Файл: impwar.tk/acceptinv.php
Строк: 91
<?php
require_once('conf/dbc.php');
require_once('conf/session_start.php');
require_once('conf/ban.php');
if ((!isset($_SESSION['id'])) or (!isset($_SESSION['nick']))) {
?>
<script type="text/javascript">
document.location.href = "reg.php?err_login=1";
</script>
<?php
exit();
}
$user_id = abs(intval($_SESSION['id']));
$acc = abs(intval($_GET['acc']));
///////Пустой ли ответ
if (empty($acc)) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$user_id";?>";
</script>
<?php
exit();
}
///////////////////////////
$query_inv = "select id, user_id_in, clan_name, clan_id, id_in from in_clan where user_id = '$user_id'";
$result_inv = mysqli_query($dbc, $query_inv) or die ('Ошибка передачи запроса к БД');
$row_inv = mysqli_fetch_array($result_inv);
$user_id_in = $row_inv['user_id_in'];
$clan_name = $row_inv['clan_name'];
$clan_id = $row_inv['clan_id'];
$zapis_id = $row_inv['id'];
$id_in = $row_inv['id_in'];
$count_inv = mysqli_num_rows($result_inv);
//////////////Если заявок нет
if (empty($count_inv)) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$user_id";?>";
</script>
<?php
exit();
}
/////////////////////////////
//////////////Существует ли клан
$query = "select * from clans where clan_id = '$clan_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$count_clan = mysqli_num_rows($result);
$row = mysqli_fetch_array($result);
$people = $row['people'];
if (empty($count_clan)) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$user_id";?>";
</script>
<?php
exit();
}
////////////////////////////////
//////Проверка на макс количество игроков о отряде
if ($row['people'] >=$row['max_people']) {
$query = "DELETE FROM in_clan WHERE user_id = '$user_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
?>
<script type="text/javascript">
document.location.href = "user.php?id=<?php echo "$user_id";?>";
</script>
<?php
exit();
}
/////////////////////////Решение по клану.
if ($acc == 1) {//Если вступает
$people = ($people +1);
$user=$dbc->query("SELECT * FROM`users` WHERE`id`='$user_id' LIMIT 1")->fetch_assoc();
$time=time();
$pdo->exec("INSERT INTO `clan_log` SET `user_id` = '$user_id', `user` = '".$user['nick']."', `tip` = '5', `time` = '$time',`clan_id` = '$clan_id'");
$query = "update clans set people = '$people' where clan_id = '$clan_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$query = "update users set clan = '$clan_id', clan_rang = 1 where id = '$user_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$query = "DELETE FROM in_clan WHERE user_id = '$user_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$clan = $pdo->query("SELECT * FROM clans WHERE clan_id='".$clan_id."'")->fetch();
$mhp = ($clan['hp'] * 250);
$mbron = ($clan['bron'] * 200);
}
else {
$query = "DELETE FROM in_clan WHERE user_id = '$user_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
}
//////////////////////////////
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$user_id";?>";
</script>
<?php
mysqli_close($dbc);
?>