<?php
//Покупка абилок? Тут?!
session_start();
if (!isset($_SESSION['uid'])) die();
include('config.php');
#include('functions.php');
$is_now = db::c()->query('SELECT `id`, `uid` FROM `abils_user` WHERE `uid` = ?i', $user['id'])->fetch_assoc();

function add_user_abil($ab, $cost)
{
    global $user, $banks;
    if (isset($ab)) {
        if ($banks['ekr'] >= $cost) {
            $isset = mysql_fetch_array(mysql_query('SELECT `id`, `' . $ab . '` FROM `abils_user` WHERE `uid` = "' . $user['id'] . '" LIMIT 1'));
            $isset[$ab] += 1;
            mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '" LIMIT 1');
            $banks['ekr'] -= $cost;
            mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
            return true;
        }
    }
    return false;
}

$cost = array(1, 2, 10, 0.50, 0.80, 1, 1, 0.10, 0.20, 4, 0.02, 20, 10, 1, 1);
$mag = array('sleep15', 'sleep30', 'closebattle', 'heal20', 'heal35', 'heal50', 'travmoff', 'attack', 'bloodattack', 'death', 'comment', 'openbattle', 'reamdeath', 'clone', 'unclone');

if (isset($_POST['type'], $_POST['user'])) {
    if (isset($user['id'])) {
        $price = $cost[$_POST['type'] - 1];
        $abil = $mag[$_POST['type'] - 1];
        if (isset($banks['id'])) {
            if ($banks['ekr'] >= $price) {
                if (isset($is_now['id'])) {
                    if ($user['battle'] == 0) {
                        if (add_user_abil($abil, $price) == true) {
                            echo 'success';
                        } else {
                            echo 'Error';
                        }
                    } else {
                        echo 'Не в бою ...';
                    }
                } else {
                    echo 1;
                }
            } else {
                echo 'Не хватает средств';
            }
        } else {
            echo '<small>Выберите счёт в банке</small>';
        }
    } else {
        echo "Вы не авторизированы";
    }
}