battles/post.php

135 lines
7.7 KiB
PHP
Raw Normal View History

2018-01-28 16:40:49 +00:00
<?php
2018-06-23 19:32:33 +00:00
session_start();
if ($_SESSION['uid'] == null) header("Location: index.php");
include "config.php";
include "functions.php";
2018-01-28 16:40:49 +00:00
2018-06-23 19:32:33 +00:00
if ($user['room'] != 27) {
header("Location: main.php");
die();
2018-01-28 16:40:49 +00:00
}
2018-06-23 19:32:33 +00:00
if ($user['battle'] != 0) {
header('location: fbattle.php');
die();
2018-01-28 16:40:49 +00:00
}
$changeReceiver = filter_input(INPUT_GET,'change');
if ($changeReceiver) unset($_SESSION['receiverName']);
$razdelId = filter_input(INPUT_GET, 'razdel');
$_SESSION['receiverName'] = filter_input(INPUT_POST, 'receiverName');
$receiverId = null;
$queryItems = null;
$allowOperations = false;
2018-01-28 16:40:49 +00:00
if ($_SESSION['receiverName']) {
$receiver = db::c()->query('SELECT `id`, `level`, `login` FROM `users` WHERE `login` = "?s"', $_SESSION['receiverName'])->fetch_assoc();
if (!$receiver['id']) err('Персонажа не существует!');
elseif ($receiver['level'] < 4) err('Персонажей ниже 4-го уровня не обслуживаем!');
2018-06-23 19:32:33 +00:00
else {
$allowOperations = true;
$receiverId = $receiver['id'];
$submit = filter_input(INPUT_POST, 'action');
if ($submit == 'sendMessage' && $user['money'] >= 1) {
$telegraphText = filter_input(INPUT_POST, 'message');
if ($telegraphText) {
db::c()->query('UPDATE `users` SET `money` = `money` - 1 WHERE id=?i', $user['id']);
db::c()->query('INSERT INTO `telegraph` (`receiver`,`text`) VALUES (?i,"?s")', $receiverId, $telegraphText);
$statusMessage = 'Сообщение отправлено.';
} else err('Сообщение было оставлено пустым!');
} elseif ((is_numeric($_REQUEST['setobject']) && $_REQUEST['setobject'] > 0) && (is_numeric($_REQUEST['to_id']) && $_REQUEST['to_id'] > 0) && !$_REQUEST['gift'] && $_REQUEST['sd4'] == $user['id']) {
/* post.php?to_id=<?= $idkomu ?>&id_th=<?= $row['id'] ?>&setobject=<?= $row['id'] ?>&sd4=<?= $user['id'] ?> */
$res = mysql_fetch_array(mysql_query("SELECT * FROM `inventory` WHERE `owner` = '{$_SESSION['uid']}' AND `id` = '{$_REQUEST['setobject']}' AND `dressed` = 0 AND `setsale` = 0 AND `present` = '' AND `artefact` = 0 LIMIT 1;"));
if (!$res['id']) {
$mess = "Предмет не найден в рюкзаке";
} elseif ($user['money'] < 1) {
$mess = 'Недостаточно денег на оплату передачи';
} else {
if (mysql_query("UPDATE `inventory` SET `owner` = " . $komu['id'] . " WHERE `id`='" . $res['id'] . "' AND `owner`= '" . $user['id'] . "';")) {
mysql_query("UPDATE `users` SET `money`=`money`-1 WHERE `id`='" . $user['id'] . "'");
mysql_query("INSERT INTO `delo`(`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$_SESSION['uid']}','Почтой передан предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $user['login'] . "\" к \"" . $komu['login'] . "\", налог 1 кр.','1','" . time() . "');");
mysql_query("INSERT INTO `delo`(`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$idkomu}','Почтой передан предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $user['login'] . "\" к \"" . $komu['login'] . "\", налог 1 кр.','1','" . time() . "');");
$mess = 'Удачно передано "' . $res['name'] . '" к персонажу ' . $komu['login'];
$user['money'] -= 1;
$us = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = '{$komu['id']}' LIMIT 1;"));
if ($us[0]) {
addchp('<font color=red>Внимание!</font> Вам почтой передан предмет <b>' . $res['name'] . '</b> от <span oncontextmenu=OpenMenu()>' . $user['login'] . '</span> ', '{[]}' . $_POST['to_login'] . '{[]}');
} else {
// если в офе
mysql_query("INSERT INTO `telegraph` (`receiver`,`date`,`text`) VALUES ('" . $to['id'] . "','','" . '<font color=red>Внимание!</font> Вам почтой передан предмет <b>' . $res['name'] . '</b> от <span oncontextmenu=OpenMenu()>' . $user['login'] . '</span> ' . "');");
}
2018-06-23 19:32:33 +00:00
}
}
}
$queryItems = db::c()->query('SELECT * FROM `inventory` WHERE `owner` = ?i AND `dressed` = 0 AND `setsale` = 0 AND `present` = "?s" AND `artefact` = 0 ORDER BY `update` DESC', $_SESSION['uid'], null);
2018-06-23 19:32:33 +00:00
}
2018-01-28 16:40:49 +00:00
}
?>
2018-06-23 19:32:33 +00:00
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<link href="css/main.css" rel="stylesheet"/>
<script>
function leave() {
top.frames['main'].location = 'city.php?cp'
}
</script>
</head>
<body>
<h1>Почта</h1>
<a href=# onclick=leave()> ← выйти на Центральную площадь</a>
<br>
<?php if (true == $allowOperations): ?>
Получатель: <?= nick::id($_SESSION['receiverName'])->full() ?>
<a href="?change">Сменить</a>
<table width=100%>
<tr>
<td valign=top align=left width=30%>
<form METHOD=POST>
2018-06-23 19:32:33 +00:00
<fieldset>
2018-01-28 16:40:49 +00:00
<legend><b>Телеграф</b></legend>
2018-06-23 19:32:33 +00:00
Вы можете отправить короткое сообщение любому персонажу, даже если он находится в offline или
другом городе.<br/>
Услуга платная: <b>1 кр.</b> <br/>
<input type="text" name="message" id="message" size="52"
placeholder="Сообщение: (Максимум 100 символов)">
<input type="hidden" name="action" value="telegraph">
<input type="submit" value="Отправить"
onclick="if(!confirm('Послать сообщение?')) { return false; }">
2018-06-23 19:32:33 +00:00
</fieldset>
</form>
</td>
<td valign=top align=right>
<table class="zebra" WIDTH=100%">
<?php while ($row = $queryItems->fetch_assoc()): ?>
<tr>
<td align=center>
<IMG SRC="i/sh/<?= $row['img'] ?>" BORDER=0>";
2018-06-23 19:32:33 +00:00
<BR>
<a href="post.php?to_id=<?= $_SESSION['receiverName'] ?>&id_th=<?= $row['id'] ?>&setobject=<?= $row['id'] ?>&sd4=<?= $user['id'] ?>&rnd=<?= mt_rand() ?>"
onclick="return confirm('Передать предмет<?= $row['name'] ?>?')">передать&nbsp;за&nbsp;1&nbsp;кр.</a>
</td>
<td valign=top>
<?php showitem($row); ?>
</td>
</tr>
<?php endwhile ?>
<?php if ($queryItems->getNumRows() == 0): ?>
<tr>
<td align=center bgcolor=#C7C7C7>Нечего передавать...</td>
</tr>
<?php endif ?>
</table>
</td>
</tr>
</table>
<?php else: ?>
<form method="post">
<input name='receiverName' placeholder="Логин получателя"> <input type=submit value='Применить'>
</form>
<?php endif ?>
2018-01-28 16:40:49 +00:00
</BODY>
</HTML>