Mr-Scripts Posted November 11, 2012 Share Posted November 11, 2012 <?php session_start(); include_once "includes/db_connect.php"; include_once "includes/functions.php"; include_once "includes/smile.php"; logincheck(); $username=$_SESSION['username']; $query=mysql_query("SELECT * FROM users WHERE username='$username'"); $fetch=mysql_fetch_object($query); $terr=mysql_fetch_object(mysql_query("SELECT * FROM `terr` WHERE `location`='$fetch->location' AND `owner`='$username'")); if (strtolower($terr->owner) == strtolower($username)){ echo "You own 1 Territory!"; if ($terr->payout <= time()) { $ha = 3600*24; $new_time = time()+$ha; mysql_query("UPDATE `terr` SET `payout` = '$new_time' WHERE `location`='$fetch->location' AND `owner`='$username'"); $new_money=$fetch->money+5000000; mysql_query("UPDATE `users` SET `money` = '$new_money' WHERE `username`='$username'"); echo "Your Territory Paid You $5,000,000"; } } if (strip_tags($_POST['change'])) { $name=strip_tags($_POST['name']); mysql_query("UPDATE `terr` SET `message` = '$name' WHERE `location`='$fetch->location' AND `owner`='$username'"); } if (strip_tags($_GET['takeover']) && strip_tags($_GET['location'])){ $takeover=strip_tags($_GET['takeover']); $location=strip_tags($_GET['location']); $own=mysql_num_rows(mysql_query("SELECT * FROM terr WHERE owner='$username'")); if ($own != "0"){ echo "You cannot own more than 1 terrotory"; }else{ $check =mysql_query("SELECT * FROM terr WHERE id='$takeover' AND location='$fetch->location'"); $num=mysql_num_rows($check); $def=mysql_fetch_object($check); if ($num != "0"){ if (strip_tags($_POST['Submit']) && strip_tags($_POST['trys'])){ $trys=intval(strip_tags($_POST['trys'])); $total = $trys*1000000; if ($total > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ if ($trys <= $def->def){ echo "You did not get the Terrotory"; mysql_query("UPDATE terr SET def=def-$trys WHERE id='$takeover'"); $new_money = $fetch->money - $total; mysql_query("UPDATE users SET money=money-1000000 WHERE username='$username'"); }elseif ($trys >= $def->def){ echo "You got the Terrotory"; mysql_query("UPDATE terr SET owner='$username' WHERE id='$takeover'"); }}} echo "<form action='?takeover=$takeover&location=$location' method=POST><table width=53% border=1 align=center cellpadding=0 cellspacing=0 bordercolor='black' class='thinline'> <tr> <td height=22 class=header><center><strong>Takeover Territory in $fetch->location</strong></center></td> </tr> <tr> <td><table width=100% border=0 cellspacing=3 cellpadding=0> <tr> <td width=72%>Petrol Bomb:($1,000,000 per bomb)</td> <td width=28%><input name=trys type=text id=trys size=10></td> </tr> <tr> <td colspan=2><div align=center> </div></td> </tr> <tr> <td colspan=2><div align=right> <input type=submit name=Submit value=Submit> </div></td> </tr> </table></td> </tr> </table><p></form> "; }} } if (strip_tags($_POST['upgrade']) && strip_tags($_POST['radiobutton'])){ $radiobutton = strip_tags($_POST['radiobutton']); if ($radiobutton == "1"){ $buydef = 1000000; if ($buydef > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ $new_money=$fetch->money-$buydef; mysql_query("UPDATE `users` SET `money`='$new_money' WHERE `username`='$username'"); $new_def=$terr->def+1; echo "You upgraded your deffence."; mysql_query("UPDATE terr SET def='$new_def' WHERE `location`='$fetch->location' AND `owner`='$username'"); } }elseif ($radiobutton == "2"){ $buydef = 4000000; if ($buydef > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ $new_money = $fetch->money - $buydef; mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); $new_def=$terr->def+5; echo "You upgraded your deffence."; mysql_query("UPDATE terr SET def='$new_def' WHERE `location`='$fetch->location' AND `owner`='$username'"); } }elseif ($radiobutton == "3"){ $buydef = 7500000; if ($buydef > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ $new_money = $fetch->money - $buydef; mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); $new_def=$terr->def+10; echo "You upgraded your deffence."; mysql_query("UPDATE terr SET def='$new_def' WHERE `location`='$fetch->location' AND `owner`='$username'"); } }elseif ($radiobutton == "4"){ $buydef = 10000000; if ($buydef > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ $new_money = $fetch->money - $buydef; mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); $new_def=$terr->def+15; echo "You upgraded your deffence."; mysql_query("UPDATE terr SET def='$new_def' WHERE `location`='$fetch->location' AND `owner`='$username'"); } }elseif ($radiobutton == "5"){ $buydef = 15000000; if ($buydef > $fetch->money){ echo "You dont have enough money."; }elseif ($total <= $fetch->money){ $new_money = $fetch->money - $buydef; mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); $new_def=$terr->def+25; echo "You upgraded your deffence."; mysql_query("UPDATE terr SET def='$new_def' WHERE `location`='$fetch->location' AND `owner`='$username'"); } } echo "<meta http-equiv=\"refresh\" content=\"0;URL=banner2.php\">"; } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link rel="stylesheet" type="text/css" href="styles/in.css" /> <title>Untitled Document</title> </head> <body> <div align="center"> <table width="56%" border="1" cellpadding="0" cellspacing="0" bordercolor="#000000" class="thinline"> <tr> <td colspan="4" class="header" colspan="4" background="includes/grad.jpg" align="center">Territory in <? echo "$fetch->location"; ?></td> </tr> <tr bgcolor=white> <td width="20%" class=sub align=center>Owner</td> <td width="21%" class=sub align=center>Income(daily)</td> <td width="38%" class=sub align=center>Name</td> <td width="21%" class=sub align=center>Takeover</td> </tr> <?php $select = mysql_query("SELECT * FROM terr WHERE location='$fetch->location'"); while($me = mysql_fetch_object($select)){ echo " <tr> <td align=center><a href='profile.php?viewuser=$me->owner'>$me->owner</a></td> <td align=center>$5,000,00</td> <td align=center>$me->message</td> <td align=center><a href='?takeover=$me->id&location=$me->location'>Takeover</a></td> </tr>"; } ?> </table> <br> <? $own=mysql_num_rows(mysql_query("SELECT * FROM terr WHERE owner='$username' AND location='$fetch->location'")); if ($own != "0"){ echo "<div align='center'> <form action='' method='post'> <table width='500' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='000000' class=thinline> <tr> <td colspan=2 class=header><center>Territory Control Panel</center></td> </tr> <tr> <td width='176'>Deffence</td> <td width='318'>$terr->def</td> </tr> <tr> <td width='176'>Time Till Payout </td> <td width='318'>"; echo "".maketime($terr->payout).""; echo"</td> </tr> <tr> <td width='176'>Payout Amount </td> <td width='318'>$5,000,000</td> </tr> <tr> <td width='176' valign=top>Change territory name </td> <td width='318'> <center> <label> <input type='text' name='name'> </label> <label> <input type='submit' name='change' value='Change'> </label> </center> </td> </tr> <tr bgcolor=white> <td colspan=2 class=sub align=center><center> Upgrade Options </center></td> </tr> <tr> <td colspan=2 valign=top> <table width='100%' border='1' bordercolor=black align=center cellspacing='0' cellpadding='0' class=thinline> <tr> <td width='43%' class=sub align=center>Option</td> <td width='24%' class='sub' align=center>Cost</td> <td width='33%' class='sub' align=center>Deffence</td> </tr> <tr> <td><label> <input name='radiobutton' type='radio' value='1'> Put chicken wire up</label> <label></label></td> <td>$1,000,000</td> <td>+1</td> </tr> <tr> <td><input name='radiobutton' type='radio' value='2'> Build A small wall</td> <td>$4,000,000</td> <td>+5</td> </tr> <tr> <td><input name='radiobutton' type='radio' value='3'> Put barbed wire up</td> <td>$7,500,000</td> <td>+10</td> </tr> <tr> <td><label> <input name='radiobutton' type='radio' value='4'> Put electric wire up</label></td> <td>$10,000,000</td> <td>+15</td> </tr> <tr> <td><input name='radiobutton' type='radio' value='5'> Build A large wall</td> <td>$15,000,000</td> <td>+25</td> </tr> <tr> <td colspan=3 align=center><input type='submit' name='upgrade' value='Upgrade'></td> </tr> </table> </td> </tr> </table> </form> </div> "; } ?> <br> </div> </body> </html> problem between line 72 and 102 its meant to cost £1,000,000 per petrol Bomb But say i used 100 it would only cost £1,000,000 instead of 100,000,000 Thanks for looking and any suggestion welcome im sure its a simple fix just cant get my head around it Quote Link to comment Share on other sites More sharing options...
chicka Posted November 11, 2012 Share Posted November 11, 2012 (edited) mysql_query("UPDATE users SET money=money-1000000 WHERE username='$username'"); Your query only allows you to remove 1000000 from the user, in other words if you buy 1 or buy 100 its only gonna remove the same amount of money. try mysql_query("UPDATE users SET money=money- '$what ever the cost is per trys' WHERE username='$username'"); Edited November 11, 2012 by chicka Quote Link to comment Share on other sites More sharing options...
sniko Posted November 11, 2012 Share Posted November 11, 2012 Also, make the userid column in users your index, then reference that in the where clause, Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted November 11, 2012 Author Share Posted November 11, 2012 mysql_query("UPDATE users SET money=money- '$total' WHERE username='$username'"); Quote Link to comment Share on other sites More sharing options...
Mr-Scripts Posted November 11, 2012 Author Share Posted November 11, 2012 mysql_query("UPDATE users SET money=money- '$total' WHERE username='$username'"); also is there a way i can prevent - ammounts Quote Link to comment Share on other sites More sharing options...
newttster Posted November 11, 2012 Share Posted November 11, 2012 (edited) if ($ir['money'] < $total) { echo"You don't have enough money to do this." } else { mysql_query("UPDATE users SET money=money- '$total' WHERE username='$username'"); } I wonder why you are using the username as opposed to the userid though. The userid stays constant whereas the username does not. Oops. Just noticed that sniko stated that as well. Edited November 11, 2012 by newttster Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.