rmarket.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   Jewellers market
 *
 *   @name                 : rmarket.php                            
 *   @copyright            : (C) 2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @author               : eyescream <tduda@users.sourceforge.net>
 *   @version              : 1.3
 *   @since                : 07.02.2007
 *
 */

//
//
//       This program is free software; you can redistribute it and/or modify
//   it under the terms of the GNU General Public License as published by
//   the Free Software Foundation; either version 2 of the License, or
//   (at your option) any later version.
//
//   This program is distributed in the hope that it will be useful,
//   but WITHOUT ANY WARRANTY; without even the implied warranty of
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//   GNU General Public License for more details.
//
//   You should have received a copy of the GNU General Public License
//   along with this program; if not, write to the Free Software
//   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
//
// $Id: rmarket.php 882 2007-02-07 19:16:13Z thindil $

$title = "Rynek jubilerski";
require_once("includes/head.php");

/**
* Get the localization for game
*/
require_once("languages/".$player -> lang."/rmarket.php");

if ($player -> location != 'Altara' && $player -> location != 'Ardulith') 
{
    error (ERROR);
}

/**
* Assign variables to template
*/
$smarty -> assign(array("Message" => '', 
                        "Previous" => '', 
                        "Next" => ''));

/**
* Main menu
*/
if (!isset($_GET['view']) && !isset($_GET['buy']) && !isset($_GET['wyc']))
{
    $smarty -> assign(array("Minfo" => M_INFO,
                            "Aview" => A_VIEW,
                            "Asearch" => A_SEARCH,
                            "Aadd" => A_ADD,
                            "Adelete" => A_DELETE,
                            "Alist" => A_LIST,
                            "Aback2" => A_BACK2));
}

/**
* Search items on market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'szukaj') 
{
    $smarty -> assign(array("Sinfo" => S_INFO,
                            "Sinfo2" => S_INFO2,
                            "Item" => ITEM,
                            "Asearch" => A_SEARCH));
}

/**
* Show oferts in market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'market') 
{
    if (empty($_POST['szukany'])) 
    {
        $msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`='I'");
    } 
        else 
    {
        $_POST['szukany'] = strip_tags($_POST['szukany']);
        $strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
        $msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`='I' AND `name`=".$strSearch) or die($db -> ErrorMsg());
    }
    $przed = $msel -> fields['count(*)'];
    $msel -> Close();
    if ($przed == 0) 
    {
        error (NO_OFERTS);
    }
    if (!isset($_GET['limit']))
    {
        $_GET['limit'] = 0;
    }
    $smarty -> assign(array("Tname" => T_NAME,
                            "Tpower" => T_POWER,
                            "Tcost" => T_COST,
                            "Tseller" => T_SELLER,
                            "Tamount" => T_AMOUNT,
                            "Tlevel" => T_LEVEL,
                            "Viewinfo" => VIEW_INFO,
                            "Toptions" => T_OPTIONS));
    if ($_GET['limit'] < $przed) 
    {
        if ($_GET['lista'] == 'zr')
        {
            $strOrder = ' ASC';
        }
            else
        {
            $strOrder = ' DESC';
        }
        if (empty($_POST['szukany'])) 
        {
            $pm = $db -> SelectLimit("SELECT * FROM `equipment` WHERE `status`='R' AND `type`='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
        } 
            else 
        {
            $strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
            $pm = $db -> SelectLimit("SELECT * FROM `equipment` WHERE `status`='R' AND `name`=".$strSearch." AND `type`='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
        }
        $arrname = array();
        $arrpower = array();
        $arrcost = array();
        $arrowner = array();
        $arraction = array();
        $arramount = array();
        $arrlevel = array();
        $arrseller = array();
        $i = 0;
        while (!$pm -> EOF) 
        {
            $arrname[$i] = $pm -> fields['name'];
            $arrpower[$i] = $pm -> fields['power'];
            $arrcost[$i] = $pm -> fields['cost'];
            $arrowner[$i] = $pm -> fields['owner'];
            $arramount[$i] = $pm -> fields['amount'];
            $arrlevel[$i] = $pm -> fields['minlev'];
            $seller = $db -> Execute("SELECT user FROM players WHERE id=".$pm -> fields['owner']);
            $arrseller[$i] = $seller -> fields['user'];
            $seller -> Close();
            if ($player -> id == $pm -> fields['owner']) 
            {
                $arraction[$i] = "<td><a href=rmarket.php?wyc=".$pm -> fields['id'].">".A_DELETE."</a></td></tr>";
            } 
                else 
            {
                $arraction[$i] = "<td><a href=rmarket.php?buy=".$pm -> fields['id'].">".A_BUY."</a></td></tr>";
            }
            $pm -> MoveNext();
            $i = $i + 1;
        }
        $pm -> Close();
        $smarty -> assign(array("Name" => $arrname, 
                                "Power" => $arrpower, 
                                "Cost" => $arrcost, 
                                "Owner" => $arrowner, 
                                "Action" => $arraction,  
                                "Amount" => $arramount, 
                                "Minlev" => $arrlevel, 
                                "Seller" => $arrseller));
        if (!isset($_POST['szukany'])) 
        {
            $_POST['szukany'] = '';
        }
        if ($_GET['limit'] >= 30) 
        {
            $lim = $_GET['limit'] - 30;
            $smarty -> assign ("Previous", "<form method=\"post\" action=\"rmarket.php?view=market&limit=".$lim."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_PREVIOUS."\"></form> ");
        }
        $_GET['limit'] = $_GET['limit'] + 30;
        if ($przed > 30 && $_GET['limit'] < $przed) 
        {
            $smarty -> assign ("Next", " <form method=\"post\" action=\"rmarket.php?view=market&limit=".$_GET['limit']."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_NEXT."\"></form>");
        }
    }
}

/**
* Add oferts to market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'add') 
{
    $rzecz = $db -> Execute("SELECT `id`, `name`, `amount` FROM `equipment` WHERE `status`='U' AND `type`='I' AND `owner`=".$player -> id);
    $arrname = array();
    $arrid = array(0);
    $arramount = array();
    $i = 0;
    while (!$rzecz -> EOF) 
    {
        $arrname[$i] = $rzecz -> fields['name'];
        $arrid[$i] = $rzecz -> fields['id'];
        $arramount[$i] = $rzecz -> fields['amount'];
        $rzecz -> MoveNext();
        $i = $i + 1;
    }
    $rzecz -> Close();
    if (!$arrid[0])
    {
        error(NO_ITEMS);
    }
    $smarty -> assign (array("Name" => $arrname, 
                             "Itemid" => $arrid, 
                             "Amount" => $arramount,
                             "Addinfo" => ADD_INFO,
                             "Item" => ITEM,
                             "Aadd" => A_ADD,
                             "Iamount" => I_AMOUNT,
                             "Iamount2" => I_AMOUNT2,
                             "Icost" => I_COST));
    if (isset ($_GET['step']) && $_GET['step'] == 'add') 
    {
        if (!isset($_POST['cost'])) 
        {
            error(ERROR);
        }
        if (!ereg("^[1-9][0-9]*$", $_POST['cost'])) 
        {
            error(ERROR);
        }
        if (!ereg("^[1-9][0-9]*$", $_POST['przedmiot']) || !ereg("^[1-9][0-9]*$", $_POST['amount'])) 
        {
            error(ERROR);
        }
        $item = $db -> Execute("SELECT * FROM equipment WHERE id=".$_POST['przedmiot']);
        if ($item -> fields['amount'] < $_POST['amount']) 
        {
            error (NO_AMOUNT.$item -> fields['name']);
        }
        if ($item -> fields['type'] != 'I')
        {
            error(ERROR);
        }
        $amount = $item -> fields['amount'] - $_POST['amount'];
        if ($amount > 0) 
        {
            $db -> Execute("UPDATE equipment SET amount=".$amount." where id=".$item -> fields['id']);
        } 
            else
        {
            $db -> Execute("DELETE FROM `equipment` WHERE `id`=".$item -> fields['id']);
        }
        $test = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$item -> fields['name']."' AND `type`='".$item -> fields['type']."' AND `status`='R' AND `owner`=".$player -> id." AND `power`=".$item -> fields['power']." AND `minlev`=".$item -> fields['minlev']);
        if (!$test -> fields['id']) 
        {
            $db -> Execute("INSERT INTO `equipment` (`owner`, `name`, `power`, `type`, `cost`, `minlev`, `status`, `amount`) VALUES(".$player -> id.", '".$item -> fields['name']."', ".$item -> fields['power'].", '".$item -> fields['type']."', ".$_POST['cost'].", ".$item -> fields['minlev'].", 'R', ".$_POST['amount'].")");
            $smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name'].ON_MARKET.$_POST['cost'].FOR_GOLDS.". <a href=\"rmarket.php?view=add\">".A_REFRESH."</a>");
        } 
            else 
        {
            $db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$_POST['amount']." WHERE `id`=".$test -> fields['id']);
            $smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name']."</b>. <a href=\"rmarket.php?view=add\">".A_REFRESH."</a>");
        }
        $test -> Close();
    }
}

/**
* Delete selected ofert from market
*/
if (isset($_GET['wyc'])) 
{
    if (!ereg("^[1-9][0-9]*$", $_GET['wyc'])) 
    {
        error (ERROR);
    }
    $dwyc = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['wyc']);
    if ($dwyc -> fields['owner'] != $player -> id) 
    {
        error (NOT_YOUR);
    }
    require_once('includes/marketdel.php');
    deleteitem($dwyc, $player -> id);
    $smarty -> assign("Message", YOU_DELETE." (<a href=\"rmarket.php\">".A_BACK."</a>)");
}

/**
* Delete oferts from market
*/
if (isset ($_GET['view']) && $_GET['view'] == 'del') 
{
    $objArm = $db -> Execute("SELECT * FROM `equipment` WHERE `owner`=".$player -> id." AND `status`='R' AND `type`='I'");
    while (!$objArm -> EOF)
    {
        $intTest = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$objArm -> fields['name']."' AND `type`='".$objArm -> fields['type']."' AND `status`='U' AND `owner`=".$player -> id." AND `power`=".$objArm -> fields['power']." AND `cost`=1 AND `minlev`=".$objArm -> fields['minlev']);
        if (!$intTest -> fields['id']) 
        {
            $db -> Execute("UPDATE `equipment` SET `status`='U', `cost`=1 WHERE `id`=".$objArm -> fields['id']);
        } 
            else 
        {
            $db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$objArm -> fields['amount']." WHERE `id`=".$intTest -> fields['id']);
        }
        $intTest -> Close();
        $objArm -> MoveNext();
    } 
    $db -> Execute("DELETE FROM `equipment` WHERE `status`='R' AND `type`='I' AND `owner`=".$player -> id);
    $smarty -> assign("Message",YOU_DELETE." (<a href=\"rmarket.php\">".A_BACK."</a>)");
}

/**
* Buy items from market
*/
if (isset($_GET['buy'])) 
{
    if (!ereg("^[1-9][0-9]*$", $_GET['buy'])) 
    {
        error (ERROR);
    }
    $buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`='I' AND `status`='R'");
    if (!$buy -> fields['id']) 
    {
        error (NO_OFERTS);
    }
    if ($buy -> fields['owner'] == $player -> id) 
    {
        error (IS_YOUR);
    }
    $seller = $db -> Execute("SELECT user FROM players WHERE id=".$buy -> fields['owner']);    
    $smarty -> assign(array("Name" => $buy -> fields['name'], 
                            "Itemid" => $buy -> fields['id'], 
                            "Amount1" => $buy -> fields['amount'], 
                            "Cost" => $buy -> fields['cost'], 
                            "Seller" => $seller -> fields['user'], 
                            "Sid" => $buy -> fields['owner'], 
                            "Power" => $buy -> fields['power'], 
                            "Type" => $buy -> fields['type'], 
                            "Item" => ITEM,
                            "Buyinfo" => BUY_INFO,
                            "Ipower" => I_POWER,
                            "Aamount" => A_AMOUNT,
                            "Hamount" => H_AMOUNT,
                            "Oamount" => O_AMOUNT,
                            "Icost" => I_COST,
                            "Iseller" => SELLER,
                            "Bamount" => B_AMOUNT,
                            "Abuy" => A_BUY));
    $buy -> Close();
    $seller -> Close();
    if (isset($_GET['step']) && $_GET['step'] == 'buy') 
    {
        if (!isset($_POST['amount'])) 
        {
            error(ERROR);
        }
        if (!ereg("^[1-9][0-9]*$", $_POST['amount'])) 
        {
            error (ERROR);
        }
        $buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`='I'");
        if ($_POST['amount'] > $buy -> fields['amount']) 
        {
            error(NO_AMOUNT.$buy -> fields['name'].ON_MARKET);
        }
        $price = $_POST['amount'] * $buy -> fields['cost'];
        if ($price > $player -> credits) 
        {
            error (NO_MONEY);
        }
        $test = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$buy -> fields['name']."' AND `type`='".$buy -> fields['type']."' AND `status`='U' AND `owner`=".$player -> id." AND `power`=".$buy -> fields['power']." AND `cost`=1 AND `minlev`=".$buy -> fields['minlev']);
        if (!$test -> fields['id']) 
        {
            $db -> Execute("INSERT INTO `equipment` (`owner`, `name`, `power`, `type`, `cost`, `zr`, `wt`, `minlev`, `maxwt`, `amount`, `magic`, `poison`, `szyb`, `twohand`, `ptype`, `repair`) VALUES(".$player -> id.", '".$buy -> fields['name']."', ".$buy -> fields['power'].", '".$buy -> fields['type']."', 1, ".$buy -> fields['zr'].", ".$buy -> fields['wt'].", ".$buy -> fields['minlev'].", ".$buy -> fields['maxwt'].", ".$_POST['amount'].", '".$buy -> fields['magic']."', ".$buy -> fields['poison'].", ".$buy -> fields['szyb'].", '".$buy -> fields['twohand']."', '".$buy -> fields['ptype']."', ".$buy -> fields['repair'].")");
        } 
            else 
        {
            $db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$_POST['amount']." WHERE `id`=".$test -> fields['id']);
        }
        $test -> Close();
        if ($_POST['amount'] == $buy -> fields['amount']) 
        {
            $db -> Execute("DELETE FROM `equipment` WHERE `id`=".$buy -> fields['id']);
        } 
            else 
        {
            $db -> Execute("UPDATE `equipment` SET `amount`=`amount`-".$_POST['amount']." WHERE `id`=".$buy -> fields['id']);
        }
        $db -> Execute("UPDATE `players` SET `bank`=`bank`+".$price." WHERE `id`=".$buy -> fields['owner']);
        $db -> Execute("UPDATE `players` SET `credits`=`credits`-".$price." WHERE `id`=".$player -> id);
        $strDate = $db -> DBDate($newdate);
        $db -> Execute("INSERT INTO `log` (`owner`, `log`, `czas`) VALUES(".$buy -> fields['owner'].", '<b><a href=view.php?view=".$player -> id.">".$player -> user.L_ACCEPT.$player -> id.L_ACCEPT2.$_POST['amount'].L_AMOUNT.$buy -> fields['name'].YOU_GET.$price.TO_BANK."', ".$strDate.")");
        $smarty -> assign("Message", YOU_BUY.$_POST['amount'].I_AMOUNT.$buy -> fields['name'].FOR_A.$price.GOLD_COINS);
    }
}

/**
* List of all oferts on market
*/
if (isset($_GET['view']) && $_GET['view'] == 'all') 
{
    $oferts = $db -> Execute("SELECT `name` FROM `equipment` WHERE `status`='R' AND `type`='I' GROUP BY `name`");
    $arrname = array();
    $arramount = array();
    $i = 0;
    while (!$oferts -> EOF) 
    {
        $arrname[$i] = $oferts -> fields['name'];
        $arramount[$i] = 0;
        $query = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `name`='".$arrname[$i]."'");
        $arramount[$i] = $query -> fields['count(*)'];
        $query -> Close();
        $oferts -> MoveNext();
        $i = $i + 1;
    }
    $oferts -> Close();
    $smarty -> assign(array("Name" => $arrname, 
                            "Amount" => $arramount, 
                            "Message" => "<br />(<a href=\"rmarket.php\">".A_BACK."</a>)",
                            "Listinfo" => LIST_INFO,
                            "Iname" => I_NAME,
                            "Iamount" => I_AMOUNT,
                            "Iaction" => I_ACTION,
                            "Ashow" => A_SHOW));
}

/**
* Initialization of variables
*/
if (!isset($_GET['view'])) 
{
    $_GET['view'] = '';
}
if (!isset($_GET['wyc'])) 
{
    $_GET['wyc'] = '';
}
if (!isset($_GET['buy'])) 
{
    $_GET['buy'] = '';
}

/**
* Assign variables to template and display page
*/
$smarty -> assign(array("View" => $_GET['view'], 
                        "Remowe" => $_GET['wyc'], 
                        "Buy" => $_GET['buy'],
                        "Aback" => A_BACK));
$smarty -> display('rmarket.tpl');

require_once("includes/foot.php"); 
?>

1	<?php
2	/**
3	* File functions:
4	* Jewellers market
5	*
6	* @name : rmarket.php
7	* @copyright : (C) 2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @author : eyescream <tduda@users.sourceforge.net>
10	* @version : 1.3
11	* @since : 07.02.2007
12	*
13	*/
14
15	//
16	//
17	// This program is free software; you can redistribute it and/or modify
18	// it under the terms of the GNU General Public License as published by
19	// the Free Software Foundation; either version 2 of the License, or
20	// (at your option) any later version.
21	//
22	// This program is distributed in the hope that it will be useful,
23	// but WITHOUT ANY WARRANTY; without even the implied warranty of
24	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25	// GNU General Public License for more details.
26	//
27	// You should have received a copy of the GNU General Public License
28	// along with this program; if not, write to the Free Software
29	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30	//
31	// $Id: rmarket.php 882 2007-02-07 19:16:13Z thindil $
32
33	$title = "Rynek jubilerski";
34	require_once("includes/head.php");
35
36	/**
37	* Get the localization for game
38	*/
39	require_once("languages/".$player -> lang."/rmarket.php");
40
41	if ($player -> location != 'Altara' && $player -> location != 'Ardulith')
42	{
43	error (ERROR);
44	}
45
46	/**
47	* Assign variables to template
48	*/
49	$smarty -> assign(array("Message" => '',
50	"Previous" => '',
51	"Next" => ''));
52
53	/**
54	* Main menu
55	*/
56	if (!isset($_GET['view']) && !isset($_GET['buy']) && !isset($_GET['wyc']))
57	{
58	$smarty -> assign(array("Minfo" => M_INFO,
59	"Aview" => A_VIEW,
60	"Asearch" => A_SEARCH,
61	"Aadd" => A_ADD,
62	"Adelete" => A_DELETE,
63	"Alist" => A_LIST,
64	"Aback2" => A_BACK2));
65	}
66
67	/**
68	* Search items on market
69	*/
70	if (isset ($_GET['view']) && $_GET['view'] == 'szukaj')
71	{
72	$smarty -> assign(array("Sinfo" => S_INFO,
73	"Sinfo2" => S_INFO2,
74	"Item" => ITEM,
75	"Asearch" => A_SEARCH));
76	}
77
78	/**
79	* Show oferts in market
80	*/
81	if (isset ($_GET['view']) && $_GET['view'] == 'market')
82	{
83	if (empty($_POST['szukany']))
84	{
85	$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`='I'");
86	}
87	else
88	{
89	$_POST['szukany'] = strip_tags($_POST['szukany']);
90	$strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
91	$msel = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `type`='I' AND `name`=".$strSearch) or die($db -> ErrorMsg());
92	}
93	$przed = $msel -> fields['count(*)'];
94	$msel -> Close();
95	if ($przed == 0)
96	{
97	error (NO_OFERTS);
98	}
99	if (!isset($_GET['limit']))
100	{
101	$_GET['limit'] = 0;
102	}
103	$smarty -> assign(array("Tname" => T_NAME,
104	"Tpower" => T_POWER,
105	"Tcost" => T_COST,
106	"Tseller" => T_SELLER,
107	"Tamount" => T_AMOUNT,
108	"Tlevel" => T_LEVEL,
109	"Viewinfo" => VIEW_INFO,
110	"Toptions" => T_OPTIONS));
111	if ($_GET['limit'] < $przed)
112	{
113	if ($_GET['lista'] == 'zr')
114	{
115	$strOrder = ' ASC';
116	}
117	else
118	{
119	$strOrder = ' DESC';
120	}
121	if (empty($_POST['szukany']))
122	{
123	$pm = $db -> SelectLimit("SELECT * FROM `equipment` WHERE `status`='R' AND `type`='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
124	}
125	else
126	{
127	$strSearch = $db -> qstr($_POST['szukany'], get_magic_quotes_gpc());
128	$pm = $db -> SelectLimit("SELECT * FROM `equipment` WHERE `status`='R' AND `name`=".$strSearch." AND `type`='I' ORDER BY ".$_GET['lista'].$strOrder, 30, $_GET['limit']);
129	}
130	$arrname = array();
131	$arrpower = array();
132	$arrcost = array();
133	$arrowner = array();
134	$arraction = array();
135	$arramount = array();
136	$arrlevel = array();
137	$arrseller = array();
138	$i = 0;
139	while (!$pm -> EOF)
140	{
141	$arrname[$i] = $pm -> fields['name'];
142	$arrpower[$i] = $pm -> fields['power'];
143	$arrcost[$i] = $pm -> fields['cost'];
144	$arrowner[$i] = $pm -> fields['owner'];
145	$arramount[$i] = $pm -> fields['amount'];
146	$arrlevel[$i] = $pm -> fields['minlev'];
147	$seller = $db -> Execute("SELECT user FROM players WHERE id=".$pm -> fields['owner']);
148	$arrseller[$i] = $seller -> fields['user'];
149	$seller -> Close();
150	if ($player -> id == $pm -> fields['owner'])
151	{
152	$arraction[$i] = "<td><a href=rmarket.php?wyc=".$pm -> fields['id'].">".A_DELETE."</a></td></tr>";
153	}
154	else
155	{
156	$arraction[$i] = "<td><a href=rmarket.php?buy=".$pm -> fields['id'].">".A_BUY."</a></td></tr>";
157	}
158	$pm -> MoveNext();
159	$i = $i + 1;
160	}
161	$pm -> Close();
162	$smarty -> assign(array("Name" => $arrname,
163	"Power" => $arrpower,
164	"Cost" => $arrcost,
165	"Owner" => $arrowner,
166	"Action" => $arraction,
167	"Amount" => $arramount,
168	"Minlev" => $arrlevel,
169	"Seller" => $arrseller));
170	if (!isset($_POST['szukany']))
171	{
172	$_POST['szukany'] = '';
173	}
174	if ($_GET['limit'] >= 30)
175	{
176	$lim = $_GET['limit'] - 30;
177	$smarty -> assign ("Previous", "<form method=\"post\" action=\"rmarket.php?view=market&limit=".$lim."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_PREVIOUS."\"></form> ");
178	}
179	$_GET['limit'] = $_GET['limit'] + 30;
180	if ($przed > 30 && $_GET['limit'] < $przed)
181	{
182	$smarty -> assign ("Next", " <form method=\"post\" action=\"rmarket.php?view=market&limit=".$_GET['limit']."&lista=".$_GET['lista']."\"><input type=\"hidden\" name=\"szukany\" value=\"".$_POST['szukany']."\"><input type=\"submit\" value=\"".A_NEXT."\"></form>");
183	}
184	}
185	}
186
187	/**
188	* Add oferts to market
189	*/
190	if (isset ($_GET['view']) && $_GET['view'] == 'add')
191	{
192	$rzecz = $db -> Execute("SELECT `id`, `name`, `amount` FROM `equipment` WHERE `status`='U' AND `type`='I' AND `owner`=".$player -> id);
193	$arrname = array();
194	$arrid = array(0);
195	$arramount = array();
196	$i = 0;
197	while (!$rzecz -> EOF)
198	{
199	$arrname[$i] = $rzecz -> fields['name'];
200	$arrid[$i] = $rzecz -> fields['id'];
201	$arramount[$i] = $rzecz -> fields['amount'];
202	$rzecz -> MoveNext();
203	$i = $i + 1;
204	}
205	$rzecz -> Close();
206	if (!$arrid[0])
207	{
208	error(NO_ITEMS);
209	}
210	$smarty -> assign (array("Name" => $arrname,
211	"Itemid" => $arrid,
212	"Amount" => $arramount,
213	"Addinfo" => ADD_INFO,
214	"Item" => ITEM,
215	"Aadd" => A_ADD,
216	"Iamount" => I_AMOUNT,
217	"Iamount2" => I_AMOUNT2,
218	"Icost" => I_COST));
219	if (isset ($_GET['step']) && $_GET['step'] == 'add')
220	{
221	if (!isset($_POST['cost']))
222	{
223	error(ERROR);
224	}
225	if (!ereg("^[1-9][0-9]*$", $_POST['cost']))
226	{
227	error(ERROR);
228	}
229	if (!ereg("^[1-9][0-9]$", $_POST['przedmiot']) \|\| !ereg("^[1-9][0-9]$", $_POST['amount']))
230	{
231	error(ERROR);
232	}
233	$item = $db -> Execute("SELECT * FROM equipment WHERE id=".$_POST['przedmiot']);
234	if ($item -> fields['amount'] < $_POST['amount'])
235	{
236	error (NO_AMOUNT.$item -> fields['name']);
237	}
238	if ($item -> fields['type'] != 'I')
239	{
240	error(ERROR);
241	}
242	$amount = $item -> fields['amount'] - $_POST['amount'];
243	if ($amount > 0)
244	{
245	$db -> Execute("UPDATE equipment SET amount=".$amount." where id=".$item -> fields['id']);
246	}
247	else
248	{
249	$db -> Execute("DELETE FROM `equipment` WHERE `id`=".$item -> fields['id']);
250	}
251	$test = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$item -> fields['name']."' AND `type`='".$item -> fields['type']."' AND `status`='R' AND `owner`=".$player -> id." AND `power`=".$item -> fields['power']." AND `minlev`=".$item -> fields['minlev']);
252	if (!$test -> fields['id'])
253	{
254	$db -> Execute("INSERT INTO `equipment` (`owner`, `name`, `power`, `type`, `cost`, `minlev`, `status`, `amount`) VALUES(".$player -> id.", '".$item -> fields['name']."', ".$item -> fields['power'].", '".$item -> fields['type']."', ".$_POST['cost'].", ".$item -> fields['minlev'].", 'R', ".$_POST['amount'].")");
255	$smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name'].ON_MARKET.$_POST['cost'].FOR_GOLDS.". <a href=\"rmarket.php?view=add\">".A_REFRESH."</a>");
256	}
257	else
258	{
259	$db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$_POST['amount']." WHERE `id`=".$test -> fields['id']);
260	$smarty -> assign("Message", YOU_ADD.$_POST['amount'].I_AMOUNT3.$item -> fields['name']."</b>. <a href=\"rmarket.php?view=add\">".A_REFRESH."</a>");
261	}
262	$test -> Close();
263	}
264	}
265
266	/**
267	* Delete selected ofert from market
268	*/
269	if (isset($_GET['wyc']))
270	{
271	if (!ereg("^[1-9][0-9]*$", $_GET['wyc']))
272	{
273	error (ERROR);
274	}
275	$dwyc = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['wyc']);
276	if ($dwyc -> fields['owner'] != $player -> id)
277	{
278	error (NOT_YOUR);
279	}
280	require_once('includes/marketdel.php');
281	deleteitem($dwyc, $player -> id);
282	$smarty -> assign("Message", YOU_DELETE." (<a href=\"rmarket.php\">".A_BACK."</a>)");
283	}
284
285	/**
286	* Delete oferts from market
287	*/
288	if (isset ($_GET['view']) && $_GET['view'] == 'del')
289	{
290	$objArm = $db -> Execute("SELECT * FROM `equipment` WHERE `owner`=".$player -> id." AND `status`='R' AND `type`='I'");
291	while (!$objArm -> EOF)
292	{
293	$intTest = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$objArm -> fields['name']."' AND `type`='".$objArm -> fields['type']."' AND `status`='U' AND `owner`=".$player -> id." AND `power`=".$objArm -> fields['power']." AND `cost`=1 AND `minlev`=".$objArm -> fields['minlev']);
294	if (!$intTest -> fields['id'])
295	{
296	$db -> Execute("UPDATE `equipment` SET `status`='U', `cost`=1 WHERE `id`=".$objArm -> fields['id']);
297	}
298	else
299	{
300	$db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$objArm -> fields['amount']." WHERE `id`=".$intTest -> fields['id']);
301	}
302	$intTest -> Close();
303	$objArm -> MoveNext();
304	}
305	$db -> Execute("DELETE FROM `equipment` WHERE `status`='R' AND `type`='I' AND `owner`=".$player -> id);
306	$smarty -> assign("Message",YOU_DELETE." (<a href=\"rmarket.php\">".A_BACK."</a>)");
307	}
308
309	/**
310	* Buy items from market
311	*/
312	if (isset($_GET['buy']))
313	{
314	if (!ereg("^[1-9][0-9]*$", $_GET['buy']))
315	{
316	error (ERROR);
317	}
318	$buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`='I' AND `status`='R'");
319	if (!$buy -> fields['id'])
320	{
321	error (NO_OFERTS);
322	}
323	if ($buy -> fields['owner'] == $player -> id)
324	{
325	error (IS_YOUR);
326	}
327	$seller = $db -> Execute("SELECT user FROM players WHERE id=".$buy -> fields['owner']);
328	$smarty -> assign(array("Name" => $buy -> fields['name'],
329	"Itemid" => $buy -> fields['id'],
330	"Amount1" => $buy -> fields['amount'],
331	"Cost" => $buy -> fields['cost'],
332	"Seller" => $seller -> fields['user'],
333	"Sid" => $buy -> fields['owner'],
334	"Power" => $buy -> fields['power'],
335	"Type" => $buy -> fields['type'],
336	"Item" => ITEM,
337	"Buyinfo" => BUY_INFO,
338	"Ipower" => I_POWER,
339	"Aamount" => A_AMOUNT,
340	"Hamount" => H_AMOUNT,
341	"Oamount" => O_AMOUNT,
342	"Icost" => I_COST,
343	"Iseller" => SELLER,
344	"Bamount" => B_AMOUNT,
345	"Abuy" => A_BUY));
346	$buy -> Close();
347	$seller -> Close();
348	if (isset($_GET['step']) && $_GET['step'] == 'buy')
349	{
350	if (!isset($_POST['amount']))
351	{
352	error(ERROR);
353	}
354	if (!ereg("^[1-9][0-9]*$", $_POST['amount']))
355	{
356	error (ERROR);
357	}
358	$buy = $db -> Execute("SELECT * FROM `equipment` WHERE `id`=".$_GET['buy']." AND `type`='I'");
359	if ($_POST['amount'] > $buy -> fields['amount'])
360	{
361	error(NO_AMOUNT.$buy -> fields['name'].ON_MARKET);
362	}
363	$price = $_POST['amount'] * $buy -> fields['cost'];
364	if ($price > $player -> credits)
365	{
366	error (NO_MONEY);
367	}
368	$test = $db -> Execute("SELECT `id` FROM `equipment` WHERE `name`='".$buy -> fields['name']."' AND `type`='".$buy -> fields['type']."' AND `status`='U' AND `owner`=".$player -> id." AND `power`=".$buy -> fields['power']." AND `cost`=1 AND `minlev`=".$buy -> fields['minlev']);
369	if (!$test -> fields['id'])
370	{
371	$db -> Execute("INSERT INTO `equipment` (`owner`, `name`, `power`, `type`, `cost`, `zr`, `wt`, `minlev`, `maxwt`, `amount`, `magic`, `poison`, `szyb`, `twohand`, `ptype`, `repair`) VALUES(".$player -> id.", '".$buy -> fields['name']."', ".$buy -> fields['power'].", '".$buy -> fields['type']."', 1, ".$buy -> fields['zr'].", ".$buy -> fields['wt'].", ".$buy -> fields['minlev'].", ".$buy -> fields['maxwt'].", ".$_POST['amount'].", '".$buy -> fields['magic']."', ".$buy -> fields['poison'].", ".$buy -> fields['szyb'].", '".$buy -> fields['twohand']."', '".$buy -> fields['ptype']."', ".$buy -> fields['repair'].")");
372	}
373	else
374	{
375	$db -> Execute("UPDATE `equipment` SET `amount`=`amount`+".$_POST['amount']." WHERE `id`=".$test -> fields['id']);
376	}
377	$test -> Close();
378	if ($_POST['amount'] == $buy -> fields['amount'])
379	{
380	$db -> Execute("DELETE FROM `equipment` WHERE `id`=".$buy -> fields['id']);
381	}
382	else
383	{
384	$db -> Execute("UPDATE `equipment` SET `amount`=`amount`-".$_POST['amount']." WHERE `id`=".$buy -> fields['id']);
385	}
386	$db -> Execute("UPDATE `players` SET `bank`=`bank`+".$price." WHERE `id`=".$buy -> fields['owner']);
387	$db -> Execute("UPDATE `players` SET `credits`=`credits`-".$price." WHERE `id`=".$player -> id);
388	$strDate = $db -> DBDate($newdate);
389	$db -> Execute("INSERT INTO `log` (`owner`, `log`, `czas`) VALUES(".$buy -> fields['owner'].", '<b><a href=view.php?view=".$player -> id.">".$player -> user.L_ACCEPT.$player -> id.L_ACCEPT2.$_POST['amount'].L_AMOUNT.$buy -> fields['name'].YOU_GET.$price.TO_BANK."', ".$strDate.")");
390	$smarty -> assign("Message", YOU_BUY.$_POST['amount'].I_AMOUNT.$buy -> fields['name'].FOR_A.$price.GOLD_COINS);
391	}
392	}
393
394	/**
395	* List of all oferts on market
396	*/
397	if (isset($_GET['view']) && $_GET['view'] == 'all')
398	{
399	$oferts = $db -> Execute("SELECT `name` FROM `equipment` WHERE `status`='R' AND `type`='I' GROUP BY `name`");
400	$arrname = array();
401	$arramount = array();
402	$i = 0;
403	while (!$oferts -> EOF)
404	{
405	$arrname[$i] = $oferts -> fields['name'];
406	$arramount[$i] = 0;
407	$query = $db -> Execute("SELECT count(*) FROM `equipment` WHERE `status`='R' AND `name`='".$arrname[$i]."'");
408	$arramount[$i] = $query -> fields['count(*)'];
409	$query -> Close();
410	$oferts -> MoveNext();
411	$i = $i + 1;
412	}
413	$oferts -> Close();
414	$smarty -> assign(array("Name" => $arrname,
415	"Amount" => $arramount,
416	"Message" => "<br />(<a href=\"rmarket.php\">".A_BACK."</a>)",
417	"Listinfo" => LIST_INFO,
418	"Iname" => I_NAME,
419	"Iamount" => I_AMOUNT,
420	"Iaction" => I_ACTION,
421	"Ashow" => A_SHOW));
422	}
423
424	/**
425	* Initialization of variables
426	*/
427	if (!isset($_GET['view']))
428	{
429	$_GET['view'] = '';
430	}
431	if (!isset($_GET['wyc']))
432	{
433	$_GET['wyc'] = '';
434	}
435	if (!isset($_GET['buy']))
436	{
437	$_GET['buy'] = '';
438	}
439
440	/**
441	* Assign variables to template and display page
442	*/
443	$smarty -> assign(array("View" => $_GET['view'],
444	"Remowe" => $_GET['wyc'],
445	"Buy" => $_GET['buy'],
446	"Aback" => A_BACK));
447	$smarty -> display('rmarket.tpl');
448
449	require_once("includes/foot.php");
450	?>

Gitorious