Файл: pet.php
Строк: 101
<?php
include 'system/common.php';
include 'system/functions.php';
include 'system/user.php';
if (!isset ($user)) {
header('location: /');
exit;
}
// check
$_GET['id'] = isset ($_GET['id']) ?intval ($_GET['id']) :0;
$_GET['pet']= isset ($_GET['pet'])?intval ($_GET['pet']):0;
if (!preg_match ("/1|2|3|4/", $_GET['pet'])) {
header ("location: /");
exit;
}
$query = $dbh->prepare ("SELECT `user_pet`.*, `users`.`id`, `users`.`sex` as `user_sex`, `users`.`w_1` as `user_w_1`, `users`.`w_2` as `user_w_2`,`users`.`w_3` as `user_w_3`,`users`.`w_4` as `user_w_4`,`users`.`w_5` as `user_w_5`,`users`.`w_6` as `user_w_6`,`users`.`w_7` as `user_w_7`,`users`.`w_8` as `user_w_8`, `pets`.`id` as `id_pet`, `pets`.`level` as `level`
FROM `user_pet`
LEFT JOIN `users` ON `users`.`id`=`user_pet`.`id_user`
LEFT JOIN `pets` ON `pets`.`id`=`user_pet`.`$_GET[pet]`
WHERE (`user_pet`.`id_user`=?) AND (`user_pet`.`$_GET[pet]`!='0')");
$query->execute (array ($_GET['id']));
if ($query->rowCount ()==0) {
header ("location: /");
exit;
}
$pet = $query->fetch (); // pet array
// customs
$names = array ("", "Дракон", "Гидра", "Цербер", "Тигр и пантера"); // pet names
$maxLevel = 75;
$addStats = 3;
$add = $pet['level'] * $addStats + 25;
$trainingPrice = 100;
$training = $pet['level'] * $trainingPrice - $trainingPrice;
$title = $names[$_GET['pet']];
include './system/h.php';
echo "<div class='title'><b>" . $names[$_GET['pet']] . "</b></div>n";
echo "<div class='content'>";
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_1]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_1 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_2]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_2 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_3]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_3 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_4]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_4 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_5]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_5 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_6]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_6 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_7]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_7 = $inv['item'];
}
$query = mysql_query("SELECT * FROM `inv` WHERE (`user`='$pet[id_user]') AND (`id`='$pet[user_w_8]')");
if (mysql_num_rows ($query)!=0) {
$inv = mysql_fetch_array($query);
$w_8 = $inv['item'];
}
echo "<div class='main' style='text-align:center;'><img src='/petImage.php?sex=$pet[user_sex]&w_1=$w_1&w_2=$w_2&w_3=$w_3&w_4=$w_4&w_5=$w_5&w_6=$w_6&w_7=$w_7&w_8=$w_8&pet=$_GET[pet]' alt=''/></div>n";
echo "<div class='main' style='text-align:center;'>Уровень: $pet[level]<br/>n<b>+$add</b> к параметрам</div>n";
if ($pet['id_user']==$user['id']) {
if ($pet['level']<$maxLevel) {
if ($pet['use']!=$_GET['pet']) { // [FIX] can'not bug with stats
if (isset ($_GET['training'])) {
if ($user['g']>=$training) {
mysql_query ("UPDATE `users` SET `g`=`g`-$training WHERE (`id`='$pet[id_user]')");
mysql_query ("UPDATE `pets` SET `level`=`level`+1 WHERE (`id`='$pet[id_pet]')");
}
header ("location: /pet.php?id=$pet[id_user]&pet=$_GET[pet]");
exit;
}
echo "<div class='main' style='text-align:center;'><a class='btn' href='/pet.php?id=$pet[id_user]&pet=$_GET[pet]&training'><span class='end'><span class='label'>Тренировать</span></span></a><br/>n<span style='color:#6f6f6f;'>Цена: $training золота</span></div>n";
}
}
}
echo "<ul>n";
echo "<li><a href='/petshop.php'>Магазин питомцев</a></li>n";
echo "</ul>n";
echo "</div>n";
include './system/f.php';
?>