Файл: waphero.ru/boss/ataka.php
Строк: 74
<?
require_once '../core/system.php';
echo only_reg();
$health = rand(1,50);
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `boss` WHERE `id` = '".intval($_GET['id'])."'"),0) == true){
$boss = mysql_fetch_assoc(mysql_query("SELECT * FROM `boss` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
$_SESSION['err'] = "Босс не найден";
header('Location: index.php');
exit();
}
if($user['level'] < $boss[lvl]){
$_SESSION['err'] = "Необходим $boss[lvl] уровень!";
header('Location: index.php');
exit();
}else{
if($user['health'] < 20){
$_SESSION['light'] = "<span class='dred'>Для нападения нужно <img src='/images/icon/health.png' alt=''/> 20 Здоровья</span><br/>Здоровье восстанавливается со временем или за золото<br><div class='separ'></div><a class='btn' href='/moduls/ckoldun.php?act=ok'><span class='end'><span class='label'>Восстановить <img src='/images/icon/health.png' alt=''/> 100% здоровья</span></span></a><br><span class='grey'>Цена: <img src='/images/icon/gold.png' alt=''/> 50 золота</span>";
header("Location: boss.php?id=$boss[id]");
exit();
}
if($user['mana'] < 500){
$_SESSION['light'] = "<span class='dred'>Для нападения нужно <img src='/images/icon/mana.png' alt=''/> 500 маны</span><br/>Мана восстанавливается со временем или за золото<br><div class='separ'></div><a class='btn' href='/moduls/ckoldun.php?act=ok'><span class='end'><span class='label'>Восстановить <img src='/images/icon/mana.png' alt=''/> 100% маны</span></span></a><br><span class='grey'>Цена: <img src='/images/icon/gold.png' alt=''/> 50 золота</span>";
header("Location: boss.php?id=$boss[id]");
exit();
}else{
$header = 'Босс '.$boss['name'];
$bos_param = $boss[sila] + $boss[health] + $boss[lovk] + $boss[zashit];
$boss_param = rand($bos_param,$bos_param*2);
require_once H.'core/head.php';
if($boss_param > $user[param]){
mysql_query("update `user` set `health` = '".($user['health']-$health)."',`mana`='".($user['mana']-500)."' where (`id` = '".$user['id']."')");
header("Location: boss.php?id=$boss[id]");
$_SESSION['light'] = "<h2 class='dred' style='font-weight:bold;'><img src='/images/icon/2hit.png' alt=''/> Поражение <img src='/images/icon/2hit.png' alt=''/></h2>";
exit();
}else{
mysql_query("update `user` set `exp` = '".($user['exp']+$boss[exp])."',`gold` = '".($user['gold']+$boss[gold])."',`health` = '".($user['health']-$health)."',`mana`='".($user['mana']-500)."' where (`id` = '".$user['id']."')");
mysql_query("UPDATE `user` SET `boss_pobed` = '".($user['boss_pobed']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: boss.php?id=$boss[id]");
$_SESSION['light'] = "<h2 class='dgreen' style='font-weight:bold;'><img src='/images/icon/2hit.png' alt=''/> Победа <img src='/images/icon/2hit.png' alt=''/></h2><div class='separ'></div><img src='/images/icon/gold.png' alt=''/> ".$boss[gold]." золота <img src='/images/icon/exp.png' alt='exp'/> ".$boss[exp]." опыта";
exit();
}
}
}
require_once H.'core/foot.php';
?>