Файл: take.php
Строк: 63
<?php
include_once ('./core/base.php');
falseauth();
$id=fl($_GET['id']);
$item = $base -> query('SELECT * FROM `locations_items` WHERE `id` = "'.$id.'"
AND `world` = "'.$u['world'].'" AND `x` = "'.$u['x'].'" AND `y` = "'.$u['y'].'" LIMIT 1') -> fetch_assoc();
$header = ''.$item['name'].'';
include_once ('./core/head.php');
if($item != 0) {
if($item['what'] == 'clothing'){
$base -> query('INSERT INTO `users_items` SET
`user` = "'.$u['id'].'",
`name` = "'.$item['name'].'",
`description` = "'.$item['description'].'",
`image` = "'.$item['image'].'",
`level` = "'.$item['level'].'",
`what` = "'.$item['what'].'",
`potion` = "'.$item['potion'].'",
`hp_regen` = "'.$item['hp_regen'].'",
`mp_regen` = "'.$item['mp_regen'].'",
`type` = "'.$item['type'].'",
`attack_type` = "'.$item['attack_type'].'",
`equip` = "no",
`p_att` = "'.$item['p_att'].'",
`m_att` = "'.$item['m_att'].'",
`p_def` = "'.$item['p_def'].'",
`m_def` = "'.$item['m_def'].'",
`endurance` = "'.$item['endurance'].'",
`intellect` = "'.$item['intellect'].'",
`agility` = "'.$item['agility'].'",
`skill` = "'.$item['skill'].'",
`quality` = "'.$item['quality'].'",
`max_quality` = "'.$item['max_quality'].'",
`set` = "'.$item['set'].'",
`mark` = "'.$item['mark'].'",
`smith` = "'.$item['smith'].'",
`rune_type` = "'.$item['rune_type'].'",
`rune` = "'.$item['rune'].'",
`amount` = "'.$item['amount'].'",
`cost` = "'.$item['cost'].'",
`ident_id` = "'.$item['ident_id'].'"');
}else{
$old_item = $base -> query('SELECT * FROM `users_items` WHERE `user` = "'.$u['id'].'" AND `ident_id` = "'.$item['ident_id'].'" LIMIT 1') -> num_rows;
if($old_item > 0){
$base -> query('UPDATE `users_items` SET `amount` = `amount` + "'.$item['amount'].'" WHERE `user` = "'.$u['id'].'" AND `ident_id` = "'.$item['ident_id'].'" LIMIT 1');
}else{
$base -> query('INSERT INTO `users_items` SET
`user` = "'.$u['id'].'",
`name` = "'.$item['name'].'",
`description` = "'.$item['description'].'",
`image` = "'.$item['image'].'",
`what` = "'.$item['what'].'",
`potion` = "'.$item['potion'].'",
`hp_regen` = "'.$item['hp_regen'].'",
`mp_regen` = "'.$item['mp_regen'].'",
`rune_type` = "'.$item['rune_type'].'",
`mark` = "'.$item['mark'].'",
`amount` = "'.$item['amount'].'",
`cost` = "'.$item['cost'].'",
`ident_id` = "'.$item['ident_id'].'"');
}
}
$base -> query('DELETE FROM `locations_items` WHERE `id` = "'.$item['id'].'"');
$_SESSION['message'] = 'Предмет '.$item['name'].' помещён в инвентарь.';
header('Location: /explore/items/');
exit;
}else{
$_SESSION['message'] = 'Ошибка.';
header('Location: /explore/items/');
}
include_once ('./core/foot.php');
?>