diff --git a/ashop.php b/ashop.php
index 681df10..b16dd4d 100644
--- a/ashop.php
+++ b/ashop.php
@@ -15,7 +15,7 @@ if ($user['battle'] != 0) {
die();
}
-$bank = mysql_fetch_array(mysql_query("SELECT * FROM `bank` WHERE `id`='" . $_SESSION['uid'] . "';"));
+$bank = db::c()->query('SELECT `ekr` FROM `bank` WHERE `id`=?i', $_SESSION['uid'])->fetch_assoc();
if (($_GET['set'] OR $_POST['set'])) {
if ($_GET['set']) {
@@ -35,7 +35,7 @@ if (($_GET['set'] OR $_POST['set'])) {
$count_ok = 0;
} else $count_ok = 1;
- $dress = mysql_fetch_array(mysql_query("SELECT * FROM `ashop` WHERE `id`='" . $set . "' LIMIT 1;"));
+ $dress = db::c()->query('SELECT * FROM `ashop` WHERE `id`=?i', $set)->fetch_assoc();
if ($count_ok == 0) {
echo "Неправильно введено количество";
//$good = 0;
@@ -44,37 +44,44 @@ if (($_GET['set'] OR $_POST['set'])) {
//$good = 0;
} elseif ($count_ok == 1 && ($bank['ekr'] >= ($dress['ecost'] * $_POST['count'])) && ($dress['count'] >= $_POST['count'])) {
for ($k = 1; $k <= $_POST['count']; $k++) {
- if (mysql_query("INSERT INTO `inventory`
- (`prototype`,`owner`,`name`,`type`,`massa`,`cost`,`img`,`maxdur`,`isrep`,
- `gsila`,`glovk`,`ginta`,`gintel`,`ghp`,`gnoj`,`gtopor`,`gdubina`,`gmech`,`gfire`,`gwater`,`gair`,`gearth`,`glight`,`ggray`,`gdark`,`needident`,`nsila`,`nlovk`,`ninta`,`nintel`,`nmudra`,`nvinos`,`nnoj`,`ntopor`,`ndubina`,`nmech`,`nfire`,`nwater`,`nair`,`nearth`,`nlight`,`ngray`,`ndark`,
- `mfkrit`,`mfakrit`,`mfuvorot`,`mfauvorot`,`bron1`,`bron2`,`bron3`,`bron4`,`maxu`,`minu`,`magic`,`nlevel`,`nalign`,`dategoden`,`goden`,`otdel`,`artefact`, `koll`)
- VALUES
- ('{$dress['id']}','{$_SESSION['uid']}','{$dress['name']}','{$dress['type']}',{$dress['massa']},{$dress['cost']},'{$dress['img']}',{$dress['maxdur']},{$dress['isrep']},'{$dress['gsila']}','{$dress['glovk']}','{$dress['ginta']}','{$dress['gintel']}','{$dress['ghp']}','{$dress['gnoj']}','{$dress['gtopor']}','{$dress['gdubina']}','{$dress['gmech']}','{$dress['gfire']}','{$dress['gwater']}','{$dress['gair']}','{$dress['gearth']}','{$dress['glight']}','{$dress['ggray']}','{$dress['gdark']}','{$dress['needident']}','{$dress['nsila']}','{$dress['nlovk']}','{$dress['ninta']}','{$dress['nintel']}','{$dress['nmudra']}','{$dress['nvinos']}','{$dress['nnoj']}','{$dress['ntopor']}','{$dress['ndubina']}','{$dress['nmech']}','{$dress['nfire']}','{$dress['nwater']}','{$dress['nair']}','{$dress['nearth']}','{$dress['nlight']}','{$dress['ngray']}','{$dress['ndark']}',
- '{$dress['mfkrit']}','{$dress['mfakrit']}','{$dress['mfuvorot']}','{$dress['mfauvorot']}','{$dress['bron1']}','{$dress['bron3']}','{$dress['bron2']}','{$dress['bron4']}','{$dress['maxu']}','{$dress['minu']}','{$dress['magic']}','{$dress['nlevel']}','{$dress['nalign']}','" . (($dress['goden']) ? ($dress['goden'] * 24 * 60 * 60 + time()) : "") . "','{$dress['goden']}','{$dress['razdel']}','{$dress['artefact']}', '{$dress['koll']}');")) {
- $good = 1;
- } else {
- $good = 0;
- }
- }
- if ($good) {
- mysql_query("UPDATE `ashop` SET `count`=`count`-" . $_POST['count'] . " WHERE `id`='" . $set . "' LIMIT 1;");
- $limit = $_POST['count'];
- $invdb = mysql_query("SELECT `id` FROM `inventory` WHERE `name` = '" . $dress['name'] . "' ORDER by `id` DESC LIMIT " . $limit . ";");
- if ($limit == 1) {
- $dressinv = mysql_fetch_array($invdb);
+ if (isset($dress['goden'])) $goden = $dress['goden'] * 24 * 60 * 60 + time(); // Ну вот нахуя?
+ db::c()->query('
+ INSERT INTO `inventory`
+ (
+ `prototype`,`owner`,`name`,`type`,`massa`,`cost`,`img`,`maxdur`,`isrep`,`gsila`,`glovk`,`ginta`,`gintel`,
+ `ghp`,`gnoj`,`gtopor`,`gdubina`,`gmech`,`gfire`,`gwater`,`gair`,`gearth`,`glight`,`ggray`,`gdark`,
+ `needident`,`nsila`,`nlovk`,`ninta`,`nintel`,`nmudra`,`nvinos`,`nnoj`,`ntopor`,`ndubina`,`nmech`,
+ `nfire`,`nwater`,`nair`,`nearth`,`nlight`,`ngray`,`ndark`,`mfkrit`,`mfakrit`,`mfuvorot`,`mfauvorot`,
+ `bron1`,`bron2`,`bron3`,`bron4`,`maxu`,`minu`,`magic`,`nlevel`,`nalign`,`dategoden`,`goden`,`otdel`,
+ `artefact`, `koll`
+ )
+ VALUES (?i,?i,"?s",?i,?i,"?s","?s",?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i,?i)
+ ', $dress['id'], $_SESSION['uid'], $dress['name'], $dress['type'], $dress['massa'], $dress['cost'], $dress['img'], $dress['maxdur'], $dress['isrep'],
+ $dress['gsila'], $dress['glovk'], $dress['ginta'], $dress['gintel'], $dress['ghp'], $dress['gnoj'], $dress['gtopor'], $dress['gdubina'], $dress['gmech'],
+ $dress['gfire'], $dress['gwater'], $dress['gair'], $dress['gearth'], $dress['glight'], $dress['ggray'], $dress['gdark'], $dress['needident'],
+ $dress['nsila'], $dress['nlovk'], $dress['ninta'], $dress['nintel'], $dress['nmudra'], $dress['nvinos'], $dress['nnoj'], $dress['ntopor'], $dress['ndubina'], $dress['nmech'],
+ $dress['nfire'], $dress['nwater'], $dress['nair'], $dress['nearth'], $dress['nlight'], $dress['ngray'], $dress['ndark'], $dress['mfkrit'], $dress['mfakrit'],
+ $dress['mfuvorot'], $dress['mfauvorot'], $dress['bron1'], $dress['bron3'], $dress['bron2'], $dress['bron4'], $dress['maxu'], $dress['minu'], $dress['magic'],
+ $dress['nlevel'], $dress['nalign'], $goden, $dress['goden'], $dress['razdel'], $dress['artefact'], $dress['koll']);
+
+ db::c()->query('UPDATE `ashop` SET `count` = `count`- ?i WHERE `id` = ?i', $_POST['count'], $set);
+ $invdb = db::c()->query('SELECT `id` FROM `inventory` WHERE `name` = "?s" ORDER by `id` DESC LIMIT ?i', $dress['name'], $_POST['count']);
+ if ($_POST['count'] == 1) {
+ $dressinv = $invdb->fetch_assoc();
$dressid = "cap" . $dressinv['id'];
$dresscount = " ";
} else {
$dressid = "";
- while ($dressinv = mysql_fetch_array($invdb)) {
+ while ($dressinv = $invdb->fetch_assoc()) {
$dressid .= "cap" . $dressinv['id'] . ",";
}
$dresscount = "(x" . $_POST['count'] . ") ";
}
$allcost = $_POST['count'] * $dress['ecost'];
- mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$_SESSION['uid']}','\"" . $user['login'] . "\" купил товар: \"" . $dress['name'] . "\" " . $dresscount . "id:(" . $dressid . ") [0/" . $dress['maxdur'] . "] за " . $allcost . " екр. ',1,'" . time() . "');");
+ $deloText = $user['login'] . " купил товар: " . $dress['name'] . $dresscount . "id:(" . $dressid . ") [0/" . $dress['maxdur'] . "] за " . $allcost . " екр.";
+ db::c()->query('INSERT INTO `delo` (`author` ,`pers`, `text`, `type`, `date`) VALUES (?i, ?i, "?s", ?i, "?s")', 0, $user['id'], $deloText, 1, time());
echo "Вы купили {$_POST['count']} шт. \"{$dress['name']}\".";
- mysql_query("UPDATE `bank` set `ekr`=`ekr`-'" . ($allcost) . "' WHERE `id`='" . $_SESSION['uid'] . "';");
+ db::c()->query('UPDATE `bank` set `ekr` = `ekr` - ?i WHERE `id` = ?i', $allcost, $_SESSION['uid']);
$bank['ekr'] -= $allcost;
}
} else {
@@ -209,7 +216,7 @@ if (($_GET['set'] OR $_POST['set'])) {
query('SELECT `id`,`login`,`room` FROM `users` WHERE `login` = ?i', $_POST['to_login'])->fetch_assoc();
if ($_POST['to_login'] == $user['login']) {
echo "Очень щедро дарить что-то самому себе ;)";
} elseif ($to['room'] > 500 && $to['room'] < 561) {
@@ -222,31 +229,18 @@ if (($_GET['set'] OR $_POST['set'])) {
} else {
$from = $user['login'];
}
- if ($to) if (mysql_query("UPDATE `inventory` SET `owner`='" . $to['id'] . "', `present`='" . $from . "', `letter`='" . $_POST['podarok2'] . "' WHERE `present`='' AND `id`='" . $_POST['flower'] . "' AND `owner`='" . $_SESSION['uid'] . "' AND `dressed`=0 AND `setsale`=0;")) {
- $res = mysql_fetch_array(mysql_query("SELECT * FROM `inventory` WHERE `id` = '" . $_POST['flower'] . "' LIMIT 1;"));
- $buket_name = $res['name'];
- mysql_query("INSERT INTO `delo`(`id`,`author`,`pers`,`text`,`type`,`date`) VALUES ('','0','" . $_SESSION['uid'] . "','Подарен предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $from . "\" к \"" . $to['login'] . "\"','1','" . time() . "');");
- mysql_query("INSERT INTO `delo`(`id`,`author`,`pers`,`text`,`type`,`date`) VALUES ('','0','{$to['id']}','Подарен предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $from . "\" к \"" . $to['login'] . "\"','1','" . time() . "');");
- if (($_POST['from'] == 1) || ($_POST['from'] == 2)) {
- $action = "подарил";
- mysql_query("INSERT INTO `delo`(`id`,`author`,`pers`,`text`,`type`,`date`) VALUES ('','0','" . $to['id'] . "','Подарен предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $user['login'] . "\" к \"" . $to['login'] . "\"','5','" . time() . "');");
- } else {
- if ($user['sex'] == 0) {
- $action = "подарила";
- } else {
- $action = "подарил";
- }
- }
- $us = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date`>=" . (time() - 60) . " AND `id` = '" . $to['id'] . "' LIMIT 1;"));
- if ($us[0]) {
- addchp('Внимание! ' . $from . ' ' . $action . ' вам ' . $buket_name . '. ', '{[]}' . $_POST['to_login'] . '{[]}');
- } else {
- // если в офе
- mysql_query("INSERT INTO `telegraph` (`owner`,`date`,`text`) values ('" . $to['id'] . "','','" . 'Внимание! ' . $from . ' ' . $action . ' вам ' . $buket_name . '. ' . "');");
- }
- echo "Подарок удачно доставлен к \"", $_POST['to_login'], "\"";
- }
- echo mysql_error();
+
+ db::c()->query('UPDATE `inventory` SET `owner` = ?i, `present` = "?s", `letter` = "?s" WHERE `present` = "?s" AND `id` = ?i AND `owner` = ?i AND `dressed` = 0 AND `setsale` = 0', $to['id'], $from, $_POST['podarok2'], null, $_POST['flower'], $_SESSION['uid']);
+ $res = db::c()->query('SELECT `id`,`name`,`duration`,`maxdur` FROM `inventory` WHERE `id` = ?i', $_POST['flower'])->fetch_assoc();
+ $deloTextSender = "Подарен предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $user['login'] . "\" к \"" . $to['login'] . "\"";
+ $deloTextReceiver = "Подарен предмет \"" . $res['name'] . "\" id:(cap" . $res['id'] . ") [" . $res['duration'] . "/" . $res['maxdur'] . "] от \"" . $user['login'] . "\" к \"" . $to['login'] . "\"";
+ db::c()->query('INSERT INTO `delo`(`author`,`pers`,`text`,`type`,`date`) VALUES (0,?i,"?s",1,?i)', $_SESSION['uid'], $deloTextSender, time());
+ db::c()->query('INSERT INTO `delo`(`author`,`pers`,`text`,`type`,`date`) VALUES (0,?i,"?s",1,?i)', $to['id'], $deloTextReceiver, time());
+
+ $telegraphText = "Вам пришёл подарок \"" . $res['name'] . "\" от " . $from . "!";
+ db::c()->query('INSERT INTO `telegraph` (owner, text) VALUES (?i,"?s")', $to['id'], $telegraphText)->fetch_assoc();
+
+ err('Подарок удачно доставлен к ' . $_POST['to_login']);
}
}
?>
@@ -279,8 +273,15 @@ if (($_GET['set'] OR $_POST['set'])) {
bgcolor="#A5A5A5">
query('SELECT `id`,`img` FROM `inventory` WHERE `owner`= ?i
+ AND `dressed` = 0
+ AND (
+ `name` LIKE "?S" OR `name` LIKE "?S" OR `name` LIKE "?S" OR `name` LIKE "?S" OR `name` LIKE "?S" OR
+ `name` LIKE "?S" OR `name` LIKE "?S" OR `name` LIKE "?S"
+ )
+ AND `setsale` = 0 AND `present` = "?s"
+ ORDER by `id` DESC', $_SESSION['uid'], '%Букет%','%Сувенир%','%Подарок%','%Валентинка%','%Открытка%','Ель%','%Медаль%','%Статуэтка%',null);
+ while ($row = $data->fetch_assoc()) {
if (!in_array($row['id'], array_keys($_SESSION['flowers']))) {
$row['count'] = 1;
if ($i == 0) {
@@ -306,8 +307,8 @@ if (($_GET['set'] OR $_POST['set'])) {
0 AND `razdel`='" . $_GET['otdel'] . "' AND `ecost`>0 ORDER by `ecost` ASC;");
- while ($row = mysql_fetch_array($data)) {
+ $data = db::c()->query('SELECT `id`,`img`,`name` FROM `ashop` WHERE `count` > 0 AND `razdel` = ?i AND `ecost` > 0 ORDER by `ecost` ASC', $_GET['otdel']);
+ while ($row = $data->fetch_assoc()) {
if ($i == 0) {
$i = 1;
$color = '#C7C7C7';