Файл: waphero.ru/bashni/remont.php
Строк: 24
<?
include_once '../core/system.php';
echo only_reg();
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `bashni` WHERE `id` = '".intval($_GET['id'])."'"),0) == true){
$bashnay = mysql_fetch_assoc(mysql_query("SELECT * FROM `bashni` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
$_SESSION['err'] = "Нет такой башни!";
header('Location: index.php');
exit();
}
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$bashnay[id_user]."'"));
if($user[id] == $ank[id]){
if($user[gold] > 99){
mysql_query("UPDATE `bashni` SET `sila` = '$user[sila]', `max_health` = '$user[max_health]', `health` = '$user[max_health]', `lovk` = '$user[lovk]', `zashit` = '$user[zashit]' WHERE `id` = '$_GET[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `gold` = '".($user[gold]-100)."' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: bashnya.php?id=$bashnay[id]");
$_SESSION['message'] = 'Ремонт закончен!';
exit();
}else{
header("Location: bashnya.php?id=$bashnay[id]");
$_SESSION['err'] = 'Нужно больше золота!';
exit();
}
}else{
header("Location: bashnya.php?id=$bashnay[id]");
$_SESSION['err'] = 'Это не ваша башня!';
exit();
}
?>