Просмотр файла bands/create.php

Конкурс дизайнеров на 15000 рублей
контркультура падонки бабруйск
Размер файла: 2.51Kb 
  1. <?php
  2. include "./../ini.php";
  3. include "./../includes/header.php";
  4. include "./../includes/inc_online.php";
  5. print "<p><small>";
  6.  
  7. $id=cyr(htmlspecialchars(stripslashes(trim($id))));
  8. $pass=cyr(htmlspecialchars(stripslashes(trim($pass))));
  9. $dbid=cyr(htmlspecialchars(stripslashes(trim($_GET[dbid]))));
  10. $nazv=cyr(htmlspecialchars(stripslashes(trim(substr($nazv,0,20)))));
  11.  
  12. if(!empty($id)) 
  13. {
  14. $q = mysql_query("select id,login,pass,level from users where id='".$id."';"); 
  15. }
  16. else
  17. {
  18. die ($lang['empty_login']."</small></p></card></wml>");
  19. }
  20.  
  21. if(!empty($dbid)) 
  22. {
  23. $qdb = mysql_query("select id,login,pass,level from users where id='".$dbid."';"); 
  24. }
  25. else
  26. {
  27. die ($lang['select_user_false']."</small></p></card></wml>");
  28. }
  29.  
  30. if(empty($nazv)) 
  31. {
  32. die($lang['bands_and_where_name']."<br/><anchor>".$lang['back']."<prev/></anchor></small></p></card></wml>");
  33. }
  34.  
  35.  
  36. $data = mysql_fetch_array($q);
  37.  
  38. $id=$data['id'];
  39. $login=$data['login'];
  40. $level=$data['level'];
  41.  
  42. $dbdata = mysql_fetch_array($qdb);
  43.  
  44. $dbid=$dbdata['id'];
  45. $dblogin=$dbdata['login'];
  46. $dbpass=$dbdata['pass'];
  47. $dblevel=$dbdata['level'];
  48.  
  49. if($pass!=$data['pass'])
  50. {
  51. die ($lang['empty_login']."</small></p></card></wml>");
  52. }
  53.  
  54. mysql_query("update users set last='".time()."',city='0' where id='".$id."';");
  55.  
  56.  
  57. mysql_query("DELETE FROM messagi WHERE kto='".$dbid."' and komu=".$id." limit 1;");
  58.  
  59.  
  60. $predl_que=mysql_query("select id from bands where name='$nazv';");
  61. $predl_data = mysql_fetch_array($predl_que);
  62. if(!empty($predl_data['id'])) die($lang['bands_band_already_exists']."<br/><anchor>".$lang['back']."<prev/></anchor></small></p></card></wml>");
  63. else
  64. {
  65.  
  66. $messaga=cyr(htmlspecialchars(stripslashes(trim($messaga))));
  67. $messaga="<b>$login ".$lang['bands_band_created']." <u>$nazv</u>!</b><br/>[<a href=\"./../mes.php?pass=$dbpass&amp;id=$dbid&amp;dbid=$id&amp;mode=del\">".$lang['ok']."</a>]";
  68. mysql_query("insert into messagi values(0,'$id','$dbid','$messaga');");
  69.  
  70. $band_level=($level+$dblevel)/2;
  71.  
  72. mysql_query("insert into bands values(0,'".$nazv."','".$login."','$login.$dblogin','".$band_level."','','','');");
  73. mysql_query("update users set band='".$nazv."' where id='".$id."';");
  74. mysql_query("update users set band='".$nazv."' where id='".$dbid."';");
  75.  
  76. print "<b><u>$nazv</u> ".$lang['bands_in_business']."</b><br/>";
  77.  
  78. }
  79.  
  80. print "---<br/>&gt;<anchor>".$lang['back']."<prev/></anchor><br/>";
  81. print "&gt;&gt;<a href=\"./../game.php?id=$id&amp;pass=$pass\">".$lang['menu']."</a><br/>";
  82.  
  83. mysql_close();
  84. include "./../includes/footer.php";
  85. ?>