battles/ajax/downgrade_art.php
2018-01-28 18:40:49 +02:00

94 lines
5.7 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?
include('../config.php');
function sums($val, $proc) {
$r = 0;
$flor = (int)$val/100;
$pl = $flor*$proc;
$r += $pl;
return $r;
}
if($_POST['item']) {
if($_POST['user']) {
if($_POST['hash']) {
$uid = (int)$_POST['user'];
$arr = array(
7 => array('cost' => 2000, 'ghp' => 8, 'stat' => 1, 'bron' => 1, 'mf' => 7, 'mindur' => 30, 'minu' => 1, 'maxu' => 1),
8 => array('cost' => 3000, 'ghp' => 10, 'stat' => 1, 'bron' => 1, 'mf' => 10, 'mindur' => 40, 'minu' => 2, 'maxu' => 2),
9 => array('cost' => 7000, 'ghp' => 12, 'stat' => 1, 'bron' => 1, 'mf' => 13, 'mindur' => 50, 'minu' => 3, 'maxu' => 3),
10 => array('cost' => 10000, 'ghp' => 14, 'stat' => 1, 'bron' => 1, 'mf' => 16, 'mindur' => 60, 'minu' => 4, 'maxu' => 4),
11 => array('cost' => 15000, 'ghp' => 16, 'stat' => 1, 'bron' => 1, 'mf' => 19, 'mindur' => 70, 'minu' => 5, 'maxu' => 5),
12 => array('cost' => 36000, 'ghp' => 18, 'stat' => 1, 'bron' => 1, 'mf' => 22, 'mindur' => 80, 'minu' => 6, 'maxu' => 6)
);
$user = mysql_fetch_array(mysql_query('SELECT `id`, `login`, `doblest` FROM `users` WHERE `id` = "'.mysql_real_escape_string($uid).'" LIMIT 1'));
$salt = md5($user['login'].'|'.$user['id']);
if(isset($user['id'])) {
if($_POST['hash'] == $salt) {
$it = (int)$_POST['item'];
$item = mysql_fetch_array(mysql_query('SELECT * FROM `inventory` WHERE `owner` = "'.$user['id'].'" AND `id` = "'.mysql_real_escape_string($it).'" AND `point` > 0 AND `dressed` = 0 LIMIT 1'));
if(isset($item['id']) && ($item['nlevel'] <= 13 && $item['nlevel'] >= 7)) {
$level = $item['nlevel']-1;
if($user['doblest'] >= $arr[$level]['cost']) {
$user['doblest'] -= $arr[$level]['cost'];
mysql_query('UPDATE `users` SET `doblest` = "'.$user['doblest'].'" WHERE `id` = "'.$user['id'].'" LIMIT 1');
if($item['type'] != 3) {
$item['ghp'] -= $arr[$level]['ghp'];
if($item['bron1'] > 0) { $item['bron1'] -= 1; }
if($item['bron2'] > 0) { $item['bron2'] -= 1; }
if($item['bron3'] > 0) { $item['bron3'] -= 1; }
if($item['bron4'] > 0) { $item['bron4'] -= 1; }
if($item['mfkrit'] > 0) { $item['mfkrit'] -= sums($item['mfkrit'], $arr[$level]['mf']); }
if($item['mfakrit'] > 0) { $item['mfakrit'] -= sums($item['mfakrit'], $arr[$level]['mf']); }
if($item['mfuvorot'] > 0) { $item['mfuvorot'] -= sums($item['mfuvorot'], $arr[$level]['mf']); }
if($item['mfauvorot'] > 0) { $item['mfauvorot'] -= sums($item['mfauvorot'], $arr[$level]['mf']); }
if($item['gsila'] > 0) { $item['gsila'] -= $arr[$level]['stat']; }
if($item['glovk'] > 0) { $item['glovk'] -= $arr[$level]['stat']; }
if($item['ginta'] > 0) { $item['ginta'] -= $arr[$level]['stat']; }
if($item['gintel'] > 0) { $item['gintel'] -= $arr[$level]['stat']; }
}
if($item['type'] == 3) {
$item['minu'] -= $arr[$level]['minu']; $item['maxu'] -= $arr[$level]['minu'];
}
$item['nlevel'] -= 1;
if($item['nsila'] > 0) { $item['nsila'] -= 1; }
if($item['nlovk'] > 0) { $item['nlovk'] -= 1; }
if($item['ninta'] > 0) { $item['ninta'] -= 1; }
if($item['nvinos'] > 0) { $item['nvinos'] -= 1; }
if($item['nintel'] > 0) { $item['nintel'] -= 1; }
if($item['nnoj'] > 0) { $item['nnoj'] -= 1; }
if($item['ntopor'] > 0) { $item['ntopor'] -= 1; }
if($item['ndubina'] > 0) { $item['ndubina'] -= 1; }
if($item['nmech'] > 0) { $item['nmech'] -= 1; }
mysql_query('UPDATE `inventory` SET `nlevel` = "'.$item['nlevel'].'", `ghp` = "'.$item['ghp'].'", `bron1` = "'.$item['bron1'].'", `bron2` = "'.$item['bron2'].'", `bron3` = "'.$item['bron3'].'", `bron4` = "'.$item['bron4'].'", `mfkrit` = "'.$item['mfkrit'].'", `mfakrit` = "'.$item['mfakrit'].'", `mfuvorot` = "'.$item['mfuvorot'].'", `mfauvorot` = "'.$item['mfauvorot'].'", `gsila` = "'.$item['gsila'].'", `glovk` = "'.$item['glovk'].'", `ginta` = "'.$item['ginta'].'", `gintel` = "'.$item['gintel'].'", `minu` = "'.$item['minu'].'", `maxu` = "'.$item['maxu'].'", `nsila` = "'.$item['nsila'].'", `nlovk` = "'.$item['nlovk'].'", `ninta` = "'.$item['ninta'].'", `nvinos` = "'.$item['nvinos'].'", `nintel` = "'.$item['nintel'].'", `nnoj` = "'.$item['nnoj'].'", `ntopor` = "'.$item['ntopor'].'", `ndubina` = "'.$item['ndubina'].'", `nmech` = "'.$item['nmech'].'", `maxdur` = "'.$item['maxdur'].'", `duration` = "'.$item['duration'].'" WHERE `id` = "'.$item['id'].'" LIMIT 1');
###
mysql_query("INSERT INTO `delo` (`author`, `pers`, `text`, `type`, `date`) VALUES ('0', '{$user['id']}', '\"".$user['login']."\" понизил уровень предмета: \"".$item['name']."\" id:(".$item['id'].") [$item[duration]/".$item['maxdur']."] за ".$arr[$level]['cost']." реп, до уровня $item[nlevel].', 1, '".time()."')");
###
echo 'success';
} else {
echo 'Недостаточно репутации для операции ...';
}
} else {
echo 'Предмет не найден ... ['.$item['id'].' | '.$item['nlevel'].']';
}
} else {
echo 'Утеря параметров. Код ошибки: 1001001.';
}
} else {
echo 'А вы кто ???';
}
} else {
echo 'Утерян параметр #hash# ...';
}
} else {
echo 'А вы кто ???';
}
} else {
echo 'Выберите предмет!';
}
?>