if (!isset($_GET['id'])) { redirect('membersarea.php'); } $pid = (int) $_GET['id']; $uid = (int) $_SESSION['userid']; $sqlUsername = cleanSql($_SESSION['username']); include '_header.php'; printHeader('Start An Auction'); $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `id`='{$pid}' AND `uid`='{$uid}'"); if (mysql_num_rows($query) == 0) { echo '<div class="error">Not your pokemon!</div>'; include '_footer.php'; die; } $pokeRow = mysql_fetch_assoc($query); if (in_array($pokeRow['id'], getUserTeamIds($uid))) { echo '<div class="error">This pokemon is in your team,</div>'; include '_footer.php'; die; } if (isset($_POST['duration']) && in_array($_POST['duration'], range(0, 4))) { $costs = array('0' => 200, '1' => 1000, '2' => 5000, '3' => 10000, '4' => 15000); $cost = $costs[$_POST['duration']]; if (getUserMoney($uid) < $cost) { echo '<div class="error">Not enough money.</div>'; } else { $times = array('0' => 60 * 10, '1' => 60 * 60, '2' => 60 * 60 * 6, '3' => 60 * 60 * 24, '4' => 60 * 60 * 24 * 7); $finishTime = time() + $times[$_POST['duration']]; $query = mysql_query("\n\t\t\tINSERT INTO `auction_pokemon`\n\t\t\t(\n\t\t\t\t`owner_id`,\n\t\t\t\t`owner_username`,\n\t\t\t\t`bidder_id`,\n\t\t\t\t`bidder_username`,\n\t\t\t\t`current_bid`,\n\t\t\t\t`name`,\n\t\t\t\t`exp`,\n\t\t\t\t`level`,\n\t\t\t\t`move1`,\n\t\t\t\t`move2`,\n\t\t\t\t`move3`,\n\t\t\t\t`move4`,\n\t\t\t\t`num_bids`,\n\t\t\t\t`gender`,\n\t\t\t\t`finish_time`\n\t\t\t) VALUES (\n\t\t\t\t'{$uid}',\n\t\t\t\t'{$sqlUsername}',\n\t\t\t\t'0',\n\t\t\t\t'',\n\t\t\t\t'1',\n\t\t\t\t'{$pokeRow['name']}',\n\t\t\t\t'{$pokeRow['exp']}',\n\t\t\t\t'{$pokeRow['level']}',\n\t\t\t\t'{$pokeRow['move1']}',\n\t\t\t\t'{$pokeRow['move2']}',\n\t\t\t\t'{$pokeRow['move3']}',\n\t\t\t\t'{$pokeRow['move4']}',\n\t\t\t\t'0',\n\t\t\t\t'{$pokeRow['gender']}',\n\t\t\t\t'{$finishTime}'\n\t\t\t)\n\t\t"); if ($query) { mysql_query("DELETE FROM `user_pokemon` WHERE `id`='{$pid}' LIMIT 1");
<?php die; require_once 'config.php'; require_once 'functions.php'; if (!isLoggedIn()) { redirect('login.php'); } $uid = (int) $_SESSION['userid']; include '_header.php'; $newTeamIds = array(); $oldTeamIds = getUserTeamIds($uid); if (count($oldTeamIds) > 0) { foreach ($oldTeamIds as $pid) { if ($pid == 0) { continue; } $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `id`='{$pid}' AND `uid`='{$uid}'"); if (mysql_num_rows($query) == 1) { $newTeamIds[] = $pid; } } } $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `uid`='{$uid}' ORDER BY `exp` DESC"); if (mysql_num_rows($query) == 0) { // they have no pokemon $pid = giveUserPokemonByName($uid, 'Weedle', 5, ''); $newTeamIds[] = $pid; } else { if (mysql_num_rows($query) > count($newTeamIds)) { // pad out their team with pokemon from their box
$nameOrder = $_GET['sort'] == 1 ? 2 : 1; $expOrder = $_GET['sort'] == 4 ? 3 : 4; echo ' <table class="pretty-table"> <tr> <th width=25%><a href="view_box.php?sort=' . $nameOrder . '">Pokemon</a></th> <th width=25%>Level</th> <th width=25%><a href="view_box.php?sort=' . $expOrder . '">Exp</a></th> <th width=25%>Moves</th> '; echo isset($_GET['id']) ? '' : '<th>Options</th>'; echo ' </tr> '; $teamIds = getUserTeamIds($uid); $genders = array('1' => 'Male', '2' => 'Female', '3' => 'Genderless'); while ($pokemon = mysql_fetch_assoc($query)) { if (!isset($_GET['id'])) { if (in_array($pokemon['id'], $teamIds)) { $tradeHtml = '<strike>Put Up For Trade</strike><br />'; $sellHtml = '<strike>Put Up For Sale</strike><br />'; $teamHtml = '<strike>Put In My Team</strike><br />'; $releaseHtml = '<strike>Release Pokemon</strike><br />'; $auctionHtml = '<strike>Auction Pokemon</strike><br />'; } else { $tradeHtml = '<a href="trade.php?a=puft_process&id=' . $pokemon['id'] . '">Trade Pokemon</a><br />'; $sellHtml = '<a href="sell_pokemon.php?p=sell2&id=' . $pokemon['id'] . '">Sell Pokemon</a><br />'; $teamHtml = '<a href="change_team.php?id=' . $pokemon['id'] . '">Put In My Team</a><br />'; $releaseHtml = '<a href="release.php?id=' . $pokemon['id'] . '">Release Pokemon</a><br />'; $auctionHtml = '<a href="auction_start.php?id=' . $pokemon['id'] . '">Auction Pokemon</a><br />';
echo '<div class="error">You can not battle yourself!</div>'; include '_footer.php'; die; } /* $bannedQuery = mysql_query("SELECT `banned` FROM `users` WHERE `banned` = '1'"); $banned = mysql_fetch_row($bannedQuery); if ($banned->banned == 1) { include '_header.php'; printHeader('ERROR'); echo '<div class="error">You can not battle with banned user!</div>'; include '_footer.php'; die(); }*/ $userTeam = getUserTeamIds($uid); if ($userTeam == false) { die; } $query = mysql_query("SELECT `username` FROM `users` WHERE `id`='{$uid}'"); $row = mysql_fetch_assoc($query); $username = $row['username']; $x = 0; for ($i = 1; $i <= 6; $i++) { $pid = $userTeam['poke' . $i]; if ($pid == 0) { continue; } $pokeRow = getUserPokemon($pid); $_SESSION['battle']['opponent'][$x] = $pokeRow; $_SESSION['battle']['opponent'][$x]['maxhp'] = maxHp($pokeRow['name'], $pokeRow['level']);