//      online.php   game
<?
if (!isset($_SERVER['HTTP_X_NAP_LOGIN']) || !isset($_SERVER['HTTP_X_NAP_PASS']) || !isset($_SERVER['HTTP_X_NAP_VERSION'])) {
    echo ' !';
    exit;
}

define('_IN_JOHNCMS', 1);
require_once ('../incfiles/core.php');

$login = $_SERVER['HTTP_X_NAP_LOGIN'];
$password = $_SERVER['HTTP_X_NAP_PASS'];
$vers = $_SERVER['HTTP_X_NAP_VERSION'];
$ball = $_SERVER['HTTP_X_NAP_BALL'];
    $name = mysql_query("SELECT * FROM `users` WHERE `name_lat` = '".$login."'");
    if (mysql_num_rows($name) < 1) {
        echo 3;
    } else {
        $pass = mysql_result(mysql_query("SELECT `password` FROM `users` WHERE `name_lat` = '".$login."'"), 0);
        if ($password != $pass) {
            echo 2;
        } else {
            $userbase = mysql_fetch_assoc(mysql_query('SELECT `id`, `password` FROM `users` WHERE `name_lat`=\'' . functions::rus_lat(mb_strtolower($login)) . '\' LIMIT 1'));
            $userbase['ban'] = mysql_result(mysql_query('SELECT count(`id`) FROM `cms_ban_users` WHERE `user_id`=\'' . $userbase['id'] . '\' && `ban_time` != `ban_while` && `ban_time` > ' . time()), 0);
            if ($userbase['ban']) {
    echo 5;
            } else {
if($vers == 'no') {
            $res = mysql_result(mysql_query("SELECT `balans` FROM `users` WHERE `name_lat` = '".$login."'"), 0);
            echo $res;
} else if($vers == 'yes') {
mysql_query("UPDATE `users` SET `balans` = '".$ball."' WHERE `name_lat` = '".$login."'");
echo 'Vu ygadali! Vash balans teper - '.$ball.'!';
} else if($vers == 'no_1') {
mysql_query("UPDATE `users` SET `balans` = '".$ball."' WHERE `name_lat` = '".$login."'");
echo 'Vu ne ygadali! Vash balans teper - '.$ball.'!';
}
            }
        }
    }
?>