Файл: msmenu/msherouser.php
Строк: 101
<?php
if(isset($_GET['msherouser']) && my_esc($_GET['msherouser'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_user` WHERE `login` = '".my_esc($_GET['msherouser'])."'"),0)!=0)
{
$msusers = mysql_fetch_array(mysql_query("SELECT * FROM `ms_user` WHERE `login` = '".my_esc($_GET['msherouser'])."' LIMIT 1"));
echo '
<div>
</div>
<div>
</div>
<div class="content">
<img src="/img/pattern-left.png" width="48" height="18" alt="" />
<span>Снаряжение героя</span>
<img src="/img/pattern-right.png" width="48" height="18" alt="" />
</div>
<div class="content" style="padding-top: 0;padding-bottom:4px;">
';
$user['set'] = 8;
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_mythings` WHERE `clothed` = '".num(2)."' AND `user` = '".$msusers['id']."'"),0);
if ($k_post==0){
echo '<div style="padding-top:4px;" class="small minor">
Снаряжения на герое нет. Вещи выдаются в награду за выполненные поручения.
</div>';
}
$k_page=k_page($k_post,$user['set']);
$page=page($k_page);
$start=$user['set']*$page-$user['set'];
$mslog = mysql_query("SELECT * FROM `ms_mythings` WHERE `clothed` = '".num(2)."' AND `user` = '".$msusers['id']."' ORDER BY `act` ASC LIMIT $start, $user[set]");
while($msid = mysql_fetch_array($mslog))
{
$sr = $start+1;
if($msid['act'] == 1) $ms_act_get = '<img src="/img/items/helm.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 2) $ms_act_get = '<img src="/img/items/shoulders.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 3) $ms_act_get = '<img src="/img/items/weapon.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 4) $ms_act_get = '<img src="/img/items/shield.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 5) $ms_act_get = '<img src="/img/items/armor.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 6) $ms_act_get = '<img src="/img/items/belt.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 7) $ms_act_get = '<img src="/img/items/legs.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
if($msid['act'] == 8) $ms_act_get = '<img src="/img/items/boots.png" alt="" width="24" height="24" title="'.$msid['name'].'"/>';
echo '<div style="padding-top:4px;">
<div class="cltf">
<div class="crtf">
<div class="clbf">
<div class="crbf iborder" style="padding:4px;">
<div>
<div>
'.$ms_act_get.'
<span class="">'.mscolor_user($msid['id'], $msusers['id']).'</span> <span class="small minor"><span>'.$msid['level'].'</span> ур</span>
</div>
<div>
<div>
<span class=""><nobr><span>Сила</span> <span style="color:#34BBE5;">'.$msid['attack'].'</span></nobr></span>
</div>';
if($msid['protection'])echo '<div>
<span class=""><nobr><span>Стойкость</span> <span style="color:#34BBE5;">'.$msid['protection'].'</span></nobr></span>
</div>';
echo '<div>
<span class=""><nobr><span>Здоровье</span> <span style="color:#34BBE5;">'.$msid['life'].'</span></nobr></span>
</div><div>
<span class=""><nobr><span>Регенерация</span> <span style="color:#34BBE5;">'.$msid['regeneration'].'</span></nobr></span>
</div>';
$msbat = mysql_fetch_array(mysql_query("SELECT * FROM `ms_mythings` WHERE `user` = '".$msusers['id']."' AND `act` = '".$msid['act']."' AND `clothed` ='".num(2)."' LIMIT 1"));
if($msid['rubin'] == 2){
$mssamocvet = mysql_fetch_array(mysql_query("SELECT * FROM `ms_rubin` WHERE `act` = '".num($msid['id'])."' AND `user` = '".$msusers['id']."'"));
echo '<div><img src="/img/gems.png" alt="" width="24" height="24"/>
Самоцвет <span>'.$mssamocvet['level'].'</span> ур (+<span>'.$mssamocvet['attack'].', '.$mssamocvet['life'].', '.$mssamocvet['regeneration'].'</span>)</div>';
}
echo '
</div>
</div>
<div class="pt4">';
echo '
</div>
</div>
</div>
</div>
</div>
</div>';
}
echo '</div>';
echo '<br /><a class="btn" href="../Link::'.$msusers['login'].';"><img src="/img/arrow_left.png" width="24" height="24" alt="" /> Назад в профиль</a>';
}else{
header("Location: ../Link:Error;");
exit;
}
?>