Файл: gamele.ru/includes/addons/admin-action/playeritems.php
Строк: 116
<? session_start();session_register('filter');?>
<HTML>
<HEAD>
<LINK href="../../../css/game.css" rel=STYLESHEET type=text/css>
<META Http-Equiv=Content-Type Content="text/html; charset=windows-1251">
<META Http-Equiv=Cache-Control Content=No-Cache>
<META Http-Equiv=Pragma Content=No-Cache>
<META Http-Equiv=Expires Content=0>
</HEAD>
<BODY bgcolor=#FFFFFF topmargin=0 bottommargin=0 marginwidth=0 marginheight=0 leftmargin=0 rightmargin=0>
<table width="60%" border="0" cellspacing="0" cellpadding="0" align=center>
<tr>
<td><input type=button class=lbut onClick="location='?useaction=admin-action&addid=playeritems'" value="обновить"></td>
</tr>
</table>
<?
require_once($_SERVER["DOCUMENT_ROOT"]."/func/connect.php");
require_once($_SERVER["DOCUMENT_ROOT"]."/inc/inc/bbcodes.inc.php");
db_open();
echo '
<form method="post" action="?useaction=admin-action&addid=playeritems&load=1">
<br><span class="logintext"> Введите логин: </span><input name="loginp" type="text" class="LogintextBox" />
<input name="load" type="submit" value="Загрузить" class="lbut"/>
</form>';
if($_GET['load']==1 and $_POST['loginp']!=''){
$plid=mysql_fetch_array(mysql_query("SELECT `user`.`id` FROM `user` WHERE `login`='".$_POST['loginp']."' LIMIT 1;"));
if($_POST['delete']){
if($_POST['delete']!='all'){
mysql_query("DELETE FROM `invent` WHERE `id_item`='".$_POST['delete']."' AND `pl_id`='".$plid['id']."' LIMIT 1;");
}
else{
mysql_query("DELETE FROM `invent` WHERE `pl_id`='".$plid['id']."';");
}
}
$allitems=mysql_query("SELECT * FROM `invent` WHERE `pl_id`='".$plid['id']."';");
echo'
<table cellpadding=0 cellspacing=0 border=0 width=65% bgcolor=#e0e0e0 align=center>
<tr><td>
<table border=0 cellpadding=4 cellspacing=1 bordercolor=#e0e0e0 align=center class="smallhead" width=100%>
<tr align=center class=nickname><td><b>Вещи персонажа <b>'.$_POST['loginp'].'</b>:</b></td></tr>';
while($row = mysql_fetch_array($allitems)){
$name=mysql_fetch_array(mysql_query("SELECT `items`.`name`,`items`.`id` FROM `items` WHERE `id`='".$row['protype']."' LIMIT 1;"));
echo '
<tr class=freetxt bgcolor=white>
<td>
<form method="post" action="?useaction=admin-action&addid=playeritems&load=1" id="itdel_'.$row['id_item'].'">
'.$name['name'].'
<input type=hidden name=loginp value="'.$_POST['loginp'].'">
<input type=hidden name=delete value="'.$row['id_item'].'">
<input type=image src=http://image.gamele.ru/del.gif width=14 height=14 border=0 onClick="javasctipt: document.getElementById('itdel_'.$row['id_item'].'').submit()" value="x" />
</form>
</td>
</tr>';
}
if(mysql_num_rows($allitems)>0){
echo '
<tr class=freetxt bgcolor=white>
<td>
<form method="post" action="?useaction=admin-action&addid=playeritems&load=1" id="itdel_all">
<b><font color=red>ОСТОРОЖНО!!!</font> УДАЛИТЬ ВСЕ ВЕЩИ </b>
<input type=hidden name=loginp value="'.$_POST['loginp'].'">
<input type=hidden name=delete value="all">
<input type=image src=http://image.gamele.ru/del.gif width=14 height=14 border=0 onClick="javasctipt: document.getElementById('itdel_all').submit()" value="x" />
</form>
</td>
</tr>';
}
else{
echo '
<tr class=freetxt bgcolor=white>
<td>
<b color=red>У персонажа нет вещей</b>
</td>
</tr>';
}
echo'
</table>
</td></tr>
</table>';
}
?>