diff --git a/news_script/index.php b/news_script/index.php
index 64c3c7b5..03c9954d 100644
--- a/news_script/index.php
+++ b/news_script/index.php
@@ -12,11 +12,10 @@ $url = explode('/', $url[0]);
Database::init();
/* Пользователь */
-$u = mysql_fetch_array(
- mysql_query(
- 'SELECT `id`,`login`,`banned`,`admin`,`clan`,`align`,`level`,`molch1`,`molch2` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
- $_COOKIE['login']) . '"')
-);
+$u = User::getInfo($_COOKIE['login']);
+
+$pg = 0;
+$p = 1;
if ($url[2] > 0) {
$_GET['st'] = $url[2];
@@ -53,8 +52,7 @@ if ($u['level'] < 5) {
if ($add[0] == 1) {
$pac = mysql_fetch_array(
mysql_query(
- 'SELECT * FROM `events_news` WHERE `comment` > 0 AND `time` > "' . (time(
- ) - 60) . '" AND `uid` = "' . $u['id'] . '" LIMIT 1'
+ 'SELECT * FROM `events_news` WHERE `comment` > 0 AND `time` > "' . (time() - 60) . '" AND `uid` = "' . $u['id'] . '" LIMIT 1'
)
);
if (isset($pac['id'])) {
@@ -157,7 +155,7 @@ if ($u['admin'] > 0 || in_array($u['align'], $pal_al) || in_array($u['align'], $
<!DOCTYPE html>
<html lang="ru-RU">
<head>
-
+
<meta name="viewport" content="width=device-width"/>
<title>Новости браузерной онлайн игры Новый «Бойцовский клуб»</title>
<meta name="keywords"
@@ -270,7 +268,7 @@ if ($u['admin'] > 0) {
$p_my[0]
) . '" or `r` = "' . mysql_real_escape_string(
$p_my[1]
- ) . '") AND `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string(
+ ) . '") AND `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st']
) . '" LIMIT 1'
);
@@ -278,13 +276,13 @@ if ($u['admin'] > 0) {
$sp = mysql_query(
'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p
- ) . '" AND `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string(
+ ) . '" AND `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st']
) . '" LIMIT 1'
);
} else {
$sp = mysql_query(
- 'SELECT * FROM `events_news` WHERE `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string(
+ 'SELECT * FROM `events_news` WHERE `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st']
) . '" LIMIT 1'
);
@@ -296,7 +294,7 @@ if ($u['admin'] > 0) {
if ($url[4] > 0) {
//Удаляем комментарий
mysql_query(
- 'UPDATE `events_news` SET `delete` = "1" WHERE `id` = "' . mysql_real_escape_string(
+ 'UPDATE `events_news` SET `delete` = 1 WHERE `id` = "' . mysql_real_escape_string(
$url[4]
) . '" LIMIT 1'
);
@@ -308,7 +306,7 @@ if ($u['admin'] > 0) {
} elseif (!isset($url[4])) {
//Удаляем новость
mysql_query(
- 'UPDATE `events_news` SET `delete` = "1" WHERE `id` = "' . mysql_real_escape_string(
+ 'UPDATE `events_news` SET `delete` = 1 WHERE `id` = "' . mysql_real_escape_string(
$url[2]
) . '" LIMIT 1'
);
@@ -335,8 +333,7 @@ if ($u['admin'] > 0) {
"' . $u['ip'] . '",
"' . $u['city'] . '",
"' . $u['cityreg'] . '",
- "' . $pl['r'] . '","' . time(
- ) . '","' . $u['id'] . '","","' . mysql_real_escape_string(
+ "' . $pl['r'] . '","' . time() . '","' . $u['id'] . '","","' . mysql_real_escape_string(
$_POST['text_com']
) . '","' . $pl['id'] . '")'
);
@@ -592,17 +589,17 @@ if ($u['admin'] > 0) {
$p_my[0]
) . '" or `r` = "' . mysql_real_escape_string(
$p_my[1]
- ) . '") AND `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
+ ) . '") AND `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
);
} elseif ($p == 2) {
$sp = mysql_query(
'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p
- ) . '" AND `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
+ ) . '" AND `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
);
} else {
$sp = mysql_query(
- 'SELECT * FROM `events_news` WHERE `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
+ 'SELECT * FROM `events_news` WHERE `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
);
}
while ($pl = mysql_fetch_array($sp)) {
@@ -718,7 +715,7 @@ if ($u['admin'] > 0) {
mysql_query(
'SELECT COUNT(`id`) FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p
- ) . '" AND `delete` = "0" AND `comment` = "0"'
+ ) . '" AND `delete` = 0 AND `comment` = 0'
)
);
?>