Файл: gamele.ru/gameplay/ajax/shop_ob_ajax.php
Строк: 56
<?php
session_start();
include($_SERVER["DOCUMENT_ROOT"]."/includes/config.inc.php");
include(DROOT."/includes/functions.php");
$pers = GetUser();
$PersPar = allparam($pers);
/* КАТЕГОРИИ */
if(isset($_GET["type"])){
$_SESSION['mark']=preg_replace('/[^w0-9]/','',$_GET["type"]);
}
if(!empty($_SESSION['mark'])){
$_GET["type"]=$_SESSION['mark'];
}
/* ЗАКОНЧИЛИ */
switch($_GET['act']){
case'Get':
$ShowResult = 'Get';
$query = mysql_query("SELECT * FROM `items` WHERE `dcat`='99' AND `market`='".$pers['loc']."' ORDER BY `".$_SESSION['sorttype']."` ASC");
if(mysql_num_rows($query)>0){
while ($items = mysql_fetch_assoc($query)) {
$ShowResult .= '@'.$items['id'].';'.$items['name'].';'.$items['gif'].';'.$items['count'].';'.$items['price'].';'.$items['slot'].';'.$items['level'].';'.$items['massa'].';'.$items['block'].';'.$items['hand'].';'.preg_replace('/@/',':',$items['param']).';'.preg_replace('/@/',':',$items['need']).';'.$items['desc'];
}
}
break;
case'Buy':
$Buy = mysql_fetch_assoc(mysql_query("SELECT * FROM `items` WHERE `count` > '0' AND `market` = '".$pers['loc']."' AND `id` = '".intval($_GET['id'])."'"));
if(!empty($Buy)){
$ShowResult = 'Buy';
if($Buy['acte'] != 'licenses'){
if($pers['hpv']>=$Buy['price']){
$prarams = explode("|",$Buy['param']);
foreach ($prarams as $value) {
$stat=explode("@",$value);
switch($stat[0]){
case'2':
$dolg=$stat[1];
break;
}
}
mysql_query("INSERT INTO `invent` (`ItemName`,`img`,`protype`,`pl_id`,`dolg`,`price`,`dprice`,`i_param`,`i_need`) VALUES ('".$Buy['name']."','".$Buy['gif']."','".$Buy['id']."','".$pers['id']."','".$dolg."','".$Buy['price']."','".$Buy['dprice']."','".$Buy['param']."','".$Buy['need']."');");
mysql_query("UPDATE `items` SET `count` = count-1 WHERE `id` = '".$Buy['id']."'");
mysql_query("UPDATE `user` SET `hpv` = hpv-".$Buy['price']." WHERE `id` = '".$pers['id']."'");
$ShowResult .= '@Вы успешно купили "'.$Buy['name'].'" за '.$Buy['price'].' DPV@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
}else{
$ShowResult .= '@Нехватает денег!@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
}
}elseif($Buy['acte'] == 'licenses'){
if($pers['hpv']>=$Buy['price']){
$ItemsNeedWarn = 0;
$needs = explode("|",$Buy['need']);
foreach ($needs as $value) {
$stat = explode("@",$value);
if($stat[0] == 72){
$stat[1] = $Buy['level'];
}
switch($stat[0]){
case'34':
$NeedPar[34] = $stat[1];
break;
case'57':
$NeedPar[57]= $stat[1];
break;
case'64':
$NeedPar[64] = $stat[1];
break;
case'72':
$NeedPar[72] = $stat[1];
break;
}
}
$prarams = explode("|",$Buy['param']);
foreach ($prarams as $value) {
$stat=explode("@",$value);
switch($stat[0]){
case'71':
$UsedTime=$stat[1];
break;
}
}
if($NeedPar[34] > $PersPar[34]){
$ShowResult .= '@У вас слишком мало знаний.@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
$ItemsNeedWarn = 1;
}
if($NeedPar[57] > $PersPar[57] and $ItemsNeedWarn == 0){
$ShowResult .= '@Недостаточно навыков торговли@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
$ItemsNeedWarn = 1;
}
if($NeedPar[64] > $PersPar[64] and $ItemsNeedWarn == 0){
$ShowResult .= '@Да вы не доктор чтоб получить лицензию@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
$ItemsNeedWarn = 1;
}
if($NeedPar[72] > $pers['level'] and $ItemsNeedWarn == 0){
$ShowResult .= '@Ваш уровень слишком мал для получения данной лицензии@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
$ItemsNeedWarn = 1;
}
if($ItemsNeedWarn == 0){
mysql_query("INSERT INTO `licens` (`uid`, `lic`, `time`) VALUES ('".$pers['id']."', '".$Buy['num_a']."', '".(($UsedTime*3600)+time())."');");
mysql_query("UPDATE `user` SET `hpv` = hpv-".$Buy['price']." WHERE `id` = '".$pers['id']."'");
mysql_query("UPDATE `items` SET `count` = count-1 WHERE `id` = '".$Buy['id']."'");
$ShowResult .= '@Вы успешно купили "'.$Buy['name'].'" за '.$Buy['price'].' RB@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
}
}else{
$ShowResult .= '@Нехватает денег!@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
}
}
}
break;
case'Options':
$ShowResult = 'Options@'.preg_replace('/[^w0-9]/','',$_GET["type"]);
$_SESSION['min_lev'] = intval($_GET['min_lev']);
$_SESSION['max_lev'] = intval($_GET['max_lev']);
$_SESSION['max_nv'] = intval($_GET['max_nv']);
if($_GET['sorttype'] == '0'){
$_SESSION['sorttype'] = 'price';
}elseif($_GET['sorttype'] == '1'){
$_SESSION['sorttype'] = 'level';
}else{
$_SESSION['sorttype'] = 'price';
}
break;
}
echo $ShowResult;
?>