Файл: gamele.ru/gameplay/ajax/build_ajax.php
Строк: 138
<?php
session_start();
include($_SERVER["DOCUMENT_ROOT"]."/includes/config.inc.php");
include(DROOT."/includes/functions.php");
$pers = GetUser();
function UserInfo($uid){
$user = mysql_fetch_array(mysql_query("SELECT `login`,`level`,`sklon`,`clan`,`clan_d`,`clan_gif` FROM `user` WHERE `id`='".$uid."'"));
return'["user","'.$user['login'].'",'.$user['level'].','.$user['sklon'].',"'.(($user['clan_gif']=='admin.gif')?'':$user['clan_gif']).'","'.$user['clan'].'","'.(($user['clan_d']=='chaos.gif')?'':$user['clan_gif']).'"]';
}
function ClanInfo($cid){
$clan = mysql_fetch_array(mysql_query("SELECT `clan_sclon`,`clan_gif`,`clan_name` FROM `clans` WHERE `clan_id`='".$cid."'"));
return'["clan","'.$clan['clan_sclon'].'","'.$clan['clan_gif'].'","'.$clan['clan_name'].'"]';
}
$query = mysql_query("SELECT * FROM `buildings` WHERE `pos` = '".$pers['pos']."'");
if(mysql_num_rows($query)>0){
switch($_GET['act']){
case '1':
echo'BD@[""]@[0,[';
$buildings = '';
while($row = mysql_fetch_array($query)){
$buildings .= '['.$row['id'].',"'.$row['text'].'",'.(($row['cid']!='none')?ClanInfo($row['cid']):UserInfo($row['uid'])).',"'.$row['zp'].'"],';
}
echo substr($buildings,0,strlen($buildings)-1);
echo'],"'.vCode().'"]';
break;
case '2':
$buildings = mysql_fetch_array(mysql_query("SELECT * FROM `buildings` WHERE `pos` = '".$pers['pos']."' AND `id`='".intval($_GET['id'])."'"));
$Resources = mysql_fetch_assoc(mysql_query("SELECT * FROM `buildings_resources` WHERE `bid`='".$buildings['id']."' AND `resType`='made'"));
echo'BD@[""]@[1,['.$buildings['id'].',"'.$buildings['text'].'",'.(($buildings['cid']!='none')?ClanInfo($buildings['cid']):UserInfo($buildings['uid'])).',"'.$buildings['zp'].'","'.$buildings['balance'].'","'.$buildings['jobs'].'",[';
$users = '';
$query = mysql_query("SELECT `login`,`level`,`sklon`,`clan`,`clan_d`,`clan_gif` FROM `user` WHERE `ProTime` > '".time()."' AND `ProBuild`='".$buildings['id']."'");
while($row = mysql_fetch_assoc($query)){
$users .= '["","'.$row['login'].'",'.$row['level'].','.$row['sklon'].',"'.(($row['clan_gif']=='admin.gif')?'':$row['clan_gif']).'","'.$row['clan'].'","'.(($row['clan_d']=='admin.gif')?'':$row['clan_gif']).'"],';
}
echo substr($users,0,strlen($users)-1);
echo'],["'.$Resources['res_name'].'",'.$Resources['count_hour'].','.$Resources['count'].',"'.$Resources['mass'].'","'.$Resources['price'].'","'.((intval($pers['nv']/$Resources['price'])>$Resources['count'])?$Resources['count']:intval($pers['nv']/$Resources['price'])).'"],[';
$Resources = '';
$query = mysql_query("SELECT * FROM `buildings_resources` WHERE `bid`='".$buildings['id']."' AND `resType`='need'");
while($row = mysql_fetch_assoc($query)){
$Resources .= '["'.$row['res_name'].'",'.$row['count_hour'].','.$row['count'].',"'.$row['mass'].'","'.$row['price'].'"],';
}
echo substr($Resources,0,strlen($Resources)-1);
echo']],"'.vCode().'"]';
break;
case '3':
$Error = 0;
$buildings = mysql_fetch_array(mysql_query("SELECT * FROM `buildings` WHERE `pos` = '".$pers['pos']."' AND `id`='".intval($_GET['bid'])."'"));
if(!isset($_SESSION['captcha_keystring']) or $_SESSION['captcha_keystring'] != $_GET['code']){
echo'BD@["Не верно введён проверочный код."]@[0]';
$Error = 1;
}
unset($_SESSION['captcha_keystring']);
if($Error == 0 and $pers['ProTime']>time()){
echo'BD@["Вы еще не отработали в предыдущем месте."]@[0]';
$Error = 1;
}
if($Error == 0 and empty($buildings)){
echo'BD@["Нет такого здания на этой локации."]@[0]';
$Error = 1;
}
if($Error == 0 and mysql_num_rows(mysql_query("SELECT `id` FROM `user` WHERE `ProTime` > '".time()."' AND `ProBuild`='".$buildings['id']."'")) >= $buildings['jobs']){
echo'BD@["Все рабочие места заняты."]@[0]';
$Error = 1;
}
if($Error == 0){
echo'BD@["Вы успешно устроились на работу."]@[0]';
mysql_query("UPDATE `user` SET `ProTime`='".(time()+3600)."',`ProBuild`='".$buildings['id']."' WHERE `id`='".$pers['id']."'");
chmsg("<font class=chattime> ".date("H:i:s")." </font> <font color=000000><b><font color=#CC0000>Системная информация</font></b>:</font> Вы удачно устроились на работу, з.п. вы получите сразу по окончанию работы.</font>",$pers['login']);
}
break;
}
}else{
echo'BD@["Построек ещё нет."]@[0]';
}
?>