diff --git a/classes/utils_class.php b/classes/utils_class.php
deleted file mode 100644
index 1dca5e9..0000000
--- a/classes/utils_class.php
+++ /dev/null
@@ -1,88 +0,0 @@
- 0) {
- foreach($_POST as $k => $v) {
- if($v != null) {
- if(in_array($k, $RichText)) {
- $_POST[$k] = nl2br($_POST[$k]);
- $_POST[$k] = mysql_real_escape_string($_POST[$k]);
- } else {
- $_POST[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_POST[$k]);
- }
- }
- }
- }
-
- if(count($_GET) > 0) {
- foreach($_GET as $k => $v) {
- if($v != null)
- $_GET[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_GET[$k]);
- }
- }
- }
-
- public function Short($uid, $ad) {
- $us = $this->get_inf($uid);
- $clan_arr = mysql_fetch_assoc(mysql_query("SELECT `id`, `short` FROM `clans` WHERE `id` = '".$us['klan']."' LIMIT 1"));
- echo "login=".$us['login']."
";
- echo "level=".$us['level']."
";
- echo "align=".$us['align']."
";
- echo "klan=".$clan_arr['short']."
";
- echo "sex=".$us['sex']."
";
- echo "str=".$us['sila']."
";
- echo "agil=".$us['lovk']."
";
- echo "int=".$us['inta']."
";
- echo "dex=".$us['vinos']."
";
- echo "status=".$us['status']."
";
- echo "borncity=".$us['borncity']."
";
- echo "block=".$us['block']."
";
- echo "palmessage=".$us['palcom']."
";
- echo "online=".(int)(time()-$us['chattime'] < 60*5)."
";
- echo "hp=".$us['hp']."
";
- echo "maxhp=".$us['maxhp']."
";
- if($ad == 2.99) {
- echo "money=".$us['money']."
";
- echo "rep=".$us['doblest']."
";
- echo "laba=".$us['laba']."
";
- if($us['laba'] > 0) {
- echo "-----------------------
";
- echo "laba_x=".$us['x']."
";
- echo "laba_y=".$us['y']."
";
- echo "-----------------------
";
- }
- echo "room=".$us['room']."
";
- }
- echo "dress=";
- $dresses = mysql_query("SELECT `id`, `name`, `duration`, `maxdur` FROM `inventory` WHERE `owner` = '".$us['id']."' AND `dressed` = 1 AND `type` != 12");
- while($dr = mysql_fetch_array($dresses)) {
- echo $dr['name']." ".(int)$dr['duration']."/".(int)$dr['maxdur'].",";
- }
- }
-
-}
-
-$Utils = new Utils();
\ No newline at end of file
diff --git a/functions.php b/functions.php
index 9c5fa1c..8098729 100644
--- a/functions.php
+++ b/functions.php
@@ -2316,7 +2316,7 @@ function showinf_pers($id, $pas = 0, $battle = 0, $me = 0, $main = false) //FIXM
$r .= '
';
if ($user['deal'] > 0) {
- $deal = '💵 ';
+ $deal = '💲 ';
}
$r .= "
$deal" . ($user['align'] > 0 ? "
" : "") . ($user['klan'] != '' ? '
' : "") . "$user[login] [";
diff --git a/inf.php b/inf.php
index 3610c00..7358d18 100644
--- a/inf.php
+++ b/inf.php
@@ -2,109 +2,38 @@
session_start();
include("config.php");
include("functions.php");
-include("classes/utils_class.php");
-//$uplogin = explode('&', $_SERVER['QUERY_STRING']);
-//$uplogin = urldecode(trim($uplogin[0]));
-//
-//if (isset($_GET['login'])) { $user_id = '`login` = "' . mysql_real_escape_string($_GET['login']) . '"';
-//} elseif (isset($_GET['id'])) { $user_id = '`id` = "' . mysql_real_escape_string($_GET['id']) . '"';
-//} else {
-// if (is_numeric($uplogin)) {
-// $user_id = '`id` = "' . mysql_real_escape_string($uplogin) . '"';
-// } else {
-// $user_id = '`login` = "' . mysql_real_escape_string($uplogin) . '"';
-// }
-//}
-
-//$user_id = filter_input(INPUT_GET,'id');
$user_login = filter_input(INPUT_GET,'login');
-//$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE $user_id LIMIT 1"));
-//$own = mysql_fetch_array(mysql_query("SELECT id, align, admin FROM `users` WHERE `id` = '" . mysql_real_escape_string((int)$_SESSION['uid']) . "' LIMIT 1"));
-$user = db::c()->query('SELECT * FROM `users` WHERE `login` = "?s" LIMIT 1', $user_login)->fetch_assoc();
-$own = db::c()->query('SELECT `id`, `align`, `admin` FROM `users` WHERE `id` = "?s" LIMIT 1', $_SESSION['uid'])->fetch_assoc();
+$user = db::c()->query('SELECT `id`,`login`,`married`,`deal`,`win`,`medals`,borndate,`align`,`admin`,`realname`,`city`,`lozung`,`info`,`prof1`,`prof2`,`email`,`ip`,`exp`,`stats`,`money`,`room`,`doblest`
+ FROM `users`
+ WHERE `login` = "?s"', $user_login)->fetch_assoc();
+$own = db::c()->query('SELECT `align`,`admin` FROM `users` WHERE `id` = "?s"', $_SESSION['uid'])->fetch_assoc();
$_SERVER['QUERY_STRING'] = $user['id'];
-if ($user['id'] == null) {
+if (empty($user['id'])) {
?>
-
+
Ошибка
-
- Ошибка: персонаж= ($_GET['login'] ? " \"" . $_GET['login'] . "\"" : ""); ?> не найден...
- Назад
+
+ Ошибка: персонаж= ($user_login ? " " . $user_login . "" : ""); ?> не найден...
+ ←назад
exit();
}
-
-//if (isset($_GET['short'])) {
-// header("Content-type= text/plain");
-// die($Utils->Short($user['id'], $own['align']));
-//}
-//
-//?>
+?>
Информация о = $user['login'] ?>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
-
@@ -112,14 +41,8 @@ if ($user['id'] == null) {
= showinf_pers($user['id'], 1);
- if ($user['married']) {
- $who = mysql_fetch_array(mysql_query('SELECT `id` FROM `users` WHERE `login` = "' . $user['married'] . '" LIMIT 1'));
- echo ' ';
- }
-
- if ($user['deal'] == 1) echo ' ';
-
- if ($user['reputation'] >= 20000 && $user['repcost'] <= 22229) echo ' ';
+ if (!empty($user['married'])) echo ' ';
+ if ($user['deal'] == 1) echo '💲';
for ($i = 0; $i < count($medals); $i++) {
switch ($medals[$i]) {
case "009":
@@ -140,19 +63,11 @@ if ($user['id'] == null) {
|
- ![](i/<? echo star_sign(substr($user['borndate'], 3, 2), substr($user['borndate'], 0, 2)); ?>.gif)
-
- if ($user['vip_time'] > 0) {
- if ($user['vip'] == 1) { $vip_type = "Серебряный vip аккаунт"; }
- elseif ($user['vip'] == 2) { $vip_type = "Золотой vip аккаунт"; }
- elseif ($user['vip'] == 3) { $vip_type = "Платиновый vip аккаунт"; }
- echo ' ![<b>' . $vip_type . '</b><br />Действителен еще : ' . timeOut($user['vip_time'] - time()) . '](i/p' . $user['vip'] . '.png) ';
- }
-
- if ((int)$user['align'] == 1) { ?>
- ![](/i/inf_pal.gif)
- Орден паладинов
-
+ ![](i/<?=star_sign(substr($user['borndate'], 3, 2), substr($user['borndate'], 0, 2));?>.gif)
+ ";
+ if ((int)$user['admin'] == 1) echo " ![](/i/p21.gif) ";
+ ?>
|
@@ -160,11 +75,9 @@ if ($user['id'] == null) {
-
-$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '" . $user['id'] . "' AND `type` = 5 LIMIT 1"));
-
+query('SELECT `time` FROM `effects` WHERE `owner` = ?i AND `type` = ?i ', $user['id'], 5)->fetch_assoc();
if ($effect['time'] AND ($own['admin'] != 1 OR ((int)$own['align']) != 1)) die('Персонаж обезличен!
');
-
if (!empty($user['realname'])) echo "Имя: " . $user['realname'] . "
";
if (!empty($user['city'])) echo "Город: " . $user['city'] . "
";
if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "
";
@@ -172,73 +85,74 @@ if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "
";
= nl2br($user['info']); ?>
-
+ 1.2))
if ($okld == 1) {
echo "Личное дело
";
- $ldd = mysql_query("SELECT * FROM `lichka` WHERE `pers` = '" . $user['id'] . "' ORDER BY `id` ASC");
- while ($ld = mysql_fetch_array($ldd)) {
+ $ld = db::c()->query('SELECT * FROM `lichka` WHERE `pers` = ?i ORDER BY `id` ASC', $user['id'])->fetch_assoc();
+ while ($ld) {
$dat = date("d.m.Y H:i", $ld['date']);
- $text = $ld['text'];
- echo "$dat $text
";
+ echo "$dat {$ld['text']}
";
}
}
if ($okdop == 1) {
echo "Возможные мульты
";
- $lplist = mysql_query("SELECT idperslater FROM delo_multi WHERE idpersnow = {$user['id']} GROUP BY idperslater ASC;");
- while ($iplog = mysql_fetch_array($lplist)) {
- echo nick3($iplog['idperslater']) . " ";
- }
+ $iplog = db::c()->query('SELECT idperslater FROM delo_multi WHERE idpersnow = ?i GROUP BY idperslater ASC', $user['id'])->fetch_assoc();
+ while ($iplog) echo nick3($iplog['idperslater']) . " ";
echo "Дополнительные сведения
";
if (!empty($user['id'])) echo "ID: " . $user['id'] . "
";
+ if (!empty($user['email'])) echo "E-mail: " . $user['email'] . "
";
if (!empty($user['borndate'])) echo "День рождения: " . $user['borndate'] . "
";
if (!empty($user['ip'])) echo "IP при регистрации: " . $user['ip'] . "
";
-
-#
- $data = mysql_query("SELECT `id`, `ip`, `login`, `status`, `level`, `room`, `align`, (select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM users WHERE refer='$user[id]' ORDER BY level DESC");
- $i = 0;
- while ($row = mysql_fetch_array($data)) {
- $i++;
- if ($i == 1) echo "Список рефералов:
";
- if ($row['online'] > 0) {
- echo '
';
- nick2($row['id']);
- if ($row['id'] == $user['deal']) echo ' - ' . $row['status'] . '';
- $rrm = $rooms[$row['room']];
- echo ' - ', $rrm, '
';
- }
-
- if ($row['online'] < 1) {
- echo '
';
- nick2($row['id']);
- if ($row['id'] == $user['deal']) echo ' - ', $row['status'], '';
- echo ' - нет в игре';
- }
- echo ' - IP:' . $row['ip'] . '
';
- }
- echo "";
}
if ($own['admin'] == 1) {
- if (!empty($user['email'])) echo "E-mail: " . $user['email'] . "
";
if (!empty($user['exp'])) echo "Oпыт: " . $user['exp'] . "
";
if (!empty($user['stats'])) echo "Число неиспользованных UP-ов: " . $user['stats'] . "
";
if (!empty($user['money'])) echo "Кредитов: " . $user['money'] . "
";
@@ -315,7 +202,7 @@ if ($own['admin'] == 1) {
if (!empty($user['reputation'])) echo "Всего Репутации: " . $user['reputation'] . "
";
if (!empty($user['doblest'])) echo "Репутации: " . $user['doblest'] . "
";
- if ($user_bank_s = mysql_query("SELECT * FROM `bank` WHERE `owner` = '{$user['id']}';")) {
+ if ($user_bank = db::c()->query('SELECT `id`,`cr`,`ekr` FROM `bank` WHERE `owner` = ?i', $user['id'])->fetch_assoc()) {
echo "Банк
";
echo "
@@ -323,56 +210,50 @@ if ($own['admin'] == 1) {
№ |
Кредитов. |
ЕвроКредитов. |
- Репутации. |
";
- while ($user_bank = mysql_fetch_assoc($user_bank_s)) {
+ while ($user_bank) {
echo "
" . $user_bank['id'] . " |
" . $user_bank['cr'] . " |
" . $user_bank['ekr'] . " |
- " . $user_bank['reputation'] . " |
";
}
}
- $own = mysql_fetch_array(mysql_query("SELECT `id`,`align`,`login` FROM `users` WHERE `id` = '{$_SESSION['uid']}' LIMIT 1;"));
+ //TODO Вынести управляющие элементы во внешнюю админку, подальше от прецедентов. А то были случаи.
+ $del = filter_input(INPUT_POST,'del', FILTER_VALIDATE_INT);
if ($_POST['del']) {
- $invs = mysql_query("SELECT * FROM `inventory` WHERE `id`='" . $_POST['del'] . "'");
- $bbc = mysql_fetch_array($invs);
- if ($bbc['dressed'] == 1) {
- dropitem($bbc['type']);
- if ($bbc['type'] == 5) {
+ $itemdel = db::c()->query('SELECT `type`,`dressed` FROM `inventory` WHERE `id`=?i', $del)->fetch_assoc();
+ if ($itemdel['dressed'] == 1) {
+ dropitem($itemdel['type']);
+ if ($itemdel['type'] == 5) {
dropitem(6);
dropitem(7);
}
}
- mysql_query("DELETE FROM `inventory` WHERE `id` = '{$_POST['del']}' LIMIT 1;");
+ db::c()->query('DELETE FROM `inventory` WHERE `id` = ?i', $del);
}
- $invv = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '{$user['id']}' ORDER by `id` DESC;");
echo "
Вещи в инвентаре:
";
echo "
ID |
Название |
- Долговечность |
- Колл. |
+ Количество |
Картинка |
× |
";
-
- while ($inv = mysql_fetch_array($invv)) {
- $ip = $iplog['ip'];
+ $inv = db::c()->query('SELECT `id`,`name`,`koll`,`img` FROM `inventory` WHERE `owner` = ?i ORDER BY `id` DESC', $user['id'])->fetch_assoc();
+ while ($inv) {
echo "
";
+ echo " | ";
if ($_POST['undress_char']) undressall($user['id']);
}
-
-
?>
-
+
+
+
+
+
\ No newline at end of file