Jump to content
MakeWebGames

help please


bmw11

Recommended Posts

 <?php

/*
itemmarket.php by Lithium
MODIFIED BY CURT
distribution/selling/sharing of this
file is illegal without permission.
*/

include "globals.php";


            echo'<div class="gray-block">
<div class="heading">Item Market</div>';

function quote_smart($value)
{
if (get_magic_quotes_gpc()) {
   $value = stripslashes($value);
}
if (!is_numeric($value)) {
   $value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}

function item_mremove()
{
global $ir,$c,$userid,$h;
$q = mysql_query("SELECT im.*,i.* FROM `itemmarket` `im` LEFT JOIN `items` `i` ON `im`.`imITEM` = `i`.`itmid` WHERE `imID` = '{$_GET['ID']}' AND `imADDER` = $userid");
if(!mysql_num_rows($q))
{
   ?>
   Error, either this item does not exist, or you are not the owner.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}
$r = mysql_fetch_array($q);

  if ($r['imQTY']>1) {

     if (isset($_POST['rqty'])) {
       $_POST['rqty']=abs((int)$_POST['rqty']);
       if ($r['imQTY']<$_POST['rqty'])
       {
          ?>
          Error, you do not have this many to remove!.

          <a href="http://itemmarket.php" target="_blank">Go Back</a>
          <?
          $h->endpage();
          exit;

       }
       else {

         mysql_query("UPDATE `itemmarket` SET `imQTY`=`imQTY`-{$_POST['rqty']} WHERE `imID`={$_GET['ID']} AND `imADDER`={$ir['userid']}",$c);
         mysql_query("DELETE FROM `itemmarket` WHERE `imQTY`=0",$c);
         item_add($userid, $r['itmid'], $_POST['rqty']);
         ?>
         Item's Removed from Market!
<a href="http://itemmarket.php" target="_blank">Go Back</a>
         <?
       }
     }
     else {


        ?>
        How many <?=$r['itmname']?>'s would you like to remove ?

        <form action='' method='POST'><input type='hidden' name='imID' value=<?=$r['imID']?> >
        Quanity: <input type='text' size=4 name='rqty' value=<?=$r['imQTY']?>>
        <input type='submit' value='Remove Items'></form>
        <?
    }
  }
else {

 item_add($userid, $r['imITEM'], 1);
 mysql_query("DELETE FROM `itemmarket` WHERE `imID`={$_GET['ID']}",$c);
 mysql_query("INSERT INTO `imremovelogs` VALUES ('', {$r['imITEM']}, {$r['imADDER']}, $userid, {$r['imID']}, $i, unix_timestamp(), '{$ir['username']} removed a {$r['itmname']} from the item market.')", $c);
 ?>
 Item removed from market!
<a href="http://itemmarket.php" target="_blank">Go Back</a>
 <?

}
}

function item_buy()
{
global $ir,$c,$userid,$h;
$q = mysql_query("SELECT * FROM `itemmarket` `im` LEFT JOIN `items` `i` ON `i`.`itmid` = `im`.`imITEM` WHERE `imID` = {$_GET['ID']}");
if(!mysql_num_rows($q))
{
   ?>
   Error, either this item does not exist, or it has already been bought.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}
$r = mysql_fetch_array($q);

if ($r['imQTY']>1) {

  if (isset($_POST['buyqty'])) {
  $_POST['buyqty']=abs((int)$_POST['buyqty']);
  $_POST['imID']=abs((int)$_POST['imID']);

  $PRICE=$r['imPRICE']*$_POST['buyqty'];
  $POINTS=$r['imPOINTS']*$_POST['buyqty'];

 if($r['imQTY'] < $_POST['buyqty'])
 {
   ?>
   Error, you have selected more items than there really is.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
 }
 if($PRICE > $ir['money'])
 {
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
 }
 if($POINTS > $ir['crystals'])
 {
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
 }

 $i=0;
 item_add($userid, $r['imITEM'], $_POST['buyqty']);
 mysql_query("UPDATE itemmarket SET imQTY=imQTY-{$_POST['buyqty']} WHERE imID={$_GET['ID']}",$c);
 mysql_query("DELETE FROM itemmarket WHERE imQTY=0",$c);
 mysql_query("UPDATE users SET money=money-$PRICE, crystals=crystals-$POINTS WHERE userid=$userid",$c);
 mysql_query("UPDATE users SET money=money+$PRICE, crystals=crystals+$POINTS WHERE userid={$r['imADDER']}",$c);

 event_add($r['imADDER'],"<a href="http://viewuser.php?u=$userid" target="_blank">{$ir['username']}</a> bought [x{$_POST['buyqty']}] {$r['itmname']}'s  from the market for \$".number_format($PRICE)." and $POINTS Points!.",$c);
 mysql_query("INSERT INTO imbuylogs VALUES ('', {$r['imITEM']}, {$r['imADDER']}, $userid,  {$r['imPRICE']}, {$r['imID']}, $i, unix_timestamp(), '{$ir['username']} bought a {$r['itmname']} from the item market for \$$PRICE and $POINTS Points from user ID {$r['imADDER']}')", $c);
 ?>
 You bought [x<?=$_POST['buyqty']?>] <?=$r['itmname']?>'s from the market for $<?=number_format($PRICE)?> and <?=$POINTS?> Points!.
 <a href="http://itemmarket.php" target="_blank">Go Back</a>
 <?
 $h->endpage();
 exit;


  }
  else
  {
       ?>
       How many <?=$r['itmname']?>'s do you want to buy ? There is [x<?=$r['imQTY']?>] available.

       They cost $<?=number_format($r['imPRICE'])?> and <?=$r['imPOINTS']?> Points Each!
       <form action='' method='POST'><input type='hidden' name='imID' value=<?=$r['imID']?>>
       How Many ? <input type='text' size=4 name='buyqty' value='0'>
       <input type='submit' value='Buy Items'></form>
       <?
  }
} else {


 if($r['imPRICE'] > $ir['money'])
 {
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
 }
 if($r['imPOINTS'] > $ir['crystals'])
 {
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
 }

 mysql_query("INSERT INTO inventory VALUES('',{$r['imITEM']},$userid,1)",$c) or die(mysql_error());
 $i=mysql_insert_id($c);
 mysql_query("DELETE FROM itemmarket WHERE imID={$_GET['ID']}",$c);
 mysql_query("UPDATE users SET money=money-{$r['imPRICE']} where userid=$userid",$c);
 mysql_query("UPDATE users SET money=money+{$r['imPRICE']} where userid={$r['imADDER']}",$c);
 event_add($r['imADDER'],"<a href="http://viewuser.php?u=$userid" target="_blank">{$ir['username']}</a> bought your {$r['itmname']} item from the market for \$".number_format($r['imPRICE']).".",$c);
 mysql_query("INSERT INTO imbuylogs VALUES ('', {$r['imITEM']}, {$r['imADDER']}, $userid,  {$r['imPRICE']}, {$r['imID']}, $i, unix_timestamp(), '{$ir['username']} bought a {$r['itmname']} from the item market for \${$r['imPRICE']} from user ID {$r['imADDER']}')", $c);
 ?>
 You bought the <?=$r['itmname']?> from the market for $<?=number_format($r['imPRICE'])?>.
 <a href="http://itemmarket.php" target="_blank">Go Back</a>
 <?
 $h->endpage();
 exit;
}
}

function item_gift1()
{
global $ir,$c,$userid,$h;
$q=mysql_query("SELECT * FROM itemmarket im LEFT JOIN items i ON i.itmid=im.imITEM WHERE imID={$_GET['ID']}",$c);
if(!mysql_num_rows($q))
{
   ?>
   Error, either this item does not exist, or it has already been bought.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}
$r=mysql_fetch_array($q);
if($r['imPRICE'] > $ir['money'])
{
   ?>
   You do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}

?>
Buying [x<?=$r['imQTY']?>] <b><?=$r['itmname']?>'s</b> for $<?=number_format($r['imPRICE'])?> and <?=$r['imPOINTS']?> Points each as a gift for...

<form action="itemmarket.php?action=gift2" method="post">
<input type="hidden" name="ID" value="<?=$_GET['ID']?>" />
User to give gift to: <?=user_dropdown($c,'user')?>

How many to buy ? <input type='text' size=4 name='giftqty' value=0>
<input type="submit" value="Buy Item and Send Gift" />
</form>
<?
}

function item_gift2()
{
global $ir,$c,$userid,$h;
$_POST['giftqty']=abs((int)$_POST['giftqty']);
$q=mysql_query("SELECT * FROM itemmarket im LEFT JOIN items i ON i.itmid=im.imITEM WHERE imID={$_POST['ID']}",$c);
if(!mysql_num_rows($q))
{
   ?>
   Error, either this item does not exist, or it has already been bought.

   <a href="http://itemmarket.php" target="_blank">> Back</a>
   <?
   $h->endpage();
   exit;
}

$qqq=mysql_query("SELECT username FROM users WHERE userid={$_POST['user']}",$c);
if(!mysql_num_rows($qqq))
{
   ?>
   Error, this person does not exist.

   <a href="http://itemmarket.php" target="_blank">> Back</a>
   <?
   $h->endpage();
   exit;
}
$r=mysql_fetch_array($q);

$MONEY=$r['imPRICE']*$_POST['giftqty'];
$POINTS=$r['imPOINTS']*$_POST['giftqty'];
$_POST['user']=abs((int)$_POST['user']);

if($r['imQTY'] < $_POST['giftqty'])
{
   ?>
   Error, you have selected more items than there is!

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}

if($MONEY > $ir['money'])
{
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}

   if($POINTS > $ir['crystals'])
{
   ?>
   Error, you do not have the funds to buy this item.

   <a href="http://itemmarket.php" target="_blank">Go Back</a>
   <?
   $h->endpage();
   exit;
}

item_add($_POST['user'], $r['imITEM'], $_POST['giftqty']);
mysql_query("UPDATE itemmarket SET imQTY=imQTY-{$_POST['giftqty']} WHERE imID={$_GET['ID']}",$c);
mysql_query("DELETE FROM itemmarket WHERE imQTY=0",$c);
mysql_query("UPDATE users SET money=money-$MONEY, crystals=crystals-$POINTS where userid=$userid",$c);
mysql_query("UPDATE users SET money=money+$MONEY, crystals=crystals-$POINTS where userid={$r['imADDER']}",$c);
event_add($r['imADDER'],"<a href="http://viewuser.php?u=$userid" target="_blank">{$ir['username']}</a> bought [x{$_POST['giftqty']}] {$r['itmname']}'s from the market for \$".number_format($MONEY)." and $POINTS Points.",$c);
event_add($_POST['user'], "<a href="http://viewuser.php?u=$userid" target="_blank">{$ir['username']}</a> bought you [x{$_POST['giftqty']}] {$r['itmname']}'s from the item market as a gift.",$c);
$u=mysql_query("SELECT * FROM users WHERE userid={$_POST['user']}",$c);
$uname=mysql_result($u,0,1);
mysql_query("INSERT INTO imbuylogs VALUES ('', {$r['imITEM']}, {$r['imADDER']}, $userid,  {$r['imPRICE']}, {$r['imID']}, $i, unix_timestamp(), '{$ir['username']} bought a {$r['itmname']} from the item market for \$$MONEY and $POINTS Points from user ID {$r['imADDER']} as a gift for $uname [{$_POST['user']}]')", $c);
?>
You bought [x<?=$_POST['giftqty']?>] <?=$r['itmname']?>'s from the market for $<?=number_format($MONEY)?> and <?=$POINTS?> Points and sent the gift to <?=$uname?>!
<?
}



/* check which items are valid to use
edit $invalid_ids to suit your needs
each array placed here won't be listed (category ID on db)
*/

$invalid_ids = array('8','9','10','999','1000');

$q = "SELECT itmtypeid,itmtypename FROM itemtypes";
$q1 = "SELECT DISTINCT im.imITEM , i.itmid,  i.itmtype,i.itmname FROM items i LEFT JOIN itemmarket im ON i.itmid=im.imITEM";

if(is_array($invalid_ids) && !empty($invalid_ids)) {
$q.=" WHERE  itmtypeid NOT IN (";
$q1.=" WHERE i.itmid=im.imITEM AND i.itmtype NOT IN (";
$count = count($invalid_ids);
for($i=0; $i< $count;$i++) {
   $i_v .= "'".$invalid_ids[$i]."'";
   if($i < $count-1)
       $i_v .= ",";
}
$q.= $i_v.")";
$q1.= $i_v.")";
}

$q.= " ORDER BY itmtypeid";
$q1.= " ORDER BY i.itmtype";

$x = mysql_query($q,$c);

while($xx = mysql_fetch_array($x))
{
$title_item[$xx['itmtypeid']] = $xx['itmtypename'];
$a[$xx['itmtypeid']][] = array();
}

$x = mysql_query($q1,$c);

while($xx = mysql_fetch_array($x))
{
$a[$xx['itmtype']][] = $xx;
}

?>

<table width="100%" class="inner">
<tr class="fill">
   <td colspan=3 class="inner">Item Market <form id="form" name="form" method="post" action="<?=$_SERVER['PHP_SELF']?>"></td>
</tr>
<tr>
   <td colspan=3 class="inner">
   Select the item type you want to buy from the dropdown boxes.

   If there is any item fro sale it will show you the links to it.</td>
</tr>
<tr>
   <td>
<?
$i=0;
foreach ($a as $key => $value) {
   $xx = $value;
   $i++;
?>
   <table width="100%" class="inner">
   <tr class="fill">
       <td class="inner"><?=$title_item[$key]?></td>
   </tr>
   <tr>
       <td class="inner">
           <select name="s_<?=$key?>" id="s_<?=$key?>">
           <option value="0"></option>
           <option value="-1">Check All</option>
   <?
   if(is_array($xx)){
       foreach($xx as $x) {
           if(!empty($x)) {
           ?>
           <option value="<?=$x['itmid']?>">
           <? echo $x['itmname'];?>
           </option>
       <?}
       }
   }?>
           </select>
       </td>
   </tr>
   </table>
<?
   if( $i > 0 && $i < 3) {
       ?>
   </td>
   <td>
       <?
   } else {
       $i = 0;
       ?>
<tr>
   <td>
       <?
   }
}
for($j=$i;$j > 0; $j--) {
?>
   </td><td>
<?
}
?>
   </td>
</tr>
<tr class="fill">
   <td colspan=3 class="inner">
       <input type="submit" name="search" id="search" value="Search" />
   </td>
</tr>
</table>
</form>


<?

switch($_GET['action'])
{
case "buy":
item_buy();
break;

case "gift1":
item_gift1();
break;

case "gift2":
item_gift2();
break;

case "remove":
item_mremove();
break;
}

if(isset($_POST) && isset($_POST['search']))
{
foreach($_POST as $key => $value) {
   if(preg_match("/^s_(\d*)$/", $key, $match)) {
       if($value == -1) {
           $a_it[]= quote_smart($match[1]);
       } else if($value != 0 && $value != -1) {
           $a_id[]= quote_smart($value);
       }
   }
}
$sql_get ="SELECT DISTINCT username, userid, itmid, itmname, imPRICE,imPOINTS,imQTY, imID, imADDER
       FROM itemmarket
       LEFT JOIN items ON items.itmid = itemmarket.imITEM
       LEFT JOIN itemtypes ON itemtypes.itmtypeid = items.itmtype
       LEFT JOIN users ON users.userid = itemmarket.imADDER ";

if(isset($a_id) || isset($a_it)) {
   $sql_get.= "WHERE ";
} else {
   ?>

No items found. Please try some other search option!
   <?
   $h->endpage();
   exit;
}

if(isset($a_id) && is_array($a_id) && !empty($a_id)) {
   $count = count($a_id);
   for($i=0; $i < $count; $i++) {
       $sql_get.= "itmid = '".$a_id[$i]."' ";
       if($i < $count - 1)
           $sql_get.= "OR ";
   }
}

if(isset($a_it) && is_array($a_it) && !empty($a_it)) {
   if(isset($a_id))
       $sql_get.= "OR ";
   $count = count($a_it);
   for($i=0; $i < $count; $i++) {
       $sql_get.= "itmtype = '".$a_it[$i]."' ";
       if($i < $count - 1)
           $sql_get.= "OR ";
   }
}

$sql_get.= " ORDER BY imPRICE ASC";
$q=mysql_query($sql_get);

if(!mysql_num_rows($q))
{
   ?>

No items found. Please try some other search option!
   <?
   $h->endpage();
   exit;
} else { ?>
   <table width="100%" class="inner">
   <tr class="fill">
       <td colspan="4" class="inner">Your search returned the following results</td>
   </tr>
   <tr>
       <td width="20%" class="inner">Adder</td>
       <td width="5%" class="inner">Qty</td>
       <td width="25%" class="inner">Item</td>
       <td width="20%" class="inner">Money</td>
       <td width="10%" class="inner">Points</td>
       <td width="20%" class="inner">Links</td>
   </tr>
   <?
   $lt="";
   while($r=mysql_fetch_array($q))
   {
       if($r['imADDER'] == $userid) {
           $link = "[<a href="http://itemmarket.php?action=remove&ID={$r[" target="_blank">Remove</a>]";
       } else {
           $link = "[<a href="http://itemmarket.php?action=buy&ID={$r[" target="_blank">Buy</a>] [<a href="http://itemmarket.php?action=gift1&ID={$r[" target="_blank">Gift</a>]";
       }
   ?>
   <tr>
       <td class="inner"><a href="http://viewuser.php?u=<?=$r[" target="_blank">'><?=$r['username']?></a> [<?=$r['userid']?>]</td>
       <td class="inner"><?=$r['imQTY']?></td>
       <td class="inner"><?=$r['itmname']?></td>
       <td class="inner">$<?=number_format($r['imPRICE'])?></td>
       <td class="inner"><?=number_format($r['imPOINTS'])?></td>
       <td class="inner">[<a href="http://iteminfo.php?ID=<?=$r['itmid']?>" target="_blank">Info</a>]<?=$link?></td>
   </tr>
   <?}?>
   </table>
<?
}
}
echo "</div>";
$h->endpage();
?> 
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...