Файл: stalkerus.tk/avatarsss.php
Строк: 136
<?php
require_once('conf/dbc.php');
require_once('conf/session_start.php');
require_once('conf/ban.php');
if ((!isset($_SESSION['id'])) or (!isset($_SESSION['nick']))) {
?>
<script type="text/javascript">
document.location.href = "reg.php?err_login=1";
</script>
<?php
exit();
}
$log_id = $_SESSION['id'];
$query_ch = "Select money from users where id = '$log_id'";
$result_ch = mysqli_query($dbc, $query_ch) or die ('Ошибка передачи запроса к БД');
$row_ch = mysqli_fetch_array($result_ch);
$money = $row_ch['money'];
if ($money<5000) {
header ('Location: settings.php?error=1');
exit();
}
if (!empty($_POST['change'])) {
$avatar=$_POST['avatar'];
if ((isset($avatar)) and (!empty($avatar))) {
if (
($avatar != '2.png') and
($avatar != '3.png') and
($avatar != '4.png') and
($avatar != '5.png') and
($avatar != '6.png') and
($avatar != '7.png') and
($avatar != '8.png') and
($avatar != '9.png') and
($avatar != '10.png') and
($avatar != '11.png') and
($avatar != '12.png')
) {
$err=1;
}
}
else {
$err=2;
}
if ($err==0) {
if ($avatar == '1.png') {
$avatar = '1.png';
}
$query = "update users set
avatar = '$avatar',
money=money-5000";
$result = mysqli_query($dbc, $query) or die ('Ошибка передачи запроса к БД');
header ('Location: settings.php?error=4');
exit();
}
}
$page_title = 'Сменить Avatars';
require_once('conf/head.php');
require_once('conf/top.php');
?>
<?php if(!empty($err)) {?><div id="error">
<?php if ($err==1) {echo 'Подмена данных';}?>
<?php if ($err==2) {echo 'Вы не выбрали Avatars';}?>
</div><?php } ?>
<div class="stats">
<table width="170" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td width="33" valign="top" border="2">
<img src="img/avatars/2.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/3.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/4.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/5.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/6.png" width="30" height="30" border="0"/></td>
</td></tr>
<tr>
<td width="33" valign="top">
<b>√ 1 </td>
<td width="33" valign="top">
√ 2 </td>
<td width="33" valign="top">
√ 3</td>
<td width="33" valign="top">
√ 4</td>
<td width="33" valign="top">
√ 5</td>
</b>
</td></tr><tr>
<td width="33" valign="top">
<img src="img/avatars/7.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/9.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/10.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/11.png" width="30" height="30" border="0"/></td>
<td width="33" valign="top">
<img src="img/avatars/12.png" width="30" height="30" border="0"/>
</td>
<tr>
<td width="33" valign="top">
<b>√ 6 </td>
<td width="33" valign="top">
√ 8 </td>
<td width="33" valign="top">
√ 9</td>
<td width="33" valign="top">
√ 10</td>
<td width="33" valign="top">
√ 11</td>
</table></tr></tbody>
<form enctype="multipart/form-data" method="post" action="<? $_SERVER['PHP_SELF']; ?>">
<label for="avatar">Avatar:</label><br />
<select name="avatar" class="input" size="1">
<option value="2.png" <? if ($_POST['avatar'] == 2) {?>selected="selected"<?php }?> >Avatar = 1</option>
<option value="3.png" <? if ($_POST['avatar'] == 3) {?>selected="selected"<?php }?> >Avatar = 2</option>
<option value="4.png" <? if ($_POST['avatar'] == 4) {?>selected="selected"<?php }?> >Avatar = 3</option>
<option value="5.png" <? if ($_POST['avatar'] == 5) {?>selected="selected"<?php }?> >Avatar = 4</option>
<option value="6.png" <? if ($_POST['avatar'] == 6) {?>selected="selected"<?php }?> >Avatar = 5</option>
<option value="7.png" <? if ($_POST['avatar'] == 7) {?>selected="selected"<?php }?> >Avatar = 6</option>
<option value="8.png" <? if ($_POST['avatar'] == 8) {?>selected="selected"<?php }?> >Avatar = 7</option>
<option value="9.png" <? if ($_POST['avatar'] == 9) {?>selected="selected"<?php }?> >Avatar = 8</option>
<option value="10.png" <? if ($_POST['avatar'] == 10) {?>selected="selected"<?php }?> >Avatar = 9</option>
<option value="11.png" <? if ($_POST['avatar'] == 11) {?>selected="selected"<?php }?> >Avatar = 10</option>
<option value="12.png" <? if ($_POST['avatar'] == 12) {?>selected="selected"<?php }?> >Avatar = 11</option>
</select>
<div class="knopka">
<input type="submit" class="input" value="Сменить" name="change"/>
</div>
</form>
<p><span class="bonus">Стоимость:<img src="img/ico/money.png" width="12" height="12"/> 5000 RUB</span></p>
</div>
<?php
require_once('conf/navig.php');
require_once('conf/foot.php');
mysqli_close($dbc);
?>