Файл: vitaliy_nosov/public_html/game/rukzak.php
Строк: 91
<?php
require ('../config/func.php');
$title = 'Инвентарь';
require ('../config/header.php');
auth();
switch(htmlspecialchars($_GET['act'])) {
default;
?>
<div class="list"><li><a href="/pers/shmot/helmets/"><img src="/style/home.png"> Шлемы</a></li><li><a href="/pers/shmot/bow/"><img src="/style/home.png"> Луки</a></li><li><a href="/pers/shmot/boards/"><img src="/style/home.png"> Щиты</a></li><li><a href="/pers/shmot/weapon/"><img src="/style/home.png"> Оружие</a></li><li><a href="/pers/shmot/armor/"><img src="/style/home.png"> Доспехи</a></li><li><a href="/pers/shmot/shoes/"><img src="/style/home.png"> Обувь</a></li>
</div><?
break;
case 'my':
?><?
$id = abs(intval($_GET['id']));
$max = 5;
$k_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `inventar` WHERE `id_user` = '".$user['id']."' and `class` = '".$id."'"),0);
$k_page = k_page($k_post,$max);
$page = page($k_page);
$start = $max*$page-$max;
if($k_post == '0'){
?><div class="block center"> Пусто</div><?
}
$q = mysql_query("SELECT * FROM `inventar` WHERE `class` = '".$id."' and `id_user` = '".$user['id']."' ORDER BY `level` DESC LIMIT $start, $max");
while($shmot = mysql_fetch_assoc($q)) {
?><div class="block"><img src="/<?=$shmot['img'];?>" alt="<?=$shmot['name'];?>" height="40"><?=$shmot['name'];?><br/><?
if($shmot['sila'] != 0) {
?><img src="/style/sila.png"> Сила: + <?=$shmot['sila'];?><br/><?
}
if($shmot['lovk'] != 0){
?><img src="/style/lovk.png"> Ловкость: + <?=$shmot['lovk'];?></br><?
}
if($shmot['def'] != 0){
?><img src="/style/zahita.png"> Защита: + <?=$shmot['def'];?> </br><?
}
if($shmot['hp'] != 0){
?><img src="/style/health.png"> Здоровье: + <?=$shmot['hp'];?></br><?
}
if($shmot['status'] == 'off'){
?><br><center><a class="button_on" href="/pers/shmot/drop/<?=$shmot['id'];?>/">Выбросить</a></center><?
}
?></div><?
if($shmot['status'] == 'off') {
?><div class="block center"><span class="button_on"><a class="button_on" href="/pers/shmot/?act=wear&id=<?=$shmot['id'];?>">Надеть</a></span></div><?
}else{
?><div class="block center"><span class="button_on"><a class="button_on" href="/pers/shmot/?act=shoot&id=<?=$shmot['id'];?>">Снять</a></span></div><?
}
}
if($k_page > 1){
echo str('?',$k_page,$page);
}
break;
case 'drop':
$id = abs(intval($_GET['id']));
$sh = mysql_fetch_assoc(mysql_query("select * from `inventar` where `id` = '".$id."'"));
if($sh['id_user'] != $user['id'] || $sh['status'] == 'on'){
header('Location: /game/');
exit;
}
mysql_query("DELETE FROM `inventar` where `id` = '".$id."'");
$_SESSION['notif'] = 'Вы выбросили «'.$sh['name'].'»';
header('Location: /pers/shmot/');
exit;
break;
case 'wear':
if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `inventar` WHERE `id` = '".intval($_GET['id'])."' and `id_user` = '".$user['id']."'"),0) == true){
$shmot = mysql_fetch_assoc(mysql_query("SELECT * FROM `inventar` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
header('Location: /pers/shmot/');
exit;
}
if($shmot['status'] == 'on') $err = 'Вещь уже надета';
if($shmot['level'] > $user['level']) $err = 'Что бы надеть эту вещь нужен '.$shmot['level'].' уровень';
$check = mysql_result(mysql_query("select * from `inventar` where `class` = '".$shmot['class']."' and `id_user` = '".$user['id']."' and `status` = 'on'"),0);
if($check > 0) $err = 'На вас уже надета вещь такого типа';
if(!isset($err)){
mysql_query("update `inventar` set `status` = 'on' where `id` = '".$shmot['id']."'");
mysql_query("update `user` set `sh_sila` = '".($user['sh_sila'] + $shmot['sila'])."', `sh_lovk` = '".($user['sh_lovk'] + $shmot['lovk'])."', `sh_def` = '".($user['sh_def'] + $shmot['def'])."', `max_hp` = '".($user['max_hp'] + $shmot['hp'])."' where `id` = '".$user['id']."'");
$_SESSION['notif'] = 'Вы одели «'.$shmot['name'].'»';
header('Location: '.$_SERVER['HTTP_REFERER'].'');
exit;
}else{
$_SESSION['notif'] = $err;
header('Location: '.$_SERVER['HTTP_REFERER'].'');
exit;
}
break;
case 'shoot':
if(isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `inventar` WHERE `id` = '".intval($_GET['id'])."' and `id_user` = '".$user['id']."'"),0) == true){
$shmot = mysql_fetch_assoc(mysql_query("SELECT * FROM `inventar` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
header('Location: /pers/shmot/');
exit;
}
if($shmot['status'] == 'off') $err = 'Вещь уже снята';
if(!isset($err)){
mysql_query("update `inventar` set `status` = 'off' where `id` = '".$shmot['id']."'");
mysql_query("update `user` set `sh_sila` = '".($user['sh_sila'] - $shmot['sila'])."', `sh_lovk` = '".($user['sh_lovk'] - $shmot['lovk'])."', `sh_def` = '".($user['sh_def'] - $shmot['def'])."', `max_hp` = '".($user['max_hp'] - $shmot['hp'])."' where `id` = '".$user['id']."'");
$_SESSION['notif'] = 'Вы сняли «'.$shmot['name'].'»';
header('Location: '.$_SERVER['HTTP_REFERER'].'');
exit;
}else{
$_SESSION['notif'] = $err;
header('Location: '.$_SERVER['HTTP_REFERER'].'');
exit;
}
}
require ('../config/footer.php');
?>