uqid='$cv_uqid' && latest_read='no' && sent='no'");
+  while($notur_r = mysqli_fetch_assoc($notur_s)) {
+    mysqli_query($conx, "UPDATE mail_memb SET sent='yes' WHERE uqid='$cv_uqid'");
+    $n_uid = $notur_r['uid'];
+    $n_sent = $notur_r['sent'];
+    $n_lread = $notur_r['latest_read'];
+    sleep(2);
+    mysqli_query($conx, "UPDATE mail_memb SET sent='yes' WHERE uqid='$cv_uqid'");
+    //if($latest_read == 'no') {
+      if(mysqli_num_rows(mysqli_query($conx, "SELECT id FROM user_apps WHERE uid='$n_uid' && app_uqid='mail' && snooze='no'")) != '0') {
+        mysqli_query($conx, "INSERT INTO notifs (rstring, uid, snoozeable, app_uqid, message, view_link, tstamp) VALUES ('$tstamp','$n_uid','yes','mail','You have unread messages.','/mail/convo.php?i=$cv_uqid','$tstamp')");
+      //}
+    }
+  }
+  mysqli_query($conx, "UPDATE account_figures SET activeness='$f_activeness'+.01 WHERE uid='$u_uid'");
+}
+?>
diff --git a/mail/settings.php b/mail/settings.php
new file mode 100644
index 0000000..d45e3c2
--- /dev/null
+++ b/mail/settings.php
@@ -0,0 +1,96 @@
+<?php
+require_once("../inc/conx.php");
+if($logged_in == false) {
+  header("location: /");
+  exit();
+}
+# WHO CAN MAIL
+if($u_can_mail == 'friends') {
+  $friends_can = "selected";
+}
+if($u_can_mail == 'anyone') {
+  $anyone_can = "selected";
+}
+if($u_can_mail == 'nobody') {
+  $nobody_can = "selected";
+}
+# CONVO DETAIL GENERATION
+if($u_mail_rand == 'on') {
+  $random_det = "selected";
+}
+if($u_mail_rand == 'off') {
+  $default_det = "selected";
+}
+?>
+<div id="changes_update" class="convo_settings">no changes detected</div>
+<div class="mail_cont" style="text-align: left;">
+  <table style="width: 100%; text-align: left;">
+    <tr>
+      <td id="sub_settings_admin" style="color: #a64ca6; font-weight: bold; font-size: 14px;">
+        Preferences
+      </td>
+    </tr>
+  </table>
+  <table>
+    <tr>
+      <td>
+        <span class="convo_settings">Availability</span> <br>
+        <select id="can_mail" onchange="canMail();">
+          <option value="friends" <?php echo $friends_can; ?>>Friends can mail me</option>
+          <option value="anyone" <?php echo $anyone_can; ?>>Anyone can mail me</option>
+          <option value="nobody" <?php echo $nobody_can; ?>>Nobody can mail me</option>
+        </select>
+      </td>
+    </tr>
+  </table>
+  <table>
+    <tr>
+      <td>
+        <span class="convo_settings">New Conversations</span> <br>
+        <select id="new_convos" onchange="newConvos();">
+          <option value="on" <?php echo $random_det; ?>>Generate random details</option>
+          <option value="off" <?php echo $default_det; ?>>Don't generate random details</option>
+        </select>
+      </td>
+    </tr>
+  </table>
+</div>
+<!-- UNCOMMENT THIS ONCE YOU HAVE MORE SETTINGS <div class="convo_settings" style="font-size: 10px;">hit enter to ensure save <br> all fields required to function</div> -->
+<script>
+function canMail() {
+  var selectBox = document.getElementById("can_mail");
+  var selectedValue = selectBox.options[selectBox.selectedIndex].value;
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "settings_save.php?canmail=" + selectedValue, true);
+  xhr.onreadystatechange = function(){
+    if(xhr.readyState == 4)
+      if(xhr.status == 200) {
+        document.getElementById('changes_update').innerHTML = "changes saved";
+      }
+      else {
+        alert("error");
+      }
+    };
+  xhr.send();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  return false;
+}
+function newConvos() {
+  var selectBox = document.getElementById("new_convos");
+  var selectedValue = selectBox.options[selectBox.selectedIndex].value;
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "settings_save.php?newcvs=" + selectedValue, true);
+  xhr.onreadystatechange = function(){
+    if(xhr.readyState == 4)
+      if(xhr.status == 200) {
+        document.getElementById('changes_update').innerHTML = "changes saved";
+      }
+      else {
+        alert("error");
+      }
+    };
+  xhr.send();
+  document.getElementById('changes_update').innerHTML = "saving changes..";
+  return false;
+}
+</script>
diff --git a/mail/settings_save.php b/mail/settings_save.php
new file mode 100644
index 0000000..53b3f24
--- /dev/null
+++ b/mail/settings_save.php
@@ -0,0 +1,13 @@
+<?php
+require_once("../inc/conx.php");
+$canmail = safe($_GET['canmail']);
+$newcvs = safe($_GET['newcvs']);
+# SET WHO CAN MAIL YOU
+if($canmail == 'friends' OR $canmail == 'anyone' OR $canmail == 'nobody') {
+  mysqli_query($conx, "UPDATE accounts SET who_can_mail='$canmail' WHERE uid='$u_uid'");
+}
+# SET WHETHER OR NOT TO GENERATE RANDOM DETAILS ON NEW CONVOS
+if($newcvs == 'on' OR $newcvs == 'off') {
+  mysqli_query($conx, "UPDATE accounts SET mail_random_gen='$newcvs' WHERE uid='$u_uid'");
+}
+?>