function magic_buy_post($magic, $magicstore, $coupon)
{
global $_G, $space;
if (!$magic) {
showmessage('unknown_magic');
} else {
$mid = $magic['mid'];
}
$_POST['buynum'] = intval($_POST['buynum']);
if ($_POST['buynum'] < 1) {
showmessage('bad_buynum');
}
if ($magicstore['storage'] < $_POST['buynum']) {
showmessage('magics_num_no_enough');
}
$_POST['coupon'] = intval($_POST['coupon']);
$discard = 0;
if ($_POST['coupon']) {
if ($coupon['count'] < $_POST['coupon']) {
showmessage('not_enough_coupon');
}
$discard = 100 * $_POST['coupon'];
}
$discount = checkperm('magicdiscount');
if ($discount > 0) {
$magic['charge'] = intval($magic['charge'] * $discount / 10);
if ($magic['charge'] < 1) {
$magic['charge'] = 1;
}
} elseif ($discount < 0) {
$magic['charge'] = 0;
}
$charge = $_POST['buynum'] * $magic['charge'] - $discard;
$charge = $charge > 0 ? $charge : 0;
if ($charge > $space['credit']) {
showmessage('credit_is_not_enough');
}
DB::query("UPDATE " . DB::table("magicstore") . " SET storage = storage - {$_POST['buynum']}, sellcount = sellcount + {$_POST['buynum']}, sellcredit = sellcredit + {$charge} WHERE mid = '{$mid}'");
$experience = $_POST['buynum'] * intval($magic['experience']);
$arr = array('credit' => 0 - $charge, 'experience' => 0 - $experience);
member_count_update($_G['uid'], $arr);
$query = DB::query("SELECT * FROM " . DB::table("home_usermagic") . " WHERE uid='{$_G['uid']}' AND mid='{$mid}'");
if ($value = DB::fetch($query)) {
$count = $value['count'] + $_POST['buynum'];
} else {
$count = $_POST['buynum'];
}
DB::query("REPLACE " . DB::table('home_usermagic') . "(uid, username, mid, count) VALUES ('{$_G['uid']}', '{$_G['username']}', '{$mid}', '{$count}')");
DB::insert('magicinlog', array('uid' => $_G['uid'], 'username' => $_G['username'], 'mid' => $mid, 'count' => $_POST['buynum'], 'type' => 1, 'credit' => $charge, 'dateline' => $_G['timestamp']));
if ($_POST['coupon']) {
DB::query("UPDATE " . DB::table("home_usermagic") . " SET count = count - {$_POST['coupon']} WHERE uid='{$_G['uid']}' AND mid = 'coupon'");
}
return $charge;
}
$outxml .= '<track><annotation>' . $value['mp3name'] . '</annotation><location>' . $value['mp3url'] . '</location><image>' . $value['cdbj'] . '</image></track>' . "\n";
}
$outxml .= '</trackList></playlist>';
$outxml = diconv($outxml, CHARSET, 'UTF-8');
obclean();
@header("Expires: -1");
@header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
@header("Content-type: application/xml; charset=utf-8");
echo $outxml;
}
exit;
} else {
$viewuids = $_G['cookie']['viewuids'] ? explode('_', $_G['cookie']['viewuids']) : array();
if (!$_G['setting']['preventrefresh'] || $_G['uid'] && !$space['self'] && !in_array($space['uid'], $viewuids)) {
member_count_update($space['uid'], array('views' => 1));
$viewuids[$space['uid']] = $space['uid'];
dsetcookie('viewuids', implode('_', $viewuids));
}
if (!$space['self'] && $_G['uid']) {
$query = DB::query("SELECT dateline FROM " . DB::table('home_visitor') . " WHERE uid='{$space['uid']}' AND vuid='{$_G['uid']}'");
$visitor = DB::fetch($query);
$is_anonymous = empty($_G['cookie']['anonymous_visit_' . $_G['uid'] . '_' . $space['uid']]) ? 0 : 1;
if (empty($visitor['dateline'])) {
$setarr = array('uid' => $space['uid'], 'vuid' => $_G['uid'], 'vusername' => $is_anonymous ? '' : $_G['username'], 'dateline' => $_G['timestamp']);
DB::insert('home_visitor', $setarr, 0, true);
show_credit();
} else {
if ($_G['timestamp'] - $visitor['dateline'] >= 300) {
DB::update('home_visitor', array('dateline' => $_G['timestamp'], 'vusername' => $is_anonymous ? '' : $_G['username']), array('uid' => $space['uid'], 'vuid' => $_G['uid']));
}
}
member_count_update($space['uid'], array('credit' => 0 - $showcredit));
notification_add($fuid, 'credit', 'showcredit', array('credit' => $showcredit));
if (ckprivacy('show', 'feed')) {
require_once libfile('function/feed');
feed_add('show', 'feed_showcredit', array('fusername' => "<a href=\"home.php?mod=space&uid={$fuid}\">{$friend[fusername]}</a>", 'credit' => $showcredit));
}
showmessage('showcredit_friend_do_success', "home.php?mod=space&do=top");
} elseif (submitcheck('showsubmit')) {
$showcredit = intval($_POST['showcredit']);
if ($showcredit > $space[$key]) {
$showcredit = $space[$key];
}
if ($showcredit < 1) {
showmessage('showcredit_error', '', array(), array('return' => 1));
}
$_POST['note'] = getstr($_POST['note'], 100, 1, 1, 1);
$count = getcount('home_show', array('uid' => $_G['uid']));
if ($count) {
$notesql = $_POST['note'] ? ", note='{$_POST['note']}'" : '';
DB::query("UPDATE " . DB::table('home_show') . " SET credit=credit+{$showcredit} {$notesql} WHERE uid='{$_G['uid']}'");
} else {
DB::insert('home_show', array('uid' => $_G['uid'], 'username' => $_G['username'], 'credit' => $showcredit, 'note' => $_POST['note']), 0, true);
}
member_count_update($space['uid'], array('credit' => 0 - $showcredit));
if (ckprivacy('show', 'feed')) {
require_once libfile('function/feed');
feed_add('show', 'feed_showcredit_self', array('credit' => $showcredit), '', array(), $_POST['note']);
}
showmessage('showcredit_do_success', "home.php?mod=space&do=top");
}
