<?php # Admin Only Area include('_incl_data/__config.php'); const GAME = true; include('_incl_data/class/__db_connect.php'); $u = User::start(); if (!$u->info['admin']) { header('location: /index.php'); die(); } $sid = round((int)$_GET['sid']); $r = round((int)$_GET['r']); ?> <!doctype html> <html> <head> <title>Редактор предметов в магазине</title> <link href="//img.new-combats.tech/css/main.css" rel="stylesheet" type="text/css"> <script type="text/javascript"> function MM_jumpMenu(targ, selObj, restore) { //v3.0 eval(targ + ".location='" + selObj.options[selObj.selectedIndex].value + "'"); if (restore) selObj.selectedIndex = 0; } </script> </head> <body> <form method="post" action="/adminion/editor_shop.php?sid=<?= $sid . '&r=' . $r ?>"> <table width="1000" border="0" align="center" cellpadding="10" cellspacing="0"> <tr> <td align="center"><p>Магазин: <select name="shop_id" id="shop_id" onChange="MM_jumpMenu('parent',this,0)"> <?php if (isset($_POST['additemnow'])) { mysql_query( 'INSERT INTO `items_shop` ( `item_id`,`kolvo`,`sid`,`r`,`real` ) VALUES ( "' . mysql_real_escape_string($_POST['item_add']) . '","1000000000","' . $sid . '","' . $r . '","1" )' ); } $sp = mysql_query('SELECT `sid` FROM `items_shop` GROUP BY `sid`'); while ($pl = mysql_fetch_array($sp)) { echo '<option '; if ($pl['sid'] == $sid) { echo ' selected="selected" '; } echo ' value="/editor_shop.php?sid=' . $pl['sid'] . '&r=' . $r . '">' . $pl['sid'] . '</option>'; } ?> </select> Раздел магазина: <select name="r_id" id="r_id" onChange="MM_jumpMenu('parent',this,0)"> <?php $sp = mysql_query( 'SELECT `r` FROM `items_shop` WHERE `sid` = "' . mysql_real_escape_string( $sid ) . '" GROUP BY `r`' ); while ($pl = mysql_fetch_array($sp)) { echo '<option '; if ($pl['r'] == $r) { echo ' selected="selected" '; } echo ' value="/editor_shop.php?sid=' . $sid . '&r=' . $pl['r'] . '">' . $pl['r'] . '</option>'; } ?> </select> </p> <p><a href="/adminion/editor_shop.php?sid=<?= $sid ?>&r=<?= $r ?>">ОБНОВИТЬ СТРАНИЦУ</a><br> <br> </p> <hr> </td> </tr> <tr> <td align="center">Добавить предмет (id предмета): <input type="text" value="" name="item_add"> в этот раздел. <input type="submit" name="additemnow" value="Добавить в магазин <?= $sid ?>, раздел <?= $r ?>"><br><br> <hr> </td> </tr> <tr> <td> <?php $sp = mysql_query('SELECT * FROM `items_shop` WHERE `sid` = "' . $sid . '" AND `r` = "' . $r . '"'); while ($pl = mysql_fetch_array($sp)) { $itm = mysql_fetch_array( mysql_query('SELECT * FROM `items_main` WHERE `id` = "' . $pl['item_id'] . '" LIMIT 1') ); $del = 0; if (isset($_POST['del' . $pl['iid'] . 'x'])) { $del = 1; mysql_query('DELETE FROM `items_shop` WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1'); } if ($del == 0) { if (isset($_POST['itm_' . $pl['iid'] . '_b1'])) { $pl['kolvo'] = $_POST['itm_' . $pl['iid'] . '_x']; $pl['price_1'] = $_POST['itm_' . $pl['iid'] . '_p1']; $pl['price_2'] = $_POST['itm_' . $pl['iid'] . '_p2']; $itm['price1'] = $_POST['itm_' . $pl['iid'] . '_b1']; $itm['price2'] = $_POST['itm_' . $pl['iid'] . '_b2']; mysql_query( 'UPDATE `items_shop` SET `kolvo` = "' . mysql_real_escape_string($pl['kolvo']) . '", `price_1` = "' . mysql_real_escape_string($pl['price_1']) . '", `price_2` = "' . mysql_real_escape_string($pl['price_2']) . '" WHERE `iid` = "' . $pl['iid'] . '" LIMIT 1' ); mysql_query( 'UPDATE `items_main` SET `price1` = "' . mysql_real_escape_string($itm['price1']) . '", `price2` = "' . mysql_real_escape_string($itm['price2']) . '" WHERE `id` = "' . $itm['id'] . '" LIMIT 1' ); } ?> <table name="itm_<?= $pl['iid'] ?>" id="itm_<?= $pl['iid'] ?>" width="100%" border="0" cellspacing="0" cellpadding="10"> <tr> <td width="200" align="center" valign="middle"> <img src="//img.new-combats.tech/i/items/<?= $itm['img'] ?>"><br> Кол-во: <input value="<?= $pl['kolvo'] ?>" type="text" name="itm_<?= $pl['iid'] ?>_x"><br> #<?= $pl['item_id'] ?> <br> <input type="submit" value="Сохранить изменения"> </td> <td valign="top"> <a href="/item/<?= $itm['id'] ?>"><?= $itm['name'] ?></a><br> Цена в базе: <input value="<?= $itm['price1'] ?>" type="text" name="itm_<?= $pl['iid'] ?>_b1"> кр.<br> Цена в базе: <input value="<?= $itm['price2'] ?>" type="text" name="itm_<?= $pl['iid'] ?>_b2"> екр. <hr> Цена в магазине: <input value="<?= $pl['price_1'] ?>" type="text" name="itm_<?= $pl['iid'] ?>_p1"> кр.<br> Цена в магазине: <input value="<?= $pl['price_2'] ?>" type="text" name="itm_<?= $pl['iid'] ?>_p2"> екр. <hr> <br><br><br><br><input type="submit" name="del<?= $pl['iid'] ?>x" value="Удалить из магазина (ПОЛНОЕ УДАЛЕНИЕ БЕЗ ВОССТАНОВЛЕНИЯ!!!)"> </td> </tr> </table> <hr><?php } } ?> </td> </tr> </table> </form> </body> </html>