Untitled
unknown
php
2 years ago
2.2 kB
5
Indexable
if ($action == 'buy') {
$name = $_POST['char'];
$price = $_POST['price'];
$ceh = $SQL->query("SELECT `name` FROM `sellchar` WHERE `name` = '$name'");
if ($ceh) {
if ($name == '') {
$main_content .= '<b><center>Select a character to buy first/b>';
} else {
$user_premium_points = $account_logged->getCustomField('premium_points');
$user_id = $account_logged->getCustomField('id');
if ($user_premium_points >= $price) {
$check = $SQL->query("SELECT * FROM `sellchar` WHERE `name` = '$name'") or die(mysql_error());
$check1 = $SQL->query("SELECT * FROM `players` WHERE `name` = '$name'") or die(mysql_error());
$check2 = $SQL->query("SELECT `oldid` FROM `sellchar` WHERE `name` = '$name'");
foreach ($check as $result) {
foreach($check1 as $res) {
foreach($check2 as $ress) {
$oid = $ress['oldid'];
$main_content .= '<center>You bought<b> '.$name.' ( '.$res['level'].' ) </b>for <b>'.$result['price'].' points.</b><br></center>';
$main_content .= '<br>';
$main_content .= '<center><b>The character is in your account, have fun!</b></center>';
$execute1 = $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` - '$price' WHERE `id` = '$user_id'");
$execute2 = $SQL->query("UPDATE `players` SET `account_id` = '$user_id' WHERE `name` = '$name'");
$execute2 = $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + '$price' WHERE `id` = '$oid'");
$execute3 = $SQL->query("DELETE FROM `sellchar` WHERE `name` = '$name'");
}
}
}
} else {
$main_content .= '<center><b>You dont have enought premium points</b></center>';
}
}
} else {
$main_content .= '<center><b>Character cannot be buyed</b></center>';
}
}Editor is loading...