Файл: sumerki.mobi/sumerki.mobi/snyat.php
Строк: 85
<?
//////////////////////////////////////////////////////////////
//////////////////////Онлайн игра "Сумерки"///////////////////
//////////////////////Основатель: Mc Laren////////////////////
///////////////////Контакты: ICQ - 597687549//////////////////
/////////////////////Пример: Sumerki.Mobi/////////////////////
///////////Если ты это читаешь, значит скрипт слили :D////////
//////////////////////////////////////////////////////////////
define('PROTECTOR', 1);
$textl='Инвентарь';
include('files/path.php');
include('files/gzips.php');
include($path.'files/db.php');
include($path.'files/auth.php');
include($path.'files/func.php');
going();
include($path.'files/core.php');
include($path.'files/head.php');
include($path.'files/zag.php');
if(empty($_GET[id])){
$req = mysql_query("SELECT * FROM `item` WHERE `usr` = '$log' and `tip`='".mysql_real_escape_string($_GET['tip'])."' and `image`='yes'");
}else{
$req = mysql_query("SELECT * FROM `item` WHERE `usr` = '$log' and `tip`='".mysql_real_escape_string($_GET['tip'])."' and `image`='yes' and `id`='".mysql_real_escape_string($_GET['id'])."'");
}
$avto=mysql_num_rows($req);
if($avto==0){
echo'Ошибка, на вас ничего не одето!';
include($path.'files/down.php');
include($path.'files/meny.php');
exit;
}
$mag = mysql_fetch_array($req);
$numin=$udata[umin]-$mag[umin];
$numax=$udata[umax]-$mag[umax];
$npgolova=$udata[pgolova]-$mag[pgolova];
$npbody=$udata[pbody]-$mag[pbody];
$npnogi=$udata[pnogi]-$mag[pnogi];
$nhp=$udata[hpall]-$mag[hp];
$nmp=$udata[mpall]-$mag[mp];
$nkrit=$udata[krit]-$mag[krit];
$nukrit=$udata[ukrit]-$mag[ukrit];
$nsila=$udata[sila]-$mag[sila];
$nlovk=$udata[lovk]-$mag[lovk];
$nprot=$udata[prot]-$mag[prot];
$num=$udata[um]-$mag[um];
$nanti=$udata[antikrit]-$mag[antikrit];
mysql_query("UPDATE `users` SET
`umin` = '$numin',
`umax` = '$numax',
`pgolova` = '$npgolova',
`pbody` = '$npbody',
`pnogi` = '$npnogi',
`hpall` = '$nhp',
`mpall` = '$nmp',
`krit` = '$nkrit',
`ukrit` = '$nukrit',
`antikrit` = '$nanti',
`sila` = '$nsila',
`lovk` = '$nlovk',
`um` = '$num',
`prot` = '$nprot'
WHERE usr = '$log'");
if(empty($_GET[id])){
$w=explode("*",$mag[name]);
mysql_query("UPDATE item SET image = 'not' WHERE `usr` = '$log' and `tip`='".mysql_real_escape_string($_GET['tip'])."' and `image`='yes'");
}else{
mysql_query("UPDATE item SET image = 'not' WHERE `usr` = '$log' and `tip`='".mysql_real_escape_string($_GET['tip'])."' and `image`='yes' and `id`='".mysql_real_escape_string($_GET['id'])."'");
}
echo"Вы сняли $mag[name]!<br/>";
include($path.'files/down.php');
include($path.'files/meny.php');
?>