<?php
session_start();
include("config.php");
include("functions.php");
include("classes/utils_class.php");

//$uplogin = explode('&', $_SERVER['QUERY_STRING']);
//$uplogin = urldecode(trim($uplogin[0]));
//
//if (isset($_GET['login'])) { $user_id = '`login` = "' . mysql_real_escape_string($_GET['login']) . '"';
//} elseif (isset($_GET['id'])) { $user_id = '`id` = "' . mysql_real_escape_string($_GET['id']) . '"';
//} else {
//    if (is_numeric($uplogin)) {
//        $user_id = '`id` = "' . mysql_real_escape_string($uplogin) . '"';
//    } else {
//        $user_id = '`login` = "' . mysql_real_escape_string($uplogin) . '"';
//    }
//}

//$user_id = filter_input(INPUT_GET,'id');
$user_login = filter_input(INPUT_GET,'login');

//$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE $user_id LIMIT 1"));
//$own = mysql_fetch_array(mysql_query("SELECT id, align, admin FROM `users` WHERE `id` = '" . mysql_real_escape_string((int)$_SESSION['uid']) . "' LIMIT 1"));
$user = db::c()->query('SELECT * FROM `users` WHERE `login` = "?s" LIMIT 1', $user_login)->fetch_assoc();
$own = db::c()->query('SELECT `id`, `align`, `admin` FROM `users` WHERE `id` = "?s" LIMIT 1', $_SESSION['uid'])->fetch_assoc();

$_SERVER['QUERY_STRING'] = $user['id'];
if ($user['id'] == null) {
    ?>
    <html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
        <title>Ошибка</title></head>
    <body style="color: #666; background-color: #d5d5d5; text-align: center; font-family: Consolas;">
    Ошибка: персонаж<?= ($_GET['login'] ? "&nbsp;\"" . $_GET['login'] . "\"" : ""); ?> не найден...
    <p><a style="color: #99f" href="javascript:window.history.go(-1);">Назад</a></p>
    </body>
    </html>
    <?
    exit();
}

//if (isset($_GET['short'])) {
//    header("Content-type= text/plain");
//    die($Utils->Short($user['id'], $own['align']));
//}
//
//?>

<html>
<head>
    <title>Информация о <?= $user['login'] ?></title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
    <meta content="no-cache" http-equiv="Cache-Control"/>
    <meta content="NO-CACHE" http-equiv="PRAGMA"/>
    <meta content="0" http-equiv="Expires"/>

    <link href="css/main.css" rel="stylesheet" type="text/css"/>
    <link rel="stylesheet" type="text/css" href="css/tooltip.css"/>

    <script src="js/jquery-1.7.2.min.js"></script>
    <script src="js/showthing.js"></script>
    <script src="js/tooltip.js"></script>
    <script type="text/javascript" src="//cdn.jsdelivr.net/jquery.slick/1.5.8/slick.min.js"></script>

    <script>
        $(function () {
            $(".tooltip").tipTip({maxWidth: "auto", edgeOffset: 0, fadeIn: 300, fadeOut: 500});
        });
    </script>

    <script>
        var CtrlPress = false;

        function Down() {
            CtrlPress = window.event.ctrlKey;
        }

        document.onmousedown = Down;

        var delay = 30, TimerOn = -1, tkHP, maxHP, speed = 750, stLen = 185, redHP = 0.33, yellowHP = 0.66;

        function setHP(a, b, c) {
            tkHP = a;
            maxHP = b;
            TimerOn >= 0 && (clearTimeout(TimerOn), TimerOn = -1);
            speed = c;
            setHPlocal();
        }

        function setHPlocal() {
            tkHP > maxHP && (tkHP = maxHP);
            var a = Math.round(tkHP) + "/" + maxHP, a = stLen - (a.length + 2) * 7, b = Math.round((a - 1) / maxHP * tkHP);
            a -= b;
            HP = document.getElementById("hp_value");
            HP1 = document.getElementById("HP1");
            HP2 = document.getElementById("HP2");
            if (HP) {
                HP1.width = b, HP2.width = a, HP1.src = tkHP / maxHP < redHP ? "i/1red.gif" : tkHP / maxHP < yellowHP ? "i/1yellow.gif" : "i/1green.gif", HP.innerHTML = Math.round(tkHP) + "/" + maxHP;
            }
            tkHP += maxHP / 53 / 230 * (speed / 100);
            TimerOn = tkHP < maxHP ? setTimeout("setHPlocal()", delay * 100) : -1
        }
    </script>
</head>

<BODY bgColor=#e2e0e0 onload="<?= topsethp(); ?>">
<TABLE cellPadding=0 cellSpacing=0 width=100% border=0>
    <TBODY>
    <TR>
        <TD align=left vAlign=top width="250">
            <?= showinf_pers($user['id'], 1);

            if ($user['married']) {
                $who = mysql_fetch_array(mysql_query('SELECT `id` FROM `users` WHERE `login` = "' . $user['married'] . '" LIMIT 1'));
                echo ' <a href=\'inf.php?'.$who['id'].'\' target=\'_blank\'><img src="i/married.gif" class="tooltip" title="'.($user['sex'] == 1 ? 'Женат на <b>' : 'Замужем за <b>').$user['married'].'</b>" /></a> ';
            }

            if ($user['deal'] == 1) echo '<img src="i/alchemy1.gif" class="tooltip" title="<b>Официальный дилер</b>" />';

            if ($user['reputation'] >= 20000 && $user['repcost'] <= 22229) echo '<img src="i/medal_hram_011.gif" title="Рыцарь Лабиринта">';
            for ($i = 0; $i < count($medals); $i++) {
                switch ($medals[$i]) {
                    case "009":
                        echo ' <img src="i/009.gif" title="Последний победитель Башни Смерти!" width=30> ';
                        break;
                    case "beta_test":
                        echo ' <img src="i/Beta_test.gif" title="За помощь в бета-тесте" width=32  height=50> ';
                        break;
                }
            }
            if ($user['win'] >= 20000) echo '<img src="i/016.gif" title="20000 Побед!">';
            if ($user['win'] >= 50000) echo '<img src="i/015.gif" title="50000 Побед!">';
            if ($user['win'] >= 100000) echo '<img src="i/014.gif" title="100000 Побед!">';

            $medals = explode(";", $user['medals']);
            ?>

        </TD>
        <td valign="top" width="100">
            <div style="margin: auto; width: 100px; text-align: center;">
                <img align="right" src="i/<? echo star_sign(substr($user['borndate'], 3, 2), substr($user['borndate'], 0, 2)); ?>.gif" width="100"/>
                <?
                if ($user['vip_time'] > 0) {
                    if ($user['vip'] == 1) { $vip_type = "Серебряный vip аккаунт"; }
                    elseif ($user['vip'] == 2) { $vip_type = "Золотой vip аккаунт"; }
                    elseif ($user['vip'] == 3) { $vip_type = "Платиновый vip аккаунт"; }
                    echo '<img class="tooltip" src="i/p' . $user['vip'] . '.png" title="<b>' . $vip_type . '</b><br />Действителен еще : ' . timeOut($user['vip_time'] - time()) . '"/>';
                }

                if ((int)$user['align'] == 1) { ?>
                    <img src='/i/inf_pal.gif' width="100">
                    <a target='_blank' href='http://goldpaladin.ru'><small>Орден паладинов</small></A><br>
                <?php } ?>
            </div>
        </td>
    </TR>
    </TBODY>
</TABLE>
<hr>
<!-- Нижняя часть -->
<?
$effect = mysql_fetch_array(mysql_query("SELECT `time` FROM `effects` WHERE `owner` = '" . $user['id'] . "' AND `type` = 5 LIMIT 1"));

if ($effect['time'] AND ($own['admin'] != 1 OR ((int)$own['align']) != 1)) die('<h3>Персонаж обезличен!</h3>');

if (!empty($user['realname'])) echo "Имя: " . $user['realname'] . "<br>";
if (!empty($user['city'])) echo "Город: " . $user['city'] . "<br>";
if (!empty($user['lozung'])) echo "Лозунг: " . $user['lozung'] . "<br>";
?>
<p style="font-family: Consolas,monospace;"><?= nl2br($user['info']); ?></p><hr>
<div id="Content">
    <fieldset><legend>Подарки</legend>
            <?
            while ($row = mysql_fetch_array($data)) {
                $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1"));
                echo '<a href="inf.php?' . $why_gift['id'] . '"><img src="i/sh/' . $row['img'] . '" class=\'tooltip\' border="0" title="<b>' . $row['name'] . '</b><br />Подарил: <b>' . $row['present'] . '</b><br /><b class=\'txt\'>' . $row['letter'] . '</b>" /></a> ';
                $i++;
            }
            if (isset($_GET['chest'])) {
                $chest = $_GET['chest'] + 15;
            } else {
                $chest = 15;
            }
            $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24 ORDER BY `id` DESC LIMIT $chest");
            $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сундук%') AND `present` != '' AND `cost` > 24");
            if (mysql_num_rows($data)) {
                echo '<br />Сундуки : <br />';
                $i = 0;
            } elseif ($chest > 15 && $i >= mysql_num_rows($cnt)) {
                echo '<br /><b>Сундуков больше нет ...</b><br />';
            }
            if ($i < mysql_num_rows($cnt)) echo '<br /><a href=\'?' . $user['id'] . '&chest=' . $chest . '\'>Показать еще Сундуки</a><br />';

            ###Start Особые подарки###
            if (isset($_GET['uniqs'])) {
                $uniqs = $_GET['uniqs'] + 15;
            } else {
                $uniqs = 15;
            }
            $datas = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24  ORDER BY `id` DESC LIMIT $uniqs");
            $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Уник%') AND `present` != '' AND `cost` > 24");
            if (mysql_num_rows($datas)) echo '<br /><br />Уникальные подарки : <br />';
            $i = 0;
            while ($row = mysql_fetch_array($datas)) {
                $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1"));
                echo '<a href="inf.php?' . $why_gift['id'] . '"><img src="i/sh/' . $row['img'] . '" border="0" class=\'tooltip\' title="<b>' . $row['name'] . '</b><br />Подарил: <b>' . $row['present'] . '</b><br /><b class=\'txt\'>' . $row['letter'] . '</b>" /></a> ';
                $i++;
            }
            if ($i < mysql_num_rows($cnt)) {
                echo '<br /><a href=\'?' . $user['id'] . '&uniqs=' . $uniqs . '\'>Показать еще Уникальные подарки</a><br />';
            } elseif ($uniqs > 15 && $i >= mysql_num_rows($cnt)) {
                echo '<br /><b>Уникальных подарков больше нет ...</b><br />';
            }
            ###End Особые подарки###

            if (isset($_GET['gifts'])) {
                $gifts = $_GET['gifts'] + 15;
            } else {
                $gifts = 15;
            }
            $data = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24  ORDER BY `id` DESC LIMIT $gifts");
            $cnt = mysql_query("SELECT `id` FROM `inventory` WHERE `owner` = '" . $user['id'] . "' AND (`name` LIKE '%Сувенир%' OR `name` LIKE '%Подарок%' OR `name` LIKE '%Валентинка%' OR `name` LIKE '%Открытка%' OR `name` LIKE 'Ель%' OR `name` LIKE '%Медаль%' OR `name` LIKE '%Статуэтка%'OR `name` LIKE '%Статуэтка%') AND `present` != '' AND `cost` < 24");
            if (mysql_num_rows($data)) echo '<br /><br />Сувениры : <br />';
            $i = 0;
            while ($row = mysql_fetch_array($data)) {
                $why_gift = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `users` WHERE `login` = '" . mysql_real_escape_string($row['present']) . "' LIMIT 1"));
                echo '<a href="inf.php?' . $why_gift['id'] . '"><img src="i/sh/' . $row['img'] . '" border="0" class=\'tooltip\' title="<b>' . $row['name'] . '</b><br />Подарил: <b>' . $row['present'] . '</b><br /><b class=\'txt\'>' . $row['letter'] . '</b>" /></a>';
                $i++;
            }
            if ($i < mysql_num_rows($cnt)) {
                echo '<br /><a href=\'?' . $user['id'] . '&gifts=' . $gifts . '\'>Показать еще Сувениры</a><br />';
            } elseif ($gifts > 15 && $i >= mysql_num_rows($cnt)) {
                echo '<br /><b>Сувениров больше нет ...</b><br />';
            }

            ?>
        </fieldset>
        <fieldset style="width: 250px; height: 75px;"><legend>Лицензии</legend>
            <?
            if ($user['prof2'] == 21) echo ' <img src="i/prof21.png" class="tooltip" title="<b>Лицензия наемника</b>" /> ';
            if ($user['prof2'] == 22) echo ' <img src="i/prof22.png" class="tooltip" title="<b>Лицензия лекаря</b>" /> ';
            if ($user['prof1'] == 1) echo ' <img src="i/prof1.png" class="tooltip" title="<b>Лицензия кузнеца</b>" /> ';
            if ($user['prof1'] == 2) echo ' <img src="i/prof1.png" class="tooltip" title="<b>Лицензия наставника</b>" /> ';
            ?>
        </fieldset>
    </div>

<?
# Секретыный раздел
$okld = 0;
$okdop = 0;

# Если я любой паладин, и смотрю не админа, или я сам админ.
if ((((int)$own['align'] == 1) AND (!$user['admin'])) OR (!empty($own['admin']))) $okld = 1;
# Если я любой паладин выше 1.2, и смотрю не админа, или я сам админ.
if ((((int)$own['align'] == 1) AND (!$user['admin']) AND ($own['align'] > 1.2)) OR (!empty($own['admin']))) $okdop = 1;

if ($okld == 1) {
    echo "<H4>Личное дело</H4>";
    $ldd = mysql_query("SELECT * FROM `lichka` WHERE `pers` = '" . $user['id'] . "' ORDER BY `id` ASC");
    while ($ld = mysql_fetch_array($ldd)) {
        $dat = date("d.m.Y H:i", $ld['date']);
        $text = $ld['text'];
        echo "<code>$dat $text </code><br />";
    }
}

if ($okdop == 1) {
    echo "<H4>Возможные мульты</H4>";
    $lplist = mysql_query("SELECT idperslater FROM delo_multi WHERE idpersnow = {$user['id']} GROUP BY idperslater ASC;");
    while ($iplog = mysql_fetch_array($lplist)) {
        echo nick3($iplog['idperslater']) . " ";
    }

    echo "<H4>Дополнительные сведения</H4>";

    if (!empty($user['id'])) echo "ID: " . $user['id'] . "<br>";
    if (!empty($user['borndate'])) echo "День рождения: " . $user['borndate'] . "<br>";
    if (!empty($user['ip'])) echo "IP при регистрации: " . $user['ip'] . "<br>";

#
    $data = mysql_query("SELECT `id`, `ip`, `login`, `status`, `level`, `room`, `align`, (select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM users WHERE refer='$user[id]' ORDER BY level DESC");
    $i = 0;
    while ($row = mysql_fetch_array($data)) {
        $i++;
        if ($i == 1) echo "<h4>Список рефералов:</h4>";
        if ($row['online'] > 0) {
            echo '<A HREF="javascript:top.AddToPrivate(\'', nick7($row['id']), '\', top.CtrlPress)" target=refreshed><img src="i/lock.gif" width=18 height=13></A>';
            nick2($row['id']);
            if ($row['id'] == $user['deal']) echo ' - ' . $row['status'] . '';
            $rrm = $rooms[$row['room']];
            echo ' - <i>', $rrm, '</i><BR>';
        }

        if ($row['online'] < 1) {
            echo '<img src="i/offline.gif" width=20 height=15 alt="Нет в клубе">';
            nick2($row['id']);
            if ($row['id'] == $user['deal']) echo ' - ', $row['status'], '';
            echo ' - нет в игре';
        }
        echo ' - IP:' . $row['ip'] . '<br>';
    }
    echo "</table>";
}

if ($own['admin'] == 1) {

    if (!empty($user['email'])) echo "E-mail: " . $user['email'] . "<br>";
    if (!empty($user['exp'])) echo "Oпыт: " . $user['exp'] . "<br>";
    if (!empty($user['stats'])) echo "Число неиспользованных UP-ов: " . $user['stats'] . "<br>";
    if (!empty($user['money'])) echo "Кредитов: " . $user['money'] . "<br>";
    if (!empty($user['room'])) echo "Комната: " . $user['room'] . "<br>";
    if (!empty($user['reputation'])) echo "Всего Репутации: " . $user['reputation'] . "<br>";
    if (!empty($user['doblest'])) echo "Репутации: " . $user['doblest'] . "<br>";

    if ($user_bank_s = mysql_query("SELECT * FROM `bank` WHERE `owner` = '{$user['id']}';")) {
        echo "<H4>Банк</H4>";
        echo "
            <table class='adm'>
              <TR>
                <th>№</th> 
                <th>Кредитов.</th> 
                <th>ЕвроКредитов.</th>  
                <th>Репутации.</th>
              </tr>
          ";
        while ($user_bank = mysql_fetch_assoc($user_bank_s)) {
            echo "
              <tr>
                <th>" . $user_bank['id'] . "</th>
                <td>" . $user_bank['cr'] . "</td>
      		      <td>" . $user_bank['ekr'] . "</td>
      		      <td>" . $user_bank['reputation'] . "</td>
              </tr>
            </table><br>";
        }
    }

    $own = mysql_fetch_array(mysql_query("SELECT `id`,`align`,`login` FROM `users` WHERE `id` = '{$_SESSION['uid']}' LIMIT 1;"));
    if ($_POST['del']) {
        $invs = mysql_query("SELECT * FROM `inventory` WHERE `id`='" . $_POST['del'] . "'");
        $bbc = mysql_fetch_array($invs);
        if ($bbc['dressed'] == 1) {
            dropitem($bbc['type']);
            if ($bbc['type'] == 5) {
                dropitem(6);
                dropitem(7);
            }
        }
        mysql_query("DELETE FROM `inventory` WHERE `id` = '{$_POST['del']}' LIMIT 1;");
    }

    $invv = mysql_query("SELECT * FROM `inventory` WHERE `owner` = '{$user['id']}' ORDER by `id` DESC;");
    echo "<br><H4><u>Вещи в инвентаре:</u></H4>";
    echo "<table class='adm'>
            <tr>
                <th>ID</th>
                <th>Название</th>
                <th>Долговечность</th>
                <th>Колл.</th>
                <th>Картинка</th>
                <th>×</th>
          	</tr>
          ";

    while ($inv = mysql_fetch_array($invv)) {
        $ip = $iplog['ip'];
        echo "
              <form method='post'>
                <tr>
                    <td>{$inv['id']}</td>
                    <td>{$inv['name']}</td>
              		<td>{$inv['duration']}/{$inv['maxdur']}</td>
              		<td>{$inv['koll']}</td>
              		<td><img src='i/sh/{$inv['img']}'></td>
              		<td><input name='del' type='hidden' value='{$inv['id']}'>
      		        <input name='ok' type='submit' value='Удалить'></td>
                </tr>
              </form>
            ";
    }
    echo "<th colspan='6'><form method='post'><input name='undress_char' type='submit' value='Раздеть персонажа'></form></th></table>";
    if ($_POST['undress_char']) undressall($user['id']);
}


?>
<div style="text-align: center;"><a href="//index.php" style="color:#808080;">www.old-dark.ru</a></div>
</body>
</html>