battles/classes/utils_class.php

<?php

class Utils {
  
  public function get_inf($id, $login = null) {
    if($login != null) {
      return mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "'.mysql_real_escape_string($login).'" LIMIT 1'));
    } else {
      return mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.mysql_real_escape_string((int)$id).'" LIMIT 1'));
    }
  }
  
  public function show_fields($table) {
    $fields = array();
    $res = mysql_query("SHOW COLUMNS FROM `$table`");
    while($x = mysql_fetch_assoc($res)) {
      $fields[] = $x['Field'];
    }
    foreach($fields as $f) {
      echo "`".$f."`, ";
    }
  }
  
  public function SecureAll() {
    global $_POST, $_GET;
    $RichText = array("title", "text", "comment");
    if(count($_POST) > 0) {
      foreach($_POST as $k => $v) {
        if($v != null) {
          if(in_array($k, $RichText)) {
            $_POST[$k] = nl2br($_POST[$k]);
            $_POST[$k] = mysql_real_escape_string($_POST[$k]);
          } else {
            $_POST[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_POST[$k]);
          }
        }
      }
    }

    if(count($_GET) > 0) {
      foreach($_GET as $k => $v) {
        if($v != null)
          $_GET[$k] = preg_replace("/[^a-zA-Zа-яА-Я0-9_ -]/", "", $_GET[$k]);
        }
    }
  }
  
  public function Short($uid, $ad) {
    $us = $this->get_inf($uid);
    $clan_arr = mysql_fetch_assoc(mysql_query("SELECT `id`, `short` FROM `clans` WHERE `id` = '".$us['klan']."' LIMIT 1"));
    echo "login=".$us['login']."<br />";
    echo "level=".$us['level']."<br />";
    echo "align=".$us['align']."<br />";
    echo "klan=".$clan_arr['short']."<br />";
    echo "sex=".$us['sex']."<br />";
    echo "str=".$us['sila']."<br />";
    echo "agil=".$us['lovk']."<br />";
    echo "int=".$us['inta']."<br />";
    echo "dex=".$us['vinos']."<br />";
    echo "status=".$us['status']."<br />";
    echo "borncity=".$us['borncity']."<br />";
    echo "block=".$us['block']."<br />";
    echo "palmessage=".$us['palcom']."<br />";
    echo "online=".(int)(time()-$us['chattime'] < 60*5)."<br />";
    echo "hp=".$us['hp']."<br />";
    echo "maxhp=".$us['maxhp']."<br />";
    if($ad == 2.99) {
      echo "money=".$us['money']."<br />";
      echo "rep=".$us['doblest']."<br />";
      echo "laba=".$us['laba']."<br />";
      if($us['laba'] > 0) {
        echo "-----------------------<br />";
        echo "laba_x=".$us['x']."<br />";
        echo "laba_y=".$us['y']."<br />";
        echo "-----------------------<br />";
      }
      echo "room=".$us['room']."<br />";
    }
    echo "dress=";
    $dresses = mysql_query("SELECT `id`, `name`, `duration`, `maxdur` FROM `inventory` WHERE `owner` = '".$us['id']."' AND `dressed` = 1 AND `type` != 12");
    while($dr = mysql_fetch_array($dresses)) {
      echo $dr['name']." ".(int)$dr['duration']."/".(int)$dr['maxdur'].",";
    }
  }

}

$Utils = new Utils();