Файл: warhis.ru/system/user.php
Строк: 49
<?
$id = _string(_num($_COOKIE['id']));
$password = _string($_COOKIE['password']);
if($id && $password) {
$q = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'" AND `password` = "'.$password.'"');
$user = mysql_fetch_array($q);
if(!$user) {
setCookie('id', '');
setCookie('password', '');
}
mysql_query('UPDATE `users` SET `online` = "'.time().'",
`ip` = "'.$_SERVER['REMOTE_ADDR'].'",
`ua` = "'.$_SERVER['HTTP_USER_AGENT'].'",
`self` = "'.$_SERVER['PHP_SELF'].'" WHERE `id` = "'.$user['id'].'"');
$_time = 2;
if($user['last_update'] < (time() - $_time)){
mysql_query('UPDATE `users` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
}
if((time() - $user['last_update']) > $_time) {
mysql_query('UPDATE `users` SET `last_update` = "'.time().'" WHERE `id` = "'.$user['id'].'"');
if($user['self'] != '/coliseum.php') {
$hp = $user['vit'] * 2;
if($user['hp'] < $hp) {
$_hp = (((time() - $user['last_update']) / $_time) - 1 );
if($_hp > $hp) {
$_hp = $hp - $user['hp'];
}
mysql_query('UPDATE `users` SET `hp` = "'.($user['hp'] + $_hp ).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] < $user['mana']) {
$_mp = (((time() - $user['last_update']) / $_time) - 1 );
if($_mp > $user['mana']) {
$_mp = $user['mana'] - $user['mp'];
}
mysql_query('UPDATE `users` SET `mp` = "'.($user['mp'] +$_mp ).'" WHERE `id` = "'.$user['id'].'"');
}
}
}
if($user['last_update'] - $user['duel_last_update'] > (60 * 30)) {
mysql_query('UPDATE `users` SET `duel_last_update` = "'.($user['duel_last_update'] + (60 * 30)).'",
`duel_fights` = "'.($user['duel_fights'] + (($user['duel_fights'] < 11) ? 1:0)).'",
`duel_changes` = "'.($user['duel_changes'] + (($user['duel_changes'] < 11) ? 1:0)).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['hp'] > $user['vit'] * 2) {
mysql_query('UPDATE `users` SET `hp` = "'.($user['vit'] * 2).'" WHERE `id` = "'.$user['id'].'"');
}
if($user['hp'] < 0) {
mysql_query('UPDATE `users` SET `hp` = "0" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] > $user['mana']) {
mysql_query('UPDATE `users` SET `mp` = "'.$user['mana'].'" WHERE `id` = "'.$user['id'].'"');
}
if($user['mp'] < 0) {
mysql_query('UPDATE `users` SET `mp` = "0" WHERE `id` = "'.$user['id'].'"');
}
$clan_memb = mysql_query('SELECT * FROM `clan_memb` WHERE `user` = "'.$user['id'].'"');
$clan_memb = mysql_fetch_array($clan_memb);
function clan_buff($i) {
switch($i) {
case 0:
$buff = 4;
break;
case 1:
$buff = 4;
break;
case 2:
$buff = 8;
break;
case 3:
$buff = 12;
break;
case 4:
$buff = 24;
break;
case 5:
$buff = 28;
break;
case 6:
$buff = 32;
break;
case 7:
$buff = 36;
break;
case 8:
$buff = 48;
break;
case 9:
$buff = 52;
break;
case 10:
$buff = 56;
break;
case 11:
$buff = 60;
break;
case 12:
$buff = 72;
break;
case 13:
$buff = 76;
break;
case 14:
$buff = 80;
break;
case 15:
$buff = 84;
break;
case 16:
$buff = 96;
break;
case 17:
$buff = 100;
break;
case 18:
$buff = 104;
break;
case 19:
$buff = 108;
break;
case 20:
$buff = 120;
break;
case 21:
$buff = 124;
break;
case 22:
$buff = 128;
break;
case 23:
$buff = 132;
break;
case 24:
$buff = 144;
break;
case 25:
$buff = 148;
break;
case 26:
$buff = 152;
break;
case 27:
$buff = 156;
break;
case 28:
$buff = 168;
break;
case 29:
$buff = 172;
break;
case 30:
$buff = 176;
break;
case 31:
$buff = 180;
break;
case 32:
$buff = 192;
break;
case 33:
$buff = 196;
break;
case 34:
$buff = 200;
break;
case 25:
$buff = 200;
break;
}
return $buff;
}
if($clan_memb) {
$clan = mysql_fetch_array(mysql_query('SELECT * FROM `clans` WHERE `id` = "'.$clan_memb['clan'].'"'));
if($clan_memb['last_update'] <= time()) {
mysql_query('UPDATE `clan_memb` SET `last_update` = "'.($clan_memb['last_update'] + ((60 * 60) * 24 )).'",
`v` = `v` + 3 WHERE `id` = "'.$clan_memb['id'].'"');
}
$clan_buff = clan_buff($clan['built_1']);
if($clan['built_1'] > 0 && $clan_buff) {
$user['str'] += $clan_buff;
$user['vit'] += $clan_buff;
$user['agi'] += $clan_buff;
$user['def'] += $clan_buff;
}
}
$ban = mysql_fetch_array(mysql_query('SELECT * FROM `ban` WHERE `user` = "'.$user['id'].'"'));
if($ban) {
if($ban['time'] <=time()) {
mysql_query('DELETE FROM `ban` WHERE `user` = "'.$user['id'].'"');
}
if($ban['time'] > time() && $_SERVER['PHP_SELF'] != '/ban.php') {
header('location: /ban.php');
exit;
}
}
$premium = mysql_fetch_array(mysql_query('SELECT * FROM `premium` WHERE `user` = "'.$user['id'].'"'));
if($premium) {
if($premium['time'] < time()) {
mysql_query('UPDATE `users` SET `str` = `str` - 200,
`vit` = `vit` - 200,
`agi` = `agi` - 200,
`def` = `def` - 200 WHERE `id` = ''.$user['id'].''');
mysql_query('DELETE FROM `premium` WHERE `user` = ''.$user['id'].''');
}
}
}
?>