yaz94

What can I say, I made a mistake, although its not a major issue as it would just require it again - I have updated my post. As for the sprintf() I personally find it easier to use sprintf query than $db-> and find it a lot easier to understand and easier to secure. Appreciate the feedback.

Who said there was a problem? I just wanted something designing but its all good found someone. Thanks for your interest in replying anyway :) Oh, and also a web designer wouldn't be wasting there time as I would need one.

I am looking for some help of a web designer that actually knows what he's doing. Contact me via Skype - yaz_1994 (willing to pay) Please do not contact me for anything else, I am not interested. Just looking for a web designer ;)

Hope you don't mind Guest, updated for V2 and secured a little not tested let me know if any errors   <?php include(__DIR__ . "/globals.php"); echo '<h2>Office of Bank Loans</h2>'; $maximum = 100000; $max_loan = MIN( ($ir['level'] * $ir['daysold']) * 500, $maximum ); $current = 0; $sql = sprintf("SELECT * FROM `bank_loans` WHERE `user` = '%u'", $ir['userid']); $db->query($sql); if ( mysql_num_rows($sql) == 0 ) { $db->query("INSERT INTO `bank_loans` (`user`) VALUES ('{$ir['userid']}')"); } else { $loan = $db->fetch_row($sql); $current = $loan['amount']; } if ($current > 0) { if($loan['time'] > time()) { echo '<p>Your loan is not repayable until ' . date("D jS M, g:i A", $loan['time']) . '. Come back then.</p>'; } else { $repay = (array_key_exists('repay', $_POST) && (is_int($_POST['repay']) || ctype_digit($_POST['repay']))) ? substr($_POST['repay'], 0, 9) : FALSE ; if ($repay) { if ($repay > $ir['money']) { echo '<p>You do not have enough money to pay $' . number_format($repay) . '.</p>'; } else { if ($repay > $loan['amount']) { $repay = $loan['amount']; } echo '<p>You paid $' . number_format($repay) . ' from your loan balance.</p> <p>Thank You.</p>'; } } else { echo '<p>Welcome back, ' . htmlentities($ir['username'], ENT_QUOTES, "UTF-8") . '.</p> <p>It would appear that you have an outstanding loan balance of $' . number_format($run['amount']) . '.</p> <p>Would you like to pay some off the balance today?</p> <h4>Pay towards loan debt</h4> <form action="" method="post"> <p>How much would you like to pay?</p> <p> <input type="text" name="repay" value=""> </p> <button>Pay Loan</button> </form>'; } } } else { if ($_SERVER['REQUEST_METHOD'] == "POST") { $amount = (array_key_exists('amount', $_POST) && (is_int($_POST['amount']) || ctype_digit($_POST['amount']))) ? substr($_POST['amount'], 0, 9) : FALSE ; if ($amount) { if ($amount > $max_loan) { echo '<p>You can only have a loan of $' . number_format($max_loan) . ' at most.'; } else { $total = ($amount * 1.05); $r = sprintf("UPDATE `bank_loans` SET `amount` = '%s', `time` = '%s' WHERE `user` = '%u'", $total, unix_timestamp(), $ir['userid']); $q = sprintf("UPDATE `users` SET `money` = `money` + '%s' WHERE `userid` = '%s'", $amount, $ir['userid']); $db->query($r); $db->query($q); echo '<p>You have taken out a loan for $' . number_format($amount) . ' and with the 5% interest, you will need to pay back $' . number_format($total) . '.</p> <p>Thanks for using us for your business and hope you become a valued customer.</p>'; } } else { echo '<p>You did not enter a valid amount to loan from us.</p>'; } } else { echo '<p>Welcome to the loan department, ' . htmlentities($ir['username'], ENT_QUOTES, "UTF-8") . '.</p> <p>You can take a loan out today, for a maximum of $' . number_format($max_loan) . ', which will be yours for 3 days minimum.</p> <p>Minimum amount you can loan is $100</p> <p>The interest you pay on top of the loan will be 5%.</p> <h4>Would you like to take a loan out, ' . (strtolower($ir['gender']) == "male" ? 'Sir' : 'Madam') . '?</p> <form action="" method="post"> <p>How much would you like to take out?</p> <p> <input type="text" name="amount" value=""> </p> <button>Take Loan</button> </form>'; } } $h->endpage(); ?>

I think it would look better if you could round the other boxes edges too, to show that its consistent maybe?

Hey MWG! I thought I would make another modification for you guys! Secured bank + Bank robbery - This mod is basically a bank robbery were users can rob the bank, they have a 1 in 4 chance. If they do succeed in the bank robbery everyone can not use the bank for the time that you choose (you must do this by putting the correct code into the cron file of your *own* choice) SQL CREATE TABLE bank ( robbery INT(11), robmoney varchar(255) ) INSERT INTO `bank` (`robbery`, `robmoney`) VALUES ('0', '0'); bank.php <?php include(__DIR__ ."/globals.php"); echo "<h4><font color='red' style='text-decoration:underline; font-weight:bold;'><a href='robbank.php'>>Rob the bank!</a></font></h4>"; print "<h3>Bank</h3>"; $q = $db->query("SELECT robbery FROM bank"); $var = $db->fetch_row($q); if($var['robbery'] > 0) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>The bank is closed for maintainence due to a robbery!</h4> <a href='explore.php'>Go back!</a> </font>"; exit; } if($ir['bankmoney']>-1) { switch($_GET['action']) { case "deposit": deposit(); break; case "withdraw": withdraw(); break; default: index(); break; } } else { if(isset($_GET['buy'])) { if($ir['money']>49999) { print "Congratulations, you bought a bank account for \$50,000!<br /> <a href='bank.php'>Start using my account</a>"; $bought = sprintf("UPDATE users SET money = money + %u, bankmoney = %u WHERE (userid = %u", 50000, 0, $userid); $db->query($bought); } else { print "You do not have enough money to open an account. <a href='explore.php'>Back to town...</a>"; } } else { print "Open a bank account today, just \$50,000!<br /> <a href='bank.php?buy'>> Yes, sign me up!</a>"; } } function index() { global $db, $ir,$c,$userid,$h; print "\n<b>You currently have \${$ir['bankmoney']} in the bank.</b><br /> At the end of each day, your bank balance will go up by 2%.<br /> <table width='75%' cellspacing=1 class='table'> <tr> <td width='50%'><b>Deposit Money</b><br /> It will cost you 15% of the money you deposit, rounded up. The maximum fee is \$3,000.<form action='bank.php?action=deposit' method='post'> Amount: <input type='text' name='deposit' value='{$ir['money']}' /><br /> <input type='submit' value='Deposit' /></form></td> <td> <b>Withdraw Money</b><br /> There is no fee on withdrawals.<form action='bank.php?action=withdraw' method='post'> Amount: <input type='text' name='withdraw' value='{$ir['bankmoney']}' /><br /> <input type='submit' value='Withdraw' /></form></td> </tr> </table>"; } function deposit() { global $db,$ir,$c,$userid,$h; $_POST['deposit']=abs((int) $_POST['deposit']); if($_POST['deposit'] > $ir['money']) { print "You do not have enough money to deposit this amount."; } else { $fee=ceil($_POST['deposit']*15/100); if($fee > 3000) { $fee=3000; } $gain=$_POST['deposit']-$fee; $ir['bankmoney']+=$gain; $deposit = sprintf("UPDATE users SET bankmoney = bankmoney + %u, money = money - %s WHERE (userid = %u)", $gain, abs(@intval($_POST['deposit'])), $userid); $db->query($deposit); print "You hand over \$". abs(@intval($_POST['deposit'])) ." to be deposited, <br /> after the fee is taken (\$$fee), \$$gain is added to your account. <br /> <b>You now have \${$ir['bankmoney']} in the bank.</b><br /> <a href='bank.php'>> Back</a>"; } } function withdraw() { global $db,$ir,$c,$userid,$h; $_POST['withdraw']=abs((int) $_POST['withdraw']); if($_POST['withdraw'] > $ir['bankmoney']) { print "You do not have enough banked money to withdraw this amount."; } else { $gain=$_POST['withdraw']; $ir['bankmoney']-=$gain; $q = sprintf("UPDATE users SET bankmoney = bankmoney - %s, money = money + %s WHERE (userid = %u)", $gain, $gain, $userid); $db->query($q); print "You ask to withdraw $gain, <br /> the banking lady grudgingly hands it over. <br /> <b>You now have \${$ir['bankmoney']} in the bank.</b><br /> <a href='bank.php'>> Back</a>"; } } $h->endpage(); ?> Call this file - robbank.php <?php include(__DIR__ ."/globals.php"); // Remember these variables are in the function robcomp() too! $level = 0; // Set what user level can rob the bank $brave = 0; // Set the brave needed $will = 0; // Set the will needed $energy = 0; // Set the energy needed $chance = mt_rand(1,4); $hospt = mt_rand(5,10); // Hospital Time $jailt = mt_rand(5,10); // Jail Time*/ $hospr = "Got shot while robbing the bank!"; $jailr = "Got arrested while robbing the bank!"; $q = $db->query("SELECT robbery FROM bank"); $var = $db->fetch_row($q); if($var['robbery'] == 1) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>The bank is closed for maintainence due to a robbery!</h4> <a href='bank.php'>Go back!</a> </font>"; $h->endpage(); exit; } if($ir['hospital'] > 0 || $ir['jail'] > 0) { echo("Dude your in jail/hospital!<br /><a href='bank.php'>Go back!</a>"); $h->endpage(); exit; } if($ir['level'] < $level) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>You must have ". $level ." level to rob the bank!</h4><br /> <a href='bank.php'>Go back!</a></font>"; $h->endpage(); exit; } if($ir['brave'] < $brave) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>You must have ". $brave ." brave to rob the bank!</h4><br /><a href='bank.php'>Go back!</a></font>"; $h->endpage(); exit; } if($ir['will'] < $will) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>You must have ". $will ." will to rob the bank!</h4><br /><a href='bank.php'>Go back!</a></font>"; $h->endpage(); exit; } if($ir['energy'] < $energy) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h4>You must have ". $energy ." energy to rob the bank!</h4><br /><a href='bank.php'>Go back!</a></font>"; $h->endpage(); exit; } if(!$_GET['action'] == "robbank") { echo "<h4>To rob the bank you need - Brave: <font color='green' style='text-decoration:underline; font-weight:bold;'>". $brave ."</font> Will: <font color='green' style='text-decoration:underline; font-weight:bold;'>". $will ."</font> Energy: <font color='green' style='text-decoration:underline; font-weight:bold;'>". $energy ."</font></h4> <font color='red' style='text-decoration:underline; font-weight:bold;'><h4> <a href='robbank.php?action=robcomp'>>Proceed with the robbery!</a></h4><br /><a href='bank.php'>>Run while you can!</a>"; } else { // Removes brave, will and energy! $minusbrave = sprintf("UPDATE users SET brave = brave - %s WHERE (userid = %u)", $brave, $userid); $minuswill = sprintf("UPDATE users SET will = will - %s WHERE (userid = %u)", $will, $userid); $minusenergy = sprintf("UPDATE users SET energy = energy - %s WHERE (userid = %u)", $energy, $userid); $db->query($minusbrave); $db->query($minuswill); $db->query($minusenergy); if($chance == 1) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h3>You got shot by one of the security officers<br /></h3><a href='hospital.php'>>Go Back</a></font>"; $hospt = sprintf("UPDATE users SET hospital = hospital + %u WHERE (userid = %u)", $hospt, $userid); $hospr = sprintf("UPDATE `users` SET `hospreason` = '%s' WHERE (`userid` = '%u')", $hospr, $userid); $db->query($hospt); $db->query($hospr); } if($chance == 2) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h3>You got arrested by one of the security officers</h3><a href='jail.php'>>Go Back</a></font>"; $jailt = sprintf("UPDATE users SET jail = jail + %u WHERE (userid = %u)", $jailt, $userid); $jailr = sprintf("UPDATE `users` SET `jail_reason` = '%s' WHERE (`userid` = '%u')", $jailr, $userid); $db->query($jailt); $db->query($jailr); } if($chance == 3) { echo "<font color='red' style='text-decoration:underline; font-weight:bold;'><h3>You just missed a shot to your head and ran like a coward!</h3><br /><a href='bank.php'>>Go Back</a><font>"; } if($chance == 4) { $q = $db->query("SELECT robmoney FROM bank"); $var = $db->fetch_row($q); $money = mt_rand(0, $robmoney); echo "<font color='green' style='text-decoration:underline; font-weight:bold;'><h3>You earned $". $money ." from robbing the bank!</h3><br /><a href='bank.php'>>Go Back</a><font>"; $updatemoney = sprintf("UPDATE users SET money = money + %u WHERE (userid = %u)", $money, $userid); $removemoney = sprintf("UPDATE bank SET robmoney = robmoney - %u", $money); $closebank = sprintf("UPDATE bank SET robbery = robbery + %u", 1); $db->query($closebank); $db->query($removemoney); $db->query($updatemoney); } } $h->endpage(); ?> cron minute, five minutes or hour cron file - You can put this at the bottom of the file just before ?> $db->query("UPDATE bank SET robbery = 0"); Hope your enjoy this modification, I have not tested it yet. Please update me with any problems or bugs I will fix them as soon as possible!

Hello guys! I have been out for a while and had to start again with a new account unfortunately, well anyways I have coded a mini game nothing special. The user has to choose three numbers and if they get the correct number they will be credited with a random amount of money OR crystals. Call the file guess.php <?php include(__DIR__ . "/globals.php"); $n1 = 1; // - Minimum number $n2 = 30; // Maximum number $toplay = 50; // how much the person needs to play $number = mt_rand($n1, $n2); if(!isset($_POST['number1'])) { if($ir['money'] < $toplay) { echo "<h3><font color='red' style='font-weight:bold;'>You must have $" . $toplay . " to play!</font></h3><br /><a href='guess.php'>>Go back!</a>"; exit; } echo " <h4>Play the guess game here! Choose a number between <font color='orange' style='text-decoration:underline;'>" . $n1 . " - " . $n2 . "</font></h4>"; echo " <form action='guess.php' method='post'> Number 1: <input type='text' name='number1'><br /><br /> Number 2: <input type='text' name='number2'><br /><br /> Number 3: <input type='text' name='number3'><br /><br /> <input type='submit' value='Submit'>"; } else { if(!ctype_digit($_POST['number1']) || !ctype_digit($_POST['number2']) || !ctype_digit($_POST['number3'])) { echo "<h3><font color='red' style='font-weight:bold;'>Enter numbers in all fields!</font></h3><br /><a href='guess.php'>>Go back!</a>"; $h->endpage(); exit; } if($_POST['number1'] < $n1 || $_POST['number1'] > $n2) { echo "The first number you entered was too low/high - <br /><font color='red' style='font-weight:bold';>Enter numbers between {$n1} - {$n2}</font><br /> <a href='guess.php'><font color='red' style='text-decoration:underline; font-weight:bold;'>> Play Again!</font></a>"; $h->endpage(); exit; } if($_POST['number2'] < $n1 || $_POST['number2'] > $n2) { echo "The second number you entered was too low/high - <br /><font color='red' style='font-weight:bold';>Enter numbers between {$n1} - {$n2}</font><br /> <a href='guess.php'><font color='red' style='text-decoration:underline; font-weight:bold;'>> Play Again!</font></a>"; $h->endpage(); exit; } if($_POST['number3'] < $n1 || $_POST['number3'] > $n2) { echo "The third number you entered was too low/high - <br /><font color='red' style='font-weight:bold';>Enter numbers between {$n1} - {$n2}</font><br /> <a href='guess.php'><font color='red' style='text-decoration:underline; font-weight:bold;'>> Play Again!</font></a>"; $h->endpage(); exit; } $q = sprintf("UPDATE users SET money = money - %u WHERE (userid = %u)", $toplay, $userid); $db->query($q); if(in_array($number, array( $_POST['number1'], $_POST['number2'], $_POST['number3'] ))) { $money = "money"; $crystals = "crystals"; $credit = array( $money, $crystals ); $credited = $credit[mt_rand(0, count($credit) - 1)]; if($credited == $money) { $cmoney = mt_rand(100, 1000); $cmoney = number_format($cmoney); $credited = "$" . $cmoney; $q = sprintf("UPDATE users SET money = money + %u WHERE (userid = %u)", $cmoney, $userid); $db->query($q); } else if($credited == $crystals) { $ccrystals = mt_rand(1, 3); $ccrystals = number_format($ccrystals); $s = ($ccrystals == 1) ? '' : 's'; $credited = "{$ccrystals} crystal" . $s; $q = sprintf("UPDATE users SET crystals = crystals + %u WHERE (userid = %u)", $ccrystals, $userid); $db->query($q); } echo "<h3><font color='green'>Well done!</font></h3> You're number 1 - <font color='red' style='font-weight:bold;'>" . abs(@intval($_POST['number1'])) . "</font><br /> You're number 2 - <font color='red' style='font-weight:bold;'>" . abs(@intval($_POST['number2'])) . "</font><br /> You're number 3 - <font color='red' style='font-weight:bold;'>" . abs(@intval($_POST['number3'])) . "</font><br /> The random number - <font color='green' style='font-weight:bold;'>" . $number . "</font><br /> Well done! You have chosen the correct number!<br /> You have been credited <font color='blue' style='font-weight:bold';>{$credited}!</font><br /> <a href='guess.php'><font color='red' style='text-decoration:underline';>> Play Again!</font></a>"; } else { echo "<h3><font color='red'>Better luck next time!</font></h3> You're number 1 - <font color='red' style='font-weight:bold;'>" . $_POST['number1'] . "</font><br /> You're number 2 - <font color='red' style='font-weight:bold;'>" . $_POST['number2'] . "</font><br /> You're number 3 - <font color='red' style='font-weight:bold;'>" . $_POST['number3'] . "</font><br /> The random number - <font color='red' style='font-weight:bold;'>" . $number . "</font><br /> <font color='red' style='font-weight:bold';>Better luck next time! You have chosen the wrong number!</font><br /> <a href='guess.php'><font color='red' style='text-decoration:underline; font-weight:bold;'>> Play Again!</font></a>"; } } $h->endpage(); ?> I would appreciate it if you could give me some feedback on what you think and some rep ;)! I am also happy to help anyone that has any problems or needs any help just pm me!