Файл: clan_money3.php
Строк: 43
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /clan/money3/');
exit;
}
$id = _string(_num($_GET['id']));
if(!$id && $clan) {
$id = $clan['id'];
}
$i = mysql_query('SELECT * FROM `clans` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
if(!$i) {
header('location: /');
exit;
}
$title = 'kaznaaКлан';
include './system/h.php';
?>
<div class="title-top"><?=$title?></div>
<?
$k = _string(_num($_POST['k']));
$s = _string(_num($_POST['s']));
if($k OR $s) {
if($k && $user['k'] >= $k) {
mysql_query('UPDATE `clan_memb` SET `k` = `k` + '.$k.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `clans` SET `k` = `k` + '.$k.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `users` SET `k` = `k` - '.$k.' WHERE `id` = "'.$user['id'].'"');
}
if($s && $user['s'] >= $s) {
mysql_query('UPDATE `clans` SET `s` = `s` + '.$s.' WHERE `id` = "'.$clan['id'].'"');
mysql_query('UPDATE `users` SET `s` = `s` - '.$s.' WHERE `id` = "'.$user['id'].'"');
}
}
?>
<div class='title'><?=$title?></div>
<div class='line'></div>
<div class='content'>
</div>
<div class='line'></div>
<div class='content'>
<form action='/clan_money3.php' method='post'>
<img src='/images/icon/gold.png' alt='*'/> <input name='k' value='100'/><br/>
<input type='submit' value='Пополнить'/>
</form>
</div>
<?
include './system/f.php';
?>