Просмотр файла gta/bands/bandbook.php

Размер файла: 2.68Kb
<?php
include "./../ini3.php";
include "./../includes/header$h.php";


$id=cyr(htmlspecialchars(stripslashes(trim($id))));
$pass=cyr(htmlspecialchars(stripslashes(trim($pass))));

if(!empty($id)) 
{
$q = mysql_query("select cars,guns,money,gold,id,login,pass,band from users where id='".$id."';"); 
}
else
{
die ($lang['empty_login']."</body></html>");
}


$data = mysql_fetch_array($q);

$id=$data['id'];
$login=$data['login'];
$band=$data['band'];
$cars=$data['cars'];
$guns=$data['guns'];
$money=$data['money'];
$gold=$data['gold'];

if(md5($pass)!=$data['pass'])
{
die ($lang['empty_login']."</body></html>");
}
else
{
$band_q=mysql_query("select * from bands where name='".$band."';");
$band_array=mysql_fetch_array($band_q);
$name=$band_array['name'];
$boss=$band_array['boss'];
$members=$band_array['members'];
$blvl=$band_array['blvl'];
$obwak=$band_array['kazna'];
$bcars=$band_array['cars'];
$bguns=$band_array['guns'];
$bmoney=$band_array['money'];
$bgold=$band_array['gold'];
$osob=$band_array['osobnyak'];


if($blvl==5)
{
if(empty($messaga))
{
echo "<form action=\"bandbook.php?id=$id&amp;pass=$pass\" method=\"post\">
<postfield name=\"messaga\" value=\"$(who)\"/>";

print 'Сообщение:<br/>';
print "<input name=\"messaga\"  value=\"$messaga\" maxlength=\"200\"/><br/>";
echo "<input class=\"button\" type=\"submit\" value=\"".$lang['ok']."\"/></form><br/>";
print "<a href=\"bandbook.php?id=$id&amp;pass=$pass&amp;obn=1\">обновить</a><br/>";
print "<u>[Чат]</u>:<br/><br/>";
$pr_q = mysql_query("select * from bandbook where bandid='$name' order by id desc limit 10;");
while($pr_ar=mysql_fetch_array($pr_q))
{
$row = str_replace('&lt;br/&gt;', '<br/>', $row);
$row = str_replace('&lt;b&gt;', '<b>', $row);
$row = str_replace('&lt;/b&gt;', '</b>', $row);
$row = str_replace('&lt;u&gt;', '<u>', $row);
$row = str_replace('&lt;/u&gt;', '</u>', $row);
$row = str_replace('&lt;i&gt;', '<i>', $row);
$row = str_replace('&lt;/i&gt;', '</i>', $row);

print "[".$pr_ar['login']."]:".$pr_ar['text']."<br/>";
}
}
else
{
$messaga2=htmlspecialchars(stripslashes(trim($messaga)));
mysql_query("insert into bandbook values(0,'".$name."','".$messaga."','".$login."');");
print "Сообщение отправлено<br/>";
}
}else{
print "Чат доступен с 5 уровня банды. Улучшай свою банду<br/>";
}
}
print "&gt;<a href=\"bandbook.php?id=$id&amp;pass=$pass\">Чат</a><br/>";
print "&gt;&gt;<a href=\"band_panel.php?id=$id&amp;pass=$pass\">Твоя банда</a><br/>";
print "&gt;&gt;<a href=\"./../game.php?id=$id&amp;pass=$pass\">".$lang['menu']."</a><br/></body></html>";
mysql_close();
?>