Файл: test.zfarm.mobi/msclub/mssunduk.php
Строк: 99
<?php
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `mystyle_club` WHERE `id` = '".num($user['msclub'])."' LIMIT 1"),0)!=0){
$act = mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_club` WHERE `id` = '".num($user['msclub'])."'"));
echo '<div class="feedbackPanel">Сундук клана: '.$act['name'].'</div>';
echo '<div><div><table class="center pt6 pb6" style="margin:0 auto; width: 80%;"><tr class="whiteBoldLink textshadow">
<td><img width="25" height="25" src="images/who_postroyki/s_woodblocks.png" alt="" /></td>
<td><img width="25" height="25" src="images/who_postroyki/s_bamboo.png" alt="" /></td>
<td><img width="25" height="25" src="images/who_postroyki/brain.png" alt="" /></td>
<td><img width="25" height="25" src="images/who_postroyki/s_blackm.png" alt="" /></td>
<td><img width="25" height="25" src="images/who_postroyki/stone3.png" alt="" /></td>
</tr>
<tr class="whiteBoldLink textshadow">
<td>Брус</td>
<td>Любви</td>
<td>Золото</td>
<td>Мрамор</td>
<td>Камень</td>
</tr>';
echo '<tr class="blueSecColor textshadow">
<td>'.$act['s1'].'</td>
<td>'.$act['s2'].'</td>
<td>'.$act['s3'].'</td>
<td>'.$act['s4'].'</td>
<td>'.$act['s5'].'</td>
</tr>';
echo '</table></div></div></div>';
if(isset($_POST['who']) && isset($_POST['col']))
{
$who = $_POST['who'];
$col = $_POST['col'];
if($who == 1)$who1 = 'Брус';
if($who == 2)$who1 = 'Любви';
if($who == 3)$who1 = 'Золото';
if($who == 4)$who1 = 'Мрамор';
if($who == 5)$who1 = 'Камень';
if($who == 1)$whoe = 'sunduk1';
if($who == 2)$whoe = 'sunduk2';
if($who == 3)$whoe = 'sunduk3';
if($who == 4)$whoe = 'sunduk4';
if($who == 5)$whoe = 'sunduk5';
if($who == 1)$who2 = $user['sunduk1'];
if($who == 2)$who2 = $user['sunduk2'];
if($who == 3)$who2 = $user['sunduk3'];
if($who == 4)$who2 = $user['sunduk4'];
if($who == 5)$who2 = $user['sunduk5'];
if($who == 1)$who3 = 's1';
if($who == 2)$who3 = 's2';
if($who == 3)$who3 = 's3';
if($who == 4)$who3 = 's4';
if($who == 5)$who3 = 's5';
if($who2>=$col){
if(!preg_match("#^([0-9-_ ])+$#ui", $_POST['who']))err_game('Материал не выбран');
elseif(!preg_match("#^([0-9-_ ])+$#ui", $_POST['col']))err_game('Количество невыбрано');
else
{
$users = $who2-$col;
$clubs = $act[''.$who3.'']+$col;
mysql_query("UPDATE `mystyle_user` SET `".$whoe."` = '".$users."' WHERE `id` = '".$user['id']."' LIMIT 1");
mysql_query("UPDATE `mystyle_club` SET `".$who3."` = '".$clubs."' WHERE `id` = '".$act['id']."' LIMIT 1");
$text = 'Вы передали ('.$who1.') +'.$col.' в клан';
$_SESSION['msg'] = $text;
}
}else{
$text = 'НЕ хватает ресурсов';
$_SESSION['msg'] = $text;
}
header("Location: ./?mssunduk");
exit;
}
echo '<form class="pt24" method="post">
<div style="width:0px;height:0px;position:absolute;left:-100px;top:-100px;overflow:hidden">
<input type="hidden" name="id1_hf_0" id="id1_hf_0" /></div>
<div class="fl" style="width: 46%;">
<label for="login">
<div style="text-align: left;" class="btnp">Что передаем?</div>
<div>
<select class="btnp" style="width: 100%;padding-left: 0;padding-right: 0;" name="who">';
echo '<option value="">Материал не выбран</option>';
echo '<option value="1">Брус</option>';
echo '<option value="2">Любви</option>';
echo '<option value="3">Золото</option>';
echo '<option value="4">Мрамор</option>';
echo '<option value="5">Камень</option>';
echo '</select>
</div>
</label></div><div class="fr" style="width: 46%; margin-right: 4px;">
<label for="pass"><div style="text-align: left;" class="btnp">Количество</div>
<div>
<select class="btnp" style="width: 100%;padding-left: 0;padding-right: 0;" name="col">';
echo '<option value="">Количество невыбрано</option>';
echo '<option value="1">1</option>';
echo '<option value="5">5</option>';
echo '<option value="10">10</option>';
echo '<option value="15">15</option>';
echo '<option value="25">25</option>';
echo '<option value="50">50</option>';
echo '<option value="100">100</option>';
echo '<option value="250">250</option>';
echo '<option value="500">500</option>';
echo '<option value="1000">1000</option>';
echo '</select>
</div>
</label></div><div style="clear: both;"></div><div> <div class="pt6">
<input type="submit" value="Отправить" class="btn bold" style="width: 100%; font-size: 16px;"/>
</div></div></form>';
echo '<div>
<div class="feedbackPanel">
<div style="text-align: center;">
<div class="fl" style="width: 49%;">
<a class="btn" href="?msclub">
<img width="16" height="16" alt="o" src="/images/icons/tick.png"/>
<span>В клан!</span>
</a>
</div>
<div class="fr" style="width: 49%;">
<a class="btn" href="./">
<img width="16" height="16" alt="o" src="/images/icons/cross.png"/>
<span>На главную!</span>
</a>
</div>
<div style="clear: both;"></div>
</div>
</div>
</div>';
}else{
///////// Лог Пользователя ///// By MyStyle
$text = 'Вас нет в клане';
$_SESSION['msg'] = $text;
header("Location: ./?msclan");
exit;
}
?>