if (isset($_GET['BuyFromShop'])){ if ((isset($_GET['Amount']))&&(isset($_GET['buyWith']))&&(isset($_GET['transWith']))&&(isset($_GET['IData']))&&(isset($_GET['roleid']))){ $idata = trim($_GET['IData']); $idata = str_replace('|', '#', trim($_GET['IData'])); //check server if running if (strpos($idata, "#") !== false){ $iArr = explode("#", $idata); if (count($iArr) == 19){ $handle = fopen($ShopItemD, 'r'); $valid = false; // init as false $iArr[3] = str_replace(' ', ' +', $iArr[3]); $idata = implode("#", $iArr); while (($line = fgets($handle)) !== false) { if (strpos($line, $idata) !== false) { $valid = TRUE; break; } } fclose($handle); if ($valid !== false){ $buyWith = intval($_GET['buyWith']); $transWith = intval($_GET['transWith']); $Amount = intval($_GET['Amount']); $roleId = intval($_GET['roleid']); if (($buyWith > 0) && ($transWith > 0) && ($Amount > 0) && ($roleId > 0) && ($iArr[11] >= $Amount)){ $sockres = @FSockOpen($DB_Host, $ServerPort, $errno, $errstr, 10); if (!$sockres){ echo"<script>parent.alert('Server is offline');</script>"; }else{ @FClose($sockres); //on $conn = new mysqli($DB_Host, $DB_User, $DB_Password, $DB_Name); if (($conn->connect_error)||(mysqli_connect_error())) { echo"<script>parent.alert('Cannot connect to mysql database');</script>"; }else{ include("./packet_class.php"); if ($buyWith == 1){ if (UserOnlineCheck($conn, $userid) == 0){ $GRoleData=GetRoleData($roleId); $gold=$GRoleData['pocket']['money']; echo"<script> parent.RMoney = parseInt('".$gold."', 10); parent.document.getElementById('Role_Gold').innerHTML = parent.RMoney; </script>"; $price = $iArr[0]*$Amount; if ($gold >= $price){ $GRoleData['pocket']['money']=$gold-$price; if ($transWith == 1){ //echo"<script>parent.MReady = false;</script>"; $expir = $iArr[14]; if ($expir>0){$expir=$expir+time();} $sent=false; echo"<script>alert('".PutRoleData($roleId, $GRoleData)."');</script>"; //PutRoleData($roleId, $GRoleData); /* if (SysSendMail($roleId, ("[SHOP]: ".$iArr[2]), ("Thank you for bought this item from web!"), $iArr[7], $Amount, $iArr[11], $iArr[15], $iArr[9], $expir, $iArr[12], $iArr[13], $iArr[8], 0) == 0){ echo"<script> parent.RMoney = parseInt('".$GRoleData['pocket']['money']."', 10); parent.document.getElementById('Role_Gold').innerHTML = parent.RMoney; parent.document.getElementById('BuyWindow').style.display='none'; parent.alert('Mail sent with your item!'); parent.MReady = true; parent.SelectIcon(0); </script>"; $sent=true; PutRoleData($roleId, $GRoleData); }else{ echo"<script> parent.alert('Error, cannot send mail!'); parent.document.getElementById('BuyWindow').style.display='none'; parent.MReady = true; parent.SelectIcon(0); </script>"; } */ } }else{ echo"<script>parent.alert('Insufficient point (".($price-$WPoint)." missing)!');</script>"; } }else{ echo"<script>parent.alert('Try again after you log out from game!');</script>"; } }else if ($buyWith == 2){ //check user point & gold $query = "SELECT VotePoint FROM users WHERE ID=?"; $statement = $conn->prepare($query); $statement->bind_param('i', $userid); $statement->execute(); $statement->bind_result($LWebPoint); $statement->store_result(); $result = $statement->num_rows; if (!$result) { exit; }else{ while($statement->fetch()) { $WPoint=$LWebPoint; } $price = $iArr[1]*$Amount; if ($WPoint >= $price){ $NPoint = $WPoint - $price; if ($transWith == 1){ echo"<script>parent.MReady = false;</script>"; $expir = $iArr[14]; if ($expir>0){$expir=$expir+time();} if (SysSendMail($roleId, ("[SHOP]: ".$iArr[2]), ("Thank you for bought this item from web!"), $iArr[7], $Amount, $iArr[11], $iArr[15], $iArr[9], $expir, $iArr[12], $iArr[13], $iArr[8], 0) == 0){ $query = "UPDATE users SET VotePoint = $NPoint WHERE ID=?"; $stmt = $conn->prepare($query); $stmt->bind_param('i', $userid); $stmt->execute(); $stmt->close(); echo"<script> parent.UPoint = parseInt('".$NPoint."', 10); parent.document.getElementById('User_Point').innerHTML = parent.UPoint; parent.document.getElementById('BuyWindow').style.display='none'; parent.alert('Mail sent with your item!'); parent.MReady = true; parent.SelectIcon(0); </script>"; }else{ echo"<script> parent.alert('Error, cannot send mail!'); parent.document.getElementById('BuyWindow').style.display='none'; parent.SelectIcon(0); parent.MReady = true; </script>"; } } }else{ echo"<script>parent.alert('Insufficient point (".($price-$WPoint)." missing)!');</script>"; } } } } $conn->close(); } } }else{ echo"<script>parent.alert('Item not found!');</script>"; } } } }}