Magictallguy

That's right people! It's Christmas time, which means Christmas reductions. Right now, you get 33% off for anything you want from me! That's just $10 per hour! Even less if I complete it in less time! (Base charge of $5) All you need to do is tell me, in as much detail as possible: What you want What my deadline is* What your budget is*   And I'll do the rest! *Within reason. Remember, you won't be the only person I'm working for *My rates are (currently) $10 an hour, but I'm pretty flexible. If you think $10 is too much for an hour's worth of decent work, then make an offer!

You're very welcome, and thanks for the tip :D

Done! Thanks for pointing that out :)

It's his fault you that insulted his integrity and lied about him? I hardly think so. Blacklisted.

Edit line 80 of your class_db_mysqli.php Find: mysqli_error() Replace with: mysqli_error($this->connection_id)

That's a pretty good idea. Might code one up myself :P

function fight() { global $db, $ir, $c, $h, $userid; $_POST['ID'] = isset($_POST['ID']) && ctype_digit($_POST['ID']) ? abs(@intval($_POST['ID'])) : null; // Hate me all you want. I've never had an issue with this! if(isset($_POST['submit']) && !empty($_POST['ID'])) { $robot = $db->query("SELECT * FROM `robots` WHERE `userid` = ".$_POST['ID']); $opp = $db->fetch_row($robot); $yourrobot = $db->query("SELECT * FROM `robots` WHERE `userid` = ".$ir['userid']); $you = $db->fetch_row($yourrobot); if($_POST['ID'] == $ir['userid']) { echo "<hr width='50%'>Please read the error message.<hr width='50%'><h3>! ERROR</h3>You can not fight your own robot!<hr width='50%'><a href='robots.php'>→ Go Back</a><hr width='50%'>"; $h->endpage(); exit; } if(empty($opp['ID'])) { echo "<hr width='50%'>Please read the error message.<hr width='50%'><h3>! ERROR</h3>This user does not have a robot!<hr width='50%'><a href='robots.php'>→ Go Back</a><hr width='50%'>"; $h->endpage(); exit; } echo "<hr width='95%'><span style='color:red;font-weight:700;'>" , $you['name'] , " vs " , $opp['name'] , "</span>"; $opp_stats = $opp['speed'] + $opp['aggression'] + $opp['health']; $you_stats = $you['speed'] + $you['aggression'] + $you['health']; $winner = ($opp_stats > $you_stats) ? $opp['name'] : $you['name']; $winner_ID = ($opp_stats > $you_stats) ? $opp['userid'] : $you['userid']; $loser = ($opp_stats > $you_stats) ? $you['userid'] : $opp['userid']; $speed_winner = ($opp['speed'] > $you['speed']) ? $opp['name'] : $you['name']; $agg_winner = ($opp['aggression'] > $you['aggression']) ? $opp['name'] : $you['name']; $health_winner = ($opp['health'] > $you['health']) ? $opp['name'] : $you['name']; echo 'The robots both enter the arena. <strong>1, ' , $speed_winner , '</strong> runs in and starts swinging away, the other robot has no chance, <strong>' , $speed_winner , '</strong> is obviously faster<br /> <strong>2.</strong> The robots scrap each other to the ground, <strong>' , $agg_winner , '</strong> is alot more aggressive and punches furiously!<br /> <strong>3.</strong> The robots are both drained out, <strong>' , $health_winner , '</strong> seems to have had the most health throughout this fight, but its not over yet!<br /> <strong>Result:</strong> Both the robots are giving it their best. But to finish it off <strong>' , $winner , '</strong> jumps in the air and lands a critical big punch to the opponents neck!<br /> <strong>' , $winner , ' is the winner!</strong><hr width=95%><a href="robots.php">→ Go Back</a><hr width=95%>'; event_add($opp['userid'], '<a href="viewuser.php?u=' , $you['userid'] , '">' , $you['name'] , '</a> fought your robot, the winning robot was ' , $winner , '!'); $db->query("UPDATE `cocks` SET `lost` = `lost` + 1, `health` = 0 WHERE `userid` = ".$loser); $db->query("UPDATE `cocks` SET `won` = `won` + 1 WHERE `userid` = ".$winner_ID); } else { echo '<hr width="75%"><form action="robots.php?x=fight" method="post"> Userid: <input type="number" name="ID" /> <input type="submit" name="submit" value="Fight" /> </form><hr width="75%"><a href="robots.php">→ Go Back</a><hr width="75%">'; } } *Added line: $_POST['ID'] = isset($_POST['ID']) && ctype_digit($_POST['ID']) ? abs(@intval($_POST['ID'])) : null; // Hate me all you want, I've never had an issue with this *Removed: && !preg_match('[^1-9]', $_POST['ID']) *Removed: $_GET['ID'] = abs((int) $_GET['ID']); - 1. There's no call for it. 2. I abhor typecasting. Sanitize and verify your user data properly! *Converted from v1 to v2 (I spotted the global declaration of $db) *Replaced $_SESSION['userid'] with $ir['userid'] (makes more sense to keep the same code throughout the system) *Replaced "> Go Back" with "→ Go Back" *Replaced echo"<hr width = 95%><font color='red'><b>".$you['name']." vs ".$opp['name']."</b></font>"; with echo "<hr width='95%'><span style='color:red;font-weight:700;'>" , $you['name'] , " vs " , $opp['name'] , "</span>"; *Replaced all instances of legacy HTML bold tags to strong tags *Moved the $SQL and $SQL_2 into the query function itself *Replaced all instances of '<hr width=75%>' with '<hr width="75%">' (Pet peeve..) *Replaced case of 'method="POST"' to lowercase *Replaced 'Userid: <input type="text" ...' with 'Userid: <input type="number" ...' ... The word "replaced" looks weird now

Hour and day isn't a bad idea either ;) http://magictallguy.tk/mods.php?mod=20

There's a bit more to it than that. Forgive the gravedig. If done in this order, you should be ok Find: session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); Replace with: include(__DIR__ . '/globals.php'); [color=red]Find:[/color] [code]mysql_ Replace with: $db->   Find: fetch_array Replace with: fetch_row   Find: fetch_assoc Replace with: fetch_row   Find: real_escape_string Replace with: escape   Find: ->result Replace with: ->fetch_single   Find: (note the space: "global ") global Replace with: global $db,

How do you lot not see exactly what's wrong here? <?php $macropage = "docrime.php?c=".$_GET['c']; include(__DIR__ . '/globals.php'); if($ir['jail'] or $ir['hospital']) { echo "This page cannot be accessed while in ".($ir['jail'] ? 'jail' : 'hospital'); $h->endpage(); exit; } $_GET['c'] = isset($_GET['c']) && ctype_digit($_GET['c']) ? abs(@intval($_GET['c'])) : null; if(empty($_GET['c'])) { echo "You didn't select a valid crime"; $h->endpage(); exit; } $q = $db->query("SELECT * FROM `crimes` WHERE `crimeID` = ".$_GET['c']); if(!$db->num_rows($q)) { echo "That crime doesn't exist"; $h->endpage(); exit; } $r = $db->fetch_row($q); if($ir['brave'] < $r['crimeBRAVE']) { echo "You do not have enough Brave to perform this crime."; $h->endpage(); exit; } $ec = "\$sucrate=" . str_replace( array("LEVEL", "CRIMEXP", "EXP", "WILL", "IQ"), array($ir['level'], $ir['exp'], $ir['exp'], $ir['will'], $ir['IQ']), $r['crimePERCFORM']) . ";"; @eval($ec); echo stripslashes($r['crimeITEXT']); $ir['brave'] -= $r['crimeBRAVE']; $db->query("UPDATE `users` SET `brave` = ".$ir['brave']." WHERE `userid` = ".$userid); if(mt_rand(1, 100) <= $sucrate) { echo str_replace("{money}", $r['crimeSUCCESSMUNY'], $r['crimeSTEXT']); $ir['money'] += $r['crimeSUCCESSMUNY']; $ir['crystals'] += $r['crimeSUCCESSCRYS']; $ir['exp'] += $r['crimeXP']; $db->query("UPDATE `users` SET `money` = ".$ir['money'].", `crystals` = ".$ir['crystals'].", `exp` = ".$ir['exp']." WHERE `userid` = ".$userid); if($r['crimeSUCCESSITEM']) item_add($userid, $r['crimeSUCCESSITEM'], 1); } else { if(mt_rand(1, 2) == 1) echo stripslashes($r['crimeFTEXT']); else { echo stripslashes($r['crimeJTEXT']); $db->query("UPDATE `users` SET `jail` = ".$r['crimeJAILTIME'].", `jail_reason` = '".$r['crimeJREASON']."' WHERE `userid` = ".$userid); } } echo "<br /><a href='docrime.php?c=".$_GET['c']."'>Try Again</a><br /><a href='criminal.php'>Crimes</a>"; $h->endpage();

http://pastebin.com/dPKqgErQ

Or, instead of pretty much blanking the OP's post and suggesting everything but what he asked for, you could do this:   <?php session_start(); require(DIRNAME(__DIR__) . '/global_func.php'); if(!isset($_SESSION['loggedin'])) { header("Location: ../login.php"); exit; } require(__DIR__ . '/staff_header.php'); $h = new headers; $h->startheaders(); include(__DIR__ . '/staff_mysql.php'); global $c; $is = mysql_query("SELECT `u`.*, `us`.* FROM `users` `u` " . "LEFT JOIN `userstats` AS `us` ON (`u`.`userid` = `us`.`userid`) " . "WHERE `u`.`userid` = ".$_SESSION['userid'], $c) or die(mysql_error()); if(!mysql_num_rows($is)) { echo "There appears to be an issue with your account"; $h->endpage(); exit; } $ir = mysql_fetch_array($is); check_level(); $fm = money_formatter($ir['money']); $cm = money_formatter($ir['crystals'], ''); $lv = date('F j, Y, g:i a', $ir['laston']); $h->userdata($ir, $lv, $fm, $cm); $h->staffarea(); if($ir['user_level'] != 2) { echo 'This page cannot be accessed.> <a href="index.php">Go Home</a>'; $h->endpage(); exit; } if(!isset($_POST['submit'])) { ?><h3><u>Mass Emailer</u></h3> <form action='staff_email.php' method='post'> <table width='75%' cellspacing='1' class='table'> <tr style='background: gray;'> <th colspan='2'>Email</th> </tr> <tr> <th>Message</th> <td><textarea rows='10' cols='50' name='email'></textarea></td> </tr> <tr> <td colspan='2' style='text-align:center;'><input type='submit' value='Send Mass Email' /></td> </tr> </table> </form><?php } else { $_POST['email'] = isset($_POST['email']) && is_string($_POST['email']) ? trim($_POST['email']) : null; if(empty($_POST['email'])) { echo "You didn't enter a valid message"; $h->endpage(); exit; } $email = mysql_query("SELECT `username`, `email` FROM `users` WHERE `email` != '' AND `fedjail` = 0 ORDER BY `userid` ASC") or die(mysql_error()); $subject = "NationOfTheLost Newsletter"; $message = "<strong>Hi {$r['username']},</strong><br / > {$_POST['email']}<br /> That's all for this month!<br /> <strong>Thanks, Staff @ {$set['game_name']}</strong>"; $headers = "From: admin@".$_SERVER['HTTP_HOST']."\r\nContent-type: text/html\r\n"; $cnt = 0; while($row = mysql_fetch_assoc($email)) { ++$cnt; mail($row['email'], $subject, $message, $headers); } echo "Email sent to ".$cnt." player".(($cnt == 1) ? '' : 's')."."; } $h->endpage(); And then [insert suggestions here]

Forgive me, the Grammar Nazi in me took over.. Spell checked ;)

Seeing as this has been grave-dug with apparent "requests" for help.. From 272 lines to 216 with things added and optimized <?php require_once(__DIR__ . '/globals.php'); echo "<h3>Trading</h3><hr />"; $_GET['ID'] = isset($_GET['ID']) && ctype_digit($_GET['ID']) ? abs(@intval($_GET['ID'])) : null; $_GET['act'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? trim($_GET['action']) : 'Index'; switch($_GET['action']) { case 'accept': accept_request(); break; case 'decline': decline_request(); break; case 'acctrade': accept_trade(); break; case 'dectrade': decline_trade(); break; case 'view': view_trade(); break; case 'begin': begin_trade(); break; case 'cancel': cancel_trade(); break; default: Index(); break; } if(!function_exists('error')) { function error($msg) { global $h; echo '<h4>Error!</h4>',$msg,'<hr />> <a href="trade.php">Go Back</a>'; $h->endpage(); exit; } } function Index() { global $db, $ir; $_POST['user'] = isset($_POST['user']) && ctype_digit($_POST['user']) ? abs(@intval($_POST['user'])) : null; if(empty($_POST['user'])) { ?><form action='trade.php' method='post'> <p>Please type the ID of the user you wish to trade with below.</p> ID: <input type='text' name='user' value='<?php echo $_GET['ID']; ?>' maxlength='10' length='10' size='10' width='10' /> <input type='submit' value='Send Request' /> </form> <hr />> <a href='explore.php'>Go Back</a><?php } else { if($ir['trade']) error("You already have a trade pending completion. Please wait until it is over."); if($_POST['user'] == $ir['userid']) error("You cannot trade with yourself."); $chek2 = $db->query("SELECT `userid` FROM `users` WHERE `userid` = ".$_POST['user']); if(!$db->num_rows($chek2)) error("That user does not exist."); $chek = $db->query("SELECT `trID` FROM `usertrades` WHERE `trFROM` = ".$ir['userid']." OR `trUSER` = ".$ir['userid']); if($db->num_rows($chek)) error("You already have sent a trade request"); $db->query("INSERT INTO `usertrades` VALUES ('', ".$ir['userid'].", ".$_POST['user'].")"); $newTrade = $db->insert_id(); event_add($_POST['user'], "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> would like to trade with you: [<a href='trade.php?action=accept&ID=".$newTrade." '>Accept Offer</a>] - [<a href='trade.php?action=decline&ID=".$newTrade. "'>Decline Offer</a>]", 'general'); ?>Your request for a trade has been sent.<hr />> <a href='explore.php'>Go Back</a><?php } } function accept_request() { global $db, $ir; if(empty($_GET['ID'])) error("You didn't select a valid trade"); $q = $db->query("SELECT `trFROM` FROM `usertrades` WHERE `trID` = ".$_GET['ID']." AND `trUSER` = ".$ir['userid']); if(!$db->num_rows($q)) error("Either that trade doesn't exist, or it's not yours"); $from = $db->fetch_single($q); event_add($from, "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> has accepted your trade offer:[<a href='trade.php?action=begin'>Begin Trade</a>] - [<a href='trade.php?action=cancel'>Cancel Trade</a>]"); $db->query("UPDATE `users` SET `trade` = ".$from." WHERE `userid` = ".$ir['userid']); $db->query("UPDATE `users` SET `trade` = ".$ir['userid']." WHERE `userid` = ".$from); ?>Trade request has been accepted.<hr />> <a href='explore.php'>Go Back</a><?php } function decline_request() { global $db, $ir; if(empty($_GET['ID'])) error("You didn't select a valid trade"); $q = $db->query("SELECT `trFROM` FROM `usertrades` WHERE `trID` = ".$_GET['ID']." AND `trUSER` = ".$ir['userid']); if(!$db->num_rows($q)) error("Either that trade doesn't exist, or it's not yours"); $from = $db->fetch_single($q); $db->query("DELETE FROM `usertrades` WHERE `trID` = ".$_GET['ID']); event_add($from, "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> has declined your trade offer."); ?>Trade request has been declined.<hr />> <a href='explore.php'>Go Back</a><?php } function cancel_trade() { global $db, $ir; if(!$ir['trade']) error("You are not in a trade."); $q = $db->query("SELECT `userid`, `trade` FROM `users` WHERE `trade` = ".$ir['userid']); if(!$db->num_rows($q)) error("That player isn't in a trade with you"); $r = $db->fetch_row($q); event_add($r['userid'], "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> has cancelled the trade."); $db->query("UPDATE `users` SET `trade` = 0 WHERE `userid` IN (".$ir['userid'].", ".$r['userid'].")"); $db->query("DELETE FROM `usertrades` WHERE `trUSER` = ".$ir['userid']." OR `trFROM` = ".$ir['userid']); ?>The trade has been cancelled.<hr />> <a href='explore.php'>Go Back</a><?php } function view_trade() { global $db, $ir; $q = $db->query("SELECT * FROM `trades` WHERE `trUSER` = ".$ir['userid']); if(!$db->num_rows($q)) error("This trade hasn't been started yet"); $r = $db->fetch_row($q); if($r['trUSER'] != $ir['userid']) error("This is not your trade to view"); $selectItem1 = $db->query("SELECT `itmname` FROM `items` WHERE `itmid` = ".$r['trITEM']); $item1 = $db->fetch_single($selectItem1); $showItem1 = $r['trITEM'] ? stripslashes($item1) : "<span style='color:red;'>None</span>"; $selectItem2 = $db->query("SELECT `itmname` FROM `items` WHERE `itmid` = ".$r['trRITEM']); $item2 = $db->fetch_single($selectItem2); $showItem2 = $r['trRITEM'] ? stripslashes($item2) : "<span style='color:red;'>None</span>"; ?><span style='font-weight:bold;font-style:italic;'>Trade Details</span> <strong>Offer: </strong> Money: <?php echo money_formatter($r['trCASH']); ?> | Crystals: <?php echo number_format($r['trCRYS']); ?> | Item: <?php echo $showItem1; ?> <span style='font-weight:bold;font-style:italic;'>Trade Request</span> Money: <?php echo money_formatter($r['trRCASH']); ?> | Crystals: <?php echo number_format($r['trRCRYS']); ?> | Item: <?php echo $showItem2; if($ir['userid'] == $r['trUSER']) echo "[<a href='trade.php?action=acctrade&ID=".$r['trID']."'>Accept Trade</a>] [<a href='trade.php?action=dectrade&ID=".$r['trID']."'>Decline Trade</a>]"; echo "<hr />> <a href='explore.php'>Go Back</a>"; } function begin_trade() { global $db, $ir; if(!$ir['trade']) error("You are not in a trade."); $chek = $db->query("SELECT `trID` FROM `trades` WHERE `trFROM` = ".$ir['userid']." OR `trUSER` = ".$ir['userid']); if($db->num_rows($chek)) error("You have already sent a trade."); $chek2 = $db->query("SELECT `trID` FROM `usertrades` WHERE `trFROM` = ".$ir['userid']); if(!$db->num_rows($chek2)) error("This is not your trade."); if(isset($_POST['submit'])) { $posted = array('cash', 'crys', 'item', 'rcash', 'rcrys', 'ritem'); foreach($posted as $what) $_POST[$what] = isset($_POST[$what]) && ctype_digit($_POST[$what]) ? abs(@intval($_POST[$what])) : 0; $db->query("INSERT INTO `trades` VALUES(NULL, ".$ir['userid'].", ".$ir['trade'].", ".$_POST['crys'].", ".$_POST['cash'].", ".$_POST['item'].", ".$_POST['rcrys'].", ".$_POST['rcash'].", ".$_POST['ritem'].")"); $db->query("DELETE FROM `usertrades` WHERE `trFROM` = ".$ir['userid']); event_add($ir['trade'], "This is the trade offer: <a href='trade.php?action=view'>View Trade</a>"); ?>Your trade was submitted.<hr />> <a href='explore.php'>Go Back</a><?php } else { ?><form action='trade.php?action=begin' method='post'> <span style='font-weight:bold;font-style:italic;'>Your offer: </span> Crystals: <input type='text' name='crys' /> Money: <input type='text' name='cash' /> Item: <select name='item' type='dropdown'> <option value='0' selected='selected'>None</option><?php $q = $db->query("SELECT `inv`.`inv_id`, `i`.`itmid`, `i`.`itmname` FROM `inventory` AS `inv` " . "LEFT JOIN `items` AS `i` ON (`inv`.`inv_itemid` = `i`.`itmid`) " . "WHERE (`inv`.`inv_userid` = ".$ir['userid'].") ORDER BY `i`.`itmname` ASC"); while($r = $db->fetch_row($q)) printf("<option value='%u'>%s</option>", $r['itmid'], stripslashes($r['itmname'])); ?></select> <span style='font-weight:bold;font-style:italic;'>Your request: </span> Crystals: <input type='text' name='crys' /> Money: <input type='text' name='cash' /> Item: <select name='item' type='dropdown'> <option value='0' selected='selected'>None</option><?php $q = $db->query("SELECT `inv`.`inv_id`, `i`.`itmid`, `i`.`itmname` FROM `inventory` AS `inv` " . "LEFT JOIN `items` AS `i` ON (`inv`.`inv_itemid` = `i`.`itmid`) " . "WHERE (`inv`.`inv_userid` = ".$ir['trade'].") ORDER BY `i`.`itmname` ASC"); while($r = $db->fetch_row($q)) printf("<option value='%u'>%s</option>", $r['itmid'], stripslashes($r['itmname'])); ?></select> <input type='submit' name='submit' value='Submit' /> </form> <hr />> <a href='explore.php'>Go Back</a><?php } } function accept_trade() { global $db, $ir; if(empty($_GET['ID'])) error("You didn't select a valid trade"); $q = $db->query("SELECT * FROM `trades` WHERE `trID` = ".$_GET['ID']." AND `trUSER` = ".$ir['userid']); if(!$db->num_rows($q)) error("Either that trade doesn't exist, or it's not yours"); $r = $db->fetch_row($q); $x = $db->query("SELECT `money`, `crystals` FROM `users` WHERE `userid` = ".$ir['trade']); if(!$db->num_rows($x)) error("That player no longer exists"); $y = $db->fetch_row($x); if($r['trRCASH'] > $ir['money'] || $r['trRCRYS'] > $ir['crystals']) error("You do not meet one or more of the requirements, Please try again."); if($y['money'] < $r['trCASH'] || $y['crystals'] < $r['trCRYS']) error("Your friend does not meet one or more of the requirements"); $m = $db->query("SELECT `inv_id` FROM `inventory` WHERE `inv_itemid` = ".$r['trITEM']." AND `inv_userid` = ".$r['trFROM']); if(!$db->num_rows($m)) error("Your friend does not meet one or more of the requirements."); $o = $db->query("SELECT `inv_id` FROM `inventory` WHERE `inv_itemid` = ".$r['trRITEM']." AND `inv_userid` = ".$r['trUSER']); if(!$db->num_rows($o)) error("You do not meet one or more of the requirements."); $q = $db->query("SELECT * FROM `trades` WHERE `trUSER` = ".$ir['userid']); $r = $db->fetch_row($q); event_add($r['trFROM'], "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> has accepted your trade."); if($r['trITEM']) { item_remove($r['trFROM'], $r['trITEM'], 1); item_add($ir['userid'], $r['trITEM'], 1); } if($r['trRITEM']) { item_remove($ir['userid'], $r['trRITEM'], 1); item_add($r['trFROM'], $r['trRITEM'], 1); } $db->query("UPDATE `users` SET `trade` = 0, `money` = `money` + ".$r['trCASH'].", `money` = `money` - ".$r['trRCASH'].", `crystals` = `crystals` + ".$r['trCRYS'].", `crystals` = `crystals` - ".$r['trRCRYS']." WHERE `userid` = ".$ir['userid']); $db->query("UPDATE `users` SET `trade` = 0, `money` = `money` + ".$r['trRCASH'].", `money` = `money`- ".$r['trCASH'].", `crystals` = `crystals` + ".$r['trRCRYS'].", `crystals` = `crystals` - ".$r['trCRYS']." WHERE `userid` = ".$r['trFROM']); $db->query("DELETE FROM `trades` WHERE `trUSER` = ".$ir['userid']); ?>Trade request accepted!.<hr />> <a href='explore.php'>Go Back</a><?php } function decline_trade() { global $db, $ir; if(empty($_GET['ID'])) error("You didn't select a valid trade"); $q = $db->query("SELECT `trFROM` FROM `trades` WHERE `trID` = ".$_GET['ID'] ." AND `trUSER` = ".$ir['userid']); if(!$db->num_rows($q)) error("Either that trade doesn't exist, or it's not yours"); event_add($db->fetch_single($q), "<a href='viewuser.php?u=".$ir['userid']."'>".stripslashes($ir['username'])."</a> has declined your trade offer."); $db->query("DELETE FROM `trades` WHERE `trID` = ".$_GET['ID']); $db->query("UPDATE `users` SET `trade` = 0 WHERE `userid` IN (".$ir['trade'].", ".$ir['userid'].")"); ?>Trade declined.<hr />> <a href='explore.php'>Go Back</a><?php } $h->endpage();

Use my Cronless Crons, or create your own!

Edit yourgang.php Find: (in the gang_view_armoury() function) <td style='text-align:center;'><?php echo $db->fetch_single($selectInventory) == 'Yes' ? "<span style='color:#888;'>Borrowed</span>" : ($gangdata['gang_armoury_item_withdrawable'] == 'Yes') ? "<a href='yourgang.php?action=borrowitem&ID=".$row['item']."'>Borrow</a>" : "<span style='color:#888;'>Locked</span>"; echo $gangdata['gangPRESIDENT'] == $ir['userid'] ? " · <a href='yourgang.php?action=staff&act2=trash&ID=".$row['item']."'>Trash</a>" : ''; ?></td> Replace with: <td style='text-align:center;'><?php echo $db->fetch_single($selectInventory) == 'Yes' ? "<span style='color:#888;'>Borrowed</span>" : ($gangdata['gang_armoury_item_withdrawable'] == 'Yes') ? "<a href='yourgang.php?action=borrowitem&ID=".$row['item']."'>Borrow</a>" : "<span style='color:#888;'>Locked</span>"; echo $gangdata['gangPRESIDENT'] == $ir['userid'] ? " · <a href='yourgang.php?action=staff&act2=leaditem&ID=".$row['item']."'>Take</a> · <a href='yourgang.php?action=staff&act2=trash&ID=".$row['item']."'>Trash</a>" : ''; ?></td>   Find: case 'recall': gang_staff_armoury_recall_item(); break; Add below: case 'leaditem': gang_staff_armoury_leader_take_item(); break;   Find: The ending brace of the gang_staff_armoury_recall_item() function Add below: function gang_staff_armoury_leader_take_item() { global $db, $ir, $gangdata; if($gangdata['gangPRESIDENT'] != $ir['userid']) cleanKill("You have no access to this.."); $_GET['ID'] = isset($_GET['ID']) && ctype_digit($_GET['ID']) ? abs(@intval($_GET['ID'])) : null; $selectItem = $db->query("SELECT `g`.`item`, `g`.`qty`, `g`.`total`, `i`.`itmname` FROM `gang_armoury` AS `g` " . "LEFT JOIN `items` ON (`g`.`item` = `i`.`itmid`) " > "WHERE `g`.`gang` = ".$gangdata['gangID']." AND `g`.`item` = ".$_GET['ID']); if(!$db->num_rows($selectItem)) cleanKill("Your gang doesn't own this item"); $row = $db->fetch_row($selectItem); if(!$row['qty']) cleanKill("You must recall that item before you can take it from your gang"); if($row['total'] == 1) $db->query("DELETE FROM `gang_armoury` WHERE `item` = ".$_GET['ID']." AND `gang` = ".$gangdata['gangID']); else $db->query("UPDATE `gang_armoury` SET `total` = `total` - 1 WHERE `item` = ".$_GET['ID']." AND `gang` = ".$gangdata['gangID']); item_add($ir['userid'], $_GET['ID'], 1); ?>You have taken the <?php echo format($row['itmname']); ?> from your gang<?php }   Original code updated

I'll add that in now   Already done :)   I'll have a look now too :)   Normally within 10 minutes of posting on here :)

Code updated

Code updated

Exactly what it says on the tin. If not rows are found, kill the page cleanly with some message stating that you don't own it. I've just realised I can minify that further.. Original code updated

Thank you for pointing those out, my own fault for rushing! Original code updated I'm having a look at my local copy of the item*.php and everything appears to be working fine. Let me just compare version ;) -- UPDATE See original code. Everything should be fine

That's because that's not the right link. Blame MWG's syntax highlighter.. I do.. You can find a copy of this on my site (link is in my signature)

When gangs are created, then gangs are created lol The settings will automatically insert themselves once the gang leader has set them (might make it a requirement to set them first), then it'll just update instead. Did you receive that error *after* running through the settings, or before? Update The option to make setting up the armoury a requirement has been added

I'm sure I included the query update. ah well, original code updated :)

Haha, ask as many as you want :)   It can indeed. I'll make sure to include that with the other update :)