Файл: test.zfarm.mobi/mystylecolexp/mystylecollectionexpvolshebnik.php
Строк: 23
<?php
what(0, 'exp');
$type_ok = 'yes';
if(isset($_GET['mystylecollectionexpvolshebnik']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `mystyle_collections_exp` WHERE `user` = '".$user['id']."' AND `type` = '".$type_ok."'"),0)!=0){
$type_ok = 'yes'; $post = mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_collections_exp` WHERE `user` = '".num($user['id'])."' AND `type` = '".$type_ok."'"));
$rat = $post['exp'];
$avatar = 0;
$mozgi_exp_sql = 0;
if(isset($mozgi_exp))$mozgi_exp_sql=(($rat/100)*200);
if(isset($user['avatar_exp']))$avatar=(($rat/100)*$user['avatar_exp']);
$rat_user = $avatar+$mozgi_exp_sql;
if($rat_user==0)$rat=$rat;
else $rat=$rat_user;
$rating = $user['rating']+$rat_user;
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `mystyle_club` WHERE `type` = '".num($user['msclub'])."'"),0)<1){}else{
$club = mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_club` WHERE `id` = '".num($user['msclub'])."'"));
$cuser = mysql_fetch_array(mysql_query("SELECT * FROM `mystyle_cuser` WHERE `user` = '".num($user['id'])."'"));
$col = $club['rating']+$rat_user;
$col2 = $cuser['rating']+$rat_user;
mysql_query("UPDATE `mystyle_club` SET `rating` = '".$col."' WHERE `id` = '".$user['msclub']."' LIMIT 1");
mysql_query("UPDATE `mystyle_cuser` SET `rating` = '".$col2."' WHERE `user` = '".$user['id']."' LIMIT 1");
}
mysql_query("UPDATE `mystyle_user` SET `rating` = '".$rating."' WHERE `id` = '".num($user['id'])."'");
$text = 'Вы забрали: + '.$rat_user.' к вашему опыту.';
$_SESSION['msg'] = $text;
mysql_query("DELETE FROM `mystyle_collections_exp` WHERE `id` = '".num($post['id'])."' AND `user` = '".num($user['id'])."'");
header("Location: ./?ok");
exit;
}else{
$text = 'Вы решили обмануть Волшебника?';
$_SESSION['msg'] = $text;
header("Location: ./?ok");
exit;
}
?>