Nicholas

i would highly recommend not using a donator days market at all unless you remove the link for removing them lol. since you can get scammed big time... basicly... say i have 1 donator day left yes??? all i have to do is before the next day or before i go bed, i can put the donator day on market for max price, so no one can buy it. then when i come back on in morning or whatever... i can just remove it and ill have unlimited donator days forever. if you catch my drift lol.

good find, actidental query inserted there... removed.

your welcome, took forever to do techically full recode of this mod lol. also never seen any mods posted on here for Item Market's buying/selling/adding/removing logs so i just went ahead i created it haha.

Hello everyone, ive updated Lithium's item market that *curt* updated little as well, also created a logs system and added security through-out all scripts. I techically recoded ItemMarket.php from top to bottom with full security and i also removed the annoying <?= and =?> as i dont like that type coding. I edited most the queries inside this mod for new table information and etc. I also tried adding IP logs with the buying items on Item Market. but i had problems with the Sellers IP. it just didnt select and insert the sellers IP address sadly. firstly the SQL for database DROP TABLE `itemmarket`; DROP TABLE `imbuylogs`; DROP TABLE `imarketaddlogs`; DROP TABLE `imremovelogs`; CREATE TABLE IF NOT EXISTS `itemmarket` ( `imID` int(11) NOT NULL auto_increment, `imITEM` int(11) NOT NULL default '0', `imADDER` int(11) NOT NULL default '0', `imMONEY` int(11) NOT NULL default '0', `imCRYSTALS` int(11) NOT NULL default '0', `imQTY` int(11) NOT NULL default '0', PRIMARY KEY (`imID`) ) ENGINE=MyISAM; CREATE TABLE IF NOT EXISTS `imbuylogs` ( `imbID` int(11) NOT NULL auto_increment, `imbITEM` int(11) NOT NULL default '0', `imbADDER` int(11) NOT NULL default '0', `imbBUYER` int(11) NOT NULL default '0', `imbMONEY` int(11) NOT NULL default '0', `imbCRYSTALS` int(11) NOT NULL default '0', `imbTIME` int(11) NOT NULL default '0', `imbCONTENT` text NOT NULL, PRIMARY KEY (`imbID`) ) ENGINE=MyISAM; CREATE TABLE IF NOT EXISTS `imarketaddlogs` ( `imaID` int(11) NOT NULL auto_increment, `imaITEM` int(11) NOT NULL default '0', `imaMONEY` int(11) NOT NULL default '0', `imaCRYSTALS` int(11) NOT NULL default '0', `imaADDER` int(11) NOT NULL default '0', `imaTIME` int(11) NOT NULL default '0', `imaCONTENT` text NOT NULL, PRIMARY KEY (`imaID`) ) ENGINE=MyISAM; CREATE TABLE IF NOT EXISTS `imremovelogs` ( `imrID` int(11) NOT NULL auto_increment, `imrITEM` int(11) NOT NULL default '0', `imrADDER` int(11) NOT NULL default '0', `imrREMOVER` int(11) NOT NULL default '0', `imrTIME` int(11) NOT NULL default '0', `imrCONTENT` text NOT NULL, PRIMARY KEY (`imrID`) ) ENGINE=MyISAM; ALTER TABLE users ADD marketquota int(11) not null default 0;   now the "itemmarket.php" <?php /* itemmarket.php Created By Lithium MODIFIED BY CURT Modified/Edited By Nicholas Even Futher (Logs Added (Market_Logs.php) Plus Full Security Added Throughout All Scripts) any distribution/selling/sharing of this file is illegal without permission. */ include "globals.php"; echo "<h3>Item Market</h3>"; function quote_smart($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } if (!is_numeric($value)) { $value = "'".mysql_real_escape_string($value)."'"; } return $value; } function item_mremove() { global $ir,$c,$userid,$h; $q = mysql_query("SELECT im.*,i.* FROM itemmarket im LEFT JOIN items i ON im.imITEM = i.itmid WHERE imID = '".abs(intval($_GET['ID']))."' AND imADDER = $userid"); if(!mysql_num_rows($q)) { echo "Error, either this item does not exist, or you are not the owner. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } $r = mysql_fetch_array($q); if ($r['imQTY']>1) { if (isset($_POST['rqty'])) { $_POST['rqty']=abs(intval($_POST['rqty'])); if ($r['imQTY']<$_POST['rqty']) { echo "Error, you do not have this many to remove! [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } else { $MONEY=$r['imMONEY']*$_POST['rqty']; $CRYSTALS=$r['imCRYSTALS']*$_POST['rqty']; mysql_query("UPDATE itemmarket SET imQTY=imQTY-{$_POST['rqty']} WHERE imID=".abs(intval($_GET['ID']))." AND imADDER=".abs(intval($ir['userid']))."",$c); mysql_query("DELETE FROM itemmarket WHERE imQTY=0",$c); item_add($userid, $r['itmid'], $_POST['rqty']); echo "Item's Removed from Market! [url='itemmarket.php']Go Back[/url]"; } } else { echo "How many ".htmlentities(stripslashes($r['itmname']))."'s would you like to remove? <form action='' method='POST'><input type='hidden' name='imID' value='".abs(intval($r['imID']))."'> Quanity: <input type='text' size=4 name='rqty' value='".abs(intval($r['imQTY']))."'> <input type='submit' value='Remove Items' class='inputback'></form>"; } } else { item_add($userid, $r['imITEM'], 1); $i = mysql_insert_id($c); mysql_query("DELETE FROM itemmarket WHERE imID=".abs(intval($_GET['ID']))."",$c); mysql_query("INSERT INTO imremovelogs VALUES ('', ".abs(intval($r['imITEM'])).", ".abs(intval($r['imADDER'])).", ".abs(intval($userid)).", unix_timestamp(), '".htmlentities(stripslashes($ir['username']))." removed a ".htmlentities(stripslashes($r['itmname']))." from the item market.')", $c); echo "Item removed from market! [url='itemmarket.php']Go Back[/url]"; } } function item_buy() { global $ir,$c,$userid,$h; $q = mysql_query("SELECT * FROM itemmarket im LEFT JOIN items i ON i.itmid = im.imITEM WHERE imID = ".abs(intval($_GET['ID'])).""); if(!mysql_num_rows($q)) { echo "Error, either this item does not exist, or it has already been bought. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } $r = mysql_fetch_array($q); if ($r['imQTY'] > 1) { if (isset($_POST['buyqty'])) { $_POST['buyqty']=abs(intval($_POST['buyqty'])); $_POST['imID']=abs(intval($_POST['imID'])); $MONEY=$r['imMONEY']*$_POST['buyqty']; $CRYSTALS=$r['imCRYSTALS']*$_POST['buyqty']; if($r['imQTY'] < $_POST['buyqty']) { echo "Error, you have selected more items than there really is. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } if($MONEY > $ir['money']) { echo "Error, you do not have the funds to buy this item. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } if($CRYSTALS > $ir['crystals']) { echo "Error, you do not have the funds to buy this item. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } $i=0; echo "You bought [x".abs(intval($_POST['buyqty']))."] ".htmlentities(stripslashes($r['itmname']))."'s from the market for $".number_format($MONEY)." and ".number_format($CRYSTALS)." crystals!. [url='itemmarket.php']Go Back[/url]"; item_add($userid, $r['imITEM'], $_POST['buyqty']); mysql_query("UPDATE itemmarket SET imQTY=imQTY-".abs(intval($_POST['buyqty']))." WHERE imID=".abs(intval($_GET['ID']))."",$c); mysql_query("UPDATE users SET money=money-$MONEY, crystals=crystals-$CRYSTALS WHERE userid=".abs(intval($userid))."",$c); mysql_query("UPDATE users SET money=money+$MONEY, crystals=crystals+$CRYSTALS WHERE userid=".abs(intval($r['imADDER']))."",$c); event_add($r['imADDER'],"[url='viewuser.php?u=$userid']".htmlentities(stripslashes($ir['username']))."[/url] bought [x".abs(intval($_POST['buyqty']))."] ".htmlentities(stripslashes($r['itmname']))."'s from the market for $".number_format($MONEY)." and $CRYSTALS crystals!.",$c); $get_seller = "SELECT u.userid, u.username, m.imID, m.imADDER " . " FROM users u " . " LEFT JOIN itemmarket m " . " ON m.imADDER = u.userid " . " WHERE m.imID = ".abs(intval($_GET['ID'])).""; $get_username = mysql_query($get_seller); while($seller=mysql_fetch_array($get_username)) { mysql_query("INSERT INTO imbuylogs VALUES ('', ".abs(intval($r['imITEM'])).", ".abs(intval($r['imADDER'])).", ".abs(intval($userid)).", ".abs(intval($r['imMONEY'])).", ".abs(intval($r['imCRYSTALS'])).", unix_timestamp(), '".htmlentities(stripslashes($ir['username']))." brought ".htmlentities(stripslashes($r['itmname']))." (x".abs(intval($_POST['buyqty'])).") from the item market for $".number_format($MONEY)." and $CRYSTALS crystals from ".htmlentities(stripslashes($seller['username'])).".')", $c); } mysql_query("DELETE FROM itemmarket WHERE imQTY=0",$c); $h->endpage(); exit; } else { echo "How many ".htmlentities(stripslashes($r['itmname']))."'s do you want to buy? There is [x".abs(intval($r['imQTY']))."] available. They cost $".number_format($r['imMONEY'])." and ".number_format($r['imCRYSTALS'])." crystals Each! <form action='' method='POST'><input type='hidden' name='imID' value='".abs(intval($r['imID']))."'> How Many? <input type='text' size=4 name='buyqty' value='0' class='inputback'> <input type='submit' value='Buy Items' class='inputback'></form>"; } } else { if($r['imMONEY'] > $ir['money']) { echo "Error, you do not have the funds to buy this item. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } if($r['imCRYSTALS'] > $ir['crystals']) { echo "Error, you do not have the funds to buy this item. [url='itemmarket.php']Go Back[/url]"; $h->endpage(); exit; } echo "You bought the ".htmlentities(stripslashes($r['itmname']))." from the market for $".number_format($r['imMONEY'])." and ".number_format($r['imCRYSTALS'])." crystals. [url='itemmarket.php']Go Back[/url]"; item_add($userid, $r['imITEM'], 1); $i=mysql_insert_id($c); mysql_query("UPDATE users SET money=money-{$r['imMONEY']}, crystals=crystals-{$r['imCRYSTALS']} where userid=".abs(intval($userid))."",$c); mysql_query("UPDATE users SET money=money+{$r['imMONEY']}, crystals=crystals+{$r['imCRYSTALS']} where userid=".abs(intval($r['imADDER']))."",$c); event_add($r['imADDER'],"[url='viewuser.php?u=$userid']".htmlentities(stripslashes($ir['username']))."[/url] bought your ".htmlentities(stripslashes($r['itmname']))." item from the market for $".number_format($r['imMONEY'])." and ".number_format($r['imCRYSTALS'])." crystals.",$c); $get_seller = "SELECT u.userid, u.username, m.imID, m.imADDER " . " FROM users u " . " LEFT JOIN itemmarket m " . " ON m.imADDER = u.userid " . " WHERE m.imID = ".abs(intval($_GET['ID'])).""; $get_username = mysql_query($get_seller); while($seller=mysql_fetch_array($get_username)) { mysql_query("INSERT INTO imbuylogs VALUES ('', ".abs(intval($r['imITEM'])).", ".abs(intval($r['imADDER'])).", ".abs(intval($userid)).", ".abs(intval($r['imMONEY'])).", ".abs(intval($r['imCRYSTALS'])).", unix_timestamp(), '".htmlentities(stripslashes($ir['username']))." brought a ".htmlentities(stripslashes($r['itmname']))." from the item market for $".number_format($r['imMONEY'])." and ".number_format($r['imCRYSTALS'])." crystals from ".htmlentities(stripslashes($seller['username'])).".')", $c); } mysql_query("DELETE FROM itemmarket WHERE imID=".abs(intval($_GET['ID']))."",$c); $h->endpage(); exit; } } /* check which items are valid to use edit $invalid_ids to suit your needs each array placed here won't be listed (category ID on db) */ $invalid_ids = array('100', '101', '102'); $q = "SELECT itmtypeid,itmtypename FROM itemtypes"; $q1 = "SELECT DISTINCT im.imITEM , i.itmid, i.itmtype,i.itmname FROM items i LEFT JOIN itemmarket im ON i.itmid=im.imITEM"; if(is_array($invalid_ids) && !empty($invalid_ids)) { $q.=" WHERE itmtypeid NOT IN ("; $q1.=" WHERE i.itmid=im.imITEM AND i.itmtype NOT IN ("; $count = count($invalid_ids); for($i=0; $i< $count;$i++) { $i_v .= "'".$invalid_ids[$i]."'"; if($i < $count-1) $i_v .= ","; } $q.= $i_v.")"; $q1.= $i_v.")"; } $q.= " ORDER BY itmtypeid"; $q1.= " ORDER BY i.itmtype"; $x = mysql_query($q,$c); while($xx = mysql_fetch_array($x)) { $title_item[$xx['itmtypeid']] = $xx['itmtypename']; $a[$xx['itmtypeid']][] = array(); } $x = mysql_query($q1,$c); while($xx = mysql_fetch_array($x)) { $a[$xx['itmtype']][] = $xx; } echo "<form id='form' name='form' method='post' action='{$_SERVER['PHP_SELF']}'>"; echo "<table width='100%' cellspacing='0' class='table' border='1'> <tr> <td colspan=3> Select the item type you want to buy from the dropdown boxes. If there is any items for sale it will show you the links to it.</td> </tr> <tr> <td>"; $i=0; foreach ($a as $key => $value) { $xx = $value; $i++; echo "<table width='100%' cellspacing='0' class='table' border='1'> <tr> <td class='h'>".htmlentities(stripslashes($title_item[$key]))."</td> </tr> <tr> <td> <select name='s_{$key}' id='s_{$key}'> <option value='0'></option> <option value='-1'>Check All</option>"; if(is_array($xx)){ foreach($xx as $x) { if(!empty($x)) { echo "<option value='{$x['itmid']}'>".htmlentities(stripslashes($x['itmname']))."</option>"; } } } echo "</select> </td> </tr> </table>"; if( $i > 0 && $i < 3) { echo "</td> <td>"; } else { $i = 0; echo "<tr> <td>"; } } for($j=$i;$j > 0; $j--) { echo "</td>"; } echo "</tr> <tr> <td colspan='3' align='center'> <input type='submit' name='search' id='search' value='Search' class='inputback' /> </td> </tr> </table> </form> "; $_GET['action'] = isset($_GET['action']) && is_string($_GET['action']) ? strtolower(trim($_GET['action'])) : false; switch($_GET['action']) { case "buy": item_buy(); break; case "remove": item_mremove(); break; } if(isset($_POST) && isset($_POST['search'])) { foreach($_POST as $key => $value) { if(preg_match("/^s_(\d*)$/", $key, $match)) { if($value == -1) { $a_it[]= quote_smart($match[1]); } else if($value != 0 && $value != -1) { $a_id[]= quote_smart($value); } } } $sql_get ="SELECT DISTINCT username, userid, itmid, itmname, imMONEY,imCRYSTALS,imQTY, imID, imADDER FROM itemmarket LEFT JOIN items ON items.itmid = itemmarket.imITEM LEFT JOIN itemtypes ON itemtypes.itmtypeid = items.itmtype LEFT JOIN users ON users.userid = itemmarket.imADDER "; if(isset($a_id) || isset($a_it)) { $sql_get.= "WHERE "; } else { echo " No items found. Please try some other search option!"; $h->endpage(); exit; } if(isset($a_id) && is_array($a_id) && !empty($a_id)) { $count = count($a_id); for($i=0; $i < $count; $i++) { $sql_get.= "itmid = '".$a_id[$i]."' "; if($i < $count - 1) $sql_get.= "OR "; } } if(isset($a_it) && is_array($a_it) && !empty($a_it)) { if(isset($a_id)) $sql_get.= "OR "; $count = count($a_it); for($i=0; $i < $count; $i++) { $sql_get.= "itmtype = '".$a_it[$i]."' "; if($i < $count - 1) $sql_get.= "OR "; } } $sql_get.= " ORDER BY imMONEY ASC"; $q=mysql_query($sql_get); if(!mysql_num_rows($q)) { echo " No items found. Please try some other search option!"; $h->endpage(); exit; } else { echo "<table width='100%' cellspacing='0' class='table' border='1'> <tr> <td colspan='6' align='center'>Your search returned the following results</td> </tr> <tr> <td width='20%' class='h'>Adder</td> <td width='5%' class='h'>Qty</td> <td width='25%' class='h'>Item</td> <td width='20%' class='h'>Money</td> <td width='10%' class='h'>Crystals</td> <td width='20%' class='h'>Links</td> </tr>"; $lt=""; while($r=mysql_fetch_array($q)) { if($r['imADDER'] == $userid) { $link = "[[url='?action=remove&ID=".abs(intval($r[']Remove[/url]]"; } else { $link = "[[url='?action=buy&ID=".abs(intval($r[']Buy[/url]]"; } echo "<tr> <td>[url='viewuser.php?u=".abs(intval($r[']".htmlentities(stripslashes($r['username']))."[/url] [".abs(intval($r['userid']))."]</td> <td>".abs(intval($r['imQTY']))."</td> <td>".htmlentities(stripslashes($r['itmname']))."</td> <td>$".number_format($r['imMONEY'])."</td> <td>".number_format($r['imCRYSTALS'])."</td> <td>[[url='iteminfo.php?ID=".abs(intval($r[']Info[/url]] $link</td> </tr>"; } echo "</table>"; } } $h->endpage(); ?>   now for "imadd.php" <?php include "globals.php"; $_POST['ID'] = abs(intval($_POST['ID'])); $_POST['imQTY'] = abs(intval($_POST['imQTY'])); $_POST['imMONEY'] = abs(intval($_POST['imMONEY'])); $_POST['imCRYSTALS'] = abs(intval($_POST['imCRYSTALS'])); echo "<h3>Add Item to Market</h3>"; if($ir['marketquota']==5) { echo "You already met your quota of 5 items on the market remove an item or wait until you sell one."; $h->endpage(); exit; } if($_POST['imQTY']) { $q=mysql_query("SELECT iv.*,i.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid WHERE inv_id=".abs(intval($_POST['ID']))." and inv_userid=".abs(intval($userid))."",$c); if(mysql_num_rows($q)==0) { echo "Invalid Item ID"; $h->endpage(); exit; } $r=mysql_fetch_array($q); if($r['inv_lent'] > 0) { echo "This item still belongs to your gang, you can't sell it."; $h->endpage(); exit; } else if ($r['inv_qty']<$_POST['imQTY']) { echo "You do not have that many to add!"; $h->endpage(); exit; } else { $STACK=$db->query("SELECT * FROM itemmarket WHERE imITEM=".abs(intval($r['itmid']))." AND imMONEY=".abs(intval($_POST['imMONEY']))." AND imCRYSTALS=".abs(intval($_POST['imCRYSTALS']))." AND imADDER=".abs(intval($ir['userid'])).""); if ($db->num_rows($STACK)) { $im=$db->fetch_row($STACK); $db->query("UPDATE itemmarket SET imQTY=imQTY+".abs(intval($_POST['imQTY']))." WHERE imADDER=".abs(intval($userid)).""); } else { mysql_query("INSERT INTO itemmarket VALUES ('','".abs(intval($r['inv_itemid']))."', ".abs(intval($userid)).",".abs(intval($_POST['imMONEY'])).",".abs(intval($_POST['imCRYSTALS'])).",".abs(intval($_POST['imQTY'])).")", $c); mysql_query("UPDATE users SET marketquota=marketquota+1 WHERE userid=".abs(intval($userid)).""); } mysql_query("UPDATE inventory SET inv_qty=inv_qty-".abs(intval($_POST['imQTY']))." WHERE inv_id=".abs(intval($_POST['ID']))." AND inv_userid=".abs(intval($userid))."",$c); mysql_query("DELETE FROM inventory WHERE inv_qty=0", $c); mysql_query("INSERT INTO imarketaddlogs VALUES ( '', ".abs(intval($r['inv_itemid'])).", ".abs(intval($_POST['imMONEY'])).", ".abs(intval($_POST['imCRYSTALS'])).", $userid, unix_timestamp(), '{$ir['username']} added [x".abs(intval($_POST['imQTY']))."] ".htmlentities(stripslashes($r['itmname']))." to the itemmarket for \$".number_format($_POST['imMONEY'])." and ".number_format($_POST['imCRYSTALS'])." crystals.')", $c); echo "[x".abs(intval($_POST['imQTY']))."] ".htmlentities(stripslashes($r['itmname']))."'s added to market for \$".number_format($_POST['imMONEY'])." and ".number_format($_POST['imCRYSTALS'])." crystals each. [url='inventory.php']Back to Inventory[/url]"; } } else { $q=mysql_query("SELECT i.inv_itemid,i.inv_qty,it.itmname FROM inventory i LEFT JOIN items it ON i.inv_itemid=it.itmid WHERE inv_id=".abs(intval($_GET['ID']))." and inv_userid=".abs(intval($userid))."",$c); if(mysql_num_rows($q)==0) { echo "Invalid Item ID"; $h->endpage(); exit; } else { $r=mysql_fetch_array($q); echo "Adding ".htmlentities(stripslashes($r['itmname']))."'s to the item market, you have [x".abs(intval($r['inv_qty']))."]... <form action='imadd.php' method='POST'> <input type='hidden' name='ID' value='".abs(intval($_GET['ID']))."' /> Quanity: <input type='text' name='imQTY' value='".abs(intval($r['inv_qty']))."' class='inputback' size='3' /> Money: <input type='text' name='imMONEY' value='0' class='inputback' size='6' /> Crystals: <input type='text' name='imCRYSTALS' value='0' class='inputback' size='3' /> <input type='submit' value='Add' class='inputback' /></form>"; } } $h->endpage(); ?>   now for the logs "market_logs.php" (you can call it whatever you like really) <?php /******************************************************* -- Created By Nicholas -- Copyright to Nicholas -- For Free -- -- TERMS AND CONDITIONS -- The name "Nicholas" must stay on the copyright notice. -- Removal of this copyright notice is not allowed. -- Alterations of this script are allowed, and encouraged, as long as the name "Nicholas" stays on the copyright notice. -- If you do not agree with the terms and conditions, and you still use the file anyway, legal action will be taken - Ignorance is not an excuse! -- -- By using this script, you agree to the terms and conditions stated above. -- ------------------------------------------------------------------------ -- If you don't understand it, leave it alone. -- If you need help with this script and all parts connected with this script (itemmarket.php, imadd.php, market_logs.php), contact Nicholas - [email][email protected][/email] *******************************************************/ include "sglobals.php"; if($ir['user_level'] != 2) { echo "You need to be an administrator to access this page"; $h->endpage(); exit(); } $_GET['action'] = (isset($_GET['action']) && is_string($_GET['action'])) ? stripslashes(trim($_GET['action'])) : FALSE; switch($_GET['action']) { case 'buylogs': market_buy_logs(); break; case 'removelogs': market_remove_logs(); break; case 'addlogs': market_add_logs(); break; default: index(); break; } function index() { global $h; echo "<h3>Item Market Logs</h3> <center><table width='50%' cellspacing='0' class='table' border='1'></center> <tr> <td align='center'>[url='?action=buylogs']Item Market Brought Logs[/url]</td> <td align='center'>[url='?action=removelogs']Item Market Removed Logs[/url]</td> <td align='center'>[url='?action=addlogs']Item Market Added Logs[/url]</td> </tr> </table>"; $h->endpage(); } function market_buy_logs() { global $h; echo "<h3>Market Buying Logs</h3> <center><table width='100%' cellspacing='0' class='table' border='1'></center> <tr> <th class=h align=center width=5%>ID</th> <th class=h align=center width=14%>Buyer</th> <th class=h align=center width=14%>Seller</th> <th class=h align=center width=22%>Item Brought</th> <th class=h align=center width=13%>How Much</th> <th class=h align=center width=32%>When</th> </tr>"; $logs=mysql_query("SELECT i.itmid, i.itmname, b.*, u1.username as buyer, u2.username as seller FROM imbuylogs b LEFT JOIN users u1 ON b.imbADDER=u1.userid LEFT JOIN users u2 ON b.imbBUYER=u2.userid LEFT JOIN items i ON b.imbITEM=i.itmid ORDER BY b.imbTIME DESC"); while($r=mysql_fetch_array($logs)) { echo "<tr> <td>".abs(intval($r['imbID']))."</td> <td>".htmlentities(stripslashes($r['seller']))."</td> <td>".htmlentities(stripslashes($r['buyer']))."</td> <td>".htmlentities(stripslashes($r['itmname']))."</td> <td>$".number_format($r['imbMONEY'])." ".number_format($r['imbCRYSTALS'])." crystals</td> <td>".date("F j, Y, g:i:s a",$r['imbTIME'])."</td></tr>"; } echo "</table>"; stafflog_add("Viewed Item Market Buy Logs"); $h->endpage(); } function market_remove_logs() { global $h; echo "<h3>Market Removing Logs</h3> <center><table width='100%' cellspacing='0' class='table' border='1'></center> <tr> <th class=h align=center width=5%>ID</th> <th class=h align=center width=30%>Item Removed</th> <th class=h align=center width=30%>Remover</th> <th class=h align=center width=35%>When</th> </tr>"; $logs=mysql_query("SELECT i.itmid, i.itmname, r.*, u.username as remover FROM imremovelogs r LEFT JOIN users u ON r.imrREMOVER =u.userid LEFT JOIN items i ON r.imrITEM=i.itmid ORDER BY r.imrTIME DESC"); while($r=mysql_fetch_array($logs)) { echo "<tr> <td>".abs(intval($r['imrID']))."</td> <td>".htmlentities(stripslashes($r['itmname']))."</td> <td>".htmlentities(stripslashes($r['remover']))."</td> <td>".date("F j, Y, g:i:s a",$r['imrTIME'])."</td></tr>"; } echo "</table>"; stafflog_add("Viewed Item Market Removal Logs"); $h->endpage(); } function market_add_logs() { global $h; echo "<h3>Market Added Logs</h3> <center><table width='100%' cellspacing='0' class='table' border='1'></center> <tr> <th class=h align=center width=5%>ID</th> <th class=h align=center width=20%>Item Added</th> <th class=h align=center width=20%>Adder</th> <th class=h align=center width=20%>How Much</th> <th class=h align=center width=35%>When</th> </tr>"; $logs=mysql_query("SELECT i.itmid, i.itmname, a.*, u.username as adder FROM imarketaddlogs a LEFT JOIN users u ON a.imaADDER =u.userid LEFT JOIN items i ON a.imaITEM=i.itmid ORDER BY a.imaTIME DESC"); while($r=mysql_fetch_array($logs)) { echo "<tr> <td>".abs(intval($r['imaID']))."</td> <td>".htmlentities(stripslashes($r['itmname']))."</td> <td>".htmlentities(stripslashes($r['adder']))."</td> <td>$".number_format($r['imaMONEY'])." ".number_format($r['imaCRYSTALS'])." crystals</td> <td>".date("F j, Y, g:i:s a",$r['imaTIME'])."</td></tr>"; } echo "</table>"; stafflog_add("Viewed Item Market Added Logs"); $h->endpage(); } ?>   If you have any troubles with anything feel free to ask. Hope you like the mod. Nicholas.

i like it, yes i know its a old script but im wondering if you can improve it little with my idea? can you make it so it only shows the ItemType dropdown menu's that has the items in the market if you know what i mean? also make it so it doesnt show every single item in that ItemType but only show the items that are actually on the market? also maybe add on a system where items can be sold for crystals or money and you can purchase any amount from the stock for example, someone puts 6 Medics on the market for 5 crystals each. someone can buy just 2 of them for 10 crystals leaving 4 left in stock. my explaining is probably hard to understand, so i know you'll probably be like "what the hell is he on about". but i hope you understand. i know its asking for a lot but you could maybe even release this idea as an updated advanced item market and sell it on the MarketPlace.

i heard using (echo) instead of (print) was a bit faster? not by huge amount speed but just little bit faster. like 0.0055% or something like that?

CREATE TABLE IF NOT EXISTS `proposals` ( `proID` int(11) NOT NULL AUTO_INCREMENT, `proPROPOSER` int(11) NOT NULL, `proPROPOSED` int(11) NOT NULL, `proMESSAGE` varchar(255) NOT NULL, PRIMARY KEY (`proID`) ) ENGINE=MyISAM;

oh right... okay. thanks for the information :)

well you know on some games where they send you newsletters about updates and then they give you your login name and password incase you forgot it or whatever... how would i get my script to give them their actual passwords incase of the MD5 passwords.

hi, im wondering... does anyone know how to send users their password through an email (hotmail). i have the script i created myself to send everyone on the game an email and i can show the users login name. but cant figure out how to dectype the MD5 passwords in the email... tried researching on google and PHP.net but not had any luck... i did try ".md5($???['password'])." but that just sent me the numbers/letters instead of the actual password. probably got to do functions or whatever with hash bits but i dont know how... can someone help me please?

new gym mate :) also can i ask a question? whats the difference between... include(DIRNAME(__FILE__).'/globals.php'); and include 'globals.php';

hi everyone... i created my first login/register page layout. i was wondering... could everyone please rate it out of 10 please? (yes i know it little plain, but its my first one...) http://img263.imageshack.us/i/11299262.jpg/ http://img2.imageshack.us/i/46565140.jpg/ http://img121.imageshack.us/i/55480993.jpg/

Awwwh, It's not really working. And the merge option is only on food. I'm not the coder thats my partner but he is not well today so he asked me to have a crack at it... Not much luck though... Thanks anyway. after creating file "Merge.php" and uploaded it, open up "Inventory.php" and find echo "[b]Your items are listed below.[/b]   and replace it with echo "<center>[url='merge.php']Merge Your Item (Click Here)[/url]</center><hr />"; echo "[b]Your items are listed below.[/b]   hopefully you get it idea where im coming at lol. OR open up "inventory.php" and find include "globals.php";   and under it add this lol. $used=array(); $q=mysql_query("SELECT * FROM inventory WHERE inv_userid=$userid"); while ( $r=mysql_fetch_array($q) ) { if ( ! in_array ( $r['inv_id'], $used ) ) { $currdel=array(); $used[] =$r['inv_id']; $currdel[]=$r['inv_id']; $amount=$r['inv_qty']; $q2=mysql_query("SELECT * FROM inventory WHERE inv_userid=$userid AND inv_itemid = {$r['inv_itemid']} AND inv_id != {$r['inv_id']}"); while ( $r2 = mysql_fetch_array($q2) ) { $used[]=$r2['inv_id']; $currdel[]=$r2['inv_id']; $amount+=$r2['inv_qty']; } mysql_query("DELETE FROM inventory WHERE inv_id IN(".implode(",",$currdel).")"); mysql_query("INSERT INTO inventory VALUES('', {$r['inv_itemid']}, $userid, $amount)"); } }   NOTE: this way might slow game down lol.

wouldnt it be this that you add to "global_func.php"   function get_mine() { global $ir,$c,$userid; if($ir['mine_exp'] >= $ir['mine_needed']) { $minexp=$ir['mine_exp']-$ir['mine_needed']; $ir['mine_level']+=1; $ir['mine_exp']=$minexp; $ir['mine_needed']=(int) (($ir['mine_level']+1)*($ir['mine_level']+1)*($ir['mine_level']+1)*2.2); mysql_query("UPDATE users SET mine_level=mine_level+1,mine_exp=$minexp,mine_needed=mine_needed+1000,max_power=max_power+10 where userid=$userid",$c); } }

$_GET['ID'] = abs((int) $_GET['ID']); and lotteryID = ".abs(intval($_GET['ID']))." that made it work fine, thanks :) im surprized that simple line never crossed my mind...

thanks username is showing now. but another problem cant figure it out (yes i did try to sort it out but not having any luck) but well when you go to lottery_win.php?Raffle=Number&ID=1 (first winner) it shows the 2 players that have won the weekly lottery. and same with lottery_win.php?Raffle=Number&ID=2 (secound winner) it shows the 2 players that have won. any idea on how to make it only show the winner of that raffle ID? sorry if im being annoying... not made this probably simple mod before lol. once i see how its done, ill never really have to ask for help on this type of selecting again... as i think i get how to do left join queries now :D   ive created new file for the time being until i can get this setup working NOTE: this file is called "lottery_winners.php" and one im trying to set up in called "lottery_win.php" which is the function setup up top were working on. <?php include "globals.php"; global $db,$ir,$c,$h,$userid; echo "<center><h3>Last 25 weekly lottery winners and amount!</h3></center>"; echo "<center><table width='60%' cellspacing='1' class=table border='1' bordercolor='#636363'></center> <tr> <th width='15%'>Lottery Number</th> <th width='25%'>Name</th> <th width='20%'>Amount</th> </tr>"; $get_wins = sprintf("SELECT u.userid, u.username,r.* FROM users u LEFT JOIN lottery_winners r ON r.userid=u.userid WHERE r.userid = u.userid ORDER BY lotteryID DESC LIMIT 25"); $do_wins = $db->query($get_wins); while($win = $db->fetch_row($do_wins)) { echo "<tr> <td align='center'>#. ".number_format($win['lotteryID'])."</td> <td align='center'>".htmlentities(stripslashes($win['username']))."</td> <td align='center'>$".number_format($win['winnings'])."</td> </tr>"; } echo "</table>"; $h->endpage(); ?>

thats correct. yes. :)

login your cpanel, find and click on "PHP MY ADMIN" and wait for it to load. select your games database on left hand side and then click "SQL" once that loads insert this   ALTER TABLE `userstats` CHANGE `strength` `strength` DECIMAL( 50, 4 ) NOT NULL DEFAULT '0.0000'; ALTER TABLE `userstats` CHANGE `agility` `agility` DECIMAL( 50, 4 ) NOT NULL DEFAULT '0.0000'; ALTER TABLE `userstats` CHANGE `guard` `guard` DECIMAL( 50, 4 ) NOT NULL DEFAULT '0.0000'; ALTER TABLE `userstats` CHANGE `labour` `labour` DECIMAL( 50, 4 ) NOT NULL DEFAULT '0.0000'; ALTER TABLE `userstats` CHANGE `IQ` `IQ` DECIMAL( 50, 4 ) NOT NULL DEFAULT '0.0000';   and run it

hi im wondering... can anyone help me select a userid from one table and make it select a username from the users table please? if you understand what i mean... i cant figure it out... im probably do it completely wrong due to i dont know how to do left joins and etc... probably $get_info has to be in $get_wins part but differently. can someone help me please? ill be very greatful.   function Number() { global $db,$ir,$c,$h,$userid; echo "<center><table width='50%' cellspacing='1' class=table border='1' bordercolor='#636363'></center> <tr> <th width='25%'>Name</th> <th width='25%'>Amount</th> </tr>"; $get_wins = sprintf("SELECT `lotteryID`, `userid`, `winnings` FROM lottery_winners"); $do_wins = $db->query($get_wins); while($win = $db->fetch_row($do_wins)) { $get_info = sprintf("SELECT u.*,r.* FROM users u LEFT JOIN lottery_winners r ON r.userid=u.userid WHERE r.lotteryID = {$win['lotteryID']}"); $user = $db->query($get_info); echo "<tr> <td align='center'>".htmlentites(stripslashes($user['username']))."</td> <td align='center'>".number_format($win['winnings'])."</td> </tr>"; } echo "</table>"; }

fully agree there, i used to ask for LOADS of help when i was a nooby (still techically a nooby) but not as bad as i used to be, most the time i dont need help anymore on stuff i do. i created myself a mod few days ago and all i needed help on was a oddly simple script lol. couldnt think of how to create it haha. also the people in school, they act cool and hard so they gain reputation in school (to become popular people) i wasnt one of those people but i knew how it worked lol. in school its all about respect/populataity, nothing else to most kids. but anyhow yes this forum is basicly about help and learning, ive learnt a lot on how to code here by reading some of the script mods on here, i also paid $100 for someone to secure my game while back and i learnt quite abit of security from reading my own scripts after they finished.   May I ask why you think someone who has posted for help as much as he does even has a "coder” working for him? One more thing (some as last time really) why not post something remotely helpful at least Joshua pointed out he was in the wrong section... @ CoRnNuB - http://makewebgames.io/board791/31174-need-advanced-marriage/ next time try looking? also on that link my edited script is on there on page 2 (bottom) and page 3 (top) which should be secured and working fine lol. ########################################################## but if you want a shared housing mod, there isnt a free one thats any good (only free one is STUPIDLY HIGHY BUGGED) best chance is buying Cronus's one or something? http://www.cronwerks.com/forum/cronwerks-mccode-mccodes-mods/advanced-marriage-w-shared-housing/

hmm... maybe set up mod like this? sql CREATE TABLE IF NOT EXISTS `rewardbase` ( `userid` int(11) NOT NULL AUTO_INCREMENT, `hpupgrade` int(11) NOT NULL DEFAULT '0', `hpupgradesdone` int(11) NOT NULL DEFAULT '0', PRIMARY KEY (`userid`) ) ENGINE=MyISAM;   You need script to insert the table info unless you do it manally so every user has a section to work with. note: i cba to make the functions for a different table and also idk how to do LEFT JOIN querys sorry. so i cant do it anyways. if you do it my way, just insert it into users table. or add them to users table with this sql alter tables users add hpupgrade int(11) not null default 0; alter tables users add hpupgradesdone int(11) not null default 0;   then create file doing something like (note: im writing these functions on here from memory)   function hpupgrade() { global $h, $ir, $db, $userid; if($ir['hpupgradedone'] == 5) { echo "You can only max this section out 5 times. Sorry."; echo "[url='index']Go Home[/url]"; $h->endpage(); exit(); } $cash = 50000; echo "it will cost you $".number_format($cash)." to upgrade a level."; echo "[url='?act=hpupgraded']Upgrade Now![/url]"; $h->endpage(); exit(); } function hpupgraded() { global $h, $ir, $db, $userid; if($ir['hpupgradedone'] == 5) { echo "You can only max this section out 5 times. Sorry."; echo "[url='index']Go Home[/url]"; $h->endpage(); exit(); } $cash = 50000; $db->query("UPDATE users SET hpupgrade=hpupgrade+1, money=money-$cash WHERE userid=$userid"); echo "You have upgraded your HP counter upto ".number_format($ir['hpupgrade'])."/10 for $".number_format($cash)."."; if($ir['hpupgrade'] == 10) { $db->query("UPDATE users SET maxhp=maxhp+1000, hpupgrade=0, hpupgradedone=hpupgradedone+1 WHERE userid=$userid"); echo " You have maxed out your HP counter ".number_format($ir['hpupgradedone'])."/5 times. Congratulations, you gained 1,000 more HP."; } $h->endpage(); exit(); }   if your creating new table. you have to do do alot of editing. in few files and etc. unless you know how to do LEFT JOIN querys. hope it helps. haha. probably gonna confuse you :P

i modified it little, yes its done werid and works but still small problem... it only sends me the message, the users online said they didnt get a message. EDIT: a old player came online and i asked how he remembered my game and he said he got a email. How comes he got one but some others didnt. this is the code can someone help me please so it sends it to everyone?   <?php include(DIRNAME(__FILE__) . '/globals.php'); $_GET['act'] = isset($_GET['act']) && ctype_alpha($_GET['act']) ? trim($_GET['act']) : ''; switch($_GET['act']) { default: mail_index(); break; } if( !in_array($_GET['act'], array('mail_index')) ) { echo "Invalid Action"; $h->endpage(); exit; } function mail_index() { global $r,$ir,$db,$h,$to,$subject,$body,$headers; if($ir['user_user'] != 2) { print ""; $h->endpage(); exit; } $collect=$db->query("SELECT * FROM users"); while($r=$db->fetch_row($collect)) { $to = $r['email']; $subject = "Criminals Nightmare Newsletter"; $headers = "From: [email][email protected][/email]"; $body = "Hello {$r['username']}! Sorry if this message is odd but its a test. But i'm hoping you are enjoying Criminals Nightmare :) if you haven't been playing i would like to announce that Criminals Nightmare has most probably changed loads within the time you haven't been online in which could fall into the following categories: 1. new graphics 2. new modifications 3. new players and so on If you want to try out Criminals Nightmare again to see if you would like to play it again, the link to our game is below [url]http://www.criminals-nightmare.co.uk/[/url] Thanks and hope you have a great day, Nickizzle."; mail($to, $subject, $body, $headers); echo "Messages Sent Successfully"; $h->endpage(); } } ?>

hi, i tried this modification out but some reason im not getting a message? inbox or junk box any idea why? i changed $from ="From: [email protected]"; into $from ="From: criminals-nightmare @ hotmail .co.uk"; and inserted few global ???,???; bits but still not getting message in? does it take time?

cheers, i think thats what im after :)

hi everyone, im wondering i did try search for it for but didnt have any luck... does anyone have this script that i could have at all please? or know where i can find a like the one im about to explain hopefully that be recognizable. its a modification where you can send emails (hotmail) to everyone on your game. (not emails in game) so i could send messages to everyone on the game that hasn't logged in for say like 2 weeks or longer? saying like... _____________________________________________ Hello "username here", We can see that you haven't logged on in for "days offline here" days. We would like to remind you that "game name here" has changed quite a lot since your last visit, in which includes maybe the following categories: 1. new graphics 2. new modifications 3. new players and so on. If you want to try out "game name here" again to see if you want to carry on playing, the link to our game is below "game link here". Thanks and hope you have a great day, "your name here". ______________________________________________