From f6b469ddefe336be55c636fda3af16fc63ec595d Mon Sep 17 00:00:00 2001
From: "Igor Barkov (iwork)" <lopar@lopar.us>
Date: Wed, 30 Sep 2020 15:48:53 +0300
Subject: [PATCH] Code clean.

---
 buy.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/buy.php b/buy.php
index ec8748b..3c32d3a 100644
--- a/buy.php
+++ b/buy.php
@@ -1,9 +1,11 @@
 <?php
 //Покупка абилок? Тут?!
 session_start();
-if (!isset($_SESSION['uid'])) exit;
+if (empty($_SESSION['uid'])) {
+    header('Location: Index.php');
+    exit;
+}
 include('config.php');
-#include('functions.php');
 $is_now = db::c()->query('SELECT `id`, `uid` FROM `abils_user` WHERE `uid` = ?i', $user['id'])->fetch_assoc();
 
 function add_user_abil($ab, $cost)
@@ -12,9 +14,9 @@ function add_user_abil($ab, $cost)
     if (isset($ab) && $banks['ekr'] >= $cost) {
         $isset = mysql_fetch_array(mysql_query('SELECT `id`, `' . $ab . '` FROM `abils_user` WHERE `uid` = "' . $user['id'] . '" LIMIT 1'));
         $isset[$ab] += 1;
-        mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '" LIMIT 1');
+        mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '"');
         $banks['ekr'] -= $cost;
-        mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
+        mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '"');
         return true;
     }
     return false;
@@ -31,7 +33,7 @@ if (isset($_POST['type'], $_POST['user'])) {
             if ($banks['ekr'] >= $price) {
                 if (isset($is_now['id'])) {
                     if ($user['battle'] == 0) {
-                        if (add_user_abil($abil, $price) == true) {
+                        if (add_user_abil($abil, $price)) {
                             echo 'success';
                         } else {
                             echo 'Error';