проверти код где допустил ощипку в базу не пишет нечего
if ($rights >= 6) {
if($id){
if (isset($_POST['submit'])) {
$error = array();
$j_bir = isset($_POST['j_bir']) ? functions::check(abs($_POST['j_bir'])) : false;
$j_ikki = isset($_POST['j_ikki']) ? functions::check(abs($_POST['j_ikki'])) : false;
if (!$j_bir){
$error[] = 'Mehmon jamoa hisobini kiritmadingiz';
}elseif (mb_strlen($j_bir) > 26) {
$error[] = 'Mehmon jamoa hisobi Judayam uzur!';
}
if (!$j_ikki){
$error[] = 'Mezmon jamoa hisobini kiritmadingiz';
}elseif (mb_strlen($j_ikki) > 26) {
$error[] = 'Mehmon jamoa hisobi Judayam uzur!';
}
if (!$error) {
$req33 = mysql_query("SELECT * FROM `udesign_tahmin_oyin` WHERE `id` = '" . $id . "'");
$res34 = mysql_fetch_assoc($req33);
mysql_query("UPDATE `udesign_tahmin_oyin_hisob` SET
`bolim_id` = '" . $res34['bolim_id'] . "',
`oyin_id` = '" . $id . "',
`j_bir` = '" . $j_bir . "',
`j_ikki` = '" . $j_ikki . "'
WHERE `id` = '" . $id . "'
") or die(mysql_error());
mysql_query("UPDATE `udesign_tahmin_oyin` SET
`holat` = '2'
WHERE `id` = '" . $id . "'
") or die(mysql_error());
echo '<div class="menu">O`yin yakunlandi! <br />
Foydalanuvchilarga ballni taqsimlab <a href="?act=tugadi&do=ball&id=' . $id . '">berish</a></div>';
} else {
echo functions::display_error($error, '<a href="?act=oyin&id=' . $id . '">O`yinlarga</a>');
}
} else {
$req = mysql_query("SELECT * FROM `udesign_tahmin_oyin` WHERE `id` = '$id'");
$res = mysql_fetch_assoc($req);
echo '<form action="?act=tugadi&id=' . $id . '" method="post">';
echo '<div class="menu"><h3>Hisob:</h3><br />';
echo '<span>' . $res['j_bir'] . '</span>: <input type="text" name="j_bir" value="0"/><br />';
echo '<span>' . $res['j_ikki'] . '</span>: <input type="text" name="j_ikki" value="0"/>';
echo '</div>';
echo '<div class="bmenu">' .
'<p><input type="submit" name="submit" value="Yakunlash"/></p>' .
'</form>' .
'<p><a href="?act=oyin&id=' . $id . '">O`yinlarga</a></p></div>';
}
}else{
header("location: ./");
}
}else{
header("location: ./");
}