Файл: veriy/inc/index.app.php
Строк: 22
<?
if (isset($_GET['oki']) && ($_GET['otv']=='p' || $_GET['otv']=='n')){
$e=mysql_fetch_array(mysql_query("SELECT * FROM `games_app1_vopros` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
if ($e['otvet']==my_esc($_GET['otv'])){
mysql_query("UPDATE `games_app1_user` SET `pravda`=`pravda`+'1',`opsi`=`opsi`+'1' WHERE `id_user` = '$user[id]' LIMIT 1");
header("Location: ?");
}else{
mysql_query("UPDATE `games_app1_user` SET `nepravda`=`nepravda`+'1' WHERE `id_user` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `games_app1_user` SET `opsi` = '0' WHERE `id_user` = '$user[id]'");
header("Location: ?act=err");
}
}
?>
<div id="page">
<div id="header">
<a href="/" id="logo">На сайт</a>
<div id="avatar">
<?
// Аватар
avatar($user['id']);
// Конец
?></div>
<a href="?act=top" id="rating"><?=$arr['pravda'];?></a>
<div id="rating-minus"><?=$arr['nepravda'];?></div>
</div>
<div id="count"><?=$arr['opsi'];?></div>
<div id="content">
<?
$q=mysql_query("SELECT * FROM `games_app1_vopros` ORDER BY RAND() LIMIT 1");
while ($post=mysql_fetch_assoc($q)){
echo " <table id='contentTable'>
<tr>
<td id='question'>
".htmlspecialchars($post['vopros'])."
</td>
</tr>
</table>";
?>
<div class="wrapperButtons">
<div class="btn">
<a href="?oki&id=<?=$post['id']?>&otv=p" class="yes">Верю</a>
</div>
<div class="btn">
<a href="?oki&id=<?=$post['id']?>&otv=n" class="no">Не верю</a>
</div>
</div>
</div>
</div>
<?
}