<?php
# Admin Only Area
include('_incl_data/__config.php');
const GAME = true;
include('_incl_data/class/__db_connect.php');
$u = User::start();
if (!$u->info['admin']) {
header('location: /index.php');
die();
}
$sid = round((int)$_GET['sid']);
$r = round((int)$_GET['r']);
?>
<!doctype html>
<html>
<head>
<title>Редактор предметов в магазине</title>
<link href="//img.new-combats.tech/css/main.css" rel="stylesheet" type="text/css">
<script type="text/javascript">
function MM_jumpMenu(targ, selObj, restore) { //v3.0
eval(targ + ".location='" + selObj.options[selObj.selectedIndex].value + "'");
if (restore) selObj.selectedIndex = 0;
}
</script>
</head>
<body>
<form method="post" action="/adminion/editor_shop.php?sid=<?= $sid . '&r=' . $r ?>">
<table width="1000" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="center"><p>Магазин:
<select name="shop_id" id="shop_id" onChange="MM_jumpMenu('parent',this,0)">
<?php
if (isset($_POST['additemnow'])) {
mysql_query(
'INSERT INTO `items_shop` (
`item_id`,`kolvo`,`sid`,`r`,`real`
) VALUES (
"' . mysql_real_escape_string($_POST['item_add']) . '","1000000000","' . $sid . '","' . $r . '","1"
)'
);
}
$sp = mysql_query('SELECT `sid` FROM `items_shop` GROUP BY `sid`');
while ($pl = mysql_fetch_array($sp)) {
echo '<option ';
if ($pl['sid'] == $sid) {
echo ' selected="selected" ';
}
echo ' value="/editor_shop.php?sid=' . $pl['sid'] . '&r=' . $r . '">' . $pl['sid'] . '</option>';
}
?>
</select>
Раздел магазина:
<select name="r_id" id="r_id" onChange="MM_jumpMenu('parent',this,0)">
<?php
$sp = mysql_query(
'SELECT `r` FROM `items_shop` WHERE `sid` = "' . mysql_real_escape_string(
$sid
) . '" GROUP BY `r`'
);
while ($pl = mysql_fetch_array($sp)) {
echo '<option ';
if ($pl['r'] == $r) {
echo ' selected="selected" ';
}
echo ' value="/editor_shop.php?sid=' . $sid . '&r=' . $pl['r'] . '">' . $pl['r'] . '</option>';
}
?>
</select>
</p>
<p><a href="/adminion/editor_shop.php?sid=<?= $sid ?>&r=<?= $r ?>">ОБНОВИТЬ СТРАНИЦУ</a><br>
<br>
</p>
<hr>
</td>
</tr>
<tr>
<td align="center">Добавить предмет (id предмета): <input type="text" value="" name="item_add"> в этот
раздел. <input type="submit" name="additemnow" value="Добавить в магазин <?= $sid ?>, раздел <?= $r ?>"><br><br>
<hr>
</td>
</tr>
<tr>
<td>
<?php
$sp = mysql_query('SELECT * FROM `items_shop` WHERE `sid` = "' . $sid . '" AND `r` = "' . $r . '"');
while ($pl = mysql_fetch_array($sp)) {
$itm = mysql_fetch_array(
mysql_query('SELECT * FROM `items_main` WHERE `id` = "' . $pl['item_id'] . '" LIMIT 1')
);
$del = 0;
if (isset($_POST['del' . $pl['iid'] . 'x'])) {
$del = 1;
mysql_query('DELETE FROM `items_shop` WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1');
}
if ($del == 0) {
if (isset($_POST['itm_' . $pl['iid'] . '_b1'])) {
$pl['kolvo'] = $_POST['itm_' . $pl['iid'] . '_x'];
$pl['price_1'] = $_POST['itm_' . $pl['iid'] . '_p1'];
$pl['price_2'] = $_POST['itm_' . $pl['iid'] . '_p2'];
$itm['price1'] = $_POST['itm_' . $pl['iid'] . '_b1'];
$itm['price2'] = $_POST['itm_' . $pl['iid'] . '_b2'];
mysql_query(
'UPDATE `items_shop` SET
`kolvo` = "' . mysql_real_escape_string($pl['kolvo']) . '",
`price_1` = "' . mysql_real_escape_string($pl['price_1']) . '",
`price_2` = "' . mysql_real_escape_string($pl['price_2']) . '"
WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1'
);
mysql_query(
'UPDATE `items_main` SET
`price1` = "' . mysql_real_escape_string($itm['price1']) . '",
`price2` = "' . mysql_real_escape_string($itm['price2']) . '"
WHERE `id` = "' . $itm['id'] . '" LIMIT 1'
);
}
?>
<table name="itm_<?= $pl['iid'] ?>" id="itm_<?= $pl['iid'] ?>" width="100%" border="0"
cellspacing="0" cellpadding="10">
<tr>
<td width="200" align="center" valign="middle">
<img src="//img.new-combats.tech/i/items/<?= $itm['img'] ?>"><br>
Кол-во: <input value="<?= $pl['kolvo'] ?>" type="text"
name="itm_<?= $pl['iid'] ?>_x"><br>
#<?= $pl['item_id'] ?>
<br>
<input type="submit" value="Сохранить изменения">
</td>
<td valign="top">
<a href="/item/<?= $itm['id'] ?>"><?= $itm['name'] ?></a><br>
Цена в базе: <input value="<?= $itm['price1'] ?>" type="text"
name="itm_<?= $pl['iid'] ?>_b1"> кр.<br>
Цена в базе: <input value="<?= $itm['price2'] ?>" type="text"
name="itm_<?= $pl['iid'] ?>_b2"> екр.
<hr>
Цена в магазине: <input value="<?= $pl['price_1'] ?>" type="text"
name="itm_<?= $pl['iid'] ?>_p1"> кр.<br>
Цена в магазине: <input value="<?= $pl['price_2'] ?>" type="text"
name="itm_<?= $pl['iid'] ?>_p2"> екр.
<hr>
<br><br><br><br><input type="submit" name="del<?= $pl['iid'] ?>x"
value="Удалить из магазина (ПОЛНОЕ УДАЛЕНИЕ БЕЗ ВОССТАНОВЛЕНИЯ!!!)">
</td>
</tr>
</table>
<hr><?php
}
}
?>
</td>
</tr>
</table>
</form>
</body>
</html>