Файл: ok.php
Строк: 82
<?
define('PROTECTOR', 1);
@include('files/path.php');
@include($path.'files/db.php');
@include($path.'files/auth.php');
@include($path.'files/func.php');
ryd();
@include($path.'files/core.php');
$time=time();
////////////////////////////////////////////////////////
if ($user_id==1){
///////////////
$id = htmlspecialchars(addslashes(stripslashes($_GET['id'])));
if(empty($_GET[k])){
/////////////////////////////////////////////////////
$req = mysql_query("SELECT * FROM `boss` WHERE `id`='$id' LIMIT 1");
////////////////////////////
if (mysql_num_rows($req)==0){
$textl='Битва';
@include($path.'files/head.php');
@include($path.'files/zag.php');
echo"Такого босса не существует.";
include($path.'files/down.php');exit;}
/////////////////////////////
$mob = mysql_fetch_array($req);
$timer=time()-2400;
$hp=mysql_query("SELECT * FROM `temp` WHERE `id` = '$id' and `user`='$log' and `hp`>'0' LIMIT 1");
$temp = mysql_query("SELECT * FROM `temp` WHERE `id` = '$id' and `user`='$log' and `status`='die' and `ltime`>'$timer' LIMIT 1");
$avtot=mysql_num_rows($temp);
$hpo=mysql_num_rows($hp);
if($avtot>>0){header ('Location: boss.php?mod=info&id=$id');exit; }
if($mob['status']=='off'){header ('Location: boss.php?vremya=ok&id=$id');exit; }
$max=$udata[lvl]+5;
$min=$udata[lvl]-9;
if($mob[lvl]>$max){header ('Location: boss.php?mod=info&id=$id'); exit;}
elseif($mob[lvl]<$min){header ('Location: boss.php?mod=info&id=$id'); exit;}
if($hpo==0){
mysql_query("INSERT INTO
`temp` SET
`id` = '$mob[id]',
`name` = '$mob[name]',
`lvl` = '$mob[lvl]',
`hp` = '$mob[hp]',
`hpall` = '$mob[hp]',
`uron` = '$mob[uron]',
`prot` = '$mob[prot]',
`krit` = '$mob[krit]',
`ukrit` = '$mob[ukrit]',
`lovk` = '$mob[lovk]',
`money` = '$mob[money]',
`exp` = '$mob[exp]',
`tip` = '$mob[tip]',
`oponent` = '0',
`image` = '$mob[image]',
`status` = 'on',
`drop` = '$mob[drop]',
`user` = '$log',
`ltime` = '$time'") or die (mysql_error());}
mysql_query("INSERT INTO `tmp` SET `usr` = '$log',`mob` = '$id',`ltime`='$time'");
$timer=time()+300;
del_log($lpl='battle');
mysql_query("INSERT INTO log SET usr='$log',text='$log против $mob[name]! Бой начался!',kto='system',place='battle',timer='$timer'");
header ('Location: battle.php?');exit;
}elseif($_GET['k']=='pk'){
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$_GET[id]'");
////////////////////////////
$avto=mysql_num_rows($req);
if($avto=="0"){
$textl='Битва';
include($path.'files/head.php');
include($path.'files/zag.php');
echo'Нет такого игрока!';
include($path.'files/down.php');exit;
}
$pk = mysql_fetch_assoc($req);
$req = mysql_query("SELECT * FROM `pk` WHERE `usr` = '$pk[usr]' LIMIT 1");
$avto=mysql_num_rows($req);
if($avto>="1"){
$textl='Битва';
include($path.'files/head.php');
include($path.'files/zag.php');
echo'Игрок уже в бою!';
include($path.'files/down.php');exit;
}
$reqtmp = mysql_query("SELECT * FROM `tmp` WHERE `usr` = '$pk[usr]' LIMIT 1");
if (mysql_num_rows($reqtmp)>=1){
$textl='Битва';
include($path.'files/head.php');
include($path.'files/zag.php');
echo'Игрок уже в бою!';
include($path.'files/down.php');exit;
}
$req = mysql_query("SELECT * FROM `mesto` WHERE `usr` = '$pk[usr]'");
$mpk = mysql_fetch_assoc($req);
$req = mysql_query("SELECT * FROM `mesto` WHERE `usr` = '$log'");
$mypk = mysql_fetch_assoc($req);
if(($udata[lvl]-$pk[lvl])>=3){
$textl='Битва';
include($path.'files/head.php');
include($path.'files/zag.php');
echo'На слабых нельзя нападать!';
include($path.'files/down.php');exit;
}
$timeout = time() - 150;
$asd = mysql_num_rows(mysql_query("SELECT laikas, usr FROM online WHERE laikas > '$timeout' AND usr='$pk[usr]'"));
////////////////////////////
if($asd=='0'){
$textl='Битва';
include($path.'files/head.php');
include($path.'files/zag.php');
echo'Этот игрок offline!';
include($path.'files/down.php');exit;
}
if($mpk['city']=='0' or $mpk['city']!=$mypk['city'] or $pk['hp']<='0' or $mpk['x']!=$mypk['x'] or $mpk['y']!=$mypk['y'] or $mpk['towers']!=$mypk['towers']){
$textl='Битва';
require_once'files/head.php';
require_once'files/zag.php';
echo'Нельзя напасть!';
include($path.'files/down.php');exit;
}
mysql_query("INSERT INTO
`pk` SET `usr` = '$log',
`enemy` = '$pk[usr]',
`napal` = '1',
`xod` = 'not',
`ltime`='$time'");
mysql_query("INSERT INTO
`pk` SET `usr` = '$pk[usr]',
`enemy` = '$log',
`xod` = 'not',
`ltime`='$time'");
del_log($lpl='pk');
$timer=time()+300;
mysql_query("INSERT INTO log SET usr='$log',text='$log против $pk[usr]!Бой начался!',kto='system',place='pk',timer='$timer'");
mysql_query("INSERT INTO log SET usr='$pk[usr]',text='$log против $pk[usr]!Бой начался!',place='pk',timer='$timer'");
header ('Location: pk.php?');exit;
}else{
echo'Ошибка!';
@include($path.'files/down.php');exit;}
}else
{
echo 'Ошибка!Вы не авторизованы!<a href="index.php">Авторизуйтесь</a>';require_once 'files/end.php';exit;
}
?>