function __construct()
{
global $config;
session_init();
$loginUrl = './?page=login';
if (empty($config['session name'])) {
$config['session name'] = 'WebAuctionPlus User';
}
// check logged in
if (isset($_SESSION[$config['session name']])) {
$this->doValidate($_SESSION[$config['session name']]);
}
// not logged in (and is required)
if (SettingsClass::getBoolean('Require Login')) {
if (!$this->isOk() && $config['page'] != 'login') {
ForwardTo($loginUrl, 0);
exit;
}
}
}
public static function BuyFixed($auctionId, $qty)
{
global $config, $user;
// validate args
$auctionId = (int) $auctionId;
$qty = (int) $qty;
if ($auctionId < 1) {
$_SESSION['error'][] = 'Invalid auction id!';
return FALSE;
}
if ($qty < 1) {
$_SESSION['error'][] = 'Invalid qty!';
return FALSE;
}
// has canBuy permissions
if (!$user->hasPerms('canBuy')) {
$_SESSION['error'][] = 'You don\'t have permission to buy.';
return FALSE;
}
// query auction
$auction = QueryAuctions::QuerySingle($auctionId);
if (!$auction) {
$_SESSION['error'][] = 'Auction not found!';
return FALSE;
}
$Item = $auction->getItemCopy();
// // is item allowed
// if (!itemAllowed($item->name, $item->damage)){
// $_SESSION['error'][] = $item->fullname.' is not allowed to be sold.';
// header("Location: ../myauctions.php");
// }
// buying validation
if ($auction->getSellerId() == $user->getId()) {
$_SESSION['error'][] = 'Can\'t buy from yourself!';
return FALSE;
}
if ($qty > $Item->getItemQty()) {
$_SESSION['error'][] = 'Not that many for sale!';
return FALSE;
}
$maxSellPrice = SettingsClass::getDouble('Max Sell Price');
$sellPrice = $auction->getPrice();
$priceTotal = $sellPrice * (double) $qty;
if ($maxSellPrice > 0.0 && $sellPrice > $maxSellPrice) {
$_SESSION['error'][] = 'Over max sell price of ' . SettingsClass::getBoolean('Currency Prefix') . $maxSellPrice . SettingsClass::getBoolean('Currency Prefix') . ' !';
return FALSE;
}
if ($priceTotal > $user->getMoney()) {
$_SESSION['error'][] = 'You don\'t have enough money!';
return FALSE;
}
// make payment from buyer to seller
UserClass::MakePayment($user->getName(), $user->getUUID(), $auction->getSeller(), $auction->getSellerUUID(), $priceTotal, 'Bought auction ' . (int) $auction->getTableRowId() . ' ' . $Item->getItemTitle() . ' x' . (int) $Item->getItemQty());
// remove auction
if (!self::RemoveAuction($auctionId, $qty < $Item->getItemQty() ? $qty : -1)) {
echo '<p style="color: red;">Error removing/updating auction!</p>';
exit;
}
// add to inventory
$Item->setItemQty($qty);
$tableRowId = ItemFuncs::AddCreateItem($user->getId(), $Item);
if (!$tableRowId) {
echo '<p style="color: red;">Error adding item to your inventory!</p>';
exit;
}
// add sale log
LogSales::addLog(LogSales::LOG_SALE, LogSales::SALE_BUYNOW, $auction->getSellerId(), $user->getId(), $Item, $sellPrice, FALSE, '', TRUE);
return TRUE;
}
public static function isEnabled()
{
return SettingsClass::getBoolean('CSRF Protection');
}
