Файл: gamele.ru/js/get_id.php
Строк: 211
<?php
if($_GET['get_id'] == '24' and in_array($_GET['vcode'],$_SESSION['vcodes'])){
switch($_GET['act']){
case'2':
switch($_GET['type']){
case'1':
$GetAuc = mysql_fetch_assoc(mysql_query("SELECT * FROM `auction` WHERE `id`='".intval($_GET['luid'])."' and `uid`='".$pers['id']."' and `ItemID`='".intval($_GET['wuid'])."' and `FirstBetID`='0'"));
if($GetAuc){
$GetItem = mysql_fetch_assoc(mysql_query("SELECT * FROM `invent` WHERE `id_item`='".$GetAuc['ItemID']."' and `auction`='1'"));
if($GetItem){
mysql_query("UPDATE `invent` SET `auction`='0' WHERE `id_item`='".$GetItem['id_item']."'");
mysql_query("DELETE FROM `auction` WHERE `id`='".$GetAuc['id']."'");
echo"<script>alert('Вы успешно сняли "".$GetItem['ItemName']."" с торгов.');</script>";
}
}
break;
case'2':
$GetAuc = mysql_fetch_assoc(mysql_query("SELECT * FROM `auction` WHERE `id`='".intval($_GET['luid'])."' and `uid`='".$pers['id']."' and `ItemID`='".intval($_GET['wuid'])."' and `FirstBetID`='0'"));
if($GetAuc){
$GetItem = mysql_fetch_assoc(mysql_query("SELECT * FROM `invent` WHERE `id_item`='".$GetAuc['ItemID']."' and `auction`='1'"));
if($GetItem){
mysql_query("UPDATE `invent` SET `auction`='0' WHERE `id_item`='".$GetItem['id_item']."'");
mysql_query("DELETE FROM `auction` WHERE `id`='".$GetAuc['id']."'");
echo"<script>alert('Вы успешно сняли "".$GetItem['ItemName']."" с торгов.');</script>";
}
}
break;
}
break;
}
}
if($_GET['get_id'] == '9' and in_array($_GET['vcode'],$_SESSION['vcodes'])){
switch($_GET['go']){
case'1':
if($pers['nv']>=Level_rooms($pers['level'])){
$time_chp = (($pers['chp']-time())/2);
$time_cmp = (($pers['cmp']-time())/2);
mysql_query("UPDATE `user` SET `loc`='50',`chp`='".($time_chp+time())."',`cmp`='".($time_cmp+time())."',`nv`='".($pers['nv']-Level_rooms($pers['level']))."' WHERE `id`='".$pers['id']."'");
$pers['loc'] = 50;
}
break;
case'2':
$time_chp = (($pers['chp']-time())*2);
$time_cmp = (($pers['cmp']-time())*2);
mysql_query("UPDATE `user` SET `loc`='4',`chp`='".($time_chp+time())."',`cmp`='".($time_cmp+time())."' WHERE `id`='".$pers['id']."'");
$pers['loc'] = 4;
break;
case'3':
if($pers['nv']>=Level_rooms($pers['level'])){
/* Считаем травмы */
$TravmTime = '';
$aff=explode("|",$pers['affect']);
foreach ($aff as $val){
$v=0;
$par=explode("@",$val);
if($par[1]>time()){
$par[1]-=time();
}
if($par[2]>0 and $par[2]<5){
$par[1] = ($par[1]/2);
}
$TravmTime .= $par[0].'@'.($par[1]+time()).'@'.$par[2].'|';
}
/* конец травмы */
mysql_query("UPDATE `user` SET `loc` = '51',`affect`='".$TravmTime."',`nv`='".($pers['nv']-Level_rooms($pers['level']))."' WHERE `id`='".$pers['id']."'");
$pers['loc'] = 51;
}
break;
case'4':
/* Считаем травмы */
$TravmTime = '';
$aff=explode("|",$pers['affect']);
foreach ($aff as $val){
$v=0;
$par=explode("@",$val);
if($par[1]>time()){
$par[1]-=time();
}
if($par[2]>0 and $par[2]<5){
$par[1] = ($par[1]*2);
}
$TravmTime .= $par[0].'@'.($par[1]+time()).'@'.$par[2].'|';
}
/* конец травмы */
mysql_query("UPDATE `user` SET `loc` = '4',`affect`='".$TravmTime."' WHERE `id`='".$pers['id']."'");
$pers['loc'] = 4;
break;
}
}
if($_GET['get_id'] == '18'){
$GetItem = mysql_fetch_array(mysql_query("SELECT `invent`.*, `items`.* FROM `items` INNER JOIN `invent` ON `items`.`id` = `invent`.`protype` WHERE `invent`.`pl_id` = '".$pers['id']."' and `invent`.`used` = '0' and `invent`.`cl_id` = '' and `invent`.`id_item` = '".intval($_GET['uid'])."';"));
$access = explode("|",$pers['clan_accesses']);
if(!empty($GetItem) and in_array('1',$access)){
mysql_query("UPDATE `invent` SET `cl_id` = '".$pers['clan_id']."',`gift` = 'Подарок от "".$pers['login'].""' WHERE `used` = '0' AND `id_item` = '".$GetItem['id_item']."' AND `pl_id` = '".$pers['id']."'");
echo"<center><b><font class=nickname><font color=#cc0000>Вы успешно пожертвовали вещь "".$GetItem['name']."" в казну.</font></font></b></center>";
}
unset($GetItem);
}
if($_GET['get_id'] == '26' and in_array($_GET['vcode'],$_SESSION['vcodes']) and $pers['nv']>=5000){
mysql_query("UPDATE `clans` SET `vote`='".(time()+259200)."' WHERE `clan_id`='".$pers['clan_id']."'");
mysql_query("UPDATE `user` SET `nv`=`nv`-'5000' WHERE `id`='".$pers['id']."' LIMIT 1;");
}
if($_GET['get_id'] == '29' and in_array($_GET['vcode'],$_SESSION['vcodes'])){
$_GET['plid'] = intval($_GET['plid']);
$cuser = mysql_fetch_array(mysql_query("SELECT `id`,`clan_id` FROM `user` WHERE `id`='".$_GET['plid']."'"));
$clan = mysql_fetch_array(mysql_query("SELECT * FROM `clans` WHERE `clan_id` = '".$pers['clan_id']."'"));
if($_GET['clan_act'] == '1'){
$GetItem = mysql_num_rows(mysql_query("SELECT * FROM `invent` WHERE `used` = '1' AND `cl_id` = '".$clan['clan_id']."' AND `pl_id` = '".$_GET['plid']."'"));
$WhoItem = GetUserFID($_GET['plid'],1);
$access = explode("|",$pers['clan_accesses']);
if($GetItem>0 and in_array('2',$access) and $WhoItem['last']<=(time()-300)){
mysql_query("UPDATE `invent` SET `used` = '0' WHERE `used` = '1' AND `cl_id` = '".$clan['clan_id']."' AND `pl_id` = '".$WhoItem['id']."'");
echo"<center><b><font class=nickname><font color=#cc0000>Вы успешно раздели персонажа "".$WhoItem['login']."".</font></font></b></center>";
CalcStats($WhoItem['id']);
}elseif($GetItem<1){
echo"<center><b><font class=nickname><font color=#cc0000>На персонаже "".$WhoItem['login']."" не найдено не одной клан вещи.</font></font></b></center>";
}
unset($GetItem);
}elseif($_GET['clan_act'] == '2'){
if($cuser['clan_id'] == $clan['clan_id']){
mysql_query("UPDATE `user` SET `clan`='',`clan_id`='none',`pair_id`='none',`clan_gif`='',`sklon`='0',`clan_d`='' WHERE `id`='".$cuser['id']."'");
mysql_query("UPDATE `user` SET `nv`=nv-100 WHERE `id` = '".$pers['id']."'");
}
}elseif($_GET['clan_act'] == '3' and $pers['clan_status'] == '9'){
mysql_query("DELETE FROM `clan_documents` WHERE `id` = '".intval($_GET['doc_id'])."' AND `clan_id` = '".$pers['clan_id']."'");
}elseif($_GET['clan_act'] == '4'){
$GetItem = mysql_fetch_assoc(mysql_query("SELECT * FROM `invent` WHERE `used` = '0' AND (`cl_id` = '".$clan['clan_id']."' or `cl_id` = '".$clan['pair_id']."') AND `id_item` = '".intval($_GET['uid'])."' AND `pl_id` = '".$_GET['plid']."'"));
$access = explode("|",$pers['clan_accesses']);
if(!empty($GetItem) and in_array('1',$access)){
mysql_query("UPDATE `invent` SET `pl_id` = '".$pers['id']."' WHERE `used` = '0' AND (`cl_id` = '".$clan['clan_id']."' or `cl_id` = '".$clan['pair_id']."') AND `id_item` = '".$GetItem['id_item']."'");
echo"<center><b><font class=nickname><font color=#cc0000>Вы удачно взяли "".ItemName($GetItem['protype'])."" из казны.</font></font></b></center>";
}
unset($GetItem);
}elseif($_GET['clan_act'] == '5'){
$GetItem = mysql_fetch_assoc(mysql_query("SELECT * FROM `invent` WHERE `used` = '1' AND (`cl_id` = '".$clan['clan_id']."' or `cl_id` = '".$clan['pair_id']."') AND `id_item` = '".intval($_GET['uid'])."' AND `pl_id` = '".$_GET['plid']."'"));
$WhoItem = GetUserFID($_GET['plid'],1);
$access = explode("|",$pers['clan_accesses']);
if(!empty($GetItem) and in_array('2',$access) and $WhoItem['last']<=(time()-300)){
mysql_query("UPDATE `invent` SET `used` = '0' WHERE `used` = '1' AND (`cl_id` = '".$clan['clan_id']."' or `cl_id` = '".$clan['pair_id']."') AND `id_item` = '".$GetItem['id_item']."'");
echo"<center><b><font class=nickname><font color=#cc0000>Вы удачно сняли "".ItemName($GetItem['protype'])."" с персонажа "".$WhoItem['login']."".</font></font></b></center>";
CalcStats($WhoItem['id']);
}
unset($GetItem);
}
}
if($_GET['get_id'] == '56' and in_array($_GET['vcode'],$_SESSION['vcodes']) ){
switch($_GET['act']){
case'10':
switch($_GET['go']){
case'dep':
if($pers['wite']<time()){
list($pers['x'], $pers['y']) = explode('_', $pers['pos']);
$LocID = mysql_result(mysql_query("SELECT `dep` FROM `nature` WHERE `x`='".$pers['x']."' AND `y`='".$pers['y']."'"),0);
if($LocID){
mysql_query("UPDATE `user` SET `loc`='".$LocID."' WHERE `id`='".$pers['id']."'");
exit(header("Location: /main.php"));
}
}
break;
case'up':
$LocID = mysql_result(mysql_query("SELECT `go_id` FROM `locations` WHERE `id`='".$pers['loc']."'"),0);
if($LocID){
mysql_query("UPDATE `user` SET `loc`='".$LocID."' WHERE `id`='".$pers['id']."'");
exit(header("Location: /main.php"));
}
break;
}
break;
case '11':
if($_GET['go']){
mysql_query("UPDATE `user` SET `loc`='".$_GET['go']."' WHERE `id`='".$pers['id']."'");
header("Location: /main.php");
}
break;
}
}
if($_GET['get_id'] == '16'){
switch($_GET['act']){
case'1':
mysql_query("UPDATE `user` SET `nv`=`nv`-1000 WHERE `id` = '".$pers['id']."'");
break;
}
}
?>