Файл: msconfig/mssession.php
Строк: 73
<?php
if(!empty($_COOKIE['id']) && !empty($_COOKIE['pass']) && $_COOKIE['id'] != NULL && $_COOKIE['pass'] != NULL)
{
$usid = num($_COOKIE['id']);
$uspass = sql($_COOKIE['pass']);
# Проверяем наличие пользователя с указанными данными
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_user` WHERE `id` = '". $usid ."' AND `pass` = '". $uspass ."' LIMIT 1"), 0) == true)
{
# Создаем массив с данными пользователя
$user = mysql_fetch_array(mysql_query("SELECT * FROM `ms_user` WHERE `id` = '". $usid ."' LIMIT 1"));
$time = time();
mysql_query("UPDATE `ms_user` SET `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
$timeactiv=$time-$user['date_last'];
if($timeactiv < 120)
{
$newtimeactiv=$user['ms_time']+$timeactiv;
mysql_query("UPDATE `ms_user` SET `ms_time` ='".$newtimeactiv."' WHERE `id` = '".$user['id']."' LIMIT 1");
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
mysql_query("UPDATE `ms_user` SET `timegeneration` = '".time()."' WHERE `id` = '".$user['id']."' LIMIT 1");
if($user['life'] < $user['lifes']){
$msgens = time()-$user['timegeneration'];
$msgen = 0;
$msgen += $msgens*$user['regeneration'];
if($msgen == 0){
$msgenuser = '';
}else{
$msgenuser = '+ '.$msgen;
}
$msde = $user['life']+$msgen;
if($msde < $user['lifes']){
$msfy = $user['life']+$msgen;
}else{
$msfy = $user['lifes'];
}
if($user['minuslife'] > 1 && $user['minuslife'] > $msgen){
mysql_query("UPDATE `ms_user` SET `minuslife` = '".($user['minuslife']-$msgen)."' WHERE `id` = '".$user['id']."' LIMIT 1");
}else{
mysql_query("UPDATE `ms_user` SET `minuslife` = '".num(0)."' WHERE `id` = '".$user['id']."' LIMIT 1");
}
mysql_query("UPDATE `ms_user` SET `timegeneration` = '".time()."', `life` = '".$msfy."' WHERE `id` = '".$user['id']."' LIMIT 1");
}
if($user['life'] > $user['lifes']) mysql_query("UPDATE `ms_user` SET `life` = '".num($user['lifes'])."' WHERE `id` = '".$user['id']."' LIMIT 1");
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////
$bigl=50;
/*Эсли в базе нету больше уровней, то переходы не выполняються, а счетчик опыта показывает ввесь, набраный за всю игру, опыт*/
if($user['level']<$bigl)
{
if($user['level']>1)
{
$rl=0;
$ql=mysql_query("SELECT * FROM `mystyle_level`");
while($pl=mysql_fetch_array($ql))
{
if($pl['level']<=$user['level'])$rl=$rl+$pl['rating'];
}
$kr=$user['rating']-$rl;
}
else $kr=$user['rating'];
$level=mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_level` WHERE `level` = '".($user['level']+1)."' LIMIT 1"));
if($kr>=$level['rating'])
{
$mstimeplus = $level['rubies']*100;
$_SESSION['msg'] = '<div class="title">Новый уровень!<br />
Поздравляем, ты получил <span>'.$level['level'].'</span> уровень.<br />
Ярость: +1%<br />
Здоровье: +10</div>';
mysql_query("UPDATE `ms_user` SET `lifes` = '".num(($user['lifes']+10))."', `msrage` = '".num(($user['msrage']+1))."', `attack` = '".num(($user['attack']+$level['level']))."', `level` = '".num($level['level'])."', `ruby` = '".num(($user['ruby']+$level['rubies']))."' WHERE `id` = '".num($user['id'])."' LIMIT 1");
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_battle` WHERE `level` = '".num($level['level'])."' AND `user` = '".num($user['id'])."'"),0)<1)
{
mysql_query("INSERT INTO `ms_battle` SET `user` = '".num($user['id'])."', `level` = '".num($level['level'])."'");
}
$user['level']=$level['level'];
$user['money']=$user['money']+($level['level']*100);
$user['ruby']=$user['ruby']+$level['level'];
$rl=0;
$ql=mysql_query("SELECT * FROM `mystyle_level`");
while($pl=mysql_fetch_array($ql))
{
if($pl['level']<=$user['level'])$rl=$rl+$pl['rating'];
}
$kr=$user['rating']-$rl;
$level=mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_level` WHERE `level` = '".($user['level']+1)."' LIMIT 1"));
}
}
mysql_query("UPDATE `ms_user` SET `level` = '1' WHERE `level` = '0'");
if($user['sex'] == 'm' || $user['sex'] == 'f'){
}else{
$ms_us_sex = 'm';
mysql_query("UPDATE `ms_user` SET `sex` = '".my_esc($ms_us_sex)."' WHERE `id` = '".$user['id']."' LIMIT 1");
}
//////////////////////////////////////
if($user['time_bonus'] <= time()){
$mstimeplus_bonus = 86400;
$dates=explode("-", date("m-d-Y"));
$then=mktime (0,0,0,$dates[0],$dates[1]+1,$dates[2]);
$msrubybonus = $user['level'];
$_SESSION['msg'] = '<div class="title">Ежедневный бонус!<br />
Рубинов <span>'.$msrubybonus.'</span><br />
<img src="/img/key48.png" width="24" height="24" alt=""/> Ключ +1<br />
Заходите каждый день и получайте бонусы!</div>';
mysql_query("UPDATE `ms_user` SET `ruby` = '".($user['ruby']+$msrubybonus)."', `time_bonus` = '".$then."' WHERE `id` = '".$user['id']."' LIMIT 1");
mysql_query("INSERT INTO `ms_chestsandkeys` SET `user` = '".num($user['id'])."', `act` = '".num(2)."', `time` = '".(time()+259200)."'");
}
/////////////////////////////////////
$user_id = num($user['id']);
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_tasks_user` WHERE `user` = '".num($user['id'])."'"),0)<1){
mysql_query("INSERT INTO `ms_tasks_user` SET `user` = '".num($user['id'])."',
`level_1` = '".num(1)."',
`level_2` = '".num(1)."',
`level_3` = '".num(1)."',
`level_4` = '".num(1)."',
`level_5` = '".num(1)."'");
}
}else{
setcookie('id');
setcookie('pass');
$user_id = false;
}
}
?>