public static function CreateShop($id, $qty, $priceBuy, $priceSell) { global $config, $user; // has isAdmin permissions if (!$user->hasPerms('isAdmin')) { $_SESSION['error'][] = 'You don\'t have permission to create a server shop.'; return FALSE; } // sanitize args $id = (int) $id; $qty = (int) $qty; if ($id < 1) { $_SESSION['error'][] = 'Invalid item id!'; return FALSE; } if ($qty < 0) { $_SESSION['error'][] = 'Invalid qty!'; return FALSE; } $priceBuy = floor($priceBuy * 100.0) / 100.0; $priceSell = floor($priceSell * 100.0) / 100.0; if ($priceBuy <= 0.0 && $priceSell <= 0.0) { $_SESSION['error'][] = 'Invalid price! Must provide either buy, sell, or both.'; return FALSE; } // check max price $maxSellPrice = SettingsClass::getDouble('Max Sell Price'); if ($maxSellPrice > 0.0 && $priceBuy > $maxSellPrice) { $_SESSION['error'][] = 'Over max buy price of ' . SettingsClass::getString('Currency Prefix') . $maxSellPrice . SettingsClass::getString('Currency Postfix') . ' !'; return FALSE; } if ($maxSellPrice > 0.0 && $priceSell > $maxSellPrice) { $_SESSION['error'][] = 'Over max sell price of ' . SettingsClass::getString('Currency Prefix') . $maxSellPrice . SettingsClass::getString('Currency Postfix') . ' !'; return FALSE; } if (!empty($desc)) { $desc = preg_replace('/<[^>]*>/', '', $desc); $desc = preg_replace('/\\b(https?|ftp|file):\\/\\/[-A-Z0-9+&@#\\/%?=~_|$!:,.;]*[A-Z0-9+&@#\\/%=~_|$]/i', '', strip_tags($desc)); } // query item $Item = QueryItems::QuerySingle($user->getId(), $id); if (!$Item) { $_SESSION['error'][] = 'Item not found!'; return FALSE; } // create server shop $query = "INSERT INTO `" . $config['table prefix'] . "ServerShops` (" . "`itemId`, `itemDamage`, `itemData`, `qty`, `enchantments`, `priceBuy`, `priceSell`, `created`, `itemTitle` )VALUES( " . (int) $Item->getItemId() . ", " . (int) $Item->getItemDamage() . ", " . "'" . mysql_san($Item->getItemData()) . "', " . (int) $qty . ", " . "'" . mysql_san($Item->getEnchantmentsCompressed()) . "', " . (double) $priceBuy . ", " . (double) $priceSell . ", " . "NOW(), " . "'" . mysql_san($Item->getItemTitle()) . "' )"; $result = RunQuery($query, __FILE__, __LINE__); if (!$result) { echo '<p style="color: red;">Error creating server shop!</p>'; exit; } return TRUE; }
public static function SellFixed($id, $qty, $price, $desc) { global $config, $user; // has canSell permissions if (!$user->hasPerms('canSell')) { $_SESSION['error'][] = 'You don\'t have permission to sell.'; return FALSE; } // sanitize args $id = (int) $id; if ($id < 1) { $_SESSION['error'][] = 'Invalid item id!'; return FALSE; } $qty = floor((int) $qty); $price = floor($price * 100.0) / 100.0; if ($qty <= 0) { $_SESSION['error'][] = 'Invalid qty!'; return FALSE; } if ($price <= 0.0) { $_SESSION['error'][] = 'Invalid price!'; return FALSE; } if (!empty($desc)) { $desc = preg_replace('/<[^>]*>/', '', $desc); $desc = preg_replace('/\\b(https?|ftp|file):\\/\\/[-A-Z0-9+&@#\\/%?=~_|$!:,.;]*[A-Z0-9+&@#\\/%=~_|$]/i', '', strip_tags($desc)); } // if (!itemAllowed($item->name, $item->damage)){ // $_SESSION['error'][] = $item->fullname.' is not allowed to be sold.'; // header("Location: ../myauctions.php"); // } $maxSellPrice = SettingsClass::getDouble('Max Sell Price'); if ($maxSellPrice > 0.0 && $price > $maxSellPrice) { $_SESSION['error'][] = 'Over max sell price of ' . SettingsClass::getString('Currency Prefix') . $maxSellPrice . SettingsClass::getString('Currency Postfix') . ' !'; return FALSE; } // query item $Item = QueryItems::QuerySingle($user->getId(), $id); if (!$Item) { $_SESSION['error'][] = 'Item not found!'; return FALSE; } // check item blacklist ItemFuncs::checkItemBlacklist($Item); if ($qty > $Item->getItemQty()) { $_SESSION['error'][] = 'You don\'t have that many!'; return FALSE; } // create auction $query = "INSERT INTO `" . $config['table prefix'] . "Auctions` (" . "`playerId`, `itemId`, `itemDamage`, `itemData`, `qty`, `enchantments`, `itemTitle`, `price`, `created` )VALUES( " . "'" . mysql_san($user->getId()) . "', " . (int) $Item->getItemId() . ", " . (int) $Item->getItemDamage() . ", " . "'" . mysql_san($Item->getItemData()) . "', " . (int) $qty . ", " . "'" . mysql_san($Item->getEnchantmentsCompressed()) . "', " . "'" . mysql_san($Item->getItemTitle()) . "', " . (double) $price . ", NOW() )"; $result = RunQuery($query, __FILE__, __LINE__); if (!$result) { echo '<p style="color: red;">Error creating auction!</p>'; exit; } $auctionId = mysql_insert_id(); // update qty / remove item stack if (!ItemFuncs::RemoveItem($Item->getTableRowId(), $qty < $Item->getItemQty() ? $qty : -1)) { echo '<p style="color: red;">Error removing item stack quantity!</p>'; exit; } // add sale log $Item->setItemQty($qty); LogSales::addLog(LogSales::LOG_NEW, LogSales::SALE_BUYNOW, $user->getId(), NULL, $Item, $price, FALSE, ''); return TRUE; }
function RenderPage_sell() { global $config, $html, $user; $config['title'] = 'Sell Items'; $id = getVar('id', 'int'); // load page html $outputs = RenderHTML::LoadHTML('pages/sell.php'); if (!is_array($outputs)) { echo 'Failed to load html!'; exit; } // load javascript $html->addToHeader($outputs['header']); // query item $Item = QueryItems::QuerySingle($user->getId(), $id); if (!$Item) { return '<h2 style="text-align: center;">The item you\'re trying to sell couldn\'t be found!</h2>'; } // check item blacklist ItemFuncs::checkItemBlacklist($Item); $qty = getVar('qty'); $priceFixed = getVar('priceFixed', 'double'); $priceStart = getVar('priceStart', 'double'); $priceBuy = getVar('priceBuy', 'double'); $priceSell = getVar('priceSell', 'double'); if (empty($qty)) { $qty = $Item->getItemQty(); } if ($priceFixed < 0.0) { $priceFixed = 0.0; } if ($priceStart < 0.0) { $priceStart = 0.0; } if ($priceBuy < 0.0) { $priceBuy = 0.0; } if ($priceSell < 0.0) { $priceSell = 0.0; } $messages = ''; $tags = array('messages' => &$messages, 'item id' => (int) $id, 'item display' => $Item->getDisplay(), 'have qty' => (int) $Item->getItemQty(), 'qty' => (int) $qty, 'price fixed' => (double) $priceFixed, 'price start' => (double) $priceStart, 'price buy' => (double) $priceBuy, 'price sell' => (double) $priceSell, 'currency prefix' => SettingsClass::getString('Currency Prefix'), 'currency postfix' => SettingsClass::getString('Currency Postfix')); unset($Item); // input errors if (isset($_SESSION['error'])) { if (is_array($_SESSION['error'])) { foreach ($_SESSION['error'] as $msg) { $messages .= str_replace('{message}', $msg, $outputs['error']); } } else { $messages .= str_replace('{message}', $_SESSION['error'], $outputs['error']); } unset($_SESSION['error']); } if (!$user->hasPerms('canSell')) { $messages .= str_replace('{message}', 'You don\'t have permission to sell.', $outputs['error']); } RenderHTML::RenderTags($outputs['body'], $tags); unset($tags); return $outputs['body']; }
function RenderPage_sell() { global $config, $html, $user, $settings; $output = ''; $id = getVar('id', 'int'); $qty = getVar('qty'); $priceEach = getVar('price', 'double'); // query item $Item = QueryItems::QuerySingle($user->getName(), $id); if (!$Item) { return '<h2 style="text-align: center;">The item you\'re trying to sell couldn\'t be found!</h2>'; } //echo '<pre>';print_r($Item);exit(); if (empty($qty)) { $qty = $Item->getItemQty(); } if ($priceEach == 0.0) { $priceEach = ''; $priceTotal = ''; } else { $priceTotal = (double) $priceEach * (double) $qty; } $html->addToHeader(' <script type="text/javascript" language="javascript"> function updateTotal(thisfield,otherfieldid){ otherfield = document.getElementById(otherfieldid); document.getElementById("pricetotal").innerHTML = (thisfield.value * otherfield.value).toFixed(2); // $("pricetotal").update( thisfield.value * otherfield.value ); } </script> '); //if(isset($_SESSION['error'])) { // $output.='<p style="color:red">'.$_SESSION['error'].'</p>'; // unset($_SESSION['error']); //} //if(isset($_SESSION['success'])) { // $output.='<p style="color: green;">'.$_SESSION['success'].'</p>'; // unset($_SESSION['success']); //} $output .= ' <!-- mainTable example --> <form action="./" method="post"> {token form} <input type="hidden" name="page" value="' . $config['page'] . '" /> <input type="hidden" name="action" value="newauction" /> <input type="hidden" name="lastpage" value="' . getLastPage() . '" /> <input type="hidden" name="id" value="' . getVar('id', 'int') . '" /> <table border="0" cellpadding="0" cellspacing="0" id="createauctionTable"> '; // input errors if (!isset($config['error'])) { if (!$user->hasPerms('canSell')) { $config['error'] = 'You don\'t have permission to sell.'; } } if (isset($config['error'])) { $output .= '<tr><td align="center" style="padding-top: 20px; color: red; font-size: larger;">' . $config['error'] . '</td></tr>'; } // add enchantments to this link! // '<a href="./?page=graph&name='.((int)$Item->getItemId()).'&damage='.$Item->getItemDamage().'">'.' . $output .= ' <tr><td align="center"><h2>Create a New Auction</h2></td></tr> <tr><td align="center"><div class="input" style="width: 150px; padding-top: 15px; padding-bottom: 15px; text-align: center;">' . $Item->getDisplay() . '</div></td></tr> <tr><td height="20"></td></tr> <tr><td align="center"><b>You have <font size="+2">' . (int) $Item->getItemQty() . '</font> items</b></td></tr> <tr><td><table border="0" cellpadding="0" cellspacing="10" align="center"> <tr> <td align="right"><b>Quantity:</b></td> <td><div style="position: absolute; margin-top: 10px; margin-left: 8px; font-size: larger; font-weight: bold;">x</div>' . '<input type="text" name="qty" value="' . (int) $qty . '" id="qty" class="input" style="width: 160px; text-align: center;" ' . 'onkeypress="return numbersonly(this, event);" onkeyup="updateTotal(this,\'price\');" /></td> </tr> <tr> <td align="right"><b>Price Each:</b></td> <td><div style="position: absolute; margin-top: 8px; margin-left: 8px; font-size: larger; font-weight: bold;">' . SettingsClass::getString('Currency Prefix') . '</div>' . '<input type="text" name="price" value="' . $priceEach . '" id="price" class="input" style="width: 160px; text-align: center;" ' . 'onkeypress="return numbersonly(this, event);" onkeyup="updateTotal(this,\'qty\');" />' . '<b> ' . SettingsClass::getString('Currency Postfix') . '</b></td> </tr> <tr> <td align="right"><b>Price Total:</b></td> <td><div style="position: absolute; margin-top: 8px; margin-left: 8px; font-size: larger; font-weight: bold;">' . SettingsClass::getString('Currency Prefix') . '</div>' . '<div id="pricetotal" class="input" style="float: left; width: 160px; text-align: center; font-size: larger; font-weight: bold;"> </div>' . '<div style="margin-top: 8px;"><b> ' . SettingsClass::getString('Currency Postfix') . '</b></div></td> </tr> </table></td></tr> <tr><td height="20"></td></tr> '; // custom descriptions if (SettingsClass::getString('Custom Descriptions')) { $output .= ' <tr><td colspan="2" align="center"> <b>Description:</b> (optional)</td></tr> <tr><td height="10"></td></tr> <tr><td colspan="2" align="center"><textarea name="desc" class="input" style="width: 80%; height: 55px;" readonly>Coming soon!</textarea></td></tr> <tr><td height="30"></td></tr> '; } $output .= ' <tr><td colspan="2" align="center"><input type="submit" value="Create Auction" class="input" /></td></tr> <tr><td height="30"></td></tr> </table> </form> '; unset($Item); return $output; }