Файл: gamele.ru/gameplay/ajax/items_ajax.php
Строк: 58
<?php
session_start();
include($_SERVER["DOCUMENT_ROOT"]."/includes/config.inc.php");
include(DROOT."/includes/functions.php");
$pers = GetUser();
/* Покупаем Вещи */
if($_GET['act'] == '1' && !empty($_GET['ingrc']) && intval($_GET['ingrc']) > 0 && !empty($_GET['id']) && (
($pers['loc'] == '4' && $_GET['id']>=60 && $_GET['id']<=75)) or (($pers['loc'] == '54' && $_GET['id']>=76 && $_GET['id']<=80)) or (($pers['loc'] == '52' && ($_GET['id']>=81 && $_GET['id']<=85) or ($_GET['id']>=1 && $_GET['id']<=3))) or (($pers['loc'] == '57' && $_GET['id']>=86 && $_GET['id']<=93))){
$GetTools = mysql_fetch_assoc(mysql_query("SELECT * FROM `tools` WHERE `id`='".intval($_GET['id'])."'"));
if(!empty($GetTools)){
$GetItems = mysql_fetch_assoc(mysql_query("SELECT * FROM `items` WHERE `id` = '".$GetTools['protype']."'"));
$prarams = explode("|",$GetItems['param']);
foreach ($prarams as $value) {
$stat=explode("@",$value);
switch($stat[0]){
case'2':
$dolg=$stat[1];
break;
}
}
if($GetTools['count'] >= $_GET['ingrc']){
$ForCount = intval($_GET['ingrc']);
}
if($GetTools['count'] < $_GET['ingrc']){
$ForCount = intval($GetTools['count']);
}
if($pers['nv']>=($ForCount*$GetTools['price'])){
for($i=1;$i<=$ForCount;$i++){
mysql_query("INSERT INTO `invent` (`ItemName`,`img`,`protype`,`pl_id`,`dolg`,`price`,`dprice`,`i_param`,`i_need`) VALUES ('".$GetItems['name']."','".$GetItems['gif']."','".$GetItems['id']."','".$pers['id']."','".$dolg."','".$GetItems['price']."','".$GetItems['dprice']."','".$GetItems['param']."','".$GetItems['need']."');");
}
mysql_query("UPDATE `tools` SET `count`='".($GetTools['count']-$ForCount)."' WHERE `id`='".$GetTools['id']."'");
mysql_query("UPDATE `user` SET `nv`='".($pers['nv']-($ForCount*$GetTools['price']))."' WHERE `id`='".$pers['id']."'");
}
}
}
/* Показываем Больничку */
if($pers['loc'] == '4'){
$Query = mysql_query("SELECT * FROM `tools` WHERE `id`>='60' AND `id`<='75'");
$ShowItems = 'ITEMS@';
while($row = mysql_fetch_assoc($Query)){
$ShowItems .= (($pers['nv']>=$row['price'])?(($row['count']>0)?vCode():''):'').'||'.$row['protype'].'|'.$row['id'].'|'.$row['price'].'|'.$row['name'].'|'.$row['desc'].'|'.$row['dolg'].'|'.$row['mass'].'|'.$row['count'].'@';
}
echo substr($ShowItems,0,strlen($ShowItems)-1);
}
if($pers['loc'] == '54'){
$Query = mysql_query("SELECT * FROM `tools` WHERE `id`>='76' AND `id`<='80'");
$ShowItems = 'ITEMS@';
while($row = mysql_fetch_assoc($Query)){
$ShowItems .= (($pers['nv']>=$row['price'])?(($row['count']>0)?vCode():''):'').'||'.$row['protype'].'|'.$row['id'].'|'.$row['price'].'|'.$row['name'].'|'.$row['desc'].'|'.$row['dolg'].'|'.$row['mass'].'|'.$row['count'].'@';
}
echo substr($ShowItems,0,strlen($ShowItems)-1);
}
if($pers['loc'] == '52'){
$Query = mysql_query("SELECT * FROM `tools` WHERE `id`>='81' AND `id`<='85' or `id`>='1' AND `id`<='3'");
$ShowItems = 'ITEMS@';
while($row = mysql_fetch_assoc($Query)){
$ShowItems .= (($pers['nv']>=$row['price'])?(($row['count']>0)?vCode():''):'').'||'.$row['protype'].'|'.$row['id'].'|'.$row['price'].'|'.$row['name'].'|'.$row['desc'].'|'.$row['dolg'].'|'.$row['mass'].'|'.$row['count'].'@';
}
echo substr($ShowItems,0,strlen($ShowItems)-1);
}
if($pers['loc'] == '57'){
$Query = mysql_query("SELECT * FROM `tools` WHERE `id`>='86' AND `id`<='93'");
$ShowItems = 'ITEMS@';
while($row = mysql_fetch_assoc($Query)){
$ShowItems .= (($pers['nv']>=$row['price'])?(($row['count']>0)?vCode():''):'').'||'.$row['protype'].'|'.$row['id'].'|'.$row['price'].'|'.$row['name'].'|'.$row['desc'].'|'.$row['dolg'].'|'.$row['mass'].'|'.$row['count'].'@';
}
echo substr($ShowItems,0,strlen($ShowItems)-1);
}
?>