<?php
# Admin Only Area
include('_incl_data/__config.php');
const GAME = true;
include('_incl_data/class/__db_connect.php');
$u = User::start();

if (!$u->info['admin']) {
    header('location: /index.php');
    die();
}

$sid = round((int)$_GET['sid']);
$r = round((int)$_GET['r']);
?>
<!doctype html>
<html>
<head>
    
    <title>Редактор предметов в магазине</title>
    <link href="//img.new-combats.tech/css/main.css" rel="stylesheet" type="text/css">
    <script type="text/javascript">
        function MM_jumpMenu(targ, selObj, restore) { //v3.0
            eval(targ + ".location='" + selObj.options[selObj.selectedIndex].value + "'");
            if (restore) selObj.selectedIndex = 0;
        }
    </script>
</head>

<body>
<form method="post" action="/adminion/editor_shop.php?sid=<?= $sid . '&r=' . $r ?>">
    <table width="1000" border="0" align="center" cellpadding="10" cellspacing="0">
        <tr>
            <td align="center"><p>Магазин:
                    <select name="shop_id" id="shop_id" onChange="MM_jumpMenu('parent',this,0)">
                        <?php

                        if (isset($_POST['additemnow'])) {
                            mysql_query(
                                'INSERT INTO `items_shop` (
				`item_id`,`kolvo`,`sid`,`r`,`real`
			) VALUES (
				"' . mysql_real_escape_string($_POST['item_add']) . '","1000000000","' . $sid . '","' . $r . '","1"
			)'
                            );
                        }

                        $sp = mysql_query('SELECT `sid` FROM `items_shop` GROUP BY `sid`');
                        while ($pl = mysql_fetch_array($sp)) {
                            echo '<option ';
                            if ($pl['sid'] == $sid) {
                                echo ' selected="selected" ';
                            }
                            echo ' value="/editor_shop.php?sid=' . $pl['sid'] . '&r=' . $r . '">' . $pl['sid'] . '</option>';
                        }
                        ?>
                    </select>
                    Раздел магазина:
                    <select name="r_id" id="r_id" onChange="MM_jumpMenu('parent',this,0)">
                        <?php
                        $sp = mysql_query(
                            'SELECT `r` FROM `items_shop` WHERE `sid` = "' . mysql_real_escape_string(
                                $sid
                            ) . '" GROUP BY `r`'
                        );
                        while ($pl = mysql_fetch_array($sp)) {
                            echo '<option ';
                            if ($pl['r'] == $r) {
                                echo ' selected="selected" ';
                            }
                            echo ' value="/editor_shop.php?sid=' . $sid . '&r=' . $pl['r'] . '">' . $pl['r'] . '</option>';
                        }
                        ?>
                    </select>
                </p>
                <p><a href="/adminion/editor_shop.php?sid=<?= $sid ?>&r=<?= $r ?>">ОБНОВИТЬ СТРАНИЦУ</a><br>
                    <br>
                </p>
                <hr>
            </td>
        </tr>
        <tr>
            <td align="center">Добавить предмет (id предмета): <input type="text" value="" name="item_add"> в этот
                раздел. <input type="submit" name="additemnow" value="Добавить в магазин <?= $sid ?>, раздел <?= $r ?>"><br><br>
                <hr>
            </td>
        </tr>
        <tr>
            <td>
                <?php
                $sp = mysql_query('SELECT * FROM `items_shop` WHERE `sid` = "' . $sid . '" AND `r` = "' . $r . '"');
                while ($pl = mysql_fetch_array($sp)) {
                    $itm = mysql_fetch_array(
                        mysql_query('SELECT * FROM `items_main` WHERE `id` = "' . $pl['item_id'] . '" LIMIT 1')
                    );

                    $del = 0;

                    if (isset($_POST['del' . $pl['iid'] . 'x'])) {
                        $del = 1;
                        mysql_query('DELETE FROM `items_shop` WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1');
                    }

                    if ($del == 0) {
                        if (isset($_POST['itm_' . $pl['iid'] . '_b1'])) {

                            $pl['kolvo'] = $_POST['itm_' . $pl['iid'] . '_x'];

                            $pl['price_1'] = $_POST['itm_' . $pl['iid'] . '_p1'];
                            $pl['price_2'] = $_POST['itm_' . $pl['iid'] . '_p2'];

                            $itm['price1'] = $_POST['itm_' . $pl['iid'] . '_b1'];
                            $itm['price2'] = $_POST['itm_' . $pl['iid'] . '_b2'];

                            mysql_query(
                                'UPDATE `items_shop` SET
				`kolvo` = "' . mysql_real_escape_string($pl['kolvo']) . '",
				`price_1` = "' . mysql_real_escape_string($pl['price_1']) . '",
				`price_2` = "' . mysql_real_escape_string($pl['price_2']) . '"
				WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1'
                            );

                            mysql_query(
                                'UPDATE `items_main` SET
				`price1` = "' . mysql_real_escape_string($itm['price1']) . '",
				`price2` = "' . mysql_real_escape_string($itm['price2']) . '"
				WHERE `id` = "' . $itm['id'] . '" LIMIT 1'
                            );

                        }
                        ?>
                        <table name="itm_<?= $pl['iid'] ?>" id="itm_<?= $pl['iid'] ?>" width="100%" border="0"
                               cellspacing="0" cellpadding="10">
                            <tr>
                                <td width="200" align="center" valign="middle">
                                    <img src="//img.new-combats.tech/i/items/<?= $itm['img'] ?>"><br>
                                    Кол-во: <input value="<?= $pl['kolvo'] ?>" type="text"
                                                   name="itm_<?= $pl['iid'] ?>_x"><br>
                                    #<?= $pl['item_id'] ?>
                                    <br>
                                    <input type="submit" value="Сохранить изменения">
                                </td>
                                <td valign="top">
                                    <a href="/item/<?= $itm['id'] ?>"><?= $itm['name'] ?></a><br>
                                    Цена в базе: <input value="<?= $itm['price1'] ?>" type="text"
                                                        name="itm_<?= $pl['iid'] ?>_b1"> кр.<br>
                                    Цена в базе: <input value="<?= $itm['price2'] ?>" type="text"
                                                        name="itm_<?= $pl['iid'] ?>_b2"> екр.
                                    <hr>
                                    Цена в магазине: <input value="<?= $pl['price_1'] ?>" type="text"
                                                            name="itm_<?= $pl['iid'] ?>_p1"> кр.<br>
                                    Цена в магазине: <input value="<?= $pl['price_2'] ?>" type="text"
                                                            name="itm_<?= $pl['iid'] ?>_p2"> екр.
                                    <hr>
                                    <br><br><br><br><input type="submit" name="del<?= $pl['iid'] ?>x"
                                                           value="Удалить из магазина (ПОЛНОЕ УДАЛЕНИЕ БЕЗ ВОССТАНОВЛЕНИЯ!!!)">
                                </td>
                            </tr>
                        </table>
                        <hr><?php
                    }
                }
                ?>
            </td>
        </tr>
    </table>
</form>
</body>
</html>