Файл: bitva-online.ru/clan/invite.php
Строк: 31
<?
require_once '../core/system.php';
require_once 'sys.php';
echo only_reg();
if(!isset($_GET['yes']) && !isset($_GET['no'])) {
header("Location: /index.php");
exit();
}
if(isset($_GET['no'])) {
$id = (int) $_GET['no'];
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `invite` WHERE `id` = '$id' AND `user_id` = '".$user['id']."'"));
if(!empty($row['owner_id'])) {
mysql_query("DELETE FROM `invite` WHERE `id` = '$id'");
header("Location: /index.php");
exit();
}
}
if(isset($_GET['yes'])) {
$id = (int) $_GET['yes'];
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `invite` WHERE `id` = '$id' AND `user_id` = '".$user['id']."'"));
if(!empty($row['owner_id'])) {
mysql_query("UPDATE `user` SET `clan_id` = '".$row['clan_id']."' WHERE `id` = '".$user['id']."'");
mysql_query("DELETE FROM `invite` WHERE `user_id` = '".$user['id']."'");
$text = '<img src="/images/icon/race/'.$user['storona'].'.png" /> <a href="/user/'.$user['id'].'/">'.$user['nick'].'</a> вступил в клан';
mysql_query("INSERT INTO `jr_rekrut` SET `clan_id` = '".$row['clan_id']."', `text` = '$text'");
header("Location: /clan/");
exit();
}
}
header("Location: /index.php");
exit();