Просмотр файла game/artefact.php

Размер файла: 11.88Kb
<?php

include'inc/conf.php';
session_start();
$sql = mysql_query("SELECT * FROM `users` WHERE `id` = '".$_SESSION['id']."' ");
$row = mysql_fetch_array($sql);

$pass = mysql_real_escape_string(htmlspecialchars(stripslashes($_SESSION['pass'])));
$id = mysql_real_escape_string(htmlspecialchars(stripslashes($_SESSION['id'])));
$get=mysql_real_escape_string(htmlspecialchars(stripslashes($_GET['go'])));
$idsa=mysql_real_escape_string(htmlspecialchars(stripslashes($_GET['ids'])));
$usr=mysql_real_escape_string(htmlspecialchars(stripslashes($_GET['user'])));
$item = abs(intval($_GET['item']));
if ($id == $row['id'] and md5($pass)==$row['pass']){

if(empty($get)){
$sql2 = mysql_query("SELECT * FROM `users` WHERE `id` = '".$idsa."' ");
$user=mysql_fetch_array($sql2);
$title='Артефакты '.$user['login'].'';
include'inc/up.php';
if($ids==$_SESSION['id']){
echo'<div class="rek">- <a href="artefact.php?go=snet">Управление артефактами</a></div>';
}
$sql3 = mysql_query("SELECT * FROM `art` WHERE `owner` = '".$idsa."' ");
$kol=mysql_num_rows($sql3);
if($kol==0){
$a=0;
while($a<5){
  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt=""><strong>Пусто</strong></div>';
 $a=$a+1;

}

}else{
while($art = mysql_fetch_array($sql3)){

echo'<div class="post"><img class="ico" src="img/shop/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=info&amp;user='.$idsa.'&amp;item='.$art['id'].'">'.$art['name'].'</a></div>';

}}
echo'<div class="rek">- <a href="info.php?ids='.$idsa.'">Назад</a></div>';

}


if($get=='info'){
$sql2 = mysql_query("SELECT * FROM `users` WHERE `id` = '".$ids."' ");
$user=mysql_fetch_array($sql2);
$title='Артефакты '.$user['login'].'';
include'inc/up.php';
$ss=mysql_query("SELECT * FROM `art` WHERE `id`='".$item."'");
$item=mysql_fetch_array($ss);

echo'<div class="under">';
if($item['power_1']=='power') $eko='Атака';
if($item['power_1']=='def') $eko='Защита';
if($item['power_1']=='speed') $eko='Скорость';
if($item['power_1']=='manevr') $eko='Маневренность';
if($item['power_1']=='luck') $eko='Удача';

if($item['power_2']=='power') $eko2='Атака';
if($item['power_2']=='def') $eko2='Защита';
if($item['power_2']=='speed') $eko2='Скорость';
if($item['power_2']=='manevr') $eko2='Маневренность';
if($item['power_2']=='luck') $eko2='Удача';


echo'
<table><tbody><tr><td style="width:1%;vertical-align:top;">
<img class="ico" src="img/shop/'.$item['type'].'.jpg" alt="" border="0">
</td><td style="vertical-align:top;">
<strong>'.$item['name'].'</strong>
<br/>
'.$eko.': <strong><font color="#368c39">'.$item['plus_1'].'</font></strong><br/>
'.$eko2.': <strong><font color="#368c39">'.$item['plus_2'].'</font></strong>

</td></tr></tbody></table></div>
';
if(!empty($_GET['type'])){
echo'<div class="rek"><a href="inventar.php">Назад</a>';
}else {
echo'<div class="rek"><a href="artefact.php?ids='.$usr.'">Назад</a>'; }
echo'</div>';
}




if($get=='snet'){
$title='Снятие Артефактов';
include'inc/up.php';

echo'
<div class="rek">
Кликните по артефакту который хотите снять.
</div>
';

if(!empty($row['art_1'])){


$sql3 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$id."' AND `id`='".$row['art_1']."' ");
$art = mysql_fetch_array($sql3);
$count=$art['plus_1']+$art['plus_2'];
echo'<div class="post"><img class="ico" src="img/shop/art/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=snet_ok&amp;id=1">'.$art['name'].'</a> <font color="#368c39">+('.$count.')</font></div>';

}else{  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt="">Пусто</div>';
 }


if(!empty($row['art_2'])){



$sql3 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$id."' AND `id`='".$row['art_2']."' ");
$art = mysql_fetch_array($sql3);
$count=$art['plus_1']+$art['plus_2'];
echo'<div class="post"><img class="ico" src="img/shop/art/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=snet_ok&amp;id=2">'.$art['name'].'</a> <font color="#368c39">+('.$count.')</font></div>';

}else{  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt="">Пусто</div>';
 }
if(!empty($row['art_3'])){



$sql3 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$id."' AND `id`='".$row['art_3']."' ");
$art = mysql_fetch_array($sql3);
$count=$art['plus_1']+$art['plus_2'];
echo'<div class="post"><img class="ico" src="img/shop/art/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=snet_ok&amp;id=3">'.$art['name'].'</a> <font color="#368c39">+('.$count.')</font></div>';

}else{  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt="">Пусто</div>';
 }
if(!empty($row['art_4'])){



$sql3 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$id."' AND `id`='".$row['art_4']."' ");
$art = mysql_fetch_array($sql3);
$count=$art['plus_1']+$art['plus_2'];
echo'<div class="post"><img class="ico" src="img/shop/art/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=snet_ok&amp;id=4">'.$art['name'].'</a> <font color="#368c39">+('.$count.')</font></div>';

}else{  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt="">Пусто</div>';
 }
if(!empty($row['art_5'])){




$sql3 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$id."' AND `id`='".$row['art_5']."' ");
$art = mysql_fetch_array($sql3);
$count=$art['plus_1']+$art['plus_2'];
echo'<div class="post"><img class="ico" src="img/shop/art/'.$art['type'].'.jpg" alt=""><a href="artefact.php?go=snet_ok&amp;id=5">'.$art['name'].'</a> <font color="#368c39">+('.$count.')</font></div>';

}else{  echo'<div class="post"><img class="ico" src="img/shop/art/empty.png" alt="">Пусто</div>';
 }

}


if($get=='snet_ok' and !empty($_GET['id'])){

$ids = abs(intval($_GET['id']));
if(is_int($_GET['id'])) echo ''; $ids = isset($_GET['id']) ? (int) $_GET['id'] : 0; 
if(is_int($ids)){

if($ids==1) $a=$row['art_1'];
if($ids==2) $a=$row['art_2'];
if($ids==3) $a=$row['art_3'];
if($ids==4) $a=$row['art_4'];
if($ids==5) $a=$row['art_5'];

$sql3 = mysql_query("SELECT * FROM `art` WHERE `id`='".$a."' ");
$art = mysql_fetch_array($sql3);


$down_1=$art['plus_1'];
$down_2=$art['plus_2'];

$art1=$art['power_1'];
$art2=$art['power_2'];

$ps=$row[''.$art1.''];
$ps2=$row[''.$art2.''];

if(!empty($art1)) { $to1=$ps-$down_1; }
if(!empty($art2)){ $to2=$ps2-$down_2; }


$sql=mysql_query("UPDATE `users` SET `art_".$ids."`='0', `".$art1."`='".$to1."',`".$art2."`='".$to2."' WHERE `id` = '".$_SESSION['id']."'");
$sql2=mysql_query("UPDATE `art` SET `owner`='0' WHERE `id`='".$a."'");
if($sql){ 
$title='Снятие артефактов';
include'inc/up.php';
echo'<div class="opis">Артефакт снят!<br/><a href="artefact.php">Назад в инвентарь</a></div>'; 
include'inc/foot.php'; exit;

}else{
$title='Снятие артефактов';
include'inc/up.php';
echo'<div class="opis">Ошибка. Артефакт не снят.<br/><a href="artefact.php">Назад в инвентарь</a></div>'; 
include'inc/foot.php'; exit;


}

}
}

if($get=='art'){
if(isset($_GET['ids']))
{
$item = abs($item);
} 

if(is_int($item)) { 



$sql4 = mysql_query("SELECT * FROM `art` WHERE `id_user` = '".$_SESSION['id']."' AND `id`='".$item."'");
$art = mysql_fetch_array($sql4);

$title='Артефакт '.$art['name'].'';
include'inc/up.php';

if($art['owner']==$id){

echo'<div class="opis">Артефакт уже используется.<br/><a href="artefact.php">Назад в инвентарь</a></div>'; 
include'inc/foot.php';
exit;

}
if($art['id_user']!=$_SESSION['id']){

echo'<div class="opis">Ошибка.<br/><a href="artefact.php">Назад в инвентарь</a></div>'; 
include'inc/foot.php';
exit;

}
if($row['art_1']!=0 and $row['art_2']!=0 and $row['art_3']!=0 and $row['art_4']!=0 and $row['art_5']!=0){

echo'<div class="opis">Вы используете максимальное количесво артефактов <strong>5</strong>.<br/>
Снимите какой то артефкт и попробуйте использвать снова этот артефакт.
<br/><a href="artefact.php">Назад в инвентарь</a></div>'; 
include'inc/foot.php';
exit;

}
if(empty($row['art_1']) and $art['owner']==0){

$item = abs(intval($_GET['item']));
$plus_1=$row[''.$art['power_1'].'']+$art['plus_1'];
$plus_2=$row[''.$art['power_2'].'']+$art['plus_2'];
$up = mysql_query("UPDATE `users` SET `id` = '".$id."', `art_1`='".$art['id']."', `".$art['power_1']."`='".$plus_1."', `".$art['power_2']."`='".$plus_2."' WHERE `id` = '".$_SESSION['id']."'");

$up2 = mysql_query("UPDATE `art` SET `owner`='".$id."' WHERE `id`='".$item."' AND `id_user`='".$id."'");
if($up and $up2) echo'<div class="opis">Надет артефакт <strong>'.$art['name'].'</strong><br/><a href="artefact.php">Назад в инвентарь</a></div>';

include'inc/foot.php';
exit;
}
if(empty($row['art_2']) and $art['owner']==0){

$item = abs(intval($_GET['item']));
$plus_1=$row[''.$art['power_1'].'']+$art['plus_1'];
$plus_2=$row[''.$art['power_2'].'']+$art['plus_2'];

$up = mysql_query("UPDATE `users` SET `id` = '".$id."', `art_2`='".$art['id']."', `".$art['power_1']."`='".$plus_1."', `".$art['power_2']."`='".$plus_2."' WHERE `id` = '".$_SESSION['id']."'");
$up2 = mysql_query("UPDATE `art` SET `owner`='".$id."' WHERE `id`='".$item."' AND `id_user`='".$id."'");
if($up and $up2) echo'<div class="opis">Надет артефакт <strong>'.$art['name'].'</strong><br/><a href="artefact.php">Назад в инвентарь</a></div>';
include'inc/foot.php';
exit;
}
if(empty($row['art_3']) and $art['owner']==0){

$item = abs(intval($_GET['item']));
$plus_1=$row[''.$art['power_1'].'']+$art['plus_1'];
$plus_2=$row[''.$art['power_2'].'']+$art['plus_2'];

$up = mysql_query("UPDATE `users` SET `id` = '".$id."', `art_3`='".$art['id']."', `".$art['power_1']."`='".$plus_1."', `".$art['power_2']."`='".$plus_2."' WHERE `id` = '".$_SESSION['id']."'");
$up2 = mysql_query("UPDATE `art` SET `owner`='".$id."' WHERE `id`='".$item."' AND `id_user`='".$id."'");
if($up and $up2) echo'<div class="opis">Надет артефакт <strong>'.$art['name'].'</strong><br/><a href="artefact.php">Назад в инвентарь</a></div>';
include'inc/foot.php';
exit;
}
if(empty($row['art_4']) and $art['owner']==0){

$item = abs(intval($_GET['item']));
$plus_1=$row[''.$art['power_1'].'']+$art['plus_1'];
$plus_2=$row[''.$art['power_2'].'']+$art['plus_2'];

$up = mysql_query("UPDATE `users` SET `id` = '".$id."', `art_4`='".$art['id']."', `".$art['power_1']."`='".$plus_1."', `".$art['power_2']."`='".$plus_2."' WHERE `id` = '".$_SESSION['id']."'");
$up2 = mysql_query("UPDATE `art` SET `owner`='".$id."' WHERE `id`='".$item."' AND `id_user`='".$id."'");
if($up and $up2) echo'<div class="opis">Надет артефакт <strong>'.$art['name'].'</strong><br/><a href="artefact.php">Назад в инвентарь</a></div>';
include'inc/foot.php';
exit;
}
if(empty($row['art_5']) and $art['owner']==0){

$item = abs(intval($_GET['item']));
$plus_1=$row[''.$art['power_1'].'']+$art['plus_1'];
$plus_2=$row[''.$art['power_2'].'']+$art['plus_2'];

$up = mysql_query("UPDATE `users` SET `id` = '".$id."', `art_5`='".$art['id']."', `".$art['power_1']."`='".$plus_1."', `".$art['power_2']."`='".$plus_2."' WHERE `id` = '".$_SESSION['id']."'");
$up2 = mysql_query("UPDATE `art` SET `owner`='".$id."' WHERE `id`='".$item."' AND `id_user`='".$id."'");
if($up and $up2) echo'<div class="opis">Надет артефакт <strong>'.$art['name'].'</strong><br/><a href="artefact.php">Назад в инвентарь</a></div>';
include'inc/foot.php';
exit;
}}else{ header ("Location: artefact.php"); exit; }

}



}
include'inc/foot.php';


?>