Файл: vxas.ru/fish/inv.php
Строк: 136
<?php
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/adm_check.php';
include_once '../sys/inc/user.php';
$set['title']='Рыбалка онлайн';
include_once '../sys/inc/thead.php';
title();
aut();
if(!isset($user)){
header("Location:/index.php");
exit;
}
include_once 'inc/start.php';
$posts=array();
$posts[]=array('icon'=>'<img src="ico.png"/>','title'=>'Инвентарь');
$count=mysql_query("SELECT * FROM `fish_i` WHERE `id_u`='".mysql_real_escape_string($user_id)."'");
if(mysql_num_rows($count)==0)
$posts[]=array('title'=>'Инвентарь пуст');
else
{
if(isset($_GET['del'])){
$osn=abs(intval($_GET['del']));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `fish_i` WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'"),0)!=0){
mysql_query("UPDATE `fish_i` SET `act`='0' WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'");
header("Location:inv.php");
exit;
}
else
mes('Ошибка');
}
if(isset($_GET['sellout'])){
$osn=abs(intval($_GET['sellout']));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `fish_i` WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'"),0)!=0){
$id=mysql_result(mysql_query("SELECT `id_i` FROM `fish_i` WHERE `id`='".mysql_real_escape_string($osn)."'"),0);
$act=mysql_result(mysql_query("SELECT `cena` FROM `fish_pod` WHERE `id`='".mysql_real_escape_string($id)."'"),0);
mysql_query("UPDATE `fish_u` SET `balls`=`balls`+".($act/2)." WHERE `id_u`='".mysql_real_escape_string($user_id)."'");
mysql_query("DELETE FROM `fish_i` WHERE `id`='".mysql_real_escape_string($osn)."' LIMIT 1");
header("Location:inv.php");
exit;
}
else
mes('Ошибка');
}
if(isset($_GET['sel'])){
$osn=abs(intval($_GET['sel']));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `fish_i` WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'"),0)!=0){
$id=mysql_result(mysql_query("SELECT `id_i` FROM `fish_i` WHERE `id`='".mysql_real_escape_string($osn)."'"),0);
$act=mysql_result(mysql_query("SELECT `cena` FROM `fish_pod` WHERE `id`='".mysql_real_escape_string($id)."'"),0);
$posts[]=array('title'=>'Вы действительно хотите продать эту вещь за '.htmlspecialchars($act/2).' ?','post'=>"<a href='inv.php?sellout=".htmlspecialchars($osn)."'>Да</a>/<a href='inv.php?'>Нет</a>");
}
else
mes('Ошибка');
}
if(isset($_GET['osn'])){
$osn=abs(intval($_GET['osn']));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `fish_i` WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'"),0)!=0){
$id=mysql_result(mysql_query("SELECT `id_i` FROM `fish_i` WHERE `id`='".mysql_real_escape_string($osn)."'"),0);
$act=mysql_result(mysql_query("SELECT `type` FROM `fish_pod` WHERE `id`='".mysql_real_escape_string($id)."'"),0);
if($act!='e'){
mysql_query("UPDATE `fish_i` SET `act`='0' WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `type`='".mysql_real_escape_string($act)."'");
mysql_query("UPDATE `fish_i` SET `act`='1' WHERE `id_u`='".mysql_real_escape_string($user_id)."' AND `id`='".mysql_real_escape_string($osn)."'");
}
else
{
$act=mysql_result(mysql_query("SELECT `ener` FROM `fish_pod` WHERE `id`='".mysql_real_escape_string($id)."'"),0);
if($fish['max_energy']<($act+$fish['energy'])){
mysql_query("UPDATE `fish_u` SET `energy`='".mysql_real_escape_string($fish['max_energy'])."' WHERE `id_u`='".mysql_real_escape_string($user_id)."'");
mysql_query("UPDATE `fish_i` SET `ener`=`ener`-$fish[max_energy] WHERE `id`='".mysql_real_escape_string($osn)."'");
}
else
{
mysql_query("UPDATE `fish_u` SET `energy`=`energy`+$act WHERE `id_u`='".mysql_real_escape_string($user_id)."'");
mysql_query("DELETE FROM `fish_i` WHERE `id`='".mysql_real_escape_string($osn)."' LIMIT 1");
}
}header("Location:inv.php");
exit;
}
else
mes('Ошибка');
}
while($arr=mysql_fetch_array($count)){
$p=mysql_fetch_array(mysql_query("SELECT * FROM `fish_pod` WHERE `id`='".mysql_real_escape_string($arr['id_i'])."'"));
$posts[]=array('icon'=>'<td rowspan="2"><img src="i/'.htmlspecialchars($arr['id_i']).'.jpg"/></td>',
'title'=>'<td> <b> '.htmlspecialchars($p["name"]).'</b></td></tr><tr>',
'post'=>'<td>'.htmlspecialchars($p['opis']).'<br/>
'.($arr["kolvo"]==0 ? '' : 'Кол-во : '.htmlspecialchars($arr['kolvo']).' шт<br/>').'
'.($arr["act"]==0 ? '<a href="inv.php?osn='.htmlspecialchars($arr['id']).'">Взять</a>' : '<a href="inv.php?del='.htmlspecialchars($arr['id']).'">Убрать</a>').'
'.($arr["act"]==0 ? '|<a href="inv.php?sel='.htmlspecialchars($arr['id']).'">Продaть</a><br/>' : '').'
</td>');
}
}
$count=count($posts);
for($i=0;$i<$count;$i++){
if($i%2)
echo "<div class='p_m'><table><tr>".implode($posts[$i])."</tr></table></div>";
else
echo "<div class='p_t'><table><tr>".implode($posts[$i])."</tr></table></div>";
}
ret('В игру','index.php');
include_once '../sys/inc/tfoot.php';
?>