new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

PHP Warning: Undefined variable

Browse Source
This commit is contained in:
Ivor Barhansky 2023-08-29 11:42:53 +03:00
parent 045803087d
commit 6f006ed790
1 changed files with 16 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
news_script/index.php
View File

@ -12,11 +12,10 @@ $url = explode('/', $url[0]);
Database::init(); Database::init();
/* Пользователь */ /* Пользователь */
$u = mysql_fetch_array( $u = User::getInfo($_COOKIE['login']);
mysql_query(
'SELECT `id`,`login`,`banned`,`admin`,`clan`,`align`,`level`,`molch1`,`molch2` FROM `users` WHERE `login` = "' . mysql_real_escape_string( $pg = 0;
$_COOKIE['login']) . '"') $p = 1;
);
if ($url[2] > 0) { if ($url[2] > 0) {
$_GET['st'] = $url[2]; $_GET['st'] = $url[2];
@ -53,8 +52,7 @@ if ($u['level'] < 5) {
if ($add[0] == 1) { if ($add[0] == 1) {
$pac = mysql_fetch_array( $pac = mysql_fetch_array(
mysql_query( mysql_query(
'SELECT * FROM `events_news` WHERE `comment` > 0 AND `time` > "' . (time( 'SELECT * FROM `events_news` WHERE `comment` > 0 AND `time` > "' . (time() - 60) . '" AND `uid` = "' . $u['id'] . '" LIMIT 1'
) - 60) . '" AND `uid` = "' . $u['id'] . '" LIMIT 1'
) )
); );
if (isset($pac['id'])) { if (isset($pac['id'])) {
@ -270,7 +268,7 @@ if ($u['admin'] > 0) {
$p_my[0] $p_my[0]
) . '" or `r` = "' . mysql_real_escape_string( ) . '" or `r` = "' . mysql_real_escape_string(
$p_my[1] $p_my[1]
) . '") AND `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string( ) . '") AND `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st'] (int)$_GET['st']
) . '" LIMIT 1' ) . '" LIMIT 1'
); );
@ -278,13 +276,13 @@ if ($u['admin'] > 0) {
$sp = mysql_query( $sp = mysql_query(
'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string( 'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p $p
) . '" AND `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string( ) . '" AND `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st'] (int)$_GET['st']
) . '" LIMIT 1' ) . '" LIMIT 1'
); );
} else { } else {
$sp = mysql_query( $sp = mysql_query(
'SELECT * FROM `events_news` WHERE `delete` = "0" AND `comment` = "0" AND `id` = "' . mysql_real_escape_string( 'SELECT * FROM `events_news` WHERE `delete` = 0 AND `comment` = 0 AND `id` = "' . mysql_real_escape_string(
(int)$_GET['st'] (int)$_GET['st']
) . '" LIMIT 1' ) . '" LIMIT 1'
); );
@ -296,7 +294,7 @@ if ($u['admin'] > 0) {
if ($url[4] > 0) { if ($url[4] > 0) {
//Удаляем комментарий //Удаляем комментарий
mysql_query( mysql_query(
'UPDATE `events_news` SET `delete` = "1" WHERE `id` = "' . mysql_real_escape_string( 'UPDATE `events_news` SET `delete` = 1 WHERE `id` = "' . mysql_real_escape_string(
$url[4] $url[4]
) . '" LIMIT 1' ) . '" LIMIT 1'
); );
@ -308,7 +306,7 @@ if ($u['admin'] > 0) {
} elseif (!isset($url[4])) { } elseif (!isset($url[4])) {
//Удаляем новость //Удаляем новость
mysql_query( mysql_query(
'UPDATE `events_news` SET `delete` = "1" WHERE `id` = "' . mysql_real_escape_string( 'UPDATE `events_news` SET `delete` = 1 WHERE `id` = "' . mysql_real_escape_string(
$url[2] $url[2]
) . '" LIMIT 1' ) . '" LIMIT 1'
); );
@ -335,8 +333,7 @@ if ($u['admin'] > 0) {
"' . $u['ip'] . '", "' . $u['ip'] . '",
"' . $u['city'] . '", "' . $u['city'] . '",
"' . $u['cityreg'] . '", "' . $u['cityreg'] . '",
"' . $pl['r'] . '","' . time( "' . $pl['r'] . '","' . time() . '","' . $u['id'] . '","","' . mysql_real_escape_string(
) . '","' . $u['id'] . '","","' . mysql_real_escape_string(
$_POST['text_com'] $_POST['text_com']
) . '","' . $pl['id'] . '")' ) . '","' . $pl['id'] . '")'
); );
@ -592,17 +589,17 @@ if ($u['admin'] > 0) {
$p_my[0] $p_my[0]
) . '" or `r` = "' . mysql_real_escape_string( ) . '" or `r` = "' . mysql_real_escape_string(
$p_my[1] $p_my[1]
) . '") AND `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10' ) . '") AND `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
); );
} elseif ($p == 2) { } elseif ($p == 2) {
$sp = mysql_query( $sp = mysql_query(
'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string( 'SELECT * FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p $p
) . '" AND `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10' ) . '" AND `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
); );
} else { } else {
$sp = mysql_query( $sp = mysql_query(
'SELECT * FROM `events_news` WHERE `delete` = "0" AND `comment` = "0" ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10' 'SELECT * FROM `events_news` WHERE `delete` = 0 AND `comment` = 0 ORDER BY `time` DESC LIMIT ' . ((int)(10 * $pg)) . ' , 10'
); );
} }
while ($pl = mysql_fetch_array($sp)) { while ($pl = mysql_fetch_array($sp)) {
@ -718,7 +715,7 @@ if ($u['admin'] > 0) {
mysql_query( mysql_query(
'SELECT COUNT(`id`) FROM `events_news` WHERE `r` = "' . mysql_real_escape_string( 'SELECT COUNT(`id`) FROM `events_news` WHERE `r` = "' . mysql_real_escape_string(
$p $p
) . '" AND `delete` = "0" AND `comment` = "0"' ) . '" AND `delete` = 0 AND `comment` = 0'
) )
); );
?> ?>