Bug Gesior

MatheusDiasLima · Maio 8, 2011

Pessoal, não sei se já tem este tópico aqui no XTibia, mas eu vou postar, pois é muito importante para quem tem server e site gesior.

O problema é o seguinte:

Quando um player coloca para dar item para outro "GIVE ITEM TO OTHER PLAYER".

Acontece que os premium points da account doadora sao copiados na account que está recebendo.

A única maneira que encontrei para acabar com esse bug foi retirando essa doação de itens. Pois não entendo de php.

Para retirar a opção vá em xammp/htdocs/shopsystem.php e deletem o codigo:

<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to other player</b></font></td></tr>
							<tr bgcolor="#D4C0A1"><td width="110"><b>To player:</b></td><td width="550"><input type="text" name="buy_name"> - name of the player who should get item</td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>From:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Give"> - your nick, \'empty\' = Anonymous</td></tr>

Se alguém puder ajudar a tirar o bug sem precisar deletar a função de doar itens, seria de muita ajuda.

Obrigado.

Natanael Beckman · Maio 8, 2011

Solução do seu problema:

shopsystem.php

<?PHP
if($config['site']['shop_system'] == 1) {
if($logged)
	$user_premium_points = $account_logged->getCustomField('premium_points');
else
	$user_premium_points = 'Login first';

function getItemByID($id)
{
 $id = (int) $id;
 $SQL = $GLOBALS['SQL'];
 $data = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_offer').' WHERE '.$SQL->fieldName('id').' = '.$SQL->quote($id).';')->fetch();
 if ($data['offer_type'] == 'pacc')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['days'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'item')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'vipdays')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['days'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'itemvip')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'container')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['container_id'] = $data['itemid2'];
   $offer['container_count'] = $data['count2'];
   $offer['item_id'] = $data['itemid1'];
   $offer['item_count'] = $data['count1'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'unban')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'redskull')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 elseif ($data['offer_type'] == 'itemlogout')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['pid'] = $data['pid'];
   $offer['count1'] = $data['count1'];
   $offer['item_id'] = $data['itemid1'];
   $offer['free_cap'] = $data['free_cap'];
 }
 elseif ($data['offer_type'] == 'changename')
 {
   $offer['id'] = $data['id'];
   $offer['type'] = $data['offer_type'];
   $offer['points'] = $data['points'];
   $offer['description'] = $data['offer_description'];
   $offer['name'] = $data['offer_name'];
 }
 return $offer;
}

function getOfferArray()
{
 $offer_list = $GLOBALS['SQL']->query('SELECT * FROM '.$GLOBALS['SQL']->tableName('z_shop_offer').';');
 $i_pacc = 0;
 $i_item = 0;
 $i_vipdays = 0;
 $i_itemvip = 0;
 $i_container = 0;
 $i_unban = 0;
 $i_redskull = 0;
 $i_itemlogout = 0;
 $i_changename = 0;
 while($data = $offer_list->fetch()) {
   if ($data['offer_type'] == 'pacc')
   {
     $offer_array['pacc'][$i_pacc]['id'] = $data['id'];
     $offer_array['pacc'][$i_pacc]['days'] = $data['count1'];
     $offer_array['pacc'][$i_pacc]['points'] = $data['points'];
     $offer_array['pacc'][$i_pacc]['description'] = $data['offer_description'];
     $offer_array['pacc'][$i_pacc]['name'] = $data['offer_name'];
     $i_pacc++;
   }
   elseif ($data['offer_type'] == 'item')
   {
     $offer_array['item'][$i_item]['id'] = $data['id'];
     $offer_array['item'][$i_item]['item_id'] = $data['itemid1'];
     $offer_array['item'][$i_item]['item_count'] = $data['count1'];
     $offer_array['item'][$i_item]['points'] = $data['points'];
     $offer_array['item'][$i_item]['description'] = $data['offer_description'];
     $offer_array['item'][$i_item]['name'] = $data['offer_name'];
     $i_item++;
   }
   elseif ($data['offer_type'] == 'vipdays')
   {
     $offer_array['vipdays'][$i_vipdays]['id'] = $data['id'];
     $offer_array['vipdays'][$i_vipdays]['days'] = $data['count1'];
     $offer_array['vipdays'][$i_vipdays]['points'] = $data['points'];
     $offer_array['vipdays'][$i_vipdays]['description'] = $data['offer_description'];
     $offer_array['vipdays'][$i_vipdays]['name'] = $data['offer_name'];
     $i_vipdays++;
   }
   elseif ($data['offer_type'] == 'itemvip')
   {
     $offer_array['itemvip'][$i_itemvip]['id'] = $data['id'];
     $offer_array['itemvip'][$i_itemvip]['item_id'] = $data['itemid1'];
     $offer_array['itemvip'][$i_itemvip]['item_count'] = $data['count1'];
     $offer_array['itemvip'][$i_itemvip]['points'] = $data['points'];
     $offer_array['itemvip'][$i_itemvip]['description'] = $data['offer_description'];
     $offer_array['itemvip'][$i_itemvip]['name'] = $data['offer_name'];
     $i_itemvip++;
   }
   elseif ($data['offer_type'] == 'container')
   {
     $offer_array['container'][$i_container]['id'] = $data['id'];
     $offer_array['container'][$i_container]['container_id'] = $data['itemid2'];
     $offer_array['container'][$i_container]['container_count'] = $data['count2'];
     $offer_array['container'][$i_container]['item_id'] = $data['itemid1'];
     $offer_array['container'][$i_container]['item_count'] = $data['count1'];
     $offer_array['container'][$i_container]['points'] = $data['points'];
     $offer_array['container'][$i_container]['description'] = $data['offer_description'];
     $offer_array['container'][$i_container]['name'] = $data['offer_name'];
     $i_container++;
   }
   elseif ($data['offer_type'] == 'unban')
   {
     $offer_array['unban'][$i_unban]['id'] = $data['id'];
     $offer_array['unban'][$i_unban]['points'] = $data['points'];
     $offer_array['unban'][$i_unban]['description'] = $data['offer_description'];
     $offer_array['unban'][$i_unban]['name'] = $data['offer_name'];
     $i_unban++;
   }
   elseif ($data['offer_type'] == 'redskull')
   {
     $offer_array['redskull'][$i_redskull]['id'] = $data['id'];
     $offer_array['redskull'][$i_redskull]['points'] = $data['points'];
     $offer_array['redskull'][$i_redskull]['description'] = $data['offer_description'];
     $offer_array['redskull'][$i_redskull]['name'] = $data['offer_name'];
     $i_redskull++;
   }
   elseif ($data['offer_type'] == 'itemlogout')
   {
     $offer_array['itemlogout'][$i_itemlogout]['id'] = $data['id'];
     $offer_array['itemlogout'][$i_itemlogout]['points'] = $data['points'];
     $offer_array['itemlogout'][$i_itemlogout]['description'] = $data['offer_description'];
     $offer_array['itemlogout'][$i_itemlogout]['name'] = $data['offer_name'];
     $offer_array['itemlogout'][$i_itemlogout]['count1'] = $data['count1'];
     $offer_array['itemlogout'][$i_itemlogout]['pid'] = $data['pid'];
     $offer_array['itemlogout'][$i_itemlogout]['item_id'] = $data['itemid1'];
     $offer_array['itemlogout'][$i_itemlogout]['free_cap'] = $data['free_cap'];
     $i_itemlogout++;
   }
   elseif ($data['offer_type'] == 'changename')
   {
     $offer_array['changename'][$i_changename]['id'] = $data['id'];
     $offer_array['changename'][$i_changename]['points'] = $data['points'];
     $offer_array['changename'][$i_changename]['description'] = $data['offer_description'];
     $offer_array['changename'][$i_changename]['name'] = $data['offer_name'];
     $i_changename++;
   }
 }
 return $offer_array;
}

if($action == '') {
	unset($_SESSION['viewed_confirmation_page']);
	$main_content .= '<h2><center>Welcome to '.$config['server']['serverName'].' Shop.</center></h2>';
	$offer_list = getOfferArray();
		//show list of items offers
		if(count($offer_list['vipdays']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> VIP DAYS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['vipdays']) > 0) {
				foreach($offer_list['vipdays'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		//show list of items offers
		if(count($offer_list['itemvip']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> MAX ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['itemvip']) > 0) {
				foreach($offer_list['itemvip'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		//show list of items offers
		if(count($offer_list['item']) > 0 or count($offer_list['container']) > 0 or count($offer_list['itemlogout']) > 0)
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			if(count($offer_list['item']) > 0) {
				foreach($offer_list['item'] as $item) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$item['id'].'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
			//show list of containers offers
			if(count($offer_list['container']) > 0) {
				$main_content .= '<table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> CONTAINERS WITH ITEMS</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
				foreach($offer_list['container'] as $container) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$container['id'].'.gif"></td><td><b>'.$container['name'].'</b> ('.$container['points'].' points)<br />'.$container['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$container['id'].'"><input type="submit" value="Buy '.$container['name'].'"><br><b>for '.$container['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
			if(count($offer_list['itemlogout']) > 0) {
				$main_content .= '<table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> Receive Item on Logout</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>Picture</b></font></td><td width="350" align="left"><b>Description</b></font></td><td width="250" align="center"><b>Select product</b></font></td></tr>';
				foreach($offer_list['itemlogout'] as $itemlogout) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$itemlogout['id'].'.gif"></td><td><b>'.$itemlogout['name'].'</b> ('.$itemlogout['points'].' points)<br />'.$itemlogout['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$itemlogout['id'].'"><input type="submit" value="Buy '.$itemlogout['name'].'"><br><b>for '.$itemlogout['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table><br />';
			}
		if(count($offer_list['changename']) > 0 or count($offer_list['pacc']) > 0 or count($offer_list['redskull']) > 0 or count($offer_list['unban']) > 0 )
			$main_content .= '<center><table border="0" cellpadding="1" cellspacing="1" width="650"><tr width="650" bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b> Others</b></font></td></tr><tr bgcolor="#D4C0A1"><td width="50" align="center"><b>#</b></td><td width="350" align="left"><b>Description</b></td><td width="250" align="center"><b>Select product</b></td></tr>';
			//Pacc
			if(count($offer_list['pacc']) > 0)
				foreach($offer_list['pacc'] as $pacc) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">'.$pacc['days'].'</td><td><b>'.$pacc['name'].'</b> ('.$pacc['points'].' points)<br />'.$pacc['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$pacc['id'].'"><input type="submit" value="Buy '.$pacc['name'].'"><br><b>for '.$pacc['points'].' points</b></form>';
				}
			//Change Name
			if(count($offer_list['changename']) > 0)
				foreach($offer_list['changename'] as $changename) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">Change Name</td><td><b>'.$changename['name'].'</b> ('.$changename['points'].' points)<br />'.$changename['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$changename['id'].'"><input type="submit" value="Buy '.$changename['name'].'"><br><b>for '.$changename['points'].' points</b></form>';
				}
			//Remove Red Skull
			if(count($offer_list['redskull']) > 0)
				foreach($offer_list['redskull'] as $redskull) {
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center"><img src="item_images/'.$redskull['id'].'.gif"></td><td><b>'.$redskull['name'].'</b> ('.$redskull['points'].' points)<br />'.$redskull['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$redskull['id'].'"><input type="submit" value="Buy '.$redskull['name'].'"><br><b>for '.$redskull['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
			//Unban
			if(count($offer_list['unban']) > 0)
				foreach($offer_list['unban'] as $unban){
					$main_content .= '<tr bgcolor="#F1E0C6"><td align="center">Unban</td><td><b>'.$unban['name'].'</b> ('.$unban['points'].' points)<br />'.$unban['description'].'</td><td align="center">';
					if(!$logged) $main_content .= '<b>Login to buy</b>'; else 
					$main_content .= '<form action="index.php?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$unban['id'].'"><input type="submit" value="Buy '.$unban['name'].'"><br><b>for '.$unban['points'].' points</b></form>';
					$main_content .= '</td></tr>';
				}
				$main_content .= '</table>';
}
elseif($action == 'select_player') {
	unset($_SESSION['viewed_confirmation_page']);
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else {
		$buy_id = (int) $_REQUEST['buy_id'];
		if(empty($buy_id)) {
			$main_content .= 'Please <a href="index.php?subtopic=shopsystem">select item</a> first.';
		} else {
			$buy_offer = getItemByID($buy_id);
			if(isset($buy_offer['id'])) {  //item exist in database
				if($buy_offer['type'] != 'changename') {
					if($user_premium_points >= $buy_offer['points']) {
						$main_content .= '<center><h2>Select player</h2><table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Selected offer</b></font></td></tr>
							<tr bgcolor="#F1E0C6"><td width="100"><b>Name:</b></td><td width="550">'.$buy_offer['name'].'</td></tr>
							<tr bgcolor="#D4C0A1"><td width="100"><b>Description:</b></td><td width="550">'.$buy_offer['description'].'</td></tr>
							</table><br /><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
							<table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to a player from your account</b></font></td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
							$players_from_logged_acc = $account_logged->getPlayersList();
						if(count($players_from_logged_acc) > 0) {
							$players_from_logged_acc->orderBy('name');
							foreach($players_from_logged_acc as $player)
								$main_content .= '<option>'.$player->getName().'</option>';
						} else {
							$main_content .= 'You don\'t have any character on your account.';
						}
						$main_content .= '</select> <input type="submit" value="Give"></td></tr></table>
							</form><br /><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
							<table border="0" cellpadding="1" cellspacing="1" width="650">
							<tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Give item to other player</b></font></td></tr>
							<tr bgcolor="#D4C0A1"><td width="110"><b>To player:</b></td><td width="550"><input type="text" name="buy_name"> - name of the player who should get item</td></tr>
							<tr bgcolor="#F1E0C6"><td width="110"><b>From:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Give"> - your nick, \'empty\' = Anonymous</td></tr>
							</table><br /></form>';
					} else {
						$main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points.<br>You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="index.php?subtopic=shopsystem">select other item</a> or buy premium points.';
					}
				} else {
				$main_content .= '<center><h2>Change Name</h2><form action="index.php?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
					<table border="0" cellpadding="1" cellspacing="1" width="650"><tr bgcolor="#505050"><td colspan="2"><font color="white" size="4"><b>Change Name:</b></font></td></tr>
					<tr bgcolor="#D4C0A1"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
				$players_from_logged_acc = $account_logged->getPlayersList();
					if(count($players_from_logged_acc) > 0) {
						$players_from_logged_acc->orderBy('name');
						foreach($players_from_logged_acc as $player) {
							$main_content .= '<option>'.$player->getName().'</option>';
						}
					} else {
						$main_content .= 'You don\'t have any character on your account.';
					}
					$main_content .= '</select></td></tr><tr bgcolor="#F1E0C6"><td width="110"><b>New name:</b></td><td width="550"><input type="text" name="buy_from"> <input type="submit" value="Change Name"></td></tr></table><br /></form>';
				}
			} else {
         				$main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem">select item</a> again.';
			}
		}
	}
}
elseif($action == 'confirm_transaction') {
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else {
		$buy_id = (int) $_POST['buy_id'];
		$buy_name = stripslashes(urldecode($_POST['buy_name']));
		$buy_from = stripslashes(urldecode($_POST['buy_from']));
		if(empty($buy_id)) {
			$main_content .= 'Please <a href="index.php?subtopic=shopsystem">select item</a> first.';
		} else {
			if($buy_offer['type'] == 'changename'){
				if(!check_name_new_char($buy_from)) {
					$main_content .= 'Invalid name format of new name.';
				}
			} else {
				$buy_offer = getItemByID($buy_id);
				$check_name_in_database = $ots->createObject('Player');
				$check_name_in_database->find($buy_from);
				if($buy_offer['type'] == 'changename'){
					if(!$check_name_in_database->isLoaded()) {
					}
				}
				if(isset($buy_offer['id'])) {  //item exist in database
					if($user_premium_points >= $buy_offer['points']) {
						if(check_name($buy_name)) {
							$buy_player = new OTS_Player();
							$buy_player->find($buy_name);
							if($buy_player->isLoaded()) {
								$buy_player_account = $buy_player->getAccount();
								if($_SESSION['viewed_confirmation_page'] == 'yes' && $_POST['buy_confirmed'] == 'yes') {
									if($buy_offer['type'] == 'pacc') {
										$player_premdays = $buy_player_account->getCustomField('premdays');
										$player_lastlogin = $buy_player_account->getCustomField('lastday');
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_pacc').' (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['days']).', \'realized\', '.$SQL->quote(time()).', '.$SQL->quote(time()).');';
										$SQL->query($save_transaction);
										$buy_player_account->setCustomField('premdays', $player_premdays+$buy_offer['days']);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										if($player_premdays == 0) {
											$buy_player_account->setCustomField('lastday', time());
										}
										$main_content .= '<center><h2>Premium ACcount added!</h2><b>'.$buy_offer['days'].' days</b> of Premium Account added to the account of player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
										}
									elseif($buy_offer['type'] == 'unban') {
										$my_acc_id = $account_logged->getCustomField('id');
										$datadata = $SQL->query('SELECT * FROM '.$SQL->tableName('bans').' WHERE value = '.$my_acc_id.';')->fetch();
											if($datadata['value'] == $my_acc_id) {
												if($SQL->query('DELETE FROM bans WHERE value= '.$my_acc_id.' LIMIT 1;')) {
												} else {
													$SQL->query('DELETE FROM bans WHERE account= '.$my_acc_id.' LIMIT 1;');
												}
												$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
												$user_premium_points = $user_premium_points - $buy_offer['points'];
												$main_content .= '<center><h2>Ban Deleted!</h2><b>Your account has been unbanned for '.$buy_offer['points'].' premium points</b> from your account.
													<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
											} else {
												$main_content .= '<center><b>You don\'t have any bans in your account!</b><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
											}
										}
									////////////////////////////////
									elseif($buy_offer['type'] == 'itemlogout') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE id = '.$my_acc_id.';')->fetch();
										$playerslot = $SQL->query('SELECT * FROM '.$SQL->tableName('player_items').' WHERE player_id = '.$my_acc_id.';')->fetch();
										if($playerinfo['online'] == '0') {
											if ($playerslot['pid'] != '10') {
												if ($datadata['cap'] >= $SQL->quote($buy_offer['free_cap'])) {
													$SQL->query('INSERT INTO player_items (player_id, pid, itemtype, count) VALUES ('.$my_acc_id.', '.$SQL->quote($buy_offer['pid']).', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['count1']).');');
													$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
													$user_premium_points = $user_premium_points - $buy_offer['points'];
													$main_content .= '<h2>Item received to player: '.$buy_player->getName().'!</h2><br>Now you have <b>'.$user_premium_points.' premium points</b>.
														<br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a>';
												} else {
													$main_content .= '<b>You need '.$SQL->quote($buy_offer['free_cap']).' or more of cap!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
												}
											} else {
												$main_content .= '<b>Please leave the arrow slot in blank to receive item!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
											}
										} else {
											$main_content .= '<b>You need to be offline!</b><br><a href="index.php?subtopic=shopsystem">Go back</a>';
										}
									}
									////////////////////////////////
									elseif($buy_offer['type'] == 'changename') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('id').' = '.$my_acc_id.';')->fetch();
										$checkname = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('name').' = '. $SQL->quote($buy_from) .';')->fetch();
											if($playerinfo['online'] == '0') {
											if($checkname == false) { 
												$SQL->query('UPDATE `players` SET `name` = '. $SQL->quote($buy_from) .' WHERE `id` = '. $my_acc_id.' ;');
												$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
												$user_premium_points = $user_premium_points - $buy_offer['points'];
												$main_content .= '<center><h2>Your name has been changed to '.$buy_from.'.</h2><br><b>You have '.$user_premium_points.' premium points left</b>.
													<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
											} else {
												$main_content .= '<center><h2>Sorry, the name "<i>'.$buy_from.'</i>" does already exist.<br>Please select another name.</h2><br>';
											}
										} else {
											$main_content .= '<center><h2>'.$buy_name.' has to be offline to complete transaction.</h2><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
										}
									}
									////////////////////////////////
									elseif($buy_offer['type'] == 'redskull') {
										$my_acc_id = $buy_player->getCustomField('id');
										$playerinfo = $SQL->query('SELECT * FROM '.$SQL->tableName('players').' WHERE '.$SQL->fieldName('id').' = '.$my_acc_id.';')->fetch();
										if($playerinfo['skull'] == '4' AND $playerinfo['online'] >= '0' AND $playerinfo['skulltime'] > '0') {
											$SQL->query('UPDATE killers SET unjustified=0 WHERE id IN (SELECT kill_id FROM player_killers WHERE player_id='. $my_acc_id .');');
											$SQL->query('UPDATE players SET skulltime=0, skull=0 WHERE id='. $my_acc_id .';');
											$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
											$user_premium_points = $user_premium_points - $buy_offer['points'];
											$main_content .= '<center><h2>RedSkull Removed!</h2><br><b>Your redskull has been removed from the player '.$buy_player->getName().'.</b>
												<br>Now you have<b> '.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
										} else {
											$main_content .= '<center><b>'.$buy_player->getName().' has to be offline or have redskull to complete transaction!.</b><br><br><a href="index.php?subtopic=shopsystem">Go back</a><br>';
										}
									}
									//////////////////////////
									elseif($buy_offer['type'] == 'item') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['item_count']).', \'\', \'\', \'item\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Item added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
                                       if($buy_offer['type'] == 'vipdays') {
$player_vip_time = $buy_player_account->getCustomField('vip_time');
$player_lastlogin = $buy_player_account->getCustomField('lastday');
$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_pacc').' (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['days']).', \'realized\', '.$SQL->quote(time()).', '.$SQL->quote(time()).');';
$SQL->query($save_transaction);
if($player_vip_time > 0)
$buy_player_account->setCustomField('vip_time', $player_vip_time + $buy_offer['days'] * 86400);
else
$buy_player_account->setCustomField('vip_time', time() + $buy_offer['days'] * 86400);
$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
$user_premium_points = $user_premium_points - $buy_offer['points'];
if ($player_vip_days >= 1) {
}
$main_content .= '<center><h2>VIP Days added!</h2><b>'.$buy_offer['days'].' days</b> of VIP days added to the account of player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">Go to Shop Site</a><br>';
}  
									elseif($buy_offer['type'] == 'itemvip') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['itemvip_count']).', \'\', \'\', \'itemvip\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Item VIP added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br>Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
									elseif($buy_offer['type'] == 'container') {
										$sql = 'INSERT INTO '.$SQL->tableName('z_ots_comunication').' (id, name, type, action, param1, param2, param3, param4, param5, param6, param7, delete_it) VALUES (NULL, '.$SQL->quote($buy_player->getName()).', \'login\', \'give_item\', '.$SQL->quote($buy_offer['item_id']).', '.$SQL->quote($buy_offer['item_count']).', '.$SQL->quote($buy_offer['container_id']).', '.$SQL->quote($buy_offer['container_count']).', \'container\', '.$SQL->quote($buy_offer['name']).', \'\', \'1\');';
										$SQL->query($sql);
										$save_transaction = 'INSERT INTO '.$SQL->tableName('z_shop_history_item').' (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.$SQL->quote($buy_player->getName()).', '.$SQL->quote($buy_player_account->getId()).', '.$SQL->quote($buy_from).',  '.$SQL->quote($account_logged->getId()).', '.$SQL->quote($buy_offer['points']).', '.$SQL->quote($buy_offer['name']).', \'wait\', '.$SQL->quote(time()).', \'0\');';
										$SQL->query($save_transaction);
										$account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
										$user_premium_points = $user_premium_points - $buy_offer['points'];
										$main_content .= '<center><h2>Container of items added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />Now you have <b>'.$user_premium_points.' premium points</b>.<br><br><a href="index.php?subtopic=shopsystem">GO TO MAIN SHOP SITE</a><br>';
									}
								} else {
									if($buy_offer['type'] != 'changename') {
										$set_session = TRUE;
										$_SESSION['viewed_confirmation_page'] = 'yes';
										$main_content .= '<center><h2>Confirm transaction</h2>
											<table border="0" cellpadding="1" cellspacing="1" width="700">
											<tr bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b>Confirm transaction</b></font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>For Player:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="100"><b>From:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
											<tr bgcolor="#F1E0C6"><td width="100"><b>Transaction?</b></td><td width="275" align="left">
											<form action="index.php?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($new_name).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
											<td align="right"><form action="index.php?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
											</table>';
									} else {
										$set_session = TRUE;
										$_SESSION['viewed_confirmation_page'] = 'yes';
										$main_content .= '<center><h2>Confirm Name Changing</h2>
											<table border="0" cellpadding="1" cellspacing="1" width="700">
											<tr bgcolor="#505050"><td colspan="3"><font color="white" size="4"><b>Confirm transaction</b></font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Current Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
											<tr bgcolor="#D4C0A1"><td width="130"><b>New Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
											<tr bgcolor="#F1E0C6"><td width="130"><b>Change Name?</b></td><td width="275" align="left">
											<form action="index.php?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($buy_from).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
											<td align="right"><form action="index.php?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
											</table>';
									}
								}
							} else {
								$main_content .= 'Player with name <b>'.$buy_name.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a>.';
							}
						} else {
							$main_content .= 'Invalid name format. Please <a href="index.php?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a> or contact with administrator.';
						}
					} else {
						$main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points. You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="index.php?subtopic=shopsystem">select other item</a> or buy premium points.';
					}
         				} else {
					$main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="index.php?subtopic=shopsystem">select item</a> again.';
				}
			}
		}
	}
	if(!$set_session) {
		unset($_SESSION['viewed_confirmation_page']);
	}
}

elseif($action == 'show_history') {
	if(!$logged) {
		$main_content .= 'Please login first.';
	} else{
		$items_history_received = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_history_item').' WHERE '.$SQL->fieldName('to_account').' = '.$SQL->quote($account_logged->getId()).' OR '.$SQL->fieldName('from_account').' = '.$SQL->quote($account_logged->getId()).';');
		if(is_object($items_history_received)) {
			foreach($items_history_received as $item_received) {
				if($account_logged->getId() == $item_received['to_account'])
					$char_color = 'green';
				else
					$char_color = 'red';
					$items_received_text .= '<tr bgcolor="#F1E0C6"><td><font color="'.$char_color.'">'.$item_received['to_name'].'</font></td><td>';
				if($account_logged->getId() == $item_received['from_account'])
					$items_received_text .= '<i>Your account</i>';
				else
					$items_received_text .= $item_received['from_nick'];
					$items_received_text .= '</td><td>'.$item_received['offer_id'].'</td><td>'.date("j F Y, H:i:s", $item_received['trans_start']).'</td>';
				if($item_received['trans_real'] > 0)
					$items_received_text .= '<td>'.date("j F Y, H:i:s", $item_received['trans_real']).'</td>';
				else
					$items_received_text .= '<td><b><font color="red">Not realized yet.</font></b></td>';
					$items_received_text .= '</tr>';
			}
		}
		$paccs_history_received = $SQL->query('SELECT * FROM '.$SQL->tableName('z_shop_history_pacc').' WHERE '.$SQL->fieldName('to_account').' = '.$SQL->quote($account_logged->getId()).' OR '.$SQL->fieldName('from_account').' = '.$SQL->quote($account_logged->getId()).';');
		if(is_object($paccs_history_received)) {
			foreach($paccs_history_received as $pacc_received) {
				if($account_logged->getId() == $pacc_received['to_account'])
					$char_color = 'green';
				else
					$char_color = 'red';
					$paccs_received_text .= '<tr bgcolor="#F1E0C6"><td><font color="'.$char_color.'">'.$pacc_received['to_name'].'</font></td><td>';
				if($account_logged->getId() == $pacc_received['from_account'])
					$paccs_received_text .= '<i>Your account</i>';
				else
					$paccs_received_text .= $pacc_received['from_nick'];
					$paccs_received_text .= '</td><td>'.$pacc_received['pacc_days'].' days</td><td>'.$pacc_received['price'].' Points</td><td>'.date("j F Y, H:i:s", $pacc_received['trans_real']).'</td></tr>';
			}
		}
		$main_content .= '<center><h1>Transactions History</h1></center>';
		if(!empty($items_received_text)) 
			$main_content .= '<center><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=95%><tr width="100%" bgcolor="#505050"><td colspan="5"><font color="white" size="4"><b> Item Transactions</b></font></td></tr><tr bgcolor="#D4C0A1"><td><b>To:</b></td><td><b>From:</b></td><td><b>Offer name</b></td><td><b>Bought on page</b></td><td><b>Received on '.$config['server']['serverName'].'</b></td></tr>'.$items_received_text.'</table><br />';
		if(!empty($paccs_received_text))
			$main_content .= '<center><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=95%><tr width="100%" bgcolor="#505050"><td colspan="5"><font color="white" size="4"><b> Pacc Transactions</b></font></td></tr><tr bgcolor="#D4C0A1"><td><b>To:</b></td><td><b>From:</b></td><td><b>Duration</b></td><td><b>Cost</b></td><td><b>Added:</b></td></tr>'.$paccs_received_text.'</table><br />';
		if(empty($paccs_received_text) && empty($items_received_text))
			$main_content .= 'You did not buy/receive any items or PACC.';
	}
}
if(!$logged)
	$main_content .= 'Please login to see how much points you have.';
else
	$main_content .= '<br><b><font color="green">You have premium points: </font></b>'.$user_premium_points;
}
else
$main_content .= '<br><center><b>Shop System is currently disabled for this server.Please ask the admin for more information.</b></center>';
?>

shopadmin.php

<?PHP
if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
$offertype = $_REQUEST['offer_type'];
if((empty($action)) AND (empty($offertype))) {
  		 $main_content .= '<br><h2><center><a href="?subtopic=shopadmin&action=addoffer">ADD SHOP OFFER</a><br><br><a href="?subtopic=shopadmin&action=viewoffer">
			VIEW SHOP OFFER <i>(EDIT/DELETE)</i></a><br><br><a href="?subtopic=shopadmin&action=points">ADD POINTS</a></center>';
}
if($action == "addoffer"){
	$shop_points = stripslashes(ucwords(strtolower(trim($_REQUEST['shop_points']))));
	$shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
	if(empty($shop_points)) {
		$main_content .= '<table border="0"><tr><td  align="center"><b>Select offer type:</b></td><td><table border="0" ><tr bgcolor="#505050">
			<td><font color="white">Item</td><td><font color="white">Item VIP</td><td><font color="white">Container</td><td><font color="white">Pacc</td><td><font color="white">VIP Days</td><td><font color="white">Redskull</td>
			<td><font color="white">Unban</td><td><font color="white">Changename</td></tr><tr bgcolor="#D4C0A1"><form action="" method="post">
			<td align="center"><input type="radio" name="offer_type" value="item" onClick="this.form.submit()"></td></lable>
			<td align="center"><input type="radio" name="offer_type" value="itemvip" onClick="this.form.submit()"></td></lable>
			<td align="center"><input type="radio" name="offer_type" value="container" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="pacc" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="vipdays" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="redskull" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="unban" onClick="this.form.submit()"></td>
			<td align="center"><input type="radio" name="offer_type" value="changename" onClick="this.form.submit()"></td>
			</form></tr></table></td></tr>';
		$main_content .= '<form action="?subtopic=shopadmin&action=addoffer&offer_type='.$shop_offer_type.'" method="post" ><table border="0"><tr>
			<td align="center" ><b>Points:</b></td><td><input type="textbox" name="shop_points" maxlenght="7" style="width: 70px"></td></tr>';
		if($_REQUEST['offer_type'] == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid2" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td><input type="text" name="shop_count2" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'item'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'itemvip'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($_REQUEST['offer_type'] == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Description:</b></td>
			<td ><textarea name="shop_offer_description" rows="2" cols="35"></textarea></td></tr>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td><input type="text" name="shop_offer_name" maxlenght="40" style="width: 200px" ></td></tr></table>
			<input name="submit" type="submit" value="Submit" /></form>
			<form action="?subtopic=shopadmin&action=addoffer" method="post" >
			<input name="submit" type="submit" value="Reset" /></form>';
		$main_content .= '<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	} else {
		$shop_points = stripslashes(trim($_POST['shop_points']));
		$shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
		$shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
		$shop_count1 = stripslashes(trim($_POST['shop_count1']));
		$shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
		$shop_count2 = stripslashes(trim($_POST['shop_count2']));
		$shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
		$shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
		$SQL->query('INSERT INTO `z_shop_offer` (id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid) VALUES (NULL, '.$SQL->quote($shop_points).', '.$SQL->quote($shop_itemid1).', '.$SQL->quote($shop_count1).', '.$SQL->quote($shop_itemid2).', '.$SQL->quote($shop_count2).', '.$SQL->quote($shop_offer_type).', '.$SQL->quote($shop_offer_description).', '.$SQL->quote($shop_offer_name).', 0)');
		$main_content .= '<center><h2><font color="red">Added to Shop:</font></h2></center><hr/>
			<tr><td align="center" ><b>Points:</b></td>
			<td>'.$shop_points.'</td></tr><br>';
		if($shop_offer_type == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td>'.$shop_count1.'</td></tr><br>
				<tr><td align="center" ><b> Item ID (in Container):</b></td>
				<td>'.$shop_itemid2.'</td></tr><br>
				<tr><td align="center" ><b>Count Item (in Container):</b></td>
				<td>'.$shop_count2.'</td></tr><br>';
		}
		if ($shop_offer_type == 'item'){
			$main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'itemvip'){
			$main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
				<td>'.$shop_itemid1.'</td></tr><br>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		if ($shop_offer_type == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td>'.$shop_count1.'</td></tr><br>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
			<td>'.$shop_offer_type.'</td></tr><br>
			<tr><td align="center" ><b>Offer Description:</b></td>
			<td>'.$shop_offer_description.'</td></tr><br>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td>'.$shop_offer_name.'</td></tr>
			<br><form action="?subtopic=shopadmin&action=addoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
if($action == "viewoffer") {
	$items = simplexml_load_file($config['site']['server_path'].'/data/items/items.xml') or die('<b>Could not load items!</b>');
	foreach($items->item as $v)
		$itemList[(int)$v['id']] = $v['name'];
	$order = array("id" => "id", "points" => "points", "offer_type" => "offer_type", "itemid1" => "itemid1", "itemid2" => "itemid2");
	$main_content .= '<center><table width="550"><tr BGCOLOR="#505050"><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'id') . '" class=white>ID:</td><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'points') . '" class=white>Points:</td><td width="7">
		<font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid1') . '" class=white>Item ID:</td><td width="5"><font color="white">Count:</td><td width="7"><center><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid2') . '" class=white>Container ID:</center></td><td width="5"><font color="white">Count:</td><td width="7"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'offer_type') . '" class=white>Offer Type:</td>
		<td width="85"><font color="white">Offer Description:</td><td width="30"><font color="white">Offer Name:</td><td width="30"></td></tr>';
	$shopoffers = $SQL->query('SELECT id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid FROM z_shop_offer ' . makeOrder($order, 'order', 'id'));
	foreach($shopoffers as $shop) {
		$main_content .= '</B><tr BGCOLOR="#D4C0A1"><td align="center">'.$shop['id'].'<td align="center">'.$shop['points'].'</td>';
		if($shop['itemid1'] == "0") {
			$main_content .= '<td align="center">'.$shop['itemid1'].'<br></td>';
		} else {
			$main_content .= '<td align="center">'.$shop['itemid1'].'<br>(' . $itemList[(int)$shop['itemid1']] . ')</td>';
		}
		$main_content .= '<td align="center">'.$shop['count1'].'</td>';
		if($shop['itemid2'] == "0") {
			$main_content .= '<td align="center">'.$shop['itemid2'].'</td>';
		} else {
			$main_content .= '<td align="center">'.$shop['itemid2'].'<br>(' . $itemList[(int)$shop['itemid2']] . ')</td>';
		}
		$main_content .= '<td align="center">'.$shop['count2'].'</td><td align="center">'.$shop['offer_type'].'</td><td align="left">'.$shop['offer_description'].'</td><td align="left">'.$shop['offer_name'].'</td>';
		$main_content .= '<td align="center"><a href="?subtopic=shopadmin&action=editoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/edit_news.png" border="0"></a><br><br><a href="?subtopic=shopadmin&action=deleteoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/delete_news.png" border="0"></a></td>';
	}
	$main_content .= '</td></tr></TABLE><br><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
}
if($action == "deleteoffer") {
	$id = (int) $_REQUEST['id'];
	$SQL->query('DELETE FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
	$main_content .= '<center>Shop offer has been deleted.</center><br><center><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form></center>';
}
if($action == "editoffer") {
	$id = (int) $_REQUEST['id'];
	$shopoffers = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
	foreach($shopoffers as $shop) {
		$main_content .= '<form action="?subtopic=shopadmin&action=edited&id='.$id.'" method="post" ><table border="0"><tr><td align="center" ><b>Points:</b></td>
			<td><input type="textbox" name="shop_points" maxlenght="7" value="'.$shop['points'].'" style="width: 70px"></td></tr>';
		if($shop['offer_type'] == 'container'){
			$main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Container:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid2" maxlenght="7" value="'.$shop['itemid2'].'" style="width: 70px" ></td></tr>
				<tr><td align="center" ><b>Count Item:</b></td>
				<td><input type="text" name="shop_count2" maxlenght="7" value="'.$shop['count2'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'item'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'itemvip'){
			$main_content .= '<tr><td align="center"><b>Item ID:</b></td>
				<td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
				<tr><td align="center"><b>Item Count:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'pacc'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		if($shop['offer_type'] == 'vipdays'){
			$main_content .= '<tr><td align="center" ><b>Days:</b></td>
				<td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
		}
		$main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
			<td><input type="text" name="shop_offer_type" value="'.$shop['offer_type'].'" maxlenght="40" style="width: 200px" ></td></tr>
			<tr><td align="center" ><b>Offer Description:</b></td>
			<td ><textarea name="shop_offer_description" rows="2" cols="35">'.$shop['offer_description'].'</textarea></td></tr>
			<tr><td align="center" ><b>Offer Name:</b></td>
			<td><input type="text" name="shop_offer_name" value="'.$shop['offer_name'].'" maxlenght="40" style="width: 200px" ></td></tr>
			<tr><td><input name="submit" type="submit" value="Submit" /></form></td><td></td></tr></table>';
		$main_content .= '<form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
if($action == "edited") {
	$id = (int) $_REQUEST['id'];
	$shop_points = stripslashes(trim($_POST['shop_points']));
	$shop_offer_type = stripslashes(trim($_POST['shop_offer_type']));
	$shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
	$shop_count1 = stripslashes(trim($_POST['shop_count1']));
	$shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
	$shop_count2 = stripslashes(trim($_POST['shop_count2']));
	$shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
	$shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
	$SQL->query('UPDATE `z_shop_offer` SET `points` = '.$shop_points.', `itemid1` = '.$SQL->quote($shop_itemid1).', `count1` = '.$SQL->quote($shop_count1).', `itemid2` = '.$SQL->quote($shop_itemid2).', `count2` = '.$SQL->quote($shop_count2).', `offer_type` = '.$SQL->quote($shop_offer_type).', `offer_description` = '.$SQL->quote($shop_offer_description).', `offer_name` = '.$SQL->quote($shop_offer_name).' WHERE `id` = '.$id.';');
	$main_content .= '<b><center>Shop offer successfully edited.</b><br><br><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form><meta http-equiv="refresh" content="1;url=/?subtopic=shopadmin&action=viewoffer" />';
}
if($action == "points") {
	$player = stripslashes(ucwords(strtolower(trim($_REQUEST['character']))));
	$points = $_POST['points'];
	if(empty($player)) {
		$main_content .= '<form action="" method="post"><B>Enter Character Name:</B><input type="textbox" name="character"><br>
			<B>Enter Points Amount:</B><input type="textbox" name="points"><br><br><input type="submit" value="Submit">
			</form></center><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	} else {
		$player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = '".$player."';")->fetch(); 
		$SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + '".$points."' WHERE `id` = '".$player_data['account_id']."'");
		$main_content .= '<b><center>'.$points.' Premium Points added to the account of <i>'.$player.'</i> !</b></center><br>
			<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
	}
}
} else {
$main_content .= 'Sorry, you have not the rights to access this page.';
}
?>

MatheusDiasLima · Maio 8, 2011

Natan,

Deu certo. Obrigado...

Vou te dar um REP+ pela ajuda.

Editado Maio 8, 2011 por BamMath

Entrar

Bug Gesior

Posts Recomendados

MatheusDiasLima 0

Link para o comentário

Compartilhar em outros sites

Natanael Beckman 223

Link para o comentário

Compartilhar em outros sites

MatheusDiasLima 0

Link para o comentário

Compartilhar em outros sites

Quem Está Navegando 0 membros estão online

Conteúdo Similar

Cliente 10.00 Bug Quando o jogador usa qualquer magia ou posição

Letreiro ao entrar em local

poketibia Problemas com mapa

Compilação de TFS

Fóruns

Tutoriais

Suporte