Файл: msarena/mscause.php
Строк: 50
<?php
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_arena_end` WHERE `user` = '".$user['id']."' LIMIT 1"),0)!=0){
header("Location: ../Link:ILinkListener-MsArena;Battle;End;");
exit;
}elseif(isset($_GET['mscause_arena']) && my_esc($_GET['mscause_arena'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_arena_start` WHERE `time` > '".time()."' AND `url` = '".my_esc($_GET['mscause_arena'])."'"),0)!=0)
{
$mscause = mysql_fetch_array(mysql_query("SELECT * FROM `ms_arena_start` WHERE `url` = '".my_esc($_GET['mscause_arena'])."' LIMIT 1"));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `ms_arena` WHERE `user` = '".$mscause['user']."' LIMIT 1"),0)!=0){
$text = 'Противник в бою.';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-MsArena;");
exit;
}elseif($mscause['type'] == 1){
$text = 'Противнику уже подали заявку.';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-MsArenaStart;");
exit;
}elseif($mscause['time'] < time()){
$text = 'Время противника истекло';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-MsArenaStart;");
exit;
}else{
$mstype = encrypt(rand(100,10000));
mysql_query("DELETE FROM `ms_arena_start` WHERE `user` = '".num($mscause['user'])."' LIMIT 1");
mysql_query("DELETE FROM `ms_arena_start` WHERE `user` = '".num($user['id'])."' LIMIT 1");
mysql_query("INSERT INTO `ms_arena` SET `who` = '".num(1)."', `time` = '".(time()+120)."', `user` = '".num($mscause['user'])."', `type` = '".$mstype."'");
mysql_query("INSERT INTO `ms_arena` SET `who` = '".num(2)."', `time` = '".(time()+120)."', `user` = '".num($user['id'])."', `type` = '".$mstype."'");
$text = 'Заявка подана. Ожидайте подтверждения от противника';
$_SESSION['msg'] = $text;
header("Location: ../Link:ILinkListener-MsArenaAct;");
exit;
}
}else{
header("Location: ../Link:Error;");
exit;
}
?>