+-------------------------------------------------------------------------+
*/
include("./include/auth.php");
include_once("./lib/utility.php");
/* set default action */
if (!isset($_REQUEST["action"])) { $_REQUEST["action"] = ""; }
switch ($_REQUEST["action"]) {
case 'save':
form_save();
break;
case 'item_remove':
item_remove();
header("Location: graphs.php?action=graph_edit&id=" . $_GET["local_graph_id"]);
break;
case 'item_edit':
include_once("./include/top_header.php");
item_edit();
include_once("./include/bottom_footer.php");
break;
case 'item_movedown':
item_movedown();
header("Location: graphs.php?action=graph_edit&id=" . $_GET["local_graph_id"]);
break;
include "globals.php";
$_GET['ID'] = abs((int) $_GET['ID']);
$id = $db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid={$userid} LIMIT 1");
if ($db->num_rows($id) == 0) {
print "Invalid item ID\r\n<br />\r\n<a href='inventory.php'>Back</a>";
$h->endpage();
exit;
} else {
$r = $db->fetch_row($id);
}
if (!$r['weapon']) {
print "This item cannot be equipped to this slot.\r\n<br />\r\n<a href='inventory.php'>Back</a>";
$h->endpage();
exit;
}
if ($_GET['type']) {
if (!in_array($_GET['type'], array("equip_primary", "equip_secondary"))) {
print "This slot ID is not valid.\r\n<br />\r\n<a href='inventory.php'>Back</a>";
$h->endpage();
exit;
}
if ($ir[$_GET['type']]) {
item_add($userid, $ir[$_GET['type']], 1);
}
item_remove($userid, $r['itmid'], 1);
$db->query("UPDATE users SET {$_GET['type']} = {$r['itmid']} WHERE userid={$userid}");
print "Item {$r['itmname']} equipped successfully.\r\n<br />\r\n<a href='inventory.php'>Back</a>";
} else {
print "\r\n\r\n<div class='generalinfo_txt'>\r\n<div><img src='images/info_left.jpg' alt='' /></div>\r\n<div class='info_mid'><h2 style='padding-top:10px;'> Equip Weapon</h2></div>\r\n<div><img src='images/info_right.jpg' alt='' /></div> </div>\r\n<div class='generalinfo_simple'><br> <br><br>\r\n\r\n\r\n<form action='equip_weapon.php' method='get'>\r\n<input type='hidden' name='ID' value='{$_GET['ID']}' />\r\nPlease choose the slot to equip {$r['itmname']} to, if there is already a weapon in that slot, it will be removed back to your inventory.<br />\r\n<input type='radio' STYLE='color: black; background-color: white;' name='type' value='equip_primary' checked='checked' /> Primary<br />\r\n<input type='radio' STYLE='color: black; background-color: white;' name='type' value='equip_secondary' /> Secondary<br />\r\n<input type='submit' STYLE='color: black; background-color: white;' value='Equip Weapon' /></form> </div><div><img src='images/generalinfo_btm.jpg' alt='' /></div><br></div></div></div></div></div> ";
}
$h->endpage();
$einfo = unserialize($r['effect3']);
if ($einfo['inc_type'] == "percent") {
if (in_array($einfo['stat'], array('energy', 'will', 'brave', 'hp'))) {
$inc = round($ir['max' . $einfo['stat']] / 100 * $einfo['inc_amount']);
} else {
$inc = round($ir[$einfo['stat']] / 100 * $einfo['inc_amount']);
}
} else {
$inc = $einfo['inc_amount'];
}
if ($einfo['dir'] == "pos") {
if (in_array($einfo['stat'], array('energy', 'will', 'brave', 'hp'))) {
$ir[$einfo['stat']] = min($ir[$einfo['stat']] + $inc, $ir['max' . $einfo['stat']]);
} else {
$ir[$einfo['stat']] += $inc;
}
} else {
$ir[$einfo['stat']] = max($ir[$einfo['stat']] - $inc, 0);
}
$upd = $ir[$einfo['stat']];
if (in_array($einfo['stat'], array('strength', 'agility', 'guard', 'labour', 'IQ'))) {
$db->query("UPDATE `userstats` SET {$einfo['stat']} = '{$upd}' WHERE userid={$userid}");
} else {
$db->query("UPDATE `users` SET {$einfo['stat']} = '{$upd}' WHERE userid={$userid}");
}
}
print "\n\n<div id='mainOutput' style='text-align: center; color: green; width: 600px; border: 1px solid #222222; height: 70px;\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\n\n{$r['itmname']} used successfully! <br><br>\n \n<a href='inventory.php'><font color='white'>Back To Inventory</font></a> </div></div> \n\n";
item_remove($userid, $r['inv_itemid'], 1);
}
}
$h->endpage();
print "\r\n\r\n\r\n<div id='mainOutput' style='text-align: center; color: red; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nInvalid item ID <br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>\r\n\r\n";
} else {
$r = $db->fetch_row($id);
$m = $db->query("SELECT * FROM users WHERE userid={$_GET['user']} LIMIT 1");
if ($_GET['qty'] > $r['inv_qty']) {
print "\r\n\r\n<div id='mainOutput' style='text-align: center; color: red; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nYou are trying to send more than you have! <br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>\r\n\r\n</div></div> \r\n\r\n";
} else {
if ($_GET['qty'] <= 0) {
print "\r\n\r\n<div id='mainOutput' style='text-align: center; color: red; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nYou know, I'm not dumb, j00 cheating hacker. <br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>\r\n\r\n";
} else {
if ($db->num_rows($m) == 0) {
print "\r\n\r\n<div id='mainOutput' style='text-align: center; color: red; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nYou are trying to send to an invalid user! <br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>\r\n\r\n";
} else {
$rm = $db->fetch_row($m);
//are we sending it all
item_remove($userid, $r['inv_itemid'], $_GET['qty']);
item_add($_GET['user'], $r['inv_itemid'], $_GET['qty']);
print "\r\n\r\n<div id='mainOutput' style='text-align: center; color: green; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nYou sent {$_GET['qty']} {$r['itmname']}(s) to {$rm['username']}\r\n\r\n<br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>\r\n\r\n";
event_add($_GET['user'], "You received {$_GET['qty']} {$r['itmname']}(s) from <a href='viewuser.php?u={$userid}'>{$ir['username']}</a>", $c);
$db->query("INSERT INTO itemxferlogs VALUES('',{$userid},{$_GET['user']},{$r['itmid']},{$_GET['qty']},unix_timestamp(), '{$ir['lastip']}', '{$rm['lastip']}')");
}
}
}
}
} else {
if ($_GET['ID']) {
$id = $db->query("SELECT iv.*,it.* FROM inventory iv LEFT JOIN items it ON iv.inv_itemid=it.itmid WHERE iv.inv_id={$_GET['ID']} AND iv.inv_userid={$userid} LIMIT 1");
if ($db->num_rows($id) == 0) {
print "\r\n<div id='mainOutput' style='text-align: center; color: red; width: 600px; border: 1px solid #222222; height: 70px;\r\nmargin: 0 auto 10px; clear: both; position: relative; left: -20px; padding: 8px'>\r\n\r\nInvalid item ID <br><br>\r\n\r\n<a href='inventory.php'><font color='white'>Back To Inventory</font></a>";
} else {
$r = $db->fetch_row($id);
