My apologies for the late response, I was called away and it slipped my mind.
You've mixed $_POST into get methods and $_GET into post methods
First repair attempt for the issues I mentioned and cleaned up the formatting a little - slightly easier to read
<?php
/*------------includes--------------*/
include './includes/connections.php';
include './includes/brain_file.php';
include './includes/style_top.php';
/*------------includes--------------*/
echo "<center><main>Stockmarket</main><hr width='500px'>";
$q_ry = array();
$q_ry = "SELECT `stock_guide` FROM `members_extra` WHERE `playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."' AND `stock_guide` = 'yes'";
$guide = array();
$guide = mysql_query($q_ry);
if (!mysql_num_rows($guide)) {
echo "Sorry, you must purchase a stock guide from the bar exchange to access the stock market!
<hr width='500px'>><a href='city.php'>Okay</a><hr width='500px'>";
include './includes/style_bottom.php';
exit();
}
$q_ry = "UPDATE `stock_holdings` SET `bene` = '0'";
mysql_query($q_ry);
$q_ry = "SELECT * FROM `members_extra` WHERE `stock_guide` = 'yes'";
$members = mysql_query($q_ry);
while ($m = mysql_fetch_array($members)) {
$q_ry = 'SELECT * FROM `stock_benifits`';
$benifits = mysql_query($q_ry);
while ($b = mysql_fetch_array($benifits)) {
if ($b['sb_moneymin']) {
$cash = rand($b['sb_moneymin'], $b['sb_moneymax']);
}
$q_ry = "SELECT * FROM `stock_holdings` WHERE `sh_stockid` = '".mysql_real_escape_string($b['sb_id'])."' AND `sh_playerid` = '".mysql_real_escape_string($m['playerid'])."' AND `sh_sale` = '0' ORDER BY `sh_qty` DESC";
$shares = array();
$shares = mysql_query($q_ry);
$maybe = '0';
while ($r = mysql_fetch_array($shares)) {
if ($maybe <= 0) {
$q_ry = "UPDATE `stock_holdings` SET `bene` = '1' WHERE `sh_id` = ".$r['sh_id'].'';
mysql_query($q_ry);
++$maybe;
}
if (($r['sh_qty'] * $r['sh_payed']) <= $b['sb_minimum']) {
$q_ry = "UPDATE `stock_holdings` SET `bene` = '0' WHERE `sh_id` = ".$r['sh_id'].'';
mysql_query($q_ry);
--$maybe;
}
}
}
}
if ($_GET['action']) {
if (!in_array($_GET['action'], array('view', 'buyqty', 'buyprice', 'portfolio', 'sell', 'split', 'remove', 'stack'))) {
echo "Error, invalid action!
<hr width='500px'>><a href='city.php'>Back</a><hr width='500px'>";
include './includes/style_bottom.php';
exit();
}
}
$_GET['action'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? trim($_GET['action']) : 'index';
switch ($_GET['action']) {
case 'view':
stock_view();
break;
case 'stack':
stock_stack();
break;
case 'remove':
remove_stocks();
break;
case 'sell':
sell_stocks();
break;
case 'split':
split_stocks();
break;
case 'portfolio':
port_stocks();
break;
case 'buyprice':
price_stocks();
break;
case 'buyqty':
qty_stocks();
break;
default:
stock_home();
break;
}
function split_stocks()
{
global $pl;
echo "> <a href='stockmarket.php?action=portfolio'>Back</a><hr width='500px'>";
$_GET['XID'] = abs(intval($_GET['XID']));
$_POST['amount'] = abs(intval($_POST['amount']));
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings`
WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."'
AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
if (!mysql_num_rows($thisshare)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if (!$_POST['amount']) {
$ts = array();
$ts = mysql_fetch_array($thisshare);
echo 'Enter how many shares you would like to remove from this block, and place in a new block.<br>
This can be used to create new blocks of shares to sell, without selling your entire block.<br/><br>
<i>For example, if you have one stock of 100 shares, you can split it by entering 40 to create two separate blocks; a new block of 40, reducing your current block to 60.</i><br><br>
This block contains <b>'.number_format($ts['sh_qty'])."</b> shares.
<form method='post' action='stockmarket.php?action=split&XID={$_GET['XID']}'>
<table width = '300px'><tr><td align = 'center' width='50%'>
<input type=text name='amount' size=10 maxlength=20 value=''><br><input type=submit value=Continue>";
} else {
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings`
WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."'
AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
$ts = array();
$ts = mysql_fetch_array($thisshare);
if ('1' == $ts['sh_sale']) {
echo 'Sorry these must be removed from the selling market first before you can stack them.';
exit();
}
if ($_POST['amount'] <= 0) {
echo'Error, you must enter a positive number!';
include './includes/style_bottom.php';
exit();
}
if ($ts['sh_qty'] < $_POST['amount']) {
echo'Error, you dont have this many shares!';
include './includes/style_bottom.php';
exit();
} else {
mysql_query("UPDATE `stock_holdings`
SET `sh_qty` = `sh_qty` - '".mysql_real_escape_string($_POST['amount'])."'
WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."'");
$q_ry = "INSERT INTO `stock_holdings`
VALUES('NULL',
'".mysql_real_escape_string($_SESSION['playerid'])."',
'".mysql_real_escape_string($ts['sh_stockid'])."',
'".mysql_real_escape_string($_POST['amount'])."',
'".mysql_real_escape_string($ts['sh_nowprice'])."',
'".mysql_real_escape_string($ts['sh_nowprice'])."',
unix_timestamp(),
'0',
'0',
'0')";
mysql_query($q_ry);
}
echo 'Shares have been split!';
}
}
echo "<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Back</a><hr width = '500px'>";
}
}
function stock_stack()
{
global $pl;
echo "> <a href='stockmarket.php?action=portfolio'>Back</a><hr width='500px'>";
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings`
WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."'
AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
if (!mysql_num_rows($thisshare)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if (!$_GET['step']) {
echo "Are you sure you wish to stack <b>all</b> of this stock?<br/>
<table width = '300px'><tr><td align = 'center' width='50%'>
> <a href='stockmarket.php?action=stack&XID={$_GET['XID']}&step=1'>Yes</a></td>
<td align = 'center' width='50%'>
> <a href='stockmarket.php?action=portfolio'>No</a></td></tr></table>";
} else {
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings`
WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."'
AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
$ts = array();
$ts = mysql_fetch_array($thisshare);
if ('1' == $ts['sh_sale']) {
echo 'Sorry these must be removed from the selling market first before you can stack them.';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings`
WHERE `sh_stockid` = '".mysql_real_escape_string($ts['sh_stockid'])."'
AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'
AND `sh_sale` != '1'";
$thisshar = array();
$thisshar = mysql_query($q_ry);
$t = array();
$cost = '0';
if (!mysql_num_rows($thisshar)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
}
while ($t = mysql_fetch_array($thisshar)) {
$cost += $t['sh_qty'];
mysql_query("DELETE FROM `stock_holdings`
WHERE `sh_id` = '".mysql_real_escape_string($t['sh_id'])."'");
}
$q_ry = "INSERT INTO `stock_holdings`
VALUES('NULL',
'".mysql_real_escape_string($_SESSION['playerid'])."',
'".mysql_real_escape_string($ts['sh_stockid'])."',
'".mysql_real_escape_string($cost)."',
'".mysql_real_escape_string($ts['sh_payed'])."',
'".mysql_real_escape_string($ts['sh_nowprice'])."',
unix_timestamp(),
'0',
'0',
'0')";
mysql_query($q_ry);
echo 'Shares have been stacked!';
}
}
echo "<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Back</a><hr width = '500px'>";
}
}
}
function stock_home()
{
global $pl;
echo "> <a href='city.php'>Back</a><hr width='500px'>
".round_table('500')."
<table width = '100%'>
<tr>
<td bgcolor = '#DfDfDf' align = 'center'>
<br>
> <a href='stockmarket.php?action=portfolio'>Your Portfolio</a>
<br><br></td></tr></table>
".end_round().round_table('500')."
<table width = '100%'>
<tr bgcolor = '#999999' style = 'text-align:center; font-weight:800;'>
<td width='1%'><b>Stock Logo</b></td>
<td width='33%'>Stock Price</td>
<td width='1%'>Last 24 hours</td>
</tr>";
$q_ry = array();
$q_ry = 'SELECT * FROM `stock_market` ORDER BY `s_price` DESC';
$stocks = array();
$stocks = mysql_query($q_ry);
$s = array();
$i = 0;
while ($s = mysql_fetch_array($stocks)) {
++$i;
if ($i % 2) {
$color = '#e3e3e3';
} else {
$color = '#D8D8D8';
}
echo "<tr bgcolor = $color>
<td width='1%'>
<a href='stockmarket.php?action=view&XID=".$s['s_id']."'>
<img src='images/stocks/s".$s['s_id'].".png' border='0' width = '125px'></a>
</td>
<td align = 'center'>
<table width = '90%'>
<tr><td width = '45%' align = 'left'><b>Stock price</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <b>\$".number_format($s['s_price'], 2).'</b></td></tr>';
$q_ry = array();
$q_ry = "SELECT * FROM `stock_history` WHERE `h_stock` = '".mysql_real_escape_string($s['s_id'])."' ORDER BY `h_id` DESC LIMIT 1";
$changes = array();
$changes = mysql_fetch_array(mysql_query($q_ry));
if ('up' == $changes['h_upordown']) {
echo "<tr><td width = '45%' align = 'left'><b>Price Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <font color=green><b>".number_format($changes['h_change'], 3)."</b></font>
<img src=images/stocks/sup.png border=0 alt='Up'>
</td></tr>
<tr><td width = '45%' align = 'left'><b>% Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <font color=green><b>".number_format((($changes['h_change'] / $s['s_price']) * 100), 3)."%</b></font>
<img src=images/stocks/sup.png border=0 alt='Up'></td></tr></table>
</td>";
} elseif ('down' == $changes['h_upordown']) {
echo "<tr><td width = '45%' align = 'left'><b>Price Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <font color=red><b>".number_format($changes['h_change'], 3)."</b></font>
<img src=images/stocks/sdown.png border=0 alt='Down'>
</td></tr>
<tr><td width = '45%' align = 'left'><b>% Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <font color=red><b>".number_format((($changes['h_change'] / $s['s_price']) * 100), 3)."%</b></font>
<img src=images/stocks/sdown.png border=0 alt='Down'></td></tr></table>
</td>";
} else {
echo "<tr><td width = '45%' align = 'left'><b>Price Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <b>".number_format($changes['h_change'], 3)."</b></font>
<img src=images/stocks/sstatic.png border=0 alt='No change'>
</td></tr>
<tr><td width = '45%' align = 'left'><b>% Change</b> </td><td width = '10%' align = 'center'>-</td><td width = '45%' align = 'right'> <b>".number_format((($changes['h_change'] / $s['s_price']) * 100), 3)."%</b>
<img src=images/stocks/sstatic.png border=0 alt='No change'></td></tr></table>
</td>";
}
echo "<td bgcolor=#DFDFDF>
<a href='stockmarket.php?action=view&XID=".$s['s_id']."'>
<img src='thumb.php?s=".$s['s_id']."' border='0'></a></td>
</tr>
<tr bgcolor=$color><td colspan=8> </td></tr>";
}
echo '</table>'.end_round()."<br><hr width='500px'>> <a href=city.php>Back</a><hr width='500px'></center>";
}
function stock_view()
{
global $pl;
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['XID']) {
echo "Error, invalid ID!<hr width = '500px'>><a href='stockmarket.php'>Back</a><hr width = '500px'>";
} else {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_market` WHERE `s_id` = '".mysql_real_escape_string($_GET['XID'])."'";
$stocks = array();
$stocks = mysql_query($q_ry);
if (!mysql_num_rows($stocks)) {
echo "Error, invalid ID!<hr width = '500px'>><a href='stockmarket.php'>Back</a><hr width = '500px'>";
} else {
$s = array();
$s = mysql_fetch_array($stocks);
echo "> <a href='stockmarket.php?action=portfolio'>Back</a><hr width='500px'><br>
".round_table('500')."
<table width='100%' cellspacing='0' bgcolor = '#E3E3E3'>
<tr><td align = 'center'>
<img src='".$s['s_image']."' border='0' width = '450px'>
<table width='100%'>
<tr bgcolor = '#FFFFFF'><td align = 'left'><center>
<font color=#000000><b>",htmlentities($s['s_name']),' (',htmlentities($s['s_acronym']),')</b></font>
</center>
<br>',$s['s_desc'],"</td></tr></table><br>
</td></tr><tr><td>
<br>
<table width='100%'><tr><td width='50%' valign='top'>
<table width='100%'>
<tr><td width='40%'>
<b>Acronym:</b></td><td>",htmlentities($s['s_acronym']),"</td></tr>
<tr><td colspan=2><hr width='100%'></td></tr>
<tr><td><b>Director:</b></td><td>".htmlentities($s['s_direct'])."</td></tr>
<tr><td colspan='2'><hr width='100%'></td></tr>
<tr><td><b>Forecast:</b></td><td>";
$q_ry = array();
$q_ry = "SELECT `h_upordown` FROM `stock_history` WHERE `h_stock` = '".mysql_real_escape_string($_GET['XID'])."' ORDER BY `h_id` DESC LIMIT 96";
$hist = array();
$hist = mysql_query($q_ry);
$h = array();
$total = 0;
while ($h = mysql_fetch_array($hist)) {
if ('up' == $h['h_upordown']) {
++$total;
}
if ('none' == $h['h_upordown']) {
++$total;
}
if ('down' == $h['h_upordown']) {
--$total;
}
}
if ($total >= '72') {
echo 'Excelent';
} elseif ($total >= '48') {
echo 'Good';
} elseif ($total >= '24') {
echo 'Average';
} elseif ($total > '0') {
echo 'Bad';
} else {
echo 'Poor';
}
echo "</td></tr>
<tr><td colspan='2'><hr width='100%'></td></tr>
<tr><td><b>Demand:</b></td><td>";
if (!$s['s_available']) {
echo 'High';
} elseif (!$s['s_sold']) {
echo 'Low';
} else {
echo 'Average';
}
echo "</td></tr>
</table>
</td><td width='50%' valign='top'>
<table width='100%'>
<tr><td width='40%'><b>Current price:</b></td><td>\$".number_format($s['s_price'], 4)."</td></tr>
<tr><td colspan='2'><hr width='100%'></td></tr>
<tr><td><b>Market cap:</b></td><td>".money_alter($s['s_price'] * ($s['s_sold'] + $s['s_available']))."</td></tr>
<tr><td colspan='2'><hr width='100%'></td></tr>
<tr><td><b>Total shares:</b></td><td>".number_format($s['s_sold'] + $s['s_available']).'</td></tr><tr><td colspan=2><hr width=100%></td></tr>
<tr><td><b>Shares for sale:</b></td><td>'.number_format($s['s_available'])."</td></tr>
</table>
<br>
</td></tr></table>
</td></tr>
<tr><td><center><br><hr width = 250px>
><a onClick=\"showHistory(24)\">View/Hide last 24 hours</a><br><hr width = 250px>
<div id = '24graph' style = 'display:none;'>
<font color= '#000000'><b>Stock performance chart (24 hours)</b></font><br/>
<img src='24graph.php?s=".$s['s_id']."'>
<br>
</div>
</td></tr>
<tr><td align = 'center'>
<div id = '24ticks' style = 'display:none;'><br>
<font color=#000000><b>Latest price changes in the past 24 hours</b></font><br>
<table width='100%'><tr><td width = '33%' valign = 'top'>
<table width='100%'>";
$q_ry = array();
$q_ry = "SELECT * FROM `stock_history` WHERE `h_stock` = '".mysql_real_escape_string($s['s_id'])."' ORDER BY `h_id` DESC LIMIT 32";
$stoc = array();
$stoc = mysql_query($q_ry);
$st = array();
while ($st = mysql_fetch_array($stoc)) {
echo '<tr><td align=left width=25%><b>'.date('h', $st['h_time']).':'.date('i', $st['h_time']).'</b></td>
<td align=center width=25%>$'.number_format($st['h_price'], 2).'</td>
<td align=right width=33%>';
if ('up' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=green>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sup.png border=0></td></tr>';
} else {
echo '<font color=green>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sup.png border=0></td></tr>';
}
} elseif ('down' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=red>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sdown.png border=0></td></tr>';
} else {
echo '<font color=red>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sdown.png border=0></td></tr>';
}
} else {
echo ''.number_format($st['h_change'], 2).' <img src=images/stocks/sstatic.png border=0></td></tr>';
}
}
echo "</table>
</td><td width = '33%' valign = 'top'>
<table width=100%>";
$q_ry = array();
$q_ry = "SELECT * FROM `stock_history` WHERE `h_stock` = '".mysql_real_escape_string($s['s_id'])."' ORDER BY `h_id` DESC LIMIT 32,32";
$stoc = array();
$stoc = mysql_query($q_ry);
$st = array();
while ($st = mysql_fetch_array($stoc)) {
echo '<tr><td align=left width=25%><b>'.date('h', $st['h_time']).':'.date('i', $st['h_time']).'</b></td>
<td align=center width=25%>$'.number_format($st['h_price'], 2).'</td>
<td align=right width=33%>';
if ('up' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=green>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sup.png border=0></td></tr>';
} else {
echo '<font color=green>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sup.png border=0></td></tr>';
}
} elseif ('down' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=red>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sdown.png border=0></td></tr>';
} else {
echo '<font color=red>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sdown.png border=0></td></tr>';
}
} else {
echo ''.number_format($st['h_change'], 2).' <img src=images/stocks/sstatic.png border=0></td></tr>';
}
}
echo "</table>
</td><td width = '33%' valign = 'top'>
<table width=100%>";
$q_ry = array();
$q_ry = "SELECT * FROM `stock_history` WHERE `h_stock` = '".mysql_real_escape_string($s['s_id'])."' ORDER BY `h_id` DESC LIMIT 64,32";
$stoc = array();
$stoc = mysql_query($q_ry);
$st = array();
while ($st = mysql_fetch_array($stoc)) {
echo '<tr><td align=left width=25%><b>'.date('h', $st['h_time']).':'.date('i', $st['h_time']).'</b></td>
<td align=center width=25%>$'.number_format($st['h_price'], 2).'</td>
<td align=right width=33%>';
if ('up' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=green>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sup.png border=0></td></tr>';
} else {
echo '<font color=green>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sup.png border=0></td></tr>';
}
} elseif ('down' == $st['h_upordown'] && '0.0000' != $st['h_change']) {
if ($st['h_change'] > '0.0009') {
echo '<font color=red>'.number_format($st['h_change'], 3).'</font><img src=images/stocks/sdown.png border=0></td></tr>';
} else {
echo '<font color=red>'.number_format($st['h_change'], 4, '.', '').'</font><img src=images/stocks/sdown.png border=0></td></tr>';
}
} else {
echo ''.number_format($st['h_change'], 2).' <img src=images/stocks/sstatic.png border=0></td></tr>';
}
}
echo "</table></div>
</td></tr></table>
<br></td></tr>
<tr><td><center><br>
<table width=100%><tr><td><center>
<font color=#000000><b>Stock performance chart (7 days)</b></font></td></tr></table>
<img src='7graph.php?s={$s['s_id']}'>
<br>
</td></tr>
<br></td></tr>
<tr><td><center><br>
<table width=100%><tr><td><center>
<font color=#000000><b>Stock performance chart (1 month)</b></font></td></tr></table>
<img src='31graph.php?s={$s['s_id']}'>
<br>
</td></tr>
<br></td></tr>
<tr><td><center><br>
<table width=100%><tr><td><center>
<font color=#000000><b>Stock performance chart (6 months)</b></font></td></tr></table>
<img src='6graph.php?s={$s['s_id']}'>
<br>
</td></tr>
<tr><td>
<br>
<center><font color=#000000><b>Buy shares in this company</a></b></font>
<br><br>
<table width=100%><tr><td bgcolor=#CCCCCC width=45% align = 'center'>
<form method='post' action='stockmarket.php?action=buyqty&XID={$_GET['XID']}'>
<br>Enter how many shares you would like to buy.<br><br>
<input type=text name='amount' size=10 maxlength=20 value=''><br><input type=submit value=Continue>
</form>
</td><td width=10% bgcolor=#CCCCCC align = 'center'><b>--OR--</b>
</td><td bgcolor=#CCCCCC width=45% align = 'center'>
<form method='post' action='stockmarket.php?action=buyprice&XID={$_GET['XID']}'>
<br>Enter how much money you would like to invest.<br><br>
<input type=text name='amount' size=10 maxlength=20 value=''><br>
<input type=submit value=Continue></form>
</td></tr></table></div>
</td></tr>
</table>".end_round()."
<br><br><hr width='500px'>> <a href=city.php>Back</a><hr width='500px'>";
}
}
}
function price_stocks()
{
global $pl, $q_ry, $stock, $s, $i, $qtyget, $costing, $sf, $total, $earn, $message;
$_GET['amount'] = abs(intval($_GET['amount']));
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['amount']) {
echo "Error, you must select an ammount you wish to pay first.<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
include './includes/style_bottom.php';
exit();
}
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_market` WHERE `s_id` = '".mysql_real_escape_string($_GET['XID'])."'";
$stock = array();
$stock = mysql_query($q_ry);
$s = array();
$s = mysql_fetch_array($stock);
if (!mysql_num_rows($stock)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if ($_GET['amount'] < $s['s_price']) {
echo "Sorry, you must select more or the same as the stock price.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
$qtyget = 0;
for ($i = $_GET['amount']; $i >= $s['s_price']; $i -= $s['s_price']) {
++$qtyget;
if ($qtyget >= $s['s_available']) {
break;
}
}
if ($s['s_available'] <= '0') {
echo "Sorry, there is no available stocks at this time.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
$costing = $s['s_price'] * $qtyget;
if ($costing > $pl['wallet']) {
echo "Sorry, you dont have this much money for stocks.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
if (!$_POST['continue']) {
echo 'With <b>'.money_alter($costing).'</b> you can buy a total of <b>'.$qtyget.'</b> stocks in <b>'.$s['s_acronym']."</b>.<br/>
Are you sure you wish to continue?<br/>
<form action = 'stockmarket.php?action=buyprice&XID=".$_GET['XID'].'&amount='.$_GET['amount']."' method = 'post'>
<input type = 'submit' name = 'continue' value = 'Buy these stocks'>
</form>
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
//For loop
$total = 0;
for ($i = 1; $total < $qtyget; ++$i) {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_holdings` WHERE `sh_stockid` = '".mysql_real_escape_string($s['s_id'])."' AND `sh_sale` = '1' ORDER BY `sh_time` ASC LIMIT 1";
$sf = array();
$sf = mysql_fetch_array(mysql_query($q_ry));
if ($sf['sh_qty'] > ($qtyget - $total)) {
//Take some of them
mysql_query("UPDATE `members` SET `wallet` = (`wallet` + '".mysql_real_escape_string($sf['sh_nowprice'] * ($qtyget - $total))."') WHERE `playerid` = '".mysql_real_escape_string($sf['sh_playerid'])."'");
mysql_query("UPDATE `stock_holdings` SET `sh_qty` = (`sh_qty` - '".mysql_real_escape_string($qtyget - $total)."') WHERE `sh_id` = '".mysql_real_escape_string($sf['sh_id'])."'");
$earn = money_alter($sf['sh_nowprice'] * ($qtyget - $total));
$message = 'Someone has purchased <b>'.number_format($qtyget - $total).'</b> of your <b>'.$s['s_acronym'].'</b> stocks from you for a total of '.$earn.'.';
in_event($sf['sh_playerid'], $message);
break;
} elseif ($sf['sh_qty'] <= ($qtyget - $total)) {
//Buy the lot
mysql_query("UPDATE `members` SET `wallet` = (`wallet` + '".mysql_real_escape_string($sf['sh_nowprice'] * $sf['sh_qty'])."') WHERE `playerid` = '".mysql_real_escape_string($sf['sh_playerid'])."'");
mysql_query("DELETE FROM `stock_holdings` WHERE `sh_id` = '".mysql_real_escape_string($sf['sh_id'])."'");
$earn = money_alter($sf['sh_nowprice'] * $sf['sh_qty']);
$message = 'Someone has purchased <b>'.number_format($sf['sh_qty']).'</b> of your <b>'.$s['s_acronym'].'</b> stocks from you for a total of '.$earn.'.';
in_event($sf['sh_playerid'], $message);
$total += $sf['sh_qty'];
}
}//For loop
$q_ry = "UPDATE `stock_market` SET `s_available` = `s_available` - '".mysql_real_escape_string($qtyget)."', `s_sold` = `s_sold` + '".mysql_real_escape_string($qtyget)."' WHERE `s_id` = '".mysql_real_escape_string($s['s_id'])."'";
mysql_query($q_ry);
stock_credit($s['s_id'], $qtyget);
$q_ry = "UPDATE `members` SET `wallet` = `wallet` - '".mysql_real_escape_string($costing)."' WHERE `playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
mysql_query($q_ry);
$q_ry = "UPDATE `members` SET `wallet` = '0' WHERE `playerid` = '3'";
mysql_query($q_ry);
$q_ry = "INSERT INTO `stock_holdings` VALUES('NULL', '".mysql_real_escape_string($_SESSION['playerid'])."', '".mysql_real_escape_string($s['s_id'])."', '".mysql_real_escape_string($qtyget)."', '".mysql_real_escape_string($s['s_price'])."', '".mysql_real_escape_string($s['s_price'])."', unix_timestamp(), '0', '0', '0')";
mysql_query($q_ry);
echo 'You have bought '.number_format($qtyget).' <b>'.$s['s_acronym'].'</b> for '.money_alter($costing)."!<br/>
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
echo '<script language=javascript>var origm = '.$pl['wallet'].'; var newm = origm - '.$costing."; timer = setInterval('minCash();', 100);</script>";
}
}
}
}
}
}
}
function qty_stocks()
{
global $pl;
$_GET['amount'] = abs(intval($_GET['amount']));
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['amount']) {
echo "Error, you must select an ammount you wish to pay first.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
include './includes/style_bottom.php';
exit();
}
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_market`WHERE `s_id` = '".mysql_real_escape_string($_GET['XID'])."'";
$stock = array();
$stock = mysql_query($q_ry);
$s = array();
$s = mysql_fetch_array($stock);
if (!mysql_num_rows($stock)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if ($_GET['amount'] > $s['s_available']) {
echo "Sorry, you cannot buy this many stocks, there is not this many available!
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
$qtyget = 0;
for ($i = ($_GET['amount'] * $s['s_price']); $i >= $s['s_price']; $i -= $s['s_price']) {
++$qtyget;
if ($qtyget >= $s['s_available']) {
break;
}
}
if ($s['s_available'] <= '0') {
echo "Sorry, there is no available stocks at this time.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
$costing = $s['s_price'] * $qtyget;
if ($costing > $pl['wallet']) {
echo "Sorry, you dont have this much money for stocks.
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
if (!$_POST['continue']) {
echo 'With <b>'.money_alter($costing).'</b> you can buy a total of <b>'.$qtyget.'</b> stocks in <b>'.$s['s_acronym']."</b>.<br/>
Are you sure you wish to continue?<br/>
<form action = 'stockmarket.php?action=buyqty&XID=".$_GET['XID'].'&amount='.$_GET['amount']."' method = 'post'>
<input type = 'submit' name = 'continue' value = 'Buy these stocks'>
</form>
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
} else {
//For loop
$total = 0;
for ($i = 1; $total < $qtyget; ++$i) {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_holdings` WHERE `sh_stockid` = '".mysql_real_escape_string($s['s_id'])."' AND `sh_sale` = '1' ORDER BY `sh_time` ASC LIMIT 1";
$sf = array();
$sf = mysql_fetch_array(mysql_query($q_ry));
if ($sf['sh_qty'] > ($qtyget - $total)) {
//Take some of them
mysql_query("UPDATE `members` SET `wallet` = (`wallet` + '".mysql_real_escape_string($sf['sh_nowprice'] * ($qtyget - $total))."') WHERE `playerid` = '".mysql_real_escape_string($sf['sh_playerid'])."'");
mysql_query("UPDATE `stock_holdings` SET `sh_qty` = (`sh_qty` - '".mysql_real_escape_string($qtyget - $total)."') WHERE `sh_id` = '".mysql_real_escape_string($sf['sh_id'])."'");
$earn = money_alter($sf['sh_nowprice'] * ($qtyget - $total));
$message = 'Someone has purchased <b>'.number_format($qtyget - $total).'</b> of your <b>'.$s['s_acronym'].'</b> stocks from you for a total of '.$earn.'.';
in_event($sf['sh_playerid'], $message);
break;
} elseif ($sf['sh_qty'] <= ($qtyget - $total)) {
//Buy the lot
mysql_query("UPDATE `members` SET `wallet` = (`wallet` + '".mysql_real_escape_string($sf['sh_nowprice'] * $sf['sh_qty'])."') WHERE `playerid` = '".mysql_real_escape_string($sf['sh_playerid'])."'");
mysql_query("DELETE FROM `stock_holdings` WHERE `sh_id` = '".mysql_real_escape_string($sf['sh_id'])."'");
$earn = money_alter($sf['sh_nowprice'] * $sf['sh_qty']);
$message = 'Someone has purchased <b>'.number_format($sf['sh_qty']).'</b> of your <b>'.$s['s_acronym'].'</b> stocks from you for a total of '.$earn.'.';
in_event($sf['sh_playerid'], $message);
$total += $sf['sh_qty'];
}
}//For loop
$q_ry = array();
$q_ry = "UPDATE `stock_market` SET `s_available` = `s_available` - '".mysql_real_escape_string($qtyget)."', `s_sold` = `s_sold` + '".mysql_real_escape_string($qtyget)."' WHERE `s_id` = '".mysql_real_escape_string($s['s_id'])."'";
mysql_query($q_ry);
stock_credit($s['s_id'], $qtyget);
$q_ry = array();
$q_ry = "UPDATE `members` SET `wallet` = `wallet` - '".mysql_real_escape_string($costing)."' WHERE `playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
mysql_query($q_ry);
$q_ry = "INSERT INTO `stock_holdings` VALUES('NULL', '".mysql_real_escape_string($_SESSION['playerid'])."', '".mysql_real_escape_string($s['s_id'])."', '".mysql_real_escape_string($qtyget)."', '".mysql_real_escape_string($s['s_price'])."', '".mysql_real_escape_string($s['s_price'])."', unix_timestamp(), '0', '0', '0')";
mysql_query($q_ry);
echo 'You have bought '.number_format($qtyget).' <b>'.$s['s_acronym'].'</b> for '.money_alter($costing)."!<br/>
<hr width ='500px'>><a href='stockmarket.php?action=view&XID={$_GET['XID']}'>Okay</a><hr width ='500px'>";
}
}
}
}
}
}
}
function port_stocks()
{
global $pl;
$q_ry = array();
$q_ry = "SELECT *
FROM `stock_holdings` sh
LEFT JOIN `stock_market` sm ON sh.sh_stockid = sm.s_id
WHERE sh.sh_playerid = '".mysql_real_escape_string($_SESSION['playerid'])."'
ORDER BY `sh_stockid`, `sh_qty` DESC";
$share = array();
$share = mysql_query($q_ry);
if (!mysql_num_rows($share)) {
echo "You dont have have any shares to view.<hr width='500px'/>
> <a href='index.php'>Back</a><hr width = '500px'/>";
include './includes/style_bottom.php';
exit();
} else {
echo "> <a href=stockmarket.php>Back</a><hr width='500px'>
".round_table('500')."
<table width='100%'><tr bgcolor=#999999>
<td width='15%' align = 'center'><b>Stock Logo</center></b></td>
<td width='20%' align = 'center'><b>Current price</center></b></td>
<td width='20%' align = 'center'><b>Bought price</center></b></td>
<td width='20%' align = 'center'><b>Price Change</center></b></td>
<td width='20%' align = 'center'><b>% Change</b></td>
</tr>";
$s = array();
while ($s = mysql_fetch_array($share)) {
echo "<tr>
<td bgcolor=#CCCCCC rowspan=4 valign=center>
<a href='stockmarket.php?action=view&XID=".$s['s_id']."'>
<img src='images/stocks/s".$s['s_id'].".png' border='0' width = '125px' onmouseover=\"zxcZoom(this,'images/stocks/s".$s['s_id'].".png',250,126,3,'C');\" onmouseout=\"javascript:zxcZoom(this);\"></a></td>
<td bgcolor = '#DFDFDF' align = 'center'>\$".number_format(($s['sh_nowprice']), 3)."</td>
<td bgcolor = '#DFDFDF' align = 'center'>\$".number_format(($s['sh_payed']), 3)."</td>
<td bgcolor = '#DFDFDF' align = 'center'>";
if ($s['sh_payed'] < $s['sh_nowprice']) {
echo '<font color=green><b>'.number_format(($s['sh_nowprice'] - $s['sh_payed']), 3)."</b></font><img src=images/stocks/sup.png border=0 alt='Up'>";
echo "</td>
<td align = 'center' bgcolor = '#DFDFDF'>
<font color=green><b>".number_format(((($s['sh_nowprice'] - $s['sh_payed']) / $s['sh_payed']) * 100), 3)."%</b></font>
<img src=images/stocks/sup.png border=0 alt='Up'>
</td>";
} elseif ($s['sh_payed'] > $s['sh_nowprice']) {
echo '<font color=red><b>'.number_format(($s['sh_payed'] - $s['sh_nowprice']), 3)."</b></font><img src=images/stocks/sdown.png border=0 alt='Down'>";
echo "</td>
<td align = 'center' bgcolor = '#DFDFDF'>
<font color=red><b>".number_format(((($s['sh_nowprice'] - $s['sh_payed']) / $s['sh_payed']) * 100), 3)."%</b></font>
<img src=images/stocks/sdown.png border=0 alt='Down'>
</td>";
} else {
echo '<b>'.number_format(0.0000, 3)."</b></font><img src=images/stocks/sstatic.png border=0 alt='No change'>";
echo "</td>
<td align = 'center' bgcolor = '#DFDFDF'>
<b>".number_format(((0.0000 / $s['s_price']) * 100), 3)."%</b>
<img src=images/stocks/sstatic.png border=0 alt='No change'>
</td>";
}
echo '</td></tr>
<tr>
<td colspan=2 bgcolor=#DFDFDF><center><b>Worth:</b> '.money_alter($s['sh_nowprice'] * $s['sh_qty']).'</td>
<td colspan=2 bgcolor=#DFDFDF><center><b>Shares:</b> '.number_format($s['sh_qty'])."</td>
</tr>
<tr>
<td colspan=2 bgcolor=#DFDFDF align = 'center'>".date('j/m/y', $s['sh_time']).' - '.date('g:i:s', $s['sh_time']).'</td></td>';
echo "<td colspan=2 bgcolor=#DFDFDF align = 'center'>";
if ('0' == $s['sh_sale']) {
echo "[<a href='stockmarket.php?action=sell&XID={$s['sh_id']}'>Sell</a>]";
echo "[<a href='stockmarket.php?action=stack&XID={$s['sh_id']}'>Stack</a>]";
echo "[<a href='stockmarket.php?action=split&XID={$s['sh_id']}'>Split</a>]";
if ('1' == $s['bene']) {
echo'<br><b>Benefit Block</b>';
}
} else {
echo "[<a href='stockmarket.php?action=remove&XID={$s['sh_id']}'>Remove</a>]";
}
echo '</td>
</tr><tr bgcolor=#DFDFDF><td colspan=8> </td></tr>';
}
echo '</table>'.end_round().'<hr width=500px>><a href=stockmarket.php>Back</a><hr width=500px></center>';
}
}
function sell_stocks()
{
global $pl;
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_holdings` WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."' AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
if (!mysql_num_rows($thisshare)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if (!$_GET['step']) {
echo "Are you sure you wish to sell this stock on the stockmarket?<br/>
<table width = '300px'><tr><td align = 'center' width='50%'>
> <a href='stockmarket.php?action=sell&XID={$_GET['XID']}&step=1'>Yes</a></td>
<td align = 'center' width='50%'>
> <a href='stockmarket.php?action=portfolio'>No</a></td></tr></table>";
} else {
$ts = array();
$ts = mysql_fetch_array($thisshare);
if ('1' == $ts['sh_sale']) {
echo "These stocks are already for sale, you may remove them if you wish by clicking remove.
<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Okay</a><hr width = '500px'>";
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "UPDATE `stock_holdings` SET `sh_sale` = '1', `sh_saletime` = '".mysql_real_escape_string(time())."', `bene` = '0' WHERE `sh_id` = '".mysql_real_escape_string($ts['sh_id'])."'";
mysql_query($q_ry);
$q_ry = array();
$q_ry = "UPDATE `stock_market` SET `s_available` = `s_available` + '".mysql_real_escape_string($ts['sh_qty'])."', `s_sold` = `s_sold` - '".mysql_real_escape_string($ts['sh_qty'])."' WHERE `s_id` = '".mysql_real_escape_string($ts['sh_stockid'])."'";
mysql_query($q_ry);
stock_remove($ts['sh_stockid'], $ts['sh_qty']);
echo 'Shares have been added to the market. Please wait and we will send you an event when they have sold.';
}
}
echo "<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Back</a><hr width = '500px'>";
}
}
}
function remove_stocks()
{
global $pl;
$_GET['XID'] = abs(intval($_GET['XID']));
if (!$_GET['XID']) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "SELECT * FROM `stock_holdings` WHERE `sh_id` = '".mysql_real_escape_string($_GET['XID'])."' AND `sh_playerid` = '".mysql_real_escape_string($_SESSION['playerid'])."'";
$thisshare = array();
$thisshare = mysql_query($q_ry);
if (!mysql_num_rows($thisshare)) {
echo 'Invalid ID!';
include './includes/style_bottom.php';
exit();
} else {
if (!$_GET['step']) {
echo "Are you sure you wish to remove this stock from the stockmarket?<br/>
<table width = '300px'><tr><td align = 'center' width='50%'>
> <a href='stockmarket.php?action=remove&XID={$_GET['XID']}&step=1'>Yes</a></td>
<td align = 'center' width='50%'>
> <a href='stockmarket.php?action=portfolio'>No</a></td></tr></table>";
} else {
$ts = array();
$ts = mysql_fetch_array($thisshare);
if ('0' == $ts['sh_sale']) {
echo "These stocks are not on the market for sale!
<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Okay</a><hr width = '500px'>";
include './includes/style_bottom.php';
exit();
} else {
$q_ry = array();
$q_ry = "UPDATE `stock_holdings` SET `sh_sale` = '0', `sh_saletime` = '".mysql_real_escape_string(time())."' WHERE `sh_id` = '".mysql_real_escape_string($ts['sh_id'])."'";
mysql_query($q_ry);
$q_ry = array();
$q_ry = "UPDATE `stock_market` SET `s_available` = `s_available` - '".mysql_real_escape_string($ts['sh_qty'])."', `s_sold` = `s_sold` + '".mysql_real_escape_string($ts['sh_qty'])."' WHERE `s_id` = '".mysql_real_escape_string($ts['sh_stockid'])."'";
mysql_query($q_ry);
stock_credit($ts['sh_stockid'], $ts['sh_qty']);
echo 'Shares have been removed from the market.';
}
}
echo "<hr width = '500px'>> <a href='stockmarket.php?action=portfolio'>Back</a><hr width = '500px'>";
}
}
}
include './includes/style_bottom.php';
?>
<script type = 'text/javascript'>
function showHistory(elem) {
var elem = elem + "graph";
if(elem == '24graph')
{
var elem2 = document.getElementById('24ticks');
if(elem2.style.display == "block") {
elem2.style.display = "none";
}
else {
elem2.style.display = "block";
}
}
elem = document.getElementById(elem);
if(elem.style.display == "block") {
elem.style.display = "none";
}
else {
elem.style.display = "block";
}
}
</script>
