<td width="245" height="177" background="images/w01.jpg" valign="top"> <?php if (!defined('GALLERY')) { die("Hack attempt!"); } if (is_numeric($_GET[id])) { $query = "select * from users where id = {$_GET[id]}"; $sql = mysql_query($query) or die(mysql_error()); $rows = mysql_fetch_assoc($sql); print '<h2>Фотографии игрока ' . $rows[char_name] . '</h2><ul> Уровень : ' . $rows[char_level] . '<br> Класс : ' . showClass($rows[char_class]) . '<br> Раса : ' . showRace($rows[char_race]) . '<br><br>'; $dir = "photos/" . $_GET[id]; $i = 0; if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != "." && $file != ".." && $file != "thumbs") { if ($i == 3) { echo "<br>"; $i = 0; } print '<a rel="lightbox" href="' . $dir . '/' . $file . '" > <img src="' . $dir . '/thumbs/' . $file . '" /></a>'; $i++; } } closedir($dh); } echo '</ul>'; } else {
mysql_query("SET NAMES 'utf8'"); $notfound = 0; if (!preg_match('#^(?:[а-я_]+|[a-z_]+)$#i', $username)) { $notfound = 1; } $query = "SELECT * FROM users WHERE char_name LIKE '%" . mysql_real_escape_string($_POST['user']) . "%' and photo > 0"; $sql = mysql_query($query) or die(mysql_error()); $rows_num = mysql_num_rows($sql); echo "Имя персонажа : {$username}"; if ($rows_num > 0 && $notfound == 0) { echo '<br><br> <center><table border = "1" width = "450"> <tr><td>Фото</td> <td>Имя персонажа</td> <td>Уровень</td> <td>Раса</td> <td>Класс</td>'; for ($i = 0; $i < $rows_num; $i++) { $row = mysql_fetch_assoc($sql); echo "<tr align = center><td><a href = index.php?action=showuser&id=" . $row[id] . "><img src = photos/" . $row[id] . "/thumbs/" . $row[photo] . ".jpg></a></td>\r\n\t\t\t\t<td><a href = index.php?action=showuser&id=" . $row[id] . "><b>" . $row[char_name] . "</b></a></td>\r\n\t\t\t\t<td>{$row['char_level']}</td>\r\n\t\t\t\t<td>" . showRace($row[char_race]) . "</td>\r\n\t\t\t\t<td>" . showClasS($row[char_class]) . "</td></tr>"; } echo "</table></center>"; } else { print '<form action="index.php?action=search' . $_GET[user] . '" method="POST"> <input type="text" name="user" /><br> <input type="submit" value="Поиск" /></form> <br>С таким именем совпадений не найдено'; } } else { print '<form action="index.php?action=search' . $_GET[user] . '" method="POST"> <input type="text" name="user" /><br> <input type="submit" value="Поиск" /></form> '; } ?>
} $query = "select * from users where {$where} photo > 0 limit {$start}, 12 "; $sql = mysql_query($query) or die(mysql_error()); $i = 0; echo '<ul><table width = "440"><tr>'; while ($row = mysql_fetch_assoc($sql)) { if ($i == 3) { echo "</tr><tr>"; $i = 0; } print '<td> <a rel="lightbox" href= "photos/' . $row[id] . '/' . $row[photo] . '.jpg" title = "' . $row[char_name] . '.Уровень : ' . $row[char_level] . ', ' . showClass($row[char_class]) . ', ' . showRace($row[char_race]) . '"> <img src="photos/' . $row[id] . '/thumbs/' . $row[photo] . '.jpg" /></a><br> <a href = index.php?action=showuser&id=' . $row[id] . '><b>' . $row[char_name] . '</b></a><br> Уровень : ' . $row[char_level] . '<br> Раса: ' . showRace($row[char_race]) . '<br> Класс: ' . showClass($row[char_class]) . '<br> </td>'; $i++; } echo '</tr></table></ul><center>'; $query = "select * from users where {$where} photo > 0"; $sql = mysql_query($query) or die(mysql_error()); for ($i = 0; $i < ceil(mysql_num_rows($sql) / 12); $i++) { if ($i + 1 == $page) { echo " ", $i + 1, " "; } else { echo "<a href = index.php?action=show&cat={$_GET['cat']}&page=", $i + 1, ">", $i + 1, "</a> "; } } echo "</center>";
echo $chars[4][2] . "lvl<br> " . showRace($chars[4][3]) . ", " . showClass($chars[4][4]); ?> </div> </td> </tr> <tr> </tr> </table> </td> <td width="251" height="175" background="images/w07.jpg" style="padding-left:11px;padding-top:40px;" valign="top"> <table cellpadding="0" cellspacing="0" border="0"> <tr> <td><img src="photos/<?php echo $chars[5][5] . "/thumbs/" . $chars[5][1] . ".jpg"; ?> " hspace="10" vspace="5"></td> <td width="180" valign="top"> <div class="cap"><a href = index.php?action=showuser&id=<?php echo $chars[5][5] . ">" . $chars[5][0] . "</a>"; ?> </div> <div class="small"><?php echo $chars[5][2] . "lvl<br> " . showRace($chars[5][3]) . ", " . showClass($chars[5][4]); ?> </div> </td> </tr> <tr> </tr> </table> </td>