Файл: info.php
Строк: 150
<?php
include'inc/conf.php';
$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '".$_SESSION['id']."' ");
$row = mysql_fetch_array($sql);
if(isset($_GET['ids']))
{
$ids = strip_tags(mysql_real_escape_string(htmlspecialchars(stripslashes(abs(intval($_GET['ids']))))));
} else{
$ids = strip_tags(mysql_real_escape_string(htmlspecialchars(stripslashes(abs(intval($_SESSION['id']))))));
}
if(isset($_GET['ids']) and $_GET['ids']==$row['id'])
{
header("Location: info.php"); exit;
}
$pass = htmlspecialchars(stripslashes($_SESSION['pass']));
$id = htmlspecialchars(stripslashes($_SESSION['id']));
if ($id == $row['id'] and md5($pass)==$row['pass']){
////////////////////////////////////////////////////////////////
$user = mysql_query("SELECT * FROM `users` WHERE `id`='".$ids."'");
$user_s=mysql_num_rows($user);
if($user_s==0){
$title='Капитан ';
include'inc/up.php';
echo'<div class="opis">Данного игрока нет.</div>';
include'inc/foot.php';
exit;
}
////user info
$sql2 = mysql_query("SELECT * FROM `users` WHERE `id` = '".$ids."' ");
$row2 = mysql_fetch_array($sql2);
////pushka
$sql3 = mysql_query("SELECT * FROM `body` WHERE `id` = '".$row2['pushka']."' ");
$pu = mysql_fetch_array($sql3);
////bron
$sql4 = mysql_query("SELECT * FROM `body` WHERE `id` = '".$row2['bron']."' ");
$bron = mysql_fetch_array($sql4);
////parusa
$sql5 = mysql_query("SELECT * FROM `body` WHERE `id` = '".$row2['parus']."' ");
$parus = mysql_fetch_array($sql5);
////Город
$sql6 = mysql_query("SELECT * FROM `city` WHERE `id` = '".$row2['city']."' ");
$city = mysql_fetch_array($sql6);
////Корабль
$sql7 = mysql_query("SELECT * FROM `ship` WHERE `id` = '".$row2['ship']."' ");
$ship = mysql_fetch_array($sql7);
////Капитан
$sql8 = mysql_query("SELECT * FROM `capitan` WHERE `id` = '".$row2['capitan']."' ");
$pirat = mysql_fetch_array($sql7);
////КЛАН
$sql8 = mysql_query("SELECT * FROM `clan` WHERE `id` = '".$row2['clan']."' ");
$clan = mysql_fetch_array($sql8);
if($row2['pol']==1) $pol='Парень'; else $pol='Девушка';
$title='Пират '.$row2['login'].'';
include'inc/up.php';
$sd = strip_tags(mysql_real_escape_string(htmlspecialchars(stripslashes(intval($_GET['ids'])))));
$dat=time()-1800;
if($row2['lastdate'] <= $dat)
{
$onlinestatus = "Не в игре";
}
elseif($row2['lastdate'] >= $dat)
{
$onlinestatus = "На сайте";
}
$online=$onlinestatus;
$sd = strip_tags(mysql_real_escape_string(htmlspecialchars(stripslashes(intval($_GET['ids'])))));
if(!empty($row2['capitan'])) { $pic=$row2['capitan'].'.jpg'; }else{
$pic='empty.png';
}
echo'<div class="under">';
echo '
<table><tbody><tr><td style="width:1%;vertical-align:top;">
<img class="ico2" src="img/capitan/'.$pic.'" alt="">
</td><td style="vertical-align:top;">
<strong>'.$row2['login'].', '.$row2['lvl'].' уровень.</strong><br/>
Пол: '.$pol.'<br/>
Статус: '.$onlinestatus.'
</td></tr></tbody></table></div>
';
echo'<div class="under">';
if(empty($sd)){
echo'<img class="ico" src="img/pics/mail.png" alt=""><a href="mail.php">Почта</a><br/>';
echo'<img class="ico" src="img/pics/vesh.png" alt=""><a href="inventar.php">Инвентарь</a><br/>';
echo'<img class="ico" src="img/pics/art.png" alt=""><a href="artefact.php?ids='.$ids.'">Артефакты</a>';
}else{
echo'<img class="ico" src="img/pics/mail.png" alt=""><a href="mail.php?go=msg&ids='.$sd.'">Написать письмо</a><br/>';
echo'<img class="ico" src="img/pics/art.png" alt=""><a href="artefact.php?ids='.$sd.'">Артефакты</a>';
}
if(empty($sd)){
echo'<br/><img class="ico2" src="img/pics/skil.png" alt=""> <a href="talant.php">Таланты</a> <strong>('.$row2['talant'].')</strong><br/>';
}
echo'</div>
<div class="under">';
if(!empty($row2['clan'])){
$cl = mysql_query("SELECT * FROM `clan` WHERE `id`='".$row2['clan']."'");
$clan_all=mysql_num_rows($cl);
if($clan_all!=0){
echo'
Гильдия: <strong><a href="clan.php?go=info&id='.$clan['id'].'">'.$clan['name'].'</a></strong><br/>';
}
}
echo'
В городе <strong>'.$city['name'].'</strong><br/>
Мощность: <strong>'.$row2['power'].'</strong><br/>
Защита: <strong>'.$row2['def'].'</strong><br/>
Скорость: <strong>'.$row2['speed'].'</strong><br/>
Маневренность: <strong>'.$row2['manevr'].'</strong></div>';
$sd = strip_tags(mysql_real_escape_string(htmlspecialchars(stripslashes(intval($_GET['ids'])))));
if(empty($sd)){
echo'<div class="under"><img class="ico2" src="img/pics/money.png" alt="">Золото: <strong>'.$row2['money'].'</strong><br/>';
echo'<img class="ico2" src="img/pics/pearl.png" alt="">Жемчуг: <strong>'.$row2['pearl'].'</strong><br/>';
echo'<img class="ico2" src="img/pics/crystal.png" alt="">Кристалы: <strong>'.$row2['crystal'].'</strong><br/>';
echo'<img class="ico2" src="img/pics/skil.png" alt=""><a href="luck.php">Удача</a> <strong>('.$row2['luck'].')</strong><br/>';
$number=$row['exp'];
echo'<img class="ico2" src="img/pics/exp.png" alt="">Опыт: <strong>'.$number.'</strong><br/>';
echo'
</div>';
}
echo'
<div class="big">Комплектующие</div><div class="under">';
if(!empty($row2['ship'])){
echo'<img class="ico" src="img/ship/'.$ship['id'].'.jpg" alt=""><strong>'.$ship['name'].'</strong><br/>'; }else{
echo'<img class="ico" src="img/ship/1.jpg" alt=""><strong>Нету корабля</strong><br/>';
}
if(!empty($row2['pushka'])){
echo'<img class="ico" src="img/shop/weapon/'.$row2['pushka'].'.jpg" alt=""><strong>'.$pu['name'].'</strong><br/>'; }else{
echo'<img class="ico" src="img/shop/weapon/empty.png" alt=""><strong>не установленны</strong><br/>';
}
if(!empty($row2['parus'])){
echo'<img class="ico" src="img/shop/parus/'.$row2['parus'].'.jpg" alt=""><strong>'.$parus['name'].'</strong><br/>'; }else{
echo'<img class="ico" src="img/shop/parus/empty.png" alt=""><strong>не установленны</strong><br/>';
}
if(!empty($row2['bron'])){
echo'<img class="ico" src="img/shop/bron/'.$row2['bron'].'.jpg" alt=""><strong>'.$bron['name'].'</strong><br/>'; }else{
echo'<img class="ico" src="img/shop/bron/empty.png" alt=""><strong>не установленн</strong><br/>';
}
echo'</div>';
if(empty($sd)){
echo'<div class="under">';
echo'<img class="ico" src="img/pics/set.png" alt=""><a href="set_game.php">Настройки</a><br/>';
echo'<img class="ico" src="img/pics/exit.png" alt=""><a href="exit.php">Выход</a><br/>';
echo'</div>';
}
}
include'inc/foot.php';
?>