imarket.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   Items market
 *
 *   @name                 : imarket.php                            
 *   @copyright            : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @author               : eyescream <tduda@users.sourceforge.net>
 *   @version              : 1.3
 *   @since                : 07.02.2007
 *
 */

//
//
//       This program is free software; you can redistribute it and/or modify
//   it under the terms of the GNU General Public License as published by
//   the Free Software Foundation; either version 2 of the License, or
//   (at your option) any later version.
//
//   This program is distributed in the hope that it will be useful,
//   but WITHOUT ANY WARRANTY; without even the implied warranty of
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//   GNU General Public License for more details.
//
//   You should have received a copy of the GNU General Public License
//   along with this program; if not, write to the Free Software
//   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
//
// $Id: imarket.php 882 2007-02-07 19:16:13Z thindil $

$title = "Rynek z przedmiotami";
require_once("includes/head.php");
require_once 'includes/security.php';
/**
* Get the localization for game
*/
require_once("languages/".$player -> lang."/imarket.php");

if ($player -> location != 'Altara' && $player -> location != 'Ardulith' && $player -> location != 'Silea') 
{
    error (ERROR);
}

/**
* Assign variables to template
*/
$smarty -> assign(array("Message" => '', 
    "Previous" => '', 
    "Next" => ''));

/**
* Main menu
*/
if (!isset($_GET['view']) && !isset($_GET['buy']) && !isset($_GET['wyc']))
{
    $smarty -> assign(array("Minfo" => M_INFO,
        "Aview" => A_VIEW,
        "Asearch" => A_SEARCH,
        "Aadd" => A_ADD,
        "Adelete" => A_DELETE,
        "Alist" => A_LIST,
        "Aback2" => A_BACK2));
}

/**
* Search items on market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'szukaj') 
{
    $smarty -> assign(array("Sinfo" => S_INFO,
        "Sinfo2" => S_INFO2,
        "Item" => ITEM,
        "Asearch" => A_SEARCH));
}

/**
* Show oferts in market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'market') 
{
    if (empty($_POST['szukany'])) 
    {
        $msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`!='I'");
    } 
        else 
    {
		if (empty($_POST['minlev']))	$_POST['minlev'] = 0;
		if (empty($_POST['maxlev']))	$_POST['maxlev'] = 500;
		if (empty($_POST['maxcena']))	$_POST['maxcena'] = 500000000;
		if (empty($_POST['minsila']))	$_POST['minsila'] = 0;
		if (empty($_POST['minszyb']))	$_POST['minszyb'] = 0;
		if (empty($_POST['minzr']))	    $_POST['minzr'] = 0;
			
        $_POST['szukany'] = strip_tags($_POST['szukany']);
        $strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
        $_POST['minlev'] = strip_tags($_POST['minlev']);
        $strMinlev = $db -> qstr($_POST['minlev'], get_magic_quotes_gpc());
        $_POST['maxlev'] = strip_tags($_POST['maxlev']);
        $strMaxlev = $db -> qstr($_POST['maxlev'], get_magic_quotes_gpc());
        $_POST['maxcena'] = strip_tags($_POST['maxcena']);
        $strMaxcena = $db -> qstr($_POST['maxcena'], get_magic_quotes_gpc());
        $_POST['minsila'] = strip_tags($_POST['minsila']);
        $strMinsila = $db -> qstr($_POST['minsila'], get_magic_quotes_gpc());
        $_POST['minszyb'] = strip_tags($_POST['minszyb']);
        $strMinszyb = $db -> qstr($_POST['minszyb'], get_magic_quotes_gpc());
        $_POST['minzr'] = strip_tags($_POST['minzr']);
        $strMinzr = $db -> qstr($_POST['minzr'], get_magic_quotes_gpc());
		
		if (strlen($_POST['szukany']) == 1)
		{											
        $msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`=".$strSearch." AND `cost`<=".$strMaxcena." AND `minlev`>=".$strMinlev." AND `minlev`<=".$strMaxlev." AND `szyb`>= ".$strMinszyb." AND `zr`>=".$strMinzr." AND `power`>=".$strMinsila) or die($db -> ErrorMsg());
 		}
		else
		{
		$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`!='I' AND `name`=".$strSearch) or die($db -> ErrorMsg());
		}   
	}
    $przed = $msel -> fields['count(*)'];
    $msel -> Close();
    if ($przed == 0) 
    {
        error (NO_OFERTS);
    }
    if (!isset($_GET['limit']))
    {
        $_GET['limit'] = 0;
    }
    $smarty -> assign(array("Tname" => T_NAME,
                            "Tpower" => T_POWER,
                            "Tcost" => T_COST,
                            "Tseller" => T_SELLER,
                            "Tdur" => T_DUR,
                            "Tspeed" => T_SPEED,
                            "Tagi" => T_AGI,
                            "Tamount" => T_AMOUNT,
                            "Tlevel" => T_LEVEL,
                            "Viewinfo" => VIEW_INFO,
                            "Toptions" => T_OPTIONS));
    if ($_GET['limit'] < $przed) 
    {
        if ($_GET['lista'] == 'zr')
        {
            $strOrder = ' ASC';
        }
            else
        {
            $strOrder = ' DESC';
        }
        if (empty($_POST['szukany'])) 
        {
            $pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `type`!='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
        } 
            else 
        {
            $strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
	
		if (empty($_POST['minlev']))	$_POST['minlev'] = 0;
		if (empty($_POST['maxlev']))	$_POST['maxlev'] = 500;
		if (empty($_POST['maxcena']))	$_POST['maxcena'] = 500000000;
		if (empty($_POST['minsila']))	$_POST['minsila'] = 0;
		if (empty($_POST['minszyb']))	$_POST['minszyb'] = 0;
		if (empty($_POST['minzr']))	    $_POST['minzr'] = 0;
		
        $strMinlev = $db -> qstr($_POST['minlev'], get_magic_quotes_gpc());
        $strMaxlev = $db -> qstr($_POST['maxlev'], get_magic_quotes_gpc());
        $strMaxcena = $db -> qstr($_POST['maxcena'], get_magic_quotes_gpc());
        $strMinsila = $db -> qstr($_POST['minsila'], get_magic_quotes_gpc());
        $strMinszyb = $db -> qstr($_POST['minszyb'], get_magic_quotes_gpc());
        $strMinzr = $db -> qstr($_POST['minzr'], get_magic_quotes_gpc());			

		    if (strlen($_POST['szukany']) == 1)
		    {			
            $pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `type`=".$strSearch." AND `cost`<=".$strMaxcena." AND `minlev`>=".$strMinlev." AND `minlev`<=".$strMaxlev." AND `szyb`>= ".$strMinszyb." AND `zr`>=".$strMinzr." AND `power`>=".$strMinsila." ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
            }
		    else
			{
		    $pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `name`=".$strSearch." AND `type`!='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
			}
			
		}
        if (!empty($pm -> fields))
		{
			$smarty -> assign('ArrItems', $pm -> GetArray());
		}
		else
		{
			error (NO_OFERTS);
		}
        if (!isset($_POST['szukany'])) 
        {
            $_POST['szukany'] = '';
        }
        if ($_GET['limit'] >= 30) 
        {
            $lim = $_GET['limit'] - 30;
            $smarty -> assign ("Previous", "<form method=\"post\" action=\"imarket.php?view=market&limit=".$lim."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_PREVIOUS."\"></form> ");
        }
        $_GET['limit'] = $_GET['limit'] + 30;
        if ($przed > 30 && $_GET['limit'] < $przed) 
        {
            $smarty -> assign ("Next", " <form method=\"post\" action=\"imarket.php?view=market&limit=".$_GET['limit']."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_NEXT."\"></form>");
        }
    }
}

/**
* Add oferts to market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'add') 
{
	if (isset ($_GET['step']) && $_GET['step'] == 'add') 
    {
        $item = $db -> Execute("SELECT * FROM equipment WHERE id=".strictInt($_POST['przedmiot']));
        if ($item -> fields['amount'] < uint32($_POST['amount'])) 
        {
            error (NO_AMOUNT.$item -> fields['name']);
        }
        if ($item -> fields['type'] == 'I')
        {
            error(ERROR);
        }
        $amount = $item -> fields['amount'] - $_POST['amount'];
        if ($amount > 0) 
        {
            $db -> Execute("UPDATE equipment SET amount=".$amount." where id=".$item -> fields['id']);
        } 
            else 
        {
            $db -> Execute("DELETE FROM equipment WHERE id=".$item -> fields['id']);
        }
        $db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, status, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$item -> fields['name']."',".$item -> fields['power'].",'".$item -> fields['type']."',".uint32($_POST['cost']).",".$item -> fields['zr'].",".$item -> fields['wt'].",".$item -> fields['minlev'].",".$item -> fields['maxwt'].",".$_POST['amount'].",'".$item -> fields['magic']."',".$item -> fields['poison'].",'R',".$item -> fields['szyb'].",'".$item -> fields['twohand']."','".$item -> fields['ptype']."', ".$item -> fields['repair'].")");
        $smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name'].ON_MARKET.$_POST['cost'].FOR_GOLDS.". <a href=\"imarket.php?view=add\">".A_REFRESH."</a>");

    }
    $rzecz = $db -> Execute("SELECT `id`, `name`, `amount`, `power`, `zr`, `szyb` FROM `equipment` WHERE `status`='U' AND `type`!='I' AND `owner`=".$player -> id);
    $arrname = array();
    $arrid = array(0);
    $arramount = array();
    $i = 0;
    while (!$rzecz -> EOF) 
    {
        $arrname[$i] = $rzecz -> fields['name'];
        $arrid[$i] = $rzecz -> fields['id'];
        $arramount[$i] = $rzecz -> fields['amount'];
            $arrPower[$i] = $rzecz -> fields['power'];
            $arrAgi[$i] = $rzecz -> fields['zr'] * -1;
            $arrSpeed[$i] = $rzecz -> fields['szyb'];		
        $rzecz -> MoveNext();
        $i = $i + 1;
    }
    $rzecz -> Close();
    if (!$arrid[0])
    {
        error(NO_ITEMS);
    }
    $smarty -> assign (array("Name" => $arrname, 
                             "Itemid" => $arrid, 
                             "Amount" => $arramount,
                                 "Itempower" => $arrPower,
                                 "Itemagi" => $arrAgi,
                                 "Itemspeed" => $arrSpeed,
                                 "Iagi" => "zr:",
                                 "Ispe" => "szyb:",							 
                             "Addinfo" => ADD_INFO,
                             "Item" => ITEM,
                             "Aadd" => A_ADD,
                             "Iamount" => I_AMOUNT,
                             "Iamount2" => I_AMOUNT2,
                             "Icost" => I_COST));
    
}

/**
* Delete selected ofert from market
*/
if (isset($_GET['wyc'])) 
{
    $dwyc = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".strictInt($_GET['wyc'])." AND `status`='R'");
    if ($dwyc -> fields['owner'] != $player -> id) 
    {
        error (NOT_YOUR);
    }
    require_once('includes/marketdel.php');
    deleteitem($dwyc, $player -> id);
    $smarty -> assign("Message", YOU_DELETE." (<a href=\"imarket.php\">".A_BACK."</a>)");
}

/**
* Delete oferts from market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'del') 
{
    $objArm = $db -> Execute("SELECT * FROM `equipment` WHERE `owner`=".$player -> id." AND `status`='R' AND `type`!='I'");
    while (!$objArm -> EOF)
    {
        $intTest = $db -> Execute("SELECT id FROM equipment WHERE name='".$objArm -> fields['name']."' AND wt=".$objArm -> fields['wt']." AND type='".$objArm -> fields['type']."' AND status='U' AND owner=".$player -> id." AND power=".$objArm -> fields['power']." AND zr=".$objArm -> fields['zr']." AND szyb=".$objArm -> fields['szyb']." AND maxwt=".$objArm -> fields['maxwt']." AND poison=".$objArm -> fields['poison']." AND cost=1 AND ptype='".$objArm -> fields['ptype']."' AND `twohand`='".$objArm -> fields['twohand']."'");
        if (!$intTest -> fields['id']) 
        {
            $db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$objArm -> fields['name']."',".$objArm -> fields['power'].",'".$objArm -> fields['type']."',1,".$objArm -> fields['zr'].",".$objArm -> fields['wt'].",".$objArm -> fields['minlev'].",".$objArm -> fields['maxwt'].",".$objArm -> fields['amount'].",'".$objArm -> fields['magic']."',".$objArm -> fields['poison'].",".$objArm -> fields['szyb'].",'".$objArm -> fields['twohand']."','".$objArm -> fields['ptype']."', ".$objArm -> fields['repair'].")");
        } 
            else 
        {
            if ($objArm -> fields['type'] != 'R')
            {
                $db -> Execute("UPDATE equipment SET amount=amount+".$objArm -> fields['amount']." WHERE id=".$intTest -> fields['id']);
            }
                else
            {
                $db -> Execute("UPDATE `equipment` SET `wt`=`wt`+".$objArm -> fields['wt']." WHERE `id`=".$intTest -> fields['id']);
            }
        }
        $intTest -> Close();
        $objArm -> MoveNext();
    } 
    $db -> Execute("DELETE FROM `equipment` WHERE `status`='R' AND `type`!='I' AND `owner`=".$player -> id);
    $smarty -> assign("Message",YOU_DELETE." (<a href=\"imarket.php\">".A_BACK."</a>)");
}

/**
* Buy items from market
*/
if (isset($_GET['buy'])) 
{
    $buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".strictInt($_GET['buy'])." AND `type`!='I' AND `status`='R'");
    if (!$buy -> fields['id']) 
    {
        error (NO_OFERTS);
    }
    if ($buy -> fields['owner'] == $player -> id) 
    {
        error (IS_YOUR);
    }
    if ($buy -> fields['zr'] <= 0) 
    {
        $buy -> fields['zr'] = str_replace("-","",$buy -> fields['zr']);
        $agility = "+".$buy -> fields['zr'];
    } 
        elseif ($buy -> fields['zr'] > 0) 
    {
        $agility = "-".$buy -> fields['zr'];
    }
    if ($buy -> fields['szyb'] > 0) 
    {
        $speed = "+".$buy -> fields['szyb'];
    } 
        else 
    {
        $speed = 0;
    }
    $seller = $db -> Execute("SELECT user FROM players WHERE id=".$buy -> fields['owner']);    
    $smarty -> assign(array("Name" => $buy -> fields['name'], 
                            "Itemid" => $buy -> fields['id'], 
                            "Amount1" => $buy -> fields['amount'], 
                            "Cost" => $buy -> fields['cost'], 
                            "Seller" => $seller -> fields['user'], 
                            "Sid" => $buy -> fields['owner'], 
                            "Power" => $buy -> fields['power'], 
                            "Dur" => $buy -> fields['wt'], 
                            "MaxDur" => $buy -> fields['maxwt'], 
                            "Type" => $buy -> fields['type'], 
                            "Agi" => $agility, 
                            "Speed" => $speed,
                            "Item" => ITEM,
                            "Buyinfo" => BUY_INFO,
                            "Ipower" => I_POWER,
                            "Iagi" => I_AGI,
                            "Ispeed" => I_SPEED,
                            "Idur" => I_DUR,
                            "Aamount" => A_AMOUNT,
                            "Hamount" => H_AMOUNT,
                            "Oamount" => O_AMOUNT,
                            "Icost" => I_COST,
                            "Iseller" => SELLER,
                            "Bamount" => B_AMOUNT,
                            "Abuy" => A_BUY));
    $buy -> Close();
    $seller -> Close();
    if (isset($_GET['step']) && $_GET['step'] == 'buy') 
    {
        if (!isset($_POST['amount'])) 
        {
            error(ERROR);
        }
        if (!ereg("^[1-9][0-9]*$", $_POST['amount'])) 
        {
            error (ERROR);
        }
        $buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`!='I'");
        if ($_POST['amount'] > $buy -> fields['amount']) 
        {
            error(NO_AMOUNT.$buy -> fields['name'].ON_MARKET);
        }
        $price = (int)$_POST['amount'] * $buy -> fields['cost'];
        if ($price > $player -> credits) 
        {
            error (NO_MONEY);
        }
        $test = $db -> Execute("SELECT id FROM equipment WHERE name='".$buy -> fields['name']."' AND wt=".$buy -> fields['wt']." AND type='".$buy -> fields['type']."' AND status='U' AND owner=".$player -> id." AND power=".$buy -> fields['power']." AND zr=".$buy -> fields['zr']." AND szyb=".$buy -> fields['szyb']." AND maxwt=".$buy -> fields['maxwt']." AND poison=".$buy -> fields['poison']." AND cost=1 AND ptype='".$buy -> fields['ptype']."' AND `twohand`='".$buy -> fields['twohand']."'");
        if (!$test -> fields['id']) 
        {
            $db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$buy -> fields['name']."',".$buy -> fields['power'].",'".$buy -> fields['type']."',1,".$buy -> fields['zr'].",".$buy -> fields['wt'].",".$buy -> fields['minlev'].",".$buy -> fields['maxwt'].",".$_POST['amount'].",'".$buy -> fields['magic']."',".$buy -> fields['poison'].",".$buy -> fields['szyb'].",'".$buy -> fields['twohand']."','".$buy -> fields['ptype']."', ".$buy -> fields['repair'].")");
        } 
            else 
        {
            if ($buy -> fields['type'] != 'R')
            {
                $db -> Execute("UPDATE equipment SET amount=amount+".$_POST['amount']." WHERE id=".$test -> fields['id']);
            }
                else
            {
                $db -> Execute("UPDATE `equipment` SET `wt`=`wt`+".$buy -> fields['wt']." WHERE `id`=".$test -> fields['id']);
            }
        }
        $test -> Close();
        if ($_POST['amount'] == $buy -> fields['amount']) 
        {
            $db -> Execute("DELETE FROM equipment WHERE id=".$buy -> fields['id']);
        } 
            else 
        {
            $db -> Execute("UPDATE equipment SET amount=amount-".$_POST['amount']." WHERE id=".$buy -> fields['id']);
        }
        $db -> Execute("UPDATE players SET bank=bank+".$price." WHERE id=".$buy -> fields['owner']);
        $db -> Execute("UPDATE players SET credits=credits-".$price." WHERE id=".$player -> id);
        $strDate = $db -> DBDate($newdate);
        $db -> Execute("INSERT INTO `log` (`owner`, `log`, `czas`) VALUES(".$buy -> fields['owner'].",'<b><a href=view.php?view=".$player -> id.">".$player -> user.L_ACCEPT.$player -> id.L_ACCEPT2.$_POST['amount'].L_AMOUNT.$buy -> fields['name'].YOU_GET.$price.TO_BANK."', ".$strDate.")");
        $smarty -> assign("Message", YOU_BUY.$_POST['amount'].I_AMOUNT.$buy -> fields['name'].FOR_A.$price.GOLD_COINS);
    }
}

/**
* List of all oferts on market
*/
if (isset($_GET['view']) && $_GET['view'] == 'all') 
{
    if (!ereg("^[0-9]*$", $_GET['limit'])) 
    {
        error(ERROR);
    }
    $objAmount = $db -> Execute("SELECT `id` FROM `equipment` WHERE `status`='R' AND `type`!='I' GROUP BY `name`");
    $intAmount = $objAmount -> RecordCount();
    $objAmount -> Close();
    if (isset($_POST['previous']))
    {
        $_GET['limit'] = $_GET['limit'] - 30;
    }
    if (isset($_POST['next']))
    {
        $_GET['limit'] = $_GET['limit'] + 30;
    }
    if ($_GET['limit'] > $intAmount && $_GET['limit'] != 0)
    {
        error(ERROR);
    }
    $strNext = '';
    $strPrevious = '';
    $oferts = $db -> SelectLimit("SELECT `name` FROM `equipment` WHERE `status`='R' AND `type`!='I' GROUP BY `name`", 30, $_GET['limit']);
    $arrname = array();
    $arramount = array();
    $i = 0;
    while (!$oferts -> EOF) 
    {
        $arrname[$i] = $oferts -> fields['name'];
        $arramount[$i] = 0;
        $query = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `name`='".$arrname[$i]."'");
        $arramount[$i] = $query -> fields['count(*)'];
        $query -> Close();
        $oferts -> MoveNext();
        $i = $i + 1;
    }
    $oferts -> Close();
    if ($_GET['limit'] >= 30) 
    {
        $strPrevious = "<input type=\"submit\" name=\"previous\" value=\"".A_PREVIOUS."\"> ";
    }
    $intLimit = $_GET['limit'] + 30;
    if ($intAmount > 30 && $intLimit < $intAmount) 
    {
        $strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\">";
    }
    $strLinks = "<form method=\"post\" action=\"imarket.php?view=all&amp;limit=".$_GET['limit']."\">".$strPrevious.$strNext."</form>";
    $smarty -> assign(array("Name" => $arrname, 
                            "Amount" => $arramount, 
                            "Message" => "<br />(<a href=\"imarket.php\">".A_BACK."</a>)",
                            "Tlinks" => $strLinks,
                            "Listinfo" => LIST_INFO,
                            "Iname" => I_NAME,
                            "Iamount" => I_AMOUNT,
                            "Iaction" => I_ACTION,
                            "Ashow" => A_SHOW));
}

/**
* Initialization of variables
*/
if (!isset($_GET['view'])) 
{
    $_GET['view'] = '';
}
if (!isset($_GET['wyc'])) 
{
    $_GET['wyc'] = '';
}
if (!isset($_GET['buy'])) 
{
    $_GET['buy'] = '';
}

/**
* Assign variables to template and display page
*/
$smarty -> assign(array("View" => $_GET['view'], 
                        "Remowe" => $_GET['wyc'], 
                        "Buy" => $_GET['buy'],
                        "Aback" => A_BACK));
$smarty -> display('imarket.tpl');

require_once("includes/foot.php"); 
?>

1	<?php
2	/**
3	* File functions:
4	* Items market
5	*
6	* @name : imarket.php
7	* @copyright : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @author : eyescream <tduda@users.sourceforge.net>
10	* @version : 1.3
11	* @since : 07.02.2007
12	*
13	*/
14
15	//
16	//
17	// This program is free software; you can redistribute it and/or modify
18	// it under the terms of the GNU General Public License as published by
19	// the Free Software Foundation; either version 2 of the License, or
20	// (at your option) any later version.
21	//
22	// This program is distributed in the hope that it will be useful,
23	// but WITHOUT ANY WARRANTY; without even the implied warranty of
24	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25	// GNU General Public License for more details.
26	//
27	// You should have received a copy of the GNU General Public License
28	// along with this program; if not, write to the Free Software
29	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30	//
31	// $Id: imarket.php 882 2007-02-07 19:16:13Z thindil $
32
33	$title = "Rynek z przedmiotami";
34	require_once("includes/head.php");
35	require_once 'includes/security.php';
36	/**
37	* Get the localization for game
38	*/
39	require_once("languages/".$player -> lang."/imarket.php");
40
41	if ($player -> location != 'Altara' && $player -> location != 'Ardulith' && $player -> location != 'Silea')
42	{
43	error (ERROR);
44	}
45
46	/**
47	* Assign variables to template
48	*/
49	$smarty -> assign(array("Message" => '',
50	"Previous" => '',
51	"Next" => ''));
52
53	/**
54	* Main menu
55	*/
56	if (!isset($_GET['view']) && !isset($_GET['buy']) && !isset($_GET['wyc']))
57	{
58	$smarty -> assign(array("Minfo" => M_INFO,
59	"Aview" => A_VIEW,
60	"Asearch" => A_SEARCH,
61	"Aadd" => A_ADD,
62	"Adelete" => A_DELETE,
63	"Alist" => A_LIST,
64	"Aback2" => A_BACK2));
65	}
66
67	/**
68	* Search items on market
69	*/
70	if (isset ($_GET['view']) && $_GET['view'] == 'szukaj')
71	{
72	$smarty -> assign(array("Sinfo" => S_INFO,
73	"Sinfo2" => S_INFO2,
74	"Item" => ITEM,
75	"Asearch" => A_SEARCH));
76	}
77
78	/**
79	* Show oferts in market
80	*/
81	if (isset ($_GET['view']) && $_GET['view'] == 'market')
82	{
83	if (empty($_POST['szukany']))
84	{
85	$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`!='I'");
86	}
87	else
88	{
89	if (empty($_POST['minlev'])) $_POST['minlev'] = 0;
90	if (empty($_POST['maxlev'])) $_POST['maxlev'] = 500;
91	if (empty($_POST['maxcena'])) $_POST['maxcena'] = 500000000;
92	if (empty($_POST['minsila'])) $_POST['minsila'] = 0;
93	if (empty($_POST['minszyb'])) $_POST['minszyb'] = 0;
94	if (empty($_POST['minzr'])) $_POST['minzr'] = 0;
95
96	$_POST['szukany'] = strip_tags($_POST['szukany']);
97	$strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
98	$_POST['minlev'] = strip_tags($_POST['minlev']);
99	$strMinlev = $db -> qstr($_POST['minlev'], get_magic_quotes_gpc());
100	$_POST['maxlev'] = strip_tags($_POST['maxlev']);
101	$strMaxlev = $db -> qstr($_POST['maxlev'], get_magic_quotes_gpc());
102	$_POST['maxcena'] = strip_tags($_POST['maxcena']);
103	$strMaxcena = $db -> qstr($_POST['maxcena'], get_magic_quotes_gpc());
104	$_POST['minsila'] = strip_tags($_POST['minsila']);
105	$strMinsila = $db -> qstr($_POST['minsila'], get_magic_quotes_gpc());
106	$_POST['minszyb'] = strip_tags($_POST['minszyb']);
107	$strMinszyb = $db -> qstr($_POST['minszyb'], get_magic_quotes_gpc());
108	$_POST['minzr'] = strip_tags($_POST['minzr']);
109	$strMinzr = $db -> qstr($_POST['minzr'], get_magic_quotes_gpc());
110
111	if (strlen($_POST['szukany']) == 1)
112	{
113	$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`=".$strSearch." AND `cost`<=".$strMaxcena." AND `minlev`>=".$strMinlev." AND `minlev`<=".$strMaxlev." AND `szyb`>= ".$strMinszyb." AND `zr`>=".$strMinzr." AND `power`>=".$strMinsila) or die($db -> ErrorMsg());
114	}
115	else
116	{
117	$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`!='I' AND `name`=".$strSearch) or die($db -> ErrorMsg());
118	}
119	}
120	$przed = $msel -> fields['count(*)'];
121	$msel -> Close();
122	if ($przed == 0)
123	{
124	error (NO_OFERTS);
125	}
126	if (!isset($_GET['limit']))
127	{
128	$_GET['limit'] = 0;
129	}
130	$smarty -> assign(array("Tname" => T_NAME,
131	"Tpower" => T_POWER,
132	"Tcost" => T_COST,
133	"Tseller" => T_SELLER,
134	"Tdur" => T_DUR,
135	"Tspeed" => T_SPEED,
136	"Tagi" => T_AGI,
137	"Tamount" => T_AMOUNT,
138	"Tlevel" => T_LEVEL,
139	"Viewinfo" => VIEW_INFO,
140	"Toptions" => T_OPTIONS));
141	if ($_GET['limit'] < $przed)
142	{
143	if ($_GET['lista'] == 'zr')
144	{
145	$strOrder = ' ASC';
146	}
147	else
148	{
149	$strOrder = ' DESC';
150	}
151	if (empty($_POST['szukany']))
152	{
153	$pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `type`!='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
154	}
155	else
156	{
157	$strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
158
159	if (empty($_POST['minlev'])) $_POST['minlev'] = 0;
160	if (empty($_POST['maxlev'])) $_POST['maxlev'] = 500;
161	if (empty($_POST['maxcena'])) $_POST['maxcena'] = 500000000;
162	if (empty($_POST['minsila'])) $_POST['minsila'] = 0;
163	if (empty($_POST['minszyb'])) $_POST['minszyb'] = 0;
164	if (empty($_POST['minzr'])) $_POST['minzr'] = 0;
165
166	$strMinlev = $db -> qstr($_POST['minlev'], get_magic_quotes_gpc());
167	$strMaxlev = $db -> qstr($_POST['maxlev'], get_magic_quotes_gpc());
168	$strMaxcena = $db -> qstr($_POST['maxcena'], get_magic_quotes_gpc());
169	$strMinsila = $db -> qstr($_POST['minsila'], get_magic_quotes_gpc());
170	$strMinszyb = $db -> qstr($_POST['minszyb'], get_magic_quotes_gpc());
171	$strMinzr = $db -> qstr($_POST['minzr'], get_magic_quotes_gpc());
172
173	if (strlen($_POST['szukany']) == 1)
174	{
175	$pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `type`=".$strSearch." AND `cost`<=".$strMaxcena." AND `minlev`>=".$strMinlev." AND `minlev`<=".$strMaxlev." AND `szyb`>= ".$strMinszyb." AND `zr`>=".$strMinzr." AND `power`>=".$strMinsila." ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
176	}
177	else
178	{
179	$pm = $db -> SelectLimit("SELECT `equipment`.*, `players`.`user` FROM `equipment` LEFT JOIN `players` ON (`equipment`.`owner`=`players`.`id`) WHERE `status`='R' AND `name`=".$strSearch." AND `type`!='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
180	}
181
182	}
183	if (!empty($pm -> fields))
184	{
185	$smarty -> assign('ArrItems', $pm -> GetArray());
186	}
187	else
188	{
189	error (NO_OFERTS);
190	}
191	if (!isset($_POST['szukany']))
192	{
193	$_POST['szukany'] = '';
194	}
195	if ($_GET['limit'] >= 30)
196	{
197	$lim = $_GET['limit'] - 30;
198	$smarty -> assign ("Previous", "<form method=\"post\" action=\"imarket.php?view=market&limit=".$lim."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_PREVIOUS."\"></form> ");
199	}
200	$_GET['limit'] = $_GET['limit'] + 30;
201	if ($przed > 30 && $_GET['limit'] < $przed)
202	{
203	$smarty -> assign ("Next", " <form method=\"post\" action=\"imarket.php?view=market&limit=".$_GET['limit']."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_NEXT."\"></form>");
204	}
205	}
206	}
207
208	/**
209	* Add oferts to market
210	*/
211	if (isset ($_GET['view']) && $_GET['view'] == 'add')
212	{
213	if (isset ($_GET['step']) && $_GET['step'] == 'add')
214	{
215	$item = $db -> Execute("SELECT * FROM equipment WHERE id=".strictInt($_POST['przedmiot']));
216	if ($item -> fields['amount'] < uint32($_POST['amount']))
217	{
218	error (NO_AMOUNT.$item -> fields['name']);
219	}
220	if ($item -> fields['type'] == 'I')
221	{
222	error(ERROR);
223	}
224	$amount = $item -> fields['amount'] - $_POST['amount'];
225	if ($amount > 0)
226	{
227	$db -> Execute("UPDATE equipment SET amount=".$amount." where id=".$item -> fields['id']);
228	}
229	else
230	{
231	$db -> Execute("DELETE FROM equipment WHERE id=".$item -> fields['id']);
232	}
233	$db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, status, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$item -> fields['name']."',".$item -> fields['power'].",'".$item -> fields['type']."',".uint32($_POST['cost']).",".$item -> fields['zr'].",".$item -> fields['wt'].",".$item -> fields['minlev'].",".$item -> fields['maxwt'].",".$_POST['amount'].",'".$item -> fields['magic']."',".$item -> fields['poison'].",'R',".$item -> fields['szyb'].",'".$item -> fields['twohand']."','".$item -> fields['ptype']."', ".$item -> fields['repair'].")");
234	$smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name'].ON_MARKET.$_POST['cost'].FOR_GOLDS.". <a href=\"imarket.php?view=add\">".A_REFRESH."</a>");
235
236	}
237	$rzecz = $db -> Execute("SELECT `id`, `name`, `amount`, `power`, `zr`, `szyb` FROM `equipment` WHERE `status`='U' AND `type`!='I' AND `owner`=".$player -> id);
238	$arrname = array();
239	$arrid = array(0);
240	$arramount = array();
241	$i = 0;
242	while (!$rzecz -> EOF)
243	{
244	$arrname[$i] = $rzecz -> fields['name'];
245	$arrid[$i] = $rzecz -> fields['id'];
246	$arramount[$i] = $rzecz -> fields['amount'];
247	$arrPower[$i] = $rzecz -> fields['power'];
248	$arrAgi[$i] = $rzecz -> fields['zr'] * -1;
249	$arrSpeed[$i] = $rzecz -> fields['szyb'];
250	$rzecz -> MoveNext();
251	$i = $i + 1;
252	}
253	$rzecz -> Close();
254	if (!$arrid[0])
255	{
256	error(NO_ITEMS);
257	}
258	$smarty -> assign (array("Name" => $arrname,
259	"Itemid" => $arrid,
260	"Amount" => $arramount,
261	"Itempower" => $arrPower,
262	"Itemagi" => $arrAgi,
263	"Itemspeed" => $arrSpeed,
264	"Iagi" => "zr:",
265	"Ispe" => "szyb:",
266	"Addinfo" => ADD_INFO,
267	"Item" => ITEM,
268	"Aadd" => A_ADD,
269	"Iamount" => I_AMOUNT,
270	"Iamount2" => I_AMOUNT2,
271	"Icost" => I_COST));
272
273	}
274
275	/**
276	* Delete selected ofert from market
277	*/
278	if (isset($_GET['wyc']))
279	{
280	$dwyc = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".strictInt($_GET['wyc'])." AND `status`='R'");
281	if ($dwyc -> fields['owner'] != $player -> id)
282	{
283	error (NOT_YOUR);
284	}
285	require_once('includes/marketdel.php');
286	deleteitem($dwyc, $player -> id);
287	$smarty -> assign("Message", YOU_DELETE." (<a href=\"imarket.php\">".A_BACK."</a>)");
288	}
289
290	/**
291	* Delete oferts from market
292	*/
293	if (isset ($_GET['view']) && $_GET['view'] == 'del')
294	{
295	$objArm = $db -> Execute("SELECT * FROM `equipment` WHERE `owner`=".$player -> id." AND `status`='R' AND `type`!='I'");
296	while (!$objArm -> EOF)
297	{
298	$intTest = $db -> Execute("SELECT id FROM equipment WHERE name='".$objArm -> fields['name']."' AND wt=".$objArm -> fields['wt']." AND type='".$objArm -> fields['type']."' AND status='U' AND owner=".$player -> id." AND power=".$objArm -> fields['power']." AND zr=".$objArm -> fields['zr']." AND szyb=".$objArm -> fields['szyb']." AND maxwt=".$objArm -> fields['maxwt']." AND poison=".$objArm -> fields['poison']." AND cost=1 AND ptype='".$objArm -> fields['ptype']."' AND `twohand`='".$objArm -> fields['twohand']."'");
299	if (!$intTest -> fields['id'])
300	{
301	$db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$objArm -> fields['name']."',".$objArm -> fields['power'].",'".$objArm -> fields['type']."',1,".$objArm -> fields['zr'].",".$objArm -> fields['wt'].",".$objArm -> fields['minlev'].",".$objArm -> fields['maxwt'].",".$objArm -> fields['amount'].",'".$objArm -> fields['magic']."',".$objArm -> fields['poison'].",".$objArm -> fields['szyb'].",'".$objArm -> fields['twohand']."','".$objArm -> fields['ptype']."', ".$objArm -> fields['repair'].")");
302	}
303	else
304	{
305	if ($objArm -> fields['type'] != 'R')
306	{
307	$db -> Execute("UPDATE equipment SET amount=amount+".$objArm -> fields['amount']." WHERE id=".$intTest -> fields['id']);
308	}
309	else
310	{
311	$db -> Execute("UPDATE `equipment` SET `wt`=`wt`+".$objArm -> fields['wt']." WHERE `id`=".$intTest -> fields['id']);
312	}
313	}
314	$intTest -> Close();
315	$objArm -> MoveNext();
316	}
317	$db -> Execute("DELETE FROM `equipment` WHERE `status`='R' AND `type`!='I' AND `owner`=".$player -> id);
318	$smarty -> assign("Message",YOU_DELETE." (<a href=\"imarket.php\">".A_BACK."</a>)");
319	}
320
321	/**
322	* Buy items from market
323	*/
324	if (isset($_GET['buy']))
325	{
326	$buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".strictInt($_GET['buy'])." AND `type`!='I' AND `status`='R'");
327	if (!$buy -> fields['id'])
328	{
329	error (NO_OFERTS);
330	}
331	if ($buy -> fields['owner'] == $player -> id)
332	{
333	error (IS_YOUR);
334	}
335	if ($buy -> fields['zr'] <= 0)
336	{
337	$buy -> fields['zr'] = str_replace("-","",$buy -> fields['zr']);
338	$agility = "+".$buy -> fields['zr'];
339	}
340	elseif ($buy -> fields['zr'] > 0)
341	{
342	$agility = "-".$buy -> fields['zr'];
343	}
344	if ($buy -> fields['szyb'] > 0)
345	{
346	$speed = "+".$buy -> fields['szyb'];
347	}
348	else
349	{
350	$speed = 0;
351	}
352	$seller = $db -> Execute("SELECT user FROM players WHERE id=".$buy -> fields['owner']);
353	$smarty -> assign(array("Name" => $buy -> fields['name'],
354	"Itemid" => $buy -> fields['id'],
355	"Amount1" => $buy -> fields['amount'],
356	"Cost" => $buy -> fields['cost'],
357	"Seller" => $seller -> fields['user'],
358	"Sid" => $buy -> fields['owner'],
359	"Power" => $buy -> fields['power'],
360	"Dur" => $buy -> fields['wt'],
361	"MaxDur" => $buy -> fields['maxwt'],
362	"Type" => $buy -> fields['type'],
363	"Agi" => $agility,
364	"Speed" => $speed,
365	"Item" => ITEM,
366	"Buyinfo" => BUY_INFO,
367	"Ipower" => I_POWER,
368	"Iagi" => I_AGI,
369	"Ispeed" => I_SPEED,
370	"Idur" => I_DUR,
371	"Aamount" => A_AMOUNT,
372	"Hamount" => H_AMOUNT,
373	"Oamount" => O_AMOUNT,
374	"Icost" => I_COST,
375	"Iseller" => SELLER,
376	"Bamount" => B_AMOUNT,
377	"Abuy" => A_BUY));
378	$buy -> Close();
379	$seller -> Close();
380	if (isset($_GET['step']) && $_GET['step'] == 'buy')
381	{
382	if (!isset($_POST['amount']))
383	{
384	error(ERROR);
385	}
386	if (!ereg("^[1-9][0-9]*$", $_POST['amount']))
387	{
388	error (ERROR);
389	}
390	$buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`!='I'");
391	if ($_POST['amount'] > $buy -> fields['amount'])
392	{
393	error(NO_AMOUNT.$buy -> fields['name'].ON_MARKET);
394	}
395	$price = (int)$_POST['amount'] * $buy -> fields['cost'];
396	if ($price > $player -> credits)
397	{
398	error (NO_MONEY);
399	}
400	$test = $db -> Execute("SELECT id FROM equipment WHERE name='".$buy -> fields['name']."' AND wt=".$buy -> fields['wt']." AND type='".$buy -> fields['type']."' AND status='U' AND owner=".$player -> id." AND power=".$buy -> fields['power']." AND zr=".$buy -> fields['zr']." AND szyb=".$buy -> fields['szyb']." AND maxwt=".$buy -> fields['maxwt']." AND poison=".$buy -> fields['poison']." AND cost=1 AND ptype='".$buy -> fields['ptype']."' AND `twohand`='".$buy -> fields['twohand']."'");
401	if (!$test -> fields['id'])
402	{
403	$db -> Execute("INSERT INTO equipment (owner, name, power, type, cost, zr, wt, minlev, maxwt, amount, magic, poison, szyb, twohand, ptype, repair) VALUES(".$player -> id.",'".$buy -> fields['name']."',".$buy -> fields['power'].",'".$buy -> fields['type']."',1,".$buy -> fields['zr'].",".$buy -> fields['wt'].",".$buy -> fields['minlev'].",".$buy -> fields['maxwt'].",".$_POST['amount'].",'".$buy -> fields['magic']."',".$buy -> fields['poison'].",".$buy -> fields['szyb'].",'".$buy -> fields['twohand']."','".$buy -> fields['ptype']."', ".$buy -> fields['repair'].")");
404	}
405	else
406	{
407	if ($buy -> fields['type'] != 'R')
408	{
409	$db -> Execute("UPDATE equipment SET amount=amount+".$_POST['amount']." WHERE id=".$test -> fields['id']);
410	}
411	else
412	{
413	$db -> Execute("UPDATE `equipment` SET `wt`=`wt`+".$buy -> fields['wt']." WHERE `id`=".$test -> fields['id']);
414	}
415	}
416	$test -> Close();
417	if ($_POST['amount'] == $buy -> fields['amount'])
418	{
419	$db -> Execute("DELETE FROM equipment WHERE id=".$buy -> fields['id']);
420	}
421	else
422	{
423	$db -> Execute("UPDATE equipment SET amount=amount-".$_POST['amount']." WHERE id=".$buy -> fields['id']);
424	}
425	$db -> Execute("UPDATE players SET bank=bank+".$price." WHERE id=".$buy -> fields['owner']);
426	$db -> Execute("UPDATE players SET credits=credits-".$price." WHERE id=".$player -> id);
427	$strDate = $db -> DBDate($newdate);
428	$db -> Execute("INSERT INTO `log` (`owner`, `log`, `czas`) VALUES(".$buy -> fields['owner'].",'<b><a href=view.php?view=".$player -> id.">".$player -> user.L_ACCEPT.$player -> id.L_ACCEPT2.$_POST['amount'].L_AMOUNT.$buy -> fields['name'].YOU_GET.$price.TO_BANK."', ".$strDate.")");
429	$smarty -> assign("Message", YOU_BUY.$_POST['amount'].I_AMOUNT.$buy -> fields['name'].FOR_A.$price.GOLD_COINS);
430	}
431	}
432
433	/**
434	* List of all oferts on market
435	*/
436	if (isset($_GET['view']) && $_GET['view'] == 'all')
437	{
438	if (!ereg("^[0-9]*$", $_GET['limit']))
439	{
440	error(ERROR);
441	}
442	$objAmount = $db -> Execute("SELECT `id` FROM `equipment` WHERE `status`='R' AND `type`!='I' GROUP BY `name`");
443	$intAmount = $objAmount -> RecordCount();
444	$objAmount -> Close();
445	if (isset($_POST['previous']))
446	{
447	$_GET['limit'] = $_GET['limit'] - 30;
448	}
449	if (isset($_POST['next']))
450	{
451	$_GET['limit'] = $_GET['limit'] + 30;
452	}
453	if ($_GET['limit'] > $intAmount && $_GET['limit'] != 0)
454	{
455	error(ERROR);
456	}
457	$strNext = '';
458	$strPrevious = '';
459	$oferts = $db -> SelectLimit("SELECT `name` FROM `equipment` WHERE `status`='R' AND `type`!='I' GROUP BY `name`", 30, $_GET['limit']);
460	$arrname = array();
461	$arramount = array();
462	$i = 0;
463	while (!$oferts -> EOF)
464	{
465	$arrname[$i] = $oferts -> fields['name'];
466	$arramount[$i] = 0;
467	$query = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `name`='".$arrname[$i]."'");
468	$arramount[$i] = $query -> fields['count(*)'];
469	$query -> Close();
470	$oferts -> MoveNext();
471	$i = $i + 1;
472	}
473	$oferts -> Close();
474	if ($_GET['limit'] >= 30)
475	{
476	$strPrevious = "<input type=\"submit\" name=\"previous\" value=\"".A_PREVIOUS."\"> ";
477	}
478	$intLimit = $_GET['limit'] + 30;
479	if ($intAmount > 30 && $intLimit < $intAmount)
480	{
481	$strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\">";
482	}
483	$strLinks = "<form method=\"post\" action=\"imarket.php?view=all&limit=".$_GET['limit']."\">".$strPrevious.$strNext."</form>";
484	$smarty -> assign(array("Name" => $arrname,
485	"Amount" => $arramount,
486	"Message" => "<br />(<a href=\"imarket.php\">".A_BACK."</a>)",
487	"Tlinks" => $strLinks,
488	"Listinfo" => LIST_INFO,
489	"Iname" => I_NAME,
490	"Iamount" => I_AMOUNT,
491	"Iaction" => I_ACTION,
492	"Ashow" => A_SHOW));
493	}
494
495	/**
496	* Initialization of variables
497	*/
498	if (!isset($_GET['view']))
499	{
500	$_GET['view'] = '';
501	}
502	if (!isset($_GET['wyc']))
503	{
504	$_GET['wyc'] = '';
505	}
506	if (!isset($_GET['buy']))
507	{
508	$_GET['buy'] = '';
509	}
510
511	/**
512	* Assign variables to template and display page
513	*/
514	$smarty -> assign(array("View" => $_GET['view'],
515	"Remowe" => $_GET['wyc'],
516	"Buy" => $_GET['buy'],
517	"Aback" => A_BACK));
518	$smarty -> display('imarket.tpl');
519
520	require_once("includes/foot.php");
521	?>

Gitorious