Файл: public_html/pits.php
Строк: 41
<?php
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
if(isset($_GET['kup'])){
$pit = mysql_query('SELECT * FROM `pits` WHERE `id` = "'.$_GET['kup'].'"');
$pit = mysql_fetch_array($pit);
$pit_user = mysql_query('SELECT * FROM `pit_user` WHERE `id_user` = "'.$user['id'].'"');
$pit_user = mysql_fetch_array($pit_user);
if($pit_user){
header("Location: /pits/");
exit();
}
if(!$pit){
header("location: /pits/");
exit();
}elseif($user['g'] < $pit['cena']){
header("Location: /pits/");
exit();
}else{
mysql_query("INSERT INTO `pit_user` SET
`id_user` = '$user[id]',
`id_pit` = '$pit[id]',
`str` = '$pit[str]',
`vit` = '$pit[vit]',
`agi` = '$pit[agi]',
`def` = '$pit[def]'");
mysql_query("UPDATE `users` SET
`g` = `g` - '".$pit['cena']."',
`str` = `str` + '$pit[str]',
`vit` = `vit` + '$pit[vit]',
`agi` = `agi` + '$pit[agi]',
`def` = `def` + '$pit[def]'
WHERE `id` = '".$user['id']."'");
header("Location: /user/");
exit();
}
}
$title = 'Магазин питомцев';
include './system/h.php';
$q = mysql_query('SELECT * FROM `pits` ORDER BY `id` ASC');
while($post = mysql_fetch_array($q)) {
echo "<div class='block_zero'>";
echo "<div class='float-left'><img src='/images/pits/$post[image].png' style='margin-right:3px;margin-top:-2px;'></div>";
echo "<b>$post[name]</b><br><img src='/images/icon/str.png'> $post[str] <img src='/images/icon/vit.png'> $post[vit] <img src='/images/icon/agi.png'> $post[agi] <img src='/images/icon/def.png'> $post[def]";
echo "<div style='clear:both'></div>";
echo "<div class='center'><a href='?kup=$post[id]' class='btn'><span class='end'><span class='label'>Купить за <img src='/images/icon/gold.png'> $post[cena]</span</span></a></div>";
echo "</div>";
echo "<div class='mini-line'></div>";
echo "<ul class='hint'>";
echo "<li>Питомец сделает вас значительно сильнее...</li>";
echo "</ul>";
}
include './system/f.php';
?>