game/fight/take.user.php

<?
header( 'Expires: Mon, 26 Jul 1970 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );
header( 'Content-Type: text/html; charset=windows-1251' );

define('GAME',true);
include('../_incl_data/class/__db_connect.php');
mysql_query('SET NAMES utf8');

if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
	$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass` = "'.mysql_real_escape_string($_COOKIE['pass']).'" LIMIT 1'));
	if( isset($user['id']) && $user['battle'] > 0 ) {
		//
		function json_fix_cyr($json_str) { 
			$cyr_chars = array ( 
				'\u0430' => '<27>', '\u0410' => '<27>', 
				'\u0431' => '<27>', '\u0411' => '<27>', 
				'\u0432' => '<27>', '\u0412' => '<27>', 
				'\u0433' => '<27>', '\u0413' => '<27>', 
				'\u0434' => '<27>', '\u0414' => '<27>', 
				'\u0435' => '<27>', '\u0415' => '<27>', 
				'\u0451' => '<27>', '\u0401' => '<27>', 
				'\u0436' => '<27>', '\u0416' => '<27>', 
				'\u0437' => '<27>', '\u0417' => '<27>', 
				'\u0438' => '<27>', '\u0418' => '<27>', 
				'\u0439' => '<27>', '\u0419' => '<27>', 
				'\u043a' => '<27>', '\u041a' => '<27>', 
				'\u043b' => '<27>', '\u041b' => '<27>', 
				'\u043c' => '<27>', '\u041c' => '<27>', 
				'\u043d' => '<27>', '\u041d' => '<27>', 
				'\u043e' => '<27>', '\u041e' => '<27>', 
				'\u043f' => '<27>', '\u041f' => '<27>', 
				'\u0440' => '<27>', '\u0420' => '<27>', 
				'\u0441' => '<27>', '\u0421' => '<27>', 
				'\u0442' => '<27>', '\u0422' => '<27>', 
				'\u0443' => '<27>', '\u0423' => '<27>', 
				'\u0444' => '<27>', '\u0424' => '<27>', 
				'\u0445' => '<27>', '\u0425' => '<27>', 
				'\u0446' => '<27>', '\u0426' => '<27>', 
				'\u0447' => '<27>', '\u0427' => '<27>', 
				'\u0448' => '<27>', '\u0428' => '<27>', 
				'\u0449' => '<27>', '\u0429' => '<27>', 
				'\u044a' => '<27>', '\u042a' => '<27>', 
				'\u044b' => '<27>', '\u042b' => '<27>', 
				'\u044c' => '<27>', '\u042c' => '<27>', 
				'\u044d' => '<27>', '\u042d' => '<27>', 
				'\u044e' => '<27>', '\u042e' => '<27>', 
				'\u044f' => '<27>', '\u042f' => '<27>', 
				
				'\r' => '', 
				'\n' => '<br />', 
				'\t' => '' 
			);
			foreach ($cyr_chars as $cyr_char_key => $cyr_char) { 
				$json_str = str_replace($cyr_char_key, $cyr_char, $json_str); 
			} 
			return $json_str; 
		}
		//
		$r = array();
		$p = array();
		$p['u'] = mysql_fetch_array(mysql_query('SELECT `id`,`login`,`level`,`align`,`clan`,`sex`,`obraz` FROM `users` WHERE `id` = "'.mysql_real_escape_string($_GET['uid']).'" LIMIT 1'));
		if(isset($p['u']['id'])) {
			$r = array(
				'id' => $p['u']['id'],
				'login' => $p['u']['login'],
				'level' => $p['u']['level'],
				'sex' => $p['u']['sex'],
				'obraz' => $p['u']['obraz'],
				'align' => $p['u']['align'],
				'clan' => $p['u']['clan']
			);
		}else{
			$r['error'] = 1;
		}
		//
		echo json_fix_cyr(json_encode($r));
		//echo json_encode($r);
	}else{
		echo 'false';
	}
}
?>