diff --git a/main.php b/main.php
index 469188e..5288c8e 100644
--- a/main.php
+++ b/main.php
@@ -6,15 +6,15 @@ if(!isset($_SESSION['uid'])) { header("Location: index.php"); }
include("config.php");
include("functions.php");
$tmaz = time();
-mysql_query("UPDATE `online` SET `real_time` = '".time()."' WHERE `id` = {$user['id']} LIMIT 1");
-if($user['battle'] != 0) { header('location: fbattle.php'); die(); }
+db::c()->query('UPDATE `online` SET `real_time` = ?i WHERE `id` = ?i', time(), $u->i()['id']);
+if($u->i()['battle'] != 0) { header('location: fbattle.php'); die(); }
-if($user['klan']) {
- $shadow = mysql_fetch_array(mysql_query("SELECT `id`, `mshadow`, `wshadow` FROM `clans` WHERE `id` = '{$user['klan']}' LIMIT 1"));
-}
+//if($user['klan']) {
+// $shadow = mysql_fetch_array(mysql_query("SELECT `id`, `mshadow`, `wshadow` FROM `clans` WHERE `id` = '{$user['klan']}' LIMIT 1"));
+//}
if($_POST['bankpsw']) {
- echo "".auth_bank((int)$_POST['bank'], $_POST['bankpsw'], $user['id'])."";
+ echo "".auth_bank((int)$_POST['bank'], $_POST['bankpsw'], $u->i()['id'])."";
}
if($_GET['unset_bank'] == 1) {
@@ -22,12 +22,18 @@ if($_GET['unset_bank'] == 1) {
}
if($_GET['error'] == 'bank') {
- echo 'Работа со счётом завершена ..';
+ err('Работа со счётом завершена.');
}
function updstats() {
global $user;
- $u1 = mysql_fetch_array(mysql_query("SELECT `sila`, `lovk`, `inta`, `intel`, `noj`, `mec`, `topor`, `dubina`, `mfire`, `mwater`, `mair`, `mearth`, `mlight`, `mgray`, `mdark`, `hp`, `maxhp` FROM `users` WHERE `id` = '$user[id]' LIMIT 1"));
+ $u1 = mysql_fetch_array(mysql_query("
+ SELECT
+ `sila`, `lovk`, `inta`, `intel`,
+ `noj`, `mec`, `topor`, `dubina`,
+ `mfire`, `mwater`, `mair`, `mearth`,
+ `mlight`, `mgray`, `mdark`, `hp`, `maxhp`
+ FROM `users` WHERE `id` = '$user[id]' LIMIT 1"));
foreach($u1 as $k => $v) {
$user[$k] = $v;
}
@@ -51,7 +57,7 @@ if(@$_GET['stackall']) {
*/
}
-if(@$_GET["stack"]) {
+if($_GET["stack"]) {
$_GET["stack"] = (int)$_GET["stack"];
$rec = mysql_fetch_array(mysql_query("SELECT `id` FROM `inventory` WHERE `id` = '".mysql_real_escape_string($_GET['stack'])."' AND `owner` = '$user[id]' AND `setsale` = 0 LIMIT 1"));
if(isset($rec['id'])) {
@@ -60,7 +66,7 @@ if(@$_GET["stack"]) {
}
}
-if(@$_GET['unstack']) {
+if($_GET['unstack']) {
unstack((int)$_GET['unstack'], (int)$_POST["qty"]);
}