Файл: public_html/core/head.php
Строк: 318
<?php
if(isset($user['id']))
{
if ($user['bg'] == 1) {
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>'.$header.'</title><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/bg.css" type="text/css"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/>';
}
if ($user['bg'] == 0) {
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>'.$header.'</title><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/bglenin.css" type="text/css"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/>';
}
if ($user['bg'] == 3) {
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>'.$header.'</title><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/bglenin.css" type="text/css"/><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/lenin.css" type="text/css"/><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/bglenin.css" type="text/css"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/>';
}
} else {
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>'.$header.'</title><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/style.css" type="text/css"/><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/lenin.css" type="text/css"/><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/bglenin.css" type="text/css"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/>';
}
echo '</head><body><div>';
$_detected = false;
if ( isset ( $_GET ) ) {
foreach ( $_GET as $key => $value ) {
if ( ereg( ''|"', $_GET[ $key ] ) ) $_detected = true;
}
}
foreach ($_POST as $key => $value) { if (ereg(''|"', $value)) $hacked = TRUE; }
if ( $_detected == true ) {
print 'SQL inj has detected :-(';
exit;
}
echo '<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>'.$header.'</title><link rel="stylesheet" href="http://'.$set['site'].'/style/theme/style.css" type="text/css"/><link rel="icon" href="/favicon.ico" type="image/x-icon"/></head><body><div>';
$q_gift = mysql_query("SELECT * FROM `user_podarok` WHERE `user_id` = '$user[id]'");
require(H.'sys/classes/AntiHack.class.php'); $lq = new AntiHack;
require_once H. 'sys/classes/AntiHack.class.php';
if($user['ban'] == 1) header('Location: /moduls/ban.php');
//Проверка и удаление вип акк, когда время вышло.
mysql_query("DELETE FROM `vip` WHERE `time` <= '".time()."'");
//////
function ftime($file_time){
if($file_time >= 86400){
$file_time = round((($file_time / 60) / 60) / 24).' д.'; $x=' д.';
}elseif(
$file_time >= 3600){
$file_time = round(($file_time / 60) / 60, 1).' ч.'; $x=' ч.';
}elseif(
$file_time >= 60){
$file_time = round($file_time / 60).' мин.'; $x=' мин.';
}else{
$file_time = ''.round($file_time).''; $x=' сек.';}
$file_time=''.floor($file_time).' '.$x.'';
return $file_time;
}
////////
$gift = mysql_fetch_array($q_gift);
$time = $gift['last_auth'] + 84600;
$now = time();
if(isset($user['id']))
{
$level = file(H."data/exp.txt");
$exp = trim($level[$user['level']*1]);
$nstat = ($user['level']*2);
$exp_gold = ($user['level']*10+10);
$ushp = ($user['health']*2);
$k_new = mysql_result(mysql_query("SELECT COUNT(*) FROM `users_konts` WHERE `id_user` = '".$user[id]."' AND `new_msg`"),0);
if ($time < $now)
echo '<header><img src=/style/theme/img/logotwo.png></header>
<div class="main" style=word-wrap:break-word;>
<div class="head" center onclick=location.href="/index.php">';
$vip = mysql_fetch_assoc(mysql_query("SELECT * FROM `vip` WHERE `usr` = '".$user['nick']."'"));
$vvip = mysql_result(mysql_query("SELECT COUNT(*) FROM `vip` WHERE `usr` = '".$user['nick']."'"),0);
if($vvip){
echo'<img src="/images/icon/ok.png"> VIP '.ftime($vip[time]-time()).'|';
}
echo '
<img src=/images/icon/health.png alt="hp"> ',$ushp,' | <img src=/images/icon/mana.png alt="mp"> ',$user['mana'],'';
if($k_new > 0)echo ' | <a href=/user/new_mess.php><img src=/images/icon/mail.png></a>';
echo '</div>
<div class="rzd"></div>
<div class="exp_bar">
<div class="progress" style=width:',round(100/($exp/($user['exp']+1))),'%></div>
</div>
<div class="rzd"></div>';
}else{
echo'<div class=logo><img src=/style/theme/img/logo.png></div>';
}
if (isset($_SESSION['message'])) {
echo '<div class="ok center"><img src=/images/icon/ok.png> ',$_SESSION['message'],'</div>';
$_SESSION['message']=NULL;
}
if (isset($_SESSION['err'])){
echo '<div class="error center"><img src=/images/icon/error.png> ',$_SESSION['err'],'</div>';
$_SESSION['err']=NULL;
}
if ($_SERVER['PHP_SELF']!='/index.php') {
echo '<div class="player title">',$header,'</div><div class=mini-line></div>';
}
if (isset($user['id']))
{
if (isset($_SESSION['light'])){
echo '<div class="block_light center">',$_SESSION['light'],'</div>';
$_SESSION['light']=NULL;
}
if($user['exp'] >= $exp)
{
mysql_query("update `user` set `level` = '".($user['level']+1)."',`exp`='0',`gold`='".($user['gold']+$exp_gold)."',`health`='".($user['max_health'])."',`mana`='".($user['max_mana'])."',`sila`='".($user['sila']+$nstat)."',`max_health`='".($user['max_health']+$nstat)."',`lovk`='".($user['lovk']+$nstat)."',`zashit`='".($user['zashit']+$nstat)."' where (`id` = '".$user['id']."') LIMIT 1");
header('Location: /index.php');
$_SESSION['light'] = "<span class='quality-4'>Вы получили новый уровень!</span><div class='separ'></div><span class='blue'>Награда:</span> <img src='/images/icon/gold.png' alt=''/> $exp_gold золота<br> + $nstat ко всем параметрам!";
exit();
}
}
?>
<?
ob_start();
list($msec,$sec)
= explode(chr(32), microtime());
$gtime = $sec+$msec;
$_time = 2;
if($user['last_update'] < (time() - $_time)){
mysql_query('UPDATE `user` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
}
if((time() - $user['last_update']) > $_time) {
mysql_query('UPDATE `user` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
if($user['health'] < $user['max_health']) {
$_hp = (((time() - $user['last_update']) / $_time) - 2 );
if($_hp > $user['max_health']) {
$_hp = $user['max_health'] - $user['health'];
}
mysql_query('UPDATE `user` SET `health` = "'.($user['health'] +$_hp ).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['mana'] < $user['max_mana']) {
$_mp = (((time() - $user['last_update']) / $_time) - 4 );
if($_mp > $user['max_mana']) {
$_mp = $user['max_mana'] - $user['mana'];
}
mysql_query('UPDATE `user` SET `mana` = "'.($user['mana'] +$_mp ).'" WHERE `id` = "'.$user['id'].'"');
}
}
function clan_exp($i) {
switch($i) {
case 1:
$clan_exp = 30;
break;
case 2:
$clan_exp = 58;
break;
case 3:
$clan_exp = 111;
break;
case 4:
$clan_exp = 210;
break;
case 5:
$clan_exp = 394;
break;
case 6:
$clan_exp = 732;
break;
case 7:
$clan_exp = 1346;
break;
case 8:
$clan_exp = 2449;
break;
case 9:
$clan_exp = 4408;
break;
case 10:
$clan_exp = 7846;
break;
case 11:
$clan_exp = 13808;
break;
case 12:
$clan_exp = 24025;
break;
case 13:
$clan_exp = 41323;
break;
case 14:
$clan_exp = 70249;
break;
case 15:
$clan_exp = 118018;
break;
case 16:
$clan_exp = 195909;
break;
case 17:
$clan_exp = 321290;
break;
case 18:
$clan_exp = 520489;
break;
case 19:
$clan_exp = 832782;
break;
case 20:
$clan_exp = 1315795;
break;
case 21:
$clan_exp = 2052640;
break;
case 22:
$clan_exp = 3161065;
break;
case 23:
$clan_exp = 4804818;
break;
case 24:
$clan_exp = 7207227;
break;
case 25:
$clan_exp = 10666695;
break;
case 26:
$clan_exp = 15573374;
break;
case 27:
$clan_exp = 22425658;
break;
case 28:
$clan_exp = 31844434;
break;
case 29:
$clan_exp = 44582207;
break;
case 30:
$clan_exp = 61500000;
break;
case 31:
$clan_exp = 83700000;
break;
case 32:
$clan_exp = 112100000;
break;
case 33:
$clan_exp = 148000000;
break;
case 34:
$clan_exp = 192400000;
break;
case 35:
$clan_exp = 246300000;
break;
case 36:
$clan_exp = 310300000;
break;
}
return $clan_exp;
}
if($clan && $clan['level'] < 36 && $clan['exp'] >= clan_exp($clan['level'])) {
mysql_query('UPDATE `clans` SET `level` = `level` + 1,
`exp` = "0" WHERE `id` = "'.$clan['id'].'"');
}
if($clan) {
$clan_msg = mysql_fetch_array(mysql_query('SELECT * FROM `clan_msg` WHERE `clan` = "'.$clan['id'].'" AND `time` >= "'.$clan_memb['time'].'" ORDER BY `time` DESC LIMIT 1'));
if($clan_msg && mysql_result(mysql_query('SELECT COUNT(*) FROM `clan_msg_read` WHERE `msg` = "'.$clan_msg['id'].'" AND `user` = "'.$user['id'].'"'),0) == 0 ) {
$clan_msg_user = mysql_fetch_array(mysql_query('SELECT * FROM `user` WHERE `id` = "'.$clan_msg['user'].'"'));
if($_GET['clan_msg_read'] == true) {
mysql_query('INSERT INTO `clan_msg_read` (`msg`,
`user`) VALUES ("'.$clan_msg['id'].'",
"'.$user['id'].'")');
header('location: '.$_SERVER['PHP_SELF'].'?');
}
?>
<center><player'>
<b>Объявление Ордена!</b><br/>
<?=smiles($clan_msg['text'])?>
<br/>
Отправитель: <img src='/images/icon/user.png' alt='*'/> <?=$clan_msg_user['nick']?><br/>
<div class='separator'></div>
<a href='?clan_msg_read=true'><font color='#909090'>Скрыть</font></a>
</div></center>
<?
}
}
else
{
if(mysql_result(mysql_query('SELECT COUNT(*) FROM `clan_invite` WHERE `user` = "'.$user['id'].'"'),0) > 0) {
$_invite = mysql_fetch_array(mysql_query('SELECT * FROM `clan_invite` WHERE `user` = "'.$user['id'].'"'));
$clan_invite = mysql_fetch_array(mysql_query('SELECT * FROM `clans` WHERE `id` = "'.$_invite['clan'].'"'));
if($_GET['invite'] == $clan_invite['id']) {
mysql_query('INSERT INTO `clan_memb` (`clan`,
`user`,
`time`,
`last_update`) VALUES ("'.$clan_invite['id'].'",
"'.$user['id'].'",
"'.time().'",
"'.(time() + ((60 * 60) * 24)).'")');
mysql_query('DELETE FROM `clan_invite` WHERE `user` = "'.$user['id'].'"');
header('location: /clan/');
exit;
}
if($_GET['cancel_invite'] == true){
mysql_query('DELETE FROM `clan_invite` WHERE `clan` = "'.$clan_invite['id'].'" AND `user` = "'.$user['id'].'"');
header('location: '.$_SERVER['PHP_SELF'].'?');
exit;
}
?>
<center><div class='player'>
<b>Вас приглашают в орден</b><br/><br/>
<table cellpadding='0' cellspacing='0' align='center'>
<tr>
<td><img src='/images/icon/clan/gerb/<?=$clan_invite['gerb']?>.png' alt='*'/></td><td valign='top' style='padding-left: 5px; text-align: left;'>
<img src='/images/icon/clan/<?=$clan_invite['r']?>cl.png' alt='*'/> <a href='/clan/<?=$clan_invite['id']?>/'><?=$clan_invite['name']?></a><br/>
В ордене: <b><?=mysql_result(mysql_query('SELECT COUNT(*) FROM `clan_memb` WHERE `clan` = "'.$clan_invite['id'].'"'),0)?></b> игроков<br/>
Бонус: <font color='#90c090'>+<?=clan_buff($clan_invite['built_1'])?></font> к сумме
</td>
</tr></table>
<div class='separator'></div>
<a href='?invite=<?=$clan_invite['id']?>'<span class='label'>Вступить в орден</a><br/><br/>
<a href='?cancel_invite=true'><font color='#909090'>Отказаться</font></a></center>
</div>
<?
}
}
?>