battles/elka.php

304 lines
12 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
session_start();
if ($_SESSION['uid'] == null) header("Location: index.php");
include "config.php";
$user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '{$_SESSION['uid']}' LIMIT 1;"));
include "functions.php";
/* payment func */
include 'payment_f.php';
?>
<HTML><HEAD>
<link rel=stylesheet type="text/css" href="css/main.css">
<meta content="text/html; charset=utf-8" http-equiv=Content-type>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>
</HEAD>
<body leftmargin=5 topmargin=5 marginwidth=5 marginheight=5 bgcolor=#e0e0e0>
<TABLE border=0 width=100% cellspacing="0" cellpadding="0">
<FORM action="city.php" method=GET>
<tr><td><h3>Новогодняя елка 2017!</td><td align=right>
<INPUT TYPE="submit" value="Вернуться" name="cp"></td></tr>
</FORM>
</table>
<?
if ($_GET['fail']) {
echo '<font color=red>Операция была отменена.</font>';
}
if ($_GET['suk']) {
echo '<font color=red>Заказ скоро появится у вас в инвентаре... Спасибо за покупку!</font>';
}
if ($_POST['fail']) {
echo '<font color=red>Операция была отменена.</font>';
}
if ($_GET['givepodarok'] && !$user['podarokAD']) {
echo '<font color=red>До нового года осталось ',(31-(int)date("d")),' дней, поздравляю!...</font>';
mysql_query("INSERT INTO `inventory` (`owner`,`img`,`maxdur`,`type`,`magic`,`present`,`name`) VALUES ('".$user['id']."','podarokNY.gif','1','50','7','Новый Год','Новогодний подарок');");
$idd = mysql_insert_id();
mysql_query("INSERT INTO `paket` VALUES(".$idd.", '$"."vv = rand(0,4);\r\nswitch($"."vv) {\r\n case 0 :\r\n return \"INSERT INTO `inventory` (`owner`,`maxdur`,`name`,`img`,`cost`,`dategoden`,`type`,`goden`, `magic`) values (''\".$"."user[''id''].\"'',''1'',''Макет Меча Кромуса'',''asword41.gif'',''0'',''\".(time()+1296000).\"'',''3'',''15'',0),(''\".$"."user[''id''].\"'',''5'',''Бутерброд &quot;Новогодний&quot;'',''food_l8.gif'',''0'',''\".(time()+1296000).\"'',''50'',''15'',8)\";\r\n break;\r\n case 1 :\r\n return \"INSERT INTO `inventory` (`owner`,`maxdur`,`name`,`img`,`cost`,`dategoden`,`type`,`goden`, `magic`) values (''\".$"."user[''id''].\"'',''1'',''Макет Шита Ангела'',''ashield3.gif'',''0'',''\".(time()+1296000).\"'',''10'',''15'',0),(''\".$"."user[''id''].\"'',''5'',''Бутерброд &quot;Новогодний&quot;'',''food_l8.gif'',''0'',''\".(time()+1296000).\"'',''50'',''15'',8)\";\r\n break;\r\n case 2 :\r\n return \"INSERT INTO `inventory` (`owner`,`maxdur`,`name`,`img`,`cost`,`dategoden`,`type`,`goden`, `magic`) values (''\".$"."user[''id''].\"'',''1'',''Макет Меча Героев'',''asword31.gif'',''0'',''\".(time()+1296000).\"'',''3'',''15'',0),(''\".$"."user[''id''].\"'',''5'',''Бутерброд &quot;Новогодний&quot;'',''food_l8.gif'',''0'',''\".(time()+1296000).\"'',''50'',''15'',8)\";\r\n break;\r\n case 3 :\r\n return \"INSERT INTO `inventory` (`owner`,`maxdur`,`name`,`img`,`cost`,`dategoden`,`type`,`goden`, `magic`) values (''\".$"."user[''id''].\"'',''1'',''Макет Брони Титанов'',''aarmor1.gif'',''0'',''\".(time()+1296000).\"'',''4'',''15'',0),(''\".$"."user[''id''].\"'',''5'',''Бутерброд &quot;Новогодний&quot;'',''food_l8.gif'',''0'',''\".(time()+1296000).\"'',''50'',''15'',8)\";\r\n break;\r\n}', '');");
echo mysql_error();
mysql_query("UPDATE `users` SET `podarokAD` = 1 WHERE `id` = '{$_SESSION['uid']}' LIMIT 1;");
}
if ($_POST['comment']) {
mysql_query('INSERT INTO `elka` (`who`,`date`,`text`) values (\''.nick::id($user['id'])->full(1).'\',\''.date("d.m.Y H:i").'\',\''.strip_tags($_POST['comment']).'\');');
}
$data = mysql_query("SELECT * FROM `elka` ORDER by `id` DESC LIMIT ".($_GET['page']*20).",20;");
?>
<table>
<tr><td>&nbsp; &nbsp;</td><Td>
<h4>Предметы</h4>
<?if ($user['podarokAD']==1) {print "<img src=\"i/sh/podarokNY_chb.gif\" border=0>";} else {print "<a href=\"?givepodarok=1\"><img src=\"i/sh/podarokNY.gif\" border=0></a>";} ?>
</td><td>&nbsp; &nbsp;</td>
<td>
<script>
var MD5 = function (string) {
function RotateLeft(lValue, iShiftBits) {
return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
}
function AddUnsigned(lX,lY) {
var lX4,lY4,lX8,lY8,lResult;
lX8 = (lX & 0x80000000);
lY8 = (lY & 0x80000000);
lX4 = (lX & 0x40000000);
lY4 = (lY & 0x40000000);
lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
if (lX4 & lY4) {
return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
}
if (lX4 | lY4) {
if (lResult & 0x40000000) {
return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
} else {
return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
}
} else {
return (lResult ^ lX8 ^ lY8);
}
}
function F(x,y,z) { return (x & y) | ((~x) & z); }
function G(x,y,z) { return (x & z) | (y & (~z)); }
function H(x,y,z) { return (x ^ y ^ z); }
function I(x,y,z) { return (y ^ (x | (~z))); }
function FF(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function GG(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function HH(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function II(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function ConvertToWordArray(string) {
var lWordCount;
var lMessageLength = string.length;
var lNumberOfWords_temp1=lMessageLength + 8;
var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
var lWordArray=Array(lNumberOfWords-1);
var lBytePosition = 0;
var lByteCount = 0;
while ( lByteCount < lMessageLength ) {
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount)<<lBytePosition));
lByteCount++;
}
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
lWordArray[lNumberOfWords-2] = lMessageLength<<3;
lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
return lWordArray;
};
function WordToHex(lValue) {
var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
for (lCount = 0;lCount<=3;lCount++) {
lByte = (lValue>>>(lCount*8)) & 255;
WordToHexValue_temp = "0" + lByte.toString(16);
WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
}
return WordToHexValue;
};
function Utf8Encode(string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
}
else if((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
}
else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
};
var x=Array();
var k,AA,BB,CC,DD,a,b,c,d;
var S11=7, S12=12, S13=17, S14=22;
var S21=5, S22=9 , S23=14, S24=20;
var S31=4, S32=11, S33=16, S34=23;
var S41=6, S42=10, S43=15, S44=21;
string = Utf8Encode(string);
x = ConvertToWordArray(string);
a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;
for (k=0;k<x.length;k+=16) {
AA=a; BB=b; CC=c; DD=d;
a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
d=GG(d,a,b,c,x[k+10],S22,0x2441453);
c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
a=II(a,b,c,d,x[k+0], S41,0xF4292244);
d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
c=II(c,d,a,b,x[k+6], S43,0xA3014314);
b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
a=AddUnsigned(a,AA);
b=AddUnsigned(b,BB);
c=AddUnsigned(c,CC);
d=AddUnsigned(d,DD);
}
var temp = WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);
return temp.toLowerCase();
}
function rehash() {
var ss = document.all['s_purse'].value+'::'+document.all['s_order_id'].value+'::'+document.all['s_amount'].value+'::'+document.all['s_clear_amount'].value+'::'+document.all['s_description'].value+'::<?=$secret_code?>';
document.all['s_sign'].value=MD5(ss);
}
</script>
<form method=post>
<h4>Сделайте подарки друзьям и близким ;)</h4>
<input type=hidden name="s_order_id" value="" id = "order">
<img onclick="document.all['order'].value='101<?=$user['id']?>'; rehash(); document.all['f1'].submit();" src="i/sh/card03.gif" alt="Раритетная открытка">
<img onclick="document.all['order'].value='102<?=$user['id']?>'; rehash(); document.all['f1'].submit();" src="i/sh/el1.gif" alt="Ель">
<img onclick="document.all['order'].value='103<?=$user['id']?>'; rehash(); document.all['f1'].submit();" src="i/sh/elka_w2.gif" alt="Ель с игрушками">
<img onclick="document.all['order'].value='104<?=$user['id']?>'; rehash(); document.all['f1'].submit();" src="i/sh/shar6.gif" alt="Сувенир <Сфера БК>">
<img onclick="document.all['order'].value='105<?=$user['id']?>'; rehash(); document.all['f1'].submit();" src="i/sh/food_l8.gif" alt="Бутерброд <Новогодний>">
</form>
</td>
</tr>
</table>
<BR>
<u>Посетители оставили надписи на стволе елки:</u> <?
$pgs = mysql_num_rows($data)/20;
for ($i=0;$i<=$pgs;++$i) {
echo ' <a href="?page=',$i,'">',($i+1),'</a> ';
}
?><BR>
<?
while($row = mysql_fetch_array($data)) {
echo '<span class=date>',$row['date'],'</span> ',$row['who'],' - ',$row['text'],'<BR>';
}
// 21.12.2009 05:02
?>
<form action='elka.php' method='post'>
Оставить сообщение: <INPUT TYPE="text" name="comment" SIZE="50" VALUE="" maxlength=150>
<input type="submit" name="" value="Добавить">
</form>
<div id="hint3" class="ahint"></div>
</BODY>
</HTML>