Legaci Posted June 19, 2013 Share Posted June 19, 2013 <?php include "globals.php"; echo "<center>"; if($_GET['action']) { if(!in_array($_GET['action'], array('remove','add'))) { echo "Invalid action!<br/> <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } } $_GET['XID'] = isset($_GET['XID']); switch($_GET['action']) { case 'remove' : remove(); break; case 'add' : add(); break; default : display(); break; } function display() { global $ir, $h, $db, $query; echo "<center><h1>Display Case</h1>"; $_GET['XID'] = abs(intval($_GET['XID'])); if(!$_GET['XID']) { echo "Invalid ID <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { $query = array(); $db->query("SELECT `display_case` FROM `users` WHERE `userid` = '".mysql_real_escape_string($_GET['XID'])."' AND `display_case` = 'yes'"); if(!$db->num_rows($plys)) { echo "Sorry, This user does not have a display case! <hr width='750px'>><a href='display.php'>Back</a><hr width='750px'>"; $h->endpage(); exit(); } else { if($_GET['ID'] == $ir['userid']) { echo "<b>><a href='display.php?action=add'>Add items</a> | ><a href='display.php?action=remove'>Remove items</a></b><hr width = '750px'/>"; } $py = array(); $py = $db->fetch_row($plys); $query = array(); $db->query("SELECT * FROM `player_display_items` pdi LEFT JOIN `inventory` i ON pdi.pdi_itemid = i.inv_id WHERE pdi.pdi_playerid = '".mysql_real_escape_string($_GET['ID'])."' ORDER BY i.inv_id ASC"); echo "<table width = '100%' cellspacing='1'><tr>"; if(!$db->num_rows($thishop)) { echo "<tr><td align = 'center'>This person does not have any items in their display case.</td></tr></table>"; } else { $ts = array(); $num = 0; while($ts = $db->fetch_row($thishop)) { $num++; echo "<td align = 'center'><b>",htmlentities($ts['item_name']),"</b> (x ".number_format($ts['pdi_qty']).") <a href='iinfo.php?ID=".$ts['item_id']."'><img src='images/items/".$ts['item_picture']."' border='1'></a></td>"; if($num == 3) { echo "</tr><tr>"; $num=0; } } echo "</table>"; } } } } function add() { echo "<center><h1>Add items to your display</h1><hr />"; global $ir,$h, $db, $m, $user, $itemid, $qty; $query = array(); $db->query("SELECT `display_case` FROM `users` WHERE `userid` = '".mysql_real_escape_string($ir['userid'])."' AND `display_case` = 'yes'"); if(!$db->num_rows($myshop)) { echo "<table>Error, You dont own a display case to add items to!<br/> <hr width='750px'>><a href=\"javascript:history.back();\">Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } if(!$_POST['add']) { $query = array(); $db->query("SELECT * FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_userid = '".$ir['userid']."'"); $le = array(); echo "<table width = '750px' class = 'rounded'><tr><td align = 'center'> <table width = '100%'><tr bgcolor = #999999 style = 'font-weight:800;'><td>Item</td><td>Qty</td><td>Add</td> </tr>"; $num=0; while($le = $db->fetch_row($listem)) { echo "<form action = 'display.php?action=add' method = 'post'> <tr bgcolor = $color> <td align = 'left'>".htmlentities($le['itmname'])."</td> <td align = 'left'>".number_format($le['inv_qty'])."</td> <td align = 'right'><input type = 'text' name = 'qty' value = ''> <input type = 'hidden' name = 'item' value = '".$le['inv_id']."'> <input type = 'submit' name = 'add' value = 'Add'></td></tr></form>"; } echo "</table></td></tr></table>"; } else { $_POST['inv_id'] = abs(intval($_POST['inv_id'])); $_POST['inv_qty'] = abs(intval($_POST['inv_qty'])); if(!$_POST['item'] || !$_POST['qty']) { echo "<table>Error, Please go back and fill the form in correctly!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } $db->query("SELECT FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_id = '".$_POST['item']."' AND mi.inv_userid = '".$ir['userid']."'"); if(!$db->num_rows($mine)) { echo "<table>Error, Invalid item!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr></table>"; $h->endpage(); exit(); } $m = array(); $m = $db->fetch_row($mine); if($_POST['qty'] > $m['inv_qty']) { echo "<table>Error, you dont have that many!<br/> <hr width='750px'>><a href='display.php?action=add'>Back</a><hr width='750px'></table>"; $h->endpage(); exit(); } if($_POST['item'] && $_POST['qty'] && $_POST['add'] != 'Confirm') { echo "<table>Are you sure you wish to add ".number_format($_POST['qty'])." <b>".htmlentities($m['itmname'])."(s)</b> to your display?<br/> <form action = 'display.php?action=add' method = 'post'> <input type = 'hidden' name = 'item' value = '".$_POST['item']."'> <input type = 'hidden' name = 'qty' value = '".$_POST['qty']."'> <input type = 'submit' name = 'add' value = 'Confirm'> </form></table>"; } else { if($_POST['item'] && $_POST['qty'] && $_POST['add'] == 'Confirm') { $query = array(); $db->query("SELECT * FROM `player_display_items` WHERE `pdi_itemid` = '".($ir['item_id'])."' AND `pdi_playerid` = '".($ir['userid'])."'"); if(!$db->num_rows($alin)) { $query = array(); $db->query("INSERT INTO `player_display_items` VALUES ('NULL', '".($ir['userid'])."', '".($ir['item_id'])."', '".($_POST['qty'])."')"); } else { $query = array(); $db->query("UPDATE `player_display_items` SET `pdi_qty` = `pdi_qty` + '".mysql_real_escape_string($_POST['qty'])."' WHERE `pdi_id` = '".mysql_real_escape_string($ai['pdi_id'])."'"); } item_remove($ir['inv_userid'], i.itmid, $m['qty']); echo "Items added successfully! <hr width='750px'>><a href='display.php?action=add'>Okay</a><hr width='750px'>"; $h->endpage(); exit(); } } } } QUERY ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM `inventory` mi LEFT JOIN `items` i ON mi.' at line 2 Query was SELECT FROM `inventory` mi LEFT JOIN `items` i ON mi.inv_itemid = i.itmid WHERE mi.inv_id = '2' AND mi.inv_userid = '1' i get this error when i finally add it to the display Quote Link to comment Share on other sites More sharing options...
Guest Posted June 19, 2013 Share Posted June 19, 2013 Your not selecting anything in the query, you need SELECT * FROM [code] You have [code] SELECT FROM Quote Link to comment Share on other sites More sharing options...
Legaci Posted June 19, 2013 Author Share Posted June 19, 2013 still the same problem :/ it seems i am not calling itemid correctly but ive read that whole function a million times Quote Link to comment Share on other sites More sharing options...
Dominion Posted June 19, 2013 Share Posted June 19, 2013 What function? Look at line 161. Quote Link to comment Share on other sites More sharing options...
Guest Posted June 19, 2013 Share Posted June 19, 2013 There is no $listem or $mine querys from what I can see. Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted June 19, 2013 Share Posted June 19, 2013 (edited) Isn't this the same script you are posting about in another thread? I'm going to go confirm ill be back Its confirmed so I'm locking this one Edited June 19, 2013 by KyleMassacre Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.