Файл: phpfile/sapogi.php
Строк: 190
<?php
$query = "SELECT *
FROM `rukzak`WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"' and `chit`='sh' and `odeto`='0'
" ;
$sql = mysql_query($query) or die(mysql_error()) ;
if (isset($_POST['him'])) //////блок самой алхимии
{
$count = sizeof($_POST) ;
$a = 0 ;
$r = array_values($_POST) ;
$ataka = 0 ;
while ($a <= $count)
{
if (isset($r[$a]))
{
if (is_numeric($r[$a]))
{
$query8 = "SELECT * FROM `rukzak` WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"' and `idrukzak`='" . mysql_real_escape_string($r[$a]) .
"' and `odeto`='0' and `chit`='sh'" ;
$sql8 = mysql_query($query8) or die(mysql_error()) ;
$row8 = mysql_fetch_assoc($sql8) ;
$k = mysql_num_rows($sql8) ;
if ($k == 0)
{
print "<div class="style_mess_no">Ошибка запроса!(01)</div>" ;
exitt($row,$opredelenie) ;
}
$ataka += $row8['try'] ;
if($opredelenie!='Админ'){
mysql_query("DELETE FROM `rukzak` WHERE `idrukzak`='" . mysql_real_escape_string
($r[$a]) . "' and `name`='" . mysql_real_escape_string($opredelenie) .
"' and `odeto`='0' ") or die(mysql_error()) ;
}
}
;
}
;
$a++ ;
}
$query = "SELECT * FROM `table1` WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"'" ;
$sql = mysql_query($query) or die(mysql_error()) ;
$row = mysql_fetch_assoc($sql) ;
$bonus = 0 ;
if ($row['polog'] == 'zamok')
{
$queryz = "SELECT * FROM `zamki` WHERE `klan`='" . mysql_real_escape_string($row['klan']) .
"' and `sewer`='" . mysql_real_escape_string($row['sevgorod']) .
"' and `wostok`='" . mysql_real_escape_string($row['wostokgorod']) . "' " ;
$sqlz = mysql_query($queryz) or die(mysql_error()) ;
if (mysql_num_rows($sqlz) == 1)
{
$rowz = mysql_fetch_assoc($sqlz) ;
$bonus = $rowz['skornjak'] ;
}
}
$tz = mt_rand(1, 100) ;
$r = ($row['skornjak'] + $bonus) / ($count - 1) ;
if($pers_info['all_kraft']>time()){$r=$r*($pers_info['all_kraft_par']/100+1);};
$ty = mt_rand(1, 38) ;
$t = 0 ;
if($_SESSION['skor']==1){$r=$r*2;}
if ($r > 90)
{
$r = 90 ;
}
if ($r >= mt_rand(1, 100))
{
$rs=mysql_query("SELECT *
FROM `$tablica`
ORDER BY `$tablica`.`parametr` DESC");
$rddd=mysql_fetch_array($rs);
if($ataka>$rddd['parametr']){
$queryp = "SELECT * FROM `$tablica` WHERE `parametr`>='" .
mysql_real_escape_string($ataka) . "' AND `par`<='" . mysql_real_escape_string($ataka) .
"'" ;
;}else{
$queryp = "SELECT * FROM `$tablica` WHERE `parametr`>='" .
mysql_real_escape_string($ataka) . "' AND `par`<='" . mysql_real_escape_string($ataka) .
"'" ;}
$sqlp = mysql_query($queryp) or die(mysql_error()) ;
$rowp = mysql_fetch_assoc($sqlp) ;
$k = mysql_num_rows($sqlp) ;
$tipi = $tablica. $ataka ;
$TI = time() ;
if($tablica=='shapka'){
$r = mysql_query("select*from new_qwest_pers where name='" . $row['ID'] . "' and `4`='1' ");
if(mysql_num_rows($r)==1){
$rr=mysql_fetch_array($r);
$r2=mysql_query("select*from new_qwest_kolvo where name='".$row['ID']."' and qwest='4' and `kolvo`>'0'");
if(mysql_num_rows($r2)==1){
$rr2=mysql_fetch_array($r2);
}
$rr2['kolvo']--;$_SESSION['statusis']="Осталось создать ".$rr2['kolvo']." шапок!<br>";
if($rr2['kolvo']<=0){
$_SESSION['statusis']="Вы создали 50 шапок. Возращайтесь в гильдию!<br>";
mysql_query("update new_qwest_pers set `4`='2' where name='".$row['ID']."'");
;}mysql_query("update new_qwest_kolvo set kolvo='".$rr2['kolvo']."' where name='".$row['ID']."' and qwest='4'");
;}
;}
if($row['gild_skor']==10){
$proc=((rand(1,50)/100)+1);
$ataka=round($ataka*$proc);
}if( $tablica=='sapogi'){$ataka=$rowp['id'];}
mysql_query("INSERT INTO `rukzak` (`idrukzak`, `name` , `tip` , `nazvanie`,`try`,`time`,`sozdatel`,`lvl`,`chit`,`table`,`rus_tip`,`rus_par` )
VALUES ('','" . mysql_real_escape_string($opredelenie) . "', '" .
mysql_real_escape_string($tipi) . "', '" . mysql_real_escape_string($rowp['nazvanie']) .
"','" . mysql_real_escape_string($ataka) . "','$TI','" .
mysql_real_escape_string($opredelenie) . "','" . mysql_real_escape_string($rowp['lvl']) .
"','".mysql_real_escape_string($tablica)."','".mysql_real_escape_string($rowp['tip'])."'
,'".mysql_real_escape_string($rowp['rus_tip'])."','".mysql_real_escape_string($rowp['rus_par'])."'
)") or die(mysql_error()) ;
print "<div class="style_mess_yes">Вы создали:<br>
" . htmlspecialchars($rowp['nazvanie']) .
"<br><a href=88.php?go=skor&plavit=0".htmlspecialchars($_GET['plavit'])." style=color:#CC3333>Сшить $nazvanie</a></div>" ;
$querypp = "SELECT * FROM `table1` WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"'" ;
$sqlpp = mysql_query($querypp) or die(mysql_error()) ;
$rowpp = mysql_fetch_assoc($sqlpp) ;
$nt=8;
if($row['skornjak']>100){$nt=$row['skornjak']/10;}
$r1 = 8*((1/($rowpp['skornjak']/100))*($count - 1)) ;
if($_SESSION['skor']==1){$r1=$r1*2;}
if ($r1>=mt_rand(1, 100) )
{
$opitstar = $rowpp['skornjak'] * 100 ;
$obshopit = $rowpp['obshopit'] + $opitstar ;
$tekopit = $rowpp['tekopit'] + $opitstar ;
print "<br>Вы повысили ваш навык <br><font color=red><b>Скорняк +1! Вы получили $opitstar опыта!</b></font>" ;
$rowpp['skornjak']++ ;
$query = "UPDATE `table1` SET `obshopit`='" . mysql_real_escape_string($obshopit) .
"',`tekopit`='" . mysql_real_escape_string($tekopit) . "',`skornjak`='" .
mysql_real_escape_string($rowpp['skornjak']) . "' WHERE `name`='" .
mysql_real_escape_string($opredelenie) . "' LIMIT 1 ;" ;
mysql_query($query) ;
$sql = mysql_query($query) or die(mysql_error()) ;
}
;
}
else
{
print "<div class="style_mess_no">Вы не смогли создать $nazvanie!<br><a href=88.php?go=skor&plavit=0".htmlspecialchars($_GET['plavit'])." style=color:#CC3333>Сшить $nazvanie</a></div>" ;
exitt($row,$opredelenie) ;
}
;
}
else
{
$count = sizeof($_POST) ;
if (($count - 1) > 80)
{
print "<div class="style_mess_no">Вы выбрали более 80 шкур!<br><a href=88.php?go=skor style=color:#CC3333>Лавка скорняка</a></div>" ;
exitt($row,$opredelenie) ;
}
if ($count <= 1)
{
print "<div class="style_mess_no">Вы нечего не выбрали!<br><a href=88.php?go=skor style=color:#CC3333>Лавка скорняка</a></div>" ;
exitt($row,$opredelenie) ;
}
print "<div class="chat_conteiner">Для создания вы выбрали:<br>" ;
//////////////////////////////////////////////////////////
$query1 = "SELECT * FROM `table1` WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"'" ;
$sql1 = mysql_query($query1) or die(mysql_error()) ;
$row1 = mysql_fetch_assoc($sql1) ;
/////////////////////////////////////////////////////////////////////////////
$bonus = 0 ;
if ($row['polog'] == 'zamok')
{
$queryz = "SELECT * FROM `zamki` WHERE `klan`='" . mysql_real_escape_string($row['klan']) .
"' and `sewer`='" . mysql_real_escape_string($row['sevgorod']) .
"' and `wostok`='" . mysql_real_escape_string($row['wostokgorod']) . "' " ;
$sqlz = mysql_query($queryz) or die(mysql_error()) ;
if (mysql_num_rows($sqlz) == 1)
{
$rowz = mysql_fetch_assoc($sqlz) ;
$bonus = $rowz['skornjak'] ;
}
}
$sans = round(($row1['skornjak'] + $bonus) / ($count - 1)) ;
$sans = round($sans) ;
if ($sans > 90)
{
$sans = 90 ;
}
//////////////////////////////
$a = 0 ;
$r = array_values($_POST) ;
print "<form name=form1 action=88.php?go=skor&plavit=".htmlspecialchars($_GET['plavit'])." method=post>" ;
while ($a <= $count)
{
if (isset($r[$a]))
{
if (is_numeric($r[$a]))
{
$query8 = "SELECT * FROM `rukzak` WHERE `name`='" . mysql_real_escape_string($opredelenie) .
"' and `idrukzak`='" . mysql_real_escape_string($r[$a]) .
"' and `odeto`='0' and `chit`='sh'" ;
$sql8 = mysql_query($query8) or die(mysql_error()) ;
$row8 = mysql_fetch_assoc($sql8) ;
print "<input type=hidden name=$a value=" . htmlspecialchars($r[$a]) .
" /> <font color=red>" . htmlspecialchars($row8['nazvanie']) . "</font>," ;
}
;
}
;
$a++ ;
}
if($pers_info['all_kraft']>time()){$sans=$sans*($pers_info['all_kraft_par']/100+1);};
if($_SESSION['skor']==1){$sans=$sans*2;}
print "<br>Шанс сшить $nazvanie " . htmlspecialchars($sans) .
" %<br><input class=select name=him type=submit value=Создать?></div>" ;
;
}
?>