Файл: msmenu/msdisassemble.php
Строк: 65
<?php
if(isset($_GET['msdisassemble']) && num($_GET['msdisassemble'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_mythings` WHERE `id` = '".num($_GET['msdisassemble'])."' AND `user` = '".$user['id']."' AND `clothed` = '".num(1)."' LIMIT 1"),0)!=0){
$msid = mysql_fetch_array(mysql_query("SELECT * FROM `ms_mythings` WHERE `id` = '".num($_GET['msdisassemble'])."' AND `user` = '".$user['id']."' AND `clothed` = '".num(1)."'"));
$msid_level = mysql_fetch_array(mysql_query("SELECT * FROM `ms_gems` WHERE `level` = '".$msid['level']."' AND `user` = '".$user['id']."'"));
$msrubin = mysql_fetch_array(mysql_query("SELECT * FROM `ms_rubin` WHERE `act` = '".num($msid['id'])."' AND `user` = '".$user['id']."'"));
$msrg = mysql_fetch_array(mysql_query("SELECT * FROM `ms_gems` WHERE `level` = '".$msrubin['level']."' AND `user` = '".$user['id']."'"));
if(isset($_GET['MsGood'])){
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_mythings` WHERE `id` = '".num($_GET['msdisassemble'])."' AND `act` = '".$msid['act']."' AND `user` = '".$user['id']."' AND `clothed` = '".num(2)."' LIMIT 1"),0)!=0){
$text = "Эту вещь снять надо, а потом разбирать.";
$_SESSION['msg'] = $text;
header("Location: ../msthings");
exit;
}else{
if($msid_level['level'] == $msid['level']){
if($msid['ms_level_color'] == 0){
$mssamocvetik = 1;
$msmsgsm = 'Самоцвет';
}elseif($msid['ms_level_color'] == 1){
$mssamocvetik = 2;
$msmsgsm = 'Самоцвета';
}elseif($msid['ms_level_color'] == 2){
$mssamocvetik = 4;
$msmsgsm = 'Самоцвета';
}elseif($msid['ms_level_color'] == 3){
$mssamocvetik = 6;
$msmsgsm = 'Самоцветов';
}elseif($msid['ms_level_color'] == 4){
$mssamocvetik = 8;
$msmsgsm = 'Самоцветов';
}else{
$mssamocvetik = 1;
$msmsgsm = 'Самоцвет';
}
$msmsg = 'Получен <img src="/img/gems.png" alt="Самоцветы" width="24" height="24" /> '.$mssamocvetik.' '.$msmsgsm.' <span class="small minor"><span>'.$msid['level'].'</span> ур</span>';
mysql_query("UPDATE `ms_gems` SET `quantity` = '".($msid_level['quantity']+$mssamocvetik)."' WHERE `user` = '".$user['id']."' AND `id` = '".$msid_level['id']."' LIMIT 1");
}else{
if($msid['ms_level_color'] == 0){
$mssamocvetik = 1;
$msmsgsm = 'Самоцвет';
}elseif($msid['ms_level_color'] == 1){
$mssamocvetik = 2;
$msmsgsm = 'Самоцвета';
}elseif($msid['ms_level_color'] == 2){
$mssamocvetik = 4;
$msmsgsm = 'Самоцвета';
}elseif($msid['ms_level_color'] == 3){
$mssamocvetik = 6;
$msmsgsm = 'Самоцветов';
}elseif($msid['ms_level_color'] == 4){
$mssamocvetik = 8;
$msmsgsm = 'Самоцветов';
}else{
$mssamocvetik = 1;
$msmsgsm = 'Самоцвет';
}
$msmsg = 'Получен <img src="/img/gems.png" alt="Самоцветы" width="24" height="24" /> '.$mssamocvetik.' '.$msmsgsm.' <span class="small minor"><span>'.$msid['level'].'</span> ур</span>';
mysql_query("INSERT INTO `ms_gems` SET `quantity` = '".$mssamocvetik."', `user` = '".$user['id']."', `level` = '".$msid['level']."'");
}
mysql_query("DELETE FROM `ms_mythings` WHERE `id` = '".num($_GET['msdisassemble'])."' AND `user` = '".$user['id']."'");
if($msrubin['act'] == $msid['id'] && $msid['rubin'] == 2){
if($msrg['level'] == $msrubin['level']){
mysql_query("UPDATE `ms_gems` SET `quantity` = '".($msrg['quantity']+1)."' WHERE `user` = '".$user['id']."' AND `id` = '".$msrg['id']."' LIMIT 1");
$mslevelgems = '<br />Снят <img src="/img/gems.png" width="24" height="24" /> самоцвет '.$msrubin['level'].' уровня.';
}else{
mysql_query("INSERT INTO `ms_gems` SET `quantity` = '".num(1)."', `user` = '".$user['id']."', `level` = '".$msrubin['level']."'");
$mslevelgems = '<br />Снят <img src="/img/gems.png" width="24" height="24" /> самоцвет '.$msrubin['level'].' уровня.';
}
}
if($msrubin['act'] == $msid['id']){
mysql_query("DELETE FROM `ms_rubin` WHERE `id` = '".num($msrubin['id'])."' AND `user` = '".$user['id']."'");
}
$text = $msmsg.''.@$mslevelgems;
$_SESSION['msg'] = $text;
header("Location: ../msthings");
exit;
}
}
echo '<div>
</div>
<div>
<div class="fb2">
<div class="cltf"><div class="crtf"><div class="crbf"><div class="clbf"><div class="cntntf">
<div class="confirm">
<div>Вы уверены?</div>
<div class="mt4">
<a class="btni accept" href="../?msdisassemble='.$msid['id'].'&MsGood&SESSID='.passgen().'"><img src="/img/accept48.png" alt="" width="24" height="24"/> Подтверждаю</a>
<a class="btni decline" href="../"><img src="/img/cross.png" alt="" width="24" height="24"/> Отмена</a>
</div>
<div class="mt4 small minor"><span class="log_damage">
</div>
</div>
</div></div></div></div></div>
</div>
</div>';
}else{
$text = "Неверный запрос!<br />
Либо, эта вещь надета на героя!";
$_SESSION['msg'] = $text;
header("Location: ../msthings");
exit;
}
?>