if ($amount <= 0) {
$message = '<div class="error">The lowest amount of money you can send is $1.</div>';
} else {
if ($uni_username === $_SESSION['username']) {
$message = '<div class="error">Why would you want to send money to your self?</div>';
} else {
if (isset($_SESSION['send_money_token']) && $_SESSION['send_money_token'] != $_POST['token']) {
$message = '<div class="error">Your tokens do not match!</div>';
} else {
$recUid = mysql_fetch_assoc($query);
$recUid = $recUid['id'];
$recMoney = getUserMoney($recUid) + $amount;
$userMoney -= $amount;
$time = time();
updateUserMoney($recUid, $recMoney);
updateUserMoney($uid, $userMoney);
mysql_query("\n\t\t\tINSERT INTO `send_money_history` (\n\t\t\t\t`sender_uid`, `recipient_uid`, `sender`, `recipient`, `amount`, `timestamp`\n\t\t\t) VALUES (\n\t\t\t\t'{$uid}', '{$recUid}', '{$sqlMyUsername}', '{$sqlUsername}', '{$amount}', '{$time}'\n\t\t\t)\n\t\t");
$_SESSION['message'] = '<div class="notice">You have sent $' . $amount . ' to ' . cleanHtml($uni_username) . '.</div>';
if (isset($_GET['id'])) {
$id = (int) $_GET['id'];
redirect('send_money.php?id=' . $id);
} else {
redirect('send_money.php');
}
}
}
}
}
}
}
include '_header.php';
echo '<div class="error">This pokemon is in your team,</div>';
include '_footer.php';
die;
}
if (isset($_POST['duration']) && in_array($_POST['duration'], range(0, 4))) {
$costs = array('0' => 200, '1' => 1000, '2' => 5000, '3' => 10000, '4' => 15000);
$cost = $costs[$_POST['duration']];
if (getUserMoney($uid) < $cost) {
echo '<div class="error">Not enough money.</div>';
} else {
$times = array('0' => 60 * 10, '1' => 60 * 60, '2' => 60 * 60 * 6, '3' => 60 * 60 * 24, '4' => 60 * 60 * 24 * 7);
$finishTime = time() + $times[$_POST['duration']];
$query = mysql_query("\n\t\t\tINSERT INTO `auction_pokemon`\n\t\t\t(\n\t\t\t\t`owner_id`,\n\t\t\t\t`owner_username`,\n\t\t\t\t`bidder_id`,\n\t\t\t\t`bidder_username`,\n\t\t\t\t`current_bid`,\n\t\t\t\t`name`,\n\t\t\t\t`exp`,\n\t\t\t\t`level`,\n\t\t\t\t`move1`,\n\t\t\t\t`move2`,\n\t\t\t\t`move3`,\n\t\t\t\t`move4`,\n\t\t\t\t`num_bids`,\n\t\t\t\t`gender`,\n\t\t\t\t`finish_time`\n\t\t\t) VALUES (\n\t\t\t\t'{$uid}',\n\t\t\t\t'{$sqlUsername}',\n\t\t\t\t'0',\n\t\t\t\t'',\n\t\t\t\t'1',\n\t\t\t\t'{$pokeRow['name']}',\n\t\t\t\t'{$pokeRow['exp']}',\n\t\t\t\t'{$pokeRow['level']}',\n\t\t\t\t'{$pokeRow['move1']}',\n\t\t\t\t'{$pokeRow['move2']}',\n\t\t\t\t'{$pokeRow['move3']}',\n\t\t\t\t'{$pokeRow['move4']}',\n\t\t\t\t'0',\n\t\t\t\t'{$pokeRow['gender']}',\n\t\t\t\t'{$finishTime}'\n\t\t\t)\n\t\t");
if ($query) {
mysql_query("DELETE FROM `user_pokemon` WHERE `id`='{$pid}' LIMIT 1");
updateUserMoney($uid, getUserMoney($uid) - $cost);
}
echo '<div class="notice">Your pokemon is now up for auction!</div>';
include '_footer.php';
die;
}
}
echo '
<img src="images/pokemon/' . $pokeRow['name'] . '.png" /><br />
' . $pokeRow['name'] . '<br />
Level: ' . $pokeRow['level'] . '<br />
Exp: ' . $pokeRow['exp'] . '<br />
<br /><hr /><br />
<form action="" method="post">
<h3>How long do you want the auction to last?</h3><br />
<input type="radio" name="duration" value="0" /> 10 Minutes (Cost $200)<br />
if (!isset($_SESSION['releaseToken'][$pid])) {
echo '<div class="error">Token not set.</div>';
} else {
if ($_SESSION['releaseToken'][$pid] != $_GET['token']) {
echo '<div class="error">Tokens do not match.</div>';
} else {
echo '
<div style="text-align: center;">
<div class="notice">You have released ' . $pokeInfo['name'] . '!</div>
<img src="images/pokemon/' . $pokeInfo['name'] . '.png" alt="' . $pokeInfo['name'] . '" /><br />
<a href="view_box.php">Back to your box.</a><br /><br />
</div>
';
mysql_query("DELETE FROM `user_pokemon` WHERE `uid`='{$uid}' AND `id`='{$pid}'");
mysql_query("UPDATE `users` SET `released`=`released`+1 WHERE `id`='{$uid}'");
updateUserMoney($uid, getUserMoney($uid) + $releaseReward);
unset($_SESSION['releaseToken'][$pid]);
}
}
} else {
$token = md5(rand(1000, 5000));
$_SESSION['releaseToken'][$pid] = $token;
echo '
<p>
Are you sure you want to release ' . $pokeInfo['name'] . '?<br />
<img src="images/pokemon/' . $pokeInfo['name'] . '.png" alt="' . $pokeInfo['name'] . '" /><br />
<a href="release.php?id=' . $pid . '&token=' . $token . '&sure">Yes</a> •
<a href="view_box.php">No</a><br /><br />
</p>
';
if ($releaseReward != 0) {