lopar/battles
lopar
/
battles
0
0
Fork 0
Code Issues 21 Pull Requests Releases Wiki Activity

Изменено поле в БД, вынесены лишние функции их functions в профильные файлы. Оказывается, давно не работал логин и плохо работали сессии. Проверяется. Прочие мелкие баги и чистка самых хвостов.

This commit is contained in:
Igor Barkov (iwork) 2021-08-27 18:55:18 +03:00
parent 9c7fcda600
commit 7434f28fa6
36 changed files with 293 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
buy.php
View File

@ -1,55 +1,48 @@
<?php
//Покупка абилок? Тут?!
if (empty($_SESSION['uid'])) {
header('Location: Index.php');
exit;
}
include('config.php');
$is_now = db::c()->query('SELECT `id`, `uid` FROM `abils_user` WHERE `uid` = ?i', $user['id'])->fetch_assoc();
function add_user_abil($ab, $cost)
use Battles\Bank;
use Battles\Database\DBPDO;
use Battles\User;
require_once "functions.php";
if (User::$current->getBattle()) {
exit();
}
const PRICES = [
'sleep15' => 20,
'sleep30' => 20,
'closebattle' => 100,
'heal20' => 10,
'heal35' => 25,
'heal50' => 50,
'travmoff' => 10,
'attack' => 10,
'bloodattack' => 25,
'death' => 100,
'comment' => 5,
'openbattle' => 100,
'reamdeath' => 50,
'clone' => 25,
'unclone' => 25,
];
$check_bonuses = DBPDO::$db->ofetch('select 1 from users_bonuses where user_id = ?', User::$current->getId());
if (!$check_bonuses) {
exit('Запрещено: Вам нельзя покупать бонусы.');
}
function buy_bonus($name): bool
{
global $user, $banks;
if (isset($ab) && $banks['ekr'] >= $cost) {
$isset = mysql_fetch_array(mysql_query('SELECT `id`, `' . $ab . '` FROM `abils_user` WHERE `uid` = "' . $user['id'] . '" LIMIT 1'));
$isset[$ab] += 1;
mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '"');
$banks['ekr'] -= $cost;
mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '"');
return true;
global $prices;
$bank = new Bank(User::$current->getId());
if ($bank->getMoney() <= PRICES[$name]) {
return false;
}
return false;
$query = sprintf('update users_bonuses set %s = %s + 1 where user_id = ?', $name, $name);
DBPDO::$db->execute($query, User::$current->getId());
$bank->setMoney($bank->getMoney() - $prices[$name]);
return true;
}
$cost = [1, 2, 10, 0.50, 0.80, 1, 1, 0.10, 0.20, 4, 0.02, 20, 10, 1, 1];
$mag = ['sleep15', 'sleep30', 'closebattle', 'heal20', 'heal35', 'heal50', 'travmoff', 'attack', 'bloodattack', 'death', 'comment', 'openbattle', 'reamdeath', 'clone', 'unclone'];
if (isset($_POST['type'], $_POST['user'])) {
if (isset($user['id'])) {
$price = $cost[$_POST['type'] - 1];
$abil = $mag[$_POST['type'] - 1];
if (isset($banks['id'])) {
if ($banks['ekr'] >= $price) {
if (isset($is_now['id'])) {
if ($user['battle'] == 0) {
if (add_user_abil($abil, $price)) {
echo 'success';
} else {
echo 'Error';
}
} else {
echo 'Не в бою ...';
}
} else {
echo 1;
}
} else {
echo 'Не хватает средств';
}
} else {
echo '<small>Выберите счёт в банке</small>';
}
} else {
echo "Вы не авторизированы";
}
}
echo !empty($_POST['type']) && buy_bonus($_POST['type']) ? 'success' : 'error';

93
buy_klan.php
View File

@ -1,57 +1,52 @@
<?php
use Battles\Bank;
use Battles\Database\DBPDO;
use Battles\User;
require_once "functions.php";
if (empty($user->getClan())) {
exit;
if (!User::$current->getClan() || User::$current->getBattle()) {
exit();
}
$is_now = db::c()->query('SELECT `id` FROM `abils_klan` WHERE `klan` = ?i', $user['klan'])->fetch_assoc();
$clan = db::c()->query('SELECT `glava` FROM `clans` WHERE `id` = ?i', $user['klan'])->fetch_assoc();
$cost = [1, 2, 10, 0.50, 0.80, 1, 1, 0.10, 0.20, 4, 0.02, 20, 10, 1, 1];
$mag = ['sleep15', 'sleep30', 'closebattle', 'heal20', 'heal35', 'heal50', 'travmoff', 'attack', 'bloodattack', 'death', 'comment', 'openbattle', 'reamdeath', 'clone', 'unclone'];
const PRICES = [
'sleep15' => 20,
'sleep30' => 20,
'closebattle' => 100,
'heal20' => 10,
'heal35' => 25,
'heal50' => 50,
'travmoff' => 10,
'attack' => 10,
'bloodattack' => 25,
'death' => 100,
'comment' => 5,
'openbattle' => 100,
'reamdeath' => 50,
'clone' => 25,
'unclone' => 25,
];
function add_klan_abil($ab, $cost)
$check_owner = DBPDO::$db->ofetch('select short_name from clans where owner_id = ?', User::$current->getId());
$check_bonuses = DBPDO::$db->ofetch('select 1 from clan_bonuses where short_name = ?', User::$current->getClan());
if (User::$current->getClan() !== $check_owner->short_name) {
exit('Запрещено: Вы не глава клана.');
}
if (!$check_bonuses) {
exit('Запрещено: Вашему клану нельзя покупать бонусы.');
}
function buy_bonus($name): bool
{
global $user, $banks;
$clan = mysql_fetch_array(mysql_query('SELECT `id`, `glava` FROM `clans` WHERE `id` = "' . $user['klan'] . '"'));
if (isset($ab) && $banks['ekr'] >= $cost && $clan['glava'] == $user['id']) {
$isset = mysql_fetch_array(mysql_query('SELECT `id`, `' . $ab . '` FROM `abils_klan` WHERE `klan` = "' . $user['klan'] . '"'));
$isset[$ab] += 1;
mysql_query('UPDATE `abils_klan` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `klan` = "' . $user['klan'] . '"');
$banks['ekr'] -= $cost;
mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '"');
return true;
global $prices;
$bank = new Bank(User::$current->getId());
if ($bank->getMoney() <= PRICES[$name]) {
return false;
}
return false;
$query = sprintf('update clan_bonuses set %s = %s + 1 where short_name = ?', $name, $name);
DBPDO::$db->execute($query, User::$current->getClan());
$bank->setMoney($bank->getMoney() - $prices[$name]);
return true;
}
if (isset($_POST['type'], $_POST['user'])) {
if (isset($user['id'])) {
$price = $cost[$_POST['type'] - 21];
$abil = $mag[$_POST['type'] - 21];
if (isset($banks['id'])) {
if ($banks['ekr'] >= $price && $user['id'] == $clan['glava']) {
if (isset($is_now['id'])) {
if ($user['battle'] == 0) {
if (add_klan_abil($abil, $price)) {
echo 'success';
} else {
echo 'Error';
}
} else {
echo 'Не в бою ...';
}
} else {
echo 'NULL';
}
} elseif ($user['id'] != $clan['glava']) {
echo 'Вы не глава клана';
} else {
echo 'Не хватает средств';
}
} else {
echo '<small>Выберите счёт в банке</small>';
}
} else {
echo "Вы не авторизированы ...";
}
}
echo !empty($_POST['type']) && buy_bonus($_POST['type']) ? 'success' : 'error';

31
cave.php
View File

@ -2,7 +2,9 @@
use Battles\DressedItems;
use Battles\GameLogs;
use Battles\ShopItem;
use Battles\Template;
use Battles\User;
require_once 'functions.php';
//require_once 'cave/cave_bots.php';
@ -301,23 +303,6 @@ function makedeath()
$loses++;
}
function pickupitem($item, $foronetrip, $notmore1, $incave = 0, $podzem = 1, $destiny = 0)
{
global $user;
if ($notmore1) {
$i = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `inventory` WHERE `prototype` = '$item' AND `owner` = '$user[id]' LIMIT 1"));
if (isset($i['id'])) {
return "Вы уже получили здесь всё необходимое.";
}
}
$flds = ['podzem' => 1, 'podzem' => $podzem];
if ($incave) {
$flds['incave'] = 1;
}
$taken = takeshopitem($item, 'shop', '', $foronetrip, $destiny, $flds);
return "Вы получили <b>$taken[name]</b>";
}
function itemtofloor($item, $foronetrip, $incave = 0, $podzem = 1, $from = 'shop', $small = 0)
{
global $user, $x, $y, $floor;
@ -326,14 +311,6 @@ function itemtofloor($item, $foronetrip, $incave = 0, $podzem = 1, $from = 'shop
return "Вы нашли <b>$rec[name]</b>.";
}
function makeinjury()
{
global $user, $floor, $noautoexit, $loses, $x, $y, $dir;
settravma($user['id'], 20, rand(1, 600), 1, 1);
makedeath();
$noautoexit = 1;
}
function cavewall($w)
{
if ($w < 100) {
@ -769,7 +746,7 @@ if (!$_SESSION['movetime']) {
$_SESSION['movetime'] = time();
}
if (@$_GET['takeitem']) {
if ($_GET['takeitem']) {
$_GET['takeitem'] = (int)$_GET['takeitem'];
$it = mysql_fetch_array(mysql_query("SELECT `item`, `foronetrip`, `incave`, `podzem` FROM `caveitems` WHERE `leader` = '$user[caveleader]' AND `x` = '" . ($x * 2) . "' AND `y` = '" . ($y * 2) . "' AND `floor` = '$floor' AND `id` = '$_GET[takeitem]' LIMIT 1"));
@ -782,7 +759,7 @@ if (@$_GET['takeitem']) {
$report = "Ваш рюкзак перегружен.";
} else {
$destiny = 0;
$taken = takeshopitem($it['item'], "$shop", "", $it['foronetrip'], $destiny, ["podzem" => $it["podzem"], "incave" => $it['incave']], 0, 1, "Нашёл в пещере");
$taken = ShopItem::giveNewItem($it['item'], User::$current->getId());
if (@$taken['error']) {
$report = $taken['error'];
} else {

14
ch.php
View File

@ -20,7 +20,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`level`,
`login`,
`u`.`battle` AS `in_battle`,
`o`.`date`,
`o`.login_time,
`u`.`invis`,
(SELECT `id` FROM `effects` WHERE `type` = 2 AND `owner` = `u`.`id` LIMIT 1) AS `slp`,
(SELECT `id` FROM `effects` WHERE (`type` = 11 OR `type` = 12 OR `type` = 13 OR `type` = 14) AND `owner` = `u`.`id` LIMIT 1) AS `trv`
@ -29,7 +29,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`users` AS `u`
WHERE
`o`.`id` = `u`.`id` AND
(`o`.`date` >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
(`o`.login_time >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
`o`.`room` = "' . $u->i()['room'] . '" AND
`u`.`caveleader` = "' . $u->i()['caveleader'] . '"
ORDER BY
@ -60,7 +60,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`level`,
`login`,
`u`.`battle` AS `in_battle`,
`o`.`date`,
`o`.login_time,
`u`.`invis`,
(SELECT `id` FROM `effects` WHERE `type` = 2 AND `owner` = `u`.`id` LIMIT 1) AS `slp`,
(SELECT `id` FROM `effects` WHERE (`type` = 11 OR `type` = 12 OR `type` = 13 OR `type` = 14) AND `owner` = `u`.`id` LIMIT 1) AS `trv`
@ -69,7 +69,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`users` AS `u`
WHERE
`o`.`id` = `u`.`id` AND
(`o`.`date` >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
(`o`.login_time >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
`u`.`id` IN (' . $uss . ')
ORDER BY
`u`.`login`
@ -90,7 +90,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`level`,
`login`,
`u`.`battle` AS `in_battle`,
`o`.`date`,
`o`.login_time,
`u`.`invis`,
(SELECT `id` FROM `effects` WHERE `type` = 2 AND `owner` = `u`.`id` LIMIT 1) AS `slp`,
(SELECT `id` FROM `effects` WHERE (`type` = 11 OR `type` = 12 OR `type` = 13 OR `type` = 14) AND `owner` = `u`.`id` LIMIT 1) AS `trv`
@ -99,7 +99,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
`users` AS `u`
WHERE
`o`.`id` = `u`.`id` AND
(`o`.`date` >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
(`o`.login_time >= ' . (time() - 90) . ' OR `u`.`in_tower` = 1) AND
`o`.`room` = "' . $user->getRoom() . '"
ORDER BY
`u`.`login`
@ -389,7 +389,7 @@ if (isset($_GET['online']) && $_GET['online'] != null) {
db::c()->query("UPDATE `users` SET `chattime` = '" . ($lastpost + 1) . "' WHERE `id` = {$user['id']} LIMIT 1");
}
echo "</script><script>top.srld();</script>";
db::c()->query("UPDATE `online` SET `date` = " . time() . " WHERE `id` = {$user['id']} LIMIT 1");
db::c()->query("UPDATE `online` SET login_time = " . time() . " WHERE `id` = {$user['id']} LIMIT 1");
exit;
} else {
if (strpos($_GET['text'], "private") !== FALSE && $user['level'] < 1) {

4
clan_castle.php
View File

@ -133,7 +133,7 @@ Template::header('Замок Мэра');
if ($att['value'] > 0) {
$att_r = mysql_query("SELECT `id` FROM `users` WHERE `klan`='{$att['value']}' AND `room`='45';");
while ($a = mysql_fetch_array($att_r)) {
$at_on = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = '{$a['id']}' LIMIT 1;"));
$at_on = mysql_fetch_array(mysql_query("select `id` from `online` WHERE login_time >= " . (time() - 60) . " AND `id` = '{$a['id']}' LIMIT 1;"));
if ($at_on[0]) {
$at_t[] = $a['id'];
}
@ -143,7 +143,7 @@ Template::header('Замок Мэра');
if ($own['value'] > 0) {
$def_r = mysql_query("SELECT `id` FROM `users` WHERE `klan`='{$own['value']}' AND `room`='45';");
while ($o = mysql_fetch_array($def_r)) {
$df_on = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = '{$o['id']}' LIMIT 1;"));
$df_on = mysql_fetch_array(mysql_query("select `id` from `online` WHERE login_time >= " . (time() - 60) . " AND `id` = '{$o['id']}' LIMIT 1;"));
if ($df_on[0]) {
$ow_t[] = $o['id'];
}

11
classes/Battles/InventoryItem.php
View File

@ -139,4 +139,15 @@ IMG;
{
return DBPDO::INIT()->execute('delete from inventory where dressed_slot = 0 and owner_id = ? and item_id = ?', [$_SESSION['uid'], $itemId]);
}
/** Надеюсь, временная заглушка, которая объединяет get_meshok() и другую выдачу одной строкой.
* @return string
*/
public static function getWeightData(): string
{
$query = 'select sum(weight) as `all`, strength * 4 as max from inventory left join users u on owner_id = id where owner_id = ?';
$weight = DBPDO::$db->ofetch($query, User::$current->getId());
$css = $weight->all > $weight->max ? ' style="color:maroon;"' : '';
return "<span$css>$weight->all / $weight->max</span>";
}
}

21
classes/Battles/ShopItem.php
View File

@ -198,4 +198,25 @@ FORM;
{
return $this->item_type;
}
/** Выдача магазинных предметов по запросу.
* Ввелась чтобы перебить takeshopitem() в functions с идентичным функционалом.
* @param int $item_id ИД предмета.
* @param int $to ИД пперсонажа-получателя.
*/
public static function giveNewItem(int $item_id, int $to): array
{
$check = DBPDO::$db->ofetch('select 1 from items where id = ?', $item_id);
if (!$check) {
return [];
}
DBPDO::$db->execute(self::BUY_QUERY, [$to, $item_id]);
$return = DBPDO::$db->ofetch('select image, name from inventory where item_id = ?', DBPDO::$db->lastInsertId());
return [
'img' => $return->image,
'name' => $return->name,
'id' => $item_id,
];
}
}

2
classes/Database/battles.sql
View File

@ -157,7 +157,7 @@ CREATE TABLE `online` (
-- Дамп данных таблицы `online`
--
INSERT INTO `online` (`user_id`, `date`, `real_time`, `room`) VALUES
INSERT INTO `online` (`user_id`, login_time, `real_time`, `room`) VALUES
(2, 1601412403, 1601651536, 1);
-- --------------------------------------------------------

10
comission.php
View File

@ -1,6 +1,8 @@
<?php
use Battles\Database\DBPDO;
use Battles\GameLogs;
use Battles\InventoryItem;
use Battles\ShopItem;
use Battles\Template;
@ -13,7 +15,7 @@ $byingItemId = (int)filter_input(INPUT_GET, 'set', FILTER_VALIDATE_INT, ['option
if ($putItemId) {
$query = 'select name from inventory where dressed_slot = 0 and owner_id = ? and item_id = ?';
\Battles\Database\DBPDO::INIT()->ofetch($query, [$_SESSION['uid'], $putItemId]);
DBPDO::INIT()->ofetch($query, [$_SESSION['uid'], $putItemId]);
$dress = db::c()->query('SELECT `name`,`duration`,`maxdur`,`cost` FROM `inventory` WHERE `dressed` = 0 AND `id` = ?i AND `owner` = ?i', $putItemId, $_SESSION['uid'])->fetch_assoc();
if (empty($putItemCost)) {
$putItemCost = $dress['cost'];
@ -89,10 +91,10 @@ if ($get === 'sale') {
}
if (isset($search)) {
$data = \Battles\Database\DBPDO::INIT()->ofetchAll($query, $search);
$data = DBPDO::INIT()->ofetchAll($query, $search);
unset($search);
} else {
$data = \Battles\Database\DBPDO::INIT()->ofetchAll($query);
$data = DBPDO::INIT()->ofetchAll($query);
}
$iteminfo = [];
@ -141,7 +143,7 @@ Template::header('Рынок');
</table>
<TD valign=top width=280>
<div style="margin-left:15px; margin-top: 10px;">
<b>Масса всех ваших вещей: <?= getItemsMassaInfo() ?>
<b>Масса всех ваших вещей: <?= InventoryItem::getWeightData() ?>
<br>У вас в наличии: <span style="color: darkgreen;"><?= $user['money'] ?></span> кр.</b>
<hr>
<br>

14
config.php
View File

@ -7,6 +7,7 @@
*/
use Battles\Database\DBPDO;
use Battles\User;
ini_set('display_errors', 'On');
error_reporting(E_ALL);
@ -22,16 +23,6 @@ if (session_status() !== PHP_SESSION_ACTIVE) {
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
/**
* Классы для работы с базой данных.
*/
require_once 'classes/Database/Mysql.php';
require_once 'classes/Database/Exception.php';
require_once 'classes/Database/Statement.php';
require_once 'classes/Database/db.php';
require_once 'classes/Battles/Database/DBPDO.php';
/**
* Автозагрузка классов с учётом неймспейсов.
*/
@ -50,6 +41,9 @@ if (empty(DBPDO::$db)) {
DBPDO::$db = new DBPDO();
}
if (empty(User::$current) && $_SESSION['uid']) {
User::$current = new User($_SESSION['uid']);
}
// Для нападалок. Сперва комнаты в которых нельзя напасть, потом персонажи на которых нельзя напасть.
const UNKILABLE = [

2
cronjobs/cron.php
View File

@ -301,7 +301,7 @@ if (date("z-H-i") == date("z-H-i", $st_ar['value'])) {
file_get_contents(GAMEDOMAIN . '/chats.php?id=3');
}
$komp_users = mysql_query("SELECT * FROM `users`, `online` WHERE `users`.`id` = `online`.`id` AND `online`.`date` >= " . (time() - 60) . "");
$komp_users = mysql_query("SELECT * FROM `users`, `online` WHERE `users`.`id` = `online`.`id` AND `online`.login_time >= " . (time() - 60) . "");
while ($ku = mysql_fetch_array($komp_users)) {
$bns = 0;
$efs_bns = mysql_fetch_array(mysql_query('SELECT SUM(`hp`) AS `hps` FROM `effects` WHERE `owner` = "' . $ku['id'] . '"'));

14
cronjobs/cron_tower.php
View File

@ -5,19 +5,21 @@
* Project name: Battles-Game
*/
use Battles\DressedItems;
require_once '../functions.php';
if (!$tr && $turnirstart[0] <= time() && $dd[0] >= 2) {
$minroom = 501;
$maxroom = 560;
$data = mysql_query("SELECT `dt`.`owner` FROM `deztow_stavka` AS `dt`, `online` AS `o` WHERE (SELECT COUNT(`id`) FROM `effects` WHERE `effects`.`owner` = `dt`.`owner` AND (`type` = 11 OR `type` = 12 OR `type` = 13 OR `type` = 14 OR `type` = 2 OR `type` = 3 OR `type` = 4 OR `type` = 202 OR `type` = 201 OR `type` = 21)) = 0 AND `o`.`id` = `dt`.`owner` AND `room` = 31 AND `o`.`date` >= '" . (time() - 300) . "' ORDER BY `kredit` DESC, `dt`.`time` ASC LIMIT 50");
$data = mysql_query("SELECT `dt`.`owner` FROM `deztow_stavka` AS `dt`, `online` AS `o` WHERE (SELECT COUNT(`id`) FROM `effects` WHERE `effects`.`owner` = `dt`.`owner` AND (`type` = 11 OR `type` = 12 OR `type` = 13 OR `type` = 14 OR `type` = 2 OR `type` = 3 OR `type` = 4 OR `type` = 202 OR `type` = 201 OR `type` = 21)) = 0 AND `o`.`id` = `dt`.`owner` AND `room` = 31 AND `o`.login_time >= '" . (time() - 300) . "' ORDER BY `kredit` DESC, `dt`.`time` ASC LIMIT 50");
$stavka = mysql_fetch_array(mysql_query("SELECT SUM(`kredit`)*0.7 FROM `deztow_stavka`"));
while ($row = mysql_fetch_array($data)) {
$pers = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "' . $row[0] . '" LIMIT 1'));
\Battles\DressedItems::undressAllItems($pers['id']);
DressedItems::undressAllItems($pers['id']);
###
mysql_query('UPDATE `inventory` SET `owner` = "' . ($pers['id'] + _BOTSEPARATOR_) . '" WHERE `owner` = "' . $pers['id'] . '"');
###
@ -88,9 +90,9 @@ if (!$tr && $turnirstart[0] <= time() && $dd[0] >= 2) {
}
// Боты: Архивариус и два помощника.
\Battles\DressedItems::undressAllItems(233);
\Battles\DressedItems::undressAllItems(234);
\Battles\DressedItems::undressAllItems(235);
DressedItems::undressAllItems(233);
DressedItems::undressAllItems(234);
DressedItems::undressAllItems(235);
mysql_query("DELETE FROM `inventory` WHERE `owner` = 233");
mysql_query("DELETE FROM `inventory` WHERE `owner` = 234");
@ -158,7 +160,7 @@ if ($tur_data['endtime'] < time() && $tur_data['id']) {
$list = mysql_query("SELECT * FROM `users` WHERE `in_tower` = 1");
while ($u = mysql_fetch_array($list)) {
\Battles\DressedItems::undressAllItems($u['id']);
DressedItems::undressAllItems($u['id']);
$rep = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $u['id'] . "' AND `bs` = 1");
while ($r = mysql_fetch_array($rep)) {
mysql_query("INSERT `deztow_items` (`iteam_id`, `name`, `img`, `room`) VALUES ('" . $r['prototype'] . "', '" . $r['name'] . "', '" . $r['img'] . "', '" . $u['room'] . "')");

50
enter.php
View File

@ -19,7 +19,7 @@ $battle = $_COOKIE['battle'] ?? '';
$error = "";
if ($username && $password) {
$user_query = DBPDO::$db->ofetch('SELECT id, login, pass, room, block FROM users WHERE login = ?', $username);
$user_query = DBPDO::$db->ofetch('SELECT id, login, pass, room, block, session_id FROM users WHERE login = ?', $username);
if (!$user_query->id) {
$error = ERROR_NO_SUCH_USER;
@ -27,28 +27,34 @@ if ($username && $password) {
$error = ERROR_USER_IS_BLOCKED;
} elseif (password_verify($password, $user_query->pass)) {
if (!$error) {
# Проверка на мультоводство по используемому кукису.
if ($battle != null && $user_query->id != $battle) {
GameLogs::addUserLog($user_query->id,'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
}
setcookie("battle", $user_query->id);
$_SESSION['uid'] = $user_query->id;
setcookie("uid", $user_query->id, time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query->id . $user_query->pass . $username), time() + 43200, "/", GAMEDOMAIN);
$_SESSION['sid'] = session_id();
$onl = DBPDO::$db->ofetch('SELECT user_id FROM online WHERE user_id = ?', $user_query->id);
if (isset($onl->user_id)) {
DBPDO::$db->execute('UPDATE online SET date = ? WHERE user_id = ?', [time(), $user_query->id]);
} else {
DBPDO::$db->execute('INSERT INTO online (user_id, date, room, real_time) VALUES (?,?,?,?)', [$user_query->id, time(), $user_query->room, time()]);
}
DBPDO::$db->execute('UPDATE users SET session_id = ?, enter_game = 1 WHERE id = ?', [session_id(), $user_query->id]);
header("Location: fight.php");
# Проверка на мультоводство по используемому кукису.
if ($battle != null && $user_query->id != $battle) {
GameLogs::addUserLog($user_query->id,'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
}
# TEST! Влетаем всегда в одну и ту же сессию.
if ($user_query->session_id) {
session_id($user_query->session_id);
}
$_SESSION['uid'] = $user_query->id;
setcookie("battle", $user_query->id);
setcookie("uid", $user_query->id, time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query->id . $user_query->pass . $username), time() + 43200, "/", GAMEDOMAIN);
$onl = DBPDO::$db->ofetch('SELECT 1 FROM online WHERE user_id = ?', $user_query->id);
if ($onl) {
DBPDO::$db->execute('UPDATE online SET login_time = ? WHERE user_id = ?', [time(), $user_query->id]);
} else {
DBPDO::$db->execute('INSERT INTO online (user_id, login_time, room, real_time) VALUES (?,?,?,?)', [$user_query->id, time(), $user_query->room, time()]);
}
DBPDO::$db->execute('UPDATE users SET session_id = ?, enter_game = 1 WHERE id = ?', [session_id(), $user_query->id]);
session_start();
header("Location: fight.php");
} else {
$error = ERROR_WRONG_PASSWORD;
}

2
enter_cave.php
View File

@ -195,7 +195,7 @@ if (in_array($user->getRoom(), CANAL_ENTERS)) {
$i = 0;
function isonlinelogin($l)
{
$i = mysql_fetch_assoc(mysql_query("SELECT DISTINCT(`users`.`id`) FROM `online` LEFT JOIN `users` ON (`users`.`id` = `online`.`id`) WHERE `date` >= " . (time() - 60) . " AND `users`.`login` = '$l'"));
$i = mysql_fetch_assoc(mysql_query("SELECT DISTINCT(`users`.`id`) FROM `online` LEFT JOIN `users` ON (`users`.`id` = `online`.`id`) WHERE login_time >= " . (time() - 60) . " AND `users`.`login` = '$l'"));
return $i;
}

19
fight.php
View File

@ -2,15 +2,11 @@
use Battles\Database\DBPDO;
use Battles\Template;
use Battles\User;
require_once 'config.php';
$userLoginStatus = DBPDO::$db->ofetch('select enter_game from users where id = ?', User::$current->getId());
if (empty($userLoginStatus->enter_game)) {
header("Location: index.php");
exit();
} else {
DBPDO::$db->execute('update users set enter_game = 0 where enter_game = 1 and id = ?', User::$current->getId());
$userLoginStatus = DBPDO::$db->ofetch('select enter_game from users where id = ?', $_SESSION['uid']);
if (!empty($userLoginStatus->enter_game)) {
DBPDO::$db->execute('update users set enter_game = 0 where enter_game = 1 and id = ?', $_SESSION['uid']);
}
Template::header('Окно игры');
@ -30,6 +26,7 @@ Template::header('Окно игры');
width: 100%;
height: 100%;
border: 0 solid;
overflow: hidden;
}
.frametable {
@ -52,19 +49,17 @@ Template::header('Окно игры');
<table class="frametable">
<tr style="height: 25px;">
<td class="frametd">
<iframe id="header<?= mt_rand() ?>" class="FRAME" src="top_menu.php" scrolling="no" frameborder="0"
name="headframe"></iframe>
<iframe id="header<?= mt_rand() ?>" class="FRAME" src="top_menu.php" name="headframe" title="headframe"></iframe>
</td>
</tr>
<tr style="height: 75%;">
<td class="frametd">
<iframe id="main<?= mt_rand() ?>" class="FRAME" src="main.php?top=<?= mt_rand() ?>" frameborder="0"
name="gameframe"></iframe>
<iframe id="main<?= mt_rand() ?>" class="FRAME" src="main.php?top=<?= mt_rand() ?>" name="gameframe" title="gameframe"></iframe>
</td>
</tr>
<tr>
<td class="frametd">
<iframe id="chat<?= mt_rand() ?>" class="FRAME" src="chat.php" frameborder="0" name="chatframe"></iframe>
<iframe id="chat<?= mt_rand() ?>" class="FRAME" src="chat.php" name="chatframe" title="chatframe"></iframe>
</td>
</tr>
</table>

207
functions.php
View File

@ -10,23 +10,18 @@ use Battles\DressedItems;
use Battles\InventoryItem;
use Battles\Travel;
use Battles\User;
use Battles\UserInfo;
use Battles\UserStats;
require_once 'config.php';
if (empty($_SESSION['uid'])) {
header("Location: index.php");
exit;
} else {
if (empty($user) && $_SESSION['uid']) {
$user = new User($_SESSION['uid']);
}
if (empty(User::$current) && $_SESSION['uid']) {
User::$current = new User($_SESSION['uid']);
}
} elseif (empty($user)) {
$user = new User($_SESSION['uid']);
}
if (User::$current->getId() && User::$current->getBlock()) {
if (User::$current->getBlock()) {
exit('user blocked!');
}
@ -83,9 +78,9 @@ if (in_array(User::$current->getRoom(), $roomsCheck)
exit;
}
$ip = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP);
if (isset($_GET['goto']) && isset($_GET['tStamp']) && isset($_GET['vcode']) && $_GET['vcode'] == md5(sha1($_GET['goto'] . $_GET['tStamp']))) {
db::c()->query('UPDATE `users`,`online` SET `users`.`room` = ?i, `online`.`room` = ?i WHERE `online`.`id` = `users`.`id` AND `online`.`id` = ?i', $_GET['goto'], $_GET['goto'], $_SESSION['uid']);
if (!empty($_GET['goto']) && !empty($_GET['tStamp']) && !empty($_GET['vcode']) && $_GET['vcode'] == md5(sha1($_GET['goto'] . $_GET['tStamp']))) {
$query = 'update users u, online o set u.room = ?, o.room = ? where user_id = id and user_id = ?';
DBPDO::$db->execute($query, [$_GET['goto'], $_GET['goto'], User::$current->getId()]);
User::$current->setRoom(intval($_GET['goto']));
}
@ -143,74 +138,6 @@ function get_out($u)
###
}
function takeshopitem($item, $table = "shop", $present = '', $onlyonetrip = '', $fields = 0, $uid = 0, $koll = 1, $podzem = 0)
{
$flds = [];
$goden = '';
if (!$uid) {
$uid = User::$current->getId();
}
$r = db::c()->query('SHOW FIELDS FROM ?f', $table);
$r2 = db::c()->query('SHOW FIELDS FROM inventory');
while ($rec = $r2->fetch_assoc()) {
$flds[$rec['Field']] = 1;
}
$rec1 = db::c()->query('SELECT * FROM ?f WHERE id = ?i', $table, $item)->fetch_assoc_array();
if ($rec1['koll']) {
db::c()->query('UPDATE inventory SET koll = (koll + ?i), massa = (massa + ?i), cost = (cost + ?i) WHERE owner = ?i AND prototype = ?i', $koll, $rec1['massa'] * $koll, $rec1['cost'], $uid, $item);
if (db::c()->getAffectedRows() > 0) {
return ["img" => $rec1['img'], "name" => $rec1['name']];
}
$rec1['koll'] = $koll;
$rec1['massa'] *= $koll;
}
if ($rec1['onlyone']) {
$i = db::c()->query('SELECT id FROM inventory WHERE owner = ?i AND prototype = ?i', $uid, $item)->fetch_row();
if ($i) {
return ["error" => "У вас слишком много таких вещей."];
}
}
if ($present) {
$rec1['present'] = $present;
$rec1['cost'] = 0;
$rec1['ecost'] = 0;
}
$sql = "";
while ($rec = $r->fetch_assoc()) {
if (!$flds[$rec['Field']]) {
continue;
}
if ($rec['Field'] == "dategoden") {
$goden = $rec1[$rec['Field']];
}
if ($rec['Field'] == "goden") {
$goden = $rec1[$rec['Field']];
}
if ($rec['Field'] == "id" || $rec['Field'] == "prototype" || $rec['Field'] == "dategoden") {
continue;
}
$sql .= ", `$rec[Field]` = '" . $rec1[$rec['Field']] . "' ";
}
if ($podzem) {
$rec1['podzem'] = $podzem;
}
if ($fields['goden']) {
$goden = $fields["goden"];
}
mysql_query("INSERT INTO `inventory` SET " . ($present ? "`present` = '$present'," : "") . ($rec1['podzem'] ? "`podzem` = '$rec1[podzem]'," : "") . " `owner` = '$uid', `otdel` = $rec1[razdel] , `prototype` = '$item' " . ($onlyonetrip ? ", `foronetrip` = 1" : "") . ($goden ? ", `dategoden` = '" . ($goden * 60 * 60 * 24 + time()) . "'" : "") . " $sql");
return ["img" => $rec1['img'], "name" => $rec1['name'], "id" => mysql_insert_id()];
}
const _BOTSEPARATOR_ = 10000000;
function savecavedata($cavedata, $caveleader, $floor)
@ -227,11 +154,6 @@ function GiveExp($id, $exp)
db::c()->query('UPDATE users SET exp = exp + ?i WHERE id = ?i', $exp, $id);
}
function GiveRep($id, $rep)
{
db::c()->query('UPDATE users SET doblest = (doblest + ?i), rep_laba = (rep_laba + ?i) WHERE `id` = ?i', $rep, $rep, $id);
}
/**
* Генератор прогрессбара.
* @param $current - Текущее значение.
@ -505,17 +427,18 @@ function usemagic($id, $target)
InventoryItem::destroyItem($row['id']);
} else {
if (!$row['magic']) {
db::c()->query('UPDATE `inventory` SET `includemagicdex` =`includemagicdex` - ?i WHERE id = ?i', $bat, $row['id']);
$query = 'update inventory set includemagicdex = includemagicdex - ? where item_id = ?';
} else {
db::c()->query('UPDATE `inventory` SET duration = duration + ?i WHERE id = ?i', $bat, $row['id']);
$query = 'update inventory set durability = durability + ? where item_id = ?';
}
DBPDO::$db->execute($query, [$bat, $row['id']]);
}
if (!$charge) {
$charge = 0;
}
//ограничение по кол-ву за ход
if (User::$current->getBattle()) {
$bat = db::c()->query('SELECT * FROM `battle` WHERE `id` = ?i', User::$current->getBattle())->fetch_assoc_array();
$bat = DBPDO::$db->fetch('select * from battle where battle_id = ?', User::$current->getBattle());
}
if ($bat['magic'] == '') {
$all_magic = [];
@ -523,12 +446,20 @@ function usemagic($id, $target)
$all_magic = unserialize($bat['magic']);
}
$all_magic[User::$current->getId()] += $charge;
db::c()->query('UPDATE `battle` SET `magic`= "?s" WHERE id = ?i', serialize($all_magic), User::$current->getBattle());
DBPDO::$db->execute('update battle set magic = ? where battle_id = ?', [serialize($all_magic), User::$current->getBattle()]);
}
}
return false;
}
/* ВАЖНО! (#44)
* addch() и addchp() заменяются на Chat::class->addSYSMessage($message, [optional]$receiver);
* Для addchp() используется второй опциональный ключ.
* Это 150+ вхождений в куче файлов, где надо менять структуру вызова функции из-за их несовместимости.
* Возможно, приоритетом стоит сделать унификацию свитков нападения, которых самих около 20 и которые
* по нескольку раз вызывают эти функции.
*/
function addch($text, $room = 0)
{
if ($room == 0) {
@ -560,7 +491,6 @@ function addchp($text, $who, $room = 0)
function err($t)
{
echo '<span class="error">' . $t . '</span>';
return true;
}
@ -576,52 +506,60 @@ function telegraph(int $userId, string $text)
}
}
/**
* Надеюсь временная заглушка, которая объединяет get_meshok() и другую выдачу одной строкой.
* @return string
*/
function getItemsMassaInfo(): string
function SolveExp($at_id, $def_id, $damage): float
{
$itemRow = DBPDO::INIT()->ofetch("select sum(weight) as all_weight from inventory where owner_id = ?", $_SESSION['uid']);
$userRow = DBPDO::INIT()->ofetch("select strength * 4 as max_weight from users where id = ?", $_SESSION['uid']);
$textStyle = '';
if ($itemRow->all_weight > $userRow->max_weight) {
$textStyle = " style='color:maroon;'";
}
return "<span$textStyle>$itemRow->all_weight / $userRow->max_weight</span>";
}
function SolveExp($at_id, $def_id, $damage)
{
$mods = ['bloodb' => 1.2, 'btl_1' => 1, 'btl_2' => 0.5, 'btl_3' => 0.05];
$baseexp = ["0" => "2", "1" => "5", "2" => "10", "3" => "15", "4" => "30", "5" => "60", "6" => "90", "7" => "115", "8" => "300", "9" => "400", "10" => "500", "11" => "600", "12" => "700", "13" => "800", "14" => "900", "15" => "1000", "16" => "1100", "17" => "1200", "18" => "1300", "19" => "1400", "20" => "1500", "21" => "1600"];
$mods = [
'bloodb' => 1.2,
'btl_1' => 1,
'btl_2' => 0.5,
'btl_3' => 0.05,
];
$baseexp = [
"0" => "2",
"1" => "5",
"2" => "10",
"3" => "15",
"4" => "30",
"5" => "60",
"6" => "90",
"7" => "115",
"8" => "300",
"9" => "400",
"10" => "500",
"11" => "600",
"12" => "700",
"13" => "800",
"14" => "900",
"15" => "1000",
"16" => "1100",
"17" => "1200",
"18" => "1300",
"19" => "1400",
"20" => "1500",
"21" => "1600",
];
$expmf = 0;
$bot_active = false;
$bot_def = false;
if ($at_id > _BOTSEPARATOR_) {
$bots = db::c()->query('SELECT * FROM bots WHERE id = ?i', $at_id)->fetch_assoc_array();
$bots = DBPDO::$db->fetch('select * from bots where bot_id = ?', $at_id);
$at_id = $bots['prototype'];
$bot_active = true;
}
$at = db::c()->query('SELECT `level` FROM `users` WHERE `id` = ?i', $at_id)->fetch_assoc();
$def = db::c()->query('SELECT `level` FROM `users` WHERE `id` = ?i', $def_id)->fetch_assoc();
$at_cost = db::c()->query('SELECT 1+IFNULL((SELECT SUM(`cost`) FROM `inventory` WHERE `owner` = `users`.`id` AND `dressed` = 1), 0), `align` FROM `users` WHERE `id` = ?i', $at_id)->fetch_assoc_array();
$def_cost = db::c()->query('SELECT 1+IFNULL((SELECT SUM(`cost`) FROM `inventory` WHERE `owner` = `users`.`id` AND `dressed` = 1), 0), `align` FROM `users` WHERE `id` = ?i', $def_id)->fetch_assoc_array();
$query = 'select greatest(1, sum(price)) as allprice from users left join inventory on users.id = inventory.owner_id where id = ?';
$at = DBPDO::$db->fetch($query, $at_id);
$def = DBPDO::$db->fetch($query, $def_id);
if ($at_id > _BOTSEPARATOR_) {
$table_name = 'bots';
} else {
$table_name = 'users';
}
$bat_raw = db::c()->query('SELECT battle FROM ?f WHERE id = ?i', $table_name, $at_id)->fetch_assoc_array();
$bat = $bat_raw['battle'];
$bt = db::c()->query('SELECT `blood`,`type`,`t1`,`t2` FROM `battle` WHERE `id` = ?i', $bat)->fetch_assoc();
$atInfo = new UserStats($at_id);
$defInfo = new UserStats($def_id);
$table_name = $at_id > _BOTSEPARATOR_ ? 'bots' : 'users';
$bt = DBPDO::$db->fetch('select blood, type, t1, t2 from battle where battle_id = (select battle from ? where id = ?)', [$table_name, $at_id]);
if ($def_id > _BOTSEPARATOR_) {
$bots = db::c()->query('SELECT * FROM bots WHERE id = ?i', $def_id)->fetch_assoc_array();
$bots = DBPDO::$db->fetch('select * from bots where bot_id = ?', $def_id);
$def_id = $bots['prototype'];
$bot_def = true;
}
@ -662,9 +600,22 @@ function SolveExp($at_id, $def_id, $damage)
"10" => 919,
"11" => 919,
"12" => 919,
"13" => 919, "14" => 919, "15" => 919, "16" => 919, "17" => 919, "18" => 919, "19" => 919, "20" => 919, "21" => 919, "22" => 919, "23" => 919, "24" => 919, "25" => 919];
"13" => 919,
"14" => 919,
"15" => 919,
"16" => 919,
"17" => 919,
"18" => 919,
"19" => 919,
"20" => 919,
"21" => 919,
"22" => 919,
"23" => 919,
"24" => 919,
"25" => 919
];
$mfit = ($at_cost[0] / ($standart[$at['level']] / 3));
$mfit = ($at['allprice'] / ($standart[$atInfo->getLevel()] / 3));
if ($mfit < 0.8) {
$mfit = 0.8;
}
@ -684,5 +635,5 @@ function SolveExp($at_id, $def_id, $damage)
$expmf = 1;
}
return round((($baseexp[$def['level']]) * ($def_cost[0] / (($at_cost[0] + $def_cost[0]) / 2)) * ($damage / $def['maxhp']) * $expmf * $mfit * $mfbot * $mfbot2) / 3);
}
return round((($baseexp[$defInfo->getLevel()]) * ($def['allprice'] / (($at['allprice'] + $def['allprice']) / 2)) * ($damage / $defInfo->getMaxHealth()) * $expmf * $mfit * $mfbot * $mfbot2) / 3);
}

5
group_arena.php
View File

@ -1,5 +1,6 @@
<?php
use Battles\ShopItem;
use Battles\Template;
require_once 'functions.php';
@ -87,7 +88,7 @@ if (isset($_POST['buyFirst'])) {
} else {
$user['money'] -= 5;
mysql_query('UPDATE `users` SET `money` = "' . $user['money'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
takeshopitem(1930, 'shop', '', '', 0, 0, $user['id'], 1, '', 0);
ShopItem::giveNewItem(1930, $user['id']);
mysql_query("INSERT INTO `delo` (`author`, `pers`, `text`, `type`, `date`) VALUES ('0', '{$user['id']}', '\"" . $user['login'] . "\" купил Фамильный Герб за 5кр.', '1', '" . time() . "')");
$error = 'Вы купили Фамильный Герб';
}
@ -113,7 +114,7 @@ if (isset($_POST['buySecond'])) {
} else {
$user['money'] -= 15;
mysql_query('UPDATE `users` SET `money` = "' . $user['money'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
takeshopitem(1931, 'shop', '', '', 0, 0, $user['id'], 1, '', 0);
ShopItem::giveNewItem(1931, $user['id']);
mysql_query("INSERT INTO `delo` (`author`, `pers`, `text`, `type`, `date`) VALUES ('0', '{$user['id']}', '\"" . $user['login'] . "\" купил Фамильный Герб (x2) за 15кр.', '1', '" . time() . "')");
$error = 'Вы купили Фамильный Герб (x2)';
}

2
hostel_room.php
View File

@ -461,7 +461,7 @@ Template::header('hostel_room');
style="width: <?= $w; ?>px; height: 14px;"><img
title="Мешок за спиной" src="/i/1silver.gif"
style=" width: <?= $w_a; ?>px; height:14px"><tt
style="font-size:13px"> <?= getItemsMassaInfo() ?> </tt></div>
style="font-size:13px"> <?= InventoryItem::getWeightData() ?> </tt></div>
<div class="progressBar" style='height:14px'><img title="Заполнение сундука" src="/i/chest.gif"
height="14px"><img title="Заполнение сундука"
src="/i/1blue.gif"

4
index.php
View File

@ -1,5 +1,7 @@
<?php
session_start();
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
if ($_SESSION['uid']) {
header('Location: fight.php');
exit;

2
magic/defence.php
View File

@ -1,5 +1,5 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '55' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '201' LIMIT 1;"));
if($user['invis'] == 1) { $user['login'] = '<b><i>невидимка</i></b>'; }

2
magic/devastate.php
View File

@ -1,6 +1,6 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '56' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '202' LIMIT 1;"));
if($user['invis'] == 1) { $user['login'] = '<b><i>невидимка</i></b>'; }

2
magic/elikbroni.php
View File

@ -1,5 +1,5 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_escape_string($_POST['target'])."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '76' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '205' LIMIT 1;"));

2
magic/elikurona.php
View File

@ -1,6 +1,6 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_escape_string($_POST['target'])."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '77' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '204' LIMIT 1;"));

2
magic/fist_def.php
View File

@ -1,6 +1,6 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '22' LIMIT 1;"));
$int=101;

2
magic/luck.php
View File

@ -18,7 +18,7 @@ $us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `
?>
<?php*/
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '22' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '203' LIMIT 1;"));
if($user['invis'] == 1) { $user['login'] = '<b><i>невидимка</i></b>'; }

2
magic/usability_klan/close_battle.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `klan`, `closebattle` FROM `abils_klan` WHERE `klan` = "'.$user['klan'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id`, `open`, `close` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/usability_klan/open_battle.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `klan`, `openbattle` FROM `abils_klan` WHERE `klan` = "'.$user['klan'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id`, `open`, `close` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/usability_klan/reamdeath.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `klan`, `reamdeath` FROM `abils_klan` WHERE `klan` = "'.$user['klan'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/usability_user/close_battle.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `uid`, `closebattle` FROM `abils_user` WHERE `uid` = "'.$user['id'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id`, `open`, `close` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/usability_user/open_battle.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `uid`, `openbattle` FROM `abils_user` WHERE `uid` = "'.$user['id'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id`, `open`, `close` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/usability_user/reamdeath.php
View File

@ -3,7 +3,7 @@
use Battles\GameLogs;
use Battles\Nick;
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE `date` >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `online` WHERE login_time >= ".(time()-60)." AND `id` = `users`.`id`) AS `online` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['target'])."' LIMIT 1"));
$vip = mysql_fetch_array(mysql_query('SELECT `id`, `uid`, `reamdeath` FROM `abils_user` WHERE `uid` = "'.$user['id'].'" LIMIT 1'));
$battle = mysql_fetch_array(mysql_query('SELECT `id` FROM `battle` WHERE `id` = "'.$user['battle'].'" LIMIT 1'));

2
magic/vampir.php
View File

@ -38,7 +38,7 @@ if ($user['battle'] > 0) {
}
$target = $_POST['target'];
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `inventory` WHERE `owner` = `users`.`id` AND `name` LIKE '%Чеснок%' LIMIT 1) AS `che`, (SELECT `id` FROM `inventory` WHERE `owner` = `users`.`id` AND `name` LIKE '%Осиновый кол%' LIMIT 1) AS `kol`,(select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '{$_POST['target']}' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *, (SELECT `id` FROM `inventory` WHERE `owner` = `users`.`id` AND `name` LIKE '%Чеснок%' LIMIT 1) AS `che`, (SELECT `id` FROM `inventory` WHERE `owner` = `users`.`id` AND `name` LIKE '%Осиновый кол%' LIMIT 1) AS `kol`,(select `id` from `online` WHERE login_time >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '{$_POST['target']}' LIMIT 1;"));
$effs = mysql_query("SELECT * FROM `effects` WHERE `owner` = '{$us['id']}' and (`type`=12 or `type`=13 or `type`=14) limit 1;");
//echo
if ($us['battle']) {

2
magic/zz.php
View File

@ -1,5 +1,5 @@
<?php
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".$_POST['target']."' LIMIT 1;"));
$us = mysql_fetch_array(mysql_query("SELECT *,(select `id` from `online` WHERE login_time >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `login` = '".$_POST['target']."' LIMIT 1;"));
$magic = mysql_fetch_array(mysql_query("SELECT `chanse` FROM `magic` WHERE `id` = '405' ;"));
$magic_need = mysql_fetch_array(mysql_query("SELECT `nintel`,`nlevel`,`ngray`,`name`,`img` FROM `inventory` WHERE `id` = '".$_GET['use']."' ;"));
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '{$us['id']}' and `type` = '405' LIMIT 1;"));

3
register.php
View File

@ -13,7 +13,6 @@ if ($_COOKIE[GAMEDOMAIN] ?? null) {
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$law = filter_input(INPUT_POST, 'law', FILTER_VALIDATE_BOOLEAN);
$law2 = filter_input(INPUT_POST, 'law2', FILTER_VALIDATE_BOOLEAN);
$ip = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP);
if ($login && $password && $email && $birthday && $law && $law2) {
$newUser = new class {
@ -26,7 +25,7 @@ if ($_COOKIE[GAMEDOMAIN] ?? null) {
$db->execute('INSERT INTO users (login,pass,email,borndate,ip,session_id,shadow)
VALUES (?,?,?,?,?,?,?)', [$login, $password, $email, $birthday, $_SERVER['REMOTE_ADDR'], session_id(), '0.png']);
$userId = $db->lastInsertId();
$db->execute('INSERT INTO online (user_id, date, room, real_time) VALUES (?,?,1,?)', [$userId, time(), time()]);
$db->execute('INSERT INTO online (user_id, login_time, room, real_time) VALUES (?,?,1,?)', [$userId, time(), time()]);
$db->execute('INSERT INTO bank (user_id) VALUES ?', $userId);
setcookie(GAMEDOMAIN, $userId, time() + 3600);
setcookie("battle", time());

4
repair.php
View File

@ -1,7 +1,9 @@
<?php
use Battles\Bank;
use Battles\Database\DBPDO;
use Battles\GameLogs;
use Battles\InventoryItem;
use Battles\Template;
require_once("functions.php");
@ -77,7 +79,7 @@ Template::header('Кузня');
<div class="appblock appblock-main">
<span class="legend">Информация</span>
<span class="wrap">Кредиты<span class="num"><?= $user['money'] ?></span></span>
<span class="wrap">Масса вещей<span class="num"><?= getItemsMassaInfo() ?></span></span>
<span class="wrap">Масса вещей<span class="num"><?= InventoryItem::getWeightData() ?></span></span>
</div>
<div class="appblock">
<span class="legend">Зал ремонта</span>

3
shop.php
View File

@ -2,6 +2,7 @@
use Battles\Bank;
use Battles\Database\DBPDO;
use Battles\InventoryItem;
use Battles\Item;
use Battles\ShopItem;
use Battles\Template;
@ -196,7 +197,7 @@ Template::header('Магазин');
</table>
<td>
<strong>
Масса всех вещей: <?= getItemsMassaInfo() ?> <br>
Масса всех вещей: <?= InventoryItem::getWeightData() ?> <br>
Деньги: <?= $user->getMoney() ?> [Б:<?= $bank->getMoney() ?>].
</strong>
<hr>