Файл: gamele.ru/includes/addons/admin-action/presents.php
Строк: 257
<?
require_once($_SERVER["DOCUMENT_ROOT"]."/func/connect.php");
require_once($_SERVER["DOCUMENT_ROOT"]."/inc/inc/bbcodes.inc.php");
db_open();
if($_POST['present']!='none'){
if($_GET['save']==1){
mysql_query("UPDATE `hpr` SET `price`='".intval($_POST['price'])."',`category`='".$_POST['category']."',`holiday`='".$_POST['holiday']."',`open`='".intval($_POST['open'])."',`dprice`='".intval($_POST['dprice'])."' WHERE `present`='".$_POST['present']."' LIMIT 1;");
}
}
$presents=mysql_query("SELECT * FROM `hpr`;");
echo '
<form method="post" action="?useaction=admin-action&addid=presents&add=1">
<table cellpadding=0 cellspacing=0 border=0 width=65% bgcolor=#e0e0e0 align=center>
<tr align=center><td>
<select name=present>
<option value="none" '.(($_POST['present']!='none' and $_POST['present']!='')?'':'selected=selected').'>Выберите подарок</option>
';
while($present = mysql_fetch_array($presents)){
echo '<option value="'.$present['present'].'" '.(($_POST['present']==$present['present'])?'selected=selected':'').'>'.$present['present'].'</option>';
}
echo '
</select>
<input class=lbut type=submit value="Выбрать">
</td></tr>
</table>
</form>
';
$err=0;
if($_POST['present']!='none' and !empty($_POST['present'])){
if(!empty($_POST['delete'])){
$items=mysql_fetch_array(mysql_query("SELECT * FROM `hpr` WHERE `present`='".$_POST['present']."' LIMIT 1;"));
$additem="";
switch($_POST['delete_id']){
case 'items':
$item=explode("|",$items['items_id']);
foreach($item as $val){
if($val!='' and $val!=$_POST['delete']){
$additem.=$val."|";
}
}
if($additem==""){$additem=0;}
mysql_query("UPDATE `hpr` SET `items_id`='".$additem."' WHERE `present`='".$_POST['present']."' LIMIT 1;");
break;
}
}
if($_POST['idit']){
$items=mysql_fetch_array(mysql_query("SELECT * FROM `hpr` WHERE `present`='".$_POST['present']."' LIMIT 1;"));
if($items['items_id']=='0'){
$additem=intval($_POST['idit'])."|";
mysql_query("UPDATE `hpr` SET `items_id`='".$additem."' WHERE `present`='".$_POST['present']."' LIMIT 1;");
}
else{
$item=explode("|",$items['items_id']);
if(in_array(intval($_POST['idit']),$item)==false){
$additem=$items['items_id'].intval($_POST['idit'])."|";
mysql_query("UPDATE `hpr` SET `items_id`='".$additem."' WHERE `present`='".$_POST['present']."' LIMIT 1;");
}
}
}
if($_GET['add']==1){
$present=mysql_fetch_array(mysql_query("SELECT * FROM `hpr` WHERE `present`='".$_POST['present']."';"));
echo'
<form method="post" action="?useaction=admin-action&addid=presents&add=1&save=1">
<br><table cellpadding=0 cellspacing=0 border=0 width=65% bgcolor=#e0e0e0 align=center>
<tr><td>
<table border=0 cellpadding=4 cellspacing=1 bordercolor=#e0e0e0 align=center class="smallhead" width=100%>
<tr class=nickname bgcolor=#EAEAEA>
<td align=center width=30%><b>Имя и ид подарка</b></td>
<td align=center><b>Цена</b></td>
</tr>';
echo'
<tr class=freetxt bgcolor=white>
<td align=center width=30%>
Категория: <input type=text class=logintextbox6 name="category" value="'.$present['category'].'" /><br>
Ид: '.$present['present'].'
</td>
<td align=center>
<b>Цена подарка за ER</b><br><input type=text class=logintextbox6 name="price" value="'.$present['price'].'" /><br>
<b>Цена подарка за DLE</b><br><input type=text class=logintextbox6 name="dprice" value="'.$present['dprice'].'" /><br>
Можно открыть:<select name="open"><otion value="0" '.(($present['open'])?'':'selected=selected').'>Нет</option><option value="1" '.(($present['open'])?'selected=selected':'').'>Да</option></select><br>
</td>
</tr>
<tr class=freetxt bgcolor=white>
<td align=center width=100% colspan=5>
<input class=lbut type=submit value="Сохранить">
<input type=hidden name=present value="'.$_POST['present'].'">
</td>
</tr>
</table></form></td></tr></table>';
}
if($err==0){
echo'
<form method="post" action="?useaction=admin-action&addid=presents&add=1">
<table cellpadding=0 cellspacing=0 border=0 width=65% bgcolor=#e0e0e0 align=center>
<tr align=left class=nickname><td align=center>
<b>Добавить вещи в подарок:</b>
<select name="type" >
<option value="" selected="selected">все типы</option>
<option value="w4">Ножи</option>
<option value="w1">Мечи</option>
<option value="w2">Топоры</option>
<option value="w3">Дробящее</option>
<option value="w6">Алебарды и копья</option>
<option value="w5">Метательное</option>
<option value="w7">Посохи</option>
<option value="w20">Щиты</option>
<option value="w23">Шлемы</option>
<option value="w26">Пояса</option>
<option value="w18">Кольчуги</option>
<option value="w19">Доспехи</option>
<option value="w24">Перчатки</option>
<option value="w80">Наручи</option>
<option value="w21">Сапоги</option>
<option value="w25">Кулоны</option>
<option value="w22">Кольца</option>
<option value="w28">Наплечники</option>
<option value="w90">Поножи</option>
<option value="w61">Приманки</option>
<option value="w0">Эликсиры</option>
<option value="w66">Травы</option>
<option value="w67">Шкуры</option>
<option value="w29">Свитки</option>
</select> <input name="smb7" type="submit" class="lbut" value="Применить фильтр" />';
$filter2="WHERE master=''";
if($smb7){
if($type==""){
$filter="";$filter2="WHERE master=''";
}
else $filter="WHERE type='".$type."'";
$filter2=" AND master=''";
}
echo'
<select name="idit" >
<option value=0';
if($idit==""){echo " selected=selected";}
echo'>Выберите тип</option>';
$it=mysql_query("SELECT * FROM `items` ".$filter." ".$filter2." ORDER BY type,name,level;");
while ($row = mysql_fetch_assoc($it)) {
echo "<option value=".$row['id']."";if($idit==$row['id']){echo " selected=selected";}echo">".$row['name']." [ ".$row['level']." ]</option>";
}
echo'
<input type=hidden name=present value="'.$_POST['present'].'">
<input class=lbut type=submit value="Добавить в дроп">
</td></tr>
</table>
</form><br>
';
if($present['items_id']!='0'){
echo'
<table cellpadding=0 cellspacing=0 border=0 width=65% bgcolor=#e0e0e0 align=center>
<tr><td>
<table border=0 cellpadding=4 cellspacing=1 bordercolor=#e0e0e0 align=center class="smallhead" width=100%>
<tr align=center class=nickname><td><b>Добавленные вещи:</b></td></tr>';
$itemsin=explode("|",$present['items_id']);
foreach($itemsin as $val){
if($val!=''){
$name=mysql_fetch_array(mysql_query("SELECT `items`.`name`,`items`.`id` FROM `items` WHERE `id`='".$val."' LIMIT 1;"));
echo'
<tr class=freetxt bgcolor=white>
<td>
<form method="post" action="?useaction=admin-action&addid=presents&add=1" id="itdel_'.$name['id'].'">
'.$name['name'].'
<input type=hidden name=present value="'.$_POST['present'].'">
<input type=hidden name=delete value="'.$name['id'].'">
<input type=hidden name=delete_id value="items">
<input type=image src=http://image.gamele.ru/del.gif width=14 height=14 border=0 onClick="javasctipt: document.getElementById('itdel_'.$name['id'].'').submit()" value="x" />
</form>
</td>
</tr>';
}
}
echo'
</table>
</td></tr>
</table>';
}
}
}
?>