Файл: hram.php
Строк: 78
<?php
include_once('./inc/head.php');
include_once('./inc/prov.php');
title('Храм');
$profil = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$id_us."'"));
if($uinf['id'] == $profil['id'] or $uinf['adm'] == '1')
$new_msg = mysql_result(mysql_query("SELECT COUNT(*) FROM `ferm_privat` WHERE `komu` = '".$uinf['login']."' and `view` = '1'"), 0);
if($uinf['id'] == $profil['id'] or $uinf['adm'] == '1')
echo '<div class="title"><b>'.$uinf['login'].' <a href="./privat.php?privat=vhod"><img src="http://144.76.127.94/view/image/icons/post.png" height="15" width="15" align="top" alt="ic">'.$new_msg.'</a> | '.$uinf['hp'].'<img src="http://warbk.com/graph/ico/hp.png" width="16" height="16" > | <img src="http://warbk.com/img/lvl.png" width="16" height="16" > '.$uinf['lvl'].'</b> | <b>Золото: </b> '.$uinf['zoloto'].' <img src="./theme/gold.png" height="16" width="16" align="top" alt="ic"> | <b>Рубли: </b> '.$uinf['rub'].' <img src="http://144.76.127.94/view/image/icons/buy_gold.png" height="16" width="16" align="top" alt="ic"></div>';
$hram_var = $_GET['hram'];
switch(htmlspecialchars($hram_var)) {
default;
echo '<div class="menulink">Вещи Богов</div>';
echo '<div class="menulink">Храм</div>';
echo '<div class="menulink"><a href="?hram=magaz&id=1">Шлемы</a></div>';
echo '<div class="menulink"><a href="?hram=magaz&id=4">Панцири</a></div>';
echo '<div class="menulink"><a href="?hram=magaz&id=2">Щиты</a></div>';
echo '<div class="menulink"><a href="?hram=magaz&id=3">Оружие</a></div>';
echo '<div class="menulink"><a href="?hram=magaz&id=5">Поножи</a></div>';
break;
case 'magaz':
echo '<div class="menulink">Вещи Богов</div>';
$or_id = htmlspecialchars($_GET['id']);
$sel_inf = mysql_query("SELECT * FROM `hram_magaz` WHERE `class` = '".$or_id."' ORDER BY `xoru` ASC");
while($sel_i = mysql_fetch_assoc($sel_inf)) {
echo '<div class="user"><img src="'.$sel_i['url'].'" alt="shmot"></div>';
echo '<div class="content">Название: '.$sel_i['name'].'<br/>';
if($or_id == '3') {
echo 'Атака: + '.$sel_i['xoru'].'<br/>';
} else {
echo 'Защита: + '.$sel_i['xoru'].'<br/>';
}
echo 'Цена: '.$sel_i['cena'].' руб <img src="http://warbk.com/graph/ico/money_dea.gif" height="15" width="15" align="top" alt="ic"><br/></div>';
echo '<div class="menulink"><a href="?hram=magaz&buy=ok&id='.$sel_i['id'].'">Купить</a></div>';
}
echo '<div class="menulink"><a href="?hram=magzain">«Назад</a></div>';
if(htmlspecialchars($_GET['buy']) == 'ok') {
$mid = htmlspecialchars($_GET['id']);
$it = mysql_fetch_assoc(mysql_query("SELECT * FROM `hram_magaz` WHERE `id` = '".$mid."'"));
if($uinf['rub']>=$it['cena'] and $uinf['lvl']>=$it['lvl']) {
$babki = $uinf['rub'] - $it['cena'];
$umd = mysql_query("UPDATE `users` SET `rub` = '".$babki."' WHERE `id` = '".$uinf['id']."'");
$in_tov = mysql_query("INSERT INTO `inventar` VALUES(0, '".$it['name']."', '".$it['xoru']."', '".$it['class']."', '".$uinf['id']."', '".$it['url']."', 'off', '0', '".$it['lvl']."')");
$_SESSION['result'] = '<b>Успешно купленно!</b><br/>';
header("Location: http://warbk.com/start.php?start=result");
} else {
$_SESSION['result'] = '<b>Недостаточно денег или низкий уровень!</b><br/>';
header("Location: http://warbk.com/start.php?start=result");
}
}
break;
}
include_once('./inc/foot.php');
?>