Hello everyone!!!
I am having some small problems with the web nolife_x, last night I was testing the RZ Gift Coins Function and the GIFT EV Coins Function, I put the character name of the person I was gift, and when I clicked on the button "GIFT" These coins that I would gift. Were to me and not him.
Here is the code :
RZ Coins Gift :
EV Coins Gift :Code:if($_SESSION['UGradeID'] == 254){ msgbox("Access Denied","index.php"); } if($_SESSION['UGradeID'] == 252){ msgbox("Access Denied","index.php"); } if (isset($_POST['submit'])){ $type = clean($_POST['type']); $id = clean($_POST['id']); $coins1 = clean($_POST['coins1']); //-- if ($type == 1){ $res = mssql_query_logged("SELECT * FROM Account WHERE UserID = '$id'"); if(mssql_num_rows($res) == 0){ msgbox("User ID $id Doesnt Exist","index.php?do=rzgift"); }else{ $data = mssql_fetch_assoc($res); $userID = $data['UserID']; $UserAID = $data['AID']; if($_POST['C1'] == "ON"){ } $query = mssql_query_logged("SELECT [RZCoins] FROM [Login] WHERE [UserID] = '$userid'"); $item = mssql_fetch_assoc($query); $coins = $item['RZCoins']; $amountcoins = $_POST['coins1']; $coins += $amountcoins; mssql_query_logged("UPDATE [Login] SET [RZCoins] = $coins WHERE [UserID] = '$userid'"); msgbox("The User With The ID $id Has Been Gifted!!","index.php?do=rzgift"); } }else{ $res = mssql_query_logged("SELECT * FROM Character WHERE Name = '$id'"); if(mssql_num_rows($res) == 0){ msgbox("The Character $id Doesnt Exist","index.php?do=rzgift"); }else{ $res = mssql_query_logged("SELECT * FROM Character WHERE Name = '$id'"); $data = mssql_fetch_assoc($res); $UserAID = $data['AID']; $query = mssql_query_logged("SELECT [RZCoins] FROM [Login] WHERE [UserID] = '$userid'"); $item = mssql_fetch_assoc($query); $coins = $item['RZCoins']; $amountcoins = $_POST['coins1']; $coins += $amountcoins; mssql_query_logged("UPDATE [Login] SET [RZCoins] = $coins WHERE [UserID] = '$userid'"); msgbox("The User With The Character $id Has Been Gifted!!","index.php?do=rzgift"); } } }
Thank you.Code:<? include "authadmin.php"; if (isset($_POST['submit'])){ $type = clean($_POST['type']); $id = clean($_POST['id']); $coins1 = clean($_POST['coins']); //-- if ($type == 1){ $res = mssql_query_logged("SELECT * FROM Account WHERE UserID = '$id'"); if(mssql_num_rows($res) == 0){ msgbox("UserID $id doesnt exist","index.php?do=evgift"); }else{ $data = mssql_fetch_assoc($res); $userID = $data['UserID']; $UserAID = $data['AID']; if($_POST['C1'] == "ON"){ } $query = mssql_query_logged("SELECT [EVCoins] FROM [Login] WHERE [UserID] = '$userid'"); $item = mssql_fetch_assoc($query); $coins = $item['EVCoins']; $amountcoins = $_POST['coins1']; $coins += $amountcoins; mssql_query_logged("UPDATE [Login] SET [EVCoins] = $coins WHERE [UserID] = '$userid'"); msgbox("The user with the ID $id has been gifted","index.php?do=evgift"); } }else{ $res = mssql_query_logged("SELECT * FROM Character WHERE Name = '$id'"); if(mssql_num_rows($res) == 0){ msgbox("The character $id doesnt exist","index.php?do=evgift"); }else{ $res = mssql_query_logged("SELECT * FROM Character WHERE Name = '$id'"); $data = mssql_fetch_assoc($res); $UserAID = $data['AID']; $query = mssql_query_logged("SELECT [EVCoins] FROM [Login] WHERE [UserID] = '$userid'"); $item = mssql_fetch_assoc($query); $coins = $item['EVCoins']; $amountcoins = $_POST['coins1']; $coins += $amountcoins; mssql_query_logged("UPDATE [Login] SET [EVCoins] = $coins WHERE [UserID] = '$userid'"); msgbox("The user with the character $id has been gifted","index.php?do=evgift"); } } }
TheWinner
Reply With Quote
Originally Posted by cheaterastic
