Файл: btwars.ru/start.php
Строк: 28
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if($user) {
header('location: /');
exit;
}
//if(mysql_num_rows(mysql_query('SELECT * FROM `ban` WHERE `ip` = ''.$_SERVER['REMOTE_ADDR'].''')) != 0 OR mysql_num_rows(mysql_query('SELECT * FROM `users` WHERE `ip` = ''.$_SERVER['REMOTE_ADDR'].''')) != 0) { header('location: /'); exit; }
$query = mysql_fetch_assoc(mysql_query("SELECT * FROM `users`"));
if($query['ip'] == $_SERVER['REMOTE_ADDR'])
{ header('location: /'); exit;
}
$ref = _string(_num($_GET['ref']));
$password = rand(1,999);
if(mysql_query('INSERT INTO `users` (`login`,
`password`) VALUES ("Боец",
"'.$password.'")')) {
$id = mysql_insert_id();
if($ref) {
$ref_user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$ref.'"');
$ref_user = mysql_fetch_array($ref_user);
if($ref_user) {
mysql_query('INSERT INTO `ref` (`user`,
`ho`) VALUEs ("'.$ref_user['id'].'",
"'.$id.'")');
mysql_query("UPDATE `users` SET `s` = `s`+ '1000' WHERE `id` = '$ref_user[id]'");
}
}
$user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$user = mysql_fetch_array($user);
$_g = 10000000;
$_s = 5000000;
$_mana = 2500;
$_r = rand(0,1);
mysql_query('UPDATE `users` SET `hp` = "'.($user['vit'] * 2).'",
`mp` = "'.$user['mana'].'" WHERE `id` = "'.$id.'"');
mysql_query('UPDATE `users` SET `g` ="'.$_g.'",
`s` ="'.$_s.'" WHERE `id` = "'.$id.'"');
mysql_query('UPDATE `users` SET `r` ="'.$_r.'",
`r` ="'.$_r.'" WHERE `id` = "'.$id.'"');
mysql_query('UPDATE `users` SET `mana` ="'.$_mana.'",
`mana` ="'.$_mana.'" WHERE `id` = "'.$id.'"');
setCookie('id', $user['id'], time() + 86400, '/');
setCookie('password', $password, time() + 86400, '/');
header('location: /');
}
header('location: /eee/index.php');
?>