Файл: impwar.tk/invite.php
Строк: 104
<?php
require_once('conf/dbc.php');
require_once('conf/session_start.php');
require_once('conf/ban.php');
if ((!isset($_SESSION['id'])) or (!isset($_SESSION['nick']))) {
?>
<script type="text/javascript">
document.location.href = "reg.php?err_login=1";
</script>
<?php
exit();
}
$set_id = abs(intval($_GET['set_id']));
$set_id = mysqli_real_escape_string($dbc, trim($set_id));
$user=$dbc->query("SELECT * FROM`users` WHERE`id`='$set_id' LIMIT 1")->fetch_assoc();
$set_nick = $user['nick'];
$user_id = abs(intval($_SESSION['id']));
///////Пустое ли ид приглашённого
if (empty($set_id)) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$set_id";?>";
</script>
<?php
exit();
}
////////////////////////////////
////////Данные приглашаемого
$query = "Select clan_rang, clan, gruppa, opit from users where id = '$set_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$row = mysqli_fetch_array($result);
$clan_set = $row['clan'];
$gruppa_set = $row['gruppa'];
$opit_set = $row['opit'];
/////////////////////////////////
///////Данные приглашающего
$query = "Select clan_rang, nick, clan, gruppa from users where id = '$user_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$row = mysqli_fetch_array($result);
$clan_rang_user = $row['clan_rang'];
$clan_user = $row['clan'];
$gruppa_user = $row['gruppa'];
$nick_user = $row['nick'];
/////////////////////////////////
///////Проверка на клан
if (empty($clan_user)) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$set_id";?>";
</script>
<?php
exit();
}
////////////////////////////////
///////Проверка на ранг
if ($clan_rang_user < 6) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$set_id";?>";
</script>
<?php
exit();
}
////////////////////////////////
//////Проверка на ЛВЛ >10
$query_lvl = "Select lvl, opit from opit order by lvl desc";
$result_lvl = mysqli_query($dbc, $query_lvl) or die ('Ошибка передачи запроса к БД');
$row_lvl = mysqli_fetch_array($result_lvl);
$big_next_lvl = $row_lvl['opit'];
$lvl=$row_lvl['lvl'];
while (($opit_set/100)< $row_lvl['opit']) {
$next_lvl = $row_lvl['opit'];
$lvl=($lvl-1);
$row_lvl = mysqli_fetch_array($result_lvl);
}
if ($lvl < 5) {
?>
<script type="text/javascript">
document.location.href = "index.php";
</script>
<?php
exit();
}
////////////////////////////////
//////Проверка на макс количество игроков о отряде
$user_id=abs(intval($_SESSION['id']));
$usg3=$dbc->query("SELECT * FROM `users` WHERE`id`='$user_id'")->fetch_assoc();
$query_pepl = "Select * from clans WHERE`clan_id`='".$usg3['clan']."'";
$result_pepl = mysqli_query($dbc, $query_pepl) or die ('Ошибка передачи запроса к БД');
$row_pepl= mysqli_fetch_array($result_pepl);
if ($row_pepl['people']>=$row_pepl['max_people']){ header ('Location: clan.php?id='.$usg3['clan'].'');}
////////////////////////////////
//////В одной ли группировке
if ($gruppa_set <> $gruppa_user) {
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$set_id";?>";
</script>
<?php
exit();
}
/////////////////////////////////
if ($row_pepl['people'] >=$row_pepl['max_people']) {
?>
<script type="text/javascript">
document.location.href = "clan.php?id=".$usg3['clan']."";
</script>
<?php
exit();
}
/// название клана
$query = "select name from clans where clan_id = '$clan_user'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$row = mysqli_fetch_array($result);
$name_clan = $row['name'];
////////////////////////////////////
$query = "select id from in_clan where user_id = '$set_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
$count = mysqli_num_rows($result);
if ($count <> 0) {
$query = "update in_clan set user_id = '$set_id', user_id_in = '$nick_user', clan_name='$name_clan', clan_id='$clan_user', id_in = '$user_id' where user_id = '$set_id'";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
}
else {
///ВСЁ НОРМАЛЬНО, ВЫСЫЛАЕМ ПРИГЛАШЕНИЕ.
$user=$dbc->query("SELECT * FROM`users` WHERE`id`='$set_id' LIMIT 1")->fetch_assoc();
$time=time();
$pdo->exec("INSERT INTO `clan_log` SET `user_id` = '$user_id', `user` = '".$user['nick']."', `tip` = '4', `time` = '$time',`clan_id` = '$clan_user'");
$query = "insert into in_clan (`user_id`, `user_id_in`, `clan_name`, `clan_id`, `id_in`) values ('$set_id','$nick_user', '$name_clan', '$clan_user', '$user_id')";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
}
////////////////////////////////
?>
<script type="text/javascript">
document.location.href = "profile.php?id=<?php echo "$set_id";?>";
</script>
<?php
mysqli_close($dbc);
?>