Файл: colxoz.ru/exchange.php
Строк: 142
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
switch($_GET['action']) {
default:
$msg = htmlspecialchars($_GET['msg']);
if ($msg == 1)$msg = '<center><font color="#3C3">Вы успешно обменяли валюту!</font></center>';
else if ($msg == 2)$msg = '<font color="#c06060">Обмен не удался</font>';
else $msg = '';
$title = 'Обменник';
include './system/h.php';
$exchange = mysql_fetch_array(mysql_query('SELECT * FROM `exchange` WHERE `user_id` = '.$user['id'].''));
if (!$exchange)mysql_query('INSERT INTO `exchange` (`user_id`,`count`,`time`) VALUES ('.$user['id'].',"0",'.time().')');
if (time()-$exchange['time']>=86400){
mysql_query('UPDATE exchange set count = 0 where user_id = '.$user['id'].'');
header('location: /exchange.php');
break;
}
?>
<div class='title'><?=$title?></div>
<div class='line'></div><center>
<?echo $msg;?>
</center><div class='line'></div>
<div class='content' align='center'>
<img src="/images/gold/-4.png">
</div>
<div class='line'></div>
<div class='content' align='center'>
Обмен: <img src="/images/icon/silver.png"> Серебро на <img src="/images/icon/gold.png"> Золото
</div>
<div class='line'></div>
<div class='content' align='center'>
Доступно золота к обмену: <? echo ($user['level']-$exchange['count']); ?> из <? echo $user['level']; ?>
</div>
<div class='line'></div>
<div class='menu'>
<div class='list'>
<? if ($exchange['count']>=$user['level'] or $user['s']<500) {?>
<li><a href='' style='display: block;'>Лимит исчерпан или недостаточно монет</a></li>
<?} if (($user['level']-$exchange['count'])>=1) {?>
<li><a href='/exchange.php?action=exchange&exc=gold&count=1' style='display: block;'><img src='/images/icon/gold.png' alt='*'/> Обменять <img src="/images/icon/silver.png"> 500 -> <img src="/images/icon/gold.png"> 1</a></li>
<?} if (($user['level']-$exchange['count'])>=5) {?>
<li><a href='/exchange.php?action=exchange&exc=gold&count=5' style='display: block;'><img src='/images/icon/gold.png' alt='*'/> Обменять <img src="/images/icon/silver.png"> 2,500 -> <img src="/images/icon/gold.png"> 5</a></li>
<? }?>
<div class='line'></div>
<div class='content' align='center'>
Купить <img src="/images/icon/silver.png"> Серебро
</div>
<div class='line'></div>
<? if ($user['g']<=0) {?>
<li><a href='' style='display: block;'>Недостаточно золотых монет</a></li>
<?} if ($user['g']>=1) {?>
<li><a href='/exchange.php?action=exchange&exc=silver&count=1' style='display: block;'><img src='/images/icon/gold.png' alt='*'/> Купить <img src="/images/icon/silver.png"> 500 за <img src="/images/icon/gold.png"> 1</a></li>
<?} if ($user['g']>=5) {?>
<li><a href='/exchange.php?action=exchange&exc=silver&count=5' style='display: block;'><img src='/images/icon/gold.png' alt='*'/> Купить <img src="/images/icon/silver.png"> 2,500 за <img src="/images/icon/gold.png"> 5</a></li>
<? }?>
</div>
</div>
<?
include './system/f.php';
break;
case 'exchange':
$title = 'Обменник';
include './system/h.php';
$exc = htmlspecialchars($_GET['exc']);
$count = htmlspecialchars($_GET['count']);
$exchange = mysql_fetch_array(mysql_query('SELECT * FROM `exchange` WHERE `user_id` = '.$user['id'].''));
if($count<0 or $count >100){ header('location: /exchange.php?msg=2');break;}
$silver = $count * 500;
if ($exc == 'gold'){
if (($user['level']-$exchange['count'])<$count){header('location: /exchange.php?msg=2');break;}
if ($user['s']<$silver){header('location: /exchange.php?msg=2');break;}
mysql_query('UPDATE users set g = g + '.$count.' , s = s - '.$silver.' where id = '.$user['id'].'');
mysql_query('UPDATE exchange set count = count + '.$count.', time = '.time().' where user_id = '.$user['id'].'');
header('location: /exchange.php?msg=1');
}
else if ($exc == 'silver'){
if ($user['g']<$count){header('location: /exchange.php?msg=2');break;}
mysql_query('UPDATE users set g = g - '.$count.' , s = s + '.$silver.' where id = '.$user['id'].'');
header('location: /exchange.php?msg=1');
}
else header('location: /exchange.php?msg=2');
include './system/f.php';
break;
}
?>