<?php class Utils { public function get_inf($id, $login = null) { if($login != null) { return mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "'.mysql_real_escape_string($login).'" LIMIT 1')); } else { return mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.mysql_real_escape_string((int)$id).'" LIMIT 1')); } } public function show_fields($table) { $fields = array(); $res = mysql_query("SHOW COLUMNS FROM `$table`"); while($x = mysql_fetch_assoc($res)) { $fields[] = $x['Field']; } foreach($fields as $f) { echo "`".$f."`, "; } } public function SecureAll() { global $_POST, $_GET; $RichText = array("title", "text", "comment"); if(count($_POST) > 0) { foreach($_POST as $k => $v) { if($v != null) { if(in_array($k, $RichText)) { $_POST[$k] = nl2br($_POST[$k]); $_POST[$k] = mysql_real_escape_string($_POST[$k]); } else { $_POST[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_POST[$k]); } } } } if(count($_GET) > 0) { foreach($_GET as $k => $v) { if($v != null) $_GET[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_GET[$k]); } } } public function Short($uid, $ad) { $us = $this->get_inf($uid); $clan_arr = mysql_fetch_assoc(mysql_query("SELECT `id`, `short` FROM `clans` WHERE `id` = '".$us['klan']."' LIMIT 1")); echo "login=".$us['login']."<br />"; echo "level=".$us['level']."<br />"; echo "align=".$us['align']."<br />"; echo "klan=".$clan_arr['short']."<br />"; echo "sex=".$us['sex']."<br />"; echo "str=".$us['sila']."<br />"; echo "agil=".$us['lovk']."<br />"; echo "int=".$us['inta']."<br />"; echo "dex=".$us['vinos']."<br />"; echo "status=".$us['status']."<br />"; echo "borncity=".$us['borncity']."<br />"; echo "block=".$us['block']."<br />"; echo "palmessage=".$us['palcom']."<br />"; echo "online=".(int)(time()-$us['chattime'] < 60*5)."<br />"; echo "hp=".$us['hp']."<br />"; echo "maxhp=".$us['maxhp']."<br />"; if($ad == 2.99) { echo "money=".$us['money']."<br />"; echo "rep=".$us['doblest']."<br />"; echo "laba=".$us['laba']."<br />"; if($us['laba'] > 0) { echo "-----------------------<br />"; echo "laba_x=".$us['x']."<br />"; echo "laba_y=".$us['y']."<br />"; echo "-----------------------<br />"; } echo "room=".$us['room']."<br />"; } echo "dress="; $dresses = mysql_query("SELECT `id`, `name`, `duration`, `maxdur` FROM `inventory` WHERE `owner` = '".$us['id']."' AND `dressed` = 1 AND `type` != 12"); while($dr = mysql_fetch_array($dresses)) { echo $dr['name']." ".(int)$dr['duration']."/".(int)$dr['maxdur'].","; } } } $Utils = new Utils();