Файл: gift.php
Строк: 579
<?
define('PROTECTOR', 1);
include('files/db.php');
include($path.'files/auth.php');
if ($user_id==0){
header('location: index.php');exit;
}
$textl='Подарки';
include($path.'files/core.php');
if(isset($_GET['vt']))
{
$users=mysql_query("SELECT * FROM `users` WHERE `id`='".mysql_real_escape_string($_GET['us'])."'");
$us=mysql_fetch_array($users);
$frid=mysql_query("SELECT * FROM `friend` WHERE `usr2`='".$udata['id']."' and `usr`='".$us['id']."'");
$fr=mysql_num_rows($frid);
if($fr==0)
{
header('location: ?');exit;
}
else
{
$gid=mysql_query("SELECT * FROM `gift` WHERE `usr`='".mysql_real_escape_string($_GET['us'])."'");
$gf=mysql_num_rows($gid);
$e=10;
if($udata['id']==2)
{
$e=20;
}
if($gf==$e)
{
mysql_query("INSERT INTO `user_log` SET
`usr`='".$udata['id']."',
`text`='У друга максимум подарков!!!'
");
header('location: ?');exit;
}
else
{
if($udata['lvl']<10)
{
mysql_query("INSERT INTO `user_log` SET
`usr`='".$udata['id']."',
`text`='Подарки можно дарить с 10 уровня!'
");
header('location: ?');exit;
}
if(mysql_real_escape_string($_GET['gif'])==1)
{
if($udata['jem']<1)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['jem']-1;
mysql_query("UPDATE `users` SET `jem`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='1',
`hp`='15',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Дракон Жизни от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==2)
{
if($udata['jem']<1)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['jem']-1;
mysql_query("UPDATE `users` SET `jem`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='2',
`hp`='0',
`sila`='0',
`arm`='30',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Дракон Защиты от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==3)
{
if($udata['jem']<1)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['jem']-1;
mysql_query("UPDATE `users` SET `jem`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='3',
`hp`='0',
`sila`='15',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Дракон Силы от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==4)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='4',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Плюшевый Мишка от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==5)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='5',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Котенок от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==6)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='6',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Золотая Рыбка от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==7)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='7',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Мороженое от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==8)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='8',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Роза от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==9)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='9',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Блинчики от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==10)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='10',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Армия, ждет! от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==11)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='11',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Красная Звезда от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==12)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='12',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Сердце от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==13)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='13',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Поцелуй от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==14)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='14',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Боевой Топор от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==16)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='16',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Брилиант от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
if(mysql_real_escape_string($_GET['gif'])==17)
{
if($udata['money']<10)
{
header('location: ?');exit;
}
else
{
$activ=mysql_query("SELECT * FROM `users_activ` WHERE `usr`='".$udata['id']."'");
$act=mysql_fetch_array($activ);
if($act['act_5']<3)
{
$kol=$act['act_5']+1;
mysql_query("UPDATE `users_activ` SET `act_5`='".$kol."' WHERE `usr`='".$udata['id']."'");
}
$mon=$udata['money']-10;
mysql_query("UPDATE `users` SET `money`='".$mon."' WHERE `id`='".$udata['id']."'");
$t=time()+259200;
mysql_query("INSERT INTO `gift` SET
`id`='',
`usr`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='".$udata['id']."',
`gift`='17',
`hp`='0',
`sila`='0',
`arm`='0',
`krit`='0',
`blok`='0',
`time`='".$t."'
");
$rows211=mysql_num_rows(mysql_query("SELECT * FROM `msg_kont` WHERE `usr1`='".mysql_real_escape_string($_GET['us'])."' and `usr2`='0'"));
if($rows211==0)
{
mysql_query("INSERT INTO `msg_kont` SET
`id`='',
`usr1`='".mysql_real_escape_string($_GET['us'])."',
`usr2`='0',
`read`='1',
`time`='".time()."'
");
}else
{
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
mysql_query("UPDATE `msg_kont` SET `read`='1', `time`='".time()."' WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'");
}
$rows21=mysql_fetch_array(mysql_query("SELECT * FROM `msg_kont`
WHERE `usr2`='0' and `usr1`='".mysql_real_escape_string($_GET['us'])."'"));
$text='<font color=#cccccc>Вы получили подарок! Кольцо Всевластия от '.$udata['usr'].'.</font>
';
mysql_query("INSERT INTO `msg_dialog` SET
`id`='',
`dialog`='".$rows21['id']."',
`vhod`='1',
`time`='".time()."',
`text`='".$text."',
`usr`='".mysql_real_escape_string($_GET['us'])."'
");
header('location: friend.php');exit;
}
}
}
}
}
include($path.'files/head.php');
include($path.'files/zag.php');
echo '<table width=100%>
<tr>
<td width=35%>
<a href=game.php><div style="background: #882222; border-radius: 7px 0 0 7px" class="m p bts bbs brs bls" align=center>Главная</div></a>
</td><td>';
echo '<a href=?><div class="line bts brs bls bbs p m" style="border-radius: 0 7px 7px 0">
<font color=#ffffff>Подарки
</font>
</div></a></td></tr></table>';
echo '<div class="bat bts brs bls bbs p">';
switch($_GET['gift'])
{
default:
if($udata['lvl']<10)
{
echo '<div align=center><font color=#ff0000>Чтобы дарить подарки вам необходим 10 уровень!</font></div>';
}
else
{
echo '<div align=center><font color=#ff0000>Даря подарки друзьям, вы делаете их сильнее! Подарки хранятся у друга 72 часа! (Вы должны быть в списке друзей игрока которому хотите сделать подарок)</font></div>';
echo '<table>
<tr>
<td><img src=img/gift/1.png></td>
<td><a href=?gift=gif&id=1>подарить <font color=#009900>Дракон Жизни</font></a> <img src=img/main/p3.png>+15<br>
за <img src=img/main/p13.png>1
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/2.png></td>
<td><a href=?gift=gif&id=2>подарить <font color=#009900>Дракон Защиты</font></a> <img src=img/main/p2.png>+30<br>
за <img src=img/main/p13.png>1
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/3.png></td>
<td><a href=?gift=gif&id=3>подарить <font color=#009900>Дракон Силы</font></a> <img src=img/main/p1.png>+15<br>
за <img src=img/main/p13.png>1
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/4.png></td>
<td><a href=?gift=gif&id=4>подарить <font color=#009900>Плюшевый Мишка</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/5.png></td>
<td><a href=?gift=gif&id=5>подарить <font color=#009900>Котенок</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/6.png></td>
<td><a href=?gift=gif&id=6>подарить <font color=#009900>Золотая Рыбка</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/7.png></td>
<td><a href=?gift=gif&id=7>подарить <font color=#009900>Мороженое</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/8.png></td>
<td><a href=?gift=gif&id=8>подарить <font color=#009900>Роза</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/9.png></td>
<td><a href=?gift=gif&id=9>подарить <font color=#009900>Блинчики</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/10.png></td>
<td><a href=?gift=gif&id=10>подарить <font color=#009900>Армия, ждет!</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/11.png></td>
<td><a href=?gift=gif&id=11>подарить <font color=#009900>Красная Звезда</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/12.png></td>
<td><a href=?gift=gif&id=12>подарить <font color=#009900>Сердце</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/13.png></td>
<td><a href=?gift=gif&id=13>подарить <font color=#009900>Поцелуй</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/14.png></td>
<td><a href=?gift=gif&id=14>подарить <font color=#009900>Боевой Топор</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/16.png></td>
<td><a href=?gift=gif&id=16>подарить <font color=#009900>Брилиант</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
echo '<table>
<tr>
<td><img src=img/gift/17.png></td>
<td><a href=?gift=gif&id=17>подарить <font color=#009900>Кольцо Всевластия</font></a><br>
за <img src=img/main/p5.png>10
</td>
</tr>
</table>';
}
break;
case 'gif':
echo '<div align=center><font color=#ff0000>Выберите друга, которому желаете сделать подарок!</font></div>';
$frid=mysql_query("SELECT * FROM `friend` WHERE `usr2`='".$udata['id']."' ORDER BY `id` DESC");
while($fr=mysql_fetch_array($frid))
{
$users=mysql_query("SELECT * FROM `users` WHERE `id`='".$fr['usr']."'");
$us=mysql_fetch_array($users);
if($us['admin']>0 and $us['admin']<6)
{
echo '<img src=img/main/md.png> ';
}
if($us['admin']>5)
{
echo '<img src=img/main/admin.png> ';
}
echo '<img src=img/main/c'.$us['klass'].'.png> <img src=img/main/r'.$us['rasa'].'.png>
<a href=?vt&gif='.$_GET['id'].'&us='.$us['id'].'>'.$us['usr'].'</a> <img src=img/main/p10.png>'.$us['lvl'].'<br>';
}
break;
}
echo '</div></div>';
include('files/down.php');
?>