Файл: vkolhoze.com/inc/backpack.php
Строк: 57
<?
require_header ('Рюкзак');
$back = mysql_num_rows(mysql_query("SELECT * FROM `mspit` WHERE `user` = '".$ku['id']."'"));
echo '<div class="block">';
if(isset($_GET['dress']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mspit` WHERE `id` = '".intval($_GET['dress'])."' && `user` = '".$ku['id']."'"),0)==1)
{
$dress = mysql_fetch_array(mysql_query("SELECT * FROM `mspit` WHERE `id` = '".intval($_GET['dress'])."'"));
$dre = mysql_query("SELECT * FROM `mspit` WHERE `value` = '".$dress['value']."' AND `action` = '1' AND `user` = '".$ku['id']."'");
$dresses = mysql_num_rows($dre);
$dressed = mysql_fetch_array($dre);
if($dresses > 0){mysql_query("UPDATE `mspit` SET `action` = '0' WHERE `id` = '".$dressed['id']."'");}
if($dress['action'] == 0){mysql_query("UPDATE `mspit` SET `action` = '1' WHERE `id` = '".intval($_GET['dress'])."'");
mysql_query("UPDATE `mspit_user` SET `ms".$dress['value']."` = '".$dress['id_wmot']."' WHERE `user` = '".$ku['id']."'");}
if($dress['action'] == 1){mysql_query("UPDATE `mspit` SET `action` = '0' WHERE `id` = '".intval($_GET['dress'])."'");
mysql_query("UPDATE `mspit_user` SET `ms".$dress['value']."` = '0' WHERE `user` = '".$ku['id']."'");}
header("Location:?backpack");
}
if(isset($_GET['sell']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mspit` WHERE `id` = '".intval($_GET['sell'])."' && `user` = '".$ku['id']."'"),0)==1)
{
$dress = mysql_fetch_array(mysql_query("SELECT * FROM `mspit` WHERE `id` = '".intval($_GET['sell'])."'"));
$seller = mysql_fetch_array(mysql_query("SELECT * FROM `shop2` WHERE `id` = '".$dress['id_wmot']."'"));
$sell = floor($seller['cost']/100*40);
mysql_query("DELETE FROM `mspit` WHERE `id` = '".intval($_GET['sell'])."'");
mysql_query("UPDATE `kolhoz_user` SET `rubies` = `rubies` + '".$sell."' WHERE `id` = '".$ku['id']."'");
}
if($back == '0')echo 'Пусто, но вы можете <a href="?shoping">приобрести</a> себе вещи';
else
echo '<hr color="green">';
$k_page=k_page($back,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$backpack = mysql_query("SELECT * FROM `mspit` WHERE `user` = '".$ku['id']."' LIMIT $start, $set[p_str]");
while($rew = mysql_fetch_array($backpack))
{
$q = mysql_fetch_array(mysql_query("SELECT * FROM `shop2` WHERE `id` = '".$rew['id_wmot']."'"));
echo '<img width="50" height="50" src="/images/shop/'.$rew['id_wmot'].'.png" class="portrait"> '.$q['name'].'<div class="small minor">';
echo "<li class='pt'><img src='/images/icons/sword.png'>: <span class='title'>",$rew['attack']," </span> |
<img src='/images/icons/shield.png'>: <span class='title'>", $rew['defense'],"</span> | <img src='/images/icons/heart.png'>:
<span class='title'>", $rew['health'], "</span> | <img width='16' height='16' src='/images/icons/crit.png'>: <span class='title'>",
$rew['critical'],"% </span></div><hr color='green'>";
echo '<table width="100%"><th width="50%"><center><a href="?backpack&dress='.$rew['id'].'"><div class="knopka1">
<span class="title">'.($rew['action']==0?"Одеть":"Снять").'</span></div></a></center></th><th width="50%"><center><a href="?backpack&sell='.$rew['id'].'">
<div class="knopka1"><span class="title">Продать</span></div></a></center></th></table><hr color="green">';
}
if($k_page>1)str("?backpack&",$k_page,$page);
echo '<a class="loc" href="?pvp"><img src="/images/icons/sword.png"> PvP Бои</a>';
echo '</div>';
include_once 'inc/foot.php';
?>