diff --git a/classes/utils_class.php b/classes/utils_class.php deleted file mode 100644 index 1dca5e9..0000000 --- a/classes/utils_class.php +++ /dev/null @@ -1,88 +0,0 @@ - 0) { - foreach($_POST as $k => $v) { - if($v != null) { - if(in_array($k, $RichText)) { - $_POST[$k] = nl2br($_POST[$k]); - $_POST[$k] = mysql_real_escape_string($_POST[$k]); - } else { - $_POST[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_POST[$k]); - } - } - } - } - - if(count($_GET) > 0) { - foreach($_GET as $k => $v) { - if($v != null) - $_GET[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_GET[$k]); - } - } - } - - public function Short($uid, $ad) { - $us = $this->get_inf($uid); - $clan_arr = mysql_fetch_assoc(mysql_query("SELECT `id`, `short` FROM `clans` WHERE `id` = '".$us['klan']."' LIMIT 1")); - echo "login=".$us['login']."
"; - echo "level=".$us['level']."
"; - echo "align=".$us['align']."
"; - echo "klan=".$clan_arr['short']."
"; - echo "sex=".$us['sex']."
"; - echo "str=".$us['sila']."
"; - echo "agil=".$us['lovk']."
"; - echo "int=".$us['inta']."
"; - echo "dex=".$us['vinos']."
"; - echo "status=".$us['status']."
"; - echo "borncity=".$us['borncity']."
"; - echo "block=".$us['block']."
"; - echo "palmessage=".$us['palcom']."
"; - echo "online=".(int)(time()-$us['chattime'] < 60*5)."
"; - echo "hp=".$us['hp']."
"; - echo "maxhp=".$us['maxhp']."
"; - if($ad == 2.99) { - echo "money=".$us['money']."
"; - echo "rep=".$us['doblest']."
"; - echo "laba=".$us['laba']."
"; - if($us['laba'] > 0) { - echo "-----------------------
"; - echo "laba_x=".$us['x']."
"; - echo "laba_y=".$us['y']."
"; - echo "-----------------------
"; - } - echo "room=".$us['room']."
"; - } - echo "dress="; - $dresses = mysql_query("SELECT `id`, `name`, `duration`, `maxdur` FROM `inventory` WHERE `owner` = '".$us['id']."' AND `dressed` = 1 AND `type` != 12"); - while($dr = mysql_fetch_array($dresses)) { - echo $dr['name']." ".(int)$dr['duration']."/".(int)$dr['maxdur'].","; - } - } - -} - -$Utils = new Utils(); \ No newline at end of file diff --git a/functions.php b/functions.php index 9c5fa1c..8098729 100644 --- a/functions.php +++ b/functions.php @@ -2316,7 +2316,7 @@ function showinf_pers($id, $pas = 0, $battle = 0, $me = 0, $main = false) //FIXM $r .= '
'; if ($user['deal'] > 0) { - $deal = '💵 '; + $deal = '💲 '; } $r .= "$deal" . ($user['align'] > 0 ? "" : "") . ($user['klan'] != '' ? '' : "") . "$user[login] ["; diff --git a/inf.php b/inf.php index 3610c00..7358d18 100644 --- a/inf.php +++ b/inf.php @@ -2,109 +2,38 @@ session_start(); include("config.php"); include("functions.php"); -include("classes/utils_class.php"); -//$uplogin = explode('&', $_SERVER['QUERY_STRING']); -//$uplogin = urldecode(trim($uplogin[0])); -// -//if (isset($_GET['login'])) { $user_id = '`login` = "' . mysql_real_escape_string($_GET['login']) . '"'; -//} elseif (isset($_GET['id'])) { $user_id = '`id` = "' . mysql_real_escape_string($_GET['id']) . '"'; -//} else { -// if (is_numeric($uplogin)) { -// $user_id = '`id` = "' . mysql_real_escape_string($uplogin) . '"'; -// } else { -// $user_id = '`login` = "' . mysql_real_escape_string($uplogin) . '"'; -// } -//} - -//$user_id = filter_input(INPUT_GET,'id'); $user_login = filter_input(INPUT_GET,'login'); -//$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE $user_id LIMIT 1")); -//$own = mysql_fetch_array(mysql_query("SELECT id, align, admin FROM `users` WHERE `id` = '" . mysql_real_escape_string((int)$_SESSION['uid']) . "' LIMIT 1")); -$user = db::c()->query('SELECT * FROM `users` WHERE `login` = "?s" LIMIT 1', $user_login)->fetch_assoc(); -$own = db::c()->query('SELECT `id`, `align`, `admin` FROM `users` WHERE `id` = "?s" LIMIT 1', $_SESSION['uid'])->fetch_assoc(); +$user = db::c()->query('SELECT `id`,`login`,`married`,`deal`,`win`,`medals`,borndate,`align`,`admin`,`realname`,`city`,`lozung`,`info`,`prof1`,`prof2`,`email`,`ip`,`exp`,`stats`,`money`,`room`,`doblest` + FROM `users` + WHERE `login` = "?s"', $user_login)->fetch_assoc(); +$own = db::c()->query('SELECT `align`,`admin` FROM `users` WHERE `id` = "?s"', $_SESSION['uid'])->fetch_assoc(); $_SERVER['QUERY_STRING'] = $user['id']; -if ($user['id'] == null) { +if (empty($user['id'])) { ?> - + Ошибка - - Ошибка: персонаж не найден... -

Назад

+ + Ошибка: персонаж" . $user_login . "" : ""); ?> не найден... +

←назад

Short($user['id'], $own['align'])); -//} -// -//?> +?> Информация о <?= $user['login'] ?> - - - - - - - - - - - - - - - - + + + - @@ -112,14 +41,8 @@ if ($user['id'] == null) { @@ -160,11 +75,9 @@ if ($user['id'] == null) {
'; - } - - if ($user['deal'] == 1) echo ''; - - if ($user['reputation'] >= 20000 && $user['repcost'] <= 22229) echo ''; + if (!empty($user['married'])) echo ''; + if ($user['deal'] == 1) echo '💲'; for ($i = 0; $i < count($medals); $i++) { switch ($medals[$i]) { case "009": @@ -140,19 +63,11 @@ if ($user['id'] == null) {
- - 0) { - if ($user['vip'] == 1) { $vip_type = "Серебряный vip аккаунт"; } - elseif ($user['vip'] == 2) { $vip_type = "Золотой vip аккаунт"; } - elseif ($user['vip'] == 3) { $vip_type = "Платиновый vip аккаунт"; } - echo ''; - } - - if ((int)$user['align'] == 1) { ?> - - Орден паладинов
- + + "; + if ((int)$user['admin'] == 1) echo ""; + ?>
-query('SELECT `time` FROM `effects` WHERE `owner` = ?i AND `type` = ?i ', $user['id'], 5)->fetch_assoc(); if ($effect['time'] AND ($own['admin'] != 1 OR ((int)$own['align']) != 1)) die('

Персонаж обезличен!

'); - if (!empty($user['realname'])) echo "Имя: " . $user['realname'] . "
"; if (!empty($user['city'])) echo "Город: " . $user['city'] . "
"; if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "
"; @@ -172,73 +85,74 @@ if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "
";

Подарки - '; - $i++; - } - if (isset($_GET['chest'])) { - $chest = $_GET['chest'] + 15; - } else { - $chest = 15; - } - $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24 ORDER BY `id` DESC LIMIT $chest"); - $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24"); - if (mysql_num_rows($data)) { - echo '
Сундуки :
'; - $i = 0; - } elseif ($chest > 15 && $i >= mysql_num_rows($cnt)) { - echo '
Сундуков больше нет ...
'; - } - if ($i < mysql_num_rows($cnt)) echo '
Показать еще Сундуки
'; - - ###Start Особые подарки### - if (isset($_GET['uniqs'])) { - $uniqs = $_GET['uniqs'] + 15; - } else { - $uniqs = 15; - } - $datas = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24 ORDER BY `id` DESC LIMIT $uniqs"); - $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24"); - if (mysql_num_rows($datas)) echo '

Уникальные подарки :
'; - $i = 0; - while ($row = mysql_fetch_array($datas)) { - $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1")); - echo ' '; - $i++; - } - if ($i < mysql_num_rows($cnt)) { - echo '
Показать еще Уникальные подарки
'; - } elseif ($uniqs > 15 && $i >= mysql_num_rows($cnt)) { - echo '
Уникальных подарков больше нет ...
'; - } - ###End Особые подарки### - - if (isset($_GET['gifts'])) { - $gifts = $_GET['gifts'] + 15; - } else { - $gifts = 15; - } - $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24 ORDER BY `id` DESC LIMIT $gifts"); - $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24"); - if (mysql_num_rows($data)) echo '

Сувениры :
'; - $i = 0; - while ($row = mysql_fetch_array($data)) { - $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1")); - echo ''; - $i++; - } - if ($i < mysql_num_rows($cnt)) { - echo '
Показать еще Сувениры
'; - } elseif ($gifts > 15 && $i >= mysql_num_rows($cnt)) { - echo '
Сувениров больше нет ...
'; - } - - ?> + 🎁 Граждане-товарищи, подарков пока не завезли. Работаем над функционалом. + '; +// $i++; +// } +// if (isset($_GET['chest'])) { +// $chest = $_GET['chest'] + 15; +// } else { +// $chest = 15; +// } +// $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24 ORDER BY `id` DESC LIMIT $chest"); +// $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24"); +// if (mysql_num_rows($data)) { +// echo '
Сундуки :
'; +// $i = 0; +// } elseif ($chest > 15 && $i >= mysql_num_rows($cnt)) { +// echo '
Сундуков больше нет ...
'; +// } +// if ($i < mysql_num_rows($cnt)) echo '
Показать еще Сундуки
'; +// +// ###Start Особые подарки### +// if (isset($_GET['uniqs'])) { +// $uniqs = $_GET['uniqs'] + 15; +// } else { +// $uniqs = 15; +// } +// $datas = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24 ORDER BY `id` DESC LIMIT $uniqs"); +// $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24"); +// if (mysql_num_rows($datas)) echo '

Уникальные подарки :
'; +// $i = 0; +// while ($row = mysql_fetch_array($datas)) { +// $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1")); +// echo ' '; +// $i++; +// } +// if ($i < mysql_num_rows($cnt)) { +// echo '
Показать еще Уникальные подарки
'; +// } elseif ($uniqs > 15 && $i >= mysql_num_rows($cnt)) { +// echo '
Уникальных подарков больше нет ...
'; +// } +// ###End Особые подарки### +// +// if (isset($_GET['gifts'])) { +// $gifts = $_GET['gifts'] + 15; +// } else { +// $gifts = 15; +// } +// $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24 ORDER BY `id` DESC LIMIT $gifts"); +// $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24"); +// if (mysql_num_rows($data)) echo '

Сувениры :
'; +// $i = 0; +// while ($row = mysql_fetch_array($data)) { +// $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1")); +// echo ''; +// $i++; +// } +// if ($i < mysql_num_rows($cnt)) { +// echo '
Показать еще Сувениры
'; +// } elseif ($gifts > 15 && $i >= mysql_num_rows($cnt)) { +// echo '
Сувениров больше нет ...
'; +// } +// +// ?>
Лицензии - Лицензия наемника" /> '; if ($user['prof2'] == 22) echo ' '; if ($user['prof1'] == 1) echo ' '; @@ -247,7 +161,7 @@ if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "
";
- 1.2)) if ($okld == 1) { echo "

Личное дело

"; - $ldd = mysql_query("SELECT * FROM `lichka` WHERE `pers` = '" . $user['id'] . "' ORDER BY `id` ASC"); - while ($ld = mysql_fetch_array($ldd)) { + $ld = db::c()->query('SELECT * FROM `lichka` WHERE `pers` = ?i ORDER BY `id` ASC', $user['id'])->fetch_assoc(); + while ($ld) { $dat = date("d.m.Y H:i", $ld['date']); - $text = $ld['text']; - echo "$dat $text
"; + echo "$dat {$ld['text']}
"; } } if ($okdop == 1) { echo "

Возможные мульты

"; - $lplist = mysql_query("SELECT idperslater FROM delo_multi WHERE idpersnow = {$user['id']} GROUP BY idperslater ASC;"); - while ($iplog = mysql_fetch_array($lplist)) { - echo nick3($iplog['idperslater']) . " "; - } + $iplog = db::c()->query('SELECT idperslater FROM delo_multi WHERE idpersnow = ?i GROUP BY idperslater ASC', $user['id'])->fetch_assoc(); + while ($iplog) echo nick3($iplog['idperslater']) . " "; echo "

Дополнительные сведения

"; if (!empty($user['id'])) echo "ID: " . $user['id'] . "
"; + if (!empty($user['email'])) echo "E-mail: " . $user['email'] . "
"; if (!empty($user['borndate'])) echo "День рождения: " . $user['borndate'] . "
"; if (!empty($user['ip'])) echo "IP при регистрации: " . $user['ip'] . "
"; - -# - $data = mysql_query("SELECT `id`, `ip`, `login`, `status`, `level`, `room`, `align`, (select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM users WHERE refer='$user[id]' ORDER BY level DESC"); - $i = 0; - while ($row = mysql_fetch_array($data)) { - $i++; - if ($i == 1) echo "

Список рефералов:

"; - if ($row['online'] > 0) { - echo ''; - nick2($row['id']); - if ($row['id'] == $user['deal']) echo ' - ' . $row['status'] . ''; - $rrm = $rooms[$row['room']]; - echo ' - ', $rrm, '
'; - } - - if ($row['online'] < 1) { - echo 'Нет в клубе'; - nick2($row['id']); - if ($row['id'] == $user['deal']) echo ' - ', $row['status'], ''; - echo ' - нет в игре'; - } - echo ' - IP:' . $row['ip'] . '
'; - } - echo ""; } if ($own['admin'] == 1) { - if (!empty($user['email'])) echo "E-mail: " . $user['email'] . "
"; if (!empty($user['exp'])) echo "Oпыт: " . $user['exp'] . "
"; if (!empty($user['stats'])) echo "Число неиспользованных UP-ов: " . $user['stats'] . "
"; if (!empty($user['money'])) echo "Кредитов: " . $user['money'] . "
"; @@ -315,7 +202,7 @@ if ($own['admin'] == 1) { if (!empty($user['reputation'])) echo "Всего Репутации: " . $user['reputation'] . "
"; if (!empty($user['doblest'])) echo "Репутации: " . $user['doblest'] . "
"; - if ($user_bank_s = mysql_query("SELECT * FROM `bank` WHERE `owner` = '{$user['id']}';")) { + if ($user_bank = db::c()->query('SELECT `id`,`cr`,`ekr` FROM `bank` WHERE `owner` = ?i', $user['id'])->fetch_assoc()) { echo "

Банк

"; echo " @@ -323,56 +210,50 @@ if ($own['admin'] == 1) { - "; - while ($user_bank = mysql_fetch_assoc($user_bank_s)) { + while ($user_bank) { echo " -
Кредитов. ЕвроКредитов.Репутации.
" . $user_bank['id'] . " " . $user_bank['cr'] . " " . $user_bank['ekr'] . "" . $user_bank['reputation'] . "

"; } } - $own = mysql_fetch_array(mysql_query("SELECT `id`,`align`,`login` FROM `users` WHERE `id` = '{$_SESSION['uid']}' LIMIT 1;")); + //TODO Вынести управляющие элементы во внешнюю админку, подальше от прецедентов. А то были случаи. + $del = filter_input(INPUT_POST,'del', FILTER_VALIDATE_INT); if ($_POST['del']) { - $invs = mysql_query("SELECT * FROM `inventory` WHERE `id`='" . $_POST['del'] . "'"); - $bbc = mysql_fetch_array($invs); - if ($bbc['dressed'] == 1) { - dropitem($bbc['type']); - if ($bbc['type'] == 5) { + $itemdel = db::c()->query('SELECT `type`,`dressed` FROM `inventory` WHERE `id`=?i', $del)->fetch_assoc(); + if ($itemdel['dressed'] == 1) { + dropitem($itemdel['type']); + if ($itemdel['type'] == 5) { dropitem(6); dropitem(7); } } - mysql_query("DELETE FROM `inventory` WHERE `id` = '{$_POST['del']}' LIMIT 1;"); + db::c()->query('DELETE FROM `inventory` WHERE `id` = ?i', $del); } - $invv = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '{$user['id']}' ORDER by `id` DESC;"); echo "

Вещи в инвентаре:

"; echo " - - + "; - - while ($inv = mysql_fetch_array($invv)) { - $ip = $iplog['ip']; + $inv = db::c()->query('SELECT `id`,`name`,`koll`,`img` FROM `inventory` WHERE `owner` = ?i ORDER BY `id` DESC', $user['id'])->fetch_assoc(); + while ($inv) { echo " -
ID НазваниеДолговечностьКолл.Количество Картинка ×
{$inv['id']} {$inv['name']}{$inv['duration']}/{$inv['maxdur']} {$inv['koll']} @@ -381,12 +262,18 @@ if ($own['admin'] == 1) { "; } - echo "
"; + echo "
"; if ($_POST['undress_char']) undressall($user['id']); } - - ?> -
www.old-dark.ru
+ + + + + \ No newline at end of file