Файл: impwar.tk/sklad.php
Строк: 235
<?php
require_once('conf/dbc.php');
require_once('conf/session_start.php');
require_once('conf/ban.php');
$page_title = 'Склад';
require_once('conf/head.php');
require_once('conf/top.php');
$user_id = abs(intval($_SESSION['id']));
$user=$dbc->query("SELECT * FROM users WHERE id = '$user_id'")->fetch_assoc();
$clan=$user['clan'];
$row=$dbc->query("Select * from clans where clan_id = '$clan'")->fetch_assoc();
if($user['clan']==0){
?>
<script type="text/javascript">
document.location.href = "index.php";
</script>
<?php
}
switch($_GET['act']){
default:
echo'<div class="redactor"><center><div class="r6">Склад отряда <span class="white"><b> '.$row['name'].'</b></span></center>';
?>
<?php if(!empty($_GET['err'])) {?>
<?php if ($_GET['err']==1) {echo '<p style="border-top: dashed #444e4f 1px;"></p><span class="red">У вас недостаточно рублей.</span>';}?>
<?php if ($_GET['err']==2) {echo '<p style="border-top: dashed #444e4f 1px;"></p><span class="red">У вас недостаточно хабара.</span>';}?>
<?php if ($_GET['err']==3) {echo '<p style="border-top: dashed #444e4f 1px;"></p><span class="red">В складе недостаточно рублей.</span>';}?>
<?php if ($_GET['err']==4) {echo '<p style="border-top: dashed #444e4f 1px;"></p><span class="red">В складе недостаточно хабара.</span>';}?>
<?php if ($_GET['err']==5) {echo '<span class="bonus">Склад пополнен</span>';}?>
<?php if ($_GET['err']==6) {echo '<span class="bonus">Рубли перечислены на ваш счет</span>';}?>
<?php if ($_GET['err']==7) {echo '<span class="bonus">Хабар перечислен на ваш счет</span>';}?>
<?php if ($_GET['err']==8) {echo '<span class="red">Вы не ввели количество</span>';}?>
<?php } ?> <?php
echo'<div class="dot"><span class="bonus">В складе:</span></br><span class="white">'.$row[habar].'</span> <img src="img/ico/materials.png"/> хабара </br>
<span class="white">'.$row[money].'</span> <img src="img/ico/money.png"/>RUB</div>';
echo "<div class='r6'>Вложить:</div>
Рубли:</p>
<form action='?act=money' method='POST'>";
echo"<select style='width:48%; height:25px;' name='money' class='input'>
<option value='500'>500 рублей</option>
<option value='1500'>1500 рублей</option>
<option value='3500'>3500 рублей</option>
<option value='15000'>15000 рублей</option>
<option value='50000'>50000 рублей</option>
<option value='150000'>150000 рублей</option>
<option value='500000'>500000 рублей</option>
<option value='1000000'>1000000 рублей</option>
</select><br/>
<input class='label' style='width:30%;' type='submit' value='Вложить' /></form>
<p>Хабар:</p>
<form action='?act=habar' method='POST'>";
echo"<select style='width:48%; height:25px;' name='habar' class='input'>
<option value='500'>500 хабара</option>
<option value='1500'>1500 хабара</option>
<option value='3500'>3500 хабара</option>
<option value='15000'>15000 хабара</option>
<option value='50000'>50000 хабара</option>
<option value='150000'>150000 хабара</option>
<option value='500000'>500000 хабара</option>
<option value='1000000'>1000000 хабара</option>
</select><br/>
<input class='label' style='width:30%;' type='submit' value='Вложить' /></form>";
if($user['clan_rang'] >= 9){
echo "<div class='r6'>Взять:</div>
Рубли:</p>
<form action='?act=moneyv' method='POST'>";
echo"<select style='width:48%; height:25px;' name='money' class='input'>
<option value='500'>500 рублей</option>
<option value='1500'>1500 рублей</option>
<option value='3500'>3500 рублей</option>
<option value='15000'>15000 рублей</option>
<option value='50000'>50000 рублей</option>
<option value='150000'>150000 рублей</option>
<option value='500000'>500000 рублей</option>
<option value='1000000'>1000000 рублей</option>
</select><br/>
<input class='label' style='width:30%;' type='submit' value='Взять' /></form>
<p>Хабар:</p>
<form action='?act=habarv' method='POST'>";
echo"<select style='width:48%; height:25px;' name='habar' class='input'>
<option value='500'>500 хабара</option>
<option value='1500'>1500 хабара</option>
<option value='3500'>3500 хабара</option>
<option value='15000'>15000 хабара</option>
<option value='50000'>50000 хабара</option>
<option value='150000'>150000 хабара</option>
<option value='500000'>500000 хабара</option>
<option value='1000000'>1000000 хабара</option>
</select><br/>
<input class='label' style='width:30%;' type='submit' value='Взять' /></form>";
}
require_once('conf/sklad_log.php');
break;
case 'money';
if($_POST['money'] > $user['money'] or $user['money'] < $_POST['money'] or $_POST['money'] < 0 or $_POST['money'] == '') {header('location: sklad.php?err=1');}
else{
$user_p = "SELECT * FROM users WHERE id = '$user_id'";
$user_r = mysqli_query($dbc, $user_p) or die('gg');
$user = mysqli_fetch_array($user_r);
$clan = $user['clan'];
$rubmoney = abs(intval($_POST['money']));
if ($rubmoney>$user['money'] or $rubmoney<$user['money'] ) {
header('location: sklad.php?err=1');
}
$pdo->exec("INSERT INTO `sklad_log` SET `user_id` = '$user_id', `clan_id` = '$clan', `summa` = '$rubmoney', `time` = '".time()."', `valuta` = '1', `tip` = '1'");
$update = "UPDATE `users` SET `money` = `money` - '$rubmoney' WHERE `id` = '$user_id' LIMIT 1";
$uprub = mysqli_query($dbc, $update);
$update2 = "UPDATE `clans` SET `money` = `money` + '$rubmoney' WHERE `clan_id` = '$clan' LIMIT 1";
$uprub2 = mysqli_query($dbc, $update2);
header('location: sklad.php?err=5');
}
break;
case 'habar';
if($_POST['habar'] > $user['habar'] or $user['habar'] < $_POST['habar'] or $_POST['habar'] < 0 or $_POST['habar'] == '') {header('location: sklad.php?err=2');}
else{
$user_p = "SELECT * FROM users WHERE id = '$user_id'";
$user_r = mysqli_query($dbc, $user_p) or die('gg');
$user = mysqli_fetch_array($user_r);
$clan = $user['clan'];
$rubhabar = abs(intval($_POST['habar']));
if ($rubhabar>$user['habar'] or $rubhabar<$user['habar'] ) {
header('location: sklad.php?err=2');
}
$pdo->exec("INSERT INTO `sklad_log` SET `user_id` = '$user_id', `clan_id` = '$clan', `summa` = '$rubhabar', `valuta` = '2', `time` = '".time()."', `tip` = '1'");
$update = "UPDATE `users` SET `habar` = `habar` - '$rubhabar' WHERE `id` = '$user_id' LIMIT 1";
$uprub = mysqli_query($dbc, $update);
$update2 = "UPDATE `clans` SET `habar` = `habar` + '$rubhabar' WHERE `clan_id` = '$clan' LIMIT 1";
$uprub2 = mysqli_query($dbc, $update2);
header('location: sklad.php?err=5');
}
break;
case 'moneyv';
if($_POST['money'] > $row['money'] or $row['money'] < $_POST['money'] or $_POST['money'] < 0 or $_POST['money'] == '') {header('location: sklad.php?err=3');}
else{
$user_p = "SELECT * FROM users WHERE id = '$user_id'";
$user_r = mysqli_query($dbc, $user_p) or die('gg');
$user = mysqli_fetch_array($user_r);
$clan = $user['clan'];
$rubmoney = abs(intval($_POST['money']));
if ($rubmoney>$row['money'] or $rubmoney<$row['money'] ) {
header('location: sklad.php?err=3');
}
$pdo->exec("INSERT INTO `sklad_log` SET `user_id` = '$user_id', `clan_id` = '$clan', `summa` = '$rubmoney', `time` = '".time()."', `valuta` = '1', `tip` = '2'");
$update = "UPDATE `users` SET `money` = `money` + '$rubmoney' WHERE `id` = '$user_id' LIMIT 1";
$uprub = mysqli_query($dbc, $update);
$update2 = "UPDATE `clans` SET `money` = `money` - '$rubmoney' WHERE `clan_id` = '$clan' LIMIT 1";
$uprub2 = mysqli_query($dbc, $update2);
header('location: sklad.php?err=6');
}
break;
case 'habarv';
if($_POST['habar'] > $row['habar'] or $row['habar'] < $_POST['habar'] or $_POST['habar'] < 0 or $_POST['habar'] == '') {header('location: sklad.php?err=4');}
else{
$user_p = "SELECT * FROM users WHERE id = '$user_id'";
$user_r = mysqli_query($dbc, $user_p) or die('gg');
$user = mysqli_fetch_array($user_r);
$clan = $user['clan'];
$rubhabar = abs(intval($_POST['habar']));
if ($rubhabar>$row['habar'] or $rubhabar<$row['habar'] ) {
header('location: sklad.php?err=4');
}
$pdo->exec("INSERT INTO `sklad_log` SET `user_id` = '$user_id', `clan_id` = '$clan', `summa` = '$rubhabar', `valuta` = '2', `time` = '".time()."', `tip` = '2'");
$update = "UPDATE `users` SET `habar` = `habar` + '$rubhabar' WHERE `id` = '$user_id' LIMIT 1";
$uprub = mysqli_query($dbc, $update);
$update2 = "UPDATE `clans` SET `habar` = `habar` - '$rubhabar' WHERE `clan_id` = '$clan' LIMIT 1";
$uprub2 = mysqli_query($dbc, $update2);
header('location: sklad.php?err=7');
}
break;
}
require_once('conf/navig.php');
require_once('conf/foot.php');
mysqli_close($dbc);
?>
</body>
</html>