Файл: tmp/head.php
Строк: 150
<?php
ob_start();
echo "<!DOCTYPE html>
<html>
<head>
<meta http-equiv='content-type' content='text/html; charset=UTF-8'/>
<meta name='viewport' content='width=device-width; initial-scale=1'>
<meta name='author' content='Splash'/>
<title>Время Войны</title>
<link rel='stylesheet' type='text/css' href='/tmp/style.css'/>";
echo '<body>';
if(!isset($_SESSION['uid']) and $_SERVER['PHP_SELF'] !== '/index.php' and $_SERVER['PHP_SELF'] !== '/game.php' and $_SERVER['PHP_SELF'] !== '/autorize.php' and $_SERVER['PHP_SELF'] !== '/create_pers.php'){
header('Location: index.php?es');
exit;
}
if(isset($_SESSION['uid'])){
include ('private/static.php');
$b = mysql_query("SELECT * FROM `ban` WHERE `user`='$uid'");
$ban = mysql_fetch_assoc($b);
if($ban['time']>=time() or $ban['time']=='perm'){
echo "<b>Вы забанены!</b><br>
Причина: $ban[text]<br>
Кем: $ban[who]<br>";
if($ban['time']=='perm'){
echo "<b>Вечный БАН!!!</b>";
}else{
echo "До разбана осталось: ".time_left($ban['time']-time())."";
}
exit;
}
$ton = time()+900;
mysql_query("UPDATE `users` SET `online`='$ton',`allonline`=`allonline`+'1' WHERE `id`='$uid'"); //обновляем онлайн на 15 минут
/** **/
include ('private/obz.php');
echo '<div class="main">';
include ('private/rank.php');
include ('private/exp.php');
include ('private/ordenexp.php');
include ('private/regenhp.php');
include ('private/fun.php');
include ('private/ach.php');
include ('private/bafftime.php');
/** **/
$hp = ($user['hp']/$user['hpall'])*100;
$mp = ($user['mp']/$user['mpall'])*100;
@$exp=round((($user['exp']-$ol)/($op-$ol))*100, 2);
@$repa=round((($user['repa']-$ol2)/($op2-$ol2))*100);
$q = mysql_query("SELECT * FROM `mobs` WHERE `user`='$uid'");
$e = mysql_num_rows($q);
$w = mysql_fetch_assoc($q);
if($e >= '1' and $_SERVER['PHP_SELF']!=='/battle.php'){$btl = " <a href='/battle.php?id=$w[id]'><img src='/img/Weapons.png' width='18'></a>";}
$cp = mysql_num_rows(mysql_query("SELECT * FROM `cap_exp` WHERE `user`='$uid'"));
if($cp>='1'){$cp_exp="<a href='/capsul.php'><img src='/img/cap_exp.png' width='20'></a>";}
$msg3 = mysql_num_rows(mysql_query("SELECT * FROM `mail` WHERE `to`='$uid' and `read`='0'"));
if($msg3>='1'){
$mail = "<a href='/mail'><img src='/img/mail.png'></a>";
}
echo "<small>$log ($user[level] ур.)</small> $cp_exp $btl $mail<span style='float:right'><small><img src='/img/silver.png' width='14'> ".number_format($user['silver'])." <img src='/img/almaz.png' width='14'> ".number_format($user['almaz'])."</small></span>";
echo '<div style="background:#666666;height:6px;width:100%;padding:0;margin:4px 0;">
<div style="background:red; height:6px; width:'.$hp.'%;"></div></div>';
echo '<div style="background:#666666;height:6px;width:100%;padding:0;margin:4px 0;">
<div style="background:#66CC66; height:6px; width:'.$exp.'%;"></div></div>';
if(isset($_GET['yesinv'])){
$invite=(int)mysql_real_escape_string($_GET['invite']);
$q = mysql_query("SELECT * FROM `orden_invite` WHERE `id`='$invite' and `to`='$uid'");
$e = mysql_num_rows($q);
if($e>='1'){
$w = mysql_fetch_assoc($q);
$or = mysql_fetch_assoc(mysql_query("SELECT * FROM `orden` WHERE `id`='$w[orden]'"));
mysql_query("UPDATE `users` SET `orden`='$or[lider]',`orden_title`='5' WHERE `id`='$uid'");
mysql_query("DELETE FROM `orden_invite` WHERE `to`='$uid'");
header('Location: /orden');
}
}
if(isset($_GET['notinv'])){
$invite=(int)mysql_real_escape_string($_GET['invite']);
$q = mysql_query("SELECT * FROM `orden_invite` WHERE `id`='$invite' and `to`='$uid'");
$e = mysql_num_rows($q);
if($e>='1'){
mysql_query("DELETE FROM `orden_invite` WHERE `id`='$invite' and `to`='$uid'");
header('Location: /main');
}
}
$q = mysql_query("SELECT * FROM `orden_invite` WHERE `to`='$uid'");
$e = mysql_num_rows($q);
if($e>='1'){
While($w = mysql_fetch_assoc($q)){
$or = mysql_fetch_assoc(mysql_query("SELECT * FROM `orden` WHERE `id`='$w[orden]'"));
echo "<div class='info'>Вас приглашают в орден <b>$or[name]</b><br>
<a href='?invite=$w[id]&yesinv'>Принять</a> | <a href='?invite=$w[id]¬inv'>Отказаться</a></div>";
}
}
include ('private/bonusday.php');
$q = mysql_query("SELECT * FROM `baff` WHERE `user`='$uid'");
$e = mysql_num_rows($q);
if($e>='1'){
While($w = mysql_fetch_assoc($q)){
echo "<img src='/img/baff/$w[img]' width='18'> <small>".time_left($w['time']-time())."</small><br>";
}
}
if($_SERVER['PHP_SELF']!=='/main.php'){
echo '<hr>';
}
include ('private/shoprank.php');
if($user['np'] == 'ok'){
echo "<a style='color:lightgreen' href='/save.php'>Сохранить персонажа</a><hr>";
}
$quest = mysql_real_escape_string(htmlspecialchars(strip_tags($_GET['quest'])));
if(isset($quest)){
$qq = mysql_query("SELECT * FROM `quest` WHERE `id`='$id'");
$qq2 = mysql_num_rows($qq);
if($qq2>='1'){
$wa = mysql_fetch_assoc($qq);
$mq = mysql_query("SELECT * FROM `us_quest` WHERE `user`='$uid' and `id_quest`='$id'");
$me = mysql_num_rows($mq);
$mw = mysql_fetch_assoc($mq);
if($me>='1'){
if($mw['kill']>=$mw['need'] and $mw['time']==''){
mysql_query("UPDATE `users` SET `exp`=`exp`+'$wa[exp]',`silver`=`silver`+'$wa[silver]' WHERE `id`='$uid'");
$timer = date("j");
mysql_query("UPDATE `us_quest` SET `time`='$timer' WHERE `user`='$uid' and `id_quest`='$id'");
echo "<small> + <img src='/img/exp.png'> $wa[exp], + <img src='/img/silver.png'> $wa[silver]</small><hr>";
}
}
}
}
$qu = mysql_query("SELECT * FROM `us_quest` WHERE `user`='$uid' and `time`=''");
$qe = mysql_num_rows($qu);
if($qe>='1'){
While($qw = mysql_fetch_assoc($qu)){
if($qw['kill']>=$qw['need']){
$qqw = mysql_fetch_assoc(mysql_query("SELECT * FROM `quest` WHERE `id`='$qw[id_quest]'"));
echo "<font size=2 color=lightgreen>Выполненно задание<br>"<b>$qqw[name]</b>"</font><br><a href='?id=$qqw[id]&quest'>Получить награду</a><hr>";
}
}
}
$sht = mysql_query("SELECT * FROM `ship` WHERE `user`='$uid'");
$she = mysql_num_rows($sht);
if($she>='1'){
$sh = mysql_fetch_assoc($sht);
if($sh['hp']<='0'){
echo "Вы проиграли морское сражение.<br><a href='sea.php?contine'>Продолжить</a>";
mysql_query("UPDATE `ship` SET `hp`='$sh[hpall]' WHERE `user`='$uid'");
include ('tmp/foot.php');
exit;
}
}
}
?>