Файл: clan_money2.php
Строк: 57
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /clan/money2/');
exit;
}
$id = _string(_num($_GET['id']));
if(!$id && $clan) {
$id = $clan['id'];
}
$i = mysql_query('SELECT * FROM `clans` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
if(!$i) {
header('location: /');
exit;
}
$title = 'kaznaaКлан';
include './system/h.php';
?>
<div class="title-top"><?=$title?></div>
<?
$g = _string(_num($_POST['g']));
$money = _string(_num($_POST['money']));
if($g OR $money) {
if($g && $user['g'] >= $g) {
mysql_query('UPDATE `clans` SET `g` = `g` + '.$g.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `users` SET `g` = `g` - '.$g.' WHERE `id` = "'.$user['id'].'"');
}
if($money && $user['money'] >= $money) {
mysql_query('UPDATE `clan_memb` SET `money` = `money` + '.$money.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `clans` SET `money` = `money` + '.$money.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `users` SET `money` = `money` - '.$money.' WHERE `id` = "'.$user['id'].'"');
}
}
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='content'>
</div>
<div class='line'></div>
<div class='content'>
<form action='/clan_money2.php' method='post'>
<input name='money' value='0'/><br/>
<input type='submit' value='Пополнить'/>
</form>
</div>
<?
include './system/f.php';
?>