Файл: impwar.tk/avatars.php
Строк: 177
<?php
require_once('conf/dbc.php');
require_once('conf/session_start.php');
require_once('conf/ban.php');
if ((!isset($_SESSION['id'])) or (!isset($_SESSION['nick']))) {
?>
<script type="text/javascript">
document.location.href = "login.php";
</script>
<?php
exit();
}
$log_id = abs(intval($_SESSION['id']));
$query_ch = "Select money from users where id = '$log_id'";
$result_ch = mysqli_query($dbc, $query_ch) or die ('Ошибка передачи запроса к БД');
$row_ch = mysqli_fetch_array($result_ch);
$money = $row_ch['money'];
if ($money<1000) {
header ('Location: settings.php?error=6');
exit();
}
if (!empty($_POST['change'])) {
$avatar=filter($_POST['avatar']);
if ((isset($avatar)) and (!empty($avatar))) {
if (
($avatar != '2_s.png') and
($avatar != '3_s.png') and
($avatar != '4_s.png') and
($avatar != '5_s.png') and
($avatar != '6_s.png') and
($avatar != '7_s.png') and
($avatar != '8_s.png') and
($avatar != '9_s.png') and
($avatar != '10_s.png') and
($avatar != '11_s.png') and
($avatar != '12_s.png') and
($avatar != '13_s.png') and
($avatar != '14_s.png') and
($avatar != '15_s.png') and
($avatar != '16_s.png') and
($avatar != '17_s.png') and
($avatar != '18_s.png') and
($avatar != '19_s.png') and
($avatar != '20_s.png') and
($avatar != '21_s.png') and
($avatar != '22_s.png') and
($avatar != '23_s.png') and
($avatar != '24_s.png') and
($avatar != '25_s.png') and
($avatar != '26_s.png') and
($avatar != '27_s.png') and
($avatar != '28_s.png') and
($avatar != '29_s.png') and
($avatar != '30_s.png') and
($avatar != '31_s.png')
) {
$err=1;
}
}
else {
$err=2;
}
if ($err==0) {
if ($avatar == '1_s.png') {
$avatar = '1_s.png';
}
$query = "update users set avatar = '$avatar', money=money-1000 where id = '$log_id' limit 1";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
header ('Location: settings.php?error=4');
exit();
}
}
$page_title = 'Сменить Avatars';
require_once('conf/head.php');
require_once('conf/top.php');
?><br/>
<center><p class="name2"><span class="white">Смена аватара</p></span></center>
<?php
$user_id=abs(intval($_SESSION['id']));
$row_ch=$dbc->query("SELECT * FROM `users` WHERE`id`='$user_id' LIMIT 1")->fetch_assoc();
if($row_ch['vip']>='1'){echo'<a class="menu" href="avatarchik.php">Загрузить свой аватар(только для випа)</a>';}
?>
<?php if(!empty($err)) {?><div id="error">
<?php if ($err==1) {echo 'Подмена данных';}?>
<?php if ($err==2) {echo 'Вы не выбрали Avatars';}?>
</div><?php } ?>
<div class="stats">
<table width="170" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td width="33" valign="top" border="2">
<img src="img/avatars/2_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/3_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/4_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/5_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/6_s.png" width="45" height="70" border="0"/></td>
</td></tr>
<tr>
<td width="33" valign="top">
<b>№ 1 </td>
<td width="33" valign="top">
№ 2 </td>
<td width="33" valign="top">
№ 3</td>
<td width="33" valign="top">
№ 4</td>
<td width="33" valign="top">
№ 5</td>
</b>
</td></tr><tr>
<td width="33" valign="top">
<img src="img/avatars/7_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/8_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/9_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/10_s.png" width="45" height="70" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/11_s.png" width="45" height="70" border="0"/>
</td>
</table></tr></tbody>
<form enctype="multipart/form-data" method="post" action="<? $_SERVER['PHP_SELF']; ?>">
<label for="avatar"><center>Выберите номер Аватара:</center></label><br />
<center><select name="avatar" class="input" size="1">
<option value="2_s.png" <? if ($_POST['avatar'] == 2) {?>selected="selected"<?php }?> >Avatar № 1</option>
<option value="3_s.png" <? if ($_POST['avatar'] == 3) {?>selected="selected"<?php }?> >Avatar № 2</option>
<option value="4_s.png" <? if ($_POST['avatar'] == 4) {?>selected="selected"<?php }?> >Avatar № 3</option>
<option value="5_s.png" <? if ($_POST['avatar'] == 5) {?>selected="selected"<?php }?> >Avatar № 4</option>
<option value="6_s.png" <? if ($_POST['avatar'] == 6) {?>selected="selected"<?php }?> >Avatar № 5</option>
<option value="7_s.png" <? if ($_POST['avatar'] == 7) {?>selected="selected"<?php }?> >Avatar № 6</option>
<option value="8_s.png" <? if ($_POST['avatar'] == 8) {?>selected="selected"<?php }?> >Avatar № 7</option>
<option value="9_s.png" <? if ($_POST['avatar'] == 9) {?>selected="selected"<?php }?> >Avatar № 8</option>
<option value="10_s.png" <? if ($_POST['avatar'] == 10) {?>selected="selected"<?php }?> >Avatar № 9</option>
<option value="11_s.png" <? if ($_POST['avatar'] == 11) {?>selected="selected"<?php }?> >Avatar № 10</option>
</select>
<div class="knopka">
<input type="submit" class="input" value="Сменить" name="change"/>
</div>
</form><br/>
<p><span class="bonus">Стоимость:<img src="img/ico/money.png" width="12" height="12"/> 1000 Золота</span></p>
</div><br/>
<?php
require_once('conf/navig.php');
require_once('conf/foot.php');
mysqli_close($dbc);
?>