Ir para conteúdo

Bug Gesior


Posts Recomendados

Pessoal, não sei se já tem este tópico aqui no XTibia, mas eu vou postar, pois é muito importante para quem tem server e site gesior.

 

O problema é o seguinte:

 

Quando um player coloca para dar item para outro "GIVE ITEM TO OTHER PLAYER".

 

2czy5wp.jpg

 

Acontece que os premium points da account doadora sao copiados na account que está recebendo.

 

1zwbwyb.jpg

 

A única maneira que encontrei para acabar com esse bug foi retirando essa doação de itens. Pois não entendo de php.

Para retirar a opção vá em xammp/htdocs/shopsystem.php e deletem o codigo:

 

<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to other player</b></font></td></tr>
							<tr bgcolor="#D4C0A1"><td width="110"><b>To player:</b></td><td width="550"><input type="text" name="buy_name"> - name of the player who should get item</td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>From:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Give"> - your nick, \'empty\' = Anonymous</td></tr>

 

 

 

Se alguém puder ajudar a tirar o bug sem precisar deletar a função de doar itens, seria de muita ajuda.

Obrigado.

Link para o comentário
Compartilhar em outros sites

Solução do seu problema:

 

shopsystem.php

<?PHP
if($config['site']['shop_system'] == 1) {
if($logged)
	$user_premium_points = $account_logged->getCustomField('premium_points');
else
	$user_premium_points = 'Login first';

function getItemByID($id)
{
 $id = (int) $id;
 $SQL = $GLOBALS['SQL'];
 $data = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_offer').' WHERE '.$SQL->fieldName('id').' = '.$SQL->quote($id).';')->fetch();
 if ($data['offer_type'] == 'pacc')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['days'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'item')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'vipdays')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['days'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'itemvip')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'container')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['container_id'] = $data['itemid2'];
   $offer['container_count'] = $data['count2'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'unban')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'redskull')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'itemlogout')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['pid'] = $data['pid'];
   $offer['count1'] = $data['count1'];
   $offer['item_id'] = $data['itemid1'];
   $offer['free_cap'] = $data['free_cap'];
 }
 elseif ($data['offer_type'] == 'changename')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 return $offer;
}

function getOfferArray()
{
 $offer_list = $GLOBALS['SQL']->query('SELECT * FROM '.$GLOBALS['SQL']->tableName('z_shop_offer').';');
 $i_pacc = 0;
 $i_item = 0;
 $i_vipdays = 0;
 $i_itemvip = 0;
 $i_container = 0;
 $i_unban = 0;
 $i_redskull = 0;
 $i_itemlogout = 0;
 $i_changename = 0;
 while($data = $offer_list->fetch()) {
   if ($data['offer_type'] == 'pacc')
   {
     $offer_array['pacc'][$i_pacc]['id'] = $data['id'];
     $offer_array['pacc'][$i_pacc]['days'] = $data['count1'];
     $offer_array['pacc'][$i_pacc]['points'] = $data['points'];
     $offer_array['pacc'][$i_pacc]['description'] = $data['offer_description'];
     $offer_array['pacc'][$i_pacc]['name'] = $data['offer_name'];
     $i_pacc++;
   }
   elseif ($data['offer_type'] == 'item')
   {
     $offer_array['item'][$i_item]['id'] = $data['id'];
     $offer_array['item'][$i_item]['item_id'] = $data['itemid1'];
     $offer_array['item'][$i_item]['item_count'] = $data['count1'];
     $offer_array['item'][$i_item]['points'] = $data['points'];
     $offer_array['item'][$i_item]['description'] = $data['offer_description'];
     $offer_array['item'][$i_item]['name'] = $data['offer_name'];
     $i_item++;
   }
   elseif ($data['offer_type'] == 'vipdays')
   {
     $offer_array['vipdays'][$i_vipdays]['id'] = $data['id'];
     $offer_array['vipdays'][$i_vipdays]['days'] = $data['count1'];
     $offer_array['vipdays'][$i_vipdays]['points'] = $data['points'];
     $offer_array['vipdays'][$i_vipdays]['description'] = $data['offer_description'];
     $offer_array['vipdays'][$i_vipdays]['name'] = $data['offer_name'];
     $i_vipdays++;
   }
   elseif ($data['offer_type'] == 'itemvip')
   {
     $offer_array['itemvip'][$i_itemvip]['id'] = $data['id'];
     $offer_array['itemvip'][$i_itemvip]['item_id'] = $data['itemid1'];
     $offer_array['itemvip'][$i_itemvip]['item_count'] = $data['count1'];
     $offer_array['itemvip'][$i_itemvip]['points'] = $data['points'];
     $offer_array['itemvip'][$i_itemvip]['description'] = $data['offer_description'];
     $offer_array['itemvip'][$i_itemvip]['name'] = $data['offer_name'];
     $i_itemvip++;
   }
   elseif ($data['offer_type'] == 'container')
   {
     $offer_array['container'][$i_container]['id'] = $data['id'];
     $offer_array['container'][$i_container]['container_id'] = $data['itemid2'];
     $offer_array['container'][$i_container]['container_count'] = $data['count2'];
     $offer_array['container'][$i_container]['item_id'] = $data['itemid1'];
     $offer_array['container'][$i_container]['item_count'] = $data['count1'];
     $offer_array['container'][$i_container]['points'] = $data['points'];
     $offer_array['container'][$i_container]['description'] = $data['offer_description'];
     $offer_array['container'][$i_container]['name'] = $data['offer_name'];
     $i_container++;
   }
   elseif ($data['offer_type'] == 'unban')
   {
     $offer_array['unban'][$i_unban]['id'] = $data['id'];
     $offer_array['unban'][$i_unban]['points'] = $data['points'];
     $offer_array['unban'][$i_unban]['description'] = $data['offer_description'];
     $offer_array['unban'][$i_unban]['name'] = $data['offer_name'];
     $i_unban++;
   }
   elseif ($data['offer_type'] == 'redskull')
   {
     $offer_array['redskull'][$i_redskull]['id'] = $data['id'];
     $offer_array['redskull'][$i_redskull]['points'] = $data['points'];
     $offer_array['redskull'][$i_redskull]['description'] = $data['offer_description'];
     $offer_array['redskull'][$i_redskull]['name'] = $data['offer_name'];
     $i_redskull++;
   }
   elseif ($data['offer_type'] == 'itemlogout')
   {
     $offer_array['itemlogout'][$i_itemlogout]['id'] = $data['id'];
     $offer_array['itemlogout'][$i_itemlogout]['points'] = $data['points'];
     $offer_array['itemlogout'][$i_itemlogout]['description'] = $data['offer_description'];
     $offer_array['itemlogout'][$i_itemlogout]['name'] = $data['offer_name'];
     $offer_array['itemlogout'][$i_itemlogout]['count1'] = $data['count1'];
     $offer_array['itemlogout'][$i_itemlogout]['pid'] = $data['pid'];
     $offer_array['itemlogout'][$i_itemlogout]['item_id'] = $data['itemid1'];
     $offer_array['itemlogout'][$i_itemlogout]['free_cap'] = $data['free_cap'];
     $i_itemlogout++;
   }
   elseif ($data['offer_type'] == 'changename')
   {
     $offer_array['changename'][$i_changename]['id'] = $data['id'];
     $offer_array['changename'][$i_changename]['points'] = $data['points'];
     $offer_array['changename'][$i_changename]['description'] = $data['offer_description'];
     $offer_array['changename'][$i_changename]['name'] = $data['offer_name'];
     $i_changename++;
   }
 }
 return $offer_array;
}

if($action == '') {
	unset($_SESSION['viewed_confirmation_page']);
	$main_content .= '<h2><center>Welcome to '.$config['server']['serverName'].' Shop.</center></h2>';
	$offer_list = getOfferArray();
		//show list of items offers
		if(count($offer_list['vipdays']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> VIP DAYS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['vipdays']) > 0) {
				foreach($offer_list['vipdays'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		//show list of items offers
		if(count($offer_list['itemvip']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> MAX ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['itemvip']) > 0) {
				foreach($offer_list['itemvip'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		//show list of items offers
		if(count($offer_list['item']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['item']) > 0) {
				foreach($offer_list['item'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
			//show list of containers offers
			if(count($offer_list['container']) > 0) {
				$main_content .= '<table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> CONTAINERS WITH ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
				foreach($offer_list['container'] as $container) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$container['id'].'.gif"></td><td><b>'.$container['name'].'</b> ('.$container['points'].' points)<br />'.$container['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$container['id'].'"><input type="submit" value="Buy '.$container['name'].'"><br><b>for '.$container['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
			if(count($offer_list['itemlogout']) > 0) {
				$main_content .= '<table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> Receive Item on Logout</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></font></td><td width="350" align="left"><b>Description</b></font></td><td width="250" align="center"><b>Select product</b></font></td></tr>';
				foreach($offer_list['itemlogout'] as $itemlogout) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$itemlogout['id'].'.gif"></td><td><b>'.$itemlogout['name'].'</b> ('.$itemlogout['points'].' points)<br />'.$itemlogout['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$itemlogout['id'].'"><input type="submit" value="Buy '.$itemlogout['name'].'"><br><b>for '.$itemlogout['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		if(count($offer_list['changename']) > 0 or count($offer_list['pacc']) > 0 or count($offer_list['redskull']) > 0 or count($offer_list['unban']) > 0 )
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> Others</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>#</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			//Pacc
			if(count($offer_list['pacc']) > 0)
				foreach($offer_list['pacc'] as $pacc) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">'.$pacc['days'].'</td><td><b>'.$pacc['name'].'</b> ('.$pacc['points'].' points)<br />'.$pacc['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$pacc['id'].'"><input type="submit" value="Buy '.$pacc['name'].'"><br><b>for '.$pacc['points'].' points</b></form>';
				}
			//Change Name
			if(count($offer_list['changename']) > 0)
				foreach($offer_list['changename'] as $changename) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">Change Name</td><td><b>'.$changename['name'].'</b> ('.$changename['points'].' points)<br />'.$changename['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$changename['id'].'"><input type="submit" value="Buy '.$changename['name'].'"><br><b>for '.$changename['points'].' points</b></form>';
				}
			//Remove Red Skull
			if(count($offer_list['redskull']) > 0)
				foreach($offer_list['redskull'] as $redskull) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$redskull['id'].'.gif"></td><td><b>'.$redskull['name'].'</b> ('.$redskull['points'].' points)<br />'.$redskull['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$redskull['id'].'"><input type="submit" value="Buy '.$redskull['name'].'"><br><b>for '.$redskull['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
			//Unban
			if(count($offer_list['unban']) > 0)
				foreach($offer_list['unban'] as $unban){
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">Unban</td><td><b>'.$unban['name'].'</b> ('.$unban['points'].' points)<br />'.$unban['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$unban['id'].'"><input type="submit" value="Buy '.$unban['name'].'"><br><b>for '.$unban['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table>';
}
elseif($action == 'select_player') {
	unset($_SESSION['viewed_confirmation_page']);
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else {
		$buy_id = (int) $_REQUEST['buy_id'];
		if(empty($buy_id)) {
			$main_content .= 'Please <a href="index.php?subtopic=shopsystem">select item</a> first.';
		} else {
			$buy_offer = getItemByID($buy_id);
			if(isset($buy_offer['id'])) {  //item exist in database
				if($buy_offer['type'] != 'changename') {
					if($user_premium_points >= $buy_offer['points']) {
						$main_content .= '<center><h2>Select player</h2><table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Selected offer</b></font></td></tr>
							<tr bgcolor="#F1E0C6"><td width="100"><b>Name:</b></td><td width="550">'.$buy_offer['name'].'</td></tr>
							<tr bgcolor="#D4C0A1"><td width="100"><b>Description:</b></td><td width="550">'.$buy_offer['description'].'</td></tr>
							</table><br /><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
							<table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to a player from your account</b></font></td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
							$players_from_logged_acc = $account_logged->getPlayersList();
						if(count($players_from_logged_acc) > 0) {
							$players_from_logged_acc->orderBy('name');
							foreach($players_from_logged_acc as $player)
								$main_content .= '<option>'.$player->getName().'</option>';
						} else {
							$main_content .= 'You don\'t have any character on your account.';
						}
						$main_content .= '</select> <input type="submit" value="Give"></td></tr></table>
							</form><br /><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
							<table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to other player</b></font></td></tr>
							<tr bgcolor="#D4C0A1"><td width="110"><b>To player:</b></td><td width="550"><input type="text" name="buy_name"> - name of the player who should get item</td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>From:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Give"> - your nick, \'empty\' = Anonymous</td></tr>
							</table><br /></form>';
					} else {
						$main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points.<br>You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="index.php?subtopic=shopsystem">select other item</a> or buy premium points.';
					}
				} else {
				$main_content .= '<center><h2>Change Name</h2><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
					<table border="0" cellpadding="1" cellspacing="1" width="650"><tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Change Name:</b></font></td></tr>
					<tr bgcolor="#D4C0A1"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
				$players_from_logged_acc = $account_logged->getPlayersList();
					if(count($players_from_logged_acc) > 0) {
						$players_from_logged_acc->orderBy('name');
						foreach($players_from_logged_acc as $player) {
							$main_content .= '<option>'.$player->getName().'</option>';
						}
					} else {
						$main_content .= 'You don\'t have any character on your account.';
					}
					$main_content .= '</select></td></tr><tr bgcolor="#F1E0C6"><td width="110"><b>New name:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Change Name"></td></tr></table><br /></form>';
				}
			} else {
         				$main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem">select item</a> again.';
			}
		}
	}
}
elseif($action == 'confirm_transaction') {
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else {
		$buy_id = (int) $_POST['buy_id'];
		$buy_name = stripslashes(urldecode($_POST['buy_name']));
		$buy_from = stripslashes(urldecode($_POST['buy_from']));
		if(empty($buy_id)) {
			$main_content .= 'Please <a href="index.php?subtopic=shopsystem">select item</a> first.';
		} else {
			if($buy_offer['type'] == 'changename'){
				if(!check_name_new_char($buy_from)) {
					$main_content .= 'Invalid name format of new name.';
				}
			} else {
				$buy_offer = getItemByID($buy_id);
				$check_name_in_database = $ots->createObject('Player');
				$check_name_in_database->find($buy_from);
				if($buy_offer['type'] == 'changename'){
					if(!$check_name_in_database->isLoaded()) {
					}
				}
				if(isset($buy_offer['id'])) {  //item exist in database
					if($user_premium_points >= $buy_offer['points']) {
						if(check_name($buy_name)) {
							$buy_player = new OTS_Player();
							$buy_player->find($buy_name);
							if($buy_player->isLoaded()) {
								$buy_player_account = $buy_player->getAccount();
								if($_SESSION['viewed_confirmation_page'] == 'yes' && $_POST['buy_confirmed'] == 'yes') {
									if($buy_offer['type'] == 'pacc') {
										$player_premdays = $buy_player_account->getCustomField('premdays');
										$player_lastlogin = $buy_player_account->getCustomField('lastday');
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_pacc').' (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['days']).', \'realized\', '.$SQL->quote(time()).', '.$SQL->quote(time()).');';
										$SQL->query($save_transaction);
										$buy_player_account->setCustomField('premdays', $player_premdays+$buy_offer['days']);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										if($player_premdays == 0) {
											$buy_player_account->setCustomField('lastday', time());
										}
										$main_content .= '<center><h2>Premium ACcount added!</h2><b>'.$buy_offer['days'].' days</b> of Premium Account added to the account of player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
										}
									elseif($buy_offer['type'] == 'unban') {
										$my_acc_id = $account_logged->getCustomField('id');
										$datadata = $SQL->query('SELECT * FROM '.$SQL->tableName('bans').' WHERE value = '.$my_acc_id.';')->fetch();
											if($datadata['value'] == $my_acc_id) {
												if($SQL->query('DELETE FROM bans WHERE value= '.$my_acc_id.' LIMIT 1;')) {
												} else {
													$SQL->query('DELETE FROM bans WHERE account= '.$my_acc_id.' LIMIT 1;');
												}
												$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
												$user_premium_points = $user_premium_points - $buy_offer['points'];
												$main_content .= '<center><h2>Ban Deleted!</h2><b>Your account has been unbanned for '.$buy_offer['points'].' premium points</b> from your account.
													<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
											} else {
												$main_content .= '<center><b>You don\'t have any bans in your account!</b><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
											}
										}
									////////////////////////////////
									elseif($buy_offer['type'] == 'itemlogout') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE id = '.$my_acc_id.';')->fetch();
										$playerslot = $SQL->query('SELECT * FROM '.$SQL->tableName('player_items').' WHERE player_id = '.$my_acc_id.';')->fetch();
										if($playerinfo['online'] == '0') {
											if ($playerslot['pid'] != '10') {
												if ($datadata['cap'] >= $SQL->quote($buy_offer['free_cap'])) {
													$SQL->query('INSERT INTO player_items (player_id, pid, itemtype, count) VALUES ('.$my_acc_id.', '.$SQL->quote($buy_offer['pid']).', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['count1']).');');
													$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
													$user_premium_points = $user_premium_points - $buy_offer['points'];
													$main_content .= '<h2>Item received to player: '.$buy_player->getName().'!</h2><br>Now you have <b>'.$user_premium_points.' premium points</b>.
														<br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a>';
												} else {
													$main_content .= '<b>You need '.$SQL->quote($buy_offer['free_cap']).' or more of cap!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
												}
											} else {
												$main_content .= '<b>Please leave the arrow slot in blank to receive item!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
											}
										} else {
											$main_content .= '<b>You need to be offline!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
										}
									}
									////////////////////////////////
									elseif($buy_offer['type'] == 'changename') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('id').' = '.$my_acc_id.';')->fetch();
										$checkname = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('name').' = '. $SQL->quote($buy_from) .';')->fetch();
											if($playerinfo['online'] == '0') {
											if($checkname == false) { 
												$SQL->query('UPDATE `players` SET `name` = '. $SQL->quote($buy_from) .' WHERE `id` = '. $my_acc_id.' ;');
												$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
												$user_premium_points = $user_premium_points - $buy_offer['points'];
												$main_content .= '<center><h2>Your name has been changed to '.$buy_from.'.</h2><br><b>You have '.$user_premium_points.' premium points left</b>.
													<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
											} else {
												$main_content .= '<center><h2>Sorry, the name "<i>'.$buy_from.'</i>" does already exist.<br>Please select another name.</h2><br>';
											}
										} else {
											$main_content .= '<center><h2>'.$buy_name.' has to be offline to complete transaction.</h2><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
										}
									}
									////////////////////////////////
									elseif($buy_offer['type'] == 'redskull') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('id').' = '.$my_acc_id.';')->fetch();
										if($playerinfo['skull'] == '4' AND $playerinfo['online'] >= '0' AND $playerinfo['skulltime'] > '0') {
											$SQL->query('UPDATE killers SET unjustified=0 WHERE id IN (SELECT kill_id FROM player_killers WHERE player_id='. $my_acc_id .');');
											$SQL->query('UPDATE players SET skulltime=0, skull=0 WHERE id='. $my_acc_id .';');
											$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
											$user_premium_points = $user_premium_points - $buy_offer['points'];
											$main_content .= '<center><h2>RedSkull Removed!</h2><br><b>Your redskull has been removed from the player '.$buy_player->getName().'.</b>
												<br>Now you have<b> '.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
										} else {
											$main_content .= '<center><b>'.$buy_player->getName().' has to be offline or have redskull to complete transaction!.</b><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
										}
									}
									//////////////////////////
									elseif($buy_offer['type'] == 'item') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['item_count']).', \'\', \'\', \'item\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Item added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
                                       if($buy_offer['type'] == 'vipdays') {
$player_vip_time = $buy_player_account->getCustomField('vip_time');
$player_lastlogin = $buy_player_account->getCustomField('lastday');
$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_pacc').' (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['days']).', \'realized\', '.$SQL->quote(time()).', '.$SQL->quote(time()).');';
$SQL->query($save_transaction);
if($player_vip_time > 0)
$buy_player_account->setCustomField('vip_time', $player_vip_time + $buy_offer['days'] * 86400);
else
$buy_player_account->setCustomField('vip_time', time() + $buy_offer['days'] * 86400);
$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
$user_premium_points = $user_premium_points - $buy_offer['points'];
if ($player_vip_days >= 1) {
}
$main_content .= '<center><h2>VIP Days added!</h2><b>'.$buy_offer['days'].' days</b> of VIP days added to the account of player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
}  
									elseif($buy_offer['type'] == 'itemvip') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['itemvip_count']).', \'\', \'\', \'itemvip\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Item VIP added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
									elseif($buy_offer['type'] == 'container') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['item_count']).', '.$SQL->quote($buy_offer['container_id']).', '.$SQL->quote($buy_offer['container_count']).', \'container\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Container of items added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
								} else {
									if($buy_offer['type'] != 'changename') {
										$set_session = TRUE;
										$_SESSION['viewed_confirmation_page'] = 'yes';
										$main_content .= '<center><h2>Confirm transaction</h2>
											<table border="0" cellpadding="1" cellspacing="1" width="700">
											<tr bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b>Confirm transaction</b></font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>For Player:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>From:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>Transaction?</b></td><td width="275" align="left">
											<form action="index.php?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($new_name).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
											<td align="right"><form action="index.php?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
											</table>';
									} else {
										$set_session = TRUE;
										$_SESSION['viewed_confirmation_page'] = 'yes';
										$main_content .= '<center><h2>Confirm Name Changing</h2>
											<table border="0" cellpadding="1" cellspacing="1" width="700">
											<tr bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b>Confirm transaction</b></font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Current Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>New Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Change Name?</b></td><td width="275" align="left">
											<form action="index.php?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($buy_from).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
											<td align="right"><form action="index.php?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
											</table>';
									}
								}
							} else {
								$main_content .= 'Player with name <b>'.$buy_name.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a>.';
							}
						} else {
							$main_content .= 'Invalid name format. Please <a href="index.php?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a> or contact with administrator.';
						}
					} else {
						$main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points. You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="index.php?subtopic=shopsystem">select other item</a> or buy premium points.';
					}
         				} else {
					$main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem">select item</a> again.';
				}
			}
		}
	}
	if(!$set_session) {
		unset($_SESSION['viewed_confirmation_page']);
	}
}

elseif($action == 'show_history') {
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else{
		$items_history_received = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_history_item').' WHERE '.$SQL->fieldName('to_account').' = '.$SQL->quote($account_logged->getId()).' OR '.$SQL->fieldName('from_account').' = '.$SQL->quote($account_logged->getId()).';');
		if(is_object($items_history_received)) {
			foreach($items_history_received as $item_received) {
				if($account_logged->getId() == $item_received['to_account'])
					$char_color = 'green';
				else
					$char_color = 'red';
					$items_received_text .= '<tr bgcolor="#F1E0C6"><td><font color="'.$char_color.'">'.$item_received['to_name'].'</font></td><td>';
				if($account_logged->getId() == $item_received['from_account'])
					$items_received_text .= '<i>Your account</i>';
				else
					$items_received_text .= $item_received['from_nick'];
					$items_received_text .= '</td><td>'.$item_received['offer_id'].'</td><td>'.date("j F Y, H:i:s", $item_received['trans_start']).'</td>';
				if($item_received['trans_real'] > 0)
					$items_received_text .= '<td>'.date("j F Y, H:i:s", $item_received['trans_real']).'</td>';
				else
					$items_received_text .= '<td><b><font color="red">Not realized yet.</font></b></td>';
					$items_received_text .= '</tr>';
			}
		}
		$paccs_history_received = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_history_pacc').' WHERE '.$SQL->fieldName('to_account').' = '.$SQL->quote($account_logged->getId()).' OR '.$SQL->fieldName('from_account').' = '.$SQL->quote($account_logged->getId()).';');
		if(is_object($paccs_history_received)) {
			foreach($paccs_history_received as $pacc_received) {
				if($account_logged->getId() == $pacc_received['to_account'])
					$char_color = 'green';
				else
					$char_color = 'red';
					$paccs_received_text .= '<tr bgcolor="#F1E0C6"><td><font color="'.$char_color.'">'.$pacc_received['to_name'].'</font></td><td>';
				if($account_logged->getId() == $pacc_received['from_account'])
					$paccs_received_text .= '<i>Your account</i>';
				else
					$paccs_received_text .= $pacc_received['from_nick'];
					$paccs_received_text .= '</td><td>'.$pacc_received['pacc_days'].' days</td><td>'.$pacc_received['price'].' Points</td><td>'.date("j F Y, H:i:s", $pacc_received['trans_real']).'</td></tr>';
			}
		}
		$main_content .= '<center><h1>Transactions History</h1></center>';
		if(!empty($items_received_text)) 
			$main_content .= '<center><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=95%><tr width="100%" bgcolor="#505050"><td colspan="5"><font color="white" size="4"><b> Item Transactions</b></font></td></tr><tr bgcolor="#D4C0A1"><td><b>To:</b></td><td><b>From:</b></td><td><b>Offer name</b></td><td><b>Bought on page</b></td><td><b>Received on '.$config['server']['serverName'].'</b></td></tr>'.$items_received_text.'</table><br />';
		if(!empty($paccs_received_text))
			$main_content .= '<center><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=95%><tr width="100%" bgcolor="#505050"><td colspan="5"><font color="white" size="4"><b> Pacc Transactions</b></font></td></tr><tr bgcolor="#D4C0A1"><td><b>To:</b></td><td><b>From:</b></td><td><b>Duration</b></td><td><b>Cost</b></td><td><b>Added:</b></td></tr>'.$paccs_received_text.'</table><br />';
		if(empty($paccs_received_text) && empty($items_received_text))
			$main_content .= 'You did not buy/receive any items or PACC.';
	}
}
if(!$logged)
	$main_content .= 'Please login to see how much points you have.';
else
	$main_content .= '<br><b><font color="green">You have premium points: </font></b>'.$user_premium_points;
}
else
$main_content .= '<br><center><b>Shop System is currently disabled for this server.Please ask the admin for more information.</b></center>';
?>

 

shopadmin.php

<?PHP
if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
$offertype = $_REQUEST['offer_type'];
if((empty($action)) AND (empty($offertype))) {
  		 $main_content .= '<br><h2><center><a href="?subtopic=shopadmin&action=addoffer">ADD SHOP OFFER</a><br><br><a href="?subtopic=shopadmin&action=viewoffer">
			VIEW SHOP OFFER <i>(EDIT/DELETE)</i></a><br><br><a href="?subtopic=shopadmin&action=points">ADD POINTS</a></center>';
}
if($action == "addoffer"){
	$shop_points = stripslashes(ucwords(strtolower(trim($_REQUEST['shop_points']))));
	$shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
	if(empty($shop_points)) {
		$main_content .= '<table border="0"><tr><td  align="center"><b>Select offer type:</b></td><td><table border="0" ><tr bgcolor="#505050">
			<td><font color="white">Item</td><td><font color="white">Item VIP</td><td><font color="white">Container</td><td><font color="white">Pacc</td><td><font color="white">VIP Days</td><td><font color="white">Redskull</td>
			<td><font color="white">Unban</td><td><font color="white">Changename</td></tr><tr bgcolor="#D4C0A1"><form action="" method="post">
			<td align="center"><input type="radio" name="offer_type" value="item" onClick="this.form.submit()"></td></lable>
			<td align="center"><input type="radio" name="offer_type" value="itemvip" onClick="this.form.submit()"></td></lable>
			<td align="center"><input type="radio" name="offer_type" value="container" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="pacc" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="vipdays" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="redskull" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="unban" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="changename" onClick="this.form.submit()"></td>
			</form></tr></table></td></tr>';
		$main_content .= '<form action="?subtopic=shopadmin&action=addoffer&offer_type='.$shop_offer_type.'" method="post" ><table border="0"><tr>
			<td align="center" ><b>Points:</b></td><td><input type="textbox" name="shop_points" maxlenght="7" style="width: 70px"></td></tr>';
		if($_REQUEST['offer_type'] == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid2" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td><input type="text" name="shop_count2" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'item'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'itemvip'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Description:</b></td>
			<td ><textarea name="shop_offer_description" rows="2" cols="35"></textarea></td></tr>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td><input type="text" name="shop_offer_name" maxlenght="40" style="width: 200px" ></td></tr></table>
			<input name="submit" type="submit" value="Submit" /></form>
			<form action="?subtopic=shopadmin&action=addoffer" method="post" >
			<input name="submit" type="submit" value="Reset" /></form>';
		$main_content .= '<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	} else {
		$shop_points = stripslashes(trim($_POST['shop_points']));
		$shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
		$shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
		$shop_count1 = stripslashes(trim($_POST['shop_count1']));
		$shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
		$shop_count2 = stripslashes(trim($_POST['shop_count2']));
		$shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
		$shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
		$SQL->query('INSERT INTO `z_shop_offer` (id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid) VALUES (NULL, '.$SQL->quote($shop_points).', '.$SQL->quote($shop_itemid1).', '.$SQL->quote($shop_count1).', '.$SQL->quote($shop_itemid2).', '.$SQL->quote($shop_count2).', '.$SQL->quote($shop_offer_type).', '.$SQL->quote($shop_offer_description).', '.$SQL->quote($shop_offer_name).', 0)');
		$main_content .= '<center><h2><font color="red">Added to Shop:</font></h2></center><hr/>
			<tr><td align="center" ><b>Points:</b></td>
			<td>'.$shop_points.'</td></tr><br>';
		if($shop_offer_type == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td>'.$shop_count1.'</td></tr><br>
				<tr><td align="center" ><b> Item ID (in Container):</b></td>
				<td>'.$shop_itemid2.'</td></tr><br>
				<tr><td align="center" ><b>Count Item (in Container):</b></td>
				<td>'.$shop_count2.'</td></tr><br>';
		}
		if ($shop_offer_type == 'item'){
			$main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'itemvip'){
			$main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
			<td>'.$shop_offer_type.'</td></tr><br>
			<tr><td align="center" ><b>Offer Description:</b></td>
			<td>'.$shop_offer_description.'</td></tr><br>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td>'.$shop_offer_name.'</td></tr>
			<br><form action="?subtopic=shopadmin&action=addoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
if($action == "viewoffer") {
	$items = simplexml_load_file($config['site']['server_path'].'/data/items/items.xml') or die('<b>Could not load items!</b>');
	foreach($items->item as $v)
		$itemList[(int)$v['id']] = $v['name'];
	$order = array("id" => "id", "points" => "points", "offer_type" => "offer_type", "itemid1" => "itemid1", "itemid2" => "itemid2");
	$main_content .= '<center><table width="550"><tr BGCOLOR="#505050"><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'id') . '" class=white>ID:</td><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'points') . '" class=white>Points:</td><td width="7">
		<font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid1') . '" class=white>Item ID:</td><td width="5"><font color="white">Count:</td><td width="7"><center><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid2') . '" class=white>Container ID:</center></td><td width="5"><font color="white">Count:</td><td width="7"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'offer_type') . '" class=white>Offer Type:</td>
		<td width="85"><font color="white">Offer Description:</td><td width="30"><font color="white">Offer Name:</td><td width="30"></td></tr>';
	$shopoffers = $SQL->query('SELECT id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid FROM z_shop_offer ' . makeOrder($order, 'order', 'id'));
	foreach($shopoffers as $shop) {
		$main_content .= '</B><tr BGCOLOR="#D4C0A1"><td align="center">'.$shop['id'].'<td align="center">'.$shop['points'].'</td>';
		if($shop['itemid1'] == "0") {
			$main_content .= '<td align="center">'.$shop['itemid1'].'<br></td>';
		} else {
			$main_content .= '<td align="center">'.$shop['itemid1'].'<br>(' . $itemList[(int)$shop['itemid1']] . ')</td>';
		}
		$main_content .= '<td align="center">'.$shop['count1'].'</td>';
		if($shop['itemid2'] == "0") {
			$main_content .= '<td align="center">'.$shop['itemid2'].'</td>';
		} else {
			$main_content .= '<td align="center">'.$shop['itemid2'].'<br>(' . $itemList[(int)$shop['itemid2']] . ')</td>';
		}
		$main_content .= '<td align="center">'.$shop['count2'].'</td><td align="center">'.$shop['offer_type'].'</td><td align="left">'.$shop['offer_description'].'</td><td align="left">'.$shop['offer_name'].'</td>';
		$main_content .= '<td align="center"><a href="?subtopic=shopadmin&action=editoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/edit_news.png" border="0"></a><br><br><a href="?subtopic=shopadmin&action=deleteoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/delete_news.png" border="0"></a></td>';
	}
	$main_content .= '</td></tr></TABLE><br><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
}
if($action == "deleteoffer") {
	$id = (int) $_REQUEST['id'];
	$SQL->query('DELETE FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
	$main_content .= '<center>Shop offer has been deleted.</center><br><center><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form></center>';
}
if($action == "editoffer") {
	$id = (int) $_REQUEST['id'];
	$shopoffers = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
	foreach($shopoffers as $shop) {
		$main_content .= '<form action="?subtopic=shopadmin&action=edited&id='.$id.'" method="post" ><table border="0"><tr><td align="center" ><b>Points:</b></td>
			<td><input type="textbox" name="shop_points" maxlenght="7" value="'.$shop['points'].'" style="width: 70px"></td></tr>';
		if($shop['offer_type'] == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid2" maxlenght="7" value="'.$shop['itemid2'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td><input type="text" name="shop_count2" maxlenght="7" value="'.$shop['count2'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'item'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'itemvip'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
			<td><input type="text" name="shop_offer_type" value="'.$shop['offer_type'].'" maxlenght="40" style="width: 200px" ></td></tr>
			<tr><td align="center" ><b>Offer Description:</b></td>
			<td ><textarea name="shop_offer_description" rows="2" cols="35">'.$shop['offer_description'].'</textarea></td></tr>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td><input type="text" name="shop_offer_name" value="'.$shop['offer_name'].'" maxlenght="40" style="width: 200px" ></td></tr>
			<tr><td><input name="submit" type="submit" value="Submit" /></form></td><td></td></tr></table>';
		$main_content .= '<form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
if($action == "edited") {
	$id = (int) $_REQUEST['id'];
	$shop_points = stripslashes(trim($_POST['shop_points']));
	$shop_offer_type = stripslashes(trim($_POST['shop_offer_type']));
	$shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
	$shop_count1 = stripslashes(trim($_POST['shop_count1']));
	$shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
	$shop_count2 = stripslashes(trim($_POST['shop_count2']));
	$shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
	$shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
	$SQL->query('UPDATE `z_shop_offer` SET `points` = '.$shop_points.', `itemid1` = '.$SQL->quote($shop_itemid1).', `count1` = '.$SQL->quote($shop_count1).', `itemid2` = '.$SQL->quote($shop_itemid2).', `count2` = '.$SQL->quote($shop_count2).', `offer_type` = '.$SQL->quote($shop_offer_type).', `offer_description` = '.$SQL->quote($shop_offer_description).', `offer_name` = '.$SQL->quote($shop_offer_name).' WHERE `id` = '.$id.';');
	$main_content .= '<b><center>Shop offer successfully edited.</b><br><br><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form><meta http-equiv="refresh" content="1;url=/?subtopic=shopadmin&action=viewoffer" />';
}
if($action == "points") {
	$player = stripslashes(ucwords(strtolower(trim($_REQUEST['character']))));
	$points = $_POST['points'];
	if(empty($player)) {
		$main_content .= '<form action="" method="post"><B>Enter Character Name:</B><input type="textbox" name="character"><br>
			<B>Enter Points Amount:</B><input type="textbox" name="points"><br><br><input type="submit" value="Submit">
			</form></center><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	} else {
		$player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = '".$player."';")->fetch(); 
		$SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + '".$points."' WHERE `id` = '".$player_data['account_id']."'");
		$main_content .= '<b><center>'.$points.' Premium Points added to the account of <i>'.$player.'</i> !</b></center><br>
			<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
} else {
$main_content .= 'Sorry, you have not the rights to access this page.';
}
?> 

Link para o comentário
Compartilhar em outros sites

×
×
  • Criar Novo...