PHP Code:
<?php
$preco = 5000; // Change color price
$aid = $_SESSION['AID']; // AID logged
$login = mssql_fetch_array(mssql_query("SELECT Cash FROM Login(nolock) WHERE AID = $aid"));
$cash = $login['Cash'] - $preco; // Coins left
if( isset($_POST['coloredname']) )
{
$cor = $_POST['cor'];
$coresvalidas = array('10', '11', '12', '13', '14'); // Valids Grades
switch($cor)
{
case 1:
return $corq = 10;
break;
case 2:
return $corq = 11;
break;
case 3:
return $corq = 12;
break;
case 4:
return $corq = 13;
break;
case 5:
return $corq = 14;
break;
}
if(!in_array($corq, $coresvalidas))
{
die("Invalid Color");
}
else
{
mssql_query("UPDATE Account SET UGradeID = $corq WHERE AID = $aid");
mssql_query("UPDATE Login SET Cash = $cash WHERE AID = $aid");
die("Color buyed succesfuly");
}
}
?>
<form method="post" action="index.php?do=buycolor">
<select name="cor">
<option selected>Selecione</option>
<option value="1">Azul</option>
<option value="2">Verde</option>
<option value="3">Amarelo</option>
<option value="4">Rosa</option>
<option value="5">Vermelho</option>
</select>
<? if($cash >= 0)
{
echo '<input type="submit" name="coloredname" value="Comprar Colored">';
}
else
{
echo 'You don\'t have needed coins';
}
?>
</form>