battles/dealer.php
2018-01-28 18:40:49 +02:00

237 lines
13 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
session_start();
if ($_SESSION['uid'] == null) header("Location: index.php");
include "config.php";
$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '".mysql_real_escape_string($_SESSION['uid'])."' LIMIT 1;"));
include "functions.php";
header("Cache-Control: no-cache");
?>
<HTML>
<HEAD>
<link rel=stylesheet type="text/css" href="css/main.css">
<meta content="text/html; charset=utf-8" http-equiv=Content-type>
<META Http-Equiv=Cache-Control Content="no-cache, max-age=0, must-revalidate, no-store">
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>
<script type="text/javascript">
function show(ele) {
var srcElement = document.getElementById(ele);
if(srcElement != null) {
if(srcElement.style.display == "block") {
srcElement.style.display= 'none';
}
else {
srcElement.style.display='block';
}
}
}
</script>
</head>
<body>
<div id=hint4 class=ahint></div>
<TABLE cellspacing=0 cellpadding=2 width=100%>
<tr>
<TD align=center><h4>Дилеры</h4></TD>
<TD align=right style="width: 25%; vertical-align: top; text-align: right; ">
<INPUT type='button' value='Обновить' style='width: 75px' onclick='location="/dealer.php"'>
<INPUT TYPE=button value="Вернуться" onClick="location.href='main.php'">
</TD>
</TR>
<TR>
<TD nowrap>
<BR/>
<?
$data=mysql_query("SELECT `id`, `login`, `status`, `level`, `room`, `align`, (select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `deal` IN ('1') order by online DESC, login asc ;");
while ($row = mysql_fetch_array($data)) {
if ($row['online']>0) {
echo '<font color=#0033CC><A HREF="javascript:top.AddToPrivate(\'',nick7($row['id']),'\', top.CtrlPress)" target=refreshed><img src="i/lock.gif" width=20 height=15></A>';
nick2($row['id']);
if ($row['id'] == $user['deal']) echo ' - '.$row['status'].'';
$rrm = $rooms[$row['room']];
echo '</font> онлайн<BR>';
}
if ($row['online']<1) {
echo '<font color=gray><img src="i/offline.gif" width=20 height=15 alt="Нет в клубе">';
nick2($row['id']);
if ($row['id'] == $user['deal']) echo ' - ',$row['status'],'';
echo ' - не в игре</font><BR>';
}
}
?>
</td>
</tr>
<TR>
<TD style="text-align: left; ">
<small>Продают еврокредиты. <BR/>Вы можете отправить им личное сообщение, даже если вы и Дилеры находитесь в разных городах.</small>
</TD>
<td align="left" valign=top>
<small>
<FIELDSET><LEGEND>Курс покупки ЕвроКредитов:</LEGEND>
<?
function get_content() {
$date = date("d/m/Y");
$link = "http://www.cbr.ru/scripts/XML_daily.asp?date_req=$date";
$fd = fopen($link, "r");
$text="";
if (!$fd) echo "Запрашиваемая страница не найдена";
else {
while (!feof ($fd)) $text .= fgets($fd, 4096);
}
fclose ($fd);
return $text;
}
$content = get_content();
$pattern = "#<Valute ID=\"([^\"]+)[^>]+>[^>]+>([^<]+)[^>]+>[^>]+>[^>]+>[^>]+>[^>]+>[^>]+>([^<]+)[^>]+>[^>]+>([^<]+)#i";
preg_match_all($pattern, $content, $out, PREG_SET_ORDER);
foreach($out as $cur) {
if($cur[2] == 840) $dollar = str_replace(",",".",$cur[4]);
if($cur[2] == 978) $euro = str_replace(",",".",$cur[4]);
if($cur[2] == 980) $grivna = str_replace(",",".",$cur[4]);
}
echo "<B>1</B> екр = <B>".round($dollar/$euro,3)."</B> EUR<BR>";
echo "<B>1</B> екр = <B>".round($dollar,3)."</B> RUR<BR>";
echo "<B>1</B> екр = <B>".round($dollar/$grivna*10,3)."</B> UAH<BR>";
echo "<B>1</B> екр = <B>1</B> USD<BR>";
echo "<B>1</B> екр = <B>40</B> кр.<BR>";
?>
</FIELDSET>
<FIELDSET>
<legend>WebMoney</legend>
WMZ: Z333016535196<br>
WMR: R420089996228<br>
WMG: G210462977679<br>
WMU: U164195350082<br>
WME: E198432770955<br>
WMB: B389509579835<br>
<legend>QiWi</legend>
+79056560458
<hr>
Можно оплатить с помощью банковской карты, купив web-money на один из указанных выше кошельков.<br>
Сделать это можно по ссылке: <a href="http://www.netexchange.ru/buy/" target="_blank">http://www.netexchange.ru/buy/</a>
или <a href="http://www.intexchange.ru" target="_blank">http://www.intexchange.ru</a>.
</FIELDSET></small>
</td>
</TR>
<tr><TD align=center><h4>Ангелы</h4></TD></TR>
<TR>
<TD nowrap>
<?
$data=mysql_query("SELECT `id`, `login`, `status`, `level`, `room`, `align`, (select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = users.`id`) as `online` FROM `users` WHERE `align` IN ('2.99','2.9') order by online DESC, login asc ;");
while ($row = mysql_fetch_array($data)) {
if ($row['online']>0) {
echo '<font color=#0033CC><A HREF="javascript:top.AddToPrivate(\'',nick7($row['id']),'\', top.CtrlPress)" target=refreshed><img src="i/lock.gif" width=20 height=15></A>';
nick2($row['id']);
if ($row['id'] == $user['deal']) echo ' - '.$row['status'].'';
$rrm = $rooms[$row['room']];
echo '</font> онлайн<BR>';
}
if ($row['online']<1) {
echo '<font color=gray><img src="i/offline.gif" width=20 height=15 alt="Нет в клубе">';
nick2($row['id']);
if ($row['id'] == $user['deal']) echo ' - ',$row['status'],'';
echo ' - не в игре</font><BR>';
}
}
?>
</td>
</tr>
<?
if($user['deal']> 0 or $user['admin']==1){
############# Проверка и открытие данных счета #################
if (isset($_SESSION['bankid'])){
$bank_alhimik = mysql_fetch_array(mysql_query("SELECT * FROM `bank` WHERE `id` = ".$_SESSION['bankid']." LIMIT 1;"));
}
############## Экоанизация формы ################################
echo '<TR><TD style="text-align: left; ">';
echo "<br><br><FIELDSET><LEGEND><h4>Дилерская панель</h4></LEGEND>";
If (isset($_SESSION['bankid'])){echo "Банк: <FONT COLOR=#339900>".$bank_alhimik['ekr']."</font> екр.";}
echo "<form method=post action=\"dealer.php\"><b>Зачислить екры на счет </b>
<table><tr> <td>Введите сумму </td>
<td><input type='text' name='ekr' value=''></td>
<td> Номер счета <input type='text' name='bank' value=''></td>
<td> Ник персонажа <input type='text' name='tonick' value=''></td><td>";
If (isset($_SESSION['bankid'])){ echo"<input type=submit name='putekr' value='Зачислить'>";}else{echo "Авторизируйтесь в Банке!";}
echo "</td></tr></table></form>";
echo "<br><form method=post action=\"dealer.php\"><b>Проверить логин / номер счета </b>
<table><tr><td>Логин </td><td><input type='text' name='charlogin' value=''></td>
<td> Номер счета <input type='text' name='charbank' value=''></td>
<td><input type=submit name='checkbank' value='Проверить'></td></tr>
</table></form></FIELDSET>
</TD></TR>";
############## Зачисление екр #####################################
if ($_POST['putekr'] and isset($_SESSION['bankid'])){
if (isset($_POST['ekr']) and isset($_POST['bank']) and isset($_POST['tonick'])) {
If ($_POST['ekr']<=$bank_alhimik['ekr'] and $_POST['ekr']>0){
$tonick = mysql_fetch_array(mysql_query("SELECT login,id, align FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['tonick'])."' LIMIT 1;"));
$bank = mysql_fetch_array(mysql_query("SELECT owner,id FROM `bank` WHERE `id` = '".mysql_real_escape_string($_POST['bank'])."' LIMIT 1;"));
if (ereg("auto-",$user['login']) || ereg("auto-",$user['login'])) {
$botfull=$user['login'];
list($bot, $botlogin) = explode("-", $user['login']);
$botnick = mysql_fetch_array(mysql_query("SELECT login,id FROM `users` WHERE `login` = '".mysql_real_escape_string($botlogin)."' LIMIT 1;"));
$user['login']=$botnick['login'];
$user['id']=$botnick['id'];
}
if ($bank['owner'] && $tonick['id'] && $bank['owner'] == $tonick['id']) {
If ($user['deal']> 0 or (($user['align']==2.99 or $user['align']==5 or $user['align']==2.5) and (($tonick['align']>1 and $tonick['align']<2) or ($tonick['align']>3 and $tonick['align']<4) or ($tonick['align']>5 and $tonick['align']<6)))){
$_POST['ekr'] = round($_POST['ekr'],2);
if (mysql_query("UPDATE `bank` set `ekr` = ekr+'".mysql_real_escape_string($_POST['ekr'])."' WHERE `id` = '".mysql_real_escape_string($_POST['bank'])."' LIMIT 1;")) {
if ($bot && $botlogin) {
mysql_query("INSERT INTO `dilerdelo` (dilerid,dilername,bank,owner,ekr) values ('".mysql_real_escape_string($_SESSION['uid'])."','".$botfull."','".mysql_real_escape_string($_POST['bank'])."','".mysql_real_escape_string($_POST['tonick'])."','".mysql_real_escape_string($_POST['ekr'])."');");
mysql_query("INSERT INTO `dilerdelo` (dilerid,dilername,bank,owner,ekr) values ('".mysql_real_escape_string($user['id'])."','".$botfull."','".mysql_real_escape_string($_POST['bank'])."','".mysql_real_escape_string($_POST['tonick'])."','".mysql_real_escape_string($_POST['ekr'])."');");
}else{
mysql_query("INSERT INTO `dilerdelo` (dilerid,dilername,bank,owner,ekr) values ('".mysql_real_escape_string($user['id'])."','".mysql_real_escape_string($user['login'])."','".mysql_real_escape_string($_POST['bank'])."','".mysql_real_escape_string($_POST['tonick'])."','".mysql_real_escape_string($_POST['ekr'])."');");
}
mysql_query("INSERT INTO `delo`(`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','".mysql_real_escape_string($tonick['id'])."','Получено ".mysql_real_escape_string($_POST['ekr'])." екр на счет №".mysql_real_escape_string($_POST['bank'])." от дилера ".$user['login']."',1,'".time()."');");
$us = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date` >= ".(time()-60)." AND `id` = '".$tonick['id']."' LIMIT 1;"));
if($us[0]){
addchp ('<font color=red>Внимание!</font> На ваш счет №'.$_POST['bank'].' переведено '.$_POST['ekr'].' екр. от дилера '.$user['login'].' ','{[]}'.$_POST['tonick'].'{[]}');
}else{
mysql_query("INSERT INTO `telegraph` (`owner`,`date`,`text`) values ('".$tonick['id']."','','".'<font color=red>Внимание!</font> На ваш счет №'.mysql_real_escape_string($_POST['bank']).' переведено '.mysql_real_escape_string($_POST['ekr']).' екр. от дилера '.mysql_real_escape_string($user['login']).' '."');");
}
mysql_query("UPDATE `bank` set `ekr` = ekr-'".mysql_real_escape_string($_POST['ekr'])."' WHERE `id` = '".mysql_real_escape_string($_SESSION['bankid'])."' LIMIT 1;");
print "<b><font color=red>Успешно зачислено {$_POST['ekr']} екр. на счет {$_POST['bank']} персонажа {$_POST['tonick']}!</font></b>";
}else{
print "<b><font color=red>Произошла ошибка!</font></b>";
}
}else{print "<b><font color=red>Вы не можете передавать персонажу {$_POST['tonick']} екры!</font></b>";}
}else{print "<b><font color=red>Счет номер {$_POST['bank']} не принадлежит персонажу {$_POST['tonick']}!</font></b>";}
}else{print "<b><font color=red>У Вас недостаточно екр. на счете!</font></b>";}
}else{print "<b><font color=red>Введите сумму, номер счета и ник персонажа!</font></b>";}
}
if ($_POST['checkbank']) {
if ($_POST['charlogin']) {
$tonick = mysql_fetch_array(mysql_query("SELECT login,id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['charlogin'])."' LIMIT 1;"));
$bankdb = mysql_query("SELECT owner,id FROM `bank` WHERE `owner` = '".mysql_real_escape_string($tonick['id'])."'");
print "Персонажу {$_POST['charlogin']} принадлежат счета: <br>";
while ($bank=mysql_fetch_array($bankdb)) {
print "№ {$bank['id']} <br>";
}
}
else if ($_POST['charbank']) {
$bank = mysql_fetch_array(mysql_query("SELECT owner,id FROM `bank` WHERE `id` = '".mysql_real_escape_string($_POST['charbank'])." 'LIMIT 1;"));
$tonick = mysql_fetch_array(mysql_query("SELECT login,id FROM `users` WHERE `id` = '".mysql_real_escape_string($bank['owner'])."' LIMIT 1;"));
print "Счет № {$_POST['charbank']} принадлежит персонажу {$tonick['login']} <br>";
}
}
}
?>
</TABLE>
</body>
</html>