From 34abf07b4b16bfc245adf448aae3e8d996a2c13b Mon Sep 17 00:00:00 2001
From: lopar <lopar.4ever@gmail.com>
Date: Thu, 13 Dec 2018 00:43:58 +0200
Subject: [PATCH] =?UTF-8?q?=D0=92=D1=8B=D0=B2=D0=BE=D0=B4=20=D1=83=D0=BF?=
 =?UTF-8?q?=D1=80=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=B8=D1=8F=20=D0=B8=D0=BD?=
 =?UTF-8?q?=D0=B2=D0=B5=D0=BD=D1=82=D0=B0=D1=80=D1=91=D0=BC=20=D0=B2=20?=
 =?UTF-8?q?=D0=BE=D1=82=D0=B4=D0=B5=D0=BB=D1=8C=D0=BD=D1=83=D1=8E=20=D0=B0?=
 =?UTF-8?q?=D0=B4=D0=BC=D0=B8=D0=BD=D0=BA=D1=83.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 admin/admin.php     | 13 +------
 admin/edit_user.php | 95 +++++++++++++++++++++++++++++++++++++++++++++
 inf.php             | 43 +-------------------
 3 files changed, 98 insertions(+), 53 deletions(-)
 create mode 100644 admin/edit_user.php
diff --git a/admin/admin.php b/admin/admin.php
index 71b24e0..cc284fd 100644
--- a/admin/admin.php
+++ b/admin/admin.php
@@ -7,20 +7,15 @@
  */
 
 session_start();
-include "../config.php";
-include "../functions.php";
-
-
+require_once '../functions.php';
 
 if (empty($user['admin'])) {
-    echo "<!DOCTYPE HTML><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /admin.php was not found on this server.</p><hr><address>Apache/2.2.22 (@RELEASE@) Server at Hetzner Datacenter 426</address></body></html>";
+    echo "<!DOCTYPE HTML><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL {$_SERVER['SCRIPT_NAME']} was not found on this server.</p><hr><address>Apache/2.2.22 (@RELEASE@) Server at Hetzner Datacenter 426</address></body></html>";
     exit;
 }
-define('ADMINS', microtime());
 ?>
 
 <!DOCTYPE html>
-<!--suppress ALL -->
 <html>
 <head>
     <meta charset="utf-8">
@@ -396,10 +391,6 @@ if ($_POST['sbr_par']) {
                         <option value="7">Артефакты: Букеты</option>
                     </select></td>
             </tr>
-
-            <tr>
-                <td><input name=duration placeholder="Мин. износ">Но нахуя износ новой вещи?!</td>
-            </tr>
             <tr>
                 <td><input name=maxdur placeholder="Макс. износ"></td>
             </tr>
diff --git a/admin/edit_user.php b/admin/edit_user.php
new file mode 100644
index 0000000..39a93a0
--- /dev/null
+++ b/admin/edit_user.php
@@ -0,0 +1,95 @@
+<?php
+/**
+ * Copyright (c) 2018.
+ * Author: Igor Barkov <lopar.4ever@gmail.com>
+ * Project name: Battles-Game
+ */
+
+session_start();
+require_once "../functions.php";
+
+if (empty($user['admin'])) {
+    echo "<!DOCTYPE HTML><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL {$_SERVER['SCRIPT_NAME']} was not found on this server.</p><hr><address>Apache/2.2.22 (@RELEASE@) Server at Hetzner Datacenter 426</address></body></html>";
+    exit;
+}
+
+if (isset($_POST['player'])) {
+    $p = db::c()->query('SELECT `id`, `login` FROM `users` WHERE `id` = "?s" OR `login` = "?s"', $_POST['player'], $_POST['player'])->fetch_assoc();
+    $_SESSION['player_id'] = $p['id'];
+    $_SESSION['player_name'] = $p['login'];
+}
+
+if (isset($_POST['undress_char'])) undressall($_SESSION['player_id']);
+
+if (isset($_POST['end'])) {
+    unset($_SESSION['player_id']);
+    unset($_SESSION['player_name']);
+}
+
+if (isset($_SESSION['player_id']))
+    $inv = db::c()->query('SELECT `id`,`name`,`koll`,`img` FROM `inventory` WHERE `owner` = ?i ORDER BY `id` DESC', $_SESSION['player_id']);
+
+if (input::post('del')) {
+    $itemdel = db::c()->query('SELECT `type`,`dressed` FROM `inventory` WHERE `id`=?i', input::post('del'))->fetch_assoc();
+    if ($itemdel['dressed'] == 1) {
+        dropitem($itemdel['type']);
+        if ($itemdel['type'] == 5) {
+            dropitem(6);
+            dropitem(7);
+        }
+    }
+    db::c()->query('DELETE FROM `inventory` WHERE `id` = ?i', input::post('del'));
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>ᐰdmin</title>
+</head>
+<link type="text/css" rel="stylesheet" href="../css/main.css">
+<body>
+<h1>Администрирование инвентаря <?= $_SESSION['player_name'] ?></h1>
+<table class='adm'>
+    <tr>
+        <th>ID</th>
+        <th>Название</th>
+        <th>Количество</th>
+        <th>Картинка</th>
+        <th></th>
+    </tr>
+    <?php if (empty($_SESSION['player_id'])): ?>
+        <tr>
+            <th colspan="5">
+                <form method="post">
+                    <input placeholder="Логин или ID" name="player">
+                    <input type="submit">
+                </form>
+            </th>
+        </tr>
+    <?php else: while ($row = $inv->fetch_assoc()): ?>
+        <tr>
+            <td><?= $row['id'] ?></td>
+            <td><?= $row['name'] ?></td>
+            <td><?= $row['koll'] ?></td>
+            <td><img src='i/sh/<?= $row['img'] ?>'></td>
+            <td>
+                <form method='post'>
+                    <input name='del' type='hidden' value='<?= $row['id'] ?>'>
+                    <input name='ok' type='submit' value='Удалить'>
+                </form>
+            </td>
+        </tr>
+    <?php endwhile; ?>
+        <th colspan='6'>
+            <form method='post'>
+                <input name='undress_char' type='submit' value='Стриптиз'>
+            </form>
+            <form method="post">
+                <input name='end' type='submit' value='Выйти'>
+            </form>
+        </th>
+    <?php endif; ?>
+</table>
+</body>
+</html>
\ No newline at end of file
diff --git a/inf.php b/inf.php
index 90a0131..5466c6a 100644
--- a/inf.php
+++ b/inf.php
@@ -1,7 +1,6 @@
 <?php
 session_start();
-include("config.php");
-include("functions.php");
+require_once 'functions.php';
 
 $login = urldecode(filter_input(INPUT_SERVER, 'QUERY_STRING'));
 $uid = isset($_SESSION['uid']) ? $_SESSION['uid'] : NULL;
@@ -114,7 +113,6 @@ if ($okdop == 1) {
 }
 
 if ($own['admin'] == 1) {
-
     if (!empty($user['exp'])) echo "Oпыт: " . $user['exp'] . "<br>";
     if (!empty($user['stats'])) echo "Число неиспользованных UP-ов: " . $user['stats'] . "<br>";
     if (!empty($user['money'])) echo "Кредитов: " . $user['money'] . "<br>";
@@ -127,45 +125,6 @@ if ($own['admin'] == 1) {
         while ($row_user_bank = $user_bank->fetch_assoc())
             echo "№ " . $row_user_bank['id'] . ": " . $row_user_bank['cr'] . " кр, " . $row_user_bank['ekr'] . " екр.";
     }
-
-    //TODO Вынести управляющие элементы во внешнюю админку, подальше от прецедентов. А то были случаи.
-    if (input::post('del')) {
-        $itemdel = db::c()->query('SELECT `type`,`dressed` FROM `inventory` WHERE `id`=?i', input::post('del'))->fetch_assoc();
-        if ($itemdel['dressed'] == 1) {
-            dropitem($itemdel['type']);
-            if ($itemdel['type'] == 5) {
-                dropitem(6);
-                dropitem(7);
-            }
-        }
-        db::c()->query('DELETE FROM `inventory` WHERE `id` = ?i', $del);
-    }
-
-    echo "<br><H4><u>Вещи в инвентаре:</u></H4>";
-    echo "<table class='adm'>
-            <tr>
-                <th>ID</th>
-                <th>Название</th>
-                <th>Количество</th>
-                <th>Картинка</th>
-                <th></th>
-          	</tr>
-          ";
-    $inv = db::c()->query('SELECT `id`,`name`,`koll`,`img` FROM `inventory` WHERE `owner` = ?i ORDER BY `id` DESC', $user['id']);
-    while ($row_inv = $inv->fetch_assoc()) {
-        echo "
-                <tr>
-                    <td>{$row_inv['id']}</td>
-                    <td>{$row_inv['name']}</td>
-              		<td>{$row_inv['koll']}</td>
-              		<td><img src='i/sh/{$row_inv['img']}'></td>
-              		<td><form method='post'><input name='del' type='hidden' value='{$row_inv['id']}'>
-      		        <input name='ok' type='submit' value='Удалить'></form></td>
-                </tr>
-            ";
-    }
-    echo "<th colspan='6'><form method='post'><input name='undress_char' type='submit' value='Стриптиз'></form></th></table>";
-    if (isset($_POST['undress_char'])) undressall($user['id']);
 }
 ?>
 
