Файл: btwars.ru/system/user.php
Строк: 63
<?
$id = _string(_num($_COOKIE['id']));
$password = _string($_COOKIE['password']);
if($id && $password) {
$q = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'" AND `password` = "'.$password.'" LIMIT 1');
$user = mysql_fetch_array($q);
if(!$user) {
setCookie('id', '');
setCookie('password', '');
}
//WorldByte.NET//
$user['sum_arena']=$user['str']+$user['vit']+$user['agi']+$user['def'];
mysql_query('UPDATE `users` SET `online` = "'.time().'",
`ip` = "'.$_SERVER['REMOTE_ADDR'].'",
`ua` = "'.$_SERVER['HTTP_USER_AGENT'].'",
`self` = "'.$_SERVER['PHP_SELF'].'",
`sum_arena` = "'.$user['sum_arena'].'" WHERE `id` = "'.$user['id'].'"');
//WorldByte.NET//
$_time = 2;
if($user['last_update'] < (time() - $_time)){
mysql_query('UPDATE `users` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
}
if((time() - $user['last_update']) > $_time) {
mysql_query('UPDATE `users` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
if($user['self'] != '/coliseum.php') {
$hp = $user['vit'] * 2;
if($user['hp'] < $hp) {
$_hp = (((time() - $user['last_update']) / $_time) - 1 );
if($_hp > $hp) {
$_hp = $hp - $user['hp'];
}
mysql_query('UPDATE `users` SET `hp` = "'.($user['hp'] + $_hp ).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] < $user['mana']) {
$_mp = (((time() - $user['last_update']) / $_time) - 1 );
if($_mp > $user['mana']) {
$_mp = $user['mana'] - $user['mp'];
}
mysql_query('UPDATE `users` SET `mp` = "'.($user['mp'] +$_mp ).'" WHERE `id` = "'.$user['id'].'"');
}
}
}
if($user['last_update'] - $user['duel_last_update'] > (60 * 30)) {
mysql_query('UPDATE `users` SET `duel_last_update` = "'.($user['duel_last_update'] + (60 * 30)).'",
`duel_fights` = "'.($user['duel_fights'] + (($user['duel_fights'] < 11) ? 1:0)).'",
`duel_changes` = "'.($user['duel_changes'] + (($user['duel_changes'] < 11) ? 1:0)).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['hp'] > $user['vit'] * 2) {
mysql_query('UPDATE `users` SET `hp` = "'.($user['vit'] * 2).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['hp'] < 0) {
mysql_query('UPDATE `users` SET `hp` = "0" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] > $user['mana']) {
mysql_query('UPDATE `users` SET `mp` = "'.$user['mana'].'" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] < 0) {
mysql_query('UPDATE `users` SET `mp` = "0" WHERE `id` = "'.$user['id'].'"');
}
$clan_memb = mysql_query('SELECT * FROM `clan_memb` WHERE `user` = "'.$user['id'].'"');
$clan_memb = mysql_fetch_array($clan_memb);
function clan_buff($i) {
switch($i) {
case 0:
$buff = 4;
break;
case 1:
$buff = 4;
break;
case 2:
$buff = 8;
break;
case 3:
$buff = 12;
break;
case 4:
$buff = 24;
break;
case 5:
$buff = 28;
break;
case 6:
$buff = 32;
break;
case 7:
$buff = 36;
break;
case 8:
$buff = 48;
break;
case 9:
$buff = 52;
break;
case 10:
$buff = 56;
break;
case 11:
$buff = 60;
break;
case 12:
$buff = 72;
break;
case 13:
$buff = 76;
break;
case 14:
$buff = 80;
break;
case 15:
$buff = 84;
break;
case 16:
$buff = 96;
break;
case 17:
$buff = 100;
break;
case 18:
$buff = 104;
break;
case 19:
$buff = 108;
break;
case 20:
$buff = 120;
break;
case 21:
$buff = 124;
break;
case 22:
$buff = 128;
break;
case 23:
$buff = 132;
break;
case 24:
$buff = 144;
break;
case 25:
$buff = 148;
break;
case 26:
$buff = 152;
break;
case 27:
$buff = 156;
break;
case 28:
$buff = 168;
break;
case 29:
$buff = 172;
break;
case 30:
$buff = 176;
break;
case 31:
$buff = 180;
break;
case 32:
$buff = 192;
break;
case 33:
$buff = 196;
break;
case 34:
$buff = 200;
break;
case 25:
$buff = 200;
break;
}
return $buff;
}
if($clan_memb) {
$clan = mysql_fetch_array(mysql_query('SELECT * FROM `clans` WHERE `id` = "'.$clan_memb['clan'].'"'));
if($clan_memb['last_update'] <= time()) {
mysql_query('UPDATE `clan_memb` SET `last_update` = "'.($clan_memb['last_update'] + ((60 * 60) * 24 )).'",
`v` = `v` + 3 WHERE `id` = "'.$clan_memb['id'].'"');
}
$clan_buff = clan_buff($clan['built_1']);
if($clan['built_1'] > 0 && $clan_buff) {
$user['str'] += $clan_buff;
$user['vit'] += $clan_buff;
$user['agi'] += $clan_buff;
$user['def'] += $clan_buff;
}
}
$ban = mysql_fetch_array(mysql_query('SELECT * FROM `ban` WHERE `user` = "'.$user['id'].'"'));
if($ban) {
if($ban['time'] <=time()) {
mysql_query('DELETE FROM `ban` WHERE `user` = "'.$user['id'].'"');
}
if($ban['time'] > time() && $_SERVER['PHP_SELF'] != '/ban.php') {
header('location: /ban.php');
exit;
}
}
$premium = mysql_fetch_array(mysql_query('SELECT * FROM `premium` WHERE `user` = "'.$user['id'].'"'));
if($premium) {
if($premium['time'] < time()) {
mysql_query('UPDATE `users` SET `str` = `str` - 200,
`vit` = `vit` - 200,
`agi` = `agi` - 200,
`def` = `def` - 200 WHERE `id` = ''.$user['id'].''');
mysql_query('DELETE FROM `premium` WHERE `user` = ''.$user['id'].''');
}
}
}
$names = array (0,'Трофей бойца','Трофей воина','Трофей избранного','Трофей идущего к славе','Трофей несокрушимогo',
'Трофей силы','Трофей могущества','Трофей титана','Трофей полубога');
$quests = array (0,10,20,35,50,220,500,1500,2300,3500);
$undying_kills = array (0,50,200,350,500,2200,5000,7500,8300,1000);
$skill = array (0,10,24,35,50,100,185,190,200,230);
if (isset($user))
{
for ($i =1;$i<10;$i++)
{
if ($user['troph'.$i] == 0)
{
if ($user['undying']>= $undying_kills[$i] && $user['quests']>=$quests[$i] && $user['skill']>=$skill[$i] && $user['troph'.$i] == 0)
{
mysql_query("UPDATE `users` SET `troph$i` = '1' WHERE `id`='".$user['id']."' ")or die (mysql_error());
?>
<div class ='block'/>
<center>
<img src='/images/medals/50x50/<?=$i;?>.png'/><br/>
<?=$names[$i];?>
<br/>
Трофей получен!
</center>
</div>
<?
}
}
}
}
?>