Файл: user/thing.php
Строк: 40
<?
require_once('../core/index.php');
require_once('../core/func.php');
avt();
$title='';
require_once('../design/head.php');
if(isset($_GET['wear'])){
$count=$db->query("SELECT id FROM `backpack` WHERE `id`='".$_GET['id']."' AND `id_user`='".$user['id']."' AND `status`='0'")->rowCount();
if($count==0){$_SESSION['msg']='Не существует или уже в колоде'; header('Location:/user/backpack');exit();}
$h1 = $db->query("SELECT * FROM `backpack` WHERE `id`='".$_GET['id']."'")->fetch();
$thing = $db->query("SELECT * FROM `thing` WHERE `id`='".$h1['id_thing']."'")->fetch();
$count=$db->query("SELECT id FROM `backpack` WHERE `id_user`='".$user['id']."' AND `id_thing`='".$h1['id_thing']."' AND `status`='1'")->rowCount();
if($count!=0){$_SESSION['msg']='Герой уже в колоде'; header('Location:/user/backpack');exit();}
$count=$db->query("SELECT id FROM `backpack` WHERE `id_user`='".$user['id']."' AND `status`='1'")->rowCount();
if($count>=5){$_SESSION['msg']='Вы не можете взять больше 5 героев'; header('Location:/user/backpack');exit();}
request("UPDATE `users` SET `str`=`str`+? WHERE `id`=?", array($thing['str']*$h1['lvl'], $user['id']));
request("UPDATE `backpack` SET `status` = ? WHERE `id` =?", array(1, $_GET['id']));
$_SESSION['msg']='Герой добавлен';
header('Location:/user/backpack');
}elseif(isset($_GET['off'])){
$count=$db->query("SELECT id FROM `backpack` WHERE `id`='".$_GET['id']."' AND `id_user`='".$user['id']."' AND `status`='1'")->rowCount();
if($count==0){$_SESSION['msg']='Ошибка'; header('Location:/user/things');exit();}
$h1 = $db->query("SELECT * FROM `backpack` WHERE `id`='".$_GET['id']."'")->fetch();
$thing = $db->query("SELECT * FROM `thing` WHERE `id`='".$h1['id_thing']."'")->fetch();
request("UPDATE `users` SET `str`=`str`-? WHERE `id`=?", array($thing['str']*$h1['lvl'], $user['id']));
request("UPDATE `backpack` SET `status` = ? WHERE `id` =?", array(0, $_GET['id']));
$_SESSION['msg']='Герой убран';
header('Location:/user/things');
}else{
header('Location:/user/backpack');
}
require_once('../design/foot.php');
?>