Jump to content
MakeWebGames

Recommended Posts

Posted

When my users buy an item from the shop it will take their money but not give the item. I think the problem is on itembuy.php.

 

<?php
/*-----------------------------------------------------
-- Mono Country v1.0
-- A product of DBS-entertainment
-- Copyright held 2005 by Dabomstew
-- INDEX.php
-------------------------------------------------------
-- Armory Script PLUS v1.0
-- A product of Flash Fire Gaming
-- Copyright held 2006 by Cronus
-----------------------------------------------------*/
session_start();
require "global_func.php";
if($_SESSION['loggedin']==0) { header("Location: login.php");exit; }
$userid=$_SESSION['userid'];
require "header.php";
$h = new headers;
$h->startheaders();
include "mysql.php";
global $c;
$is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error());
$ir=mysql_fetch_array($is);
check_level();
$fm=money_formatter($ir['money']);
$cm=money_formatter($ir['crystals'],'');
$lv=date('F j, Y, g:i a',$ir['laston']);
$h->userdata($ir,$lv,$fm,$cm);
$h->menuarea();

if($ir[hospital]>0)
die("You are in the hospital for {$ir[hospital]} minutes.");
if($ir[jail]>0)
die("You are in jail for {$ir[jail]} minutes.");

$_GET['ID']= abs((int) $_GET['ID']);
$_POST['qty']= abs((int) $_POST['qty']);
if(!$_GET['ID'] || !$_POST['qty'])
{
print "Invalid use of file";
}
else if($_POST['qty'] <= 0)
{
print "You have been added to the delete list for trying to cheat the game.";
}
else
{
$q=mysql_query("SELECT * FROM items WHERE itmid={$_GET['ID']}",$c);
if(mysql_num_rows($q) == 0)
{
print "Invalid item ID";
}
else
{
$itemd=mysql_fetch_array($q);
if($ir['money'] < $itemd['itmbuyprice']*$_POST['qty'])
{
print "You don't have enough money to buy this item!";
$h->endpage();
exit;
}
if($itemd['itmbuyable'] == 0)
{
print "This item can't be bought!";
$h->endpage();
exit;
}
$price=($itemd['itmbuyprice']*$_POST['qty']);
mysql_query("INSERT INTO inventory VALUES('',{$_GET['ID']},$userid,{$_POST['qty']},0);",$c);
mysql_query("UPDATE users SET money=money-$price WHERE userid=$userid",$c);
mysql_query("INSERT INTO itembuylogs VALUES ('', $userid, {$_GET['ID']}, $price, {$_POST['qty']}, unix_timestamp(), '{$ir['username']} bought {$_POST['qty']} {$itemd['itmname']}(s) for {$price}')", $c);
print "You bought {$_POST['qty']} {$itemd['itmname']}(s) for \$$price";
}
}
$h->endpage();
?>

Any help would be appreciated :-)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...