function learn_skill($skill, $price)
{
    global $p;
    global $sid;
    $skill = preg_replace('/[^0-9]/', '', $skill);
    $price = preg_replace('/[^0-9]/', '', $price);
    if ($skill === false) {
        put_error('неуказан навык');
    }
    if ($price === false) {
        put_error('неуказанa цена');
    }
    if (!isset($p['skills'][$skill])) {
        put_error('такого навыка нету');
    }
    if ($p['skills'][$skill]) {
        put_g_error('вы уже имеете этот навык!');
    }
    $mage = array(22, 23, 24, 25, 26, 27, 28, 29, 30);
    $warrior = array(7, 8, 9, 10, 41);
    $ranger = array(11, 12);
    // proverka na klassy:
    if ($p['classof'] != 3 && in_array($skill, $mage)) {
        put_g_error('только для магов!');
    }
    if ($p['classof'] != 1 && in_array($skill, $warrior)) {
        put_g_error('только для воина!');
    }
    if ($p['classof'] != 2 && in_array($skill, $ranger)) {
        put_g_error('только для лучников!');
    }
    if ($p['money'] < $price) {
        put_g_error('у вас нехватает серебра - надо ' . $price . ' монет!');
    }
    if (!$p['stats'][3]) {
        put_g_error('у вас нету очка навыка!');
    }
    // nelzja vychitq vtoroj navyk iz serii parirovanie - dvuruchnoe - dva
    if (($p['skills'][18] || $p['skills'][40] || $p['skills'][41]) && ($skill == 18 || $skill == 40 || $skill == 41)) {
        put_g_error('нелзя выучить два навыка из серии двуручное - два - парирование. Либо щит, либо двуручное, либо два.');
    }
    // esli vsju proverku proshli, podnimem i zabudem
    $p['skills'][$skill] = 1;
    $p['stats'][3] -= 1;
    $skills = implode('|', $p['skills']);
    $stats = implode('|', $p['stats']);
    $p['money'] -= $price;
    do_mysql("UPDATE players SET skills = '" . $skills . "', stats = '" . $stats . "', money = '" . $p['money'] . "' WHERE id_player = '" . $p['id_player'] . "';");
    $f = gen_header('навыки');
    $f .= '<div class="y" id="sodhg"><b>навыки:</b></div><p>';
    include 'modules/sp/sp_skillnames.php';
    $f .= 'вы выучили ' . $skn[$skill] . '!<br/>';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
    $f .= gen_footer();
    exit($f);
}
Example #2
0
function rpc($reqs, $progress = true)
{
    global $ua, $ch, $swfurl, $cookies, $rpcseq, $rpcmax;
    global $debugout;
    $offset = 0;
    $resps = array();
    while (true) {
        $n = min(count($reqs) - $offset, $rpcmax);
        if ($n == 0) {
            break;
        }
        $req = array(gen_header(), array_slice($reqs, $offset, $n), 0);
        $offset += $n;
        ++$rpcseq;
        $body = new MessageBody();
        $body->setResponseURI("BaseService.dispatchBatch");
        $body->setResponseTarget("/{$rpcseq}");
        $body->setResults($req);
        $amf = new AMFObject();
        $amf->addBody($body);
        $serializer = new AMFSerializer();
        $postdata = $serializer->serialize($amf);
        if ($debugout) {
            file_put_contents("out/{$rpcseq}.req", $postdata);
        }
        curl_setopt_array($ch, array(CURLOPT_POST => true, CURLOPT_BINARYTRANSFER => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_USERAGENT => $ua, CURLOPT_REFERER => $swfurl, CURLOPT_COOKIE => $cookies, CURLOPT_POSTFIELDS => $postdata));
        $out = curl_exec($ch);
        if ($debugout) {
            file_put_contents("out/{$rpcseq}.resp", $out);
        }
        if ($progress) {
            print ".";
        }
        $amf = new AMFObject($out);
        $deserializer = new AMFDeserializer($amf->rawData);
        // deserialize the data
        $deserializer->deserialize($amf);
        // run the deserializer
        $v = $amf->getBodyAt(0)->getValue();
        if ($v['errorType'] != 0) {
            die($v['errorData'] . "\n");
        }
        $resps = array_merge($resps, $v['data']);
    }
    return $resps;
}
<?php 
// infa broni
$f = gen_header('инфо');
$f .= '<div class="y" id="oaiyt">';
$qitf = do_mysql("SELECT * FROM items WHERE fullname = '" . $to . "';");
$itf = mysql_fetch_assoc($qitf);
$qua = substr($to, 8, 3);
$qlist = '.bas.nor.fur.tun.bet.rar.eli.epi.leg.';
if (strpos($qlist, $qua) === false) {
    $qua = 'black';
}
$f .= '<b><span class="' . $qua . '">' . $itf['name'] . '</span></b></div><p>';
if (substr($to, 4, 3) == 'hea') {
    $f .= 'шлем<br/>';
}
if (substr($to, 4, 3) == 'bo1') {
    $f .= 'броня<br/>';
}
if (substr($to, 4, 3) == 'bo2') {
    $f .= 'рубаха<br/>';
}
if (substr($to, 4, 3) == 'sho') {
    $f .= 'наплечники<br/>';
}
if (substr($to, 4, 3) == 'glo') {
    $f .= 'перчатки<br/>';
}
if (substr($to, 4, 3) == 'bel') {
    $f .= 'пояс<br/>';
}
if (substr($to, 4, 3) == 'leg') {
}
if (isset($_GET['part'])) {
    $part = preg_replace('/[^a-z0-9_]/i', '', $_GET['part']);
} else {
    $part = '';
}
$nid = is_npc($npc);
$nn = do_mysql("SELECT * FROM npc WHERE id_npc = '" . $nid . "';");
$nn = mysql_fetch_assoc($nn);
if ($nn['belongs'] != $LOGIN) {
    put_error('это не ваш нпц');
}
if ($nn['location'] != $p['location']) {
    put_g_error('рядом с вами нету этого нпц');
}
$f = gen_header($nn['name']);
$f .= '<div class="y" href="aof"><b>' . $nn['name'] . '</b></div><p>';
if (!$part) {
    $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=har&npc=' . $npc . '">';
    $f .= 'просмотреть информацию</a><br/>';
    $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=name1&npc=' . $npc . '">';
    $f .= 'дать кличку</a><br/>';
    if ($nn['move'] != 0) {
        $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=stay&npc=' . $npc . '">стой тут!</a><br/>';
    } else {
        $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=stay&npc=' . $npc . '">иди за мной!</a><br/>';
    }
    $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=sit&npc=' . $npc . '">';
    $f .= 'сидеть!</a><br/>';
    $f .= '» <a class="blue" href="game.php?sid=' . $sid . '&action=talk_to_priru&part=lay&npc=' . $npc . '">';
    $f .= 'лежать!</a><br/>';
$nid = is_npc($npc);
$tr = do_mysql("SELECT drop2 FROM npc WHERE id_npc = '" . $nid . "';");
$tr = mysql_result($tr, 0);
$tr = explode('|', $tr);
if (strpos($tr[0], substr($item, 2, 1)) === false && $tr[0] != '*') {
    put_error('торговец не покупает эти виды вещей');
}
if ($count > $iin['on_take']) {
    $count = $iin['on_take'];
}
// cena
$cost = round($iin['price'] * $count * $tr[2]);
$p['money'] += $cost;
do_mysql("UPDATE players SET money = '" . $p['money'] . "' WHERE id_player = '" . $p['id_player'] . "';");
if ($count == $iin['on_take']) {
    // beretsja vsja veshq
    // udaljaem veshq von
    include_once 'modules/f_delete_item.php';
    delete_item($item);
} else {
    include_once 'modules/f_decrease_misc.php';
    decrease_misc($item, $count);
}
// vse, veshq prodali, teperq vyvodim stranicu
$f = gen_header('торг');
$f .= '<div class="y" id="oaidy"><b>продажа:</b></div><p>';
$f .= 'вы продали ' . $count . ' ' . $iin['name'] . ' за ' . $cost . ' серебра!<br/>';
$f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=trade&npc=' . $npc . '&start=' . $_GET['start'] . '&start2=' . $_GET['start2'] . '">торг</a><br/>';
$f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
$f .= gen_footer();
exit($f);
<?php 
//////////////////////////////// NOVOSTI vnutri igry /////////////////////////
$f = gen_header('новости');
if (!isset($_GET['start'])) {
    $start = 0;
} else {
    $start = preg_replace('/[^-0-9]/', '', $_GET['start']);
}
$show = 5;
if (!$start) {
    $start = 0;
}
// qtotth zaprashivaem kolichestvo novostej
$qtotth = mysql_query("SELECT count(*) FROM news;", $dbcnx);
$totth = mysql_result($qtotth, 0);
if ($start > $totth) {
    $start = $totth - 3;
}
if ($start < 0) {
    $start = 0;
}
$goto = $start + $show;
if ($goto > $totth) {
    $goto = $totth;
}
$f .= '<div class="y" id="dgvdglhk"><b>новости: (' . $start . '-' . $goto . '/' . $totth . ')</b></div><div class="n" id="wt743dt">';
// proverka novyh novostej:
if (!$start) {
    $q = do_mysql("SELECT puttime FROM news WHERE puttime > '" . $p['lastnews'] . "' ORDER BY puttime DESC;");
    if (mysql_num_rows($q)) {
        $pt = mysql_result($q, 0);
    }
    $result_string .= "</li>\n";
    return $result_string;
}
function extract_poem_detail($cat_id)
{
    global $db;
    $poemresults = $db->query('SELECT * FROM poem WHERE cat_id=' . $cat_id);
    $result_string = "";
    while ($poemInfo = $poemresults->fetchArray()) {
        $result_string .= "<li> <a href=\"poem.php?poem_id=" . $poemInfo['id'] . "\">" . $poemInfo['title'] . "</a> </li>\n";
    }
    if ($result_string == "") {
        return "no entry!";
    } else {
        return "<ul>\n" . $result_string . "</ul>\n";
    }
}
$catresults = $db->query('SELECT * FROM cat WHERE poet_id=' . $poet_id . ' AND parent_id=0');
gen_header("جستجوی آثار", "<script type=\"text/javascript\" src=\"simpletreemenu.js\"></script>\n");
echo "<ul id=\"cattree\" class=\"treeview\" rel=\"open\">\n";
while ($catInfo = $catresults->fetchArray()) {
    echo extract_cat_info($catInfo['id'], $catInfo['text']);
}
echo "</ul>\n";
echo <<<SCRIPT
<script type="text/javascript">
streemenu.createTree("cattree", true, 5)
</script>
SCRIPT;
gen_footer();
<?php 
// spisok magii
$f = gen_header('магия');
$f .= '<div class="y" id="aeifa5f"><b>кланы:</b></div>';
if (isset($_GET['classof'])) {
    $classof = preg_replace('/[^0-9]/i', '', $_GET['classof']);
    $type = preg_replace('/[^a-z]/i', '', $_GET['type']);
    $f .= '<div class="n" id="aclanf">';
    $q = do_mysql("SELECT name, fullname FROM magic WHERE classof = '" . $classof . "' AND type = '" . $type . "' ORDER BY difficulty;");
    while ($mag = mysql_fetch_assoc($q)) {
        $f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=show_magic_info&classof=' . $classof . '&type=' . $type . '&spell=' . $mag['fullname'] . '">' . $mag['name'] . '</a><br/>';
    }
    $f .= '<b>&#171;</b><a class="blue" href="game.php?sid=' . $sid . '&action=mir_magic">к выборy</a>';
    $f .= '</div>';
} else {
    $f .= '<div class="n" id="aclanf">';
    $f .= '<form action="game.php" method="get">';
    $f .= 'выберите магию и тип:<br/>';
    $f .= '<input type="hidden" name="sid" value="' . $sid . '"/>';
    $f .= '<input type="hidden" name="action" value="mir_magic"/>';
    $f .= '<select name="classof">';
    $f .= '<option value="0">общая</option>';
    $f .= '<option value="1">огня</option>';
    $f .= '<option value="2">воды</option>';
    $f .= '<option value="3">земли</option>';
    $f .= '<option value="4">воздуха</option>';
    $f .= '<option value="5">иллюзии</option>';
    $f .= '<option value="6">подземная</option>';
    $f .= '<option value="7">эльфийская природы</option>';
    $f .= '<option value="8">древнеэльфийская могущественных</option>';
    $f .= '</select><br/>';
<?php 
// napisatq soobshenie konkretnomu chelu i dobavitq v zhurnal
$to = preg_replace('/[^a-z0-9_]/i', '', $_GET['to']);
// esli u chela otkljuchen zhurnal to nezachem muchatqsja i pisatq emu soobshenie
// da i servaka zhalko...
$id = is_player($to);
$qset = do_mysql("SELECT settings FROM players WHERE id_player = '" . $id . "';");
$set = mysql_result($qset, 0);
if ($set[3] == 0) {
    put_g_error('у ' . $to . ' отключен показ событий, ваше сообшение всеровно небудет прочитанно');
}
// teperq mozhno vyvoditq formu
$f = gen_header('сообщение');
$q = do_mysql("SELECT name FROM players WHERE id_player = '" . $id . "';");
$namefor = mysql_result($q, 0);
$f .= '<div class="y" id="fg"><b>' . $namefor . ', </b></div>';
$f .= '<div class="n" id="eruaj">сообщение: <br/>';
$f .= '<form action="game.php" method="get">';
$f .= '<textarea name="msg" rows="2"></textarea>';
$f .= '<input type="hidden" name="action" value="addmsg"/>';
$f .= '<input type="hidden" name="sid" value="' . $sid . '"/>';
$f .= '<input type="hidden" name="to" value="' . $to . '"/>';
// translit
$f .= '<br/><input type="radio" name="t" value="1"/>транслит<br/>';
$f .= '<input type="radio" name="t" value="0"/>как есть<br/>';
$f .= '<select size="1" name="shep">';
$f .= '<option value="0">говорить</option>';
$f .= '<option value="1">шептать</option>';
$f .= '<option value="2">всему клану</option>';
$f .= '<option value="3">партии</option>';
$f .= '</select><br/>';
Example #10
0
<?php 
// FAQ:
$show = 5;
$faq[] = array('prilavki', 'что такое прилавки?');
$faq[] = array('clan', 'как создать свой клан?');
$faq[] = array('stats', 'немогу прокачать статы (нет знака +)');
$faq[] = array('stats2', 'как и на что влияют основные параметры?');
$faq[] = array('jewels', 'на что влияют украшения?');
$f = gen_header('FAQ');
$f .= '<div class="y" id="aeifa5f"><b>FAQ:</b></div>';
if (isset($_GET['faq'])) {
    $num = preg_replace('/[^0-9]/', '', $_GET['faq']);
    if ($num === false) {
        put_error('O_o');
    }
    if (!isset($faq[$num])) {
        put_error('X_x');
    }
    $f .= '<div class="y" id="aeifa5f"><b>' . $faq[$num][1] . '</b></div>';
    $f .= '<div class="n" id="ssad5f">';
    if (file_exists('modules/library/faq_' . $faq[$num][0] . '.txt')) {
        $f .= file_get_contents('modules/library/faq_' . $faq[$num][0] . '.txt');
    }
    $f .= '</div>';
}
$c = count($faq);
if (!isset($_GET['start'])) {
    $start = 0;
} else {
    $start = preg_replace('/[^0-9]/', '', $_GET['start']);
}
    echo "</p>\n";
    echo "<p>\n";
    echo "<label for=\"pid\">در آثار</label>\n";
    echo "<select id=\"pid\" name=\"pid\">\n";
    echo "<option value=\"0\">همه‌ی شاعران</option>\n";
    $results = $db->query('SELECT * FROM poet');
    while ($poetData = $results->fetchArray()) {
        echo "<option value=\"" . $poetData['id'] . "\">" . $poetData['name'] . "</option>\n";
    }
    echo "</select>";
    echo "<div style=\"margin-left: 150px;\">\n";
    echo "<input type=\"submit\" value=\"ارسال\" /> <input type=\"reset\" value=\"از نو\" />\n";
    echo "</div>\n";
    echo "</form>\n";
} else {
    gen_header("جستجو برای " . $_GET['q']);
    $qstr = "SELECT verse.text,verse.vorder,verse.position,poem.id,poem.cat_id,cat.poet_id FROM verse INNER JOIN poem ON verse.poem_id=poem.id INNER JOIN cat ON poem.cat_id=cat.id WHERE verse.text LIKE '%" . $_GET['q'] . "%'";
    $qstr .= @$_GET['pid'] == 0 ? "" : " AND cat.poet_id=" . $_GET['pid'];
    $results = $db->query($qstr);
    echo "<table>\n";
    while ($data = $results->fetchArray()) {
        echo "<tr>\n";
        echo "<td class=\"verseright\"><a href=\"cat.php?id=" . $data['poet_id'] . "\">" . implode("»", find_cat_hierachy($data['cat_id'])) . "</a></td>\n";
        echo "<td class=\"verseright\"><a href=\"poem.php?poem_id=" . $data['id'] . "\">" . $data['text'] . "</a></td>\n";
    }
    echo "</table>\n";
}
gen_footer();
?>

<?php 
// pokazyvaet navyki i staty
$f = gen_header('навыки');
$f .= '<div class="y" id="skli5"><b>статы:</b></div><p>';
$f .= 'уровень: ' . $p['stats'][0] . '<br/>';
$f .= 'опыт навыка: ' . $p['stats'][1] . '/' . $p['stats'][2] . '<br/>';
$f .= 'очки навыка: ' . $p['stats'][3] . '<br/>';
$f .= 'опыт: ' . $p['stats'][4] . '/' . $p['stats'][5] . '<br/>';
$f .= 'очки опыта: ' . $p['stats'][6];
if ($p['stats'][6] > 0) {
    $sum = array_sum($p['skills']);
    if ($sum == 6) {
        $price = 0;
    } else {
        $price = $sum * $sum * 1;
    }
    //else $price = $sum * 100;
    $f .= '<br/><small>цена поднятия: ' . $price . ' серебра<br/></small>';
}
$f .= '</p>';
$f .= '<p>';
// pereberem, esli estq vstavim nazvanie, ukazhim naskolqko prokachen
include 'modules/sp/sp_skillnames.php';
// nazvanija
$c = count($p['skills']);
// limit
$stn = $skc = 0;
for ($i = 0; $i < 4; $i++) {
    $stn += $p['skills'][$i];
}
for ($i = 4; $i < $c; $i++) {
<?php 
// spisok klanov
$show = 20;
$f = gen_header('замки');
$f .= '<div class="y" id="aeifa5f"><b>замки:</b></div>';
$f .= '<div class="y" id="aeifa5f"><b>Телир</b></div>';
$f .= '<div class="n" id="ssad5f">';
$q = do_mysql("SELECT belongs FROM castle WHERE name = 'telir';");
$bel = mysql_result($q, 0);
$f .= 'принадлежит <a class="blue" href="game.php?sid=' . $sid . '&action=clanlist&clan=' . $bel . '">' . $bel . '</a>!';
$f .= '</div>';
$f .= '<div class="n" id="adi45f">';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=mir_igry">мир игры</a><br />';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '">в игру</a><br />';
$f .= '</div>';
$f .= gen_footer();
exit($f);
<?php 
do_mysql("INSERT INTO fonline VALUES ('" . $LOGIN . "', 'просмотр последних', NOW());");
$f = gen_header('просмотр последних');
$f .= '<div class="y" id="oi"><b>последниe посты:</b></div><p>';
$q = do_mysql("SELECT * FROM themes WHERE id_forum != 8 AND id_forum != 10 ORDER BY lpost DESC LIMIT 0, 10;");
while ($t = mysql_fetch_assoc($q)) {
    $a = do_mysql("SELECT author FROM posts WHERE id_theme = '" . $t['id_theme'] . "' ORDER BY puttime DESC LIMIT 0, 1;");
    if (!mysql_num_rows($a)) {
        $f .= 'создана тема "<a class="blue" href="game.php?sid=' . $sid . '&action=forum&sub_action=showposts&id_theme=' . $t['id_theme'] . '&id_forum=' . $t['id_forum'] . '&start=0">' . $t['name'] . '</a>"!<br/>';
        continue;
    }
    $name = mysql_result($a, 0);
    $f .= '<small>в теме</small> "<a class="blue" href="game.php?sid=' . $sid . '&action=forum&sub_action=showposts&id_theme=' . $t['id_theme'] . '&id_forum=' . $t['id_forum'] . '&start=0">' . $t['name'] . '</a>"<small> отписался</small> <a class="blue" href="game.php?sid=' . $sid . '&action=forum&sub_action=showposts&id_theme=' . $t['id_theme'] . '&id_forum=' . $t['id_forum'] . '&start=100000">' . $name . '</a>!<br/>';
}
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=forum&sub_action=showlast">обновить</a><br/>';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=forum">форум</a><br/>';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
$f .= gen_footer();
exit($f);
<?php 
// pokaz kontaktov
$f = gen_header('переписка');
//////////////////////////////////////////////////////
// start
$show = 10;
if (!isset($_GET['start'])) {
    $start = 0;
} else {
    $start = preg_replace('/[^0-9]/', '', $_GET['start']);
}
// s kem perepiska
$to = preg_replace('/[^0-9]/', '', $_GET['to']);
//---------------------------------------------------------------
// esli nado ochistitq, ochistim
if (isset($_GET['subaction']) && $_GET['subaction'] == 'clear') {
    do_mysql("DELETE FROM ls WHERE (sentfor = '" . $p['id_player'] . "' AND sender = '" . $to . "') OR (sender = '" . $p['id_player'] . "' AND sentfor = '" . $to . "');");
}
// qtotp zaprashivaem kolichestvo ls
$qtotp = do_mysql("SELECT COUNT(*) FROM ls WHERE (sentfor = '" . $p['id_player'] . "' AND sender = '" . $to . "') OR (sender = '" . $p['id_player'] . "' AND sentfor = '" . $to . "');");
// totp poluchjaem kolichestvo tem
$totp = mysql_result($qtotp, 0);
if ($start > $totp) {
    $start = $totp - $show;
}
// menqshe nulja bytq nemozhet
if ($start < 0) {
    $start = 0;
}
//--
// kolichestvo nechitanyh ls
<?php 
// forma sozdanija foruma
if ($p['admin'] > 1) {
    $f = gen_header('новая новость');
    $f .= '<div class="y" id="cfpor"><b>создать новость:</b></div><div class="n" id="gsd">';
    $f .= '<form action="game.php" method="get">';
    $f .= '<input type="hidden" name="sid" value="' . $sid . '"/>';
    $f .= '<input type="hidden" name="action" value="add_new2"/>';
    $f .= 'новость: <br/> <textarea name="name" rows="5" cols="32"></textarea><br/>';
    $f .= '<input type="submit" value="создать"/></form>';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></div>';
    $f .= gen_footer();
    exit($f);
}
<?php 
do_mysql("INSERT INTO fonline VALUES ('" . $LOGIN . "', 'просмотр онлайн', NOW());");
$f = gen_header('просмотр онлайн');
$f .= '<div class="y" id="oi"><b>на форуме:</b></div><p>';
$q = do_mysql("SELECT * FROM fonline;");
while ($fo = mysql_fetch_assoc($q)) {
    $id = is_player($fo['login']);
    $q2 = do_mysql("SELECT name FROM players WHERE id_player = '" . $id . "';");
    $name = mysql_result($q2, 0);
    $f .= '<b>' . $name . '</b>: <small>' . $fo['is_in'] . '</small><br/>';
}
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=forum&sub_action=showfonline">обновить</a><br/>';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=forum">форум</a><br/>';
$f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
$f .= gen_footer();
exit($f);
<?php 
// pokaz kombo:
$f = gen_header('приемы');
$f .= '<div class="y" id="skli5"><b>приемы:</b></div><p>';
include 'modules/sp/sp_kombonames.php';
// nazvanija
$c = count($p['kombo']);
for ($i = 0; $i < $c; $i++) {
    if (!$p['kombo'][$i]) {
        continue;
    }
    $p['kombo'][$i] = explode(':', $p['kombo'][$i]);
    $f .= $i + 1 . ': <a class="blue" href="game.php?sid=' . $sid . '&action=showkombo_i&kombo=' . $p['kombo'][$i][0] . '">' . $kn[$p['kombo'][$i][0]] . '</a>';
    $f .= ': <b>' . $p['kombo'][$i][1] . '</b> (' . $p['kombo'][$i][2] . '/';
    $tok = 20;
    for ($a = 1; $a < $p['kombo'][$i][1]; $a++) {
        $tok *= 2;
    }
    $f .= $tok . ')';
    $f .= ' <a class="blue" href="game.php?sid=' . $sid . '&action=use_kombo&kombo=' . $p['kombo'][$i][0] . '">&#187;</a><br/>';
}
$f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=showinventory">в инвентарь</a><br/>';
$f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
$f .= gen_footer();
exit($f);
        include 'modules/sp/sp_use_scroll.php';
        break;
    case 'b':
        include 'modules/sp/sp_use_book.php';
        break;
    case 'm':
        include 'modules/sp/sp_use_misc.php';
        break;
    case 'q':
        include 'modules/sp/sp_use_quest.php';
        break;
    case 'x':
        include 'modules/sp/sp_use_shield.php';
        break;
}
$f = gen_header('инвентарь');
$f .= '<div class="y" id="gasi"><b>инвентарь:</b></div><p>';
switch ($t) {
    case 's':
        include 'modules/sp/sp_use_scroll.php';
        break;
    case 'b':
        include 'modules/sp/sp_use_book.php';
        break;
}
if (!isset($_GET['to']) && $t != 'q') {
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=showinventory">инвентарь</a><br/>';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
    $f .= gen_footer();
    exit($f);
}
function put_g_error($error)
{
    ######### gen_header(); ###############
    // vyvedet nadpisq ob oshibke (igrovuju, otobazhatq mozhno)
    global $sid;
    $f = gen_header('ошибка!');
    echo $f;
    echo '<div class="y" id="asf5"><b>ошибка:</b></div>';
    // ssylk na vhod
    $s = '<p><a href="game.php?sid=' . $sid . '">далее</a></p>';
    $s .= gen_footer();
    $error = htmlspecialchars(addslashes($error));
    $error .= $s;
    exit('<p>' . $error . '</p>');
}
<?php 
// klonirovatq svitok
// nalichie rjadom stola:
$q = do_mysql("SELECT COUNT(*) FROM items WHERE location = '" . $p['location'] . "' AND realname = 'i.o.sta.arch_table';");
$ct = mysql_result($q, 0);
if (!$ct) {
    put_error('netu stola rjadom');
}
if (!$p['skills'][30]) {
    put_g_error('у вас нехватает навыков пользоватся столиком!');
}
$f = gen_header('Архимагия');
$f .= '<div class="y" id="layfa"><b>Столик Архимага:</b></div><p>';
if (!isset($_GET['part'])) {
    // chastq pervaja:  vyberaem svitok:
    $f .= 'выберите свиток (также имейте при себе пустой):<br/>';
    include_once 'modules/f_list_inventory.php';
    $f .= list_inventory($LOGIN, 'i.s.', 'clone_scroll&part=2');
    $f .= '';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a>';
    $f .= gen_footer();
    exit($f);
}
if ($_GET['part'] == 2) {
    // teperq sobstvenno vse i delaem
    $scroll = preg_replace('/[^a-z0-9_\\.]/i', '', $_GET['to']);
    include_once 'modules/f_has_item.php';
    if (!has_item($scroll, $LOGIN)) {
        put_error('netu etogo svitka');
    }
    // proverim estq li u igroka pustoj svitok:
<?php 
// pokaz harakteristik igroka
$f = gen_header('характеристика');
$f .= '<div class="y" id="paurf"><b>характеристика:</b></div><p>';
// uron
include_once 'modules/f_get_dmg.php';
$dmg = get_dmg($LOGIN);
// bronja
include_once 'modules/f_get_armor.php';
$armor = get_armor($LOGIN);
// oruzhie
$f .= '><b><u>урон:</u></b><br/>';
$f .= '<b>режущий</b>: ' . $dmg[0][0] . ' - ' . $dmg[0][1] . '<br/>';
$f .= '<b>колющий</b>: ' . $dmg[1][0] . ' - ' . $dmg[1][1] . '<br/>';
$f .= '<b>дробящий</b>: ' . $dmg[2][0] . ' - ' . $dmg[2][1] . '<br/>';
$f .= '<b>рубящий</b>: ' . $dmg[3][0] . ' - ' . $dmg[3][1] . '<br/>';
$f .= '<b>магический</b>: ' . $dmg[4][0] . ' - ' . $dmg[4][1] . '<br/>';
if (isset($p['shield'])) {
    $f .= '><b><u>щит, защита:</u></b><br/>';
    include_once 'modules/f_get_it_info.php';
    $shie = get_it_info($p['shield']);
    $shie = explode('~', $shie['armor']);
    $f .= '<b>от режущего</b>: ' . $shie[0] . '<br/>';
    $f .= '<b>от колющего</b>: ' . $shie[1] . '<br/>';
    $f .= '<b>от дробящего</b>: ' . $shie[2] . '<br/>';
    $f .= '<b>от рубящего</b>: ' . $shie[3] . '<br/>';
    $f .= '<b>от магическoгo</b>: ' . $shie[4] . '<br/>';
}
$f .= '><b><u>броня:</u></b><br/>';
$f .= '<b>от режущего</b>: ' . $armor[0] . '<br/>';
$f .= '<b>от колющего</b>: ' . $armor[1] . '<br/>';
<?php 
// temy:
$id_forum = preg_replace('/[^0-9]/', '', $_GET['id_forum']);
if ($id_forum == 8 && $p['admin'] < 1) {
    put_g_error('you are not wellcome here');
}
if ($id_forum == 10 && $p['id_player'] != 1 && $p['id_player'] != 5 && $p['id_player'] != 10) {
    put_g_error('you are not wellcome here');
}
$q = do_mysql("SELECT name FROM forums WHERE id_forum = '" . $id_forum . "';");
$name = mysql_result($q, 0);
$f = gen_header($name);
$f .= '<div class="y" id="dgvdglhk"><b>' . $name . ':</b></div>';
$f .= '<div class="n" id="ierao">';
///////////////////
// dlja onlajn:
do_mysql("INSERT INTO fonline VALUES ('" . $LOGIN . "', '" . $name . "', NOW());");
// kolichestvo nechitanyh ls
$qrl = "SELECT COUNT(*) FROM ls WHERE sentfor = '" . $p['id_player'] . "' AND readed = 'no';";
$arl = do_mysql($qrl);
$ls = mysql_result($arl, 0);
if ($ls > 0) {
    $f .= 'нов. сообщений: ';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=showcontacts">' . $ls . '</a><br/>';
}
$f .= '<a name="up"><b>темы:</b></a> <a class="blue" href="#nav"><small>конец</small></a></div>';
if (!isset($_GET['start'])) {
    $start = 0;
} else {
    $start = preg_replace('/[^0-9]/', '', $_GET['start']);
}
<?php 
// otvet konkretnomu igroku:
do_mysql("INSERT INTO fonline VALUES ('" . $LOGIN . "', 'ответ на сообщение', NOW());");
$id_forum = preg_replace('/[^0-9]/', '', $_GET['id_forum']);
$id_theme = preg_replace('/[^0-9]/', '', $_GET['id_theme']);
$to = preg_replace('/[^a-z0-9_]/i', '', $_GET['to']);
$f = gen_header('ответить');
$f .= '<div class="y" id="dgvdglhk"><b>ответить:</b></div><div class="n" id="eiwyt54">';
// kolichestvo nechitanyh ls
$qrl = "SELECT COUNT(*) FROM ls WHERE sentfor = '" . $p['id_player'] . "' AND readed = 'no';";
$arl = do_mysql($qrl);
$ls = mysql_result($arl, 0);
if ($ls > 0) {
    $f .= 'нов. сообщений: ';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=showcontacts">' . $ls . '</a><br/>';
}
$id = is_player($to);
$q = do_mysql("SELECT name FROM players WHERE id_player = '" . $id . "';");
$name = mysql_result($q, 0);
$f .= '<b>сообшение:</b> <a class="blue" href="game.php?sid=' . $sid . '&action=showinfo&to=' . $to . '">' . $name . '</a>,<br/>';
$f .= '<form action="game.php" method="get">';
$f .= '<textarea name="msg" rows="2"></textarea>';
$f .= '<input type="hidden" name="action" value="forum"/>';
$f .= '<input type="hidden" name="sub_action" value="add_post"/>';
$f .= "<input type=\"hidden\" name=\"id_forum\" value=\"" . $id_forum . "\"/>";
$f .= "<input type=\"hidden\" name=\"id_theme\" value=\"" . $id_theme . "\"/>";
$f .= '<input type="hidden" name="sid" value="' . $sid . '"/>';
$f .= '<input type="hidden" name="to" value="' . $to . '"/>';
// translit
$f .= '<br/><input type="radio" name="t" value="1"/>транслит<br/>';
$f .= '<input type="radio" name="t" value="0"/>как есть<br/>';
<?php 
// perenesti temu v drugoj forum
if ($p['admin'] > 0) {
    $id_theme = preg_replace('/[^0-9]/', '', $_GET['id_theme']);
    $id_forum = preg_replace('/[^0-9]/', '', $_GET['id_forum']);
    $q = do_mysql("SELECT name FROM themes WHERE id_theme = '" . $id_theme . "';");
    if (!mysql_num_rows($q)) {
        put_g_error('нету такой темы');
    }
    $tname = mysql_result($q, 0);
    $q = do_mysql("SELECT name FROM forums WHERE id_forum = '" . $id_forum . "';");
    if (!mysql_num_rows($q)) {
        put_g_error('нету такого форума');
    }
    $fname = mysql_result($q, 0);
    do_mysql("UPDATE themes SET id_forum = '" . $id_forum . "' WHERE id_theme = '" . $id_theme . "';");
    $f = gen_header('переместить тему');
    $f .= '<div class="y" id="lisd"><b>переместить тему</b></div><p>';
    $f .= 'вы переместили тему ' . $tname . ' в форум ' . $fname . '!<br/>';
    $f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '&action=forum">форум</a><br/>';
    $f .= '&#187;<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
    $f .= gen_footer();
    exit($f);
}
    $pass = preg_replace('/[^a-z0-9]/i', '', $_GET['pass']);
    $pass2 = $_GET['pass2'];
    $old_pass = preg_replace('/[^a-z0-9]/i', '', $_GET['old_pass']);
    if ($pass !== $pass2) {
        put_g_error('пароли не совпадают либо вы используете запрещеные символы в них. a-Z0-9 и все ;)');
    }
    $pass = md5($pass);
    $old_pass = md5($old_pass);
    $q = do_mysql("SELECT email FROM players WHERE id_player = '" . $p['id_player'] . "' AND pass = '******';");
    if (!mysql_num_rows($q)) {
        put_g_error('пароль не верен!');
    }
    // menjaem -
    do_mysql("UPDATE players SET pass = '******' WHERE id_player = '" . $p['id_player'] . "';");
    do_mysql("DELETE FROM session WHERE login = '******';");
    $f = gen_header('смена пароля');
    $f .= '<div class="y" id="yyy"><b>вы сменили!</b></div><div class="n">';
    $f .= 'Поздравляю! А теперь идите входите заного, раз уж сменили...<br/><a class="blue" href="index.php">главная</a></div>';
    $f .= gen_footer();
    exit($f);
} else {
    $f = '<form action="game.php" method="get">';
    $f .= '<input type="hidden" name="sid" value="' . $sid . '"/>';
    $f .= '<input type="hidden" name="action" value="change_pass"/>';
    $f .= 'старый пароль:<br/><input type="password" name="old_pass"/><br/>';
    $f .= 'новый пароль:<br/><input type="password" name="pass"/><br/>';
    $f .= 'еще раз:<br/><input type="password" name="pass2"/><br/>';
    $f .= '<input type="submit" value="сменить"/>';
    $f .= '</form>';
    exit_msg('пароли', $f);
}
<?php 
// pokazatq ban i razbanitq zaodno
if ($p['admin'] > 0) {
    if (!isset($_GET['to'])) {
        $f = gen_header('бан');
        $f .= '<div class="y" id="oit"><b>блок</b></div><p>';
        $q = do_mysql("SELECT login FROM players WHERE admin = '-2';");
        while ($b = mysql_fetch_assoc($q)) {
            $f .= '&#187;' . $b['login'] . ' (<a class="red" href="game.php?sid=' . $sid . '&action=show_block&to=' . $b['login'] . '">x</a>)<br/>';
        }
        $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=moder"/>модераторская</a><br/>';
        $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=forum"/>форум</a><br/>';
        $f .= '<a class="blue" href="game.php?sid=' . $sid . '"/>в игру</a></p>';
        $f .= gen_footer();
        exit($f);
    }
    $to = preg_replace('/[^a-z0-9]/i', '', $_GET['to']);
    $id = is_player($to);
    if (!$id) {
        put_g_error('такого игрока нету');
    }
    $q = do_mysql("SELECT admin FROM players WHERE id_player = '" . $id . "';");
    $adm = mysql_result($q, 0);
    if ($adm != -2) {
        put_g_error('игрок не в блоке');
    }
    do_mysql("UPDATE players SET admin = '0' WHERE id_player = '" . $id . "';");
    exit_msg('блок', 'игрок ' . $to . ' paзблочен!<br/><a class="blue" href="game.php?sid=' . $sid . '&action=forum"/>форум</a>');
}
<?php 
// moderatorskaja:
if ($p['admin'] > 0) {
    $f = gen_header('модераторская');
    $f .= '<div class="y" id="yrk"><b>МОдераТОРская</b></div><p>';
    // funkcii foruma
    // ban
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=ban">покарать</a><br/>';
    // v bane
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=show_ban">баня</a><br/>';
    // v bloke
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=show_block">блок</a><br/>';
    // v polnom bloke
    if ($p['admin'] > 1) {
        $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=show_a_block">полный блок</a><br/>';
    }
    // sozdatq magiju
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=generate_magic">генератор магии</a><br/>';
    // prosmotretq sozdannoe
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=show_new_magic">просмотреть новосозданную магию</a><br/>';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '&action=forum">форум</a><br/>';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a><br/>';
    $f .= '</p>';
    $f .= gen_footer();
    exit($f);
}
// proverka na poslednee kastovanie:
include_once 'modules/f_check_last_cast.php';
if (!check_last_cast($LOGIN)) {
    // formiruem blokirujusheju stranicu, no na nej pomestim ssylku prodolzhitq dejstvie:
    $str = $_SERVER['QUERY_STRING'];
    // iz $str nado vyreatq sid
    // nam pomozhet strpos
    $pos = strpos($str, '&');
    // esli netu &, to eto ssylka na glavnuju, my ee i tak napishem
    if ($pos) {
        $str1 = substr($str, $pos + 1);
        $str2 = 'sid=' . $sid . '&' . $str1;
    } else {
        $str2 = 'sid=' . $sid;
    }
    $f = gen_header('Забытая История');
    $f .= '<div class="y" id="udak"><b>Пауза</b>:</div>';
    $f .= '<p>';
    $f .= 'Вы еще не собрались силами после прошедшего заклинания!<br/>';
    $pl_eff = get_affected($LOGIN);
    if ($pl_eff) {
        $f .= 'Эффекты:<br/>-';
        include_once 'modules/f_translit.php';
        $pl_eff = translit($pl_eff);
        $pl_eff = str_replace('|', '<br/>-', $pl_eff);
        $f .= $pl_eff;
    }
    $f .= '<a class="blue" href="game.php?' . $str2 . '">продолжить</a> | ';
    $f .= '<a class="blue" href="game.php?sid=' . $sid . '">в игру</a></p>';
    $f .= gen_footer();
    exit($f);
}
if ($_GET['change'] == 'locmode') {
    $p['settings'][2] = $set;
}
if ($_GET['change'] == 'journal') {
    $p['settings'][3] = $set;
}
if ($_GET['change'] == 'mapinfo') {
    $p['settings'][4] = $set;
}
if ($_GET['change'] == 'daynight') {
    $p['settings'][6] = $set;
}
if ($_GET['change'] == 'journal2') {
    $p['settings'][7] = $set;
}
if ($_GET['change'] == 'bd') {
    $p['settings'][8] = $set;
}
if ($_GET['change'] == 'invtab') {
    $p['settings'][9] = $set;
}
//-------------------------
do_mysql("UPDATE players SET settings = '" . $p['settings'] . "' WHERE id_player = '" . $p['id_player'] . "';");
//-------------------------
$f = gen_header('настройки');
$f .= '<div class="y" id="tpewriter">';
$f .= '<b>настройки<b></div>';
$f .= '<p>ваши настройки успешно установлены!<br/><a class="blue" href="game.php?sid=' . $sid . '">в игру</a><p>';
$f .= gen_footer();
exit($f);