diff --git a/_incl_data/class/User.php b/_incl_data/class/User.php index d3e5131e..f8e91a15 100644 --- a/_incl_data/class/User.php +++ b/_incl_data/class/User.php @@ -1610,32 +1610,14 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` public function addItem($id, $uid, $md = null, $dn = null, $mxiznos = null, $nosudba = null, $plavka = null) { $rt = -1; - $i = mysql_fetch_array( - mysql_query( - 'SELECT `im`.`id`,`im`.`name`,`im`.`img`,`im`.`type`,`im`.`inslot`,`im`.`2h`,`im`.`2too`,`im`.`iznosMAXi`,`im`.`inRazdel`,`im`.`price1`,`im`.`price2`,`im`.`pricerep`,`im`.`magic_chance`,`im`.`info`,`im`.`massa`,`im`.`level`,`im`.`magic_inci`,`im`.`overTypei`,`im`.`group`,`im`.`group_max`,`im`.`geni`,`im`.`ts`,`im`.`srok`,`im`.`class`,`im`.`class_point`,`im`.`anti_class`,`im`.`anti_class_point`,`im`.`max_text`,`im`.`useInBattle`,`im`.`lbtl`,`im`.`lvl_itm`,`im`.`lvl_exp`,`im`.`lvl_aexp` FROM `items_main` AS `im` WHERE `im`.`id` = "' . mysql_real_escape_string( - $id - ) . '" LIMIT 1' - ) - ); + $i = Db::getRow('select * from items_main where id = ?', [$id]); if (isset($i['id'])) { - $d = mysql_fetch_array( - mysql_query( - 'SELECT `id`,`items_id`,`data` FROM `items_main_data` WHERE `items_id` = "' . $i['id'] . '" LIMIT 1' - ) - ); + $d = Db::getRow('select id, items_id, data from items_main_data where items_id = ?', [$i['id']]); //новая дата $data = $d['data']; - if ($i['ts'] > 0) { - if ($nosudba == null) { - $ui = mysql_fetch_array( - mysql_query( - 'SELECT `id`,`login` FROM `users` WHERE `id` = "' . mysql_real_escape_string( - $uid - ) . '" LIMIT 1' - ) - ); - $data .= '|sudba=' . $ui['login']; - } + if ($i['ts'] > 0 && $nosudba == null) { + $ui = Db::getValue('select login from users where id = ?', [$uid]); + $data .= '|sudba=' . $ui; } if ($md != null) { $data .= $md; @@ -1643,7 +1625,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` $data = $this->impStats($data); } - //предмет с настройками из подземелья if ($dn != null && $dn['dn_delete'] > 0) { $i['dn_delete'] = 1; @@ -1656,25 +1637,21 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` } else { $room = $this->info['city']; } - $ins = mysql_query( - 'INSERT INTO `items_users` (`overType`,`item_id`,`uid`,`data`,`iznosMAX`,`geniration`,`magic_inc`,`maidin`,`lastUPD`,`time_create`,`dn_delete`) VALUES ( - "' . $i['overTypei'] . '", - "' . $i['id'] . '", - "' . $uid . '", - "' . $data . '", - "' . $i['iznosMAXi'] . '", - "' . $i['geni'] . '", - "' . $i['magic_inci'] . '", - "' . $room . '", - "' . time() . '", - "' . time() . '", - "' . $i['dn_delete'] . '")' - ); - if ($ins) { - $rt = mysql_insert_id(); - mysql_query( - 'UPDATE `items_users` SET `dn_delete` = "1" WHERE `id` = "' . $rt . '" AND `data` LIKE "%dn_delete=%" LIMIT 1' - ); + $args = [ + $i['overTypei'], + $i['id'], + $uid, + $data, + $i['iznosMAXi'], + $i['geni'], + $i['magic_inci'], + $room, + $i['dn_delete'] ?? 0, + ]; + Db::sql('insert into items_users (overType, item_id, uid, data, iznosMAX, geniration, magic_inc, maidin, lastUPD, time_create, dn_delete) values (?,?,?,?,?,?,?,?,unix_timestamp(),unix_timestamp(),?)', $args); + $rt = Db::lastInsertId() ?? 0; + if ($rt !== 0) { + Db::sql('update items_users set dn_delete = 1 where id = ? and data like ?', [$rt, '%dn_delete=%']); if ($uid == $this->info['id']) { $this->stack($rt); } @@ -1684,12 +1661,15 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` } //Записываем в личное дело что предмет получен $this->addDelo( - 1, $uid, - '"AddItems.' . $this->info['city'] . '": Получен предмет "' . $i['name'] . '" (x1) [#' . $i['iid'] . ']. ' . $ads . '', - time(), $this->info['city'], 'AddItems.' . $this->info['city'] . '', 0, 0 + 1, + $uid, + '"AddItems.' . $this->info['city'] . '": Получен предмет "' . $i['name'] . '" (x1) [#' . $i['iid'] . ']. ' . $ads . '', + time(), + $this->info['city'], + 'AddItems.' . $this->info['city'] . '', + 0, + 0 ); - } else { - $rt = 0; } } return $rt; @@ -1725,7 +1705,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` return $bus['login_BIG']; } - public function microLogin(int $id, int $t, int $nnz = 1): string + public function microLogin(int $id, int $t = 1, int $nnz = 1): string { if ($t !== 1) { $inf['id'] = $id; @@ -4096,7 +4076,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` public function addDelo($type, $uid, $txt, $tm, $ct, $frm, $mo, $mi, $vvv = false) { return Db::sql( - 'insert into users_delo (uid, dop, time, city, text, login, `delete`, ip, moneyOut, type) values (?,?,?,?,?,?,?,?,?,?)', + 'insert into users_delo (uid, dop, time, city, text, login, `delete`, ip, moneyOut, type, no_right) values (?,?,?,?,?,?,?,?,?,?,?)', [ $uid, $vvv, @@ -4108,6 +4088,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` $_SERVER['HTTP_X_REAL_IP'], $mo, $type, + '', ] ); } diff --git a/modules_data/_friends.php b/modules_data/_friends.php index 551b8110..f63645a8 100644 --- a/modules_data/_friends.php +++ b/modules_data/_friends.php @@ -1,507 +1,701 @@ - var elem = document.getElementById('se-pre-con'); - elem.parentNode.removeChild(elem); - - "; -if(!defined('GAME')) -{ - die(); +/** @var $u User */ + +use Core\Config; +use Core\Db; + +echo " +"; +if (!defined('GAME')) { + die(); +} +if ($u->info['exp'] > 100000 && isset($_GET['ignore'])) { + $_POST['friendadd'] = $_GET['ignore']; + $_POST['group'] = 3; + $_POST['comment'] = 'Игнор из чата'; + $_POST['sd4'] = 1; + $_POST['x'] = 4; + $_POST['y'] = 6; + $frd = mysql_fetch_array( + mysql_query( + "SELECT id,login FROM `users` WHERE `login` = '" . mysql_real_escape_string( + $_POST['friendadd'] + ) . "' ORDER BY `id` LIMIT 1;" + ) + ); + $frd20 = mysql_fetch_array( + mysql_query( + "SELECT id,enemy,friend,notinlist,ignor FROM `friends` WHERE `user` = '" . $u->info['id'] . "' and (`friend`='" . $frd['id'] . "' or `enemy`='" . $frd['id'] . "' or `notinlist`='" . $frd['id'] . "' or `ignor`='" . $frd['id'] . "') LIMIT 1;" + ) + ); + if (isset($frd20['id'])) { + mysql_query('DELETE FROM `friends` WHERE `id` = "' . $frd20['id'] . '" LIMIT 1'); + if ($frd20['ignor'] == $frd['id']) { + echo "Персонаж был успешно удален из списка игнорирования."; + echo ''; + unset($_POST['friendadd'], $_POST['group'], $_POST['comment'], $_POST['sd4']); + } + } } - if ($u->info['exp']>100000) - { - if(isset($_GET['ignore'])) { - $_POST['friendadd'] = $_GET['ignore']; - $_POST['group'] = 3; - $_POST['comment'] = 'Игнор из чата'; - $_POST['sd4'] = 1; - $_POST['x'] = 4; - $_POST['y'] = 6; - $frd = mysql_fetch_array(mysql_query("SELECT id,login FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendadd'])."' ORDER BY `id` ASC LIMIT 1;")); - $frd20 = mysql_fetch_array(mysql_query("SELECT id,enemy,friend,notinlist,ignor FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."' or `ignor`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); - if(isset($frd20['id'])) { - mysql_query('DELETE FROM `friends` WHERE `id` = "'.mysql_real_escape_string($frd20['id']).'" LIMIT 1'); - if( $frd20['ignor'] == $frd['id'] ) { - echo"Персонаж был успешно удален из списка игнорирования."; - echo ''; - unset($_POST['friendadd'],$_POST['group'],$_POST['comment'],$_POST['sd4']); - } - } - } - } - $clr_fr = mysql_query('SELECT `id`,`friend`,`enemy`,`ignor` FROM `friends` WHERE `user` = "'.$u->info['id'].'"'); - while($clr_frd = mysql_fetch_array($clr_fr)) { - if($clr_frd['friend'] > 0) { - $usr_tst = mysql_fetch_array(mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "'.$clr_frd['friend'].'" LIMIT 1')); - }elseif($clr_frd['enemy'] > 0) { - $usr_tst = mysql_fetch_array(mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "'.$clr_frd['enemy'].'" LIMIT 1')); - }elseif($clr_frd['ignor'] > 0) { - $usr_tst = mysql_fetch_array(mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "'.$clr_frd['ignor'].'" LIMIT 1')); - } - if(!isset($usr_tst['id']) || $usr_tst['login'] == 'delete') { - mysql_query('DELETE FROM `friends` WHERE `id` = "'.$clr_frd['id'].'" LIMIT 1'); - } - } +$clr_fr = mysql_query('SELECT `id`,`friend`,`enemy`,`ignor` FROM `friends` WHERE `user` = "' . $u->info['id'] . '"'); +while ($clr_frd = mysql_fetch_array($clr_fr)) { + if ($clr_frd['friend'] > 0) { + $usr_tst = mysql_fetch_array( + mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "' . $clr_frd['friend'] . '" LIMIT 1') + ); + } elseif ($clr_frd['enemy'] > 0) { + $usr_tst = mysql_fetch_array( + mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "' . $clr_frd['enemy'] . '" LIMIT 1') + ); + } elseif ($clr_frd['ignor'] > 0) { + $usr_tst = mysql_fetch_array( + mysql_query('SELECT `id`,`login` FROM `users` WHERE `id` = "' . $clr_frd['ignor'] . '" LIMIT 1') + ); + } + if (!isset($usr_tst['id']) || $usr_tst['login'] == 'delete') { + mysql_query('DELETE FROM `friends` WHERE `id` = "' . $clr_frd['id'] . '" LIMIT 1'); + } +} -$friend = mysql_fetch_array(mysql_query("SELECT * FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;")); +$friend = mysql_fetch_array( + mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $u->info['id'] . "' LIMIT 1;") +); $st = $u->lookStats($u->info['stats']); -$addfr = mysql_fetch_array(mysql_query("SELECT count(`id`) FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."';")); +$addfr = mysql_fetch_array( + mysql_query("SELECT count(`id`) FROM `friends` WHERE `user` = '" . $u->info['id'] . "';") +); $addf = 20; -if($st['os5']>0) { - $addf = 20+($st['os5']*5); +if ($st['os5'] > 0) { + $addf = 20 + ($st['os5'] * 5); } -if($addfr[0]<$addf){ - $canadd = 'onclick=\'findlogin2("Добавить в список", "main.php?friends", "friendadd", new Array("Друзья","Враги","Не в группе","Игнорирование"), new Array())\''; -}else{$canadd = 'disabled';} -if($_POST['sd4'] && $_POST['friendadd']){ - $_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL); - if(/*preg_match("/__/",$_POST['friendadd']) ||*/ preg_match("/--/",$_POST['friendadd'])){ - echo"Персонаж не найден."; - }else{ - $frd = mysql_fetch_array(mysql_query("SELECT `id`,`login` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendadd'])."' LIMIT 1;")); - } - $_POST['comment']=htmlspecialchars($_POST['comment'],NULL); - $frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist,ignor FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."' or `ignor`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); - if(!$frd['id']){echo"Персонаж не найден.";} - elseif($frd['id']==$u->info['id']){echo"Себя добавить нельзя.";} - elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"Введен неверный текст.";} - elseif($frd2['enemy'] or $frd2['friend'] or $frd2['notinlist'] or $frd2['ignor']){ - echo"Персонаж уже есть в вашем списке."; - } - else{ - $lign = ''; - $uign = ''; - if($_POST['group']==0){$notinlist=0; $friend=$frd['id']; $enemy=0; $ignor = 0;} - elseif($_POST['group']==1){$notinlist=0; $friend=0; $enemy=$frd['id']; $ignor = 0;} - elseif($_POST['group']==3){$notinlist=0; $friend=0; $enemy=0; $ignor = $frd['id']; $lign = $frd['login']; $uign = $u->info['login']; } - else{$notinlist=$frd['id']; $friend=0; $enemy=0; $ignor = 0;} - mysql_query("INSERT INTO `friends` (`user`, `friend`, `enemy`, `notinlist`, `comment`,`ignor`,`login_ignor`,`user_ignor`) VALUES(".mysql_real_escape_string($u->info['id']).", ".mysql_real_escape_string($friend).", ".mysql_real_escape_string($enemy).", ".mysql_real_escape_string($notinlist).", '".mysql_real_escape_string($_POST['comment'])."', '".mysql_real_escape_string($ignor)."','".$lign."','".$uign."');"); - echo"Персонаж ".$_POST['friendadd']." добавлен."; - if( $ignor > 0 ) { - echo ''; - } - } +if ($addfr[0] < $addf) { + $canadd = 'onclick=\'findlogin2("Добавить в список", "main.php?friends", "friendadd", new Array("Друзья","Враги","Не в группе","Игнорирование"), new Array())\''; +} else { + $canadd = 'disabled'; +} +if ($_POST['sd4'] && $_POST['friendadd']) { + $_POST['friendadd'] = htmlspecialchars($_POST['friendadd'], null); + if (/*preg_match("/__/",$_POST['friendadd']) ||*/ + preg_match("/--/", $_POST['friendadd'])) { + echo "Персонаж не найден."; + } else { + $frd = mysql_fetch_array( + mysql_query( + "SELECT `id`,`login` FROM `users` WHERE `login` = '" . mysql_real_escape_string( + $_POST['friendadd'] + ) . "' LIMIT 1;" + ) + ); + $_POST['comment'] = htmlspecialchars($_POST['comment'], null); + $frd2 = mysql_fetch_array( + mysql_query( + "SELECT enemy,friend,notinlist,ignor FROM `friends` WHERE `user` = '" . $u->info['id'] . "' and (`friend`='" . $frd['id'] . "' or `enemy`='" . $frd['id'] . "' or `notinlist`='" . $frd['id'] . "' or `ignor`='" . $frd['id'] . "') LIMIT 1;")); + if (!$frd['id']) { + echo "Персонаж не найден."; + } elseif ($frd['id'] == $u->info['id']) { + echo "Себя добавить нельзя."; + } elseif (preg_match("/__/", $_POST['comment']) || preg_match("/--/", $_POST['comment'])) { + echo "Введен неверный текст."; + } elseif ($frd2['enemy'] or $frd2['friend'] or $frd2['notinlist'] or $frd2['ignor']) { + echo "Персонаж уже есть в вашем списке."; + } else { + $lign = ''; + $uign = ''; + if ($_POST['group'] == 0) { + $notinlist = 0; + $friend = $frd['id']; + $enemy = 0; + $ignor = 0; + } elseif ($_POST['group'] == 1) { + $notinlist = 0; + $friend = 0; + $enemy = $frd['id']; + $ignor = 0; + } elseif ($_POST['group'] == 3) { + $notinlist = 0; + $friend = 0; + $enemy = 0; + $ignor = $frd['id']; + $lign = $frd['login']; + $uign = $u->info['login']; + } else { + $notinlist = $frd['id']; + $friend = 0; + $enemy = 0; + $ignor = 0; + } + mysql_query( + "INSERT INTO `friends` (`user`, `friend`, `enemy`, `notinlist`, `comment`,`ignor`,`login_ignor`,`user_ignor`) VALUES(" . $u->info['id'] . ", " . $friend . ", " . $enemy . ", " . $notinlist . ", '" . mysql_real_escape_string($_POST['comment']) . "', '" . $ignor . "','" . $lign . "','" . $uign . "');"); + echo "Персонаж " . $_POST['friendadd'] . " добавлен."; + if ($ignor > 0) { + echo ''; + } + } + } } -if($_GET['friendremove']){ - $_GET['friendremove']=htmlspecialchars($_GET['friendremove'],NULL); - if(preg_match("/__/",$_GET['friendremove']) || preg_match("/--/",$_GET['friendremove'])){ - echo"Персонаж не найден."; - }else{ - $frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_GET['friendremove'])."' LIMIT 1;")); - } - if(!$frd['id']){echo"Персонаж не найден.";} - else{ - $frd2 = mysql_fetch_array(mysql_query("SELECT ignor,enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."' or `ignor`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); - if(!$frd2['enemy'] && !$frd2['friend'] && !$frd2['ignor'] && !$frd2['notinlist']){echo"Персонаж не найден в вашем списке."; - }else{ - if($frd2['friend']>0){$per="`friend`='".$frd2['friend']."'";} - if($frd2['enemy']>0){$per="`enemy`='".$frd2['enemy']."'";} - if($frd2['notinlist']>0){$per="`notinlist`='".$frd2['notinlist']."'";} - if($frd2['ignor']>0){$per="`ignor`='".$frd2['ignor']."'";} - if(mysql_query("DELETE FROM `friends` WHERE `user`='".mysql_real_escape_string($u->info['id'])."' and ".$per.";")){echo"Данные контакта ".$_GET['friendremove']." успешно удалены.";echo '';} - } - } +if ($_GET['friendremove']) { + $_GET['friendremove'] = htmlspecialchars($_GET['friendremove'], null); + if (preg_match("/__/", $_GET['friendremove']) || preg_match("/--/", $_GET['friendremove'])) { + echo "Персонаж не найден."; + } else { + $frd = mysql_fetch_array( + mysql_query( + "SELECT id FROM `users` WHERE `login` = '" . mysql_real_escape_string( + $_GET['friendremove'] + ) . "' LIMIT 1;" + ) + ); + if (!$frd['id']) { + echo "Персонаж не найден."; + } else { + $frd2 = mysql_fetch_array( + mysql_query( + "SELECT ignor,enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $u->info['id'] . "' and (`friend`='" . $frd['id'] . "' or `enemy`='" . $frd['id'] . "' or `notinlist`='" . $frd['id'] . "' or `ignor`='" . $frd['id'] . "') LIMIT 1;")); + if (!$frd2['enemy'] && !$frd2['friend'] && !$frd2['ignor'] && !$frd2['notinlist']) { + echo "Персонаж не найден в вашем списке."; + } else { + $per = ''; + if ($frd2['friend'] > 0) { + $per = " and `friend`='" . $frd2['friend'] . "'"; + } + if ($frd2['enemy'] > 0) { + $per = " and `enemy`='" . $frd2['enemy'] . "'"; + } + if ($frd2['notinlist'] > 0) { + $per = " and `notinlist`='" . $frd2['notinlist'] . "'"; + } + if ($frd2['ignor'] > 0) { + $per = " and `ignor`='" . $frd2['ignor'] . "'"; + } + if (mysql_query( + "DELETE FROM `friends` WHERE `user`='" . $u->info['id'] . "'" . $per . ";" + )) { + echo "Данные контакта " . $_GET['friendremove'] . " успешно удалены."; + echo ''; + } + } + } + } } - -if($_POST['friendedit']){ - $_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL); - if(preg_match("/__/",$_POST['friendedit']) || preg_match("/--/",$_POST['friendedit'])){ - echo"Персонаж не найден."; - }else{ - $frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendedit'])."' LIMIT 1;")); - } - $_POST['comment']=htmlspecialchars($_POST['comment'],NULL); - if(!$frd['id']){echo"Персонаж не найден.";} - elseif($frd['id']==$u->info['id']){echo"Себя отредактировать нельзя.";} - elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"Введен неверный текст.";} - else{ - if($_POST['group']==0){$notinlist=0; $friend=$frd['id']; $enemy=0; $ignor = 0;} - elseif($_POST['group']==1){$notinlist=0; $friend=0; $enemy=$frd['id']; $ignor = 0;} - elseif($_POST['group']==3){$notinlist=0; $friend=0; $enemy=0; $ignor = $frd['id'];} - else{$notinlist=$frd['id']; $friend=0; $enemy=0; $ignor = 0;} - $frd2 = mysql_fetch_array(mysql_query("SELECT ignor,enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."' or `ignor`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); - if(!$frd2['enemy'] && !$frd2['friend'] && !$frd2['ignor'] && !$frd2['notinlist']){echo"Персонаж не найден в вашем списке.";} - else{ - if($frd2['friend']>0){$per="`friend`='".mysql_real_escape_string($frd2['friend'])."'";} - if($frd2['enemy']>0){$per="`enemy`='".mysql_real_escape_string($frd2['enemy'])."'";} - if($frd2['notinlist']>0){$per="`notinlist`='".mysql_real_escape_string($frd2['notinlist'])."'";} - if($frd2['ignor']>0){$per="`ignor`='".$frd2['ignor']."'";} - $comment = $_POST['comment']; - mysql_query("UPDATE `friends` SET `friend` = '".mysql_real_escape_string($friend)."',`enemy` = '".mysql_real_escape_string($enemy)."',`notinlist` = '".mysql_real_escape_string($notinlist)."',`comment` = '".mysql_real_escape_string($comment)."',`ignor` = '".mysql_real_escape_string($ignor)."' WHERE `user`='".mysql_real_escape_string($u->info['id'])."' and $per"); - echo"Данные контакта ".$_POST['friendedit']." успешно изменены."; - if( $ignor > 0 ) { - echo ''; - }else{ - echo ''; - } - } - } +if ($_POST['friendedit']) { + $_POST['friendedit'] = htmlspecialchars($_POST['friendedit'], null); + if (preg_match("/__/", $_POST['friendedit']) || preg_match("/--/", $_POST['friendedit'])) { + echo "Персонаж не найден."; + } else { + $frd = mysql_fetch_array( + mysql_query( + "SELECT id FROM `users` WHERE `login` = '" . mysql_real_escape_string( + $_POST['friendedit'] + ) . "' LIMIT 1;" + ) + ); + $_POST['comment'] = htmlspecialchars($_POST['comment'], null); + if (empty($frd['id'])) { + echo "Персонаж не найден."; + } elseif ($frd['id'] == $u->info['id']) { + echo "Себя отредактировать нельзя."; + } elseif (preg_match("/__/", $_POST['comment']) || preg_match("/--/", $_POST['comment'])) { + echo "Введен неверный текст."; + } else { + if ($_POST['group'] == 0) { + $notinlist = 0; + $friend = $frd['id']; + $enemy = 0; + $ignor = 0; + } elseif ($_POST['group'] == 1) { + $notinlist = 0; + $friend = 0; + $enemy = $frd['id']; + $ignor = 0; + } elseif ($_POST['group'] == 3) { + $notinlist = 0; + $friend = 0; + $enemy = 0; + $ignor = $frd['id']; + } else { + $notinlist = $frd['id']; + $friend = 0; + $enemy = 0; + $ignor = 0; + } + $frd2 = mysql_fetch_array( + mysql_query( + "SELECT ignor,enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $u->info['id'] . "' and (`friend`='" . $frd['id'] . "' or `enemy`='" . $frd['id'] . "' or `notinlist`='" . $frd['id'] . "' or `ignor`='" . $frd['id'] . "') LIMIT 1;" + ) + ); + if (!$frd2['enemy'] && !$frd2['friend'] && !$frd2['ignor'] && !$frd2['notinlist']) { + echo "Персонаж не найден в вашем списке."; + } else { + $per = ''; + if ($frd2['friend'] > 0) { + $per = " and `friend`='" . $frd2['friend'] . "'"; + } + if ($frd2['enemy'] > 0) { + $per = " and `enemy`='" . $frd2['enemy'] . "'"; + } + if ($frd2['notinlist'] > 0) { + $per = " and `notinlist`='" . $frd2['notinlist'] . "'"; + } + if ($frd2['ignor'] > 0) { + $per = " and `ignor`='" . $frd2['ignor'] . "'"; + } + $comment = $_POST['comment']; + mysql_query( + "UPDATE `friends` SET `friend` = '" . mysql_real_escape_string($friend) . "',`enemy` = '" . $enemy . "',`notinlist` = '" . $notinlist . "',`comment` = '" . mysql_real_escape_string($comment) . "',`ignor` = '" . $ignor . "' WHERE `user`='" . $u->info['id'] . "'$per"); + echo "Данные контакта " . $_POST['friendedit'] . " успешно изменены."; + if ($ignor > 0) { + echo ''; + } else { + echo ''; + } + } + } + } } + +function printDealersOnline(): void +{ + global $u; + $query = 'select id from users where (inUser > 0 or online > unix_timestamp() - 120) and (align = 50 or align2 = 50)'; + $stmt = Db::getColumn($query); + if (empty($stmt)) { + echo 'Нет алхимиков онлайн.'; + } else { + foreach ($stmt as $dealerId) { + echo $u->microLogin($dealerId) . '
'; + } + } +} + +function printBukmekersOnline(): void +{ + global $u; + $query = 'select id from users where (inUser > 0 or online > unix_timestamp() - 120) and bukmeker = 1'; + $stmt = Db::getColumn($query); + if (empty($stmt)) { + echo 'Нет букмекеров онлайн.'; + } else { + foreach ($stmt as $dealerId) { + echo $u->microLogin($dealerId) . '
'; + } + } +} + +function printModeratorsOnline(): void +{ + global $u; + $query = 'select id from users where (inUser > 0 or online > unix_timestamp() - 120) and (align >= 1 and align <= 2 or align >=3 and align <=4 or align2 >= 1 and align2 <= 2 or align2 >=3 and align2 <=4)'; + $stmt = Db::getColumn($query); + if (empty($stmt)) { + echo 'Нет модераторов онлайн.'; + } else { + foreach ($stmt as $dealerId) { + echo $u->microLogin($dealerId) . '
'; + } + } +} + ?> -
- - + + +
- - - -info['id'])."' and `notinlist`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, `battle`, + + - - - + FROM `users` WHERE `id` = '" . mysql_real_escape_string( + $row['ignor'] + ) . "' ORDER BY online DESC, login ASC;" + ) + ); + if ($u->info['city'] == $us['city']) { + $us['city'] = ''; + } + $i++; + if ($i == 1) { + ?> + + + + + + (time() - 120)) { + $rrm = $us['room']; + } else { + $rrm = ''; + } + ?> + + + + + + + +

Контакты

microLogin($u->info['id'],1)?>

+ + + + + info['id'] + ) . "' and `notinlist`>0;" + ); + while ($row = mysql_fetch_array($data)) { + $us = mysql_fetch_array( + mysql_query( + "SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, `battle`, (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['notinlist'])."';")); -//function w(login,id,align,klan,level,online, city, battle) -if ($us['online']>(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -if($u->info['city']==$us['city']){$us['city']='';} -?> - - - - -info['id'])."' and `enemy`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, + FROM `users` WHERE `id` = '" . mysql_real_escape_string($row['notinlist']) . "';" + ) + ); + //function w(login,id,align,klan,level,online, city, battle) + if ($us['online'] > (time() - 120)) { + $rrm = $us['room']; + } else { + $rrm = ''; + } + if ($u->info['city'] == $us['city']) { + $us['city'] = ''; + } + ?> + + + + + info['id'] + ) . "' and `enemy`>0;" + ); + $n = 0; + while ($row = mysql_fetch_array($data)) { + $us = mysql_fetch_array( + mysql_query( + "SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['enemy'])."';")); -if($u->info['city']==$us['city']){$us['city']='';} - $n++; -if($n==1){ + FROM `users` WHERE `id` = '" . mysql_real_escape_string($row['enemy']) . "';" + ) + ); + if ($u->info['city'] == $us['city']) { + $us['city'] = ''; + } + $n++; + if ($n == 1) { -?> - - - - - -(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - - - -info['id'])."' and `friend`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, + ?> + + + + + + (time() - 120)) { + $rrm = $us['room']; + } else { + $rrm = ''; + } + ?> + + + + info['id'] + ) . "' and `friend`>0;" + ); + while ($row = mysql_fetch_array($data)) { + $us = mysql_fetch_array( + mysql_query( + "SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['friend'])."' ORDER BY online DESC, login ASC;")); -if($u->info['city']==$us['city']){$us['city']='';} - $i++; -if($i==1){ -?> - - - - - -(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - - - -info['city'] == $us['city']) { + $us['city'] = ''; + } + $i++; + if ($i == 1) { + ?> + + + + + + (time() - 120)) { + $rrm = $us['room']; + } else { + $rrm = ''; + } + ?> + + + + info['id'])."' and `ignor`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, + $data = mysql_query( + "SELECT `ignor`,`comment` FROM `friends` WHERE `user` = '" . mysql_real_escape_string( + $u->info['id'] + ) . "' and `ignor`>0;" + ); + while ($row = mysql_fetch_array($data)) { + $us = mysql_fetch_array( + mysql_query( + "SELECT `id`,`login`,`clan`,`level`,`align`,`align2`,`room`,`online`,`city`, (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['ignor'])."' ORDER BY online DESC, login ASC;")); -if($u->info['city']==$us['city']){$us['city']='';} - $i++; -if($i==1){ -?> - - - - - -(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - - - - - - - -

Контакты

microLogin($u->info['id']) ?>

+
-", "", "2", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'>
+ + + + + + ", "", "2", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'> +

Враги

-", "", "1", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'>

Враги

+
+ + + + + + ", "", "1", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'> +

Друзья

-", "", "0", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'>

Друзья

+
+ + + + + + ", "", "0", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'> +

Игнорирование

-", "", "0", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'>
> -    -
  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Именинник

Модераторы on-line

-
- - '".(time()-120)."' AND ((align>1 and align<2 and align!=1.2) or (align>3 and align<4)) AND `city` = '".mysql_real_escape_string($u->info['city'])."' order by align asc;")); -if(!$chk['id']) {echo'К сожалению в данный момент никого из модераторов нет в городе.';}?> -

Дилеры

-
- - '".(time()-120)."' AND ((align>1 and align<2 and align!=1.2) or (align>3 and align<4)) AND `city` = '".mysql_real_escape_string($u->info['city'])."' order by align asc;")); -if(!$chk['id']) {echo'К сожалению в данный момент никого из Алхимиков нет в городе.';}?> -
-
- - '".(time()-120)."' AND (( `align` = 50 OR `align2` = 50 ) AND `admin` = 0) AND `city` = '".mysql_real_escape_string($u->info['city'])."' order by align asc;")); -//if(!$chk['id']) {echo'К сожалению в данный момент никого из модераторов нет в городе.';}?> -

Букмекеры

-
- -info['city'])."' order by bukmeker asc;")); -if(!$chk['id']) {echo'К сожалению в данный момент никого из букмекеров нет в городе.';}?> -

+ Игнорирование

+ + + + + + ", "", "0", new Array( "Друзья","Враги","Не в группе","Игнорирование" ), "", new Array( ), "");'> +
+ > +     + +
+ 		  + + + + + + + + + + + + + + + + + + + + + + +
+ +   +

Модераторы on-line

+ +

Дилеры

+ +

Букмекеры

+ +
+
-
- +
+ diff --git a/modules_data/_friends_.php b/modules_data/_friends_.php deleted file mode 100644 index cc5897ca..00000000 --- a/modules_data/_friends_.php +++ /dev/null @@ -1,358 +0,0 @@ -info['id'])."' LIMIT 1;")); - - -if($_POST['sd4'] && $_POST['friendadd']){ -$_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL); -if(preg_match("/__/",$_POST['friendadd']) || preg_match("/--/",$_POST['friendadd'])){ -echo"Персонаж не найден."; -}else{ - $frd = mysql_fetch_array(mysql_query("SELECT `id` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendadd'])."' LIMIT 1;")); -} -$_POST['comment']=htmlspecialchars($_POST['comment'],NULL); -$frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); -if(!$frd['id']){echo"Персонаж не найден.";} -elseif($frd['id']==$u->info['id']){echo"Себя добавить нельзя.";} -elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"Введен неверный текст.";} -elseif($frd2['enemy'] or $frd2['friend'] or $frd2['notinlist']){echo"Персонаж уже есть в вашем списке.";} -else{ -if($_POST['group']==0){$notinlist=0; $friend=$frd['id']; $enemy=0;} -elseif($_POST['group']==1){$notinlist=0; $friend=0; $enemy=$frd['id'];} -else{$notinlist=$frd['id']; $friend=0; $enemy=0;} -mysql_query("INSERT INTO `friends` (`user`, `friend`, `enemy`, `notinlist`, `comment`) VALUES(".mysql_real_escape_string($u->info['id']).", ".mysql_real_escape_string($friend).", ".mysql_real_escape_string($enemy).", ".mysql_real_escape_string($notinlist).", '".mysql_real_escape_string($_POST['comment'])."');"); -echo"Персонаж ".$_POST['friendadd']." добавлен."; -} -} - -if($_POST['friendremove']){ -$_POST['friendremove']=htmlspecialchars($_POST['friendremove'],NULL); -if(preg_match("/__/",$_POST['friendremove']) || preg_match("/--/",$_POST['friendremove'])){ -echo"Персонаж не найден."; -}else{ - $frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendremove'])."' LIMIT 1;")); -} -if(!$frd['id']){echo"Персонаж не найден.";} -else{$frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); -if(!$frd2['enemy'] && !$frd2['friend'] && !$frd2['notinlist']){echo"Персонаж не найден в вашем списке.";}else{ -if($frd2['friend']>0){$per="`friend`='".$frd2['friend']."'";} -if($frd2['enemy']>0){$per="`enemy`='".$frd2['enemy']."'";} -if($frd2['notinlist']>0){$per="`notinlist`='".$frd2['notinlist']."'";} -if(mysql_query("DELETE FROM `friends` WHERE `user`='".mysql_real_escape_string($u->info['id'])."' and ".$per.";")){echo"Данные контакта ".$_POST['friendremove']." успешно удалены.";} -} - - -} - -} - - - -if($_POST['friendedit']){ - - - -$_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL); -if(preg_match("/__/",$_POST['friendedit']) || preg_match("/--/",$_POST['friendedit'])){ -echo"Персонаж не найден."; -}else{ - $frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendedit'])."' LIMIT 1;")); -} -$_POST['comment']=htmlspecialchars($_POST['comment'],NULL); -if(!$frd['id']){echo"Персонаж не найден.";} -elseif($frd['id']==$u->info['id']){echo"Себя отредактировать нельзя.";} -elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"Введен неверный текст.";} -else{ - -if($_POST['group']==0){$notinlist=0; $friend=$frd['id']; $enemy=0;} -elseif($_POST['group']==1){$notinlist=0; $friend=0; $enemy=$frd['id'];} -else{$notinlist=$frd['id']; $friend=0; $enemy=0;} -$frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;")); -if(!$frd2['enemy'] && !$frd2['friend'] && !$frd2['notinlist']){echo"Персонаж не найден в вашем списке.";}else{ -if($frd2['friend']>0){$per="`friend`='".mysql_real_escape_string($frd2['friend'])."'";} -if($frd2['enemy']>0){$per="`enemy`='".mysql_real_escape_string($frd2['enemy'])."'";} -if($frd2['notinlist']>0){$per="`notinlist`='".mysql_real_escape_string($frd2['notinlist'])."'";} -$comment = $_POST['comment']; -mysql_query("UPDATE `friends` SET `friend` = '".mysql_real_escape_string($friend)."',`enemy` = '".mysql_real_escape_string($enemy)."',`notinlist` = '".mysql_real_escape_string($notinlist)."',`comment` = '".mysql_real_escape_string($comment)."' WHERE `user`='".mysql_real_escape_string($u->info['id'])."' and $per"); -echo"Данные контакта ".$_POST['friendedit']." успешно изменены."; -} - - -} - -} - - - -?> - - - - - - - - - - - -
- - - - - - -
- - - -info['id'])."' and `notinlist`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`room`,`online`,`city`, - (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, - (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['notinlist'])."';"));?> - - - - - - -info['id'])."' and `enemy`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`room`,`online`,`city`, - (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, - (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['enemy'])."';")); - - $n++; -if($n==1){ -?> - - - - - - - - - -info['id'])."' and `friend`>0;"); - while ($row = mysql_fetch_array($data)) { - $us=mysql_fetch_array(mysql_query("SELECT `id`,`login`,`clan`,`level`,`align`,`room`,`online`,`city`, - (select `name_mini` from `clan` WHERE `id` = users.`clan`) as `klan`, - (select `name` from `room` WHERE `id` = users.`room`) as `room` - FROM `users` WHERE `id` = '".mysql_real_escape_string($row['friend'])."' ORDER BY online DESC, login ASC;")); - $i++; -if($i==1){ -?> - - - - - - - - - - - - -

Контакты

-(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - -", "", "2", new Array( "Друзья","Враги","Не в группе" ), "", new Array( ), "");'>

Враги

-(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - -", "", "1", new Array( "Друзья","Враги","Не в группе" ), "", new Array( ), "");'>

Друзья

-(time()-120)) { -$rrm = $us['room']; -}else{ -$rrm = ''; -} -?> - -", "", "7", new Array( "Друзья","Враги","Не в группе" ), "", new Array( ), "");'>
-    -
  - - - - - - - - - - - - -

Модераторы on-line

-
- - '".(time()-120)."' AND ((align>1 and align<2 and align!=1.2) or (align>3 and align<4)) AND `city` = '".mysql_real_escape_string($u->info['city'])."' order by align asc;")); -if(!$chk['id']) {echo'К сожалению в данный момент никого из модераторов нет в городе.';}?> -
Уважаемые Игроки!
Для более быстрого и эффективного решения Вашей проблемы просьба обращаться к тем паладинам или тарманам, ники которых находятся вверху списка «Модераторы on-line». -
Цените свое и чужое время!
P.S. не пишите всем модераторам сразу и воздержитесь от вопросов стажерам - они находятся в процессе получения знаний - -
- -