Attackmug.php

[BreakingLight]

Ok im not really sure where to begin.Ok my attack mug dosent give the EXP nor the money it says it does.Am i Over looking sumin?

 

<?php
/*-----------------------------------------------------
-- Mono Country v1.0 BETA
-- A product of DBS-entertainment
-- Copyright held 2005 by Dabomstew
-- INDEX.php
-----------------------------------------------------*/
session_start();
require "global_func.php";
if($_SESSION['loggedin']==0) { header("Location: login.php");exit; }
$userid=$_SESSION['userid'];
require "header.php";
$h = new headers;
$h->startheaders();
include "mysql.php";
global $c;
include "clean.php";
$is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error());
$ir=mysql_fetch_array($is);
check_level();
$fm=money_formatter($ir['money']);
$cm=money_formatter($ir['crystals'],'');
$lv=date('F j, Y, g:i a',$ir['laston']);
$h->userdata($ir,$lv,$fm,$cm,0);
$h->menuarea();

$_GET['ID']=abs((int) $_GET['ID']);
$_SESSION['attacking']=0;
$od=mysql_query("SELECT * FROM users WHERE userid={$_GET['ID']}",$c);
if($_SESSION['attackwon'] != $_GET['ID'])
{
die ("Cheaters don't get anywhere.");
}
if(mysql_num_rows($od))
{
$r=mysql_fetch_array($od);
if($r['hp'] == 1)
{
print "What a cheater u are.";
}
else
{
$stole=(int) (rand($r['money']/500,$r['money']/20));
print "You beat {$r['username']} and stole \$$stole";
$qe=$r['level']*$r['level']*$r['level']*$r['level'];
$expgain=rand($qe/6,$qe/3);
$expperc=(int) ($expgain/$ir['exp_needed']*100);
print " and gained $expperc% EXP!";
mysql_query("UPDATE users SET attackwon=attackwon+1,exp=exp+$expgain,money=money+$stole WHERE userid=$userid",$c);
mysql_query("UPDATE users SET attacklost=attacklost+1,hp=1,money=money-$stole WHERE userid={$r['userid']}",$c);
event_add($r['userid'],"[url='viewuser.php?u=$userid']{$ir['username']}[/url] attacked you and stole $stole.",$c);

mysql_query("UPDATE users SET hp=1,hospital=hospital+20+(rand()*20),hospreason='Attacked by {$ir['username']}' WHERE userid={$r['userid']}",$c) ;
$atklog=mysql_escape_string($_SESSION['attacklog']);
mysql_query("INSERT INTO attacklogs VALUES('',$userid,{$_GET['ID']},'won',unix_timestamp(),$stole,'$atklog');",$c);
$_SESSION['attackwon']=0;
$warq=mysql_query("SELECT * FROM gangwars WHERE (warDECLARER={$ir['gang']} AND warDECLARED={$r['gang']}) OR (warDECLARED={$ir['gang']} AND warDECLARER={$r['gang']})",$c);
if (mysql_num_rows($warq) > 0)
{
$war=mysql_fetch_array($warq);
mysql_query("UPDATE gangs SET gangRESPECT=gangRESPECT-1 WHERE gangID={$r['gang']}",$c);
mysql_query("UPDATE gangs SET gangRESPECT=gangRESPECT+0 WHERE gangID={$ir['gang']}",$c);
}

}
}
else
{
print "You beat Mr. non-existant!";
}
$h->endpage();
?>

[CraigF]

Re: Attackmug.php

it should be giving the amount of money they have / 500

so if they had 1k, it give you 2gp