Файл: vkolhoze.com/msarena/mswaiting.php
Строк: 183
<?php
if(isset($_GET['msact']) && num($_GET['msact'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_application` WHERE `user` = '".num($_GET['msact'])."' AND `type` = '".num(1)."' LIMIT 1"),0)!=0){
$ms = mysql_fetch_array(mysql_query("SELECT * FROM `ms_application` WHERE `user` = '".num($_GET['msact'])."' AND `type` = '".num(1)."' LIMIT 1"));
if(10 >= $msget['jv']){
$text = "У вас мало жизней, должно быть хотя бы 10";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}else{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_ap_start` WHERE `id` = '".$msget['mswaiting']."' LIMIT 1"),0)!=0){
$text = "Вы уже приняли заявку на бой";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsWaiting')."");
exit;
}elseif($ms['act_level'] <= $msget['level']){
$text = '<b>Игрок выбрал ниже уровень чем ваш</b>';
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}elseif(time() >= $ms['act_time']){
$text = "Время заявки вышло.";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}elseif($ms['user'] == $user['id'] || $ms['pers'] == $user['pers']){
$text = "Запрещен бой сам с собой.";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}else{
$times = $time+60;
$ms_type = md5(rand(123,123456));
mysql_query("INSERT INTO `ms_ap_start` SET `url1` = '".$ms_type."', `user_act2` = '".num(1)."', `time_act1` = '".($time+120)."', `user1` = '".num($ms['user'])."', `act_time` = '".$times."', `user2` = '".num($user['id'])."', `time` = '".time()."'");
$msreg = mysql_insert_id();
mysql_query("UPDATE `ms_application` SET `type` = '".num(2)."', `act_user` = '".$user['id']."', `boy_time` = '".(time()+60)."' WHERE `user` = '".num($_GET['msact'])."' AND `type` = '".num(1)."' LIMIT 1");
mysql_query("INSERT INTO `ms_battle` SET `type` = '".$ms_type."', `id_start` = '".$msreg."', `user` = '".$ms['user']."', `user2` = '".$user['user']."'");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".$msreg."' WHERE `user` = '".num($user['id'])."' AND `id` = '".$user['pers']."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".$msreg."' WHERE `user` = '".num($ms['user'])."' AND `id` = '".$ms['pers']."' LIMIT 1");
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".my_esc($ms['user'])."' LIMIT 1");
$msmsg = 'Бой <b>ID:'.$msreg.'</b> начался.<br />
<b>'.user($user['id']).'</b> <img src="theme/msvs.png" alt="" /> <b>'.user($ms['user']).'</b><br />
Время начала боя: ('.vremja($time).')<br />
Удачи вам в бою!';
mysql_query("INSERT INTO `ms_battle_start` SET `idbattle` = '".$msreg."', `type` = '".$msreg."', `user` = '".num($ms['user'])."', `msg` = '".$msmsg."', `time` = '".$time."', `who` = '".num($user['id'])."'");
mysql_query("INSERT INTO `ms_battle_start` SET `idbattle` = '".$msreg."', `type` = '".$msreg."', `user` = '".num($user['id'])."', `msg` = '".$msmsg."', `time` = '".$time."', `who` = '".num($ms['user'])."'");
mysql_query("INSERT INTO `ms_chat` SET `user` = '".num(3)."', `time` = '".$time."', `msg` = '".$msmsg."'");
$msdiablo = mysql_insert_id();
$msencrypt = encrypt($msdiablo);
mysql_query("UPDATE `ms_chat` SET `type` = '".$msencrypt."' WHERE `id` = '".$msdiablo."' LIMIT 1");
$text = "Бой начнется через 1 мин.";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsWaiting')."");
exit;
}
}
}elseif(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_application` WHERE `user` = '".$user['id']."' AND `type` = '".num(1)."' LIMIT 1"),0)!=0){
$msapplication = mysql_fetch_array(mysql_query("SELECT * FROM `ms_application` WHERE `user` = '".$user['id']."' AND `type` = '".num(1)."'"));
if(time() >= $msapplication['act_time']){
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".$user['id']."' AND `type` = '".num(1)."'");
$text = "Время заявки вышло.";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
echo '<div class="board3">';
echo '<b>Арена 1х1 | Ожидание противника</b> '.vremja(time()).'';
echo '</div>';
echo '<div class="board">';
echo 'Время поданной заявки: '.vremja($msapplication['time']).'<br />';
echo 'Время удаления заявки: '.vremja($msapplication['act_time']).'</div>';
echo '<div class="board2">';
echo '<form name="" action="" method="post">
<input type="submit" value="Обновить">
</form>';
echo '</div>';
}elseif(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_ap_start` WHERE `id` = '".$msget['mswaiting']."' LIMIT 1"),0)!=0){
$msapp = mysql_fetch_array(mysql_query("SELECT * FROM `ms_ap_start` WHERE `id` = '".$msget['mswaiting']."'"));
$msapp_user1 = mysql_fetch_array(mysql_query("SELECT * FROM `ms_ap_start` WHERE `id` = '".$msapp['user1']."'"));
$msuser_id1 = mysql_fetch_array(mysql_query("SELECT * FROM `ms_user` WHERE `id` = '".my_esc($msapp['user1'])."'"));
$msuser_id2 = mysql_fetch_array(mysql_query("SELECT * FROM `ms_user` WHERE `id` = '".my_esc($msapp['user2'])."'"));
$msget1 = mysql_fetch_array(mysql_query("SELECT * FROM `ms_pers` WHERE `user` = '".$msuser_id1['id']."' AND `id` = '".num($msuser_id1['pers'])."'"));
$msget2 = mysql_fetch_array(mysql_query("SELECT * FROM `ms_pers` WHERE `user` = '".$msuser_id2['id']."' AND `id` = '".num($msuser_id2['pers'])."'"));
echo '<div class="head">';
echo '<b>Арена 1х1 | Бой начался</b>';
echo '</div>';
if(time() >= $msapp['act_time']){
echo '<div class="board"><center>';
echo '<b>'.user($msapp['user1']).'</b> <img src="theme/msvs.png" alt="" /> <b>'.user($msapp['user2']).'</b>';
echo '</center></div>';
echo '<table><center>';
echo '<tr class="board">';
echo '<td><center>';
echo ''.$msget1['name'].'';
echo '</center></td>';
echo '<td><center>';
echo ''.$msget2['name'].'';
echo '</center></td>';
echo '</tr>';
echo '<tr class="board">';
echo '<td><center>';
echo '- Жизни: '.$msget1['jv'].'<br />
- Атака: '.$msget1['ataka'].'<br />
- Сила: '.$msget1['sila'].'<br />';
echo msuser_exp($msget1['user']);
echo '</center></td>';
echo '<td><center>';
echo '- Жизни: '.$msget2['jv'].'<br />
- Атака: '.$msget2['ataka'].'<br />
- Сила: '.$msget2['sila'].'<br />';
echo msuser_exp($msget2['user']);
echo '</center></td>';
echo '</tr>';
echo '</center></table>';
$user['set'] = 10;
echo '<div class="head">Лог боя</div>';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_battle_log` WHERE `type` = '".num($msget['mswaiting'])."' AND `user` = '".$user['id']."'"),0);
if ($k_post==0)
{
echo '<div class="board2">Пока не кто не ударил</div>';
}
$k_page=k_page($k_post,$user['set']);
$page=page($k_page);
$start=$user['set']*$page-$user['set'];
$q=mysql_query("SELECT * FROM `ms_battle_log` WHERE `type` = '".num($msget['mswaiting'])."' AND `user` = '".$user['id']."' ORDER BY `id` DESC LIMIT $start, $user[set]");
while($post=mysql_fetch_array($q))
{
echo '<div class="board left">';
echo $post['msg']; echo '<br />';
echo '';
echo '</div>';
}
////////////////////////////////////////////////////////////////////////////////////////
if($msapp['user1'] == $user['id'] && $msapp['user_act1'] == 1){
if(time() >= $msapp['time_act2']){
mysql_query("DELETE FROM `ms_battle` WHERE `id_start` = '".$msapp['id']."'");
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".$msapp['user1']."' AND `type` = '".num(2)."'");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user1'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user2'])."' LIMIT 1");
mysql_query("DELETE FROM `ms_ap_start` WHERE `user1` = '".$msapp['user1']."'");
$text1 = 'Время боя вышло.<br />'.user($msapp['user2']).' не ударил вовремя.<br /> Вы выиграли';
$text2 = 'Время боя вышло.<br />Вы не ударили вовремя.<br /> Вы проиграли';
mysql_query("INSERT INTO `ms_battle_log` SET `user` = '".$user['id']."', `msg` = '".$text1."', `type` = '".num($msget['mswaiting'])."', `time` = '".$time."'");
mysql_query("INSERT INTO `ms_battle_log` SET `user` = '".$msapp['user2']."', `msg` = '".$text2."', `type` = '".num($msget['mswaiting'])."', `time` = '".$time."'");
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
echo '<div class="board">';
echo '<b>Ожидание. Пока противник ударит.<br /> '.time_left($msapp['time_act2']-$time).'</b>';
echo '</div>';
}
elseif($msapp['user1'] == $user['id'] && $msapp['user_act1'] == 0){
if(time() >= $msapp['time_act1']){
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".$msapp['user1']."' AND `type` = '".num(2)."'");
mysql_query("DELETE FROM `ms_ap_start` WHERE `user1` = '".$msapp['user1']."'");
mysql_query("DELETE FROM `ms_battle` WHERE `id_start` = '".$msapp['id']."'");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user1'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user2'])."' LIMIT 1");
$text1 = 'Время боя вышло.<br />'.user($msapp['user1']).' Вы пропустили удар.<br /> Вы проиграли.';
$text2 = 'Время боя вышло.<br />Противник не ударили вовремя.<br /> Вы выиграли';
mysql_query("UPDATE `ms_pers` SET `victory` = '".($msget['victory']+num(1))."' WHERE `id` = '".$msget2['id']."' AND `user` = '".$msapp['user2']."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `defeat` = '".($msget['defeat']+num(1))."' WHERE `user` = '".$msapp['user1']."' AND `id` = '".num($msget1['id'])."' LIMIT 1");
mysql_query("INSERT INTO `ms_battle_log` SET `user` = '".$user['id']."', `msg` = '".$text1."', `type` = '".num($msget['mswaiting'])."', `time` = '".$time."'");
mysql_query("INSERT INTO `ms_battle_log` SET `user` = '".$msapp['user2']."', `msg` = '".$text2."', `type` = '".num($msget['mswaiting'])."', `time` = '".$time."'");
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
echo '<div class="board">';
echo '<form name="" action="../LinkListener;Author-MyStyle;MsApplication;Battle:'.$msapp['url1'].'" method="post">';
if($msget['mana'] > 1)echo '<div class="btn"><input class="boxChecked" name="mana" type="checkbox" value="1"> Использовать ману</div>';
echo '<div class="btn">
<img src="theme/msattack.png" alt="" />
<input type="submit" value="Бить противника '.time_left($msapp['time_act1']-$time).'">
</div>
</form>';
echo '</div>';
}
////////////////////////////////////////////////////////////////////////////////////////
if($msapp['user2'] == $user['id'] && $msapp['user_act2'] == 1){
if(time() >= $msapp['time_act1']){
mysql_query("DELETE FROM `ms_battle` WHERE `id_start` = '".$msapp['id']."'");
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".$msapp['user1']."' AND `type` = '".num(2)."'");
mysql_query("DELETE FROM `ms_ap_start` WHERE `user1` = '".$msapp['user1']."'");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user1'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user2'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `victory` = '".($msget['victory']+num(1))."' WHERE `id` = '".$msget1['id']."' AND `user` = '".$msapp['user1']."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `defeat` = '".($msget['defeat']+num(1))."' WHERE `user` = '".$msapp['user2']."' AND `id` = '".num($msget2['id'])."' LIMIT 1");
$text = 'Время боя вышло.<br />'.user($msapp['user1']).' не ударил вовремя.<br /> Вы выиграли';
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
echo '<div class="board">';
echo '<b>Ожидание. Пока противник ударит.<br /> '.time_left($msapp['time_act1']-$time).'</b>';
echo '</div>';
}
elseif($msapp['user2'] == $user['id'] && $msapp['user_act2'] == 0){
if(time() >= $msapp['time_act2']){
mysql_query("DELETE FROM `ms_battle` WHERE `id_start` = '".$msapp['id']."'");
mysql_query("DELETE FROM `ms_application` WHERE `user` = '".$msapp['user1']."' AND `type` = '".num(2)."'");
mysql_query("DELETE FROM `ms_ap_start` WHERE `user1` = '".$msapp['user1']."'");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user1'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `mswaiting` = '".num(0)."' WHERE `user` = '".num($msapp['user2'])."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `victory` = '".($msget['victory']+num(1))."' WHERE `id` = '".$msget1['id']."' AND `user` = '".$msapp['user1']."' LIMIT 1");
mysql_query("UPDATE `ms_pers` SET `defeat` = '".($msget['defeat']+num(1))."' WHERE `user` = '".$msapp['user2']."' AND `id` = '".num($msget2['id'])."' LIMIT 1");
$text = 'Время боя вышло.<br />'.user($msapp['user2']).' Вы пропустили удар.<br /> Вы проиграли';
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
echo '<div class="board">';
echo '<form name="" action="../LinkListener;Author-MyStyle;MsApplication;Battle:'.$msapp['url2'].'" method="post">';
if($msget['mana'] > 1)echo '<div class="btn"><input class="boxChecked" name="mana" type="checkbox" value="1"> Использовать ману</div>';
echo '<div class="btn">
<img src="theme/msattack.png" alt="" />
<input type="submit" value="Бить противника '.time_left($msapp['time_act2']-$time).'">
</div>
</form>';
echo '</div>';
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_box` WHERE `user` = '".num($user['id'])."' AND `pers` = '".my_esc($user['pers'])."'"),0);
$user['set'] = 100;
$k_page=msk_page($k_post,$user['set']);
$page=mspage($k_page);
$start=$user['set']*$page-$user['set'];
echo '<div class="board">';
$qe=mysql_query("SELECT * FROM `ms_box` WHERE `user` = '".num($user['id'])."' AND `pers` = '".my_esc($user['pers'])."' LIMIT $start, $user[set]");
while($msid=mysql_fetch_array($qe)){
$msfall = mysql_fetch_array(mysql_query("SELECT * FROM `ms_fall` WHERE `id` = '".my_esc($msid['id_fall'])."' LIMIT 1"));
$sr = $start+1;
$sr2 = $start+1;
if($msid['id_fall']){
echo msurl('ID-Fall:'.$msid['id'].'', '');
echo '<img class="navig" src="../act/msfall/'.$msfall['img'].'" alt="" />';
echo '</a>';
}else{
echo '<img class="navig" src="../theme/noms.png" alt="" />';
}
$start++;
}
echo '</div>';
////////////////////////////////////////////////////////////////////////////////////////
echo '<div class="board">';
echo '<form name="" action="" method="post">
<input type="submit" value="Обновить">
</form>';
echo '</div>';
}else{
echo '<div class="board">';
echo '<b>'.user($msapp['user1']).'</b> <img src="theme/msvs.png" alt="" /> <b>'.user($msapp['user2']).'</b>';
echo '<br />';
echo '<b>Ожидание боя. Осталось: '.time_left($msapp['act_time']-$time).'</b>';
echo '</div>';
echo '<div class="board">';
echo '<form name="" action="" method="post">
<input type="submit" value="Обновить">
</form>';
echo '</div>';
}
}else{
if($msget['defeat_battle_user'] == 1){
$text = "Вы проиграли противнику";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsBattleLog:Sid:'.$msget['mswaiting'].':See')."");
exit;
}else{
$text = "У вас нет заявки на бой! Либо нет противника.";
$_SESSION['msg'] = $text;
header("Location: ".ms_url('MsApplication')."");
exit;
}
}
?>