File size: 9.7Kb
<?php
include "ini3.php";
include "includes/header$h.php";
include "includes/inc_online.php";
$id=cyr(htmlspecialchars(stripslashes(trim($id))));
$pass=cyr(htmlspecialchars(stripslashes(trim($pass))));
$dbid=cyr(htmlspecialchars(stripslashes(trim($_GET[dbid]))));
if(!empty($id))
{
$q = mysql_query("select * from users where id='".$id."';");
}
else
{
die ($lang['empty_login']."</body>
</html>");
}
if(!empty($dbid))
{
$qdb = mysql_query("select * from users where id='".$dbid."';");
}
else
{
die ($lang['select_user_false']."</body>
</html>");
}
$data = mysql_fetch_array($q);
$id=$data['id'];
$login=$data['login'];
$status=$data['status'];
$reg_data=$data['reg_data'];
$money=$data['money'];
$level=$data['level'];
$police=$data['police'];
$health=$data['health'];
$guns=$data['guns'];
$band=$data['band'];
$pol=$data['pol'];
$admin=$data['admin'];
$dbdata = mysql_fetch_array($qdb);
$dbid=$dbdata['id'];
$dblogin=$dbdata['login'];
$dbstatus=$dbdata['status'];
$dbreg_data=$dbdata['reg_data'];
$dbmoney=$dbdata['money'];
$dblevel=$dbdata['level'];
$dbpolice=$dbdata['police'];
$dblife=$dbdata['life'];
$dbhealth=$dbdata['health'];
$dbcars=$dbdata['cars'];
$dbguns=$dbdata['guns'];
$dbstatus=$dbdata['status'];
$dbabout=$dbdata['about'];
$dbmobile=$dbdata['mobile'];
$dbemail=$dbdata['email'];
$dbband=$dbdata['band'];
$db_ban=$dbdata['ban'];
$db_bando=$dbdata['ban_do'];
$db_prichina=$dbdata['prichina'];
if($admin>=4)$dbpass=$dbdata['pass'];
$reg=explode(":",$dbreg_data);
$dbsecur=$dbdata['secur'];
$dbpol=$dbdata['pol'];
$dbtattoo=$dbdata['tattoo'];
$dbip=$dbdata['ip'];
if(md5($pass)!=$data['pass'])
{
die ($lang['empty_login']."</body>
</html>");
}
include "includes/inc_refs.php";
mysql_query("update users set last='".time()."',city='0' where id='".$id."';");
switch ($mode)
{
/* case cars:
if(!empty($dbsecur) && $dbsecur!=0) die ($lang['secur_oblom'])."<br/><anchor>".$lang['back']."<prev/></anchor></body>
</html>";
if($money>=$dbmoney || $level>=$dblevel)
{
if(!empty($guns) && empty($gun_ugnal))
{
echo $lang['uv_which_gun']." $tachki ".$lang['uv_u']." $dblogin?<br/>";
$guns_count = explode(".", $guns);
$count_guns=count($guns_count);
print "<form action=\"userview.php?id=$id&pass=$pass&dbid=$dbid&mode=cars&tachki=$tachki\" method=\"post\">
<postfield name=\"gun_ugnal\" value=\"$(gun_ugnal)\"/>";
print "<select name=\"gun_ugnal\">";
for($i=0;$i<$count_guns;$i++)
{
print "<option value=\"".$guns_count[$i]."\">".$guns_count[$i]."</option>";
}
print "</select><br/>";
echo "<input class=\"ibutton\" type=\"submit\" value=\"".$lang['uv_try_steal']."\"/>";
echo "</form>";
}
elseif(!empty($gun_ugnal))
{
$attack_q = mysql_query("select who from attack where userid='$dbid';");
$attack_d=mysql_fetch_array($attack_q);
$who=explode(".",$attack_d['who']);
if($who[0]==$id)
{
echo $lang['patience'];
}
else
{
include "includes/func_gun_power.php";
$gun_ugnal22=$gun_ugnal;
$tachki=cyr($tachki);
if($gun_ugnal==$lang['gun1'])$gun_ugnal=1;
elseif($gun_ugnal==$lang['gun2'])$gun_ugnal=2;
elseif($gun_ugnal==$lang['gun3'])$gun_ugnal=3;
elseif($gun_ugnal==$lang['gun4'])$gun_ugnal=4;
elseif($gun_ugnal==$lang['gun5'])$gun_ugnal=5;
elseif($gun_ugnal==$lang['gun6'])$gun_ugnal=6;
elseif($gun_ugnal==$lang['gun7'])$gun_ugnal=7;
elseif($gun_ugnal==$lang['gun8'])$gun_ugnal=8;
elseif($gun_ugnal==$lang['gun9'])$gun_ugnal=9;
elseif($gun_ugnal==$lang['gun10'])$gun_ugnal=10;
elseif($gun_ugnal==$lang['gun11'])$gun_ugnal=11;
elseif($gun_ugnal==$lang['gun12'])$gun_ugnal=12;
echo $lang['uv_if']." $dblogin ".$lang['uv_wait'];
mysql_query("insert into attack values(0,'$dbid','$id.$login','$login ".$lang['uv_mes1']." $tachki! ".$lang['uv_mes2']." $gun_ugnal22! ".$lang['uv_mes3']."','".$gun_ugnal."','".time()."','$tachki');");
}
}
elseif(empty($guns))
{
echo $lang['uv_without_guns'];
}
}
else
{
echo $lang['uv_not_perm'];
}
break;*/
default:
print "<u>[".$lang['uv_head']." $dblogin]</u><br/>";
if($dbtattoo>=1)print "Наколка: <img src='tatoo/$dbtattoo.gif' alt='tattoo'/><br/>";
if ($pol==1)echo "<span class=\"status\">Пол: Мужской</span><br />\n";
elseif ($pol==0)echo "<span class=\"status\">Пол: Женский</span><br />\n";
echo $lang['regabout'].": $dbabout<br/>";
echo $lang['uv_regdate1'].": ".$reg[1]." ".$lang['uv_regdate2']." ".$reg[0]." ".$lang['uv_regdate3']."<br/>";
if($id!=$dbid)
{
if(!empty($band)) $boss_q=mysql_fetch_array(mysql_query("select boss from bands where name='".$band."';"));
elseif(!empty($band) && empty($dbband) && $login==$boss_q['boss']) echo "<a href=\"bands/band_panel.php?id=$id&pass=$pass&dbid=$dbid&mode=new_member&a=b\">[".$lang['uv_put_band']."]</a><br/>";
}
echo "<u>[Игровые данные]</u><br/>";
echo $lang['uv_money'].": <b>$dbmoney $$</b><br/>";
echo $lang['uv_health'].": <b>$dbhealth %</b><br/>";
echo $lang['uv_police'].": <b>$dbpolice</b><br/>";
echo $lang['uv_level'].": <b>$dblevel</b><br/>";
if(!empty($dbband)) echo $lang['uv_band'].": <b><a href=\"bands/viewband.php?id=$id&pass=$pass&band=".urlencode($dbband)."\">$dbband</a></b><br/>";
echo $lang['uv_status'].": <b>$dbstatus</b><br/>";
if($db_bando>time() && $db_ban==1){
print "<hr/>Посажен в тюрьму. Причина: $db_prichina<br/>";
$ban_ost=$db_bando-time();
$ban_ost_m=floor($ban_ost/60);
$ban_ost_s=$ban_ost%60;
$ban_ost_j=floor($ban_ost_m/60);
$ban_ost_ms=$ban_ost_m%60;
$ban_ost_d=floor($ban_ost_j/24);
$ban_ost_dj=$ban_ost_j%24;
if($db_ban==1)
{
if($ban_ost<60) print "Осталось: $ban_ost сек.<br/>";
if($ban_ost>=60 && $ban_ost<3600) print "Осталось: $ban_ost_m мин. $ban_ost_s сек.<br/>";
if($ban_ost>=3600 && $ban_ost<86400) print "Осталось: $ban_ost_j ч. $ban_ost_ms мин.<br/>";
if($ban_ost>=86400) print "Осталось: $ban_ost_d дн. $ban_ost_dj ч.<br/>";
print "<hr/>";}}
if($admin>=4){
print "<a href=\"userview.php?id=$id&pass=$pass&dbid=$dbid&mode=protect\">Проверить игрока</a><br/>";
print "Используется новейшая версия системы 'Антимульт' проекта gta_mod_swa<br/>";
}
print "Награды:<br/>";
$a = mysql_query("select * from medals where userid='$dbid' order by id desc limit 5;");
while($a1=mysql_fetch_array($a))
{
$mid=$a1['id'];
$mtype=$a1['type'];
$mtext=$a1['text'];
$mdate=$a1['date'];
print "<img src='a href=\./../medals/$mtype.gif' title='$mtext'/> \"$mtext\"<br/><b>$mdate</b><br/>";
}
/*
if(!empty($dbcars))
{
$cars_count = explode(".", $dbcars);
$count_cars=count($cars_count);
echo $lang['uv_cars']." <b>($count_cars)</b>:<br/>";
print "<form action=\"userview.php?id=$id&pass=$pass&dbid=$dbid&mode=cars\" method=\"post\">
<postfield name=\"tachka\" value=\"$(tachka)\"/>";
print "<select name=\"tachka\">";
for($i=0;$i<$count_cars;$i++)
{
print "<option value=\"".$cars_count[$i]."\">".$cars_count[$i]."</option>";
}
print "</select><br/><small>";
echo "<input class=\"ibutton\" type=\"submit\" value=\"".$lang['uv_try_steal']."\"/>";
echo "</form>";
}
if(!empty($dbguns))
{
$guns_count = explode(".", $dbguns);
$count_guns=count($guns_count);
echo $lang['uv_guns']." <b>($count_guns)</b>:<br/>";
for($i=0;$i<$count_guns;$i++)
{
echo $guns_count[$i].",";
}
}*/
break;
case "protect":
if($admin>=4 && $admin<7 && $dbid!=1 || $admin==7){
//Проверка по email
$p1 =mysql_query("select * from users where email='".$dbemail."';");
//Проверка по телефону
if($dbmail!="null"){
$p2 = mysql_query("select * from users where mobile='".$dbmobile."';");
//Проверка по одинаковым паролям
$p3 = mysql_query("select * from users where pass='".$dbpass."';");
//Проверка по ip
$p4 =mysql_query("select * from users where ip='".$dbip."';");
//Результаты проверки
print "Пользователь <b>$dblogin</b><br/>";
print "Совпадений по email($dbemail):<br/>";
while($p1a=mysql_fetch_array($p1)){
$p1id=$p1a['id'];
$p1login=$p1a['login'];
if(!empty($p1id)){
print "<a href=\"userview.php?id=$id&pass=$pass&dbid=$p1id\">$p1login</a><br/>";
}else{
print "Совпадений не найдено!<br/>";
}}
print "Совпадений по телефону:<br/>";
while($p2a=mysql_fetch_array($p2)){
$p2id=$p2a['id'];
$p2login=$p2a['login'];
if(!empty($p2id) && $dbmobile!="null"){
print "<a href=\"userview.php?id=$id&pass=$pass&dbid=$p2id\">$p2login</a><br/>";
}}
}else{
print "Совпадений не найдено!<br/>";
}
print "Совпадений по паролям:<br/>";
while($p3a=mysql_fetch_array($p3)){
$p3id=$p3a['id'];
$p3login=$p3a['login'];
if(!empty($p3id)){
print "<a href=\"userview.php?id=$id&pass=$pass&dbid=$p3id\">$p3login</a><br/>";
}else{
print "Совпадений не найдено!<br/>";
}}
print "Совпадений по ip<br/>$dbip :<br/>";
while($p4a=mysql_fetch_array($p4)){
$p4id=$p4a['id'];
$p4login=$p4a['login'];
if(!empty($p4id)){
if($admin<7 && $p4id!=1 || $admin==7)print "<a href=\"userview.php?id=$id&pass=$pass&dbid=$p4id\">$p4login</a><br/>";
}else{
print "Совпадений не найдено!<br/>";
}}
}else{
if($admin>=4 && $dbid==1)print "Вы не можете просматривать досье администратора<br/>";
elseif($admin<4)print "У вас недостаточно прав<br/>";
}
break;
}
echo "<a href='javascript:history.back(1)'>".$lang['back']."</a><br/>";
echo ">><a href=\"game.php?id=$id&pass=$pass\">".$lang['menu']."</a><br/>";
mysql_close();
echo "</body>
</html>";
?>