Файл: gamele.ru/inc/get_id.php
Строк: 283
<?php
switch($_REQUEST['get_id']){
case'11'://Меняем тотем
if($player['obnul']>0){
if($_POST['ch_tot'] >= 0 and $_POST['ch_tot'] < 12){
$CheangeTotem = $_POST['ch_tot'];
}
mysql_query("UPDATE `user` SET `thotem`='".$CheangeTotem."',`obnul`='".($player['obnul'] - 1)."' WHERE `id`='".$player['id']."' LIMIT 1;");
}
break;
case'14'://Обнуляемся
if($player['obnul']>0){
obnul_pl($player);
}
break;
case'40'://Продажа Вещей в ДД
if($_GET['act']=='1'){
$id = (int) (!isset($_GET["uid"]) ? -1 : 0 + $_GET["uid"]); //ID - вещи
if ($id <= 0){
echo'Идите Лесом';
}else{
$GetItem = mysql_fetch_assoc(mysql_query("SELECT * FROM `invent` WHERE `protype` = '".$id."' and `pl_id` = '".$player['id']."' and `dprice` > '0' LIMIT 1;"));
mysql_query("DELETE FROM `invent` WHERE `protype` = '".$id."' and `pl_id` = '".$player['id']."' LIMIT 1;");
mysql_query("UPDATE `user` SET `dnv`= dnv+".intval($_GET['sum'])." WHERE `id` = '".$player['id']."' LIMIT 1;");
echo'<center><b><font class=nickname><font color=#cc0000>Вы удачно продали "'.$GetItem['ItemName'].'".</font></font></b></center>';
}
}
break;
case'56'://Удаляем вещи
mysql_query("DELETE FROM `pcompl` WHERE `id`='".intval($_GET['key'])."' and `uid`='".$player['id']."'");
$msg='<b><font class=nickname><font color=#cc0000>Комплект удален!</font></font></b>';
break;
case'98'://Дилер Сервисы
if($_GET['act']=='1' and $player['dnv']>='30'){
mysql_query("UPDATE `user` SET `obnul`=obnul+1, `dnv`=dnv-30 WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='2' and $player['dnv']>='0.01'){
mysql_query("UPDATE `user` SET `hp`='hp_all',`mp`='mp_all',`chp`='0',`cmp`='0',`dnv`=`dnv`-'0.01' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='7' and $player['dhr']>='1'){
mysql_query("UPDATE `user` SET `capcode`='".(($player['capcode']>time())?($player['capcode']+846000):(846000+time()))."',`dhr`=dhr-1 WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='8' and $player['dhr']>='2'){
mysql_query("UPDATE `user` SET `capcode`='".(($player['capcode']>time())?($player['capcode']+1728000):(1728000+time()))."',`dhr`=dhr-2 WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='9' and $player['dhr']>='3'){
mysql_query("UPDATE `user` SET `capcode`='".(($player['capcode']>time())?($player['capcode']+2592000):(2592000+time()))."',`dhr`=dhr-3 WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='10' and $player['dhr']>='1'){
mysql_query("UPDATE `user` SET `invisible`='".(($player['invisible']>time())?($player['invisible']+3600):(3600+time()))."',`dhr`=dhr-1 WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='11' and $player['dhr']>='2'){
mysql_query("UPDATE `user` SET `invisible`='".(($player['invisible']>time())?($player['invisible']+10800):(10800+time()))."',`dhr`=dhr-2 WHERE `id`='".$player['id']."'");
}
//Client
if($_GET['act']=='101' and $player['dhr']>='1'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*5)):(time()+(86400*5)))."',`dhr`=`dhr`-'1' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='102' and $player['dhr']>='2'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*15)):(time()+(86400*15)))."',`dhr`=`dhr`-'2' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='103' and $player['dhr']>='3'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*30)):(time()+(86400*30)))."',`dhr`=`dhr`-'3' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='104' and $player['dhr']>='7'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*90)):(time()+(86400*90)))."',`dhr`=`dhr`-'7' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='105' and $player['dhr']>='11'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*180)):(time()+(86400*180)))."',`dhr`=`dhr`-'11' WHERE `id`='".$player['id']."'");
}
if($_GET['act']=='106' and $player['dhr']>='16'){
mysql_query("UPDATE `user` SET `Client`='".(($player['Client']>time())?($player['Client']+(86400*360)):(time()+(86400*360)))."',`dhr`=`dhr`-'16' WHERE `id`='".$player['id']."'");
}
break;
case'99'://Школа воинов
if($_GET['act']==1){
switch($player['level']){
case 0: TrainBots(0,1); break;
case 1: TrainBots(1,2); break;
case 2: TrainBots(2,3); break;
case 3: TrainBots(3,3); break;
case 4: TrainBots(4,3); break;
case 5: TrainBots(5,3); break;
default: echo'<script>alert('Вы уже окончили свое обучение.');</script>'; break;
}
}
break;
}
if($_GET['get_id'] == '34'){
$msg = '';
switch($_GET['post_action']){
case'1':
if(!empty($_GET['fornickname'])){
$GetUser = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `login`='".mysql_escape_string($_GET['fornickname'])."'"));
if($GetUser['login'] == $player['login']){
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Нельзя производить почтовые операции с самим собой.</b></font></font></div>';
}
if(empty($GetUser['login'])){
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Игрок не найден.</b></font></font></div>';
}
if(empty($msg)){
$_SESSION['gamesession']['post_user'] = $GetUser['login'];
$_SESSION['gamesession']['post_id'] = $GetUser['id'];
}
unset($GetUser);
}
break;
case'2':
if(!empty($_SESSION['gamesession']['post_user'])){
$_SESSION['gamesession']['post_user'] = '';
$_SESSION['gamesession']['post_id'] = '';
}
break;
case'4':
if(!empty($_GET['message'])){
$GetUser = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id`='".$_SESSION['gamesession']['post_id']."'"));
if($player['nv']>=10){
if($GetUser['last']>time()-300){
chmsg("top.frames['chmain'].add_msg('<font class=chattime> ".date("H:i:s")." </font> <font color=000000><b><font color=#CC0000>Телеграмма:</font></b> ".htmlspecialchars(strip_tags($_GET['message'], ''))." (<b>".$player['login']."</b>)</font></font><BR>'+'');",$GetUser['login']);
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Телеграмма доставленна.</b></font></font></div>';
}else{
mysql_query("INSERT INTO `post` (`type`,`to_user`,`fr_user`,`messange`,`status`,`time`) VALUES ('3','".$GetUser['id']."','".$player['login']."','top.frames['chmain'].add_msg('<font class=chattime> ".date("d.m.Y H:i:s")." </font> <font color=000000><b><font color=#CC0000>Телеграмма:</font></b> ".htmlspecialchars(strip_tags($_GET['message'], ''))." (<b>".$player['login']."</b>)</font></font><BR>'+'');','0','".time()."');");
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Персонаж '.$GetUser['login'].' вне мира, как только мы его увидем, мы сразу ему сообщим.</b></font></font></div>';
}
mysql_query("UPDATE `user` SET `nv` = nv-10 WHERE `id`='".$player['id']."'");
}else{
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Недостаточно средств.</b></font></font></div>';
}
}
break;
case'7':
$itm=$_GET['itm'];
$price=$_GET['sum'];
$GetItem = mysql_fetch_assoc(mysql_query("SELECT `invent`.*,`items`.* FROM `items` INNER JOIN `invent` ON `items`.`id` = `invent`.`protype` WHERE `protype`=".$itm.""));
$GetUser = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id`='".$_SESSION['gamesession']['post_id']."'"));
if($player['nv']>=$price){
mysql_query("UPDATE `invent` SET `pl_id` = '".$GetUser['id']."' WHERE `protype`=".$itm."");
mysql_query("INSERT INTO `chat` (`time`,`login`,`dlya`,`msg`) VALUES ('".time()."','sys','<".$GetUser['login'].">','".addslashes("top.frames['chmain'].add_msg('<font class=chattime> ".date("H:i:s")." </font> <font color=000000><b><font color=#CC0000>Системная информация</font></b>:</font> Вам по почте переданна вещь <b>".$GetItem['ItemName']."</b> от <b>(".$player['login'].")</b></font><BR>'+'');")."');");
Guild_Logs($player['id'],"4","|2|".getIP()."|".$GetUser['ip']."|".$GetUser['level']."|".$GetUser['login']."|".$GetItem['level']."|".$GetItem['price']."|".($GetItem['dolg']-$GetItem['iznos'])."|".$GetItem['dolg']."|0|".$GetItem['name']);
Guild_Logs($GetUser['id'],"4","|3|".$GetUser['ip']."|".getIP()."|".$player['level']."|".$player['login']."|".$GetItem['level']."|".$GetItem['price']."|".($GetItem['dolg']-$GetItem['iznos'])."|".$GetItem['dolg']."|0|".$GetItem['name']);
echo'<center><b><font class=nickname><font color=#cc0000>Вещь '.$GetItem['ItemName'].' успешно передана. '.$GetUser['login'].' получит их в ближайшее время.</font></font></b></center>';
}else{
$msg = '<div align=center><font class=nickname><font color=#dd0000><b>Недостаточно средств для отправки '.$GetItem['ItemName'].'.</b></font></font></div>';
}
break;
case'6':
$GetUser = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id`='".$_SESSION['gamesession']['post_id']."'"));
$ttext=$_GET['ttext'];
if($_GET['cmoney']>=1 and $player['nv']>=$_GET['cmoney']){
if(mysql_query("UPDATE `user` SET `nv`=`nv`-'".$_GET['cmoney']."' WHERE `id`='".$player['id']."' LIMIT 1;") and mysql_query("UPDATE `user` SET `nv`=`nv`+'".$_GET['cmoney']."' WHERE `login`='".$GetUser['login']."' LIMIT 1;")){
echo'<center><b><font class=nickname><font color=#cc0000>Удачно переданы '.$_GET['cmoney'].'ER. '.$GetUser['login'].' получит их в ближайшее время.</font></font></b></center>';
mysql_query("INSERT INTO `chat` (`time`,`login`,`dlya`,`msg`) VALUES ('".time()."','sys','<".$GetUser['login'].">','".addslashes("top.frames['chmain'].add_msg('<font class=chattime> ".date("H:i:s")." </font> <font color=000000><b><font color=#CC0000>Системная информация</font></b>:</font> Вам по почте переданно ".$_GET['cmoney']."ER от <b>(".$player['login'].")</b></font><BR>'+'');")."');");
Guild_Logs($player['id'],"2","|2|".getIP()."|".$GetUser['ip']."|".$GetUser['level']."|".$GetUser['login']."|".$_GET['cmoney']."|0|".$ttext);
Guild_Logs($GetUser['id'],"2","|3|".$GetUser['ip']."|".getIP()."|".$player['level']."|".$player['login']."|".$_GET['cmoney']."|0|".$ttext);
}
else{echo'<center><b><font class=nickname><font color=#cc0000>Ошибка при передачи.</font></font></b></center>';
}
}
else{echo'<center><b><font class=nickname><font color=#cc0000>Ошибка при передачи (неверная сумма).</font></font></b></center>';
}
break;
}
echo $msg;
}
?>