Файл: gamele.ru/gameplay/ajax/dhouse_ajax.php
Строк: 25
<?php
session_start();
include($_SERVER["DOCUMENT_ROOT"]."/includes/config.inc.php");
include(DROOT."/includes/functions.php");
$pers = GetUser();
$img = '';
switch($_GET['act']){
case'Get':
$ShowResult = 'Get';
$query = mysql_query("SELECT * FROM `items` WHERE `dcat` = '99' AND `market` = '".$pers['loc']."' ORDER BY `id` ASC");
if(mysql_num_rows($query)>0){
while ($items = mysql_fetch_assoc($query)) {
$ShowResult .= '@'.$items['id'].';'.$items['name'].';'.(($items['gif'] == 'i_mag_003.gif')?'B':'').$items['gif'].';'.$items['count'].';'.$items['price'].';'.$items['slot'].';'.$items['level'].';'.$items['massa'].';'.$items['block'].';'.$items['hand'].';'.$items['dprice'].';'.preg_replace('/@/',':',$items['param']).';'.preg_replace('/@/',':',$items['need']).'';
}
}
break;
case'Buy':
$Buy = mysql_fetch_assoc(mysql_query("SELECT * FROM `items` WHERE `market` = '".$pers['loc']."' AND `id` = '".intval($_GET['id'])."'"));
if(!empty($Buy)){
$ShowResult = 'Buy';
if($pers['dnv']>=$Buy['dprice']){
$prarams = explode("|",$Buy['param']);
foreach ($prarams as $value) {
$stat=explode("@",$value);
switch($stat[0]){
case'2':
$dolg=$stat[1];
break;
}
}
mysql_query("INSERT INTO `invent` (`ItemName`,`img`,`protype`,`pl_id`,`dolg`,`price`,`dprice`,`i_param`,`i_need`) VALUES ('".$Buy['name']."','".$Buy['gif']."','".$Buy['id']."','".$pers['id']."','".$dolg."','".$Buy['price']."','".$Buy['dprice']."','".$Buy['param']."','".$Buy['need']."');");
mysql_query("UPDATE `user` SET dnv = `dnv`-".$Buy['dprice']." WHERE `id` = '".$pers['id']."'");
$ShowResult .= '@Вы успешно купили "'.$Buy['name'].'" за '.$Buy['dprice'].' HR@';
}else{
$ShowResult .= '@Нехватает денег!@';
}
}
break;
}
echo $ShowResult;
?>