Файл: waphero.ru/magazin/kompl.php
Строк: 97
<?php
require_once '../core/system.php';
echo only_reg();
$header = 'Магазин';
require_once '../core/head.php';
$spis = mysql_fetch_assoc(mysql_query("SELECT * FROM `komplekt` where `id` = '".abs(intval($_GET['id']))."' limit 1"));
if(empty($spis['name'])){
header('location:/'); exit;
}
if(isset($_GET['tov'])){
$infor = mysql_fetch_assoc(mysql_query("SELECT cena,type from `kompl` where `id_komp` = '".abs(intval($_GET['id']))."' and `id` = '".abs(intval($_GET['tov']))."' limit 1"));
if(empty($infor['cena'])){
header('location:/magazin'); exit;
}elseif($user['gold']<$infor['cena'] or $user['level']<$spis['lvl']){
echo 'Ваш уровень не позволяет купить данный предмет, либо недостаточно золота!';
}elseif(mysql_result(mysql_query("SELECT count(id) from `kompl_us` where `id_komp` = '".abs(intval($_GET['tov']))."' and `id_us` = '".$user['id']."'"),0)){
echo'У вас уже имеется данный предмет!';
}elseif(mysql_result(mysql_query("SELECT count(id) from `kompl_us` where `id_us` = '".$user['id']."' and `type` = '".$infor['type']."'"),0) >= 1){
echo'У вас уже есть предмет такого типа!';
}else{
echo'Предмет успешно куплен и перемещён в ваш рюкзак!<br/>';
mysql_query("UPDATE `user` set `gold` = `gold` - '".$infor['cena']."' where `id` = '".$user['id']."' limit 1");
mysql_query("INSERT INTO `kompl_us` set `type` = '".$infor['type']."', `id_komp` = '".abs(intval($_GET['tov']))."', `id_us` = '".$user['id']."'");
$spis = mysql_fetch_assoc(mysql_query("SELECT nak from `ref` where `id_us` = '".$user['id']."' limit 1"));
if(!empty($spis['nak'])){
$bonus = round($infor['cena']*20/100,2);
mysql_query("UPDATE `user` set `gold` = `gold` + '".$bonus."' where `id` = '".$spis['nak']."' limit 1");
}
}
}
$kompls = mysql_query("SELECT * from `kompl` where `id_komp` = '".abs(intval($_GET['id']))."' order by `id` asc");
while($komp = mysql_fetch_assoc($kompls)){
$stat = explode(';',$komp['stats']);
echo'<div class="player">
<div class="float-left">
<img style="margin-right:10px;margin-top:3px;" width="50" height="50" src="'.$komp['url'].'">
</div>
<img src="/images/icon/equip.png">
<span class="yellow">'.$komp['name'].'</span>
<br>
'.($stat['0']>0?'<span class="dgreen"><img src="/images/icon/str.png" alt="*"/>+'.$stat['0'].'</span>':null).'
'.($stat['1']>0?'<span class="dgreen"><img src="/images/icon/vit.png" alt="*"/>+'.$stat['1'].'</span>':null).'</span>
'.($stat['2']>0?'<span class="dgreen"><img src="/images/icon/agi.png" alt="*"/>+'.$stat['2'].'</span>':null).'</span>
'.($stat['3']>0?'<span class="dgreen"><img src="/images/icon/def.png" alt="*"/>+'.$stat['3'].'</span>':null).'</span>
'.($stat['4']>0?'<span class="dgreen"><img src="/images/icon/mana.png" alt="*"/>+'.$stat['4'].'</span>':null).'</span>
<br>
Тип: '.$komp['type'].'
<div style="clear:both;"></div>
</div>
<div class="player center">
<a class="btn" href="/magazin/kompl.php?id='.abs(intval($_GET['id'])).'&tov='.$komp['id'].'">
<span class="end">
<span class="label">
'.(($komp['cena']>$user['gold'] || $user['level']<$spis['lvl'])?'<font color="red">':null).'Купить за
<img src="/images/icon/gold.png" alt="gold">
'.$komp['cena'].' золота</font>
</span>
</span>
</a>
</div>';
}
echo'</div>';
include_once '../core/foot.php'?>
</div>
</body>
</html>