new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Maksym #25

Merged
DarksLight2 merged 3 commits from Maksym into dev-php74-utf8 2023-01-10 22:51:02 +00:00
Conversation 0 Commits 3 Files Changed 9 +1433 -2591
152 changed files with 1433 additions and 2591 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 23a2de0d17 - Show all commits

267
1
View File

@ -1,267 +0,0 @@
---[10-Jan-2023 18:23:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:23:34 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:40 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:46 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:52 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:52 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:54 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:23:58 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:03 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:04 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:11 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:17 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:25 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:33 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:24:43 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:24:52 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:25:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:25:13 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:25:24 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:25:34 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:25:44 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:25:54 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:26:03 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:26:09 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:26:12 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:26:16 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:26:24 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:69
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 69
[10-Jan-2023 18:27:13 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:27:15 Europe/Moscow] PHP Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number in /home/newcom1/public_html/_incl_data/class/Core/Db.php:88
Stack trace:
#0 /home/newcom1/public_html/_incl_data/class/Core/Db.php(142): Core\Db::run('update users se...', Array)
#1 /home/newcom1/public_html/settings.php(40): Core\Db::sql('update users se...', Array)
#2 {main}
thrown in /home/newcom1/public_html/_incl_data/class/Core/Db.php on line 88
[10-Jan-2023 18:28:54 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:29:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:29:55 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:31:00 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:31:22 Europe/Moscow] PHP Fatal error: Uncaught PDOException: SQLSTATE[HY093]: Invalid parameter number in /home/newcom1/public_html/_incl_data/class/Core/Db.php:88
Stack trace:
#0 /home/newcom1/public_html/_incl_data/class/Core/Db.php(142): Core\Db::run('update users se...', Array)
#1 /home/newcom1/public_html/settings.php(40): Core\Db::sql('update users se...', Array)
#2 {main}
thrown in /home/newcom1/public_html/_incl_data/class/Core/Db.php on line 88
[10-Jan-2023 18:32:22 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:33:24 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:34:34 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:35:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:35:37 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:41:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:42:22 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:43:04 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:47:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:48:21 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:53:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:54:21 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:59:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:59:14 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 18:59:57 Europe/Moscow] PHP Warning: Use of undefined constant loto - assumed 'loto' (this will throw an Error in a future version of PHP) in /home/newcom1/public_html/lotowork.php on line 137
[10-Jan-2023 19:00:21 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:02:16 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:04:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:05:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:05:45 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:06:22 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:10:40 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:11:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:11:42 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:12:21 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:12:45 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:13:49 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:14:38 Europe/Moscow] PHP Warning: user->info is empty in constructor in /home/newcom1/public_html/_incl_data/class/User.php on line 1813
[10-Jan-2023 19:17:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:18:21 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:19:16 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:19:21 Europe/Moscow] PHP Warning: user->info is empty in constructor in /home/newcom1/public_html/_incl_data/class/User.php on line 1813
[10-Jan-2023 19:20:23 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30
[10-Jan-2023 19:23:02 Europe/Moscow] PHP Fatal error: Uncaught Error: Call to undefined method User::onlineBonus() in /home/newcom1/public_html/online.php:30
Stack trace:
#0 {main}
thrown in /home/newcom1/public_html/online.php on line 30

6
AI.php
View File

@ -10,7 +10,7 @@
if (isset($_GET['m1'])) {
define('GAME', true);
setlocale(LC_CTYPE, "ru_RU.CP1251");
include_once '_incl_data/__config.php';
include_once '_incl_data/class/__db_connect.php';
@ -22,7 +22,7 @@ if (isset($_GET['m1'])) {
} elseif (isset($_GET['bk1'])) {
define('GAME', true);
setlocale(LC_CTYPE, "ru_RU.CP1251");
include('_incl_data/__config.php');
include('_incl_data/class/__db_connect.php');
@ -149,7 +149,7 @@ if (!isset($_GET['robot']) && UserIp::get() != $_SERVER['SERVER_ADDR'] && UserIp
const GAME = true;
setlocale(LC_CTYPE, "ru_RU.CP1251");
include('_incl_data/__config.php');
include('_incl_data/class/__db_connect.php');

1
_incl_data/__config.php
View File

@ -5,7 +5,6 @@ use Insallah\Tournaments\Tournament;
error_reporting(E_ALL ^ E_NOTICE);
ini_set('display_errors', 'Off');
//setlocale(LC_CTYPE, "ru_RU.CP1251");
date_default_timezone_set('Europe/Moscow');
header('Cache-Control: no-cache, no-store, must-revalidate');

575
_incl_data/class/ComissionShop.php Normal file
View File

@ -0,0 +1,575 @@
<?php
class ComissionShop
{
public function commisionShop($sid, $preview = "full")
{
global $c, $code, $sid;
switch ((int)$_GET['otdel']) {
case 1:
$typeOtdel = 18;
break;
case 2:
$typeOtdel = 19;
break;
case 3:
$typeOtdel = 20;
break;
case 4:
$typeOtdel = 21;
break;
case 5:
$typeOtdel = 22;
break;
case 6:
$typeOtdel = 15;
break;
case 7:
$typeOtdel = 12;
break;
case 8:
$typeOtdel = 4;
break;
case 9:
$typeOtdel = 5;
break;
case 10:
$typeOtdel = 6;
break;
case 11:
$typeOtdel = 1;
break;
case 12:
$typeOtdel = 3;
break;
case 13:
$typeOtdel = 8;
break;
case 14:
$typeOtdel = 14;
break;
case 15:
$typeOtdel = 13;
break;
case 16:
$typeOtdel = 9;
break;
case 17:
$typeOtdel = 10;
break;
case 18:
$typeOtdel = 11;
break;
case 19:
$typeOtdel = 29;
break;
case 20:
$typeOtdel = 30;
break;
case 1050:
$typeOtdel = 1050;
break;
default :
$typeOtdel = 18;
}
if ($typeOtdel != 1050) {
if ($preview == "full") {
$cl = mysql_query(
'SELECT `items_users`.`id`,`items_users`.`item_id`,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id`,`items_main`.`name`,`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,`items_main`.`lvl_aexp`, count(`items_users`.`id`) as inGroupCount
FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`)
WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` = "' . mysql_real_escape_string(
$typeOtdel
) . '" and `items_users`.`item_id` = "' . (int)$_GET['itemid'] . '" GROUP BY `items_users`.`inGroup`, `items_users`.`uid`,`items_users`.`1price` HAVING `items_users`.inGroup > 0
UNION ALL SELECT `items_users`.`id`,`items_users`.`item_id`,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id`,`items_main`.`name`,`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,`items_main`.`lvl_aexp`, count(`items_users`.`id`) as inGroupCount
FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`)
WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` = "' . mysql_real_escape_string(
$typeOtdel
) . '" and `items_users`.`item_id` = "' . (int)$_GET['itemid'] . '" GROUP BY `items_users`.`uid`, `items_users`.`1price` HAVING `items_users`.inGroup = 0
ORDER BY `1price`ASC , inGroupCount DESC'
);
} else {
$cl = mysql_query(
'SELECT `items_users`.`id`,`items_users`.`item_id`,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id`,`items_main`.`name`,`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,`items_main`.`lvl_aexp` FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`) WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` = "' . mysql_real_escape_string(
$typeOtdel
) . '" GROUP BY `items_users`.`item_id` ORDER BY `items_main`.`id` DESC'
);
}
} else {
if ($preview == "full") {
$cl = mysql_query(
'SELECT
`items_users`.`id` as id, `items_users`.`id` AS `idu`,`items_users`.`item_id` as item_id,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,
`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,
`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,
`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,
`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id` as item_id,`items_main`.`name`,
`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,
`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,
`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,
`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,
`items_main`.`lvl_aexp` , count(`items_users`.`id`) as inGroupCount
FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`)
WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`item_id` = "' . (int)$_GET['itemid'] . '"
AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` != "18" AND `items_main`.`type` != "19" AND `items_main`.`type` != "20" AND `items_main`.`type` != "21" AND `items_main`.`type` != "22" AND `items_main`.`type` != "15" AND `items_main`.`type` != "12" AND `items_main`.`type` != "4" AND `items_main`.`type` != "5" AND `items_main`.`type` != "6" AND `items_main`.`type` != "1" AND `items_main`.`type` != "3" AND `items_main`.`type` != "8" AND `items_main`.`type` != "14" AND `items_main`.`type` != "13" AND `items_main`.`type` != "9" AND `items_main`.`type` != "10" AND `items_main`.`type` != "11" AND `items_main`.`type` != "29" AND `items_main`.`type` != "30"
GROUP BY `items_users`.`inGroup`, `items_users`.`uid`,`items_users`.`1price` HAVING `items_users`.inGroup > 0
UNION ALL
SELECT `items_users`.`id` as id, `items_users`.`id` AS `idu`,`items_users`.`item_id` as item_id,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,
`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,
`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,
`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,
`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id` as item_id,`items_main`.`name`,
`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,
`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,
`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,
`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,
`items_main`.`lvl_aexp`, count(`items_users`.`id`) as inGroupCount
FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`)
WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`item_id` = "' . (int)$_GET['itemid'] . '"
AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` != "18" AND `items_main`.`type` != "19" AND `items_main`.`type` != "20" AND `items_main`.`type` != "21" AND `items_main`.`type` != "22" AND `items_main`.`type` != "15" AND `items_main`.`type` != "12" AND `items_main`.`type` != "4" AND `items_main`.`type` != "5" AND `items_main`.`type` != "6" AND `items_main`.`type` != "1" AND `items_main`.`type` != "3" AND `items_main`.`type` != "8" AND `items_main`.`type` != "14" AND `items_main`.`type` != "13" AND `items_main`.`type` != "9" AND `items_main`.`type` != "10" AND `items_main`.`type` != "11" AND `items_main`.`type` != "29" AND `items_main`.`type` != "30"
GROUP BY `items_users`.`uid`,`items_users`.`1price` HAVING `items_users`.inGroup = 0
ORDER BY `1price`ASC , inGroupCount DESC'
);
} else {
$cl = mysql_query(
'SELECT `items_users`.`id`, `items_users`.`id` AS `idu`,`items_users`.`item_id`,`items_users`.`1price`,`items_users`.`2price`,`items_users`.`uid`,`items_users`.`use_text`,`items_users`.`data`,`items_users`.`inOdet`,`items_users`.`inShop`,`items_users`.`delete`,`items_users`.`iznosNOW`,`items_users`.`iznosMAX`,`items_users`.`gift`,`items_users`.`gtxt1`,`items_users`.`gtxt2`,`items_users`.`kolvo`,`items_users`.`geniration`,`items_users`.`magic_inc`,`items_users`.`maidin`,`items_users`.`lastUPD`,`items_users`.`timeOver`,`items_users`.`overType`,`items_users`.`secret_id`,`items_users`.`time_create`,`items_users`.`inGroup`,`items_users`.`dn_delete`,`items_users`.`inTransfer`,`items_users`.`post_delivery`,`items_users`.`lbtl_`,`items_users`.`bexp`,`items_users`.`so`,`items_users`.`blvl`,`items_main`.`id`,`items_main`.`name`,`items_main`.`img`,`items_main`.`type`,`items_main`.`inslot`,`items_main`.`2h`,`items_main`.`2too`,`items_main`.`iznosMAXi`,`items_main`.`inRazdel`,`items_main`.`price1`,`items_main`.`price2`,`items_main`.`magic_chance`,`items_main`.`info`,`items_main`.`massa`,`items_main`.`level`,`items_main`.`magic_inci`,`items_main`.`overTypei`,`items_main`.`group`,`items_main`.`group_max`,`items_main`.`geni`,`items_main`.`ts`,`items_main`.`srok`,`items_main`.`class`,`items_main`.`class_point`,`items_main`.`anti_class`,`items_main`.`anti_class_point`,`items_main`.`max_text`,`items_main`.`useInBattle`,`items_main`.`lbtl`,`items_main`.`lvl_itm`,`items_main`.`lvl_exp`,`items_main`.`lvl_aexp` FROM `items_users` LEFT JOIN `items_main` ON (`items_main`.`id` = `items_users`.`item_id`) WHERE (( `items_users`.time_create + `items_main`.srok) > unix_timestamp() OR `items_main`.srok = "0") AND `items_users`.`delete`="0" AND `items_users`.`inOdet`="0" AND `items_users`.`inShop`="30" and `items_main`.`type` != "18" AND `items_main`.`type` != "19" AND `items_main`.`type` != "20" AND `items_main`.`type` != "21" AND `items_main`.`type` != "22" AND `items_main`.`type` != "15" AND `items_main`.`type` != "12" AND `items_main`.`type` != "4" AND `items_main`.`type` != "5" AND `items_main`.`type` != "6" AND `items_main`.`type` != "1" AND `items_main`.`type` != "3" AND `items_main`.`type` != "8" AND `items_main`.`type` != "14" AND `items_main`.`type` != "13" AND `items_main`.`type` != "9" AND `items_main`.`type` != "10" AND `items_main`.`type` != "11" AND `items_main`.`type` != "29" AND `items_main`.`type` != "30" GROUP BY `items_users`.`item_id` ORDER BY `items_main`.`id` DESC'
);
}
}
$cr = 'c8c8c8';
$i = 0;
$steckCikl = 1;
while ($pl = mysql_fetch_array($cl)) {
// количетсво одинаковых предметов в комке
if ($preview == "preview") {
$steck = ['--', '--', '--', '--'];
}
if ($cr == 'd4d4d4') {
$cr = 'c8c8c8';
} else {
$cr = 'd4d4d4';
}
if ($preview == "preview" && ($steck[0] > 1 && $steck[0] > $steckCikl)) {
++$steckCikl;
} else {
$steckCikl = 1;
$d = mysql_fetch_array(
mysql_query(
'SELECT `id`,`items_id`,`data` FROM `items_main_data` WHERE `items_id` = "' . $pl['item_id'] . '" LIMIT 1'
)
);
if ($steck[0] > 1 && $preview == "preview") {
$po = $this->lookStats($d['data']);
} else {
$po = $this->lookStats($pl['data']);
}
if (($pl['type'] >= 18 && $pl['type'] <= 24) || $pl['type'] == 26 || $pl['type'] == 27) {
//Зоны блока +
if ($pl['inOdet'] != 14) {
$po['zonb']++;
}
}
$is2 = '';
$is1 = '<img src="https://img.new-combats.com/i/items/' . $pl['img'] . '"><br>';
if ($preview == "full") {
$is1 .= '<a href="?otdel=' . ((int)$_GET['otdel']) . '&toRent=3&itemid=' . (int)$_GET['itemid'] . '&buy=' . $pl[0] . '&sd4=' . $this->info['nextAct'] . '&rnd=' . $code . ' " >купить</a> ';
} elseif ($preview == "preview") {
$is1 .= '<a href="?otdel=' . ((int)$_GET['otdel']) . '&toRent=3&itemid=' . $pl['item_id'] . ' " >Просмотреть</a> ';
}
//название
$col = $this->itemsX($pl[0]);
if ($col > 1 && $pl['inGroup'] != 0 && $pl['inGroupCount'] > 1) {
$pl['kolvo'] = $col;
$pl['name'] .= ' (x' . $col . ')';
}
$is2 .= '<a href="https://new-combats.com/item/' . $pl['item_id'] . '" target="_blank">' . $pl['name'] . '</a> &nbsp; &nbsp;';
if ($pl['massa'] > 0 && $preview == "full") {
$is2 .= '(Масса: ' . round($pl['massa'], 2) . ')';
if ($pl['gift'] != '') {
$ttl = '';
if ($pl['gift'] == 1) {
$ttl = 'Вы не можете передать этот предмет кому-либо';
} else {
$ttl = 'Этот предмет подарил ' . $pl['gift'] . '. Вы не сможете передать этот предмет кому-либо еще';
}
$is2 .= ' <img title="' . $ttl . '" src="https://img.new-combats.com/i/podarok.gif">';
}
if (isset($po['art'])) {
$is2 .= ' <img title="Артефакт" src="https://img.new-combats.com/i/artefact.gif">';
}
if (isset($po['sudba'])) {
if ($po['sudba'] == '0') {
$is2 .= ' <img title="Этот предмет будет связан общей судьбой с первым, кто наденет его. Никто другой не сможет его использовать." src="https://img.new-combats.com/i/destiny0.gif">';
} elseif ($po['sudba'] == '1') {
$is2 .= ' <img title="Этот предмет будет связан общей судьбой с первым, кто возьмет предмет. Никто другой не сможет его использовать." src="https://img.new-combats.com/i/destiny0.gif">';
} else {
$is2 .= ' <img title="Этот предмет связан общей судьбой с ' . $po['sudba'] . '. Никто другой не сможет его использовать." src="https://img.new-combats.com/i/desteny.gif">';
}
}
}
//цена
$is2 .= '<br><strong>Цена: ';
if ($steck[0] > 1 && $preview == "preview") {
$is2 .= $steck[3] . '-' . $steck[4] . ' кр.</strong> ';
} else {
$is2 .= $pl['1price'] . ' кр.</strong> ';
}
if ($pl['pricerep'] > 0) {
$is2 .= ' <small><strong>(' . round($pl['pricerep'], 2) . ' Воинственности)</strong></small>';
}
//долговечность
if ($pl['iznosMAX'] > 0) {
$izcol = '';
if (floor($pl['iznosNOW']) >= (floor($pl['iznosMAX']) - ceil($pl['iznosMAX']) / 100 * 20)) {
$izcol = 'brown';
}
}
if ($preview == "preview") {
$is2 .= '<br>Долговечность: <font color="' . $izcol . '">' . floor($steck[1]) . '/' . ceil(
$steck[2]
) . '</font>';
} else {
if ($pl['iznosMAXi'] == 999999999) {
$is2 .= '<br>Долговечность: <font color="brown">неразрушимо</font>';
} else {
$is2 .= '<br>Долговечность: <font color="' . $izcol . '">' . floor(
$pl['iznosNOW']
) . '/' . ceil($pl['iznosMAX']) . '</font>';
}
}
//Срок годности предмета
if ($po['srok'] > 0) {
$pl['srok'] = $po['srok'];
}
if ($pl['srok'] > 0 and $preview != "preview") {
if ($pl['time_create'] + $pl['srok'] < time()) {
$is2 .= '<br>Срок годности: ' . $this->timeOut($pl['srok']) . ' (испорчен)';
} else {
$is2 .= '<br>Срок годности: ' . $this->timeOut($pl['srok']) . ' (до ' . date(
'd.m.Y H:i', $pl['time_create'] + $pl['srok']
) . ')';
}
} elseif ($pl['srok'] > 0) {
$is2 .= '<br>Срок годности: ' . $this->timeOut($pl['srok']);
}
if ($pl['magic_chance'] > 0) {
$is2 .= '<br>Вероятность срабатывания: ' . min([$pl['magic_chance'], 100]) . '%';
}
//Продолжительность действия магии:
if ((int)$pl['magic_inci'] > 0) {
$efi = mysql_fetch_array(
mysql_query(
'SELECT `id2`,`mname`,`type1`,`img`,`mdata`,`actionTime`,`type2`,`type3`,`onlyOne`,`oneType`,`noAce`,`see`,`info`,`overch`,`bp`,`noch` FROM `eff_main` WHERE `id2` = "' . ((int)$pl['magic_inci']) . '" LIMIT 1'
)
);
if (isset($efi['id2']) && $efi['actionTime'] > 0) {
$is2 .= '<br>Продолжительность действия: ' . $this->timeOut($efi['actionTime']);
}
}
if ($preview == "full" || $preview == "preview") {
//<strong>Требуется минимальное:</strong>
$tr = '';
$t = $this->items['tr'];
$x = 0;
while ($x < count($t)) {
$n = $t[$x];
if (isset($po['tr_' . $n]) && $po['tr_' . $n] != 0) {
if ($po['tr_' . $n] > $this->stats[$n]) {
if ($n == 'rep') {
$temp = explode('::', $po['tr_' . $n]);
if ($this->rep['rep' . $temp[1]] < $temp[0]) {
$tr .= '<font color="red">';
$notr++;
}
unset($temp);
} elseif ($n != 'align' || floor($this->info['align']) != $po['tr_' . $n]) {
$tr .= '<font color="red">';
$notr++;
}
}
$tr .= '<br>• ';
if ($n == 'rep') {
$temp = explode('::', $po['tr_' . $n]);
$tr .= $this->is[$n] . ' ' . ucfirst(
str_replace('city', ' city', $temp[1])
) . ': ' . $temp[0];
unset($temp);
} elseif ($n != 'align') {
if ($n == 'sex') {
if ($po['tr_' . $n] == 1) {
$tr .= $this->is[$n] . ': Женский';
} else {
$tr .= $this->is[$n] . ': Мужской';
}
} else {
$tr .= $this->is[$n] . ': ' . $po['tr_' . $n];
}
} else {
$tr .= $this->is[$n] . ': ' . $this->align_nm[$po['tr_' . $n]];
}
if ($po['tr_' . $n] > $this->stats[$n]) {
if ($n != 'align' || floor($this->info['align']) != $po['tr_' . $n]) {
$tr .= '</font>';
}
}
}
$x++;
}
if ($tr != '') {
$is2 .= '<br><strong>Требуется минимальное:</strong>' . $tr;
}
//<strong>Действует на:</strong>
$tr = '';
$t = $this->items['add'];
$x = 0;
while ($x < count($t)) {
$n = $t[$x];
if (isset($po['add_' . $n], $this->is[$n])) {
$z = '+';
if ($po['add_' . $n] < 0) {
$z = '';
}
$tr .= '<br>• ' . $this->is[$n] . ': ' . $z . '' . $po['add_' . $n];
}
$x++;
}
//действует на (броня)
$i = 1;
$bn = [1 => 'головы', 2 => 'корпуса', 3 => 'пояса', 4 => 'ног'];
while ($i <= 4) {
if (isset($po['add_mab' . $i])) {
if ($po['add_mab' . $i] == $po['add_mib' . $i] && $pl['geniration'] == 1) {
$z = '+';
if ($po['add_mab' . $i] < 0) {
$z = '';
}
$tr .= '<br>• Броня ' . $bn[$i] . ': ' . $z . '' . $po['add_mab' . $i];
} else {
$tr .= '<br>• Броня ' . $bn[$i] . ': ' . $po['add_mib' . $i] . '-' . $po['add_mab' . $i] . ' (' . $this->bronFx(
[$po['add_mib' . $i], $po['add_mab' . $i]]
) . ')';
}
}
$i++;
}
if ($tr != '') {
$is2 .= '<br><strong>Действует на:</strong>' . $tr;
}
//<strong>Свойства предмета:</strong>
$tr = '';
$t = $this->items['sv'];
if (isset($po['sv_yron_min'], $po['sv_yron_max'])) {
$tr .= '<br>• Урон: ' . $po['sv_yron_min'] . ' - ' . $po['sv_yron_max'];
}
$x = 0;
while ($x < count($t)) {
$n = $t[$x];
if (isset($po['sv_' . $n])) {
$z = '+';
if ($po['sv_' . $n] < 0) {
$z = '';
}
$tr .= '<br>• ' . $this->is[$n] . ': ' . $z . '' . $po['sv_' . $n];
}
$x++;
}
if ($pl['2too'] == 1) {
$tr .= '<br>• Второе оружие';
}
if ($pl['2h'] == 1) {
$tr .= '<br>• Двуручное оружие';
}
if (isset($po['zonb'])) {
$tr .= '<br>• Зоны блокирования: ';
if ($po['zonb'] > 0) {
$x = 1;
while ($x <= $po['zonb']) {
$tr .= '+';
$x++;
}
} else {
$tr .= '—';
}
}
if ($tr != '') {
$is2 .= '<br><strong>Свойства предмета:</strong>' . $tr;
}
$tr = '';
if (isset($po['imposed']) && $po['imposed'] > 0) {
if ($po['imposed_lvl'] == 0) {
$rnc = 'maroon';
} elseif ($po['imposed_lvl'] == 1) {
$rnc = '#624542';
} elseif ($po['imposed_lvl'] == 2) {
$rnc = '#77090b';
} elseif ($po['imposed_lvl'] == 3) {
$rnc = '#d99800';
} else {
$rnc = '#282828';
}
$po['imposed_name'] = str_replace('Чары ', '', $po['imposed_name']);
$tr .= '<br>&bull; <font color=' . $rnc . '>Наложены заклятия:</font> ' . $po['imposed_name'] . ' ';
unset($rnc);
}
if ($tr != '') {
$is2 .= '<br><strong>Улучшения предмета:</strong>';
$is2 .= $tr;
}
if ($notr == 0) {
$d[0] = 1;
if ($pl['magic_inc'] != '') {
$d[2] = 1;
}
}
if (isset($po['free_stats']) && $po['free_stats'] > 0) {
$is2 .= '<br><strong>Распределение статов:</strong>';
$is2 .= '&bull; Возможных распределений: ' . $po['free_stats'] . '';
}
if (floor($pl['iznosNOW']) >= ceil($pl['iznosMAX'])) {
$d[0] = 0;
$d[2] = 0;
}
if (isset($po['complect']) || isset($po['complect2'])) {
$is2 .= '<br><i>Дополнительная информация:</i>';
}
if (isset($po['complect'])) {
//не отображается
$com1 = ['name' => 'Неизвестный Комплект', 'x' => 0, 'text' => ''];
$spc = mysql_query(
'SELECT `id`,`com`,`name`,`x`,`data` FROM `complects` WHERE `com` = "' . $po['complect'] . '" ORDER BY `x` ASC LIMIT 20'
);
while ($plc = mysql_fetch_array($spc)) {
$com1['name'] = $plc['name'];
$com1['text'] .= '&nbsp; &nbsp; &bull; <font color="green">' . $plc['x'] . '</font>: ';
//действие комплекта
$i1c = 0;
$i2c = 0;
$i1e = $this->lookStats($plc['data']);
while ($i1c < count($this->items['add'])) {
if (isset($i1e[$this->items['add'][$i1c]])) {
$i3c = $i1e[$this->items['add'][$i1c]];
if ($i3c > 0) {
$i3c = '+' . $i3c;
}
if ($i2c > 0) {
$com1['text'] .= '&nbsp; &nbsp; ' . $this->is[$this->items['add'][$i1c]] . ': ' . $i3c;
} else {
$com1['text'] .= $this->is[$this->items['add'][$i1c]] . ': ' . $i3c;
}
$com1['text'] .= '<br>';
$i2c++;
}
$i1c++;
}
unset($i1c, $i2c, $i3c);
$com1['x']++;
}
$is2 .= '<br>&bull; Часть комплекта: <strong>' . $com1['name'] . '</strong><br><small>';
$is2 .= $com1['text'];
$is2 .= '</small>';
}
if (isset($po['complect2'])) {
//не отображается
$com1 = ['name' => 'Неизвестный Комплект', 'x' => 0, 'text' => ''];
$spc = mysql_query(
'SELECT `id`,`com`,`name`,`x`,`data` FROM `complects` WHERE `com` = "' . $po['complect2'] . '" ORDER BY `x` ASC LIMIT 20'
);
while ($plc = mysql_fetch_array($spc)) {
$com1['name'] = $plc['name'];
$com1['text'] .= '&nbsp; &nbsp; &bull; <font color="green">' . $plc['x'] . '</font>: ';
//действие комплекта
$i1c = 0;
$i2c = 0;
$i1e = $this->lookStats($plc['data']);
while ($i1c < count($this->items['add'])) {
if (isset($i1e[$this->items['add'][$i1c]])) {
$i3c = $i1e[$this->items['add'][$i1c]];
if ($i3c > 0) {
$i3c = '+' . $i3c;
}
if ($i2c > 0) {
$com1['text'] .= '&nbsp; &nbsp; ' . $this->is[$this->items['add'][$i1c]] . ': ' . $i3c;
} else {
$com1['text'] .= $this->is[$this->items['add'][$i1c]] . ': ' . $i3c;
}
$com1['text'] .= '<br>';
$i2c++;
}
$i1c++;
}
unset($i1c, $i2c, $i3c);
$com1['x']++;
}
$is2 .= '<br>&bull; Часть комплекта (подгонка): <strong>' . $com1['name'] . '</strong><br><small>';
$is2 .= $com1['text'];
$is2 .= '</small>';
}
$is2 .= '<small style="">';
if (isset($po['gravi'])) {
$is2 .= '<br>На поверхности выгравирована надпись: <strong>' . $po['gravi'] . '</strong>';
}
if ($pl['info'] != '') {
$is2 .= '<div><strong>Рекомендации:</strong></div><div>' . $pl['info'] . '</div>';
}
if ($po['info'] != '') {
$is2 .= '<div>' . $po['info'] . '</div>';
}
if ($pl['max_text'] - $pl['use_text'] > 0) {
$is2 .= '<div>Количество символов: ' . ($pl['max_text'] - $pl['use_text']) . '</div>';
}
if (isset($po['noremont'])) {
$is2 .= '<div style="color:brown;">Предмет не подлежит ремонту</div>';
}
if (isset($po['nosale'])) {
$is2 .= '<div style="color:brown;">Предмет нельзя продать</div>';
}
if (isset($po['nomodif'])) {
$is2 .= '<div style="color:brown;">Предмет нельзя улучшать</div>';
}
if (isset($po['nodelete'])) {
$is2 .= '<div style="color:brown;">Предмет нельзя выбросить</div>';
}
if (isset($po['frompisher']) && $po['frompisher'] > 0) {
$is2 .= '<div style="color:brown;">Предмет из подземелья</div>';
}
if (isset($po['sleep_moroz']) && $po['sleep_moroz'] > 0) {
$is2 .= '<div style="color:brown;">Предмет не портится во время сна</div>';
}
if (isset($po['fromlaba']) && $po['fromlaba'] > 0) {
$is2 .= '<div style="color:brown;">Предмет из лабиринта</div>';
}
if (isset($po['vip_sale']) && $po['vip_sale'] > 0) {
$is2 .= '<div style="color:brown;">Предмет куплен за 10% от стоимости</div>';
}
if ($pl['dn_delete'] > 0) {
$is2 .= '<div style="color:brown;">Предмет будет удален при выходе из подземелья</div>';
}
if ($this->pokol > $pl['geni']) {
$is2 .= '<div style="color:brown">Предмет устарел</div>';
}
if (isset($po['zazuby']) && $po['zazuby'] > 0) {
$is2 .= '<div style="color:brown;">Предмет куплен за зубы</div>';
}
$is2 .= '</small>';
}
if ($preview == "preview") {
$kolvoprint = "<small style=\"float:right; color:grey;\" align=\"right\">Количество: <strong>$steck[0]</strong> шт.</small>";
}
echo '<tr style="background-color:#' . $cr . ';"><td width="100" style="padding:7px;" valign="middle" align="center">' . $is1 . '</td><td style="padding:7px;" valign="top">' . $kolvoprint . $is2 . '</td></tr>';
$i++;
}
}
if ($i == 0) {
echo '<tr style="background-color:#' . $cr . ';"><td style="padding:7px;" align="center" valign="top">Прилавок магазина пуст</td></tr>';
}
}
}

1
_incl_data/class/Core/Config.php
View File

@ -8,7 +8,6 @@ class Config
private function __construct()
{
error_reporting(E_ALL ^ E_NOTICE);
setlocale(LC_CTYPE, "ru_RU.CP1251");
ini_set('display_errors', 'Off');
ini_set('date.timezone', 'Europe/Moscow');

4
_incl_data/class/Core/Database.php
View File

@ -14,7 +14,7 @@ class Database
*/
private function __construct() {
mysql_select_db(Config::get('db_name'), mysql_connect('localhost', Config::get('db_user'), Config::get('db_password')));
mysql_query('SET NAMES cp1251');
mysql_query('SET NAMES utf8mb4');
}
/**
@ -42,7 +42,7 @@ class Database
[
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES cp1251",
PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8mb4",
PDO::ATTR_STRINGIFY_FETCHES => false,
PDO::ATTR_EMULATE_PREPARES => false,
]

4
_incl_data/class/Core/Mail.php
View File

@ -9,8 +9,6 @@ class Mail
public static function send($to, $message, $subject = 'Бойцовский клуб')
{
require dirname(__DIR__) . '/mail/class.phpmailer.php';
$message = mb_convert_encoding($message, 'UTF-8', 'CP1251');
$subject = mb_convert_encoding($subject, 'UTF-8', 'CP1251');
$mail = new PHPMailer;
$mail->IsSMTP(); // Set mailer to use SMTP
@ -23,7 +21,7 @@ class Mail
$mail->CharSet = 'UTF-8';
$mail->From = 'newcombats@yahoo.com';
$mail->FromName = mb_convert_encoding('Бойцовский Клуб', 'UTF-8', 'CP1251');
$mail->FromName = 'Бойцовский Клуб';
$mail->AddAddress($to); // Add a recipient
$mail->IsHTML(true); // Set email format to HTML

4
_incl_data/class/FightRequest.php
View File

@ -603,7 +603,7 @@ class FightRequest
$nz['time_start'] = (int)$_POST['startime2'];
$nz['comment'] = substr($_POST['cmt'], 0, 40);
$nz['comment'] = str_replace('"', '&quot;', $nz['comment']);
$nz['comment'] = htmlspecialchars($nz['comment'], null, 'cp1251');
$nz['comment'] = htmlspecialchars($nz['comment'], null);
if (!in_array($nz['time_start'], [60, 180, 300])) {
$nz['time_start'] = 600;
}
@ -871,7 +871,7 @@ class FightRequest
}
//
if ($nz['razdel'] == 2 && isset($_POST['commentfiz'])) {
$nz['comment'] = htmlspecialchars($_POST['commentfiz'], null, 'cp1251');
$nz['comment'] = htmlspecialchars($_POST['commentfiz'], null);
}
//
if ($nz['razdel'] == 5) {

17
_incl_data/class/GameDealer.php
View File

@ -16,15 +16,26 @@ class GameDealer
], $BACK = []; //Результат который возвращаем в конце
//Кодируем из ЮТФ-8 в Кирилицу
/**
* @param $text
* @return mixed
* @deprecated
*/
public function in($text)
{
return iconv("UTF-8", "cp1251", $text);
return $text;
}
//Кодируем из Кирилицу в ЮТФ-8
/**
* @param $text
* @return mixed
* @deprecated
*/
public function out($text)
{
return iconv("cp1251", "UTF-8", $text);
return $text;
}
//Добавляем данные в базу данных
@ -38,7 +49,7 @@ class GameDealer
{
$db = mysql_connect($this->c['db_host'], $this->c['db_user'], $this->c['db_pass']) or die('Ошибка подключения к MySQL серверу!');
mysql_select_db($this->c['db_base'], $db) or die('Ошибка подключения к базе данных!');
mysql_query('SET NAMES cp1251');
mysql_query('SET NAMES utf8mb4');
}
public function output($a, $v = null)

2
_incl_data/class/Insallah/Core/Dbold.php
View File

@ -20,7 +20,7 @@ class DbOld
const DB_USER = 'newcom1_abk';
const DB_PASSWORD = '4nWYsIM[c?}P';
const DB_NAME = 'newcom1_abk';
const CHARSET = 'cp1251';
const CHARSET = 'utf8mb4';
const DB_PREFIX = '';
/**

1
_incl_data/class/Priems.php
View File

@ -1418,7 +1418,6 @@ class Priems
$notr = 0;
$pl['useon_user'] = $this->u->info['enemy'];
if (isset($_POST['useon']) && $_POST['useon'] != '' && $_POST['useon'] != 'none') {
$_POST['useon'] = iconv('UTF-8', 'windows-1251', $_POST['useon']);
$this->ue = mysql_fetch_assoc(
mysql_query(
'SELECT

2
_incl_data/class/Telegram.php
View File

@ -16,7 +16,7 @@ class Telegram
private function send($to, $from, $text, $fromType)
{
mysql_query('START TRANSACTION');
$ins = mysql_query("INSERT INTO `telegram` (`uid`,`from`,`fromType`,`text`,`time`) VALUES ('" . $to . "','" . $from . "','" . $fromType . "','" . mysql_real_escape_string(AddSlashes(HtmlSpecialChars($text, null, 'cp1251'))) . "','" . time() . "')");
$ins = mysql_query("INSERT INTO `telegram` (`uid`,`from`,`fromType`,`text`,`time`) VALUES ('" . $to . "','" . $from . "','" . $fromType . "','" . mysql_real_escape_string(AddSlashes(HtmlSpecialChars($text, null))) . "','" . time() . "')");
mysql_query('COMMIT');
if ($ins) {
return mysql_insert_id();

955
_incl_data/class/User.php
View File

File diff suppressed because it is too large Load Diff

32
_incl_data/class/UserRegister.php
View File

@ -97,11 +97,8 @@ class UserRegister
if ($isRegistered || $wasRegistered || $isRestricted) {
$this->error = 'Логин ' . $login . ' уже занят, выберите другой.';
}
if (!$this->error) {
$this->login = $login;
return true;
}
return false;
return !$this->error;
}
public function hasGoodEmail(string $email): bool
@ -118,11 +115,7 @@ class UserRegister
if (!in_array(explode('@', $email)[1], $allowedDomains)) {
$this->error = 'Данный почтовый сервис использовать нельзя.';
}
if (!$this->error) {
$this->email = $email;
return true;
}
return false;
return !$this->error;
}
public function hasGoodEmailCode(string $email, int $code): bool
@ -144,25 +137,17 @@ class UserRegister
if (strlen($password1) < 8) {
$this->error = 'Пароль должен быть больше 8 символов';
}
if (!$this->error) {
$this->password = password_hash($password1, PASSWORD_DEFAULT);
return true;
}
return false;
return !$this->error;
}
public function new($ref, $birthday, int $sex, int $class): string
public function new(string $login, string $password, string $email, $ref, $birthday, int $sex, int $class): string
{
if (!$this->login ||
!$this->password ||
!$this->email ||
!in_array($sex, [10, 11]) ||
!in_array($class, range(1, 9))) {
if (!$this->hasGoodLogin($login)) { //fixme: грязный хак, но лучше не придумывается с этой пошаговостью.
return 0;
}
$this->class = $class;
$ip = UserIp::get();
$sex = (int)$sex - 10; //На входе 10\11, а передать надо 0\1.
$sex -= 10; //На входе 10\11, а передать надо 0\1.
Db::sql(
'insert into users
(`real`,login,host_reg,pass,ip,ipreg,room,timereg,mail,bithday,sex,fnq,molch2,level,clan_zv,money,online)
@ -179,6 +164,7 @@ class UserRegister
]
);
$uid = Db::lastInsertId();
$this->login = $login;
$this->setCookies();
$this->setStatsItemsEffects();
User::setOnline($uid);
@ -190,7 +176,7 @@ class UserRegister
{
setcookie('login', 1, 1, '/', Config::get('host'), true);
setcookie('registrationModal', 1, 1, '/', Config::get('host'), true);
setrawcookie('login', $this->login, strtotime('+7 days'), '/', Config::get('host'), true);
setcookie('login', $this->login, strtotime('+7 days'), '/', Config::get('host'), true);
setcookie('registrationModal', 'true', strtotime('+7 days'), '/', Config::get('host'), true);
}

2
_incl_data/class/__db_connect.php
View File

@ -15,4 +15,4 @@ include_once dirname(__DIR__) . DIRECTORY_SEPARATOR . 'mysql_override.php';
$dbgo = mysql_connect($db['s'], $db['u'], $db['p']);
mysql_select_db($db['d'], $dbgo);
mysql_query('SET NAMES cp1251');
mysql_query('set names utf8mb4');

1
_incl_data/class/dnaction/_dungeon_replace.php
View File

@ -302,7 +302,6 @@ function getImg($id, $num) {
<html>
<head>
<link rel="stylesheet" type="text/css" href="https://img.new-combats.com/css/main.css" />
<meta content="text/html; charset=windows-1251" http-equiv="Content-type" />
<meta http-equiv="Cache-Control" content="no-cache, max-age=0, must-revalidate, no-store" />
<meta http-equiv="PRAGMA" content="NO-CACHE" />
<meta http-equiv="Expires" content="0" />

6
_incl_data/mails.php
View File

@ -4,8 +4,6 @@
function mails($to, $message, $subject = 'Бойцовский клуб')
{
require '_incl_data/class/mail/class.phpmailer.php';
$message = mb_convert_encoding($message, 'UTF-8', 'CP1251');
$subject = mb_convert_encoding($subject, 'UTF-8', 'CP1251');
$mail = new PHPMailer;
$mail->IsSMTP(); // Set mailer to use SMTP
@ -18,8 +16,8 @@ function mails($to, $message, $subject = 'Бойцовский клуб')
$mail->CharSet = 'UTF-8';
$mail->From = 'newcombats@yahoo.com';
$mail->FromName = mb_convert_encoding('Бойцовский Клуб', 'UTF-8', 'CP1251');
$mail->AddAddress($to); // Add a recipient
$mail->FromName = 'Бойцовский Клуб';
$mail->AddAddress($to); // Add a recipient
$mail->IsHTML(true); // Set email format to HTML

3
_incl_data/mysql_override.php
View File

@ -6,9 +6,6 @@
* @version 0.1
*/
//ini_set('default_charset', 'windows-1251');
//ini_set('date.timezone', 'Europe/Moscow');
// Make sure the MySQL extension is not loaded and there is no other drop in replacement active
if (!extension_loaded('mysql') && !function_exists('mysql_connect')) {
// Validate if the MySQLi extension is present

2
adminion/balance.php
View File

@ -161,7 +161,7 @@ $plus = $plus[0];
<!DOCTYPE html>
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Отчетность проекта</title>
<style type="text/css">
body {

3
adminion/dn_editor.php
View File

@ -120,7 +120,6 @@ if (isset($_POST['saveObjPosition'])) {
'SELECT * FROM `dungeon_obj` WHERE `id` = "' . mysql_real_escape_string($_POST['ore_id']) . '" LIMIT 1'
)
);
$_POST['ore_name'] = iconv("UTF-8", "cp1251", $_POST['ore_name']);
if (isset($obj['id'])) {
mysql_query(
'UPDATE `dungeon_obj` SET
@ -235,7 +234,7 @@ if (!isset($_GET['look'])) {
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Визуальный редактор Лабиринтов &copy; new-combats.com</title>
<script type="text/javascript" src="../js/jquery.js"></script>

2
adminion/editor_shop.php
View File

@ -16,7 +16,7 @@ $r = round((int)$_GET['r']);
<!doctype html>
<html>
<head>
<meta charset="windows-1251">
<title>Редактор предметов в магазине</title>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
<script type="text/javascript">

6
adminion/index.php
View File

@ -37,7 +37,7 @@ if($u->info['admin']=0){
?><!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<meta http-equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<meta http-equiv=Expires Content=0>
@ -258,8 +258,8 @@ if($u->info['admin']=0){
<td valign="top" style="padding:10px;">
<?
if(isset($_GET['mod'])){
if(file_exists('../adminion/mod/'.htmlspecialchars($_GET['mod'],NULL,'cp1251').'.php')){
include('../adminion/mod/'.htmlspecialchars($_GET['mod'],NULL,'cp1251').'.php');
if(file_exists('../adminion/mod/'.htmlspecialchars($_GET['mod'],NULL).'.php')){
include('../adminion/mod/'.htmlspecialchars($_GET['mod'],NULL).'.php');
}else{
echo '<center>У вас нет доступа к данному разделу</center>';
}

2
adminion/items_editor.php
View File

@ -103,7 +103,7 @@ if (isset($_POST['it_name'])) {
<!DOCTYPE html>
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Редактор предметов</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
<script>

2
adminion/mod/dungeon_editor.php
View File

@ -1,7 +1,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<title>Документ без названия</title>
</head>

2
adminion/mults.php
View File

@ -1,6 +1,6 @@
<?php
# Admin Only Area
header('Content-Type: text/html; charset=windows-1251');
const GAME = true;
include('_incl_data/__config.php');

2
adminion/recovery.php
View File

@ -1,7 +1,7 @@
<?php
# Admin Only Area
const GAME = true;
setlocale(LC_CTYPE ,"ru_RU.CP1251");
include('_incl_data/__config.php');
include('_incl_data/class/__db_connect.php');
$u = User::start();

2
adminion/shop_editor.php
View File

@ -16,7 +16,7 @@ $r = round((int)$_GET['r']);
<!doctype html>
<html>
<head>
<meta charset="windows-1251">
<title>Рредактор предметов в магазине</title>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
<script type="text/javascript">

2
adminion/testing.php
View File

@ -22,7 +22,7 @@ while ($i < 100) {
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Тестирование ботов</title>
<script src="https://img.new-combats.com/js/Lite/gameEngine.js" type="text/javascript"></script>
<script src="js/jquery-1.11.3.min.js"></script>

2
ajax.php
View File

@ -1,5 +1,5 @@
<?
setlocale(LC_CTYPE ,"ru_RU.CP1251");
if(isset($_GET['test'])) {
echo 'Тест 5<br>'.$_GET['test'].'<br>'.$_POST['test_post'].'';
die();

2
ajax_checklogin.php
View File

@ -5,7 +5,7 @@ include_once('_incl_data/class/__db_connect.php');
if(isset($_GET['login'])) {
//
$_GET['login'] = htmlspecialchars($_GET['login'],NULL,'cp1251');
$_GET['login'] = htmlspecialchars($_GET['login'],NULL);
//
$bad = array(
'Мусорщик' => 1,

3
aunitpay.php
View File

@ -41,7 +41,7 @@ function connect_db($c)
{
$db = mysql_connect($c['db_host'], $c['db_user'], $c['db_pass']) or die('Ошибка подключения к MySQL серверу!');
mysql_select_db($c['db_base'], $db) or die('Ошибка подключения к базе данных!');
mysql_query('SET NAMES cp1251');
mysql_query('SET NAMES utf8mb4');
}
function getFormSignature($account, $currency, $sum, $secretKey)
@ -151,7 +151,6 @@ if ($_GET['method'] == "pay") {
$r .= 'Уважаемый';
}
$r .= ' <b>' . $referal['login'] . '</b>, на Ваш игровой счет зачислено ' . $refecr . ' Еврокредитов. Благодоря вашему рефералу!' . $user['login'] . '';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query(
"INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','" . $referal['city'] . "','" . $referal['room'] . "','','" . $referal['login'] . "','" . $r . "','-1','5','0')"
);

7
autopay.php
View File

@ -18,7 +18,7 @@ date_default_timezone_set('Europe/Moscow');
function connect_db($c) {
$db = mysql_connect($c['db_host'],$c['db_user'],$c['db_pass']) or die('Ошибка подключения к MySQL серверу!');
mysql_select_db($c['db_base'],$db) or die('Ошибка подключения к базе данных!');
mysql_query('SET NAMES cp1251');
mysql_query('SET NAMES utf8mb4');
}
//MERCHANT_ORDER_ID=142&P_PHONE=380688028300&P_EMAIL=evhenii_kula%40mail.ru&CUR_ID=94&AMOUNT=90&MERCHANT_ID=65643&SIGN=c0fc70d5446614597d44ff13f2c7a6a5&intid=29728441
@ -61,10 +61,8 @@ date_default_timezone_set('Europe/Moscow');
$r .= 'Уважаемый';
}
$r .= ' <b>'.$user['login'].'</b>, на Ваш игровой счет зачислено '.$nick['ekr'].' Еврокредитов. Благодарим Вас за покупку!';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$user['city']."','".$user['room']."','','".$user['login']."','".$r."','-1','5','0')");
//echo $r."r<br>";
if ($nick['ref'] !=0)
{
@ -81,7 +79,6 @@ date_default_timezone_set('Europe/Moscow');
$r .= 'Уважаемый';
}
$r .= ' <b>'.$referal['login'].'</b>, на Ваш игровой счет зачислено '.$refecr.' Еврокредитов. Благодоря вашему рефералу!'.$user['login'].'';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$referal['city']."','".$referal['room']."','','".$referal['login']."','".$r."','-1','5','0')");

2
blago.php
View File

@ -6,7 +6,7 @@
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<title>Благодать Алхимика</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<script type="text/javascript" src="/7E6B1377EF26442EBB8571ECA242C7BE/AA871BD4-9841-8043-97E5-B6FB8495D28A/main.js" charset="UTF-8"></script><SCRIPT LANGUAGE="JavaScript" SRC="https://img.new-combats.com/i/js/dialog_032_ru.js?v=1.168" charset="utf-8"></SCRIPT>
<script type="text/javascript" src='https://img.new-combats.com/js/CombatsUI.js?v=1.168' charset='utf-8'></script>
<SCRIPT LANGUAGE="JavaScript" SRC="https://img.new-combats.com/js/jquery.min.js?v=1.168"></SCRIPT>

2
breakchaos.php
View File

@ -66,7 +66,7 @@ while ($pl = mysql_fetch_array($sp)) {
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Архив: Поединки</title>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
</head>

10
buttons.php
View File

@ -3,7 +3,7 @@ const GAME = true;
function er($e)
{
global $c;
exit('<html><head><meta name="msapplication-config" content="browserconfig.xml"><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="ru"><TITLE>Произошла ошибка</TITLE></HEAD><BODY text="#FFFFFF"><p><font color=black>Произошла ошибка: <pre>' . $e . '</pre><b><p><a href="https://' . $c[0] . '/">Назад</b></a><HR><p align="right">(c) <a href="https://' . $c[0] . '/">' . $c[1] . '</a></p></body></html>');
exit('<html><head><meta name="msapplication-config" content="browserconfig.xml"><meta http-equiv="Content-Language" content="ru"><TITLE>Произошла ошибка</TITLE></HEAD><BODY text="#FFFFFF"><p><font color=black>Произошла ошибка: <pre>' . $e . '</pre><b><p><a href="https://' . $c[0] . '/">Назад</b></a><HR><p align="right">(c) <a href="https://' . $c[0] . '/">' . $c[1] . '</a></p></body></html>');
}
include_once('_incl_data/__config.php');
@ -47,7 +47,7 @@ $u->stats = $u->getStats($u->info['id'], 0);
<!DOCTYPE html>
<html lang="ru-RU">
<head>
<meta charset="windows-1251"/>
<title>Бойцовский Клуб Acombats</title>
<meta name="description"
content="Новая браузерная игра combats версии 2. Возможность играть в Бойцовский Клуб с телефона. Играйте без донатов и вливаний в подающий надежды проект старого БК."/>
@ -250,7 +250,7 @@ $u->stats = $u->getStats($u->info['id'], 0);
}
.qel0 {
dispaly: none;
display: none;
position: absolute;
z-index: 100000;
border: 4px solid #f5cc50;
@ -950,8 +950,8 @@ $u->stats = $u->getStats($u->info['id'], 0);
height="20">
</button>
</div>
<font class="db" style="padding:0 0 8px 0;font-size: 10pt; color:#8f0000;"><b
id="roomName"></b></font>
<font class="db" style="padding:0 0 8px 0;font-size: 10pt; color:#8f0000;">
<b id="roomName"></b></font>
<div id="onlist"></div>
<div style="padding:5px;margin-top:5px;">
<div><label><input type="checkbox" value="1" checked id="autoRefOnline">Обновлять

6
clans_inf.php
View File

@ -14,7 +14,7 @@ if (!isset($upLogin)) {
}
$utf8Login = '';
$utf8Login2 = '';
$utf8Login = iconv("utf-8", "windows-1251", $uplogin);
$utf8Login = $uplogin;
if ($uplogin != 'delete' && $utf8Login != 'delete' && $utf8Login2 != 'delete') {
$clan = mysql_fetch_array(
mysql_query(
@ -29,7 +29,7 @@ if ($uplogin != 'delete' && $utf8Login != 'delete' && $utf8Login2 != 'delete') {
if (!isset($clan['id'])) {
die(
'<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<meta http-equiv="Content-Language" content="ru">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8" />
<TITLE>Произошла ошибка</TITLE></HEAD><BODY text="#FFFFFF"><p><font color=black>
@ -162,7 +162,7 @@ while ($clanwa = mysql_fetch_array($clanwar)) {
<HEAD>
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8"/>
<title>Информация о клане <?= $clan['name'] ?></title>
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<link href="https://img.new-combats.com/i/move/design3.css" rel="stylesheet" type="text/css">
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all"/>

2
confirm.php
View File

@ -17,7 +17,7 @@ header('refresh:5;url=' . Config::get('https'));
<!DOCTYPE html>
<html lang="ru">
<head>
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<TITLE><?= Config::get('https') ?> Подтверждение операции через e-mail.</TITLE>
<style>
body {

2
contacts.html
View File

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="ru-RU">
<head>
<meta charset="windows-1251">
<title>Новый «Бойцовский Клуб» - легендарная браузерная онлайн игра</title>
<meta name="description" content="Браузерная игра старый БК. Старый Бойцовский Клуб. Новый Бойцовский Клуб."/>
<meta name="keywords"

2
cron_dungeon_goBots.php
View File

@ -4,7 +4,7 @@
# а так-же напедения, когда игрок рядом
const GAME = true;
setlocale(LC_CTYPE, "ru_RU.CP1251");
include('_incl_data/__config.php');
include('_incl_data/class/__db_connect.php');

2
dng/index.html
View File

@ -5,7 +5,7 @@
<link rel="stylesheet" type="text/css" href="i/css/dungeon.css" media="screen" />
<link rel="stylesheet" type="text/css" href="i/css/vstyle1.css" media="screen" />
<link rel="stylesheet" type="text/css" href="i/css/dungeon4ie.css" media="screen" />
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<meta name="Distribution" content="Global" />
<meta name="Classification" content="non-profit" />
<meta name="Resource-type" content="application" />

2
dresss/dcdresser.htm
View File

@ -3,7 +3,7 @@
<head>
<title>Примерочная</title>
<link rel="stylesheet" type="text/css" href="style15.css" media="screen" />
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<meta name="Distribution" content="Global" />
<meta name="Classification" content="non-profit" />
<meta name="Resource-type" content="application" />

6
ekr.bac.php
View File

@ -538,7 +538,7 @@ if (isset($_POST['do']) && $_POST['do'] == 'newShadow') {
{
$r = true;
//
$login = htmlspecialchars($login, null, 'cp1251');
$login = htmlspecialchars($login, null);
//
$bad = [
'Мусорщик' => 1,
@ -594,7 +594,7 @@ if (isset($_POST['do']) && $_POST['do'] == 'newShadow') {
} elseif ($u->info['money2'] < 25) {
$u->error = 'Недостаточно средств.';
} else {
$login = htmlspecialchars($_POST['login'], null, 'cp1251');
$login = htmlspecialchars($_POST['login'], null);
if (is_login($login) == true) {
mysql_query(
'INSERT INTO `lastnames` ( `uid`,`login`,`newlogin`,`time` ) VALUES (
@ -740,7 +740,7 @@ if (isset($_POST['do']) && $_POST['do'] == 'newShadow') {
<title>Покупка ЕвроКредитов - Бойцовский Клуб</title>
<!--<link rel=stylesheet type="text/css" href="/i/main.css">-->
<script type="text/javascript" src="https://new-combats.com/res/js/jquery-1.7.1.min.js"></script>
<meta content="text/html; charset=windows-1251" http-equiv=Content-Type>
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all"/>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

6
ekr.php
View File

@ -473,7 +473,7 @@ if (!isset($backdoor)) {
{
$r = true;
//
$login = htmlspecialchars($login, null, 'cp1251');
$login = htmlspecialchars($login, null);
//
$bad = [
'Мусорщик' => 1,
@ -531,7 +531,7 @@ if (!isset($backdoor)) {
} elseif ($u->info['money2'] < 25) {
$u->error = 'Недостаточно средств.';
} else {
$login = htmlspecialchars($_POST['login'], null, 'cp1251');
$login = htmlspecialchars($_POST['login'], null);
if (is_login($login) == true) {
mysql_query(
'INSERT INTO `lastnames` ( `uid`,`login`,`newlogin`,`time` ) VALUES (
@ -677,7 +677,7 @@ if (!isset($backdoor)) {
<title>Покупка ЕвроКредитов - Бойцовский Клуб</title>
<!--<link rel=stylesheet type="text/css" href="/i/main.css">-->
<script type="text/javascript" src="https://new-combats.com/res/js/jquery-1.7.1.min.js"></script>
<meta content="text/html; charset=windows-1251" http-equiv=Content-Type>
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all"/>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

6
ekr2.php
View File

@ -460,7 +460,7 @@ if(!isset($backdoor)) {
function is_login($login) {
$r = true;
//
$login = htmlspecialchars($login,NULL,'cp1251');
$login = htmlspecialchars($login,NULL);
//
$bad = array(
'Мусорщик' => 1,
@ -513,7 +513,7 @@ if(!isset($backdoor)) {
}elseif( $u->info['money2'] < 25 ) {
$u->error = 'Недостаточно средств.';
}else{
$login = htmlspecialchars($_POST['login'],NULL,'cp1251');
$login = htmlspecialchars($_POST['login'],NULL);
if( is_login($login) == true ) {
mysql_query('INSERT INTO `lastnames` ( `uid`,`login`,`newlogin`,`time` ) VALUES (
"'.$u->info['id'].'","'.$u->info['login'].'","'.mysql_real_escape_string($login).'","'.time().'"
@ -652,7 +652,7 @@ if(!isset($backdoor)) {
<title>Покупка ЕвроКредитов - Бойцовский Клуб</title>
<!--<link rel=stylesheet type="text/css" href="/i/main.css">-->
<script type="text/javascript" src="https://new-combats.com/res/js/jquery-1.7.1.min.js"></script>
<meta content="text/html; charset=windows-1251" http-equiv=Content-Type>
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all" />
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

2
enter.php
View File

@ -176,7 +176,7 @@ if (!isset($u['id'])) {
<HTML lang="ru">
<HEAD>
<link rel=stylesheet type="text/css">
<meta charset="windows-1251">
<meta name="msapplication-config" content="browserconfig.xml"/>
<TITLE>Второй пароль</TITLE>
</HEAD>

2
enter2.php
View File

@ -1,6 +1,6 @@
<!DOCTYPE>
<html lang="ru">
<head><title></title><meta charset="windows-1251"></head>
<head><title></title></head>
<body>
Запрос второго пароля к персонажу.<br><br>
<img id="pass" onClick="" width="295" src="i/pin/e0.png" alt=""><br><br>

2
fight/take.team.php
View File

@ -4,7 +4,7 @@ header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: text/html; charset=windows-1251');
const GAME = true;
include('../_incl_data/class/__db_connect.php');

1
fight/take.user.php
View File

@ -4,7 +4,6 @@ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
header( 'Pragma: no-cache' );
header( 'Content-Type: text/html; charset=windows-1251' );
define('GAME',true);
require_once('../_incl_data/class/__db_connect.php');

4
forum_script/_forum.class.php
View File

@ -13,7 +13,7 @@ class forum
{
if (isset($_GET['search'])) {
$where = '( `text` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" OR `title` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" OR `login` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" ) AND `topic` < "0" AND `delete` = "0"';
$pre_url = 'search=' . htmlspecialchars($_GET['search'], null, 'cp1251') . '&read=' . $pagers . '&';
$pre_url = 'search=' . htmlspecialchars($_GET['search'], null) . '&read=' . $pagers . '&';
$idpaginator = $pagers;
} elseif ($pagers != 0) {
$where = '`topic` = "' . $pagers . '" AND `delete` = "0"';
@ -506,7 +506,7 @@ class forum
$tl['id'] = $uid;
}
$lst = mysql_fetch_array(mysql_query('SELECT * FROM `forum_msg` WHERE `topic` = "' . mysql_real_escape_string($topic) . '" OR (`topic` = "-1" AND `id` = "' . mysql_real_escape_string($topic) . '") ORDER BY `time` DESC LIMIT 1'));
$ins = mysql_query('INSERT INTO `forum_msg` (`cityreg`,`city`,`align`,`clan`,`level`,`login`,`fid`,`title`,`topic`,`ico`,`text`,`time`,`ip`,`uid`) VALUES ("' . mysql_real_escape_string($tl['cityreg']) . '","' . mysql_real_escape_string($tl['city']) . '","' . mysql_real_escape_string($tl['align']) . '","' . mysql_real_escape_string($tl['clan']) . '","' . mysql_real_escape_string($tl['level']) . '","' . mysql_real_escape_string($tl['login']) . '","' . mysql_real_escape_string($fid) . '","' . mysql_real_escape_string(htmlspecialchars($title, null, 'cp1251')) . '","' . mysql_real_escape_string($topic) . '","' . mysql_real_escape_string($ico) . '","' . mysql_real_escape_string(htmlspecialchars($text, null, 'cp1251')) . '","' . mysql_real_escape_string($time) . '","' . $_SERVER['HTTP_X_REAL_IP'] . '","' . $tl['id'] . '")');
$ins = mysql_query('INSERT INTO `forum_msg` (`cityreg`,`city`,`align`,`clan`,`level`,`login`,`fid`,`title`,`topic`,`ico`,`text`,`time`,`ip`,`uid`) VALUES ("' . mysql_real_escape_string($tl['cityreg']) . '","' . mysql_real_escape_string($tl['city']) . '","' . mysql_real_escape_string($tl['align']) . '","' . mysql_real_escape_string($tl['clan']) . '","' . mysql_real_escape_string($tl['level']) . '","' . mysql_real_escape_string($tl['login']) . '","' . mysql_real_escape_string($fid) . '","' . mysql_real_escape_string(htmlspecialchars($title, null)) . '","' . mysql_real_escape_string($topic) . '","' . mysql_real_escape_string($ico) . '","' . mysql_real_escape_string(htmlspecialchars($text, null)) . '","' . mysql_real_escape_string($time) . '","' . $_SERVER['HTTP_X_REAL_IP'] . '","' . $tl['id'] . '")');
if (!$ins) {
$this->error = 'Ошибка создания топика';
return false;

4
forum_script/index.php
View File

@ -135,7 +135,7 @@ $dost = [0 => 'всем пользователям', 1 => 'только чтен
<!DOCTYPE html>
<html>
<head>
<meta charset="windows-1251"/>
<link rel="canonical" href="https://new-combats.com/forum"/>
<title>Форум браузерной онлайн игры Новый «Бойцовский клуб»</title>
<meta name="description"
@ -532,7 +532,7 @@ function MM_jumpMenu(targ, selObj, restore) { //v3.0
$_POST['search'] = $_GET['search'];
}
$word = $_POST['search'];
$word = htmlspecialchars($word, null, 'cp1251');
$word = htmlspecialchars($word, null);
$limw = mysql_fetch_array(
mysql_query(
'SELECT COUNT(*) FROM `forum_msg` WHERE ( `text` LIKE "%' . mysql_real_escape_string(

2
goodpay.html
View File

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="ru-RU">
<head>
<meta charset="windows-1251">
<title>Браузерная игра - Новый Бойцовский Клуб</title>
<meta name="description" content="Браузерная игра в стиле MMORPG «combats» версии 2. Старый Бойцовский Клуб ждем игроков. Новый Бойцовский Клуб."/>
<meta name="keywords" content="Бойцовский клуб играть, бойцовский клуб, Combats.com, старый бойцовский клуб, игра бойцовский клуб, играть в комбатс, комбатс, браузерная онлайн игра, Acombats, старый БК, играть в старый БК, oldcombats, онлайн мир, маг, likebk, Comabts, legbk, acomabts.com, гайд крит, гайд уворот, гайд танк, гайд крит"/>

2
hmonitor.php
View File

@ -15,7 +15,7 @@ $u = User::start();
<!DOCTYPE HTML>
<html>
<head>
<meta charset="windows-1251">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8"/>
<meta http-equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

2
html/index.html
View File

@ -1,7 +1,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<title>Бойцовский Клуб</title>
</head>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">

8
html/library.php
View File

@ -37,7 +37,7 @@ if( $url[2] == 'upload' && $u->info['admin'] > 0 ) {
}
$usrs[$pl['uid']] = $usrs[$pl['uid']]['login'];
}
$html .= '<a title="'.$usrs[$pl['uid']]."\n".date('d.m.Y H:i',$pl['time']).'" oncontextmenu="if(confirm(\'Вы уверены?\')){ top.location=\'https://new-combats.com/library/upload/'.htmlspecialchars($url[3],NULL,'cp1251').'/delete/'.$pl['id'].'/\'; }return false;" target="_blank" href="https://new-combats.com/ui/'.$pl['img'].'.'.$pl['type'].'"><img src="https://new-combats.com/ui/'.$pl['img'].'.'.$pl['type'].'" class="imgo"></a>';
$html .= '<a title="'.$usrs[$pl['uid']]."\n".date('d.m.Y H:i',$pl['time']).'" oncontextmenu="if(confirm(\'Вы уверены?\')){ top.location=\'https://new-combats.com/library/upload/'.htmlspecialchars($url[3],NULL).'/delete/'.$pl['id'].'/\'; }return false;" target="_blank" href="https://new-combats.com/ui/'.$pl['img'].'.'.$pl['type'].'"><img src="https://new-combats.com/ui/'.$pl['img'].'.'.$pl['type'].'" class="imgo"></a>';
}
$i++;
}
@ -140,7 +140,7 @@ if( $url[2] == 'upload' && $u->info['admin'] > 0 ) {
<div class="lib-txt">
<?
if(isset($_POST['save']) && isset($u->info['id'])) {
$_POST['lib_title'] = htmlspecialchars($_POST['lib_title'],NULL,'cp1251');
$_POST['lib_title'] = htmlspecialchars($_POST['lib_title'],NULL);
$mbpage_last = mysql_fetch_array(mysql_query('SELECT `time` FROM `library_content` WHERE `uid` = "'.$u->info['id'].'" ORDER BY `id` DESC LIMIT 1'));
if( $u->info['molch1'] > time() ) {
@ -225,7 +225,7 @@ if( isset($mbpage['id']) ) {
$red500 = false;
if( isset($_POST['lib_urlname']) && $_POST['lib_urlname'] != '' && $_POST['lib_urlname'] != $mbpage['url_name'] ) {
mysql_query('UPDATE `library_content` SET `delete` = "'.time().'" WHERE `url_name` = "'.$mbpage['url_name'].'" AND `id` != "'.$mbpage['id'].'"');
$mbpage['url_name'] = htmlspecialchars($_POST['lib_urlname'],NULL,'cp1251');
$mbpage['url_name'] = htmlspecialchars($_POST['lib_urlname'],NULL);
mysql_query('UPDATE `library_content` SET `url_name` = "'.mysql_real_escape_string($mbpage['url_name']).'" WHERE `id` = "'.$mbpage['id'].'" LIMIT 1');
$red500 = true;
}
@ -248,7 +248,7 @@ if( isset($mbpage['id']) ) {
$mbpage['title'] = $_POST['lib_title'];
$mbpage['text'] = $_POST['con_text'];
$mbpage['time'] = time();
mysql_query('UPDATE `library_content` SET `time` = "'.time().'",`title` = "'.mysql_real_escape_string(htmlspecialchars($mbpage['title'],NULL,'cp1251')).'",`text` = "'.mysql_real_escape_string($mbpage['text']).'" WHERE `id` = "'.$mbpage['id'].'" LIMIT 1');
mysql_query('UPDATE `library_content` SET `time` = "'.time().'",`title` = "'.mysql_real_escape_string(htmlspecialchars($mbpage['title'],NULL)).'",`text` = "'.mysql_real_escape_string($mbpage['text']).'" WHERE `id` = "'.$mbpage['id'].'" LIMIT 1');
}
}
}

2
i/main.css
View File

@ -1,4 +1,4 @@
@charset "windows-1251";
BODY {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif

2
i/move/design3.css
View File

@ -1,4 +1,4 @@
@charset "windows-1251";
/* CSS Document */
body{margin:0px 1px 0px 1px;padding:0px 1px 0px 1px;background-color:#dedede;color:#000000;}
.main_text{font-weight:bold;font-size:10px;text-decoration:none;color:#f0f0f0;cursor:hand;}

6
img.new-combats.com/chars/0/ekr.php
View File

@ -478,7 +478,7 @@ if(!isset($backdoor)) {
function is_login($login) {
$r = true;
//
$login = htmlspecialchars($login,NULL,'cp1251');
$login = htmlspecialchars($login,NULL);
//
$bad = array(
'Мусорщик' => 1,
@ -536,7 +536,7 @@ if(!isset($backdoor)) {
}elseif( $u->bank['money2'] < $ekr ) {
$u->error = 'Недостаточно средств.';
}else{
$login = htmlspecialchars($_POST['login'],NULL,'cp1251');
$login = htmlspecialchars($_POST['login'],NULL);
if( is_login($login) == true ) {
mysql_query('INSERT INTO `lastnames` ( `uid`,`login`,`newlogin`,`time` ) VALUES (
"'.$u->info['id'].'","'.$u->info['login'].'","'.mysql_real_escape_string($login).'","'.time().'"
@ -676,7 +676,7 @@ if(!isset($backdoor)) {
<title>Покупка ЕвроКредитов - TrueBk</title>
<!--<link rel=stylesheet type="text/css" href="/i/main.css">-->
<script type="text/javascript" src="http://new-combats.com/res/js/jquery-1.7.1.min.js"></script>
<meta content="text/html; charset=windows-1251" http-equiv=Content-Type>
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all" />
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

8
img.new-combats.com/i/obraz/0/ekr.php
View File

@ -478,7 +478,7 @@ if(!isset($backdoor)) {
function is_login($login) {
$r = true;
//
$login = htmlspecialchars($login,NULL,'cp1251');
$login = htmlspecialchars($login,NULL);
//
$bad = array(
'Мусорщик' => 1,
@ -536,7 +536,7 @@ if(!isset($backdoor)) {
}elseif( $u->bank['money2'] < $ekr ) {
$u->error = 'Недостаточно средств.';
}else{
$login = htmlspecialchars($_POST['login'],NULL,'cp1251');
$login = htmlspecialchars($_POST['login'],NULL);
if( is_login($login) == true ) {
mysql_query('INSERT INTO `lastnames` ( `uid`,`login`,`newlogin`,`time` ) VALUES (
"'.$u->info['id'].'","'.$u->info['login'].'","'.mysql_real_escape_string($login).'","'.time().'"
@ -673,10 +673,8 @@ if(!isset($backdoor)) {
?>
<HTML>
<HEAD>
<title>Покупка ЕвроКредитов - TrueBk</title>
<!--<link rel=stylesheet type="text/css" href="/i/main.css">-->
<title>Покупка ЕвроКредитов</title>
<script type="text/javascript" src="http://new-combats.com/res/js/jquery-1.7.1.min.js"></script>
<meta content="text/html; charset=windows-1251" http-equiv=Content-Type>
<link href="/res/css/style.css" rel="stylesheet" type="text/css" media="all" />
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>

2
indexreg.php
View File

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="ru-RU">
<head>
<meta charset="windows-1251">
<title>Браузерная игра - Новый Бойцовский Клуб</title>
<meta name="description" content="Браузерная игра - Бойцовский Клуб << combats >> версии 2. Возможность играть в Бойцовский Клуб с телефона. Играйте без донатов и вливаний проект старого БК."/>
<meta name="keywords" content="Бойцовский клуб играть, бойцовский клуб, Combats.com, старый бойцовский клуб, игра бойцовский клуб, играть в комбатс, комбатс, браузерная онлайн игра, Acombats, старый БК, играть в старый БК, oldcombats, онлайн мир, маг, likebk, Comabts, legbk, acomabts.com, гайд крит, гайд уворот, гайд танк, гайд крит"/>

15
inf.php
View File

@ -2,7 +2,6 @@
if (isset($_GET['md5'])) {
die(md5($_GET['md5']));
}
header('Content-Type: text/html; charset=cp1251');
include_once('_incl_data/__config.php');
$c['inf'] = true;
const GAME = true;
@ -105,9 +104,9 @@ $utf8Login = '';
$utf8Login2 = '';
$utf8Login = iconv("UTF-8", "windows-1251", $uplogin);
$utf8Login = $uplogin;
$utf8Login2 = iconv("UTF-8", "windows-1251", $_GET['login']);
$utf8Login2 = $_GET['login'];
if ($uplogin == 'delete' || $utf8Login == 'delete' || $utf8Login2 == 'delete') {
@ -190,7 +189,7 @@ if (!isset($inf['id'])) {
die('Ошибка. Персонаж не найден.');
die(
'<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<meta http-equiv="Content-Language" content="ru">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8" />
<TITLE>Произошла ошибка</TITLE></HEAD><BODY text="#FFFFFF" style="padding-top:0px; margin-top:7px; height:100%; background-color:#dedede;"><p><font color=black>
@ -469,7 +468,7 @@ if ($inf['inTurnir'] > 0 && ($u->info['inTurnir'] == $inf['inTurnir'] || $u->inf
<!DOCTYPE html>
<html>
<head>
<meta charset="windows-1251"/>
<title>Информация о <?php echo $inf['login']; ?></title>
<meta
"description" name content="Просматривайте информацию о игровых персонажах браузерной игры Бойцовский Клуб.Играйте в
@ -1116,7 +1115,7 @@ if (isset($uer)) {
Поражений: <?php echo number_format($inf['lose'], 0, ",", " "); ?><BR>
Ничьих: <?php echo number_format($inf['nich'], 0, ",", " "); ?><BR>
<?php }
$inf['mod_zvanie'] = htmlspecialchars($inf['mod_zvanie'], null, 'cp1251');
$inf['mod_zvanie'] = htmlspecialchars($inf['mod_zvanie'], null);
?>
<?php if ($inf['align'] == 50) {
@ -1148,7 +1147,7 @@ if (isset($uer)) {
$inf['mod_zvanie'] = '- <font color="#008080"><b>Глава клана</b></font>';
} elseif ($inf['mod_zvanie'] != '') {
$inf['mod_zvanie'] = '- ' . htmlspecialchars(
$inf['mod_zvanie'], null, 'cp1251'
$inf['mod_zvanie'], null
);
$inf['mod_zvanie'] = str_replace(
'&lt;b&gt;', '<b>', $inf['mod_zvanie']
@ -2476,7 +2475,7 @@ if (isset($uer)) {
$bnk .= '<span style="display:inline-block;width:100px;"><small>' . $pl['money2'] . ' екр.</small></span>';
if ($u->info['admin'] > 0) {
$bnk .= '<span style="display:inline-block;"><small>Пароль: ' . htmlspecialchars(
$pl['pass'], null, 'cp1251'
$pl['pass'], null
) . '</small></span>';
}
if ($pl['moneyBuy'] > 0) {

7
interrpaykassa.php
View File

@ -22,7 +22,7 @@ $c = array(
function connect_db($c) {
$db = mysql_connect($c['db_host'],$c['db_user'],$c['db_pass']) or die('Ошибка подключения к MySQL серверу!');
mysql_select_db($c['db_base'],$db) or die('Ошибка подключения к базе данных!');
mysql_query('SET NAMES cp1251');
mysql_query('SET NAMES utf8mb4');
}
$needle = $dataSet['ik_sign'];
unset($dataSet['ik_sign']);// удаляем из данных строку подписи
@ -63,10 +63,8 @@ if ($needle == $sign) {
$r .= 'Уважаемый';
}
$r .= ' <b>'.$user['login'].'</b>, на Ваш игровой счет зачислено '.$nick['ekr'].' Еврокредитов. Благодарим Вас за покупку!';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$user['city']."','".$user['room']."','','".$user['login']."','".$r."','-1','5','0')");
//echo $r."r<br>";
if ($nick['ref'] !=0)
{
@ -83,7 +81,6 @@ if ($needle == $sign) {
$r .= 'Уважаемый';
}
$r .= ' <b>'.$referal['login'].'</b>, на Ваш игровой счет зачислено '.$refecr.' Еврокредитов. Благодоря вашему рефералу!'.$user['login'].'';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$referal['city']."','".$referal['room']."','','".$referal['login']."','".$r."','-1','5','0')");

2
items_info.php
View File

@ -202,7 +202,7 @@ $rz[$rt[$itm['type']]][1] ??= 'Прочие предметы';
<!DOCTYPE HTML>
<html lang="ru">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<title>Бойцовский клуб |
Библиотека <?php if (isset($itm['id'])) { ?> | <?= $rz[$rt[$itm['type']]][1] ?> | <?= $itm['name'] ?><?php } ?></title>
<link href="/main1.css" rel="stylesheet" type="text/css">

7
jx/battle/refresh.php
View File

@ -60,13 +60,9 @@ if (!isset($CRON_CORE)) {
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: text/html; charset=windows-1251');
}
if (($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE)) && (isset($_POST['atack'], $_POST['block']) || (isset($_POST['id']) && $_POST['id'] == 'reflesh') || isset($_POST['usepriem']) || isset($_POST['useitem']))) {
if (isset($_POST['useitemon'])) {
$_POST['useitemon'] = iconv('UTF-8', 'windows-1251', $_POST['useitemon']);
}
unset($tm);
$js = '';
@ -165,7 +161,6 @@ if (($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE))
//ручная смена
if (isset($_POST['smn']) && $_POST['smn'] != 'none') {
/* ---------------- */
$_POST['smn'] = iconv('UTF-8', 'windows-1251', $_POST['smn']);
$uidz = mysql_fetch_array(
mysql_query(
'SELECT `id`,`inUser` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
@ -241,7 +236,7 @@ if (($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE))
$i++;
}
$atk1 = 0;
$rsys = $u->sys_see(0);
$rsys = '';
if ($rsys != '') {
$js .= $rsys;
}

6
jx/battle/refresh1.php
View File

@ -10,9 +10,6 @@
if(isset($_POST['atack'],$_POST['block']) || (isset($_POST['id']) && $_POST['id']=='reflesh') || isset($_POST['usepriem']) || isset($_POST['useitem']))
{
if(isset($_POST['useitemon'])) {
$_POST['useitemon'] = iconv('UTF-8', 'windows-1251', $_POST['useitemon']);
}
session_start();
$tm = microtime();
$tm = explode(' ',$tm);
@ -113,7 +110,6 @@
if(isset($_POST['smn']) && $_POST['smn']!='none')
{
/* ---------------- */
$_POST['smn'] = iconv('UTF-8', 'windows-1251', $_POST['smn']);
$uidz = mysql_fetch_array(mysql_query('SELECT `id`,`inUser` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_POST['smn']).'" AND `battle` = "'.$u->info['battle'].'" LIMIT 1'));
if($uidz['inUser']>0)
{
@ -192,7 +188,7 @@
$i++;
}
$atk1 = 0;
if(!isset($CRON_CORE)) {$rsys = $u->sys_see(0);}
if(!isset($CRON_CORE)) {$rsys = '';}
if($rsys != '') {
$js .= $rsys;
}

27
jx/battle/refresh2.php
View File

@ -10,31 +10,9 @@
if(isset($_POST['atack'],$_POST['block']) || (isset($_POST['id']) && $_POST['id']=='reflesh') || isset($_POST['usepriem']) || isset($_POST['useitem']))
{
if(isset($_POST['useitemon'])) {
$_POST['useitemon'] = iconv('UTF-8', 'windows-1251', $_POST['useitemon']);
}
session_start();
$tm = microtime();
$tm = explode(' ',$tm);
$tm = $tm[0]+$tm[1];
if(!isset($CRON_CORE)) {
//require_once('../../_incl_data/__config.php');
/*if($_SESSION['tbr']>$tm)
{
die('<script>ggcode="'.$code.'";if(t057!=null){clearTimeout(t057);}</script>');
}else{
$_SESSION['tbr'] = $tm+0.350;
}*/
}
unset($tm);
$js = '';
//require_once('../../_incl_data/class/__user.php');
//require_once('../../_incl_data/class/__magic.php');
//require_once('../../_incl_data/class/_cron_.php');
//require_once('../../_incl_data/class/__quest.php');
if( $u->info['battle'] == 0 ) {
$btl_last = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `battle_users` WHERE `uid` = "'.$u->info['id'].'" AND `finish` = "0" LIMIT 1'));
if( isset($btl_last['id']) && $u->info['battle'] == 0 ) {
@ -127,7 +105,6 @@
if(isset($_POST['smn']) && $_POST['smn']!='none')
{
/* ---------------- */
$_POST['smn'] = iconv('UTF-8', 'windows-1251', $_POST['smn']);
$uidz = mysql_fetch_array(mysql_query('SELECT `id`,`inUser` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_POST['smn']).'" AND `battle` = "'.$u->info['battle'].'" LIMIT 1'));
if($uidz['inUser']>0)
{
@ -206,7 +183,7 @@
$i++;
}
$atk1 = 0;
if(!isset($CRON_CORE)) {$rsys = $u->sys_see(0);}
if(!isset($CRON_CORE)) {$rsys = '';}
if($rsys != '') {
$js .= $rsys;
}

7
jx/battle/refresh_bot.php
View File

@ -59,9 +59,7 @@ if (isset($_GET['cron_core'])) {
}
if (isset($CRON_CORE) && (isset($_POST['atack'], $_POST['block']) || (isset($_POST['id']) && $_POST['id'] == 'reflesh') || isset($_POST['usepriem']) || isset($_POST['useitem']))) {
if (isset($_POST['useitemon'])) {
$_POST['useitemon'] = iconv('UTF-8', 'windows-1251', $_POST['useitemon']);
}
//`session_start();
$tm = microtime();
$tm = explode(' ', $tm);
@ -151,7 +149,6 @@ if (isset($CRON_CORE) && (isset($_POST['atack'], $_POST['block']) || (isset($_PO
//ручная смена
if (isset($_POST['smn']) && $_POST['smn'] != 'none') {
/* ---------------- */
$_POST['smn'] = iconv('UTF-8', 'windows-1251', $_POST['smn']);
$uidz = mysql_fetch_array(
mysql_query(
'SELECT `id`,`inUser` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
@ -218,7 +215,7 @@ if (isset($CRON_CORE) && (isset($_POST['atack'], $_POST['block']) || (isset($_PO
$i++;
}
$atk1 = 0;
$rsys = $u->sys_see(0);
$rsys = '';
if ($rsys != '') {
$js .= $rsys;
}

7
jx/battle/refresh_vip.php
View File

@ -45,14 +45,10 @@ if (!isset($CRON_CORE)) {
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: text/html; charset=windows-1251');
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE)) {
if (isset($_POST['atack'], $_POST['block']) || (isset($_POST['id']) && $_POST['id'] == 'reflesh') || isset($_POST['usepriem']) || isset($_POST['useitem'])) {
if (isset($_POST['useitemon'])) {
$_POST['useitemon'] = iconv('UTF-8', 'windows-1251', $_POST['useitemon']);
}
session_start();
$tm = microtime();
$tm = explode(' ', $tm);
@ -151,7 +147,6 @@ if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE))
//ручная смена
if (isset($_POST['smn']) && $_POST['smn'] != 'none') {
/* ---------------- */
$_POST['smn'] = iconv('UTF-8', 'windows-1251', $_POST['smn']);
$uidz = mysql_fetch_array(
mysql_query(
'SELECT `id`,`inUser` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
@ -225,7 +220,7 @@ if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE))
}
$atk1 = 0;
if (!isset($CRON_CORE)) {
$rsys = $u->sys_see(0);
$rsys = '';
}
if ($rsys != '') {
$js .= $rsys;

1
jx/dungeon.php
View File

@ -1,5 +1,4 @@
<?php
header('Content-Type: text/html; charset=windows-1251');
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' && isset($_POST['id'])) {
define('GAME', true);
include_once('../_incl_data/__config.php');

1
jx/post.php
View File

@ -1,5 +1,4 @@
<?php
header('Content-Type: text/html; charset=windows-1251');
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
define('GAME', true);
include_once('../_incl_data/__config.php');

2
logs.php
View File

@ -764,7 +764,7 @@ if (isset($btl['id']) && $btl['team_win'] != -1 && isset($_GET['analiz'])) {
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Архив: Поединки</title>
<script type="text/javascript" src="js/jquery.js"></script>
<script type="text/javascript" src="js/jqueryrotate.js"></script>

2
mail.php
View File

@ -160,7 +160,7 @@ if (isset($_GET['send6102'])) {
$message = str_replace('{md5mail}', $md5mail, $message);
//
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=windows-1251\r\n";
$headers .= "Content-type: text/html; charset=utf8\r\n";
$headers .= "From: support@new-combats.com\r\n";
//
$to = $mail;

1
main.php
View File

@ -84,7 +84,6 @@ if ($u->room['file'] == "room_hostel" || $u->room['file'] == "post") {
#--------для общаги, и позже для почты
if ($u->info['online'] < time() - 60 || $u->info['afk'] != '') {
$filter->setOnline($u->info['8'], $u->info['id']);
$u->onlineBonus();
mysql_query(
"UPDATE `users` SET `online`='" . time() . "',`timeMain`='" . time(
) . "',`afk`='' WHERE `id`='" . $u->info['id'] . "' LIMIT 1"

2
map.php
View File

@ -14,7 +14,7 @@ if ($u->info['banned'] || !isset($u->info['id'])) {
<html lang="ru">
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8"/>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
</head>

2
modules_data/_alhp.php
View File

@ -306,7 +306,7 @@ $srok = array(15=>'15 минут',30=>'30 минут',60=>'один час',180=
}
}
if(isset($_POST['tologin'],$_POST['message'])) {
$u->send('',1,$infcity,'',htmlspecialchars($_POST['tologin'],NULL,'cp1251'),'<font color=darkblue>Сообщение телеграфом от </font> <b>'.$u->info['login'].'</b>: '.$_POST['message'].'',-1,6,0,0,0,1);
$u->send('',1,$infcity,'',htmlspecialchars($_POST['tologin'],NULL),'<font color=darkblue>Сообщение телеграфом от </font> <b>'.$u->info['login'].'</b>: '.$_POST['message'].'',-1,6,0,0,0,1);
}
?>
<table>

2
modules_data/_animal.php
View File

@ -33,7 +33,7 @@ if(isset($_GET['delete']) && $_GET['delete'] == $an['id']) {
}
return $g;
}
$nl = htmlspecialchars($_GET['anml_login'],NULL,'cp1251');
$nl = htmlspecialchars($_GET['anml_login'],NULL);
$nl = str_replace(' ','',$nl);
$nl = str_replace(' ','',$nl);
$sr = "!@#$%^&*()\+Ёё|/'`\"-_";

6
modules_data/_bagreport.php
View File

@ -433,10 +433,10 @@ if($data OR $u->info['admin']>0){ // if moder or admin
if($_GET['action']=='create'){
if(isset($u->info['id'])){$id=$u->info['id'];} else { $usLogin = mysql_fetch_array(mysql_query("SELECT `login`,`id` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['name'])."' LIMIT 1;"));$id=$usLogin['id'];}
$title=htmlspecialchars(mysql_real_escape_string($_POST['title']),NULL,'cp1251');
$title=htmlspecialchars(mysql_real_escape_string($_POST['title']),NULL);
$type=$_POST['type'];
$ip=$_SERVER['REMOTE_ADDR'];
$descr=htmlspecialchars(mysql_real_escape_string($_POST['description']),NULL,'cp1251');
$descr=htmlspecialchars(mysql_real_escape_string($_POST['description']),NULL);
if ($u->info['admin']>0) { $readAdmin="0"; $readUser="1"; } else{ $readAdmin="1"; $readUser="0";}
if ($data) { $readModer="0"; $readUser="1"; } else { $readModer="1"; $readUser="0"; }
@ -446,7 +446,7 @@ if($_GET['action']=='create'){
$q = mysql_query($query) or die ("<span style='color:red'>Ошибка при выполнении запроса</span>: ".mysql_error ());
// Добавление новое сообщение
$query = "INSERT INTO `bags` (`uid`, `title`, `sid`, `text`, `type`, `time`, `ip`, `fast`, `readAdmin`, `readModer`, `readUser`) VALUES ('".$id."', '".$title."', '".$_GET['post']."', '".htmlspecialchars($descr,NULL,'cp1251')."', '".$type."', '".time()."', '".$ip."', '0', '".$readAdmin."', '".$readModer."', '".$readUser."');";
$query = "INSERT INTO `bags` (`uid`, `title`, `sid`, `text`, `type`, `time`, `ip`, `fast`, `readAdmin`, `readModer`, `readUser`) VALUES ('".$id."', '".$title."', '".$_GET['post']."', '".htmlspecialchars($descr,NULL)."', '".$type."', '".time()."', '".$ip."', '0', '".$readAdmin."', '".$readModer."', '".$readUser."');";
$q = mysql_query($query) or die ("<span style='color:red'>Ошибка при выполнении запроса</span>: ".mysql_error ());
// Обновление статуса темы

20
modules_data/_clan.php
View File

@ -582,8 +582,8 @@ if ($u->info['clan_prava'] != 'glava') {
if (isset($lmsg['id'])) {
$c_r .= '<font color="#FF0000"><b>Нельзя добавлять сообщения чаще одного раза в 10 секунд</b></font><br>';
} else {
$tadd = htmlspecialchars($_POST['textadd'], null, 'cp1251');
$ttadd = htmlspecialchars($_POST['titleadd'], null, 'cp1251');
$tadd = htmlspecialchars($_POST['textadd'], null);
$ttadd = htmlspecialchars($_POST['titleadd'], null);
if (str_replace(' ', '', str_replace(' ', '', $tadd)) == '') {
$c_r .= '<font color="#FF0000"><b>Нельзя отправлять пустое событие</b></font><br>';
} elseif (str_replace(' ', '', str_replace(' ', '', $ttadd)) == '') {
@ -1403,7 +1403,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($file) {
$size = getimagesize(
"https://new-combats.com/clan_prw/" . htmlspecialchars($file[1], null, 'cp1251')
"https://new-combats.com/clan_prw/" . htmlspecialchars($file[1], null)
);
$bag = 0;
@ -1416,7 +1416,7 @@ if ($u->info['clan_prava'] != 'glava') {
'INSERT INTO `reimage` (`login`,`uid`,`time`,`src`,`clan`,`type`,`sex`,`animation`,`w`,`h`,`bag`) VALUES (
"' . $u->info['login'] . '",
"' . $u->info['id'] . '","' . time() . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null, 'cp1251')) . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null)) . '",
"' . $u->info['clan'] . '",
"' . mysql_real_escape_string($data['type']) . '",
"' . mysql_real_escape_string($data['sex']) . '",
@ -1690,7 +1690,7 @@ if ($u->info['clan_prava'] != 'glava') {
if (isset($_GET['joint']) && $tt[13][0] == 1) {
if ($_GET['joint'] == 1) {
//вступление в союз
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
$cnm = mysql_fetch_array(
mysql_query(
'SELECT * FROM `clan_joint` WHERE `name` = "' . mysql_real_escape_string(
@ -1723,7 +1723,7 @@ if ($u->info['clan_prava'] != 'glava') {
}
} else {
//вступление в альянс
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
$cnm = mysql_fetch_array(
mysql_query(
'SELECT * FROM `clan_joint` WHERE `name` = "' . mysql_real_escape_string(
@ -1763,7 +1763,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($res['join1'] > 0) {
echo '<font color="#FF0000"><b>Ваш клан уже состоит в союзе</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Введите название союза</b></font><br>';
} else {
@ -1803,7 +1803,7 @@ if ($u->info['clan_prava'] != 'glava') {
} elseif ($res['join2'] > 0) {
echo '<font color="#FF0000"><b>Ваш клан уже состоит в альянсе</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Введите название альянса</b></font><br>';
} else {
@ -2365,7 +2365,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($tc[0] >= 20) {
echo '<font color="#FF0000"><b>Нельзя добавлять более 25-ти титулов, для добавления нового сотрите старые</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['tituladd'], null, 'cp1251');
$nm = htmlspecialchars($_POST['tituladd'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Название титула не должно быть пустым</b></font><br>';
} else {
@ -2386,7 +2386,7 @@ if ($u->info['clan_prava'] != 'glava') {
)
);
if (isset($tc['id'])) {
$tc['info'] = htmlspecialchars($_POST['t_info'], null, 'cp1251');
$tc['info'] = htmlspecialchars($_POST['t_info'], null);
$i = 1;
$tc['canals'] = '';
while ($i <= 9) {

4
modules_data/_clan_new.php
View File

@ -221,7 +221,7 @@ if($edit==1){
echo'
<form method=post>
Редактирование прав <b>'.htmlspecialchars($_POST['logingo'],NULL,'cp1251').'</b><br>
Редактирование прав <b>'.htmlspecialchars($_POST['logingo'],NULL).'</b><br>
Звание в клане <input type=text value="',$prava['mod_zvanie'],'" name=status><BR>
<input type=checkbox name=priem';if ($edcpr[0]==1) { echo ' checked ';} echo'>Прием в клан<BR>
<input type=checkbox name=vigon';if ($edcpr[1]==1) { echo ' checked ';} echo'>Изгнание из клана<BR>
@ -229,7 +229,7 @@ echo'
<input type=checkbox name=givekazna';if ($edcpr[3]==1) { echo ' checked ';} echo'>Пополнение казны клана<BR>
<input type=checkbox name=usekazna';if ($edcpr[4]==1) { echo ' checked ';} echo'>Использование казны клана<BR>
<input type=hidden value="'.htmlspecialchars($_POST['logingo'],NULL,'cp1251').'" name=login><input type=submit value="Сохранить" name=save>
<input type=hidden value="'.htmlspecialchars($_POST['logingo'],NULL).'" name=login><input type=submit value="Сохранить" name=save>
</form>';
}
?>

20
modules_data/_clan_oldversion.php
View File

@ -559,8 +559,8 @@ if ($u->info['clan_prava'] != 'glava') {
if (isset($lmsg['id'])) {
$c_r .= '<font color="#FF0000"><b>Нельзя добавлять сообщения чаще одного раза в 10 секунд</b></font><br>';
} else {
$tadd = htmlspecialchars($_POST['textadd'], null, 'cp1251');
$ttadd = htmlspecialchars($_POST['titleadd'], null, 'cp1251');
$tadd = htmlspecialchars($_POST['textadd'], null);
$ttadd = htmlspecialchars($_POST['titleadd'], null);
if (str_replace(' ', '', str_replace(' ', '', $tadd)) == '') {
$c_r .= '<font color="#FF0000"><b>Нельзя отправлять пустое событие</b></font><br>';
} elseif (str_replace(' ', '', str_replace(' ', '', $ttadd)) == '') {
@ -1264,7 +1264,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($file = $upload->saveimg()) {
$size = getimagesize(
"https://new-combats.com/clan_prw/" . htmlspecialchars(
$file[1], null, 'cp1251'
$file[1], null
)
);
@ -1278,7 +1278,7 @@ if ($u->info['clan_prava'] != 'glava') {
'INSERT INTO `reimage` (`login`,`uid`,`time`,`src`,`clan`,`type`,`sex`,`animation`,`w`,`h`,`bag`) VALUES (
"' . $u->info['login'] . '",
"' . $u->info['id'] . '","' . time() . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null, 'cp1251')) . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null)) . '",
"' . $u->info['clan'] . '",
"' . mysql_real_escape_string($data['type']) . '",
"' . mysql_real_escape_string($data['sex']) . '",
@ -1520,7 +1520,7 @@ if ($u->info['clan_prava'] != 'glava') {
if (isset($_GET['joint']) && $tt[13][0] == 1) {
if ($_GET['joint'] == 1) {
//вступление в союз
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
$cnm = mysql_fetch_array(
mysql_query(
'SELECT * FROM `clan_joint` WHERE `name` = "' . mysql_real_escape_string(
@ -1553,7 +1553,7 @@ if ($u->info['clan_prava'] != 'glava') {
}
} else {
//вступление в альянс
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
$cnm = mysql_fetch_array(
mysql_query(
'SELECT * FROM `clan_joint` WHERE `name` = "' . mysql_real_escape_string(
@ -1593,7 +1593,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($res['join1'] > 0) {
echo '<font color="#FF0000"><b>Ваш клан уже состоит в союзе</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Введите название союза</b></font><br>';
} else {
@ -1633,7 +1633,7 @@ if ($u->info['clan_prava'] != 'glava') {
} elseif ($res['join2'] > 0) {
echo '<font color="#FF0000"><b>Ваш клан уже состоит в альянсе</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['logingo'], null, 'cp1251');
$nm = htmlspecialchars($_POST['logingo'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Введите название альянса</b></font><br>';
} else {
@ -2196,7 +2196,7 @@ if ($u->info['clan_prava'] != 'glava') {
if ($tc[0] >= 20) {
echo '<font color="#FF0000"><b>Нельзя добавлять более 25-ти титулов, для добавления нового сотрите старые</b></font><br>';
} else {
$nm = htmlspecialchars($_POST['tituladd'], null, 'cp1251');
$nm = htmlspecialchars($_POST['tituladd'], null);
if (str_replace(' ', '', str_replace(' ', '', $nm)) == '') {
echo '<font color="#FF0000"><b>Название титула не должно быть пустым</b></font><br>';
} else {
@ -2217,7 +2217,7 @@ if ($u->info['clan_prava'] != 'glava') {
)
);
if (isset($tc['id'])) {
$tc['info'] = htmlspecialchars($_POST['t_info'], null, 'cp1251');
$tc['info'] = htmlspecialchars($_POST['t_info'], null);
$i = 1;
$tc['canals'] = '';
while ($i <= 9) {

10
modules_data/_friends.php
View File

@ -57,13 +57,13 @@ if($addfr[0]<$addf){
$canadd = 'onclick=\'findlogin2("Добавить в список", "main.php?friends", "friendadd", new Array("Друзья","Враги","Не в группе","Игнорирование"), new Array())\'';
}else{$canadd = 'disabled';}
if($_POST['sd4'] && $_POST['friendadd']){
$_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL,'cp1251');
$_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL);
if(/*preg_match("/__/",$_POST['friendadd']) ||*/ preg_match("/--/",$_POST['friendadd'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
$frd = mysql_fetch_array(mysql_query("SELECT `id`,`login` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendadd'])."' LIMIT 1;"));
}
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL,'cp1251');
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL);
$frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist,ignor FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."' or `ignor`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;"));
if(!$frd['id']){echo"<font color=red>Персонаж не найден.</font>";}
elseif($frd['id']==$u->info['id']){echo"<font color=red>Себя добавить нельзя.</font>";}
@ -87,7 +87,7 @@ if($_POST['sd4'] && $_POST['friendadd']){
}
if($_GET['friendremove']){
$_GET['friendremove']=htmlspecialchars($_GET['friendremove'],NULL,'cp1251');
$_GET['friendremove']=htmlspecialchars($_GET['friendremove'],NULL);
if(preg_match("/__/",$_GET['friendremove']) || preg_match("/--/",$_GET['friendremove'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
@ -110,13 +110,13 @@ if($_GET['friendremove']){
if($_POST['friendedit']){
$_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL,'cp1251');
$_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL);
if(preg_match("/__/",$_POST['friendedit']) || preg_match("/--/",$_POST['friendedit'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
$frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendedit'])."' LIMIT 1;"));
}
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL,'cp1251');
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL);
if(!$frd['id']){echo"<font color=red>Персонаж не найден.</font>";}
elseif($frd['id']==$u->info['id']){echo"<font color=red>Себя отредактировать нельзя.</font>";}
elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"<font color=red>Введен неверный текст.</font>";}

11
modules_data/_friends_.php
View File

@ -8,13 +8,13 @@ $friend = mysql_fetch_array(mysql_query("SELECT * FROM `friends` WHERE `user` =
if($_POST['sd4'] && $_POST['friendadd']){
$_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL,'cp1251');
$_POST['friendadd']=htmlspecialchars($_POST['friendadd'],NULL);
if(preg_match("/__/",$_POST['friendadd']) || preg_match("/--/",$_POST['friendadd'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
$frd = mysql_fetch_array(mysql_query("SELECT `id` FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendadd'])."' LIMIT 1;"));
}
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL,'cp1251');
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL);
$frd2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '".mysql_real_escape_string($u->info['id'])."' and (`friend`='".mysql_real_escape_string($frd['id'])."' or `enemy`='".mysql_real_escape_string($frd['id'])."' or `notinlist`='".mysql_real_escape_string($frd['id'])."') LIMIT 1;"));
if(!$frd['id']){echo"<font color=red>Персонаж не найден.</font>";}
elseif($frd['id']==$u->info['id']){echo"<font color=red>Себя добавить нельзя.</font>";}
@ -30,7 +30,7 @@ echo"<font color=red>Персонаж <b>".$_POST['friendadd']."</b> добав
}
if($_POST['friendremove']){
$_POST['friendremove']=htmlspecialchars($_POST['friendremove'],NULL,'cp1251');
$_POST['friendremove']=htmlspecialchars($_POST['friendremove'],NULL);
if(preg_match("/__/",$_POST['friendremove']) || preg_match("/--/",$_POST['friendremove'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
@ -56,13 +56,13 @@ if($_POST['friendedit']){
$_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL,'cp1251');
$_POST['friendedit']=htmlspecialchars($_POST['friendedit'],NULL);
if(preg_match("/__/",$_POST['friendedit']) || preg_match("/--/",$_POST['friendedit'])){
echo"<font color=red>Персонаж не найден.</font>";
}else{
$frd = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '".mysql_real_escape_string($_POST['friendedit'])."' LIMIT 1;"));
}
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL,'cp1251');
$_POST['comment']=htmlspecialchars($_POST['comment'],NULL);
if(!$frd['id']){echo"<font color=red>Персонаж не найден.</font>";}
elseif($frd['id']==$u->info['id']){echo"<font color=red>Себя отредактировать нельзя.</font>";}
elseif(preg_match("/__/",$_POST['comment']) || preg_match("/--/",$_POST['comment'])){echo"<font color=red>Введен неверный текст.</font>";}
@ -90,7 +90,6 @@ echo"<font color=red>Данные контакта <b>".$_POST['friendedit']."</
?>
<HTML><HEAD>
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>

2
modules_data/_inv-new.php
View File

@ -35,7 +35,7 @@ if( isset($_GET['delcop']) ) {
//сохраняем комплект
if( isset($_POST['compname']) ) {
$_POST['compname'] = htmlspecialchars($_POST['compname'],NULL,'cp1251');
$_POST['compname'] = htmlspecialchars($_POST['compname'],NULL);
$_POST['compname'] = str_replace("'",'',$_POST['compname']);
$_POST['compname'] = str_replace('"','',$_POST['compname']);
$ptst = str_replace(' ','',$_POST['compname']);

8
modules_data/_inv-old.php
View File

@ -44,16 +44,10 @@ if(isset($_GET['delcop'])) {
}
}
/*
$u->add_buf('',0);
echo time();
$u->add_buf('',1,$u->info['id'],'inv');
*/
//сохраняем комплект
if(isset($_POST['compname']))
{
$_POST['compname'] = htmlspecialchars($_POST['compname'],NULL,'cp1251');
$_POST['compname'] = htmlspecialchars($_POST['compname']);
$_POST['compname'] = str_replace("'",'',$_POST['compname']);
$_POST['compname'] = str_replace('"','',$_POST['compname']);
$ptst = str_replace(' ','',$_POST['compname']);

2
modules_data/_inv.php
View File

@ -65,7 +65,7 @@ if (isset($_GET['delcop'])) {
//сохраняем комплект
if (isset($_POST['compname'])) {
$_POST['compname'] = htmlspecialchars($_POST['compname'], null, 'cp1251');
$_POST['compname'] = htmlspecialchars($_POST['compname'], null);
$_POST['compname'] = str_replace("'", '', $_POST['compname']);
$_POST['compname'] = str_replace('"', '', $_POST['compname']);
$ptst = str_replace(' ', '', $_POST['compname']);

4
modules_data/_locations.php
View File

@ -125,11 +125,11 @@ function thisInfRm($id, $tp = null, $json = false)
$inf = $rm['name'] . "\nСейчас в комнате " . (0 + $rown[0]) . ' чел.';
}
if ($json) {
return [$rm['code'], iconv("WINDOWS-1251", "UTF-8", $rm['name']), (0 + $rown[0])];
return [$rm['code'], $rm['name'], (0 + $rown[0])];
}
}
if ($json) {
return ['false', iconv("WINDOWS-1251", "UTF-8", $inf), (0 + $rown[0])];
return ['false', $inf, (0 + $rown[0])];
}
if ($tp == null) {
echo 'onMouseOver="top.hi(this,\'<div align=right>' . $inf . '</div>\',event,0,1,1,1,\'max-height:240px\');" onMouseOut="top.hic();" onMouseDown="top.hic();" onClick="goLocal(\'main.php?loc=' . $rm['code'] . '\',\'' . $rm['name'] . '\');"';

6
modules_data/_mod.php
View File

@ -1477,7 +1477,7 @@ function closeMod()
if(isset($_POST['hbldt'])) {
$hbld2 = 1;
}
$ins = mysql_query('INSERT INTO `users_delo` (`onlyAdmin`,`hb`,`uid`,`time`,`city`,`text`,`login`,`ip`) VALUES ("'.$hbld2.'","'.$hbld.'","'.$usr['id'].'","'.time().'","'.$usr['city'].'","'.$rang.' &quot;'.$mod_login.'&quot; <b>сообщает</b>: '.mysql_real_escape_string(htmlspecialchars($_POST['textLD'],NULL,'cp1251')).'","'.$u->info['login'].'","'.$u->info['ip'].'")');
$ins = mysql_query('INSERT INTO `users_delo` (`onlyAdmin`,`hb`,`uid`,`time`,`city`,`text`,`login`,`ip`) VALUES ("'.$hbld2.'","'.$hbld.'","'.$usr['id'].'","'.time().'","'.$usr['city'].'","'.$rang.' &quot;'.$mod_login.'&quot; <b>сообщает</b>: '.mysql_real_escape_string(htmlspecialchars($_POST['textLD'],NULL)).'","'.$u->info['login'].'","'.$u->info['ip'].'")');
if(!$ins)
{
$er = 'Ошибка записи в личное дело';
@ -1766,7 +1766,7 @@ function closeMod()
$zvnt = 'Администрация сообщает.';
$zvno = 'Администрация';
}
mysql_query('INSERT INTO `telegram` (`uid`,`from`,`tema`,`text`,`time`) VALUES ("'.$tous['id'].'","<b><font color=red>'.$zvno.'</font></b>","'.$zvnt.'","'.mysql_real_escape_string(htmlspecialchars($_POST['textLD5'],NULL,'cp1251')).'","'.time().'")');
mysql_query('INSERT INTO `telegram` (`uid`,`from`,`tema`,`text`,`time`) VALUES ("'.$tous['id'].'","<b><font color=red>'.$zvno.'</font></b>","'.$zvnt.'","'.mysql_real_escape_string(htmlspecialchars($_POST['textLD5'],NULL)).'","'.time().'")');
echo '<font color="red"><b>Сообщение успешно отправлено</b></font>';
}else{
echo '<font color="red"><b>Персонаж не найден...</b></font>';
@ -1819,7 +1819,7 @@ function closeMod()
if(isset($_POST['pometka577'])) {
//$tous = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "'.mysql_real_escape_string($_POST['loginLD5']).'" LIMIT 1'));
//if(isset($tous['id'])) {
//mysql_query('INSERT INTO `telegram` (`uid`,`from`,`tema`,`text`,`time`) VALUES ("'.$tous['id'].'","<b><font color=red>'.$zvno.'</font></b>","'.$zvnt.'","'.mysql_real_escape_string(htmlspecialchars($_POST['textLD5'],NULL,'cp1251')).'","'.time().'")');
//mysql_query('INSERT INTO `telegram` (`uid`,`from`,`tema`,`text`,`time`) VALUES ("'.$tous['id'].'","<b><font color=red>'.$zvno.'</font></b>","'.$zvnt.'","'.mysql_real_escape_string(htmlspecialchars($_POST['textLD5'],NULL)).'","'.time().'")');
if(isset($_POST['hbld577'])) {
$_POST['textLD577'] = ''.$zvnt.' '.$_POST['textLD577'];
}else{

6
modules_data/_newanimal.bac.php
View File

@ -90,7 +90,7 @@ function testBad($txt) {
function is_login_an($login) {
$r = true;
//
$login = htmlspecialchars($login,NULL,'cp1251');
$login = htmlspecialchars($login,NULL);
//
$bad = array(
'Мусорщик' => 1,
@ -156,7 +156,7 @@ if(isset($_GET['buy_slot'])) {
}
}elseif(isset($_GET['pet'])) {
$_GET['pet'] = round((int)$_GET['pet']);
$_GET['petname'] = htmlspecialchars($_GET['petname'],NULL,'cp1251');
$_GET['petname'] = htmlspecialchars($_GET['petname'],NULL);
$ax = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM `users_animal` WHERE `uid` = "'.$u->info['id'].'" AND `delete` = 0 LIMIT 1'));
$ax = $ax[0];
if( $_GET['pet'] < 1 || $_GET['pet'] > 7 ) {
@ -261,7 +261,7 @@ if(isset($_GET['buy_slot'])) {
}
}elseif(isset($_GET['rename'])) {
$anm = mysql_fetch_array(mysql_query('SELECT * FROM `users_animal` WHERE `id` = "'.mysql_real_escape_string($_GET['rename']).'" AND `uid` = "'.$u->info['id'].'" AND `delete` = 0 LIMIT 1'));
$_GET['vvv'] = htmlspecialchars($_GET['vvv'],NULL,'cp1251');
$_GET['vvv'] = htmlspecialchars($_GET['vvv'],NULL);
if(!isset($anm['id'])) {
$u->error = 'Зверь не найден.';
}elseif(30 > $u->info['money']) {

8
modules_data/_newanimal.php
View File

@ -90,7 +90,7 @@ function testBad($txt) {
function is_login_an($login) {
$r = true;
//
$login = htmlspecialchars($login,NULL,'cp1251');
$login = htmlspecialchars($login,NULL);
//
$bad = array(
'Мусорщик' => 1,
@ -156,7 +156,7 @@ if(isset($_GET['buy_slot'])) {
}
}elseif(isset($_GET['pet'])) {
$_GET['pet'] = round((int)$_GET['pet']);
$_GET['petname'] = htmlspecialchars($_GET['petname'],NULL,'cp1251');
$_GET['petname'] = htmlspecialchars($_GET['petname'],NULL);
$ax = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM `users_animal` WHERE `uid` = "'.$u->info['id'].'" AND `delete` = 0 LIMIT 1'));
$ax = $ax[0];
if( $_GET['pet'] < 1 || $_GET['pet'] > 7 ) {
@ -218,7 +218,7 @@ if(isset($_GET['buy_slot'])) {
$anm['stats'] = 's1=5|s2=3|s3=3|s4=5|rinv=40|m9=5|m6=10';
}
//
$anm['name'] = htmlspecialchars($_GET['petname'],NULL,'cp1251');
$anm['name'] = htmlspecialchars($_GET['petname'],NULL);
$anm['name'] = preg_replace("/&#?[a-z0-9]+;/i","", $anm['name']);
//
$anm['obraz'] = $anm['obraz'][rand(1,count($anm['obraz']))];
@ -262,7 +262,7 @@ if(isset($_GET['buy_slot'])) {
}
}elseif(isset($_GET['rename'])) {
$anm = mysql_fetch_array(mysql_query('SELECT * FROM `users_animal` WHERE `id` = "'.mysql_real_escape_string($_GET['rename']).'" AND `uid` = "'.$u->info['id'].'" AND `delete` = 0 LIMIT 1'));
$_GET['vvv'] = htmlspecialchars($_GET['vvv'],NULL,'cp1251');
$_GET['vvv'] = htmlspecialchars($_GET['vvv'],NULL);
if(!isset($anm['id'])) {
$u->error = 'Зверь не найден.';
}elseif(30 > $u->info['money']) {

4
modules_data/_ref2.php
View File

@ -46,7 +46,7 @@ if($rfs['see']=='')
$rfs['see'] = '<center><b>К сожалению, у Вас нет воспитанников. Пригласите друзей сейчас!</b></center>';
}
if(isset($_GET['nastanew'])) {
$_GET['nastanew'] = htmlspecialchars($_GET['nastanew'],NULL,'cp1251');
$_GET['nastanew'] = htmlspecialchars($_GET['nastanew'],NULL);
$upr = mysql_fetch_array(mysql_query('SELECT `id`,`login`,`online`,`admin`,`banned`,`level`,`host_reg` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_GET['nastanew']).'" ORDER BY `id` ASC LIMIT 1'));
if(isset($upr['id']) && $upr['inUser'] == 0) {
$ch1 = mysql_fetch_array(mysql_query('SELECT * FROM `chat` WHERE `type` = 90 AND `to` = "'.$upr['login'].'" AND `time` > '.(time()-3600).' AND `login` = "'.$u->info['login'].'" LIMIT 1'));
@ -72,7 +72,7 @@ if(isset($_GET['nastanew'])) {
$u->error = 'Персонаж с логином &quot;'.$_GET['nastanew'].'&quot; не найден.';
}
}elseif(isset($_GET['nastayes'])) {
$_GET['nastayes'] = htmlspecialchars($_GET['nastayes'],NULL,'cp1251');
$_GET['nastayes'] = htmlspecialchars($_GET['nastayes'],NULL);
$upr = mysql_fetch_array(mysql_query('SELECT `id`,`login`,`online`,`admin`,`banned`,`level`,`host_reg` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_GET['nastayes']).'" LIMIT 1'));
if(isset($upr['id'])) {
$ch1 = mysql_fetch_array(mysql_query('SELECT * FROM `chat` WHERE `type` = 90 AND `to` = "'.$u->info['login'].'" AND `delete` > 0 AND `login` = "'.$upr['login'].'" LIMIT 1'));

1
modules_data/_security.php
View File

@ -7,7 +7,6 @@ if(!defined('GAME'))
<HTML>
<HEAD>
<link rel=stylesheet type="text/css" href="../i/main.css">
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
</HEAD>
<body bgcolor=e2e0e0>
<FORM ACTION="main.php?act_sec" METHOD=POST>

2
modules_data/_umenie.php
View File

@ -1615,7 +1615,7 @@ $tma = '';
<?php
if (isset($_GET['savePriems'])) {
$_GET['savePriems'] = htmlspecialchars(
substr($_GET['savePriems'], 0, 11), null, 'cp1251'
substr($_GET['savePriems'], 0, 11), null
);
$sp = mysql_fetch_array(
mysql_query(

2
modules_data/btl_.php
View File

@ -266,7 +266,7 @@ echo '<script>var server_fight = "";</script>';
}
?>
var log_text = <?php echo normJsonStr(json_encode(convert('cp1251', 'utf-8', $log_text))); ?>;
var log_text = <?= normJsonStr(json_encode($log_text)); ?>;
var youlogin = "<?=$u->info['login']?>";
function looklogrep(text, vars) {

3
modules_data/btl_2.php1
View File

@ -193,12 +193,11 @@ function convert($from, $to, $var)
}
function normJsonStr($str){
$str = preg_replace_callback('/\\\u([a-f0-9]{4})/i', create_function('$m', 'return chr(hexdec($m[1])-1072+224);'), $str);
//$str = iconv('cp1251', 'utf-8', $str);
return $str;
}
?>
var log_text = <? echo normJsonStr(json_encode(convert('cp1251','utf-8',$log_text))); ?>;
var log_text = <? echo normJsonStr(json_encode($log_text)); ?>;
var youlogin = "<?=$u->info['login']?>";
function looklogrep(text,vars) {

5
modules_data/btl_bac.php
View File

@ -229,13 +229,10 @@ function normJsonStr($str){
function ($m) {return chr(hexdec($m[1]) - 1072 + 224);},
$str
);
// $str = preg_replace_callback('/\\\u([a-f0-9]{4})/i', create_function('$m', 'return chr(hexdec($m[1])-1072+224);'), $str);
// //$str = iconv('cp1251', 'utf-8', $str);
// return $str;
}
?>
var log_text = <? echo normJsonStr(json_encode(convert('cp1251', 'utf-8', $log_text))); ?>;
var log_text = <? echo normJsonStr(json_encode($log_text)); ?>;
var youlogin = "<?=$u->info['login']?>";
function looklogrep(text,vars) {

8
modules_data/location/_shop_referal_.php
View File

@ -39,10 +39,10 @@ if($u->room['file']=='_shop_referal_')
$itm['gtxt1'] = str_replace('\x3C','<',$itm['gtxt1']);
$itm['gtxt1'] = str_replace('\x3','>',$itm['gtxt1']);
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL,'cp1251');
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL);
$itm['gtxt2'] = str_replace('\x3C','<',$itm['gtxt2']);
$itm['gtxt2'] = str_replace('\x3','>',$itm['gtxt2']);
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL,'cp1251');
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL);
$upd = mysql_query('UPDATE `items_users` SET `data` = "'.$itm['data'].'",`gtxt1` = "'.mysql_real_escape_string($itm['gtxt1']).'",`gtxt2` = "'.mysql_real_escape_string($itm['gtxt2']).'", `uid` = "'.$to['id'].'", `gift` = "'.$u->info['login'].'",`time_create` = "'.time().'" WHERE `id` = "'.$itm['id'].'" LIMIT 1');
$whos = mysql_fetch_array(mysql_query('SELECT `login` FROM `users` WHERE `id` = "'.$to['id'].'" LIMIT 1'));
@ -76,10 +76,10 @@ if($u->room['file']=='_shop_referal_')
$itm['gtxt1'] = str_replace('\x3C','<',$itm['gtxt1']);
$itm['gtxt1'] = str_replace('\x3','>',$itm['gtxt1']);
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL,'cp1251');
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL);
$itm['gtxt2'] = str_replace('\x3C','<',$itm['gtxt2']);
$itm['gtxt2'] = str_replace('\x3','>',$itm['gtxt2']);
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL,'cp1251');
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL);
$upd = mysql_query('UPDATE `items_users` SET `data` = "'.$itm['data'].'",`gtxt1` = "'.mysql_real_escape_string($itm['gtxt1']).'",`gtxt2` = "'.mysql_real_escape_string($itm['gtxt2']).'", `uid` = "'.$to['id'].'", `gift` = "'.$u->info['login'].'",`time_create` = "'.time().'" WHERE `id` = "'.$itm['id'].'" LIMIT 1');
$whos = mysql_fetch_array(mysql_query('SELECT `login` FROM `users` WHERE `id` = "'.$to['id'].'" LIMIT 1'));

19
modules_data/location/a_clanreg.php
View File

@ -46,7 +46,7 @@ if (isset($_POST['clan_name'])) {
$_POST['clan_align'] = 7;
}
$clan_name = substr(htmlspecialchars($_POST['clan_name'], null, 'cp1251'), 0, 30);
$clan_name = substr(htmlspecialchars($_POST['clan_name'], null), 0, 30);
$cnt = mysql_fetch_array(
mysql_query('SELECT * FROM `clan` WHERE `name` = "' . mysql_real_escape_string($clan_name) . '" LIMIT 1')
@ -81,27 +81,28 @@ if (isset($_POST['clan_name'])) {
mysql_query(
'UPDATE `users` SET `money2` = "' . $u->info['money2'] . '" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
mysql_query(
'INSERT INTO `_clan` (`uid`,`time`,`city`,`name`,`name2`,`site`,`img1`,`img2`,`info`,`money`,`align`) VALUES (
"' . $u->info['id'] . '","' . time() . '",
"' . $u->info['city'] . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_name'], null, 'cp1251')) . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_name'], null, 'cp1251')) . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_site'], null, 'cp1251')) . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null, 'cp1251')) . '",
"",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_name'], null)) . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_name'], null)) . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_site'], null)) . '",
"' . mysql_real_escape_string(htmlspecialchars($file[1], null)) . '",
"",
"",
"' . $tr_money2 . '",
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_align'], null, 'cp1251')) . '"
"' . mysql_real_escape_string(htmlspecialchars($_POST['clan_align'], null)) . '"
)'
);
$lzv = [
'id' => mysql_insert_id(),
'name' => htmlspecialchars($_POST['clan_name'], null, 'cp1251'),
'name' => htmlspecialchars($_POST['clan_name'], null),
'time' => time(),
];
$re = 'Вы успешно подали заявку на регистрацию клана &quot;' . htmlspecialchars(
$_POST['clan_name'], null, 'cp1251'
$_POST['clan_name'], null
) . '&quot;. (' . $tr_money2 . 'екр.)';
} else {
$re = 'Маленький значок: ' . Uploader::$error;

2
modules_data/location/a_fontan.php
View File

@ -139,7 +139,7 @@ body
$tstm = mysql_fetch_array(mysql_query('SELECT COUNT(`id`) FROM `fontan_text` WHERE `uid` = "'.$u->info['id'].'" AND `time` > '.(time()-10).' LIMIT 1'));
if($u->info['molch1'] < time() && $u->info['level'] > 0 && $u->info['align'] != 2 && $tstm[0] < 1) {
if(str_replace(' ','',str_replace(' ','',$_POST['message']))) {
mysql_query('INSERT INTO `fontan_text` (`uid`,`time`,`text`) VALUES ("'.$u->info['id'].'","'.time().'","'.mysql_real_escape_string(htmlspecialchars($_POST['message'],NULL,'cp1251')).'")');
mysql_query('INSERT INTO `fontan_text` (`uid`,`time`,`text`) VALUES ("'.$u->info['id'].'","'.time().'","'.mysql_real_escape_string(htmlspecialchars($_POST['message'],NULL)).'")');
echo '<font color=red><b>Сообщение добавлено</b></font>';
}else{
echo '<font color=red><b>Пустое сообщение!</b></font>';

2
modules_data/location/ab/goral.php
View File

@ -240,7 +240,7 @@ while($pl = mysql_fetch_array($sp))
}
}
$pl['com'] = htmlspecialchars($pl['com'],NULL,'cp1251');
$pl['com'] = htmlspecialchars($pl['com'],NULL);
if($pl['dcom']>0)
{

2
modules_data/location/ab/legion.php
View File

@ -240,7 +240,7 @@ while($pl = mysql_fetch_array($sp))
}
}
$pl['com'] = htmlspecialchars($pl['com'],NULL,'cp1251');
$pl['com'] = htmlspecialchars($pl['com'],NULL);
if($pl['dcom']>0)
{

2
modules_data/location/an/bank.php
View File

@ -147,7 +147,7 @@ if ($u->room['file'] == 'an/bank') {
$re2 = 'У вас недостаточно кр.';
} elseif ($u->info['align'] != 2) {
$pass = rand(10000, 91191);
$pass = htmlspecialchars($_POST['pass1'], null, 'cp1251');
$pass = htmlspecialchars($_POST['pass1'], null);
$ins = mysql_query(
'INSERT INTO `bank` (`uid`,`create`,`pass`) VALUES ("' . $u->info['id'] . '","' . time(
) . '","' . $pass . '")'

Some files were not shown because too many files have changed in this diff Show More