} if (@$_COOKIE['_timing']) { echo "time 1=" . endTiming(); } if ($destination != "") { //new stamina reduction formula: $inv_count = $character->invent_count(); $degrade = $inv_count - ($character->constitution + $character->strength * 4); if ($inv_count > $character->max_inventory) { $degrade = $degrade * 2; } if ($degrade < 0) { $degrade = 1; } //end stamina reduction update table: $character->reduce_stamina($degrade); $result = mysql_query('SELECT `above_left`, `above`, `above_right`, `leftside`, `rightside`, `below_left`, `below`, `below_right` FROM phaos_locations WHERE id = \'' . $character->location . '\''); $row = mysql_fetch_assoc($result); foreach ($row as $item) { //FIXME: uses untrusted input by the user if ($item == $destination or @$_POST['rune_gate'] == "yes" or @$_POST['explorable'] == "yes") { $query = "UPDATE players SET location = '{$destination}', stamina=stamina+1 WHERE id = '{$PHP_PHAOS_CHARID}'"; $req = mysql_query($query); if (!$req) { echo "<B>Error " . mysql_errno() . " :</B> " . mysql_error() . ""; exit; } $result = mysql_query("SELECT * FROM phaos_locations WHERE id = '{$destination}'"); $character->location = $destination; if ($row = mysql_fetch_array($result)) { $location_name = $row["name"];