GameCMS Покупка GIF на аватар [gif_avatar] [Удалён]

Статус
В этой теме нельзя размещать новые ответы.

parliament

Команда форума
Гл.Администратор
14.05.2021
1 892
3 977
  • Администратор
  • Модер.
  • #1
Совместимость
  1. Лицензия
  2. Пиратская [Null]
Модуль добавляет услугу для покупки GIF-аватара в настройках профиля.
Тем самым, можно выделиться на сайте!
Модуль был взят со сборки от OneValve.ru.
Поделился модулем Pr[E]fix.

Установка:
  • Скачать архив.
  • Выгрузить в modules_extra.
  • Распаковать.
  • Выполнить в базу данных запрос ( создать запрос )

Как установить?
ШАГ №1

В файл по пути: templates/standart/tpl/home/settings.tpl, добавляем код после
HTML:
<form enctype="multipart/form-data" id="edit_user_avatar_form"><input type="hidden" id="token" name="token" value="{token}"><input type="hidden" id="edit_user_avatar" name="edit_user_avatar" value="1">input type="hidden" id="phpaction" name="phpaction" value="1"><input type="file" id="user_avatar" accept="image/*" name="user_avatar"/><input class="btn btn-outline-primary" type="submit" value="Загрузить"><div id="edit_user_avatar_result"></div></form>")
вот этот:
PHP:
<?php $id = $user->id;
if(empty($user->gif_avatar)){
echo '</br><p>Доступ К GIF Аватаркам! OneValve.ru</p>';
echo '<button class="btn btn-outline-primary" type="button" onclick="buy_gif_avatar();">Купить 30 [руб.]</button>';
} ?>
HTML:
<div class="col-lg-9 order-is-first profile-settings">
    <div class="row">
        <div class="col-lg-6">
            <div class="block">
                <div class="block_head">
                    Редактирование логина
                </div>
                <div class="input-group">
                    <div class="input-group-prepend">
                        <button class="btn btn-outline-primary" type="button" onclick="edit_user_login();">Изменить</button>
                    </div>
                    <input type="text" class="form-control" id="user_login" maxlength="15" autocomplete="off" value="{login}" placeholder="Введите логин">
                </div>
                <div id="edit_user_login_result"></div>
            </div>

            <div class="block">
                <div class="block_head">
                    Редактирование пароля
                </div>
                {if($user->password == 'none')}
                <div class="form-group">
                    <label>
                        <h4>
                            Новый пароль
                        </h4>
                    </label>
                    <input type="password" class="form-control" id="first_user_password" maxlength="15" autocomplete="off" placeholder="Введите новый пароль">
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Повторите
                        </h4>
                    </label>
                    <input type="password" class="form-control" id="first_user_password2" maxlength="15" autocomplete="off" placeholder="Повторите новый пароль">
                </div>

                <button class="btn btn-outline-primary" type="button" onclick="edit_first_user_password();">Изменить</button>
                <div id="edit_first_user_password_result"></div>

                {else}

                <div class="form-group">
                    <label>
                        <h4>
                            Текущий пароль
                        </h4>
                    </label>
                    <input type="password" class="form-control" id="user_old_password" maxlength="15" autocomplete="off" placeholder="Введите текущий пароль">
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Новый пароль
                        </h4>
                    </label>
                    <input type="password" class="form-control" id="user_password" maxlength="15" autocomplete="off" placeholder="Введите новый пароль">
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Повторите
                        </h4>
                    </label>
                    <input type="password" class="form-control" id="user_password2" maxlength="15" autocomplete="off" placeholder="Повторите новый пароль">
                </div>

                <button class="btn btn-outline-primary" type="button" onclick="edit_user_password();">Изменить</button>
                <div id="edit_user_password_result"></div>
                {/if}
            </div>

            <div class="block">
                <div class="block_head">
                    Редактирование аватара
                </div>
                <div class="row">
                    <div class="col-4">
                        <img id="avatar" src="{avatar}" class="w-100 mb-1">
                    </div>
                    <div class="col-8">
                        <form enctype="multipart/form-data" id="edit_user_avatar_form">
                            <input type="hidden" id="token" name="token" value="{token}">
                            <input type="hidden" id="edit_user_avatar" name="edit_user_avatar" value="1">
                            <input type="hidden" id="phpaction" name="phpaction" value="1">
                            <input type="file" id="user_avatar" accept="image/*" name="user_avatar"/>
                            <input class="btn btn-outline-primary" type="submit" value="Загрузить">
                            <div id="edit_user_avatar_result"></div>
                        </form>
                      <?php $id = $user->id;
if(empty($user->gif_avatar)){
echo '</br><p>Доступ К GIF Аватаркам!</p>';
echo '<button class="btn btn-outline-primary" type="button" onclick="buy_gif_avatar();">Купить 30 [руб.]</button>';
} ?>
                    </div>
                </div>
            </div>

            <div class="block">
                <div class="block_head">
                    Адрес страницы
                </div>
                <div class="input-group">
                    <div class="input-group-prepend">
                        <button class="btn btn-outline-primary" type="button" onclick="editUserRoute();">Изменить</button>
                    </div>
                    <input type="text" class="form-control" id="user_route" maxlength="30" autocomplete="off" value="{route}" placeholder="Введите адрес страницы">
                </div>

                <div class="noty-block info">
                    <p>Пример: {profileLink}<u>ваш-адрес</u></p>
                </div>

                <div id="edit_user_route_result"></div>
            </div>

            <div class="block">
                <div class="block_head">
                    Дополнительные настройки
                </div>
                <div class="form-group">
                    <label>
                        <h4>
                            Личные сообщения могут писать
                        </h4>
                    </label>
                    <div class="btn-group-toggle" data-toggle="buttons">
                        <label class="btn btn-default {im_radio_1}" onclick="on_im(1);">
                            <input type="radio">
                            Все
                        </label>

                        <label class="btn btn-default {im_radio_2}" onclick="on_im(2);">
                            <input type="radio">
                            Друзья
                        </label>
                    </div>
                </div>
                <div class="form-group">
                    <label>
                        <h4>
                            Привязка cookies к ip адресу
                        </h4>
                    </label>
                    <div class="btn-group-toggle" data-toggle="buttons">
                        <label class="btn btn-default {protect_radio_1}" onclick="on_ip_protect(1);">
                            <input type="radio">
                            Включить
                        </label>

                        <label class="btn btn-default {protect_radio_2}" onclick="on_ip_protect(2);">
                            <input type="radio">
                            Выключить
                        </label>
                    </div>
                </div>
                <div class="form-group">
                    <label>
                        <h4>
                            Уведомления на почту
                        </h4>
                    </label>
                    <div class="btn-group-toggle" data-toggle="buttons">
                        <label class="btn btn-default {notice_radio_1}" onclick="on_email_notice(1);">
                            <input type="radio">
                            Включить
                        </label>

                        <label class="btn btn-default {notice_radio_2}" onclick="on_email_notice(2);">
                            <input type="radio">
                            Выключить
                        </label>
                    </div>
                </div>
            </div>

            <div class="block">
                <div class="block_head">
                    Редактирование подписи
                </div>
                <mytextarea id="signature" maxlength="500">{signature}</mytextarea>
                <button id="send_btn" class="btn btn-primary mt-3" type="button" onclick="edit_signature();">Изменить</button>
                <div id="edit_signature_result"></div>
            </div>

            <div class="block">
                <div class="block_head">
                    Черный список
                </div>

                <button class="btn btn-outline-primary w-100 mb-0"
                        data-target="#black-list"
                        data-toggle="modal"
                        onclick="getBlackList();">Открыть список</button>

                <script>$('#black-list').modal('hide');</script>
                <div id="black-list" class="modal fade">
                    <div class="modal-dialog modal-lg">
                        <div class="modal-content">
                            <div class="modal-header">
                                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                                    <span aria-hidden="true">×</span>
                                </button>
                                <h4 class="modal-title">Черный список</h4>
                            </div>
                            <div class="modal-body">
                                <div class="table-responsive mb-0">
                                    <table class="table table-bordered">
                                        <thead>
                                        <tr>
                                            <td>#</td>
                                            <td>Профиль</td>
                                            <td>Действие</td>
                                        </tr>
                                        </thead>
                                        <tbody id="black-list-content">
                                        <tr>
                                            <td colspan="10">
                                                <div class="loader"></div>
                                            </td>
                                        </tr>
                                        </tbody>
                                    </table>
                                </div>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
        </div>
        <div class="col-lg-6">
            <div class="block">
                <div class="block_head">
                    Редактирование профиля
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Имя
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_name();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_name" maxlength="30" autocomplete="off" value="{name}" placeholder="Введите свое имя">
                    </div>
                    <div id="edit_user_name_result"></div>
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Ник на сервере
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_nick();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_nick" maxlength="30" autocomplete="off" value="{nick}" placeholder="Введите свой ник">
                    </div>
                    <div id="edit_user_nick_result"></div>
                </div>

                <!--
                <div class="form-group">
                    <label>
                        <h4>
                            Префикс в чате сервера
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_prefix();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_prefix" maxlength="16" autocomplete="off" value="{{$user->prefix}}" placeholder="Укажите префикс">
                    </div>
                    <div id="edit_user_prefix_result"></div>
                </div>
                -->

                <div class="form-group">
                    <label>
                        <h4>
                            Steam ID
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_steam_id();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_steam_id" maxlength="32" autocomplete="off" value="{steam_id}" placeholder="Введите свой Steam ID">
                    </div>
                    <div id="edit_user_steam_id_result"></div>
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Дата рождения
                        </h4>
                    </label>
                    <div class="input-group editing-date">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_birth();">Изменить</button>
                        </div>
                        <select class="form-control" id="birth_day">{birth_day}</select>
                        <select class="form-control" id="birth_month">{birth_month}</select>
                        <select class="form-control" id="birth_year">{birth_year}</select>
                    </div>
                    <div id="edit_user_birth_result"></div>
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Скайп
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_skype();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_skype" maxlength="32" autocomplete="off" value="{skype}" placeholder="Введите свой логин в скайпе">
                    </div>
                    <div id="edit_user_skype_result"></div>
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Telegram
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_telegram();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_telegram" maxlength="50" autocomplete="off" value="{telegram}" placeholder="Введите свой логин в Телеграме">
                    </div>
                    <div id="edit_user_telegram_result"></div>
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            Discord
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_discord();">
                                Изменить
                            </button>
                        </div>
                        <input type="text"
                               class="form-control"
                               id="user_discord"
                               maxlength="32"
                               autocomplete="off"
                               value="{discord}"
                               placeholder="Введите свой логин в Discord">
                    </div>
                    <div id="edit_user_discord_result"></div>
                </div>
            </div>

            <div class="block" id="vk_area">
                <div class="block_head">
                    Аккаунт Вконтакте
                </div>

                {if($auth_api->vk_api == '2')}
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_vk();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_vk" maxlength="30" autocomplete="off" value="{vk}" placeholder="Введите свой ID в Вконтакте">
                    </div>
                    <div id="edit_user_vk_result"></div>
                {else}
                    {if($user->vk_api == '0')}
                        <div class="noty-block">
                            Если Ваш профиль будет прикреплен к аккаунту VK, то Вы сможете авторизовываться на сайте в один клик по кнопке "Войти через VK".
                        </div>
                        <a class="btn btn-outline-primary" id="vk_link" href="">Прикрепить профиль к VK</a><br>
                        <script>attach_user_vk();</script>
                    {else}
                        <div class="noty-block info">
                            <a target="_blank" href="https://vk.com/{vk}" id="vk_user">
                                <img src="../files/avatars/no_avatar.jpg" alt="">
                                <span>Загрузка...</span>
                            </a>
                            <script>get_vk_profile_info('{vk_api}', '#vk_user img', '#vk_user span', '{vk}');</script>
                        </div>
                        <button class="btn btn-outline-primary" type="button" onclick="unset_vk();">Открепить профиль</button>
                        <div id="unset_vk_result"></div>
                    {/if}

                    {conf_mess}
                {/if}
            </div>

            {if($auth_api->steam_api != '2')}
            <div class="block" id="steam_area">
                <div class="block_head">
                    Аккаунт Steam
                </div>

                {if('{steam_api}' == '0')}
                <div class="noty-block">
                    Если Ваш профиль будет прикреплен к аккаунту Steam, то Вы сможете авторизовываться на сайте в один клик по кнопке "Войти через Steam".
                </div>
                <a class="btn btn-outline-primary" id="steam_link" href="">Прикрепить профиль к Steam</a><br>
                <script>attach_user_steam();</script>
                {else}
                <div class="noty-block info">
                    <a target="_blank" href="https://steamcommunity.com/profiles/{steam_api}/" id="steam_user">
                        <img src="../files/avatars/no_avatar.jpg" alt="">
                        <span>Загрузка...</span>
                    </a>
                    <script>get_user_steam_info('{steam_api}');</script>
                </div>
                <button class="btn btn-outline-primary" type="button" onclick="unset_steam();">Открепить профиль</button>
                <div id="unset_steam_result"></div>
                {/if}

                {conf_mess2}
            </div>
            {/if}

            <div class="block" id="fb_area">
                <div class="block_head">
                    Аккаунт Facebook
                </div>

                <div class="form-group">
                    <label>
                        <h4>
                            ID
                        </h4>
                    </label>
                    <div class="input-group">
                        <div class="input-group-prepend">
                            <button class="btn btn-outline-primary" type="button" onclick="edit_user_fb();">Изменить</button>
                        </div>
                        <input type="text" class="form-control" id="user_fb" maxlength="20" autocomplete="off" value="{fb}" placeholder="Введите свой ID в Facebook">
                    </div>
                    <div id="edit_user_fb_result"></div>
                </div>

                {if($auth_api->fb_api == '1')}
                    {if($user->fb_api == '0')}
                        <div class="noty-block">
                            Если Ваш профиль будет прикреплен к аккаунту Facebook, то Вы сможете авторизовываться на сайте в один клик по кнопке "Войти через Facebook".
                        </div>
                        <a class="btn btn-outline-primary" id="fb_link" href="">Прикрепить профиль к Facebook</a><br>
                        <script>attach_user_fb();</script>
                    {else}
                        <div class="noty-block info">
                            <a target="_blank" href="#" id="fb_user">
                                <img src="../files/avatars/no_avatar.jpg" alt="">
                                <span>Загрузка...</span>
                            </a>
                            <script> get_fb_profile_info('{fb_api}', '{fb}', '#fb_user', '#fb_user img', '#fb_user span'); </script>
                        </div>
                        <button class="btn btn-outline-primary" type="button" onclick="unset_fb();">Открепить профиль</button>
                        <div id="unset_fb_result"></div>
                    {/if}

                    {conf_mess3}
                {/if}
            </div>

            {if('{referral_program}' == '1')}
            <div class="block block-table">
                <div class="block_head">
                    Реферальная программа
                </div>
                <div class="noty-block info">
                    Пользователи, зарегистрированные на сайте по вашей ссылке, будут являться Вашими рефералами. При пополнении своего баланса рефералом, Вы будете получать на Ваш баланс {referral_percent}% от суммы его пополнения.
                </div>
                <div class="table-responsive mb-0">
                    <table class="table table-bordered">
                        <tr>
                            <td colspan="2">
                                Ваша уникальная ссылка: <b>{referral_link}</b>
                            </td>
                        </tr>
                        <tr>
                            <td>
                                <button class="btn btn-outline-primary w-100" data-target="#referrals" data-toggle="modal" onclick="get_referrals();">Мои рефералы</button>
                            </td>
                            <td>
                                <button class="btn btn-outline-primary w-100" data-target="#profit" data-toggle="modal" onclick="get_ref_profit();">Моя прибыль</button>
                            </td>
                        </tr>
                    </table>
                </div>
            </div>

            <script>$('#referrals').modal('hide');</script>
            <div id="referrals" class="modal fade">
                <div class="modal-dialog modal-lg">
                    <div class="modal-content">
                        <div class="modal-header">
                            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                                <span aria-hidden="true">×</span>
                            </button>
                            <h4 class="modal-title">Рефералы</h4>
                        </div>
                        <div class="modal-body">
                            <div class="table-responsive mb-0">
                                <table class="table table-bordered">
                                    <thead>
                                        <tr>
                                            <td>#</td>
                                            <td>Профиль</td>
                                            <td>Дата регистрации</td>
                                            <td>Прибыль</td>
                                        </tr>
                                    </thead>
                                    <tbody id="referrals_body">
                                        <tr>
                                            <td colspan="10">
                                                <div class="loader"></div>
                                            </td>
                                        </tr>
                                    </tbody>
                                </table>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
            <script>$('#profit').modal('hide');</script>
            <div id="profit" class="modal fade">
                <div class="modal-dialog modal-lg">
                    <div class="modal-content">
                        <div class="modal-header">
                            <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                                <span aria-hidden="true">×</span>
                            </button>
                            <h4 class="modal-title">Прибыль</h4>
                        </div>
                        <div class="modal-body">
                            <div class="table-responsive mb-0">
                                <table class="table table-bordered">
                                    <thead>
                                        <tr>
                                            <td>#</td>
                                            <td>Реферал</td>
                                            <td>Сумма</td>
                                            <td>Дата</td>
                                        </tr>
                                    </thead>
                                    <tbody id="profit_body">
                                        <tr>
                                            <td colspan="10">
                                                <div class="loader"></div>
                                            </td>
                                        </tr>
                                    </tbody>
                                </table>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
            {/if}
        </div>
    </div>
</div>

<script>
    $(document).ready(function() {
        init_tinymce("signature", "lite", "{file_manager_theme}", "", "");
    });
    $("#edit_user_avatar_form").submit(function (event){
        NProgress.start();
        event.preventDefault();
        var data = new FormData($('#edit_user_avatar_form')[0]);
        $.ajax({
            type: "POST",
            url: "ajax/actions_a.php",
            data: data,
            contentType: false,
            processData: false,
        }).done(function (html) {
            $("#edit_user_avatar_result").empty();
            $("#edit_user_avatar_result").append(html);
            $('#edit_user_avatar_form')[0].reset();
        });
        NProgress.done();
    });
</script>

<div class="col-lg-3 order-is-last">
    {include file="/home/navigation.tpl"}
    {include file="/home/sidebar.tpl"}
</div>

ШАГ № 2
В файл по пути ajax/actions_a.php нужно заметить следующий код:
actions_a:
if (isset($_POST['edit_user_avatar'])) {
    if (empty($_FILES['user_avatar']['name'])) {
        exit('<span class="m-icon icon-remove"></span> Выберите изображение!');
    } else {
        $path = 'files/avatars/';

        if (if_img($_FILES['user_avatar']['name'])) {
            $filename = set_temp_file_name($_FILES['user_avatar']['name']);
            $source = $_FILES['user_avatar']['tmp_name'];
            $target = '../'.$path . $filename;
            if (!move_uploaded_file($source, $target)) {
                exit('<span class="m-icon icon-remove"></span> Ошибка загрузки файла!');
            }

            if (if_gif($filename)) {
                $im = imagecreatefromgif('../'.$path . $filename);
            }
            if (if_png($filename)) {
                $im = imagecreatefrompng('../'.$path . $filename);
            }
            if (if_jpg($filename)) {
                $im = imagecreatefromjpeg('../'.$path . $filename);
            }

            $date = time();
            clip_image($im, 300, $path.$date);
            $user_avatar = $path . $date . ".jpg";
            unlink('../'.$path . $filename);

            $STH = $pdo->query("SELECT avatar FROM users WHERE id='$_SESSION[id]'"); $STH->setFetchMode(PDO::FETCH_OBJ);
            $tmp = $STH->fetch();
            if ($tmp->avatar != 'files/avatars/no_avatar.jpg') {
                if(file_exists('../'.$tmp->avatar)) {
                    unlink('../'.$tmp->avatar);
                }
            }
        } else {
            exit('<span class="m-icon icon-remove"></span> Аватар должен быть в формате JPG,GIF или PNG');
        }
        $STH = $pdo->prepare("UPDATE users SET avatar=:user_avatar WHERE id='$_SESSION[id]' LIMIT 1");
        $STH->execute(array(':user_avatar' => $user_avatar));
        echo '<span class="m-icon icon-ok"></span> Аватар изменен! <script>document.getElementById("avatar").src = "'.$user_avatar.'" </script>';
    }
    exit();
}
На этот код:
actions_a:
if (isset($_POST['edit_user_avatar'])) {
    if (empty($_FILES['user_avatar']['name'])) {
        exit('<span class="m-icon icon-remove"></span> Выберите изображение!');
    } else {
        $path = 'files/avatars/';
        $STH = $pdo->query("SELECT gif_avatar FROM users WHERE id='$_SESSION[id]' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        if (if_gif($_FILES['user_avatar']['name']) && !$row->gif_avatar) {
            exit('<span class="m-icon icon-remove"></span> Нет доступа!');
        } else if (if_img($_FILES['user_avatar']['name'])) {
            $filename = set_temp_file_name($_FILES['user_avatar']['name']);
            $source = $_FILES['user_avatar']['tmp_name'];
            $target = '../'.$path . $filename;
            if (!move_uploaded_file($source, $target)) {
                exit('<span class="m-icon icon-remove"></span> Ошибка загрузки файла!');
            }
            if (if_png($filename)) {
                $im = imagecreatefrompng('../'.$path . $filename);
            }
            if (if_jpg($filename)) {
                $im = imagecreatefromjpeg('../'.$path . $filename);
            }
            $date = time();
            if (if_gif($filename)) {
                if(empty($size)) {
                    $size = 300;
                }
                $w = $size;
                $w_src = imagesx($im);
                $h_src = imagesy($im);
                $dest = imagecreatetruecolor($w, $w);
                if($w_src > $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, round((max($w_src, $h_src) - min($w_src, $h_src)) / 2), 0, $w, $w, min($w_src, $h_src), min($w_src, $h_src));
                }
                if($w_src < $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, 0, 0, $w, $w, min($w_src, $h_src), min($w_src, $h_src));
                }
                if($w_src == $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, 0, 0, $w, $w, $w_src, $w_src);
                }
                copy($target, $_SERVER["DOCUMENT_ROOT"].'/'.$path.$date.'.gif');
                $user_avatar = $path . $date . ".gif";
            } else {
                clip_image($im, 300, $path.$date);
                $user_avatar = $path . $date . ".jpg";
            }
            unlink('../'.$path . $filename);
            $STH = $pdo->query("SELECT avatar FROM users WHERE id='$_SESSION[id]'"); $STH->setFetchMode(PDO::FETCH_OBJ);
            $tmp = $STH->fetch();
            if ($tmp->avatar != 'files/avatars/no_avatar.jpg') {
                if(file_exists('../'.$tmp->avatar)) {
                    unlink('../'.$tmp->avatar);
                }
            }
        } else {
            exit('<span class="m-icon icon-remove"></span> Аватар должен быть в формате JPG,GIF или PNG');
        }
        $STH = $pdo->prepare("UPDATE users SET avatar=:user_avatar WHERE id='$_SESSION[id]' LIMIT 1");
        $STH->execute(array(':user_avatar' => $user_avatar));
        echo '<span class="m-icon icon-ok"></span> Аватар изменен! <script>document.getElementById("avatar").src = "'.$user_avatar.'" </script>';
    }
    exit();
}

JavaScript:
<?php
include_once "../inc/start.php";

if (empty($_POST['phpaction'])) {
    log_error("Прямой вызов actions_a.php");
    echo 'Ошибка: [Прямой вызов инклуда]';
    exit(json_encode(array('status' => '2')));
}

if($conf->token == 1 && ($_SESSION['token'] != clean($_POST['token'],null))) {
    log_error("Неверный токен");
    echo 'Ошибка: [Неверный токен]';
    exit(json_encode(array('status' => '2')));
}

if (empty($_SESSION['id'])){
    echo 'Ошибка: [Доступно только авторизованным]';
    exit(json_encode(array('status' => '2')));
}

include_once "../inc/protect.php";

/* Проверка на бота
=========================================*/
if(isset($_POST['bot_check'])) {
    if(!validateCaptcha($_POST["captcha"])) {
        exit('<p class="text-danger">Неверно введена капча!</p>');
    }

    $STH = $pdo->prepare("DELETE FROM `last_actions` WHERE `user_id`=:user_id AND `action_type`=:action_type LIMIT 1");
    $STH->execute(array( ':user_id' => $_SESSION['id'], ':action_type' => 5 ));

    exit('<p class="text-success">Проверка пройдена, можете выполнить действие!</p><script>reset_page();</script>');
}

/* Настройка профиля
=========================================*/
if (isset($_POST['edit_user_vk'])) {
    $user_vk = check($_POST['user_vk'],null);

    if (empty($user_vk)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали ID.');
    }

    if ((strnatcasecmp(substr($user_vk, 0, 7),'http://') == 0) or (strnatcasecmp(substr($user_vk, 0, 8),'https://') == 0) or (strnatcasecmp(substr($user_vk, 0, 6),'vk.com') == 0) or (strnatcasecmp(substr($user_vk, 0, 4),'www.') == 0)){
        exit('<span class="m-icon icon-remove"></span> Укажите только ID!');
    }

    if (mb_strlen($user_vk, 'UTF-8') < 2 or mb_strlen($user_vk, 'UTF-8') > 30) {
        exit('<span class="m-icon icon-remove"></span> ID Вконтакте должен состоять не менее чем из 2 символов и не более чем из 30.');
    }

    $answer = get_headers("https://vk.com/".$user_vk);
    if ($answer[0] == 'HTTP/1.1 404 Not Found') {
        exit('<span class="m-icon icon-remove"></span> Аккаунт Вконтакте не найден.');
    }

    $U = new Users($pdo);

    if(!$U->check_busyness('vk', $user_vk, $_SESSION['id'])) {
        exit('<span class="m-icon icon-remove"></span> Введеный Вами ID занят другим пользователем!');
    }

    $STH = $pdo->prepare("UPDATE users SET vk=:user_vk WHERE id='$_SESSION[id]' LIMIT 1");
    if ($STH->execute(array( ':user_vk' => $user_vk)) == '1') {
        exit('<span class="m-icon icon-ok"></span> ID вконтакте изменен!');
    }

    exit();
}
if (isset($_POST['unset_vk'])) {
    $STH = $pdo->prepare("SELECT `vk_api`,`password` FROM `users` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':id' => $_SESSION['id'] ));
    $row = $STH->fetch();
    if($row->vk_api == '0') {
        exit('<span class="m-icon icon-remove"></span> Профиль уже откреплен.');
    }
    if(substr($row->password, 0, 5) == "none_") {
        exit('<span class="m-icon icon-remove"></span> Сначала укажите пароль для своего профиля.');
    }

    $STH = $pdo->prepare("UPDATE `users` SET `vk_api`=:vk_api, `vk`=:vk WHERE `id`=:id LIMIT 1");
    if ($STH->execute(array( ':vk_api' => '0', ':vk' => '---', ':id' => $_SESSION['id'] )) == '1') {
        exit('<script>reset_page();</script>');
    }
}

if (isset($_POST['edit_user_steam_id'])) {
    $user_steam_id = check($_POST['user_steam_id'],null);

    if (empty($user_steam_id)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали STEAM ID!');
    }

    if (mb_strlen($user_steam_id, 'UTF-8') > 32) {
        exit('<span class="m-icon icon-remove"></span> STEAM ID должен состоять не более чем из 30 символов.');
    }

    $SIDO = new SteamIDOperations();
    if (!$user_steam_id = $SIDO->GetSteamID32($user_steam_id)) {
        exit('<span class="m-icon icon-remove"></span> Неверный STEAM ID!');
    }

    $STH = $pdo->query("SELECT `id`, `login` FROM users WHERE steam_id='$user_steam_id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (!empty($row->id) && $row->id != $_SESSION['id']) {
        exit('<p class="text-danger">Введеный Вами steam id занят пользователем <a href="../profile?id='.$row->id.'" target="_blank">'.$row->login.'</a></p>');
    }

    $STH = $pdo->prepare("UPDATE users SET steam_id=:user_steam_id WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_steam_id' => $user_steam_id));

    write_log("Steam ID изменен на ".$user_steam_id);
    exit('<span class="m-icon icon-ok"></span> Ваш Steam ID изменен!');
}
if (isset($_POST['unset_steam'])) {
    $STH = $pdo->prepare("SELECT `steam_api`,`password` FROM `users` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':id' => $_SESSION['id'] ));
    $row = $STH->fetch();

    if($row->steam_api == '0') {
        exit('<span class="m-icon icon-remove"></span> Профиль уже откреплен.');
    }
    if(substr($row->password, 0, 5) == "none_") {
        exit('<span class="m-icon icon-remove"></span> Сначала укажите пароль для своего профиля.');
    }

    $STH = $pdo->prepare("UPDATE `users` SET `steam_api`=:steam_api WHERE `id`=:id LIMIT 1");
    if ($STH->execute(array( ':steam_api' => '0', ':id' => $_SESSION['id'] )) == '1') {
        exit('<script>reset_page();</script>');
    }
}

if (isset($_POST['edit_user_fb'])) {
    $user_fb = check($_POST['user_fb'],null);

    if (empty($user_fb)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали ID.');
    }

    if ((strnatcasecmp(substr($user_fb, 0, 7),'http://') == 0) or (strnatcasecmp(substr($user_fb, 0, 8),'https://') == 0) or (strnatcasecmp(substr($user_fb, 0, 6),'facebook.com') == 0) or (strnatcasecmp(substr($user_fb, 0, 4),'www.') == 0)){
        exit('<span class="m-icon icon-remove"></span> Укажите только ID!');
    }

    if (mb_strlen($user_fb, 'UTF-8') < 2 or mb_strlen($user_fb, 'UTF-8') > 20) {
        exit('<span class="m-icon icon-remove"></span> ID facebook должен состоять не менее чем из 2 символов и не более чем из 20.');
    }

    $answer = get_headers("https://www.facebook.com/profile.php?id=".$user_fb);
    if ($answer[0] == 'HTTP/1.1 404 Not Found') {
        exit('<span class="m-icon icon-remove"></span> Аккаунт Facebook не найден.');
    }

    $U = new Users($pdo);

    if(!$U->check_busyness('fb', $user_fb, $_SESSION['id'])) {
        exit('<span class="m-icon icon-remove"></span> Введеный Вами ID занят другим пользователем!');
    }

    $STH = $pdo->prepare("UPDATE users SET fb=:user_fb WHERE id='$_SESSION[id]' LIMIT 1");
    if ($STH->execute(array( ':user_fb' => $user_fb)) == '1') {
        exit('<span class="m-icon icon-ok"></span> ID Facebook изменен!');
    }

    exit();
}
if (isset($_POST['unset_fb'])) {
    $STH = $pdo->prepare("SELECT `fb_api`,`password` FROM `users` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':id' => $_SESSION['id'] ));
    $row = $STH->fetch();

    if($row->fb_api == '0') {
        exit('<span class="m-icon icon-remove"></span> Профиль уже откреплен.');
    }
    if(substr($row->password, 0, 5) == "none_") {
        exit('<span class="m-icon icon-remove"></span> Сначала укажите пароль для своего профиля.');
    }

    $STH = $pdo->prepare("UPDATE `users` SET `fb_api`=:fb_api WHERE `id`=:id LIMIT 1");
    if ($STH->execute(array( ':fb_api' => '0', ':id' => $_SESSION['id'] )) == '1') {
        exit('<script>reset_page();</script>');
    }
}

if (isset($_POST['edit_user_login'])) {
    $user_login = checkJs($_POST['user_login'],null);

    if (empty($user_login)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали логин!');
    }

    $U = new Users($pdo);

    if(!$U->check_login_length($user_login)) {
        exit('<span class="m-icon icon-remove"></span> Логин должен состоять не менее чем из 3 символов и не более чем из 30.');
    }
    if(!$U->check_login_composition($user_login)) {
        exit('<span class="m-icon icon-remove"></span> В логине разрешается использовать только буквы и цифры.');
    }
    if(!$U->check_login_busyness($user_login, $_SESSION['id'])) {
        exit('<span class="m-icon icon-remove"></span> Введеный Вами логин уже зарегистрирован!');
    }

    if ($host == 'demo.worksma.ru' and $_SESSION['id'] == '2') {
        exit('<span class="m-icon icon-remove"></span> Менять логин на данном аккаунте запрещено!');
    }

    $STH = $pdo->query("SELECT `col_login` FROM `config__secondary` LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $conf2 = $STH->fetch();

    $date = time() - 24*60*60*$conf2->col_login;
    $pdo->exec("DELETE FROM `last_actions` WHERE `date`<'$date' and `user_id`='$_SESSION[id]' and `action_type` = '3' LIMIT 1");

    $STH = $pdo->query("SELECT `id`, `date` FROM `last_actions` WHERE `user_id` = '$_SESSION[id]' and `action_type` = '3'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (!empty($row->id)) {
        $delta = time() - $row->date;
        if ($delta < (24*60*60*$conf2->col_login)) {
            exit('<span class="m-icon icon-remove"></span> Логин можно менять раз в '.$conf2->col_login.' сут.');
        }
    }

    $STH = $pdo->prepare("UPDATE `users` SET `login`=:user_login WHERE `id`='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_login' => $user_login));

    $STH = $pdo->prepare("INSERT INTO `last_actions` (`user_id`,`action_type`,`date`) values (:user_id, :action_type, :date)");
    $STH->execute(array( 'user_id' => $_SESSION['id'], 'action_type' => '3', 'date' => time() ));

    $_SESSION['login'] = $user_login;

    write_log("Логин изменен на ".$user_login);
    exit('<span class="m-icon icon-ok"></span> Ваш логин изменен!');
}

if(isset($_POST['editUserRoute'])) {
    $route = check($_POST['route'], null);

    if(empty($route)) {
        $route = null;
    } else {
        $U = new Users($pdo);

        if(!$U->check_route_length($route)) {
            exit('<span class="m-icon icon-remove"></span> Адрес должен состоять не менее чем из 3 символов и не более чем из 32.');
        }

        if(!$U->check_route_composition($route)) {
            exit('<span class="m-icon icon-remove"></span> В адресе разрешается использовать только буквы английского алфавита, цифры и символы: -_');
        }

        if(!$U->check_route_busyness($route, $_SESSION['id'])) {
            exit('<span class="m-icon icon-remove"></span> Введеный Вами адрес уже зарегистрирован!');
        }
    }

    $STH = $pdo->prepare("UPDATE users SET route=:route WHERE id=:id LIMIT 1");
    $STH->execute([':route' => $route, ':id' => $_SESSION['id']]);

    write_log('Адрес страницы изменен на ' . $route);
    exit('<span class="m-icon icon-ok"></span> Адрес вашей страницы изменен!');
}

if (isset($_POST['edit_user_name'])) {
    $user_name = check($_POST['user_name'],null);

    if (empty($user_name)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали имя!');
    }

    if (mb_strlen($user_name, 'UTF-8') > 30) {
        exit('<span class="m-icon icon-remove"></span> Имя должно состоять не более чем из 30 символов.');
    }

    $STH = $pdo->prepare("UPDATE users SET name=:user_name WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_name' => $user_name));

    write_log("Имя изменено на ".$user_name);
    exit('<span class="m-icon icon-ok"></span> Ваше имя изменено!');
}
if (isset($_POST['edit_user_nick'])) {
    $user_nick = check($_POST['user_nick'],null);
    $user_nick = str_replace(array('/', '\\'), '', $user_nick);

    if (empty($user_nick)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали ник!');
    }

    if (mb_strlen($_POST['user_nick'], 'UTF-8') > 32) {
        exit('<span class="m-icon icon-remove"></span> Ник должен состоять не более чем из 32 символов.');
    }

    $STH = $pdo->query("SELECT id,login FROM users WHERE nick='$user_nick' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (!empty($row->id) && $row->id != $_SESSION['id']) {
        exit('<p class="text-danger">Введеный Вами ник занят пользователем <a href="../profile?id='.$row->id.'" target="_blank">'.$row->login.'</a></p>');
    }

    $STH = $pdo->prepare("UPDATE users SET nick=:user_nick WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_nick' => $user_nick));

    write_log("Ник изменен на ".$user_nick);
    exit('<span class="m-icon icon-ok"></span> Ваш ник изменен!');
}
if (isset($_POST['edit_user_birth'])) {
    $birth_day = check($_POST['birth_day'],"int");
    $birth_month = check($_POST['birth_month'],"int");
    $birth_year = check($_POST['birth_year'],"int");

    if ($birth_day < 10) {
        $birth_day = "0" . $birth_day;
    }
    if ($birth_month < 10) {
        $birth_month = "0" . $birth_month;
    }

    $birth = $birth_year."-".$birth_month."-".$birth_day;

    if(!if_date($birth_day, $birth_month, $birth_year)) {
        exit('<span class="m-icon icon-remove"></span> Введена некорректная дата!');
    }

    $STH = $pdo->prepare("UPDATE users SET birth=:birth WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':birth' => $birth));

    write_log("Дата рождения изменена на ".$birth);
    exit('<span class="m-icon icon-ok"></span> Ваша дата рождения изменена!');
}
if (isset($_POST['edit_user_skype'])) {
    $user_skype = check($_POST['user_skype'],null);

    if (empty($user_skype)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали логин скайпа!');
    }

    if (mb_strlen($user_skype, 'UTF-8') < 6 or mb_strlen($user_skype, 'UTF-8') > 32) {
        exit('<span class="m-icon icon-remove"></span> Логин скайпа должен состоять не менее чем из 6 символов и не более чем из 32.');
    }

    $STH = $pdo->prepare("UPDATE users SET skype=:user_skype WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_skype' => $user_skype));

    write_log("Логин скайпа изменен на ".$user_skype);
    exit('<span class="m-icon icon-ok"></span> Ваш логин скайпа изменен!');
}
if (isset($_POST['edit_user_telegram'])) {
    $user_telegram = check($_POST['user_telegram'],null);

    if (empty($user_telegram)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали логин Telegram!');
    }

    if (mb_strlen($user_telegram, 'UTF-8') < 3 or mb_strlen($user_telegram, 'UTF-8') > 50) {
        exit('<span class="m-icon icon-remove"></span> Логин Telegram должен состоять не менее чем из 3 символов и не более чем из 50.');
    }

    $STH = $pdo->prepare("UPDATE users SET telegram=:user_telegram WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_telegram' => $user_telegram));

    write_log("Логин телеграма изменен на ".$user_telegram);
    exit('<span class="m-icon icon-ok"></span> Ваш логин Telegram изменен!');
}
if (isset($_POST['edit_user_discord'])) {
    $user_discord = check($_POST['user_discord'],null);

    if (empty($user_discord)) {
        exit('<span class="m-icon icon-remove"></span> Вы не указали логин Discord!');
    }

    if (mb_strlen($user_discord, 'UTF-8') < 3 or mb_strlen($user_discord, 'UTF-8') > 32) {
        exit('<span class="m-icon icon-remove"></span> Логин Discord должен состоять не менее чем из 3 символов и не более чем из 32.');
    }

    $STH = $pdo->prepare("UPDATE users SET discord=:user_discord WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_discord' => $user_discord));

    write_log("Логин Discord изменен на ".$user_discord);
    exit('<span class="m-icon icon-ok"></span> Ваш логин Discord изменен!');
}
if (isset($_POST['edit_first_user_password'])) {
    $user_password = check($_POST['user_password'],null);
    $user_password2 = check($_POST['user_password2'],null);

    if (empty($user_password) or empty($user_password2)) {
        exit('<span class="m-icon icon-remove"></span> Вы заполнили не все поля!');
    }

    $U = new Users($pdo);

    if(!$U->check_password_length($user_password)) {
        exit('<span class="m-icon icon-remove"></span> Пароль должен состоять не менее чем из 6 символов и не более чем из 15.');
    }
    if($user_password != $user_password2) {
        exit('<span class="m-icon icon-remove"></span> Новые пароли не совпадают!');
    }

    $user_password = $U->convert_password($user_password, $conf->salt);

    $STH = $pdo->prepare("UPDATE users SET password=:user_password WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_password' => $user_password));

    $_SESSION['cache'] = $SC->get_cache($user_password);
    $SC->set_cookie("cache", $_SESSION['cache']);

    exit('<span class="m-icon icon-ok"></span> Пароль успешно изменен!');
}
if (isset($_POST['edit_user_password'])) {
    $user_old_password = check($_POST['user_old_password'],null);
    $user_password = check($_POST['user_password'],null);
    $user_password2 = check($_POST['user_password2'],null);

    if (empty($user_old_password) or empty($user_password) or empty($user_password2)) {
        exit('<span class="m-icon icon-remove"></span> Вы заполнили не все поля!');
    }

    $U = new Users($pdo);
    $user_old_password = $U->convert_password($user_old_password, $conf->salt);

    $STH = $pdo->prepare("SELECT `password` FROM `users` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':id' => $_SESSION['id'] ));
    $row = $STH->fetch();

    if ($user_old_password != $row->password) {
        exit('<span class="m-icon icon-remove"></span> Неверно введен текущий пароль!');
    }

    if(!$U->check_password_length($user_password)) {
        exit('<span class="m-icon icon-remove"></span> Пароль должен состоять не менее чем из 6 символов и не более чем из 15.');
    }

    if ($user_password != $user_password2) {
        exit('<span class="m-icon icon-remove"></span> Новые пароли не совпадают!');
    }

    if ($host == 'demo.worksma.ru' and $_SESSION['id'] == '2') {
        exit('<span class="m-icon icon-remove"></span> Менять пароль на данном аккаунте запрещено!');
    }

    $user_password = $U->convert_password($user_password, $conf->salt);

    $STH = $pdo->prepare("UPDATE users SET password=:user_password WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':user_password' => $user_password));

    $_SESSION['cache'] = $SC->get_cache($user_password);
    $SC->set_cookie("cache", $_SESSION['cache']);

    exit('<span class="m-icon icon-ok"></span> Пароль успешно изменен!');
}
if (isset($_POST['edit_user_avatar'])) {
    if (empty($_FILES['user_avatar']['name'])) {
        exit('<span class="m-icon icon-remove"></span> Выберите изображение!');
    } else {
        $path = 'files/avatars/';
        $STH = $pdo->query("SELECT gif_avatar FROM users WHERE id='$_SESSION[id]' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        if (if_gif($_FILES['user_avatar']['name']) && !$row->gif_avatar) {
            exit('<span class="m-icon icon-remove"></span> Нет доступа!');
        } else if (if_img($_FILES['user_avatar']['name'])) {
            $filename = set_temp_file_name($_FILES['user_avatar']['name']);
            $source = $_FILES['user_avatar']['tmp_name'];
            $target = '../'.$path . $filename;
            if (!move_uploaded_file($source, $target)) {
                exit('<span class="m-icon icon-remove"></span> Ошибка загрузки файла!');
            }
            if (if_png($filename)) {
                $im = imagecreatefrompng('../'.$path . $filename);
            }
            if (if_jpg($filename)) {
                $im = imagecreatefromjpeg('../'.$path . $filename);
            }
            $date = time();
            if (if_gif($filename)) {
                if(empty($size)) {
                    $size = 300;
                }
                $w = $size;
                $w_src = imagesx($im);
                $h_src = imagesy($im);
                $dest = imagecreatetruecolor($w, $w);
                if($w_src > $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, round((max($w_src, $h_src) - min($w_src, $h_src)) / 2), 0, $w, $w, min($w_src, $h_src), min($w_src, $h_src));
                }
                if($w_src < $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, 0, 0, $w, $w, min($w_src, $h_src), min($w_src, $h_src));
                }
                if($w_src == $h_src) {
                    imagecopyresampled($dest, $im, 0, 0, 0, 0, $w, $w, $w_src, $w_src);
                }
                copy($target, $_SERVER["DOCUMENT_ROOT"].'/'.$path.$date.'.gif');
                $user_avatar = $path . $date . ".gif";
            } else {
                clip_image($im, 300, $path.$date);
                $user_avatar = $path . $date . ".jpg";
            }
            unlink('../'.$path . $filename);
            $STH = $pdo->query("SELECT avatar FROM users WHERE id='$_SESSION[id]'"); $STH->setFetchMode(PDO::FETCH_OBJ);
            $tmp = $STH->fetch();
            if ($tmp->avatar != 'files/avatars/no_avatar.jpg') {
                if(file_exists('../'.$tmp->avatar)) {
                    unlink('../'.$tmp->avatar);
                }
            }
        } else {
            exit('<span class="m-icon icon-remove"></span> Аватар должен быть в формате JPG,GIF или PNG');
        }
        $STH = $pdo->prepare("UPDATE users SET avatar=:user_avatar WHERE id='$_SESSION[id]' LIMIT 1");
        $STH->execute(array(':user_avatar' => $user_avatar));
        echo '<span class="m-icon icon-ok"></span> Аватар изменен! <script>document.getElementById("avatar").src = "'.$user_avatar.'" </script>';
    }
    exit();
}

if (isset($_POST['edit_signature'])) {
    $signature = HTMLPurifier()->purify($_POST['signature']);
    $signature = find_img_mp3($signature, $_SESSION['id'], 1);

    if (mb_strlen($signature, 'UTF-8') > 1000) {
        exit('<span class="m-icon icon-remove"></span> Слишком длинный контент.');
    }

    $STH = $pdo->prepare("UPDATE users SET signature=:signature WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array(':signature' => $signature));

    write_log("Подпись изменена");
    exit('<span class="m-icon icon-ok"></span> Подпись изменена!');
}
/* Друзья
=========================================*/
if (isset($_POST['load_friends'])) {
    $id = checkJs($_POST['id'],"int");
    if(isset($_POST['login'])) {
        $login = check($_POST['login'],null);

        if (empty($login)) {
            exit('<div class="col-md-12">Введите логин пользователя</div>');
        }
    }

    if (empty($id)) {
        exit();
    }

    $i = 0;
    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    $tpl->result['content'] = '';
    if(isset($login)) {
        $STH = $pdo->prepare("SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends
            LEFT JOIN users ON users__friends.id_taker = users.id
            WHERE (users__friends.id_sender='$id') AND users__friends.accept='1' AND users.login LIKE :login
            UNION SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends
            LEFT JOIN users ON users__friends.id_sender = users.id
            WHERE (users__friends.id_taker='$id') AND users__friends.accept='1' AND users.login LIKE :login"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $STH->execute(array(":login" => "%".strip_data($login)."%"));
    } else {
        $STH = $pdo->query("SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends
            LEFT JOIN users ON users__friends.id_taker = users.id
            WHERE (users__friends.id_sender='$id') AND users__friends.accept='1'
            UNION SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends
            LEFT JOIN users ON users__friends.id_sender = users.id
            WHERE (users__friends.id_taker='$id') AND users__friends.accept='1'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    }
    while($row = $STH->fetch()) {
        $gp = $users_groups[$row->rights];
        $tpl->load_template('elements/friend.tpl');
        $tpl->set("{login}", $row->login);
        $tpl->set("{id}", $row->id);
        $tpl->set("{avatar}", $row->avatar);
        $tpl->set("{date1}", expand_date($row->regdate,2));
        $tpl->set("{nick}", $row->nick);
        $tpl->set("{name}", $row->name);
        $tpl->set("{date2}", expand_date($row->birth,2));
        $tpl->set("{skype}", $row->skype);
        $tpl->set("{vk}", $row->vk);
        $tpl->set("{gp_color}", $gp['color']);
        $tpl->set("{gp_name}", $gp['name']);
        $tpl->set("{type}", 1);
        $tpl->compile( 'content' );
        $tpl->clear();
        $i++;
    }

    if ($i == 0){
        if(isset($login)) {
            exit('<div class="col-md-12">Пользователь с данным логином не найден.</div>');
        } else {
            if($id == $_SESSION['id']) {
                exit('<div class="col-md-12">У Вас нет друзей. <a href="../users">Добавить друга?</a></div>');
            } else {
                exit('<div class="col-md-12">Друзей нет</div>');
            }
        }
    } else {
        $tpl->show($tpl->result['content']);
        $tpl->global_clear();
    }
    exit();
}
if (isset($_POST['load_friend_requests'])) {
    $type = check($_POST['type'], null);
    $id = $_SESSION['id'];

    $i = 0;
    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    $tpl->result['content'] = '';
    if($type == 'un') {
        $STH = $pdo->query("SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends LEFT JOIN users ON users__friends.id_taker = users.id WHERE (id_sender='$id') AND accept='0'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    } else {
        $STH = $pdo->query("SELECT users.id, users.login, users.avatar, users.nick, users.birth, users.skype, users.vk, users.rights, users.regdate, users.name FROM users__friends LEFT JOIN users ON users__friends.id_sender = users.id WHERE (id_taker='$id') AND accept='0'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    }
    while($row = $STH->fetch()) {
        $gp = $users_groups[$row->rights];
        $tpl->load_template('elements/friend.tpl');
        $tpl->set("{login}", $row->login);
        $tpl->set("{id}", $row->id);
        $tpl->set("{avatar}", $row->avatar);
        $tpl->set("{date1}", expand_date($row->regdate,2));
        $tpl->set("{nick}", $row->nick);
        $tpl->set("{name}", $row->name);
        $tpl->set("{date2}", expand_date($row->birth,2));
        $tpl->set("{skype}", $row->skype);
        $tpl->set("{vk}", $row->vk);
        $tpl->set("{gp_color}", $gp['color']);
        $tpl->set("{gp_name}", $gp['name']);
        if($type == 'un') {
            $tpl->set("{type}", 2);
        } else {
            $tpl->set("{type}", 3);
        }
        $tpl->compile( 'content' );
        $tpl->clear();
        $i++;
    }

    if ($i == 0){
        if($type == 'un') {
            echo '<div class="col-md-12">Исходящих заявок нет.</div>';
        } else {
            echo '<div class="col-md-12">Входящих заявок нет.</div>';
        }
    } else {
        $tpl->show($tpl->result['content']);
        $tpl->global_clear();
    }
    exit();
}
if (isset($_POST['add_new_friend'])) {
    $id = checkJs($_POST['id'],"int");

    if(empty($id)) {
        exit (json_encode(['status' => '2', 'message' => 'Не указан ID']));
    }

    $STH = $pdo->query("SELECT id FROM users WHERE id='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (empty($row->id)) {
        exit (json_encode(['status' => 2, 'message' => 'Пользователя не существует']));
    }

    $STH = $pdo->query("SELECT id FROM users__friends WHERE (id_sender='$id' and id_taker='$_SESSION[id]') or (id_sender='$_SESSION[id]' and id_taker='$id')"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (isset($row->id)) {
        exit (json_encode(['status' => 2, 'message' => 'Заявка уже существует']));
    }

    if(isOnHisBlacklist($pdo, $id)) {
        exit (json_encode(['status' => 2, 'message' => 'Вы в черном списке']));
    }

    $STH = $pdo->prepare("INSERT INTO users__friends (id_sender,id_taker,accept) values (:id_sender, :id_taker, :accept)");
    $STH->execute(array('id_sender' => $_SESSION['id'], 'id_taker' => $id, 'accept' => '0'));

    exit (json_encode(['status' => 1, 'message' => 'Заявка отправлена']));
}
if (isset($_POST['cancel_friend'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit (json_encode(['status' => 2, 'message' => 'Не указан ID']));
    }

    $STH = $pdo->prepare("DELETE FROM users__friends WHERE id_sender=:id_sender AND id_taker=:id_taker LIMIT 1");
    $STH->execute([':id_sender' => $_SESSION['id'], ':id_taker' => $id]);

    exit (json_encode(['status' => 1, 'message' => 'Заявка отменена']));
}
if (isset($_POST['reject_friend'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit (json_encode(['status' => 2, 'message' => 'Не указан ID']));
    }

    $STH = $pdo->prepare("DELETE FROM users__friends WHERE id_sender=:id_sender AND id_taker=:id_taker LIMIT 1");
    $STH->execute([':id_taker' => $_SESSION['id'], ':id_sender' => $id]);

    exit (json_encode(['status' => 1, 'message' => 'Заявка удалена']));
}
if (isset($_POST['take_friend'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit (json_encode(['status' => 2, 'message' => 'Не указан ID']));
    }

    $STH = $pdo->query("SELECT id FROM users WHERE id='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (empty($row->id)){
        exit (json_encode(['status' => 2, 'message' => 'Пользователя не существует']));
    }

    $STH = $pdo->prepare("UPDATE users__friends SET accept = 1 WHERE id_sender=:id_sender AND id_taker=:id_taker LIMIT 1");
    $STH->execute([':id_taker' => $_SESSION['id'], ':id_sender' => $id]);

    exit (json_encode(['status' => 1, 'message' => 'Заявка принята']));
}
if (isset($_POST['dell_friend'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit (json_encode(['status' => 2, 'message' => 'Не указан ID']));
    }

    $STH = $pdo->prepare("DELETE FROM users__friends WHERE (id_sender=:id_sender AND id_taker=:id_taker) OR (id_sender=:id_taker AND id_taker=:id_sender) LIMIT 1");
    $STH->execute([':id_taker' => $_SESSION['id'], ':id_sender' => $id]);

    exit (json_encode(['status' => 1, 'message' => 'Друг удален']));
}
if (isset($_POST['load_col_infriends'])) {
    $STH = $pdo->prepare("SELECT `id` FROM `users__friends` WHERE (`id_taker`=:id) AND accept='0'");
    $STH->execute(array( ':id' => $_SESSION['id'] ));
    $row = $STH->fetchAll();
    $count = count($row);

    if ($count > 0) {
        echo "(+".$count.")";
    }
    exit();
}

/* Новости
=========================================*/
if (isset($_POST['send_new_comment'])) {
    $id = checkJs($_POST['id'],"int");

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $id, 1);

    if (empty($id)) {
        exit ();
    }

    if (empty($text)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!')));
    }

    if (mb_strlen($text, 'UTF-8') > 10000) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.')));
    }
    $date = date("Y-m-d H:i:s");

    $STH = $pdo->prepare("SELECT `id`, `new_name` FROM `news` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':id' => $id ));
    $row = $STH->fetch();
    if(empty($row->new_name)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Новость не существует')));
    }

    $STH = $pdo->prepare("INSERT INTO `news__comments` (user_id,new_id,text,date) values (:user_id, :new_id, :text, :date)");
    if ($STH->execute(array( 'user_id' => $_SESSION['id'], 'new_id' => $id, 'text' => $text, 'date' => $date )) == '1') {
        $id = get_ai($pdo, "news__comments");
        $id--;

        $ES = new EventsRibbon($pdo);
        $ES->new_new_comment($id, $row->new_name, $row->id);

        /*
            Выдаём опыт
        */
        $l = new Levels;
        $l->add_user_exp($_SESSION['id'], $l->configs()['new_comments']);

        exit (json_encode(array('status' => '1')));
    }
}

/* Добавление бана
=========================================*/
if (isset($_POST['add_ban'])) {
    $server = check($_POST['server'],"int");
    $nick = check($_POST['nick'],null);
    $reason = check($_POST['reason'],null);
    $screens = check($_POST['screens'],null);
    $demo = check($_POST['demo'],null);
    $bid_db = checkJs($_POST['bid_db'], "int");
    $nick_db = checkJs($_POST['nick_db'],null);
    $reason_db = checkJs($_POST['reason_db'],null);

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $_SESSION['id'], 1);

    if (empty($screens)){
        $screens = 0;
    }
    if (empty($demo)){
        $demo = 0;
    } else {
        if(!filter_var($demo, FILTER_VALIDATE_URL)) {
            exit (json_encode(['status' => '2', 'input' => 'demo', 'reply' => 'Введите корректную ссылку!']));
        }
    }
    if (empty($bid_db)){
        $bid_db = 0;
    }
    if (empty($server)) {
        exit (json_encode(array('status' => '2', 'input' => 'server', 'reply' => 'Заполните!')));
    }
    if (empty($text)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!')));
    }
    if (!empty($bid_db) or !empty($nick_db) or !empty($reason_db)){
        if (empty($bid_db) or empty($nick_db) or empty($reason_db)){
            exit(json_encode(array('status' => '2')));
        }
    }
    if (mb_strlen($demo, 'UTF-8') > 250) {
        exit (json_encode(array('status' => '2', 'input' => 'demo', 'reply' => 'Не более 250 символов!')));
    }

    if (!empty($bid_db)){
        if (empty($nick_db)) {
            exit (json_encode(array('status' => '2', 'input' => 'nick_db', 'reply' => 'Заполните!')));
        }
        if (empty($reason_db)) {
            exit (json_encode(array('status' => '2', 'input' => 'reason_db', 'reply' => 'Заполните!')));
        }
        if (mb_strlen($nick_db, 'UTF-8') > 250) {
            exit (json_encode(array('status' => '2', 'input' => 'nick_db', 'reply' => 'Не более 250 символов!')));
        }
        if (mb_strlen($reason_db, 'UTF-8') > 250) {
            exit (json_encode(array('status' => '2', 'input' => 'reason_db', 'reply' => 'Не более 250 символов!')));
        }
        $nick = $nick_db;
        $reason = $reason_db;
        if(empty($reason)) {
            $reason = 'empty';
        }
    } else {
        if (empty($nick)) {
            exit (json_encode(array('status' => '2', 'input' => 'nick', 'reply' => 'Заполните!')));
        }
        if (empty($reason)) {
            exit (json_encode(array('status' => '2', 'input' => 'reason', 'reply' => 'Заполните!')));
        }
        if (mb_strlen($nick, 'UTF-8') > 250) {
            exit (json_encode(array('status' => '2', 'input' => 'nick', 'reply' => 'Не более 250 символов!')));
        }
        if (mb_strlen($reason, 'UTF-8') > 250) {
            exit (json_encode(array('status' => '2', 'input' => 'reason', 'reply' => 'Не более 250 символов!')));
        }
    }

    $STH = $pdo->query("SELECT date FROM bans WHERE author='$_SESSION[id]' ORDER BY date DESC LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();

    if(isset($row->date)) {
        $delta = time() - strtotime($row->date);
        if ($delta < (24*60*60)) {
            exit (json_encode(array('status' => '3')));
        }
    }

    if (!empty($bid_db)){
        $STH = $pdo->query("SELECT id,ip,port,db_host,db_user,db_pass,db_db,db_prefix,type,db_code FROM servers WHERE type!=0 and type!=1 and id='$server'"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();

        $STH = $pdo->query("SELECT * FROM config__prices LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $bans_conf = $STH->fetch();

        $db_host = $row->db_host;
        $db_user = $row->db_user;
        $db_pass = $row->db_pass;
        $db_db = $row->db_db;
        $db_prefix = $row->db_prefix;
        $address = $row->ip.':'.$row->port;
        $ip = $row->ip;
        $port = $row->port;
        $type = $row->type;
        if(!$pdo2 = db_connect($db_host, $db_db, $db_user, $db_pass)) {
            exit(json_encode(array('status' => '2')));
        }
        set_names($pdo2, $row->db_code);

        if ($type == '2' || $type == '3' || $type == '5') {
            $table = set_prefix($db_prefix, 'bans');
            $STH = $pdo2->query("SELECT bid, player_nick as name FROM $table WHERE server_ip = '$address' and bid='$bid_db' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        } else {
            $table = set_prefix($db_prefix, 'servers');
            $STH = $pdo2->query("SELECT sid FROM $table WHERE ip='$ip' and port='$port' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
            $row = $STH->fetch();
            $sid = $row->sid;
            $table = set_prefix($db_prefix, 'bans');
            $STH = $pdo2->query("SELECT bid, name FROM $table WHERE (sid = '$sid' OR sid = '0') and bid='$bid_db' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        }
        $row = $STH->fetch();
        if (empty($row->bid)){
            exit(json_encode(array('status' => '2')));
        }

        $nick = check($row->name, null);
    }

    $date = date("Y-m-d H:i:s");
    $STH = $pdo->prepare("INSERT INTO bans (server,nick,reason,text,img,date,author,demo,bid,have_answer) values (:server, :nick, :reason, :text, :img, :date, :author, :demo, :bid, :have_answer)");
    if ($STH->execute(array( 'server' => $server, 'nick' => $nick, 'reason' => $reason, 'text' => $text, 'img' => $screens, 'date' => $date, 'author' => $_SESSION['id'], 'demo' => $demo, 'bid' => $bid_db, 'have_answer' => '0' )) == '1') {
        $STH = $pdo->query("SELECT id FROM bans WHERE date='$date' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();

        incNotifications();
        $letter = letter_of_new_ban($conf->name);
        sendmail('none', $letter['subject'], $letter['message'], $pdo, 1);
        exit (json_encode(array('status' => '1', 'id' => $row->id)));
    }
}
if (isset($_POST['send_ban_comment'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit(json_encode(array('status' => '2')));
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $id, 1);

    if (empty($text)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!')));
    }

    if (mb_strlen($text, 'UTF-8') > 10000) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.')));
    }

    $date = date("Y-m-d H:i:s");

    $STH = $pdo->query("SELECT `bans`.`author`, `bans`.`closed`, `users`.`email`, `users`.`email_notice` FROM `bans` LEFT JOIN `users` ON `users`.`id`=`bans`.`author` WHERE `bans`.`id`='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();

    $STH = $pdo->prepare("INSERT INTO `bans__comments` (`user_id`, `ban_id`, `text`, `date`) values (:user_id, :ban_id, :text, :date)");
    $STH->execute(array( 'user_id' => $_SESSION['id'], 'ban_id' => $id, 'text' => $text, 'date' => $date ));
    if ($row->author != $_SESSION['id']){

        $STH = $pdo->prepare("UPDATE `bans` SET `have_answer`=:have_answer WHERE `id`='$id' LIMIT 1");
        $STH->execute(array( 'have_answer' => '1' ));

        incNotifications();

        $noty = noty_of_ban_answer($id);
        send_noty($pdo, $noty, $row->author, 1);

        if($row->email_notice == 1) {
            $letter = letter_of_ban_answer($id, $full_site_host);
            sendmail($row->email, $letter['subject'], $letter['message'], $pdo);
        }
    } else {
        if($row->closed == 0) {
            $STH = $pdo->prepare("UPDATE `bans` SET `have_answer`=:have_answer WHERE `id`='$id' LIMIT 1");
            $STH->execute(array( 'have_answer' => '0' ));
        }
    }
    exit (json_encode(array('status' => '1')));
}

/* Форум
=========================================*/
if (isset($_POST['add_topic']) and is_worthy("w")) {
    $img = checkJs($_POST['img'],null);
    $name = check($_POST['name'],null);
    $forum_id = checkJs($_POST['id'],"int");
    if (empty($forum_id)) {
        exit(json_encode(array('status' => '2')));
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $forum_id, 1);

    if (empty($name)) {
        exit (json_encode(array('status' => '2', 'input' => 'name', 'reply' => 'Заполните!')));
    }
    if (empty($text)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!')));
    }
    if (mb_strlen($name, 'UTF-8') > 250) {
        exit (json_encode(array('status' => '2', 'input' => 'name', 'reply' => 'Не более 250 символов!')));
    }

    $forum = new Forum($pdo);
    if( $topic = $forum->add_topic($name, $img, $text, $forum_id) ) {

        $ES = new EventsRibbon($pdo);
        $ES->new_topic($topic['id'], $name, $topic['access']);

        write_sitemap($full_site_host."forum/topic?id=".$topic['id']);

        /*
            Выдаём опыт
        */
        $l = new Levels;
        $l->add_user_exp($_SESSION['id'], $l->configs()['add_topic']);

        exit(json_encode(array('status' => '1', 'id' => $topic['id'])));
    } else {
        exit (json_encode(array('status' => '2')));
    }
}
if (isset($_POST['add_topic_img']) and is_worthy("w")) {
    if(isset($_POST['id'])) {
        $id = check($_POST['id'],"int");
    }

    if (empty($_FILES['img']['name'])) {
        exit('<p class="text-danger">Выберите изображение!</p><script>show_input_error("new_img", "", null);setTimeout(show_error, 500);</script>');
    } else {
        $path = 'files/forums_imgs/';
        $date = time();

        if (if_jpg($_FILES['img']['name'])) {

            $filename = $_FILES['img']['name'];
            $source = $_FILES['img']['tmp_name'];
            $target = '../'.$path . $filename;
            if (!move_uploaded_file($source, $target)) {
                exit('<p class="text-danger">Ошибка загрузки файла!</p>');
            }

            $im = imagecreatefromjpeg('../'.$path . $filename);
            clip_image($im, 300, $path.$date);

            $img = $path.$date.".jpg";
            unlink($target);
        } elseif (if_gif($_FILES['img']['name']) || if_png($_FILES['img']['name'])) {
            $file_type = substr($_FILES['img']['name'], strrpos($_FILES['img']['name'], '.')+1);
            $source = $_FILES['img']['tmp_name'];
            $img = $path.$date.".".$file_type;
            $target = '../'.$img;
            if (!move_uploaded_file($source, $target)) {
                exit('<p class="text-danger">Ошибка загрузки файла!</p>');
            }
        } else {
            exit('<p class="text-danger">Изображение должно быть в формате JPG,GIF или PNG</p><script>show_input_error("new_img", "", null);setTimeout(show_error, 500);</script>');
        }

        if(!empty($id)) {
            $STH = $pdo->query("SELECT `img` FROM `forums__topics` WHERE id='$id'"); $STH->setFetchMode(PDO::FETCH_OBJ);
            $tmp = $STH->fetch();
            if ($tmp->img != 'files/forums_imgs/none.jpg') {
                unlink('../'.$tmp->img);
            }
        }

        echo '<script>$("#pic").attr("src","../'.$img.'");setTimeout(show_ok, 500);</script><input value="'.$img.'" type="hidden" id="topic_img" maxlength="255" autocomplete="off">';
    }
    exit();
}
if (isset($_POST['send_answer'])) {
    $topic_id = checkJs($_POST['id'],"int");
    if (empty($topic_id)) {
        exit(json_encode(array('status' => '2')));
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $topic_id, 1);

    if (empty($text)) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!')));
    }
    if (mb_strlen($text, 'UTF-8') > 10000) {
        exit (json_encode(array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.')));
    }

    $forum = new Forum($pdo);
    if( $answer = $forum->add_answer($topic_id, $text) ) {
        $ES = new EventsRibbon($pdo);
        $ES->new_answer($answer['answer'], $answer['topic'], $answer['name'], $answer['access']);

        /*
            Выдаём опыт
        */
        $l = new Levels;
        $l->add_user_exp($_SESSION['id'], $l->configs()['send_answer']);

        exit(json_encode(array('status' => '1')));
    } else {
        exit(json_encode(array('status' => '2')));
    }
}
if (isset($_POST['thank'])) {
    $id = checkJs($_POST['id'],"int");
    $type = checkJs($_POST['type'],"int");

    if (empty($id)) {
        exit(json_encode(array('status' => '2')));
    }
    if (empty($type)) {
        $type = 0;
    }

    $Forum = new Forum($pdo);
    if($Forum->thank($id, $type)) {
        exit (json_encode(array('status' => '1', 'idd' => $_SESSION['id'], 'login' => $_SESSION['login'])));
    } else {
        exit (json_encode(array('status' => '2')));
    }
}
/* Поддержка
=========================================*/
if (isset($_POST['load_tickets'])){
    $id = checkJs($_POST['id'],"int");
    if (empty($id)) {
        exit ();
    }

    $i=0;

    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    $STH = $pdo->query("SELECT id,name,status,date,have_answer FROM tickets WHERE author='$id' ORDER BY date DESC"); $STH->setFetchMode(PDO::FETCH_OBJ);
    while($row = $STH->fetch()) {
        $i++;
        if ($row->status == '1'){
            if($row->have_answer == 0) {
                $color = 'warning';
                $status = 'Ожидает ответа';
            } else {
                $color = 'info';
                $status = 'Есть ответ';
            }
        } else {
            $status = 'Закрыт';
            $color = 'success';
        }
        $tpl->load_template('elements/ticket.tpl');
        $tpl->set("{status}", $status);
        $tpl->set("{color}", $color);
        $tpl->set("{i}", $i);
        $tpl->set("{id}", $row->id);
        $tpl->set("{name}", $row->name);
        $tpl->set("{date}", expand_date($row->date,7));
        $tpl->compile( 'content' );
        $tpl->clear();
    }

    if ($i == 0){
        exit('<tr><td colspan="10">Вы не создавали тикетов</td></tr>');
    } else {
        $tpl->show($tpl->result['content']);
        $tpl->global_clear();
    }
    exit();
}
if (isset($_POST['add_ticket'])) {
    $file = checkJs($_POST['file'],null);
    $name = check($_POST['name'],null);

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $_SESSION['id'], 1);

    if (empty($file)) {
        $file = 'none';
    }

    if (empty($name)) {
        $result = array('status' => '2', 'input' => 'name', 'reply' => 'Заполните!');
        exit (json_encode($result));
    }

    if (empty($text)) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!');
        exit (json_encode($result));
    }

    if (mb_strlen($name, 'UTF-8') > 255) {
        $result = array('status' => '2', 'input' => 'name', 'reply' => 'Не более 255 символов!');
        exit (json_encode($result));
    }

    if (mb_strlen($text, 'UTF-8') > 10000) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.');
        exit (json_encode($result));
    }

    $STH = $pdo->query("SELECT date FROM tickets WHERE author='$_SESSION[id]' ORDER BY date DESC LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if(isset($row->date)) {
        $delta = time() - strtotime($row->date);
        $ticket_interval = 3; //раз в 3 часа
        if ($delta < ($ticket_interval*60*60)) {
            exit (json_encode(array('status' => '3', 'ticket_interval' => $ticket_interval)));
        }
    }

    $date = date("Y-m-d H:i:s");
    $STH = $pdo->prepare("INSERT INTO tickets (name,text,files,status,date,author,last_answer,closed,have_answer) values (:name, :text, :files, :status, :date, :author, :last_answer, :closed, :have_answer)");
    if ($STH->execute(array( 'name' => $name, 'text' => $text, 'files' => $file, 'status' => '1', 'date' => $date, 'author' => $_SESSION['id'], 'last_answer' => $date, 'closed' => '0', 'have_answer' => '0' )) == '1') {
        $STH = $pdo->query("SELECT id FROM tickets WHERE date='$date' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();

        incNotifications();
        $letter = letter_of_new_ticket($conf->name);
        sendmail('none', $letter['subject'], $letter['message'], $pdo, 1);
        exit (json_encode(array('status' => '1', 'id' => $row->id)));
    }
}
if (isset($_POST['close_ticket'])) {
    $id = check($_POST['id'],"int");
    if (empty($id)){
        exit(json_encode(array('status' => '2')));
    }
    $STH = $pdo->query("SELECT `tickets`.`author`, `users`.`email`, `users`.`email_notice` FROM `tickets` LEFT JOIN `users` ON `users`.`id`=`tickets`.`author` WHERE `tickets`.`id`='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (!empty($row->author)){
        if (($row->author == $_SESSION['id']) or (is_worthy("p"))){
            $STH = $pdo->prepare("UPDATE `tickets` SET `status`=:status, `closed`=:closed, `have_answer`=:have_answer WHERE `id`='$id' LIMIT 1");
            if ($STH->execute(array( 'status' => '2', 'closed' => $_SESSION['id'], 'have_answer' => '1' )) == '1') {
                if ($row->author != $_SESSION['id']) {
                    incNotifications();

                    $noty = close_ticket_noty($id);
                    send_noty($pdo, $noty, $row->author, 1);

                    if($row->email_notice == 1) {
                        $letter = close_ticket_letter($id, $full_site_host);
                        sendmail($row->email, $letter['subject'], $letter['message'], $pdo);
                    }
                }

                exit (json_encode(array('status' => '1')));
            }
        }
    }
    exit(json_encode(array('status' => '2')));
}
if (isset($_POST['send_ticket_answer'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit (json_encode(array('status' => '2')));
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $id, 1);

    if (empty($text)) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!');
        exit (json_encode($result));
    }

    if (mb_strlen($text, 'UTF-8') > 10000) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.');
        exit (json_encode($result));
    }

    $STH = $pdo->query("SELECT `tickets`.`author`, `tickets`.`closed`, `users`.`email`, `users`.`email_notice` FROM `tickets` LEFT JOIN `users` ON `users`.`id`=`tickets`.`author` WHERE `tickets`.`id`='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();

    if (($row->author != $_SESSION['id']) and (!is_worthy("p"))){
        exit (json_encode(array('status' => '2')));
    }

    if ($row->closed != 0){
        exit (json_encode(array('status' => '2')));
    }

    $date = date("Y-m-d H:i:s");

    $STH = $pdo->prepare("INSERT INTO `tickets__answers` (`author`, `ticket`, `text`, `date`) values (:author, :ticket, :text, :date)");
    if ($STH->execute(array( 'author' => $_SESSION['id'], 'ticket' => $id, 'text' => $text, 'date' => $date )) == '1') {
        $STH = $pdo->prepare("UPDATE `tickets` SET `last_answer`=:last_answer WHERE `id`='$id' LIMIT 1");
        $STH->execute(array( 'last_answer' => $date ));
        if (is_worthy("p")){
            $STH = $pdo->prepare("UPDATE `tickets` SET `have_answer`=:have_answer WHERE `id`='$id' LIMIT 1");
            $STH->execute(array( 'have_answer' => '1' ));

            incNotifications();

            $noty = noty_of_ticket_answer($id);
            send_noty($pdo, $noty, $row->author, 1);

            if($row->email_notice == 1) {
                $letter = letter_of_ticket_answer($id, $full_site_host);
                sendmail($row->email, $letter['subject'], $letter['message'], $pdo);
            }
        } else {
            $STH = $pdo->prepare("UPDATE `tickets` SET `have_answer`=:have_answer WHERE `id`='$id' LIMIT 1");
            $STH->execute(array( 'have_answer' => '0' ));
        }
        exit (json_encode(array('status' => '1')));
    }

    exit (json_encode(array('status' => '2')));
}
if (isset($_POST['load_ticket_answers'])) {
    $id = checkJs($_POST['id'],"int");
    $i = 0;

    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    $tpl->result['content'] = '';
    $STH = $pdo->query("SELECT tickets__answers.*, users.login, users.avatar, users.rights, users.id AS us_id FROM tickets__answers LEFT JOIN users ON tickets__answers.author = users.id WHERE ticket = '$id' ORDER BY id DESC"); $STH->setFetchMode(PDO::FETCH_OBJ);
    while($row = $STH->fetch()) {
        $gp = $users_groups[$row->rights];
        $date = expand_date($row->date,8);
        $i++;
        $tpl->load_template('elements/comment.tpl');
        $tpl->set("{id}", $row->id);
        $tpl->set("{dell}", '');
        $tpl->set("{login}", $row->login);
        $tpl->set("{avatar}", $row->avatar);
        $tpl->set("{text}", $row->text);
        $tpl->set("{date_short}", $date['short']);
        $tpl->set("{date_full}", $date['full']);
        $tpl->set("{user_id}", $row->us_id);
        $tpl->set("{gp_color}", $gp['color']);
        $tpl->set("{gp_name}", $gp['name']);
        $tpl->compile( 'content' );
        $tpl->clear();
    }
    if ($i == 0){
        echo '<span class="empty-element">Сообщений не найдено</span>';
    } else {
        $tpl->show($tpl->result['content']);
        $tpl->global_clear();
    }
    exit();
}
/* Стена
=========================================*/
if (isset($_POST['send_user_comment'])) {
    $id = checkJs($_POST['id'],"int");

    if (empty($id)) {
        exit ();
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $id, 1);
    $text = str_replace('="files/', '="../files/', $text);

    if (empty($text)) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Заполните!');
        exit (json_encode($result));
    }

    if (mb_strlen($text, 'UTF-8') > 5000) {
        $result = array('status' => '2', 'input' => 'text', 'reply' => 'Слишком длинный контент.');
        exit (json_encode($result));
    }

    $STH = $pdo->query("SELECT id FROM users__friends WHERE ((id_sender='$id' and id_taker='$_SESSION[id]') or (id_sender='$_SESSION[id]' and id_taker='$id')) and (accept='1') LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (empty($row->id)){
        if ($_SESSION['id'] != $id){
            exit(json_encode(array('status' => '2')));
        }
    }

    $STH = $pdo->prepare("INSERT INTO users__comments (author,user_id,text,date) values (:author, :user_id, :text, :date)");
    if ($STH->execute(array( 'author' => $_SESSION['id'], 'user_id' => $id, 'text' => $text, 'date' => date("Y-m-d H:i:s") )) == '1') {
        /*
            Выдаём опыт
        */
        $l = new Levels;
        $l->add_user_exp($_SESSION['id'], $l->configs()['send_user_comment']);

        exit (json_encode(array('status' => '1')));
    }
}
if (isset($_POST['dell_user_comment'])){
    $id = checkJs($_POST['id'],"int");
    if (empty($id)) {
        exit ();
    }
    $STH = $pdo->query("SELECT user_id FROM users__comments WHERE id='$id' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();
    if (($_SESSION['id'] != $row->user_id) and (!is_worthy("y"))){
        exit(json_encode(array('status' => '2')));
    }
    $pdo->exec("DELETE FROM users__comments WHERE id='$id' LIMIT 1");
    exit(json_encode(array('status' => '1')));
}
/* Загрузка rar, zip, 7z, jpg, jpeg, png
=========================================*/
if (isset($_POST['load_file'])) {
    if (empty($_FILES['file']['name'])) {
        exit('<script>show_input_error("file", "", null);setTimeout(show_error, 500);</script>');
    } else {
        $path = 'files/files/';
        $date = time();

        if (if_img($_FILES['file']['name']) || if_archive($_FILES['file']['name'])) {
            $file_type = substr($_FILES['file']['name'], strrpos($_FILES['file']['name'], '.')+1);
            $source = $_FILES['file']['tmp_name'];
            $file = $path.$date.".".$file_type;
            $target = '../'.$file;
            if (!move_uploaded_file($source, $target)) {
                exit('<p class="text-danger">Ошибка загрузки файла!</p>');
            }
        } else {
            exit('<script>$("#load_error_message").css("color", "#B74747")</script>');
        }
        exit('<input value="'.$file.'" type="hidden" id="loaded_file" maxlength="255" autocomplete="off">
            <p class="text-success"></span>Файл загружен! <span class="m-icon icon-ok"></p>
            ');
    }
}
/* Банлист
=========================================*/
if (isset($_POST['search_ban2'])) {
    $bid = checkJs($_POST['ban'], "int");
    $server = checkJs($_POST['server'], null);
    if (empty($bid) or empty($server)){
        exit();
    }

    $STH = $pdo->query("SELECT id,ip,port,db_host,db_user,db_pass,db_db,db_prefix,type,db_code FROM servers WHERE type!=0 and type!=1 and id='$server'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();

    $STH = $pdo->query("SELECT * FROM config__prices LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $bans_conf = $STH->fetch();

    $db_host = $row->db_host;
    $db_user = $row->db_user;
    $db_pass = $row->db_pass;
    $db_db = $row->db_db;
    $db_prefix = $row->db_prefix;
    $address = $row->ip.':'.$row->port;
    $ip = $row->ip;
    $port = $row->port;
    $type = $row->type;
    if(!$pdo2 = db_connect($db_host, $db_db, $db_user, $db_pass)) {
        exit('<span class="empty-element">Не удалось подключиться к базе данных</span>');
    }
    set_names($pdo2, $row->db_code);

    if ($type == '2' || $type == '3' || $type == '5') {
        $table = set_prefix($db_prefix, 'bans');
        $STH = $pdo2->prepare("SELECT player_nick,ban_reason,ban_length,bid,expired,player_ip,player_id,ban_created FROM $table WHERE server_ip = '$address' and bid=:bid LIMIT 1");
        $STH->execute(array(':bid' => $bid));
    } else {
        $table = set_prefix($db_prefix, 'servers');
        $STH = $pdo2->query("SELECT sid FROM $table WHERE ip='$ip' and port='$port' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        $sid = $row->sid;
        $table = set_prefix($db_prefix, 'bans');
        $STH = $pdo2->prepare("SELECT bid,ip AS player_ip,RemoveType AS expired,authid AS player_id,name AS player_nick,created AS ban_created,length AS ban_length,reason AS ban_reason FROM $table WHERE (sid = '$sid' OR sid = '0') and bid=:bid LIMIT 1");
        $STH->execute(array(':bid' => $bid));
    }
    $result = $STH->fetchAll();

    $disp = "";
    $player_nick = check($result['0']['player_nick'], null);
    if(empty($result['0']['ban_reason'])) {
        $ban_reason = 'Неизвестно';
    } else {
        $ban_reason = check($result['0']['ban_reason'], null);
    }

    if ($type == '2' || $type == '3' || $type == '5') {
        $ban_length = $result['0']['ban_length']*60;
    } else {
        $ban_length = $result['0']['ban_length'];
    }
    $ban_created = $result['0']['ban_created'];
    if ($result['0']['expired'] == 1 or $result['0']['expired'] == "E" or $result['0']['expired'] == "U"){
        $color = "success";
        $disp = "disp-n";
        $time = expand_date(date("Y-m-d H:i:s", ($ban_created+$ban_length)), 1);
    } else {
        if ($ban_length == 0){
            $color = "danger";
            $time =  'Никогда';
            $price = $bans_conf->price3;
        } else {
            $now = time();
            $ban_created = $result['0']['ban_created'];
            $time = expand_date(date("Y-m-d H:i:s", ($ban_created+$ban_length)), 1);
            if (($ban_created+$ban_length) < $now){
                $color = "success";
                $disp = "disp-n";
            } else {
                $color = "danger";
                $date = diff_date(date("Y-m-d H:i:s", ($ban_created+$ban_length)), date("Y-m-d H:i:s"));
                if ($date['2'] < '7' and $date['1']=='0' and $date['0']=='0'){
                    $price = $bans_conf->price1;
                } else {
                    $price = $bans_conf->price2;
                }
            }
        }
    }

    if (empty($result['0']['bid'])){
        exit('<div class="panel panel-default mt-10"><div class="panel-body">Бан не найден</div></div>');
    }

    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';

    $tpl->load_template('elements/search_ban2.tpl');
    $tpl->set("{bid}", $result['0']['bid']);
    $tpl->set("{player_ip}", isNeedHidePlayerId() ? hidePlayerId($result['0']['player_ip']) : $result['0']['player_ip']);
    $tpl->set("{player_id}", isNeedHidePlayerId() ? hidePlayerId($result['0']['player_id']) : $result['0']['player_id']);
    $tpl->set("{player_nick}", $player_nick);
    $tpl->set("{ban_reason}", $ban_reason);
    $tpl->set("{time}", $time);
    $tpl->set("{color}", $color);
    $tpl->compile( 'content' );
    $tpl->clear();

    $tpl->show($tpl->result['content']);
    $tpl->global_clear();
    exit();
}
if (isset($_POST['find_bans'])) {
    $server = checkJs($_POST['server'], "int");
    $name = check($_POST['ban'], null);

    if (empty($server)){
        exit(json_encode(array('status' => '2', 'data' => '<tr><td colspan="10">Ошибка: [Неизвестные переменные]</td></tr>')));
    }

    if (empty($name)){
        exit(json_encode(array('status' => '2', 'data' => '<tr><td colspan="10">Бан не найден</td></tr>')));
    }

    $STH = $pdo->query("SELECT id,ip,port,name,db_host,db_user,db_pass,db_db,db_prefix,type,db_code FROM servers WHERE type!=0 and type!=1 and id='$server'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $row = $STH->fetch();

    $db_host = $row->db_host;
    $db_user = $row->db_user;
    $db_pass = $row->db_pass;
    $db_db = $row->db_db;
    $db_prefix = $row->db_prefix;
    $address = $row->ip.':'.$row->port;
    $ip = $row->ip;
    $port = $row->port;
    $type = $row->type;
    $server_name = $row->name;
    if(!$pdo2 = db_connect($db_host, $db_db, $db_user, $db_pass)) {
        exit(json_encode(array('status' => '2', 'data' => '<tr><td colspan="10">Не удалось подключиться к базе данных</td></tr>')));
    }
    set_names($pdo2, $row->db_code);

    $i=0;
    $table = set_prefix($db_prefix, 'bans');
    if ($type == '2' || $type == '3' || $type == '5') {
        $table = set_prefix($db_prefix, 'bans');
        $STH = $pdo2->prepare("SELECT * FROM $table WHERE server_ip = '$address' and (player_ip LIKE :name or player_nick LIKE :name or player_id LIKE :name ) and (expired = '0' or expired IS NULL) ORDER BY bid DESC"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $STH->execute(array(":name" => getNameLike($name)));
    } else {
        $table = set_prefix($db_prefix, 'servers');
        $STH = $pdo2->query("SELECT sid FROM $table WHERE ip='$ip' and port='$port' LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        $sid = $row->sid;
        $table1 = set_prefix($db_prefix, 'bans');
        $table2 = set_prefix($db_prefix, 'admins');
        $STH = $pdo2->prepare("SELECT $table1.bid,$table1.ip AS player_ip,$table1.RemoveType AS expired,$table1.authid AS player_id,$table1.name AS player_nick,$table1.created AS ban_created,$table1.length AS ban_length,$table1.reason AS ban_reason,$table2.user AS admin_nick,$table2.nick AS admin_nick2 FROM $table1 LEFT JOIN $table2 ON $table1.aid = $table2.aid WHERE ($table1.sid = '$sid' OR  $table1.sid = '0') and ($table1.ip LIKE :name or $table1.authid LIKE :name or $table1.name LIKE :name ) and ($table1.RemoveType IS NULL or $table1.RemoveType = '0') ORDER BY $table1.bid DESC"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $STH->execute(array(":name" => "%".strip_data($name)."%"));
    }
    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    while($row = $STH->fetch()) {
        if ($type == '2' || $type == '3' || $type == '5') {
            $ban_length = $row->ban_length*60;
        } else {
            $ban_length = $row->ban_length;
        }
        if(!isset($row->admin_nick2)) {
            $row->admin_nick2 = null;
        }
        $admin_nick = get_ban_admin_nick($row->admin_nick, $row->admin_nick2, $server_name, $type);

        $ban_length2 = expand_seconds2($ban_length);
        $player_nick = check($row->player_nick, null);
        if(empty($row->ban_reason)) {
            $ban_reason = 'Неизвестно';
        } else {
            $ban_reason = check($row->ban_reason, null);
        }

        if (($ban_length == 0) or (($row->ban_created+$ban_length) > time())){
            $i++;
            if ($ban_length == 0) {
                $time =  'Никогда';
                $color = "danger";
            } else {
                $time = expand_date(date("Y-m-d H:i:s", ($row->ban_created+$ban_length)), 1);
                $color = "info";
            }
            $tpl->load_template('elements/ban_small.tpl');
            $tpl->set("{bid}", $row->bid);
            $tpl->set("{player_nick}", $player_nick);
            $tpl->set("{ban_reason}", $ban_reason);
            $tpl->set("{server}", $server);
            $tpl->set("{time}", $time);
            $tpl->set("{address}", $address);
            $tpl->set("{admin_nick}", $admin_nick);
            $tpl->set("{type}", $type);
            $tpl->set("{player_ip}", isNeedHidePlayerId() ? hidePlayerId($row->player_ip) : $row->player_ip);
            $tpl->set("{player_id}", isNeedHidePlayerId() ? hidePlayerId($row->player_id) : $row->player_id);
            $tpl->set("{ban_length}", $ban_length2);
            $tpl->set("{server_name}", $server_name);
            $tpl->set("{color}", $color);
            $tpl->compile( 'content' );
            $tpl->clear();
        }
    }
    if ($i == 0){
        $tpl->result['content'] = "<tr><td colspan='10'>Бан не найден</td></tr>";
    }
    exit(json_encode(array('status' => '1', 'data' => $tpl->result['content'])));
}
/* Уведомления
=========================================*/
if (isset($_POST['dell_notification'])){
    $id = checkJs($_POST['id'],"int");
    if (empty($id)) {
        exit ();
    }
    $pdo->exec("DELETE FROM notifications WHERE id='$id' and user_id='$_SESSION[id]' LIMIT 1");
    exit ();
}
if (isset($_POST['close_notification'])){
    $id = checkJs($_POST['id'],"int");
    if (empty($id)) {
        exit ();
    }
    $STH = $pdo->prepare("UPDATE notifications SET status=:status WHERE id='$id' and user_id='$_SESSION[id]' LIMIT 1");
    $STH->execute(array( 'status' => '1' ));
    exit ();
}
if (isset($_POST['close_notifications'])){
    $STH = $pdo->prepare("UPDATE notifications SET status=:status WHERE status='0' and user_id='$_SESSION[id]'");
    $STH->execute(array( 'status' => '1' ));
    exit ();
}
if (isset($_POST['dell_notifications'])){
    $STH = $pdo->prepare("DELETE FROM `notifications` WHERE `user_id`=:user_id");
    $STH->execute(array( ':user_id' => $_SESSION['id'] ));
    exit ();
}
if (isset($_POST['on_im'])) {
    $val = checkJs($_POST['val'], "int");
    if ($val != 1 and $val != 2) {
        exit(json_encode(array('status' => '2')));
    }
    $STH = $pdo->prepare("UPDATE users SET im=:val WHERE id='$_SESSION[id]' LIMIT 1");
    if ($STH->execute(array( 'val' => $val )) == '1') {
        exit(json_encode(array('status' => '1')));
    }
}
if (isset($_POST['on_ip_protect'])) {
    $val = checkJs($_POST['val'], "int");
    if ($val != 1 and $val != 2) {
        exit(json_encode(array('status' => '2')));
    }

    $STH = $pdo->prepare("UPDATE users SET protect=:val WHERE id='$_SESSION[id]' LIMIT 1");
    if ($STH->execute(array( 'val' => $val )) == '1') {
        if($val == 1) {
            $SC->ip = get_ip();
        } else {
            $SC->ip = 0;
        }

        $STH = $pdo->prepare("SELECT `password` FROM `users` WHERE `id`=:id LIMIT 1"); $STH->setFetchMode(PDO::FETCH_OBJ);
        $STH->execute(array( ':id' => $_SESSION['id'] ));
        $row = $STH->fetch();

        $_SESSION['cache'] = $SC->get_cache($row->password);
        $SC->set_cookie("cache", $_SESSION['cache']);

        exit(json_encode(array('status' => '1')));
    }
}
if (isset($_POST['on_email_notice'])) {
    $val = checkJs($_POST['val'], "int");
    if ($val != 1 and $val != 2) {
        exit(json_encode(array('status' => '2')));
    }
    $STH = $pdo->prepare("UPDATE users SET email_notice=:val WHERE id='$_SESSION[id]' LIMIT 1");
    if ($STH->execute(array( 'val' => $val )) == '1') {
        exit(json_encode(array('status' => '1')));
    }
}
if (isset($_POST['get_referrals'])) {
    $STH = $pdo->prepare("SELECT `id`, `login`, `avatar`, `regdate` FROM `users` WHERE `invited`=:invited"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':invited' => $_SESSION['id'] ));
    $i = 0;
    while($row = $STH->fetch()) {
        $i++;
        $shilings = 0;
        $STH2 = $pdo->prepare("SELECT `shilings` FROM `money__actions` WHERE `gave_out`=:gave_out"); $STH2->setFetchMode(PDO::FETCH_OBJ);
        $STH2->execute(array( ':gave_out' => $row->id ));
        while($row2 = $STH2->fetch()) {
            $shilings += $row2->shilings;
        }
        ?>
        <tr>
            <td><?php echo $i; ?></td>
            <td>
                <a target="_blank" href="../profile?id=<?php echo $row->id; ?>">
                    <img src="../<?php echo $row->avatar; ?>" alt="<?php echo $row->login; ?>" class="small_us_av"> <?php echo $row->login; ?>
                </a>
            </td>
            <td><?php echo expand_date($row->regdate, 7); ?></td>
            <td><?php echo $shilings; ?></td>
        </tr>
        <?php
    }
    if($i == 0) {
        ?>
        <tr>
            <td colspan="10">
                Рефералы не найдены
            </td>
        </tr>
        <?php
    }
    exit();
}
if (isset($_POST['get_ref_profit'])) {
    $STH = $pdo->prepare("SELECT `users`.`id`, `users`.`login`, `users`.`avatar`, `money__actions`.`date`, `money__actions`.`shilings` FROM `money__actions`
        LEFT JOIN `users` ON `money__actions`.`gave_out` = `users`.`id` WHERE `money__actions`.`author`=:author AND `money__actions`.`type` = '11'"); $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute(array( ':author' => $_SESSION['id'] ));
    $i = 0;
    while($row = $STH->fetch()) {
        $i++;
        ?>
        <tr>
            <td><?php echo $i; ?></td>
            <td>
                <a target="_blank" href="../profile?id=<?php echo $row->id; ?>">
                    <img src="../<?php echo $row->avatar; ?>" alt="user" class="small_us_av"> <?php echo $row->login; ?>
                </a>
            </td>
            <td><?php echo $row->shilings; ?></td>
            <td><?php echo expand_date($row->date, 7); ?></td>
        </tr>
        <?php
    }
    if($i == 0) {
        ?>
        <tr>
            <td colspan="10">
                Зачислений не производилось
            </td>
        </tr>
        <?php
    }
    exit();
}

if(isset($_POST['edit_user_prefix'])) {
    $user_prefix = check($_POST['user_prefix'], null);

    if(mb_strlen($user_prefix, 'UTF-8') > 16) {
        exit('<span class="glyphicon glyphicon-remove"></span> Префикс должен состоять не более чем из 16 символов.');
    }

    if(!empty($user_prefix)) {
        $STH = $pdo->query("SELECT id, login FROM users WHERE prefix='$user_prefix' LIMIT 1");
        $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        if(!empty($row->id) && $row->id != $_SESSION['id']) {
            exit('<p class="text-danger">Введеный Вами префикс занят пользователем <a href="../profile?id=' . $row->id . '" target="_blank">' . $row->login . '</a></p>');
        }

        $date = time() - 24 * 60 * 60 * 1;
        $pdo->exec("DELETE FROM last_actions WHERE date<'$date' and user_id='$_SESSION[id]' and action_type = '5' LIMIT 1");
        $STH = $pdo->query("SELECT id,date FROM last_actions WHERE user_id = '$_SESSION[id]' and action_type = '5'");
        $STH->setFetchMode(PDO::FETCH_OBJ);
        $row = $STH->fetch();
        if(!empty($row->id)) {
            $delta = time() - $row->date;
            if($delta < (24 * 60 * 60 * 1)) {
                exit('<p class="text-danger">Префикс разрешено менять раз в сутки</p>');
            }
        }
    }

    $STH = $pdo->prepare("UPDATE users SET prefix=:user_prefix WHERE id='$_SESSION[id]' LIMIT 1");
    $STH->execute([':user_prefix' => $user_prefix]);

    $STH = $pdo->prepare("INSERT INTO last_actions (user_id,action_type,date) VALUES (:user_id, :action_type, :date)");
    $STH->execute(['user_id' => $_SESSION['id'], 'action_type' => '5', 'date' => time()]);

    write_log("Префикс изменен на " . $user_prefix . " | actions_a.php");
    exit('<span class="glyphicon glyphicon-ok"></span> Ваш префикс изменен!');
}

if (isset($_POST['addToBlackList'])) {
    $userId = checkJs($_POST['userId'], "int");

    if(Users::isUserExists($pdo, $userId) && !isOnMyBlacklist($pdo, $userId)) {
        $STH = $pdo->prepare("INSERT INTO users__black_list (who, whom) VALUES (:who, :whom)");
        $STH->execute(['who' => $_SESSION['id'], 'whom' => $userId]);

        $STH = $pdo->prepare("DELETE FROM users__friends WHERE (id_sender=:friend_id AND id_taker=:my_id) OR (id_sender=:my_id AND id_taker=:friend_id) LIMIT 1");
        $STH->execute(array( ':friend_id' => $userId, ':my_id' => $_SESSION['id'] ));

        exit(json_encode(['status' => '1', 'message' => 'Пользователь добавлен в черный список']));
    } else {
        exit(json_encode(['status' => '2', 'message' => 'Пользователь уже в черном списке']));
    }
}

if (isset($_POST['removeFromBlackList'])) {
    $userId = checkJs($_POST['userId'], "int");

    if($blockId = isOnMyBlacklist($pdo, $userId)) {
        $STH = $pdo->prepare("DELETE FROM users__black_list WHERE id=:id LIMIT 1");
        $STH->execute([':id' => $blockId]);

        exit(json_encode(['status' => '1', 'message' => 'Пользователь удален из черного списка']));
    } else {
        exit(json_encode(['status' => '2', 'message' => 'Пользователь уже удален']));
    }
}

if (isset($_POST['getBlackList'])) {
    $STH = $pdo->prepare("SELECT
                                users.id,
                                users.login,
                                users.avatar
                            FROM
                                users__black_list
                                    LEFT JOIN
                                    users
                                        ON
                                            users__black_list.whom = users.id
                            WHERE users__black_list.who=:who"
    );
    $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute([':who' => $_SESSION['id']]);

    $i = 0;
    while($row = $STH->fetch()) {
        $i++;
        ?>
        <tr>
            <td class="va-m"><?php echo $i; ?></td>
            <td>
                <a target="_blank" href="../profile?id=<?php echo $row->id; ?>">
                    <img src="../<?php echo $row->avatar; ?>" alt="<?php echo $row->login; ?>" class="small_us_av"> <?php echo $row->login; ?>
                </a>
            </td>
            <td>
                <button
                        type="button"
                        class="btn btn-default btn-sm"
                        onclick="removeFromBlackList(<?php echo $row->id; ?>, getBlackList());">
                    Разблокировать
                </button>
            </td>
        </tr>
        <?php
    }
    if($i == 0) {
        ?>
        <tr>
            <td colspan="10">
                Черный список пуст
            </td>
        </tr>
        <?php
    }
    exit();
}

/* Жалобы
=========================================*/
if (isset($_POST['findTheAccused'])) {
    $serverId = checkJs($_POST['server_id'], 'int');
    $accused = check($_POST['accused'], null);

    if (empty($serverId)){
        exit('<tr><td colspan="10">Пусто</td></tr>');
    }

    $tpl = new Template;
    $tpl->dir = '../templates/'.$conf->template.'/tpl/';
    $tpl->result['content'] = '';
    $admins = (new Complaints($pdo, $tpl))->findAccused($serverId, $accused);

    foreach($admins as $admin) {
        $tpl->load_template('elements/complaint_find_result.tpl');
        foreach($admin as $key => $value) {
            $tpl->set('{' . $key . '}', $value);
        }
        $tpl->compile('content');
        $tpl->clear();
    }

    if ($tpl->result['content'] == '') {
        $tpl->result['content'] = '<tr><td colspan="10">Нет результатов</td></tr>';
    }

    $tpl->show($tpl->result['content']);
    exit();
}

if(isset($_POST['setTheAccused'])) {
    $adminId = check($_POST['adminId'], 'int');

    if(empty($adminId)) {
        exit('Ошибка');
    }

    $tpl                    = new Template;
    $tpl->dir               = '../templates/' . $conf->template . '/tpl/';
    $tpl->result['content'] = '';
    $admin                  = (new Complaints($pdo, $tpl))->getAccusedById($adminId);

    if(!empty($admin)) {
        $tpl->load_template('elements/complaint_find_result_card.tpl');
        $tpl->set('{id}', $admin['id']);
        $tpl->set('{user_id}', $admin['user_id']);
        $tpl->set('{avatar}', $admin['avatar']);
        $tpl->set('{login}', $admin['login']);
        $tpl->set('{gp_name}', $admin['gp_name']);
        $tpl->set('{gp_color}', $admin['gp_color']);
        $tpl->set('{name}', $admin['name']);
        $tpl->set('{services}', $admin['services']);
        $tpl->compile('content');
        $tpl->clear();
        $tpl->show($tpl->result['content']);
        exit();
    } else {
        exit('Ошибка');
    }
}

if(isset($_POST['save_user_status'])):
    $message = clean($_POST['message'], null);

    if(isset($message)):
        $message = strip_tags($message);
    else:
        $message = 'none';
    endif;

    if(pdo()->query("UPDATE `users` SET `status_message`='{$message}' WHERE `id`='{$_SESSION['id']}'")):
        exit(json_encode(['alert' => 'success', 'message' => $message]));
    endif;
endif;

if (isset($_POST['addComplaint'])) {
    $accusedId = check($_POST['accusedId'], 'int');
    $screens   = check($_POST['screens'], null);
    $demo      = check($_POST['demo'], null);

    $description = HTMLPurifier()->purify($_POST['description']);
    $description = find_img_mp3($description, $_SESSION['id'], 1);

    if(empty($screens)) {
        $screens = 0;
    }

    if(empty($demo)) {
        $demo = 0;
    } else {
        if(!filter_var($demo, FILTER_VALIDATE_URL)) {
            exit (json_encode(['status' => 2, 'input' => 'demo', 'reply' => 'Введите корректную ссылку!']));
        }
    }

    $accused = empty($accusedId) ? [] : (new Complaints($pdo))->getAccusedById($accusedId);

    if(empty($accused)) {
        exit (json_encode(['status' => 2, 'input' => 'accused', 'reply' => 'Выберите!']));
    }

    if(empty($description)) {
        exit (json_encode(['status' => 2, 'input' => 'description', 'reply' => 'Заполните!']));
    }

    if (mb_strlen($demo, 'UTF-8') > 250) {
        exit (json_encode(array('status' => 2, 'input' => 'demo', 'reply' => 'Не более 250 символов!')));
    }

    $STH = $pdo->prepare("SELECT date FROM complaints WHERE author_id=:author_id ORDER BY date DESC LIMIT 1");
    $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute([':author_id' => $_SESSION['id']]);
    $row = $STH->fetch();

    if(isset($row->date)) {
        if((time() - strtotime($row->date)) < (24 * 60 * 60)) {
            exit (json_encode(['status' => 2, 'input' => 'none', 'reply' => 'Жалобу можно создавать раз в 24 часа']));
        }
    }

    $STH  = $pdo->prepare(
        "INSERT INTO complaints (author_id, accused_admin_server_id, accused_admin_id, accused_admin_nick, screens, date, description, demo, accused_profile_id) values (:author_id, :accused_admin_server_id, :accused_admin_id, :accused_admin_nick, :screens, :date, :description, :demo, :accused_profile_id)"
    );
    $STH->execute(
        [
            'author_id'               => $_SESSION['id'],
            'accused_admin_server_id' => $accused['server_id'],
            'accused_admin_id'        => $accused['id'],
            'accused_admin_nick'      => $accused['name_original'],
            'screens'                 => $screens,
            'date'                    => date('Y-m-d H:i:s'),
            'description'             => $description,
            'demo'                    => $demo,
            'accused_profile_id'      => $accused['user_id']
        ]
    );

    $id = get_ai($pdo, 'complaints') - 1;

    incNotifications();

    $letter = letter_of_new_complaint($conf->name);
    sendmail('none', $letter['subject'], $letter['message'], $pdo, 1);

    $STH = $pdo->prepare("SELECT email, email_notice FROM users WHERE id=:id LIMIT 1");
    $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute([':id' => $accused['user_id']]);
    $row = $STH->fetch();

    if(!empty($row->email)) {
        $noty = noty_of_new_complaint_to_accused($id);
        send_noty($pdo, $noty, $accused['user_id'], 1);

        if($row->email_notice == 1) {
            $letter = letter_of_new_complaint_to_accused($conf->name, $id);
            sendmail($row->email, $letter['subject'], $letter['message'], $pdo);
        }
    }

    exit (json_encode(['status' => 1, 'id' => $id]));
}

if(isset($_POST['sendComplaintComment'])) {
    $id = checkJs($_POST['id'], "int");

    if(empty($id)) {
        exit(json_encode(['status' => 2]));
    }

    $text = HTMLPurifier()->purify($_POST['text']);
    $text = find_img_mp3($text, $id, 1);

    if(empty($text)) {
        exit (json_encode(['status' => 2, 'input' => 'text', 'reply' => 'Заполните!']));
    }

    if(mb_strlen($text, 'UTF-8') > 10000) {
        exit (json_encode(['status' => 2, 'input'  => 'text', 'reply'  => 'Слишком длинный контент.']));
    }

    $STH = $pdo->prepare(
        "SELECT
                    complaints.sentence,
                    author.id as author_id,
                    author.email as author_email,
                    author.email_notice as author_email_notice,
                       accused.id as accused_id,
                      accused.email as accused_email,
                    accused.email_notice as accused_email_notice
                FROM
                    complaints
                        LEFT JOIN users author ON author.id=complaints.author_id
                        LEFT JOIN users accused ON accused.id=complaints.accused_profile_id
                WHERE complaints.id = :id LIMIT 1"
    );
    $STH->setFetchMode(PDO::FETCH_OBJ);
    $STH->execute([':id' => $id]);
    $row = $STH->fetch();

    if($row->sentence != 0) {
        exit(json_encode(['status' => 2]));
    }

    $STH = $pdo->prepare(
        "INSERT INTO complaints__comments (user_id, complaint_id, text, date) values (:user_id, :ban_id, :text, :date)"
    );
    $STH->execute(
        [
            'user_id' => $_SESSION['id'],
            'ban_id'  => $id,
            'text'    => $text,
            'date'    => date("Y-m-d H:i:s")
        ]
    );

    incNotifications();

    $noty = noty_of_complaint_answer($id);
    $letter = letter_of_complaint_answer($id, $full_site_host);

    if($row->author_id != $_SESSION['id']) {
        send_noty($pdo, $noty, $row->author_id, 1);

        if($row->author_email_notice == 1) {
            sendmail($row->author_email, $letter['subject'], $letter['message'], $pdo);
        }
    }

    if(!empty($row->accused_id)) {
        if($row->accused_id != $_SESSION['id']) {
            send_noty($pdo, $noty, $row->accused_id, 1);

            if($row->accused_email_notice == 1) {
                sendmail($row->accused_email, $letter['subject'], $letter['message'], $pdo);
            }
        }
    }

    $STH = $pdo->prepare("UPDATE complaints SET have_answer=:have_answer WHERE id = :id LIMIT 1");
    $STH->execute(['have_answer' => 1, 'id' => $id]);

    exit (json_encode(['status' => 1]));
}

if(isset($_POST['loadImages'])) {
    $folder = check($_POST['folder'], null);
    $counter = empty($_POST['counter']) ? 0 : check($_POST['counter'], 'int');

    $folders = [
        'complaints' => 'complaints_imgs',
        'unbans' => 'bans_imgs',
    ];

    if(!array_key_exists($folder, $folders)) {
        exit(json_encode(['status' => 2, 'content' => 'Ошибка']));
    }

    if ($counter >= 5){
        exit(json_encode(['status' => 2, 'content' => 'Загружено максимальное количество изображений']));
    }

    if (empty($_FILES['image']['name'])) {
        exit(json_encode(['status' => 2, 'content' => 'Выберите изображение!']));
    } else {
        $path = 'files/' . $folders[$folder] . '/';
        $name = time() . rand(0, 9);

        if (if_img($_FILES['image']['name'])) {
            $image = $path . $name . '.jpg';
            if (!move_uploaded_file($_FILES['image']['tmp_name'], '../' . $image)) {
                exit(json_encode(['status' => 2, 'content' => 'Ошибка загрузки файла!']));
            }
        } else {
            exit(json_encode(['status' => 2, 'content' => 'Изображение должено быть в формате JPG,GIF,BMP или PNG']));
        }

        exit(json_encode(['status' => 1, 'image' => $image]));
    }
}

if(isset($_POST['getTermPrefixes'])):
    exit(json_encode(['alert' => 'success', 'message' => (new Prefixes(pdo()))->get_term($_POST['id_server'])]));
endif;

if(isset($_POST['buyPrefix'])):
    $id_server = clean($_POST['id_server'], "int");

    if(empty($id_server) || $id_server == 'Выберите сервер.'):
        exit(json_encode(['alert' => 'error', 'message' => 'Сначала выберите сервер.']));
    endif;

    $id_term = clean($_POST['id_term'], "int");

    if(empty($id_term) || $id_term == 'Выберите тариф.'):
        exit(json_encode(['alert' => 'error', 'message' => 'Сначала выберите тариф.']));
    endif;

    $type_bind = clean($_POST['type_bind'], "int");

    $nickname = clean($_POST['nickname'], null);
    $steamid = clean($_POST['steamid'], null);
    $password = clean($_POST['password'], null);

    $prefix = clean($_POST['prefix'], null);

    switch($type_bind):
        case 1:
            if(empty($nickname) || empty($password)):
                exit(json_encode(['alert' => 'error', 'message' => 'Сначала заполните все данные!']));
            endif;
        break;
        case 2:
            if(empty($steamid)):
                exit(json_encode(['alert' => 'error', 'message' => 'Сначала заполните все данные!']));
            endif;
        break;
        case 3:
            if(empty($steamid) || empty($password)):
                exit(json_encode(['alert' => 'error', 'message' => 'Сначала заполните все данные!']));
            endif;
        break;
        default:
            exit(json_encode(['alert' => 'error', 'message' => 'Выберите метод привязки']));
        break;
    endswitch;

    $prefixes = new Prefixes(pdo());

    if($prefixes->is_speech($id_server, $prefix)):
        exit(json_encode(['alert' => 'error', 'message' => 'Префикс имеет запрещенное слово!']));
    endif;

    $user = pdo()->query("SELECT * FROM `users` WHERE `id`='{$_SESSION['id']}'")->fetch(PDO::FETCH_OBJ);

    if($user->shilings >= $prefixes->get_term_price($id_term)):
        $end_shiling = $user->shilings - $prefixes->get_term_price($id_term);
  
        if(pdo()->query("UPDATE `users` SET `shilings`='{$end_shiling}' WHERE `id`='{$_SESSION['id']}'")):
            if($prefixes->setPrefix((object)[
                'id_server' => $id_server,
                'id_user' => $_SESSION['id'],
                'term' => $id_term,

                'steamid' => (($type_bind == 2 || $type_bind == 3) ? $steamid : 'none'),
                'nickname' => (($type_bind == 1) ? $nickname : 'none'),
                'password' => (($type_bind == 1 || $type_bind == 3) ? $password : 'none'),
                'prefix' => $prefix
            ])):
                $server = pdo()->query("SELECT * FROM `servers` WHERE `id`='$id_server' LIMIT 1")->fetch(PDO::FETCH_OBJ);

                $prefixes
                ->getTemp("templates/{$conf->template}/tpl/elements/area/buy_prefixes.tpl")
                ->setTemp("{index}", (($type_bind == 1) ? $nickname : $steamid))
                ->setTemp("{password}", (($type_bind == 2) ? "Не требуется" : $password))
                ->setTemp("{term}", ($prefixes->term($id_term)->time == 0) ? "Неограниченное время" : ($prefixes->term($id_term)->time . ' дня(ей)'))
                ->setTemp("{server}", $server->name . ' - ' . $server->address);

                $term = $prefixes->term($id_term);

                if($server->rcon == '1' && $term->rcon != 'none'):
                    $query = str_replace("{identifier}", ($type_bind == 1) ? $nickname : $steamid, $term->rcon);
                    $query = str_replace("{password}", $type_bind == 2 ? "" : $password, $query);
                    $query = str_replace("{time}", $term->time, $query);
                    $query = str_replace("{prefix}", $prefix, $query);

                    SourceQuery()->Connect($server->ip, $server->port, 1, (($server->game == 'Counter-Strike: 1.6') ? SourceQuery::GOLDSOURCE : SourceQuery::SOURCE));
                    SourceQuery()->SetRconPassword($server->rcon_password);
                    SourceQuery()->Rcon(htmlspecialchars_decode($query));
                endif;

                exit(json_encode($prefixes->endTemp()));
            endif;
        endif;
    else:
        exit(json_encode(['alert' => 'error', 'message' => 'Недостаточно средств, <a href="../purse">нажмите для пополнить баланс</a>.']));
    endif;

    exit(json_encode(['alert' => 'error', 'message' => 'Ошибка запроса..']));
endif;

if(isset($_POST['change_cover'])):
    $result = file_uploads("/files/cover", $_FILES['image']);

    if($result['alert'] == 'error'):
        exit(json_encode($result));
    endif;

    pdo()
    ->prepare("UPDATE `users` SET `cover`=:cover WHERE `id`=:uid LIMIT 1")
    ->execute([
        ':uid' => $_SESSION['id'],
        ':cover' => $result['full_dir']
    ]);

    exit(json_encode([
        'alert' => 'success',
        'file' => $result['full_dir']
    ]));
endif;

exit(json_encode(['status' => 2]));

Изменение цены в файле: modules_extra/gif_avatar/ajax/actions.php


Готово!

1668768613802.png


1668768640448.png
 

Вложения

  • 1668768670531.png
    1668768670531.png
    76,9 KB · Просмотры: 64
Последнее редактирование:

unique

Участник
12.11.2022
19
6
Проверку бы добавить куплен товар или нет.
А то покупается бесконечно)
Ну и подтверждение на покупку добавить, иногда пользователи тыкают случайно и просят вернуть деньги
 

parliament

Команда форума
Гл.Администратор
14.05.2021
1 892
3 977
  • Администратор
  • Модер.
  • Автор темы
  • #3
Проверку бы добавить куплен товар или нет.
А то покупается бесконечно)
Ну и подтверждение на покупку добавить, иногда пользователи тыкают случайно и просят вернуть деньги
Кнопка "покупки" пропадает, когда доступ приобретается. Насколько помню.
 

Stimayk

Заблокирован
14.11.2022
2
19
  • Заблокирован
  • #6
Вроде сделал все, как по инструкции, но после нажатия на кнопку ничего не происходит
 

parliament

Команда форума
Гл.Администратор
14.05.2021
1 892
3 977
  • Администратор
  • Модер.
  • Автор темы
  • #11

Stimayk

Заблокирован
14.11.2022
2
19
  • Заблокирован
  • #12
Ну вообще то он работает и на лицензии и нет. В чем претензия?
Ну если под отвалом регистрации и невозможностью купить (если принудительно через бд выставить себе 1, то действительно работает, но разве так должно быть?) это значит, что модуль "рабочий", то вопросов не имею.
 

parliament

Команда форума
Гл.Администратор
14.05.2021
1 892
3 977
  • Администратор
  • Модер.
  • Автор темы
  • #13
Ну если под отвалом регистрации и невозможностью купить (если принудительно через бд выставить себе 1, то действительно работает, но разве так должно быть?) это значит, что модуль "рабочий", то вопросов не имею.
Я написал ответ по этому поводу. Пройдите на сайт, где им торгуют. Купите.
 
Статус
В этой теме нельзя размещать новые ответы.
Сверху Снизу