Файл: msclan/msinvitations.php
Строк: 67
<?php
if(isset($_GET['msinvitations_no']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_invitations` WHERE `user` = '".$user['id']."' LIMIT 1"),0)!=0){
$msuser_clan = mysql_fetch_array(mysql_query("SELECT * FROM `ms_invitations` WHERE `user` = '".$user['id']."' LIMIT 1"));
//////////////////////////////////////////////
mysql_query("DELETE FROM `ms_invitations` WHERE `user` = '".$user['id']."'");
header("Location: ../");
exit;
//////////////////////////////////////////////
}elseif(isset($_GET['msinvitations_yes']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_invitations` WHERE `user` = '".$user['id']."' LIMIT 1"),0)!=0){
$msuser_clan = mysql_fetch_array(mysql_query("SELECT * FROM `ms_invitations` WHERE `user` = '".$user['id']."' LIMIT 1"));
//////////////////////////////////////////////
mysql_query("DELETE FROM `ms_invitations` WHERE `user` = '".$user['id']."'");
mysql_query("INSERT INTO `ms_clan_user` SET `user` = '".$user['id']."', `clan` = '".$msuser_clan['id_clan']."', `title` = '".num(1)."'");
$text = 'Вы теперь в братстве!';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-Ms_guildForm;");
exit;
//////////////////////////////////////////////
}elseif(isset($_GET['msinvitations']) && my_esc($_GET['msinvitations'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_user` WHERE `login` = '".my_esc($_GET['msinvitations'])."'"),0)!=0)
{
$msusers = mysql_fetch_array(mysql_query("SELECT * FROM `ms_user` WHERE `login` = '".my_esc($_GET['msinvitations'])."' LIMIT 1"));
$msuser_clan = mysql_fetch_array(mysql_query("SELECT * FROM `ms_clan_user` WHERE `user` = '".$user['id']."' LIMIT 1"));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_clan_user` WHERE `user` = '".$user['id']."' LIMIT 1"),0)!=0){
if($msusers['level'] >= 19){
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_invitations` WHERE `user` = '".$msusers['id']."' LIMIT 1"),0)!=0){
$text = 'У пользователь уже есть приглашение в братство!';
$_SESSION['msg'] = $text;
header("Location: ../Link::".$msusers['login'].";");
exit;
}elseif(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_clan_user` WHERE `user` = '".$msusers['id']."' LIMIT 1"),0)!=0){
$text = 'Пользователь уже состоит в братстве!';
$_SESSION['msg'] = $text;
header("Location: ../Link::".$msusers['login'].";");
exit;
}else{
//////////////////////////////////////////////
mysql_query("INSERT INTO `ms_invitations` SET `type` = '".num(1)."', `user` = '".$msusers['id']."', `id_clan` = '".$msuser_clan['clan']."', `who` = '".num($user['id'])."'");
$text = 'Приглашение выслано!';
$_SESSION['msg'] = $text;
header("Location: ../Link::".$msusers['login'].";");
exit;
//////////////////////////////////////////////
}
}else{
$text = 'Пользователь не достиг 19-го уровня!';
$_SESSION['msg'] = $text;
header("Location: ../Link::".$msusers['login'].";");
exit;
}
}else{
$text = 'Вы не состоите в братстве!';
$_SESSION['msg'] = $text;
header("Location: ../");
exit;
}
}else{
$text = 'Возникла ошибка!';
$_SESSION['msg'] = $text;
header("Location: ../");
exit;
}
?>