battles/lab.php

<?php
session_start();
if (empty($_SESSION['uid'])) {
    header("Location: index.php");
    exit;
}

include "functions.php";
if ($user['lab'] == 0) {
    header("Location: index.php");
    exit;
}

$u_res = mysql_fetch_array(mysql_query("select * from `lab_user` where `id_user`='" . $user['id'] . "'"));

?>
    <script>
        function cut() {
            document.getElementById('buy').disabled = 'disabled';
        }
        setTimeout("document.all['b1'].disabled=false;document.all['b2'].disabled=false;document.all['b3'].disabled=false;document.all['b4'].disabled=false;", <?=(3 - $tt)?>000);
    </script>

<?php
$room = mysql_fetch_array(mysql_query("SELECT * FROM `lab_rooms` WHERE `id` = '" . mysql_real_escape_string($user->room) . "';"));

if ($_GET['healall'] == 1) {
    $cost = $_GET['cost'];
    $kto = $user['login'];
    if ($user['money'] >= $cost) {
        mysql_query("UPDATE `users` SET `hp`=`maxhp` WHERE `lab`='1' AND `bot`!='1';");
        mysql_query("insert into `lab_heal_log` (`kto`,`cost`) VALUES ('" . $kto . "','" . $cost . "')");
        mysql_query("update `users` set `money`=`money`-'" . $cost . "' where `login`='" . $user['login'] . "'");
        echo "Вы всех излечили за <b>" . $cost . "</b> Кр!<br>";
    } else {
        echo "<font color=red>Не достаточно денег.</font><br>";
    }
}

if ($_GET['buykill'] == 1) {
    if ($user['money'] >= 0.15) {
        mysql_query("update `users` set `money`=`money`-'0.15' where `id`='" . $user['id'] . "'");
        mysql_query("update `lab_user` set `svitok_kill`=`svitok_kill`+'1' where `id_user`='" . $user['id'] . "'");
        echo "<script>location='lab.php'</script>";
    }
    echo "<font color=red>Не достаточно денег!</font><br>";
}

if ($_GET['svitheal'] == 1) {
    if ($u_res['svitok_heal'] >= 1) {
        if ($user['hp'] < $user['maxhp']) {
            Mysql_query("update `users` set `hp`=`maxhp` where `login`='" . $user['login'] . "'");
            Mysql_query("update `lab_user` set `svitok_heal`=`svitok_heal`-'1' where `id_user`='" . $user['id'] . "'");
            echo "<script>location='lab.php'</script>";
        } else {
            echo "<font color=red>Ваши жизни итак полны!</font><br>";
        }
    } else {
        echo "<font color=red>У Вас нет свитков оздоровления!</font><br>";
    }
}

if ($_GET['eexit'] == 1) {
    mysql_query("DELETE FROM `lab_trap` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_bots` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_inv` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_user` WHERE `id_user` = '" . $user['id'] . "'");
    Mysql_query("update `users` set `hp`=`maxhp` where `login`='" . $user['login'] . "'");
    $msg .= 'Вышли...<br>';
    mysql_query("UPDATE `users` SET `lab` = 0 , `room` = '99' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
    echo "<script>location='vxod_lab.php'</script>";
}

if ($_GET['kwestend'] == 1) {
    ///////////*****3ADAHU9I******//////////
    if ($u_res['zadanie'] == 1) {
        $mkol = 3;
    } elseif ($u_res['zadanie'] == 2) {
        $mkol = 10;
    } elseif ($u_res['zadanie'] == 3) {
        $mkol = 50;
    } elseif ($u_res['zadanie'] == 4) {
        $mkol = 10;
    } elseif ($u_res['zadanie'] == 5) {
        $mkol = 15;
    } elseif ($u_res['zadanie'] == 6) {
        $mkol = 25;
    } elseif ($u_res['zadanie'] == 7) {
        $mkol = 5;
    } elseif ($u_res['zadanie'] == 8) {
        $mkol = 10;
    }
    if ($u_res['zad' . $u_res['zadanie'] . '_kol'] >= $mkol) {
        mysql_query("DELETE FROM `lab_trap` WHERE `id_user` = '" . $user['id'] . "'");
        mysql_query("DELETE FROM `lab_bots` WHERE `id_user` = '" . $user['id'] . "'");
        mysql_query("DELETE FROM `lab_inv` WHERE `id_user` = '" . $user['id'] . "'");
        Mysql_query("update `users` set `hp`=`maxhp`,`city_mountain`=`city_mountain`+'" . $u_res['nagrada'] . "',`doblest`=`doblest`+'" . $u_res['nagrada'] . "' where `login`='" . $user['login'] . "'");
        mysql_query("DELETE FROM `lab_user` WHERE `id_user` = '" . $user['id'] . "'");
        mysql_query("UPDATE `users` SET `lab`='0',`room` ='99' WHERE `id` = '" . $user['id'] . "';");
        echo "<script>location='vxod_lab.php'</script>";
    } else {
        echo "<font color=red>Вы еще не собрали все ресурсы</font><br>";
    }
}

if ($_GET['mobkill'] == 1) {
    if ($u_res['svitok_kill'] > 0) {
        $coma = [
            "Бот яростно замахнулся, но вы <b>уклонились</b> от удара!",
            "Вы <b>заблокировали</b> подлый удар в спину.",
            "Ваша реакция позволила вам <b>отпрыгнуть</b> от врага.",
            "Вы громко закричали, в следствии чего бот <b>промахнулся</b>.",
            "Бот явно не расчитал свою силы и ударил <b>мимо вас</b>!",
            "Вы технично <b>парировали</b> удар."];
        $com = $coma[rand(0, count($coma) - 1)];
        $id = $_GET['idbot'];
        $rand_bot_atack = rand(1, 3);
        $rand_bot_hpkol2 = rand(1, 7);
        $rand_bot_hpkol1 = rand(3, 20);
        $rand_bot_hpkol = ($rand_bot_hpkol1 + $rand_bot_hpkol2) * $user['level'];
        if ($rand_bot_atack == 1) {
            $user['hp'] = $user['hp'] - $rand_bot_hpkol;
            echo "<font color=red>*** Бот атаковал вас на -<b>" . $rand_bot_hpkol . "</b> HP!</font><br>";
            mysql_query("update `users` set `hp`=`hp`-'" . $rand_bot_hpkol . "' where `id`='" . $user['id'] . "'");
        } else {
            echo "<font color=Gray>*** Бот промахнулся!</font><br>";
        }
        $rand_hp1 = rand(1, 10);
        $rand_hp = $rand_hp1 * $user['level'];
        $bot = mysql_fetch_array(mysql_query("select * from `lab_bots` where `id_bot`='" . $id . "' AND `id_user`='" . $user['id'] . "' AND `id_room`='" . $user->room . "' LIMIT 1"));
        $hels = $bot['bot_hp'] - $rand_hp;
        if ($hels < 0) {
            echo "<b>Вы убили моба!</b><br>";
///Если нужно выбить записки
            if ($u_res['zadanie'] == 7) {
                $zapis = rand(1, 4);
                if ($zapis == 1) {
                    echo "Вы получили 1 записку!<br>";
                    Mysql_query("update `lab_user` set `zad" . $u_res['zadanie'] . "_kol`=`zad" . $u_res['zadanie'] . "_kol`+'1' where `id_user`='" . $user['id'] . "'");
                }
                mysql_query("delete from `lab_bots` where `id_bot`='" . $id . "' AND `id_user`='" . $user['id'] . "' AND `id_room`='" . $user->room . "' LIMIT 1");
//если просто убивалка
            } else {
                Mysql_query("update `lab_user` set `zad" . $u_res['zadanie'] . "_kol`=`zad" . $u_res['zadanie'] . "_kol`+'1' where `id_user`='" . $user['id'] . "'");
                mysql_query("delete from `lab_bots` where `id_bot`='" . $id . "' AND `id_user`='" . $user['id'] . "' AND `id_room`='" . $user->room . "' LIMIT 1");
            }
        } else {
            echo "Вы отняли у моба -<b>" . $rand_hp . "</b> HP!<br>";
            mysql_query("update `lab_bots` set `bot_hp`=`bot_hp`-'" . $rand_hp . "' where `id`='" . $bot['id'] . "'");
        }
        Mysql_query("update `lab_user` set `svitok_kill`=`svitok_kill`-'1' where `id_user`='" . $user['id'] . "'");
    } else {
        echo "<font color=red>У вас нет свитков атаки!</font><br>";
    }
}

if ($_GET['svitexit'] == 1) {
    if ($u_res['exit_teleport'] >= 1) {
        mysql_query("DELETE FROM `lab_trap` WHERE `id_user` = '" . $user['id'] . "'");
        mysql_query("DELETE FROM `lab_bots` WHERE `id_user` = '" . $user['id'] . "'");
        mysql_query("DELETE FROM `lab_inv` WHERE `id_user` = '" . $user['id'] . "'");
        Mysql_query("update `users` set `hp`=`maxhp` where `login`='" . $user['login'] . "'");
        Mysql_query("update `lab_user` set `exit_teleport`=`exit_teleport`-'1' where `id_user`='" . $user['id'] . "'");
        mysql_query("UPDATE `users` SET `lab`='0',`room` ='99' WHERE `id` = '" . $user['id'] . "';");
        echo "<script>location='vxod_lab.php'</script>";
    } else {
        echo "<font color=red>У вас нет свитков возрата!</font><br>";
    }
}

if ($_GET['exit'] && $room['exit'] == 1) {
    mysql_query("DELETE FROM `lab_trap` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_bots` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_inv` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . $user['id'] . "'");
    Mysql_query("update `users` set `hp`=`maxhp` where `login`='" . $user['login'] . "'");
    mysql_query("UPDATE `users` SET `lab`='0',`room` ='99' WHERE `id` = '" . $user['id'] . "';");
    echo "<script>location='vxod_lab.php'</script>";
}

if ($_GET['get']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($_GET['get']) . "' AND `id_user`='" . $user['id'] . "';"));
    if ($data['id_room'] == $user->room) {

        switch ($data['type']) {
            case 1:
                $d = mysql_fetch_array(mysql_query("SELECT count(`id`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "';"));
                if ($user['sila'] * 4 > $d[0]) {
                    mysql_query("INSERT INTO `lab_tmp` (`id_user`,`type`,`value`) values ('" . mysql_real_escape_string($user['id']) . "','" . mysql_real_escape_string($data['type']) . "','" . mysql_real_escape_string($data['value']) . "');");
                    mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                }
                break;
            case 2:
                mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                mysql_query("UPDATE `users` SET `hp` = `maxhp`, `fullhptime` = " . time() . " WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
                $user['hp'] = $user['maxhp'];
                break;
            case 6:
                mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                Mysql_query("update `lab_user` set `zad3_kol`=`zad3_kol`+'1' where `id_user`='" . $user['id'] . "'");
                echo "<script>location='lab.php'</script>";
                break;
            case 5:
                mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                Mysql_query("update `lab_user` set `zad2_kol`=`zad2_kol`+'1' where `id_user`='" . $user['id'] . "'");
                echo "<script>location='lab.php'</script>";
                break;
            case 7:
                mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                Mysql_query("update `lab_user` set `zad8_kol`=`zad8_kol`+'1' where `id_user`='" . $user['id'] . "'");
                echo "<script>location='lab.php'</script>";
                break;
            case 4:
                mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                Mysql_query("update `lab_user` set `zad1_kol`=`zad1_kol`+'1' where `id_user`='" . $user['id'] . "'");
                echo "<script>location='lab.php'</script>";
                break;
            case 3:
                $d = mysql_fetch_array(mysql_query("SELECT count(`id`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `id_user`='" . $user['id'] . "';"));
                if ($user['sila'] * 4 > $d[0]) {
                    mysql_query("INSERT INTO `lab_tmp` (`id_user`,`type`,`value`) values ('" . mysql_real_escape_string($user['id']) . "','" . mysql_real_escape_string($data['type']) . "','" . mysql_real_escape_string($data['value']) . "');");
                    mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                }
                break;
            case 9:
                $d = mysql_fetch_array(mysql_query("SELECT count(`id`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `id_user`='" . $user['id'] . "';"));
                if ($user['sila'] * 4 > $d[0]) {
                    mysql_query("INSERT INTO `lab_tmp` (`id_user`,`type`,`value`) values ('" . mysql_real_escape_string($user['id']) . "','" . mysql_real_escape_string($data['type']) . "','" . mysql_real_escape_string($data['value']) . "');");
                    mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                }
                break;
            case 8:
                $d = mysql_fetch_array(mysql_query("SELECT count(`id`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `id_user`='" . $user['id'] . "';"));
                if ($user['sila'] * 4 > $d[0]) {
                    mysql_query("INSERT INTO `lab_tmp` (`id_user`,`type`,`value`) values ('" . mysql_real_escape_string($user['id']) . "','" . mysql_real_escape_string($data['type']) . "','" . mysql_real_escape_string($data['value']) . "');");
                    mysql_query("DELETE FROM `lab_inv` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
                }
                break;
        }
    }
    unset($data);
}

if ($_GET['drop']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_tmp` WHERE `id` = '" . mysql_real_escape_string($_GET['drop']) . "' AND `id_user`='" . $user['id'] . "';"));
    mysql_query("DELETE FROM `lab_tmp` WHERE `id` = '" . mysql_real_escape_string($data['id']) . "' AND `id_user`='" . $user['id'] . "' LIMIT 1;");
    mysql_query("INSERT INTO `lab_inv` (`id_room`,`type`,`value`,`id_user`) values ('" . mysql_real_escape_string($user->room) . "','" . mysql_real_escape_string($data['type']) . "','" . mysql_real_escape_string($data['value']) . "','" . mysql_real_escape_string($user['id']) . "');");
    unset($data);
}

if ($_GET['nal1']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_bots` WHERE `id` = '" . mysql_real_escape_string($_GET['nal1']) . "' AND `id_user`='" . $user['id'] . "';"));
    if ($data['id_room'] == $user->room) {
        $sum = mysql_fetch_array(mysql_query("SELECT SUM(`value`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='1';"));
        mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='1';");
        mysql_query("UPDATE `users` SET `money` = `money`+'" . mysql_real_escape_string($sum[0]) . "' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
        err('Вы обналичили у Архивариуса чек на <b>' . round($sum[0], 2) . '</b> кр!<br>');
    }
    unset($data);
}


if ($_GET['nal2']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_bots` WHERE `id` = '" . mysql_real_escape_string($_GET['nal2']) . "' AND `id_user`='" . $user['id'] . "';"));
    if ($data['id_room'] == $user->room) {
        $sum = mysql_fetch_array(mysql_query("SELECT SUM(`value`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='3';"));
        mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='3';");
        mysql_query("UPDATE `users` SET `doblest` = `doblest`+'" . mysql_real_escape_string($sum[0]) . "' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
        err('Вы обналичили у Архивариуса чек на <b>' . round($sum[0], 2) . '</b> доблести!<br>');
    }
    unset($data);
}


if ($_GET['nal3']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_bots` WHERE `id` = '" . mysql_real_escape_string($_GET['nal3']) . "' AND `id_user`='" . $user['id'] . "';"));
    if ($data['id_room'] == $user->room) {
        $sum = mysql_fetch_array(mysql_query("SELECT SUM(`value`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='8';"));
        mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='8';");
        mysql_query("UPDATE `bank` SET `ekr` = `ekr`+'" . mysql_real_escape_string($sum[0]) . "' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
        err('Вы обналичили у Архивариуса чек на <b>' . round($sum[0], 2) . '</b> екр!<br>');
    }
    unset($data);
}


if ($_GET['nal4']) {
    $data = mysql_fetch_array(mysql_query("SELECT * FROM `lab_bots` WHERE `id` = '" . mysql_real_escape_string($_GET['nal4']) . "' AND `id_user`='" . $user['id'] . "';"));
    if ($data['id_room'] == $user->room) {
        $sum = mysql_fetch_array(mysql_query("SELECT SUM(`value`) FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='9';"));
        mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "' AND `type`='9';");
        mysql_query("UPDATE `users` SET `exp` = `exp`+'" . mysql_real_escape_string($sum[0]) . "' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
        err('Вы обналичили у Архивариуса чек на <b>' . round($sum[0], 2) . '</b> опыта!<br>');
    }
    unset($data);
}

if ($_GET['go']) {
    if (time() - $_SESSION['time'] <= 3) {
        echo "<font color=red>Не так быстро</font>";
    } else
        switch ($_GET['go']) {
            case "p1":
                mysql_query("UPDATE `users` SET `room` = '" . mysql_real_escape_string($room['p1']) . "', `fullhptime` = " . time() . " WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
                $user->room = $room['p1'];
                $_SESSION['time'] = time();
                break;
            case "p2":
                mysql_query("UPDATE `users` SET `room` = '" . mysql_real_escape_string($room['p2']) . "', `fullhptime` = " . time() . " WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
                $user->room = $room['p2'];
                $_SESSION['time'] = time();
                break;
            case "p3":
                mysql_query("UPDATE `users` SET `room` = '" . mysql_real_escape_string($room['p3']) . "', `fullhptime` = " . time() . " WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
                $user->room = $room['p3'];
                $_SESSION['time'] = time();
                break;
            case "p4":
                mysql_query("UPDATE `users` SET `room` = '" . mysql_real_escape_string($room['p4']) . "', `fullhptime` = " . time() . " WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
                $user->room = $room['p4'];
                $_SESSION['time'] = time();
                break;
        }
}

$room = mysql_fetch_array(mysql_query("SELECT * FROM `lab_rooms` WHERE `id` = '" . mysql_real_escape_string($user->room) . "';"));

if ($user['hp'] <= 0) {
    mysql_query("DELETE FROM `lab_trap` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_bots` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_inv` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_tmp` WHERE `id_user` = '" . $user['id'] . "'");
    mysql_query("DELETE FROM `lab_user` WHERE `id_user` = '" . $user['id'] . "'");
    Mysql_query("update `users` set `hp`=`maxhp` where `login`='" . $user['login'] . "'");
    $msg .= 'К сожалению, Вы умерли!<br>';
    mysql_query("UPDATE `users` SET `lab` = 0 , `room` = '99' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
    echo "<script>location='vxod_lab.php'</script>";
}


$data = mysql_query("SELECT * FROM `lab_inv` WHERE `id_room` = '" . mysql_real_escape_string($user->room) . "' AND `id_user`='" . $user['id'] . "';");
$data2 = mysql_query("SELECT * FROM `lab_tmp` WHERE `id_user` = '" . mysql_real_escape_string($user['id']) . "';");
$data3 = mysql_query("SELECT * FROM `users` WHERE `lab` = 1 AND `room` = '" . mysql_real_escape_string($room['id']) . "';");
$data4 = mysql_query("SELECT * FROM `lab_bots` WHERE `id_room` = '" . mysql_real_escape_string($room['id']) . "' AND `id_user`='" . $user['id'] . "';");

$roow = mysql_fetch_array(mysql_query("SELECT * FROM `lab_trap` WHERE `id_room` = '" . mysql_real_escape_string($user->room) . "' AND `id_user`='" . $user['id'] . "';"));

if ($roow[0]) {
    $msg .= 'В комнате была установлена ловушка...<br>';
    switch ($roow[3]) {
        case 1:
            mysql_query("UPDATE `users` SET `hp` = '1' WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
            break;
        case 2:
            mysql_query("UPDATE `users` SET `hp` = `hp`/2+1 WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
            break;
        case 3:
            mysql_query("UPDATE `users` SET `hp` = `hp`/3+1 WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
            break;
        case 4:
            mysql_query("UPDATE `users` SET `hp` = `hp`/4+1 WHERE `id` = '" . mysql_real_escape_string($user['id']) . "';");
            break;
    }
    $user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '" . mysql_real_escape_string($_SESSION['uid']) . "' LIMIT 1;"));
    mysql_query("DELETE FROM `lab_trap` WHERE `id` = '" . mysql_real_escape_string($roow['id']) . "' AND `id_user`='" . $user['id'] . "';");
}

if ((time() - $_SESSION['time']) > 3) {
    $tt = 3;
} else {
    $tt = (time() - $_SESSION['time']);
}
Template::header('lab');

echo Nick::id($user)->battle();
echo " <a href=\"#\" onclick=\"javascript:if (confirm('Желаете выбраться из квестового лабиринта? Теряете все, что здесь нашли.')){ location.href='lab.php?eexit=1';}\">Выйти?</a>";
echo "<table border=0 width=100%><tr><td colspan=4><font color=red>" . $msg;
echo "</font>";
if ($room['exit'] == 1) {
    echo "<font color=green><b>В комнате есть выход.</b></font> •<a href='?exit=1'>ВЫЙТИ!</a>•<br>";
}

echo " <a href=\"#\" onclick=\"javascript:if (confirm('Использовать свиток возрата?')){ location.href='lab.php?svitexit=1';}\">Свиток возрата: <b>" . $u_res['exit_teleport'] . "</b></a> | <a href=\"#\" onclick=\"javascript:if (confirm('Использовать свиток оздоровления?')){ location.href='lab.php?svitheal=1';}\">Свиток оздоровления: <b>" . $u_res['svitok_heal'] . "</b></a><br>";

echo " <b>+</b> Бот-атаки: <b>" . $u_res['svitok_kill'] . "</b> <small><a href=\"#\" onclick=\"javascript:if (confirm('Купить 1 Бот-атаку за 0.15 кредит?')){ location.href='lab.php?buykill=1';}\">[купить]</a></small>";
echo "<p>";

$log = mysql_query("select * from `lab_heal_log` order by `id` desc LIMIT 1");
for ($i = 0; $i < mysql_num_rows($log); $i++) {
    $log_inf = mysql_fetch_array($log);
    $u_info = mysql_fetch_array(mysql_query("select `level`,`login` from `users` where `login`='" . $log_inf['kto'] . "'"));
    echo "<small><b>" . $u_info['login'] . "</b> [" . $u_info['level'] . "]<a href='inf.php?login=" . $u_info['login'] . "' target=_blank><IMG SRC='i/inf.gif' BORDER=0 ALT='Информация о " . $u_info['login'] . "'></a> <em>излечил всех за <b>" . $log_inf['cost'] . "</b> кр.</em></small><br>";

}

echo "" . $room['name'] . " (" . $user->room . ")</tr>";
echo "<tr><td><td><button style='width:50px; height:50px;' class='INPUT' disabled id=b1 onclick='location.href=\"lab.php?go=p1\";'>СЕВЕР</button><td><td rowspan=3 style='height:100px;'>&nbsp;<td rowspan=4 width=30% valign=top style='height:100px;'>";
$u_lab = mysql_query("select `login` from `users` where `lab`='1' and `bot`!='1'");
$u_lab_kol = mysql_num_rows($u_lab);
$heal_all = (($u_lab_kol / 2) + 1);
echo "Всего в Квестовом Лабиринте: <b>" . $u_lab_kol . "</b> чел. <small><a href=\\";
echo "<b>В этой комнате:</b>";
echo "<br><li><u>Игроки:</u>";
while ($items = mysql_fetch_array($data3)) {
    echo "<BR>";
    echo Nick::id($items['id'])->full();
}
echo "<br><li><u>Мобы:</u>";
while ($items = mysql_fetch_array($data4)) {
    echo "<BR>";
    echo "<b>" . $items['bot_name'] . "</b> ";
    echo " <img src='i/herz.gif' title='Жизни'>[" . $items['bot_hp'] . "/" . $items['bot_hpmax'] . "]";
    if (($u_res['zadanie_mob_id'] == $items['id_bot'] && $u_res['svitok_kill'] > 0) || ($u_res['zadanie'] == 7 && $u_res['svitok_kill'] > 0)) {
        echo " <a href=\\";
    }

    if ($items['id_bot'] == 4) {
        echo "<br><center><a href='?nal1=" . $items['id'] . "'>[Обналичить чеки на <font color=green>кр</font>]</a></center>";
    } elseif ($items['id_bot'] == 5) {
        echo "<br><center><a href='?nal2=" . $items['id'] . "'>[Обналичить чеки на <font color=blue>добл.</font>]</a></center>";
    } elseif ($items['id_bot'] == 6) {
        echo "<br><center><a href='?nal3=" . $items['id'] . "'>[Обналичить чеки на <font color=red>екры</font>]</a></center>";
    } elseif ($items['id_bot'] == 7) {
        echo "<br><center><a href='?nal4=" . $items['id'] . "'>[Обналичить чеки на <font color=gray>опыт</font>]</a></center>";
    }
}
echo "<br><li><u>Ресурсы:</u>";
while ($items = mysql_fetch_array($data)) {
    switch ($items['type']) {
        case 1:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=green><b>" . $items['value'] . "</b> кр.</font></a>";
            break;
        case 2:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/INV_Alchemy_Potion_Empty.gif' width=16> Колодец жизни</a>";
            break;
        case 6:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/lab/podarok.gif'> Подарок</a>";
            break;
        case 5:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/lab/noj.gif'> Нож</a>";
            break;
        case 7:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/lab/simvol.gif'> Установить древний символ</a>";
            break;
        case 3:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=blue> <b>" . $items['value'] . "</b> добл.</font></a>";
            break;
        case 8:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=red> <b>" . $items['value'] . "</b> екр</font></a>";
            break;
        case 9:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=gray> <b>" . $items['value'] . "</b> опыта</font></a>";
            break;
        case 4:
            echo "<BR><a href='?get=" . $items['id'] . "'><img src='i/lab/zhem.gif'> Синий жемчуг</font></a>";
            break;
    }
}
echo "<td rowspan=4 width=50% valign=top>";
///////////*****3ADAHU9I******//////////
if ($u_res['zadanie'] == 1) {
    $mkol = 3;
} elseif ($u_res['zadanie'] == 2) {
    $mkol = 10;
} elseif ($u_res['zadanie'] == 3) {
    $mkol = 50;
} elseif ($u_res['zadanie'] == 4) {
    $mkol = 10;
} elseif ($u_res['zadanie'] == 5) {
    $mkol = 15;
} elseif ($u_res['zadanie'] == 6) {
    $mkol = 25;
} elseif ($u_res['zadanie'] == 7) {
    $mkol = 5;
} elseif ($u_res['zadanie'] == 8) {
    $mkol = 10;
}
echo "<b><em>Задание:</em></b> <em>" . $u_res['zadanie_opisanie'] . "</em> [" . $u_res['zad' . $u_res['zadanie'] . '_kol'] . "/" . $mkol . "]";
if ($u_res['zad' . $u_res['zadanie'] . '_kol'] >= $mkol) {
    echo "
 <a href='lab.php?kwestend=1'>ЗАВЕРШИТЬ!</a>
 ";
}

?>
    <style>
        body {
            background-image: url('i/labbg.jpg');
            background-repeat: no-repeat;
            background-position: top right;
        }

        .INPUT {
            BORDER-RIGHT: #b0b0b0 1pt solid;
            BORDER-TOP: #b0b0b0 1pt solid;
            MARGIN-TOP: 1px;
            FONT-SIZE: 10px;
            MARGIN-BOTTOM: 2px;
            BORDER-LEFT: #b0b0b0 1pt solid;
            COLOR: #191970;
            BORDER-BOTTOM: #b0b0b0 1pt solid;
            FONT-FAMILY: MS Sans Serif
        }
    </style>
<?
echo "<hr><u>Найденные ресурсы:</u>";
while ($items = mysql_fetch_array($data2)) {
    if ($items['type'] == 1) {
        echo "<BR><a href='?drop=" . $items['id'] . "'><img src='i/clear.gif'></a><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=green><b>" . $items['value'] . "</b> кр.</font>";
    }
    if ($items['type'] == 3) {
        echo "<BR><a href='?drop=" . $items['id'] . "'><img src='i/clear.gif'></a><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=blue><b>" . $items['value'] . "</b> добл.</font>";
    }
    if ($items['type'] == 9) {
        echo "<BR><a href='?drop=" . $items['id'] . "'><img src='i/clear.gif'></a><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=gray><b>" . $items['value'] . "</b> опыта</font>";
    }
    if ($items['type'] == 8) {
        echo "<BR><a href='?drop=" . $items['id'] . "'><img src='i/clear.gif'></a><img src='i/INV_Scroll_03.gif' width=16>Чек на <font color=red><b>" . $items['value'] . "</b> екр</font>";
    }

}
echo "<BR> Всего: " . mysql_num_rows($data2) . "/" . ($user['sila'] * 4) . " ";
echo "</tr><tr><td><button style='width:50px; height:50px;' class='INPUT' disabled id=b4 onclick='location.href=\"lab.php?go=p4\";'>ЗАПАД</button><td><button style='width:50px; height:50px;' class='INPUT' onclick='location.href=\"lab.php\";'>ОБНО<BR>ВИТЬ</button><td><button style='width:50px; height:50px;' class='INPUT' disabled id=b2 onclick='location.href=\"lab.php?go=p2\";'>ВОСТОК</button></tr>";
echo "<tr><td width=1%><td align=center width=1%><button style='width:50px; height:50px;' class='INPUT' disabled id=b3 onclick='location.href=\"lab.php?go=p3\";'>ЮГ</button><td width=1%></tr><tr><td colspan=6 style='height:100px;'></td></tr></table>";