· 6 years ago · Aug 03, 2019, 07:12 PM
1<?php
2
3
4sleep(1); // this should halt for 1 seconds for every loop
5//Product Types
6//Categories :
7//
8//[ 1 - Account Modifications ]
9//1 - Premium
10//2 - Remove Skull (ANY)
11//3 - UnBan Account
12//4 - Change Name
13//
14//[ 2 - Items ]
15//5 - Items
16//
17//[ 3 - Container Fully of Items ]
18//6 - Bag of Items
19//7 - Backpack of Items
20//
21//[ 4 - Addons Items ]
22//8 - Addon Items
23//
24//HOWTO PUT IMAGES FOR TYPES 1-4 [ Account Modifications ]
25//Go to public/images/ folder and create a GIF image (Or put)
26//With the ID of the type [See at the top of the script]
27//Ex. Type (1) - Premium Account (public/images/1.gif)
28
29
30//Variables
31require("config.php");
32include("config/functions.php");
33require("config/config.php");
34$this->load->helper("url");
35$ots = POT::getInstance();
36$ots->connect(POT::DB_MYSQL, connection());
37$SQL = $ots->getDBHandle();
38$SHOP = new shop;
39$ide = new IDE;
40$action = $this->uri->segment(4);
41$categories = array(1 => 'Conta', 2 => 'Items', 3 => 'Itens Em Containers', 4 => 'Vocações', 5 => 'Skins/Roupas');
42if ($_SESSION['logged'] == 1) {
43 if ($SHOP->isInstalled()) {
44 if ($action == '') {
45 if($ide->isAdmin()) {
46 echo "<div class='toolbar' align='center'>";
47 echo "<a href='".WEBSITE."/index.php/p/v/shop/admin'>Shop Admin Panel</a>";
48 echo "</div>";
49 }
50 alert("<b>Aviso:</b><br><br><b>com excessão de 'Itens Em Containers'</b>:<br><br>Precisam haver espaço em sua <b>BACKPACK</b> para receber o item.<br><br><b>Importante:</b><br><br>Personagens que contenham caracteres especiais no nome não receberão itens do shop, e terão seus pontos perdidos ao comprarem algo.<br><br><b>Exemplos:</b> Go'ku, Tenshin-han.</b><br><br>");
51 echo '<div id="accordion">';
52 $i = 0;
53 foreach($categories as $key=>$value) {
54 echo '<div class="title">'.$categories[$key].'</div>
55 <div>';
56 if($SQL->query('SELECT * FROM shop_offer WHERE category = '.$key.'')->fetch())
57 {
58
59 echo '<table class="table" border="8" cellspacing="1" cellpadding="10" width="100%">
60
61 <tr>
62 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Imagem</td>
63 <td width="40%" class="white" style="text-align: center; font-weight: bold;">Produto</td>
64 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Pontos</td>
65 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Acao</td>
66 </tr>';
67
68 foreach($SQL->query('SELECT * FROM shop_offer WHERE category = '.$key.'') as $item) {
69 if (is_int($i / 2))
70 $bgcolor = "#ececec";
71 else
72 $bgcolor = "#ffffff";
73 $i++;
74 echo '<tr class="highlight" bgcolor="'.$bgcolor.'" style="text-align: center;">
75 <td>';
76 if($item['category'] == '1')
77 $image = 'public/images/'.$item['type'].'.gif';
78 else
79 $image = 'public/images/items/'.$item['item'].'.gif';
80 if(!file_exists($image))
81 echo 'Sem Imagem';
82 else
83 echo '<img height="32px" width="32px" src="'.WEBSITE.'/'.$image.'"/>';
84 echo '</td>
85 <td><b>'.$item['name'].'</b><br>'.$item['description'].'</td>
86 <td>'.$item['points'].'</td>
87 <td><button type="submit" onClick="window.location.href=\''.WEBSITE.'/index.php/p/v/shop/buy/'.$item['id'].'\';" class="ide_button">Comprar</button></td>
88 </tr>';
89 }
90 echo '</table></div>';
91 }
92 else {
93
94 echo '</div>';
95 }
96 }
97 echo '</div>';
98 echo '<br><center><font style="color: #4F82CB; font-weight: bold; font-size: 12px">Você tem <font color="#4EBF37">'.$SHOP->points($_SESSION['name']).'</font> Pontos.</font></center>';
99 }
100 elseif ($action == 'buy') {
101 $product = $this->uri->segment(5);
102 $productact = $this->uri->segment(6);
103 if (!$product) {
104 alert("Você não selecionou um produto.");
105 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop">Voltar para o shop</a></div>';
106 }
107 else {
108 if($SQL->query('SELECT * FROM shop_offer WHERE id = '.$product.'')->fetch()) {
109 $info = $SQL->query('SELECT * FROM shop_offer WHERE id = '.$product.'')->fetch();
110 if($productact == '' || !$productact) {
111 if ($SHOP->points($_SESSION['name']) < $info['points']) {
112 alert("Você não tem pontos suficientes para comprar este produto (<b>".$info['points']."</b>)");
113 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop">Voltar para o shop</a></div>';
114 }
115 else {
116 echo '<div id="accordion">';
117 echo '<h3><a href="#"></a></h3>
118 <div>';
119 echo '<table class="table table-striped" border="5" cellspacing="1" cellpadding="4" width="100%">
120 <tr>
121 <td width="25%" class="white" style="text-align: center; font-weight: bold;">Imagem</td>
122 <td width="50%" class="white" style="text-align: center; font-weight: bold;">Produto</td>
123 <td width="25%" class="white" style="text-align: center; font-weight: bold;">Pontos</td>
124 </tr>';
125 echo '<tr class="highlight" style="text-align: center">
126 <td>';
127 if($info['category'] == '1')
128 $image = 'public/images/'.$info['type'].'.gif';
129 else
130 $image = 'public/images/items/'.$info['item'].'.gif';
131 if(!file_exists($image))
132 echo 'Sem Imagem';
133 else
134 echo '<img height="32px" width="32px" src="'.WEBSITE.'/'.$image.'"/>';
135 echo '</td>
136 <td><b>'.$info['name'].'</b><br>'.$info['description'].'</td>
137 <td>'.$info['points'].'</td>
138 </tr>';
139 echo '</table></div>
140 <h3><a href="#"></a></h3>
141 <div>
142 <table class="table table-striped" border="5" cellspacing="7" cellpadding="4" width="100%">
143 <tr>
144 <td><form method="post" action="'.WEBSITE.'/index.php/p/v/shop/buy/'.$info['id'].'/send">';
145 if($info['type'] == '4')
146 echo 'Character to Change Name:';
147 else
148 echo 'Selecione o personagem para onde deve ser enviado:';
149 echo '</td>
150 <td><select name="my_char">';
151 foreach($SHOP->CharacterList($_SESSION['name']) as $row)
152 echo '<option>'.$row['name'].'</option>';
153 echo '</select></td>
154 </tr>
155 <tr>
156 <td>';
157 if($info['type'] == '4')
158 echo 'Novo nome:';
159 else
160 echo 'Ou enviar para outro personagem:';
161 echo '</td>
162 <td><input type="text" name="other_char" size="10"/></td>
163 </tr>
164 <tr>
165 <td></td>
166 <td><button type="submit" name="submit" value="true" class="ide_button">Finalizar compra</td>
167 </tr></table></center></div></div>';
168 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/">Voltar para o shop</a></div>';
169 }
170 }
171 elseif ($productact == 'send') {
172 if(!$_POST['submit'])
173 header("Location: ".WEBSITE."/index.php/p/v/shop");
174 else {
175
176 if ($SHOP->points($_SESSION['name']) < $info['points']) {
177 alert("Você não tem <b>".$info['points']."</b> pontos para comprar <b>".$info['name']."<b>");
178
179
180 } else
181 if($info['type'] != '4') {
182 if($_POST['other_char']) {
183 if($SQL->query('SELECT * FROM players WHERE name = "'.$_POST['other_char'].'"')->fetch()) {
184 $destination = $_POST['other_char'];
185 $send = true;
186 } else {
187 alert('<b>'.$_POST['other_char'].'</b> doesn\'t exists.');
188 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/buy/'.$info['id'].'">Voltar para o shop</a></div>';
189 $send = false;
190 }
191 }
192 else {
193 $destination = $_POST['my_char'];
194 $send = true;
195 }
196 }
197 else {
198 $destination = $_POST['my_char'];
199 $send = true;
200 }
201
202 if($send == true) {
203 $errors = '';
204 $processed = 0;
205 if ($info['type'] == '1') {
206 $processed = 1;
207 $finish = true;
208 $SHOP->AddPremium($destination,$info['count']);
209 }
210 elseif ($info['type'] == '2') {
211 $skulltime = $SQL->query('SELECT skull,skulltime FROM players WHERE name = "'.$destination.'"')->fetch();
212 if ($SHOP->isOnline($destination) == 1) {
213 $errors .= 'Sorry, but <b>'.$destination.'</b> is On-Line right now.<br>';
214 $finish = false;
215 }
216 elseif ($skulltime['skull'] == '0' && $skulltime['skulltime'] == '0') {
217 $errors .= 'Sorry, but <b>'.$destination.'</b> doesn\'t have any skull.<br>';
218 $finish = false;
219 }
220 else {
221 $processed = 1;
222 $finish = true;
223 $SQL->query('UPDATE players SET skull = 0, skulltime = 0 WHERE name = "'.$destination.'"');
224 }
225 }
226 elseif ($info['type'] == '3') {
227 if ($SHOP->isOnline($destination) == 1) {
228 $errors .= 'Sorry, but <b>'.$destination.'</b> is On-Line right now.<br>';
229 $finish = false;
230 }
231 else {
232 if ($SHOP->isBanned($destination)->fetch()) {
233 $processed = 1;
234 $finish = true;
235 $SHOP->UnBan($destination);
236 }
237 else {
238 $errors .= 'Sorry, but <b>'.$destination.'</b>\'s Account isn\'t banned at the moment.<br>';
239 $finish = false;
240 }
241 }
242 }
243 elseif ($info['type'] == '4') {
244 if ($SHOP->isOnline($destination) == 1) {
245 $errors .= 'Sorry, but <b>'.$destination.'</b> is On-Line right now.<br>';
246 $finish = false;
247 }
248 else {
249 if ($SQL->query('SELECT * FROM players WHERE name = "'.$_POST['other_char'].'"')->fetch()) {
250 $finish = false;
251 $errors .= 'Sorry, but <b>'.$_POST['other_char'].'</b> already exists.<br>';
252 }
253 else {
254 if(!$_POST['other_char']) {
255 $finish = false;
256 $errors .= 'Sorry, but you didn\'t put a new name for your character.<br>';
257 }
258 else {
259 if (!preg_match('/[^A-Za-z]/', $_POST['other_char'])) {
260 $processed = 1;
261 $finish = true;
262 $SQL->query('UPDATE players SET name = "'.$_POST['other_char'].'" WHERE name = "'.$destination.'"');
263 }
264 else {
265 $finish = false;
266 $errors .= 'Sorry, but <b>'.$_POST['other_char'].'</b> contains invalid characters (Use only: A-Z, a-z).<br>';
267 }
268 }
269 }
270 }
271 }
272 else {
273 $finish = true;
274 }
275 if ($finish == true) {
276 echo '<div style="text-align: center; font-size: 15px; color: #4EBF37; font-weight: bold;">Transação bem sucedida</div><br>';
277 if($info['type'] == '4')
278 echo '<center>You have changed the name of <b>'.$destination.'</b> to <b>'.$_POST['other_char'].'</b>.</center>';
279 elseif($info['type'] == '3')
280 echo '<center>You have UnBanned <b>'.$destination.'</b>\'s Account.</center>';
281 else
282 echo '<center>Você comprou <b>'.$info['name'].'</b> para <b>'.$destination.'</b>.</center>';
283 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop">Voltar para o shop</a></div>';
284 $SQL->query('UPDATE accounts SET premium_points = '.($SHOP->points($_SESSION['name']) - $info['points']).' WHERE name = "'.$_SESSION['name'].'"');
285 $SQL->query('INSERT INTO shop_history (`id`, `product`, `session`, `player`, `date`, `processed`) VALUES (NULL, \''.$info['id'].'\',\''.$_SESSION['name'].'\', \''.$destination.'\', \''.time().'\',\''.$processed.'\')');;
286 }
287 else {
288 alert($errors);
289 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/buy/'.$info['id'].'">Voltar para o shop</a></div>';
290 }
291 }
292 }
293 }
294 }
295 else {
296 header("Location: ".WEBSITE."/index.php/p/v/shop");
297 }
298 echo '<br><center><font style="color: #4F82CB; font-weight: bold; font-size: 12px">Você tem: <font color="#4EBF37">'.$SHOP->points($_SESSION['name']).'</font> pontos.</font></center>';
299 }
300 }
301 elseif ($action == 'history') {
302 if ($SQL->query('SELECT * FROM shop_history WHERE session = "'.$_SESSION['name'].'" ORDER BY date DESC LIMIT 30')->fetch()) {
303 echo '<div style="text-align: center; font-weight: bold;">Últimas 30 Transações</div>
304 <table class="table" border="8" cellspacing="1" cellpadding="10" width="100%">
305 <tr>
306
307 <td class="white" style="text-align: center; font-weight: bold;"><font color="#000000">Imagem</td>
308 <td class="white" style="text-align: center; font-weight: bold;"><font color="#000000">Produto</td>
309 <td class="white" style="text-align: center; font-weight: bold;"><font color="#000000">Para</td>
310 <td class="white" style="text-align: center; font-weight: bold;"><font color="#000000">Data</td>
311 <td class="white" style="text-align: center; font-weight: bold;"><font color="#000000">Processado</td>
312 </tr>';
313 foreach($SQL->query('SELECT `z`.`player` AS `destination`, `z`.`date` AS `date`, `z`.`processed` AS `processed`, `o`.`category` AS `category`,`o`.`type` AS `type`,`o`.`item` AS `item`,`o`.`name` AS `name` FROM `shop_history` z LEFT JOIN `shop_offer` o ON `z`.`product` = `o`.`id` WHERE `z`.`session` = \''.$_SESSION['name'].'\' ORDER BY `z`.`date` DESC LIMIT 30') as $hist) {
314 echo '<tr class="highlight" style="text-align: center"><td>';
315 if($hist['category'] == '1')
316 $image = 'public/images/'.$hist['type'].'.gif';
317 else
318 $image = 'public/images/items/'.$hist['item'].'.gif';
319 if(!file_exists($image))
320 echo 'NO IMAGE';
321 else
322 echo '<img height="32px" width="32px" src="'.WEBSITE.'/'.$image.'"/>';
323 echo '</td>
324 <td>'.$hist['name'].'</td>
325 <td>'.$hist['destination'].'</td>
326 <td>'.date("d-m-Y - H:i a", $hist["date"]).'</td>';
327 if ($hist['processed'] == '1')
328 echo '<td><img src="'.WEBSITE.'/public/images/true.gif"/></td>';
329 else
330 echo '<td><img src="'.WEBSITE.'/public/images/false.gif"/></td>';
331 echo '</tr>';
332 }
333 echo '</table>';
334 }
335 else {
336 alert('Você não fez nenhuma transação');
337 }
338 }
339 elseif ($action == 'donate') {
340 $show = $this->uri->segment(5);
341 if ($show == 'history') {
342 if ($SQL->query('SELECT * FROM shop_donation_history WHERE buyer = "'.$_SESSION['name'].'" ORDER BY date DESC LIMIT 30')->fetch()) {
343 echo '<div style="text-align: center; font-weight: bold;">Últimas 30 Transações</div>
344 <table border="0" cellspacing="1" cellpadding="4" width="100%">
345 <tr>
346 <td class="white" style="text-align: center; font-weight: bold;">Method</td>
347 <td class="white" style="text-align: center; font-weight: bold;">ID/Mail</td>
348 <td class="white" style="text-align: center; font-weight: bold;">To Account</td>
349 <td class="white" style="text-align: center; font-weight: bold;">Points Added</td>
350 <td class="white" style="text-align: center; font-weight: bold;">Date</td>
351 </tr>';
352 foreach($SQL->query('SELECT * FROM shop_donation_history WHERE buyer = "'.$_SESSION['name'].'" ORDER BY date DESC LIMIT 30') as $hist) {
353 echo '<tr class="highlight" style="text-align: center">
354 <td>'; echo ($hist['method'] == 'PayPal')?'<img src="https://www.paypal.com/en_US/i/logo/paypal_logo.gif" height="50px" width="100px">':($hist['method'] == 'ContenidoPago')?'<img src="http://www.contenidopago.com/img/logo_ft.jpg" height="50px" width="100px">':''; echo '</td>
355 <td>'.$hist['receiver'].'</td>
356 <td>'.$hist['account'].'</td>
357 <td>'.$hist['points'].'</td>
358 <td>'.date("d-m-Y - H:i a", $hist["date"]).'</td>
359 </tr>';
360 }
361 echo '</table>';
362 }
363 else {
364 alert('You didn\'t donated');
365 }
366 }
367 elseif (!$show || $show == '') {
368 alert("".$config['server_name']."'s Administration <b>is not responsible</b> for <b>cases of loss of products</b>.<br><br> ".$config['server_name']."'s Administration <b>is responsible</b> for <b>cases of loss of points which have been sent to users</b>.");
369 echo '<div id="accordion">';
370 foreach ($config['donations']['methods'] as $method => $active) {
371 if ($active == true) {
372 echo '<h3><a href="#">'.$method.'</a></h3>
373 <div>';
374 if ($method == 'ContenidoPago') {
375 alert("This brand new system consists on <b>donations by SMS</b>.<br>
376 After donating you will receive <b>".$config['donations']['contenidopago']['Points']." Points</b>.<br><br>
377 <b>REMEMBER:</b><br>
378 You need to have <b>enough credit</b> to send <u>SMS</u>.<br><br>
379 You <b>MUST</b> fill the <b>Account Name</b> and the <b>Code Received</b> fields with <u>a valid account name</u> and <u>a valid code</u>.");
380 if(!isset($_POST['mysubmit'])) {
381 echo '<form method="post" action="" >
382 <fieldset style="border:1px solid #990000; width:450px; margin:auto;">
383 <legend style="font-weight:bold;font-size:12px;">Automatic SMS Donation</legend>
384 <ol style="list-style:none;">
385 <li style="padding-bottom:5px;"><label style="width:100px;float:left;text-align:left;">Account Name:</label><input type="text" style="border:1px solid #CCCCCC;" size="30" name="name" /></li>
386 <li style="padding-bottom:5px;"><label style="width:100px;float:left;text-align:left;">Code received:</label><input type="text" style="border:1px solid #CCCCCC;" size="30" name="codigo" /></li>
387
388 </ol>
389 <center><input type="submit" name="mysubmit" style="padding:3px;margin-bottom:10px;color:#FFFFFF;background-color:#990000;border:1px solid #000000;" value="Enviar" /></center>
390 </fieldset>
391 </form>';
392 }
393 else {
394 $codigo=$_POST['codigo'];
395 $name=$_POST['name'];
396 $QueryString = "LinkUrl=http://".urlencode($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
397 $QueryString .= "&codigo=" .urlencode($codigo);
398 $QueryString .= "&idservicio=" .$config['donations']['contenidopago']['Product'];
399
400
401 if(intval(get_cfg_var('allow_url_fopen')) && function_exists('file_get_contents')) {
402 $result=@file_get_contents("http://contenidopago.com/codigoval.php?".$QueryString);
403 }
404 elseif(intval(get_cfg_var('allow_url_fopen')) && function_exists('file')) {
405 if($content = @file("http://contenidopago.com/codigoval.php?".$QueryString))
406 $result=@join('', $content);
407 }
408 elseif(function_exists('curl_init')) {
409 $ch = curl_init ("http://contenidopago.com/codigoval.php?".$QueryString);
410 curl_setopt ($ch, CURLOPT_HEADER, 0);
411 curl_exec ($ch);
412
413 if(curl_error($ch))
414 alert("Error processing request");
415
416 curl_close ($ch);
417 }
418 else {
419 alert("It appears that your web host has disabled all functions for handling remote pages and as a result the BackLinks software will not function on your web page. Please contact your web host for more information.");
420 }
421
422 if ($result =='ok')
423 {
424
425 if(!(empty($name)))
426 {
427 if(!$SQL->query("SELECT * FROM accounts WHERE name = '".$name."'")->fetch())
428 {
429 alert('This username does not exist: <font color="blue">'.$name.'</font>');
430 }
431 else {
432 $SQL->query("UPDATE accounts SET premium_points = premium_points + ".$config['donations']['contenidopago']['Points']." WHERE name = '".$name."'");
433 alert("Codigo : $codigo validado, puntos sumados correctamente");
434 $SQL->query("INSERT INTO shop_donation_history (`id`, `method`, `receiver`, `buyer`, `account`, `points`, `date`) VALUES (NULL, 'ContenidoPago', '".$config['donations']['contenidopago']['Product']."', '".$_SESSION['name']."', '".$name."', '".$config['donations']['contenidopago']['Points']."', '".time()."');");
435 }
436 }
437 else {
438
439 alert('You did not set the user!');
440 }
441
442 }
443
444 if ($result =='no')
445 {
446 alert('El codigo no es valido o ya esta usado');
447 }
448 }
449 echo '<center><iframe src ="http://www.contenidopago.com/prom/microcodigo.php" width="270px" height="340px" frameborder="0">
450 <p>Your browser does not support iframes.</p>
451 </iframe></center>';
452 }
453 elseif ($method == 'PayPal') {
454 alert("The donation costs <b>".$config['donations']['paypal']['Amount']." ".$config['donations']['paypal']['Money']." (incl. VAT)</b>.<br>
455 After the donation you will receive a total of <b>".$config['donations']['paypal']['Points']." points</b> automatically.<br><br>
456 <b>REMEMBER:</b><br>
457 You need a <u>creditcard</u> <b>or</b> a <u>PayPal account</u> with a minimun of <b>".$config['donations']['paypal']['Amount']." ".$config['donations']['paypal']['Money']."</b>.<br><br>
458 You <b>MUST</b> fill the <b>Account Name</b> with a <u>valid one</u>.");
459 echo '<center><form action="https://www.paypal.com/cgi-bin/webscr" method="post">
460 <input type="hidden" name="cmd" value="_donations">
461 <input type="hidden" name="business" value="'.$config['donations']['paypal']['Mail'].'">
462 <input type="hidden" name="lc" value="GB">
463 <input type="hidden" name="item_name" value="'.$config['donations']['paypal']['Product'].'">
464 <b>Account Name:</b> <input type="text" name="custom" value="">
465 <input type="hidden" name="item_number" value="1">
466 <input type="hidden" name="amount" value="'.$config['donations']['paypal']['Amount'].'">
467 <input type="hidden" name="currency_code" value="'.$config['donations']['paypal']['Money'].'">
468 <input type="hidden" name="no_note" value="0">
469 <input type="hidden" name="no_shipping" value="0">
470 <input type="hidden" name="notify_url" value="'.WEBSITE.'index.php/p/v/paypal">
471 <input type="hidden" name="return" value="'.WEBSITE.'">
472 <input type="hidden" name="session" value="'.$_SESSION['name'].'">
473 <input type="hidden" name="rm" value="0">
474 <input type="hidden" name="bn" value="PP-DonationsBF:btn_donateCC_LG_global.gif:NonHosted"><br>
475 <input type="image" src="https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online.">
476 <img alt="" border="0" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">
477 </form></center>';
478 }
479 echo '</div>';
480 }
481 }
482 echo '</div>';
483 }
484 else {
485 header("Location: ".WEBSITE."/index.php/p/v/buypoints");
486 }
487 }
488 elseif ($action == 'admin') {
489 if($ide->isAdmin()) {
490 $manage = $this->uri->segment(5);
491 echo "<div class='toolbar' align='center'>";
492 echo "<a href='".WEBSITE."/index.php/p/v/shop/admin/add/1'>Adicionar Novos Items</a> | ";
493 echo "<a href='".WEBSITE."/index.php/p/v/shop/admin/delete'>Deletar Item</a> | ";
494 echo "<a href='".WEBSITE."/index.php/p/v/shop/admin/points'>Adicionar/Remover Points de players.</a>";
495 echo "</div>";
496
497 if ($manage == '' || !$manage) {
498 echo '<center>Welcome to Shop Admin Panel</center>';
499 }
500 elseif ($manage == 'add') {
501 $types[1] = array(1 => 'Premium Account', 2 => 'Remove Skull', 3 => 'UnBan Account', 4 => 'Change Name');
502 $types[2] = array(5 => 'Item');
503 $types[3] = array(6 => 'Bag with Items', 7 => 'Backpack with Items');
504 $types[4] = array(8 => 'Addon Items');
505 $types[5] = array(8 => 'Skins');
506 $step = $this->uri->segment(6);
507 if ($step == '1') {
508 echo '<form method="post" action="'.WEBSITE.'/index.php/p/v/shop/admin/add/2">Select Category: <select name="category">';
509 foreach($categories as $key=>$value) {
510 echo '<option value="'.$key.'">'.$categories[$key].'</option>';
511 }
512 echo '</select> <button type="submit" class="ide_button">Select Category</form>';
513 }
514 elseif ($step == '2' && $_POST['category']) {
515 echo '<form method="post" action="'.WEBSITE.'/index.php/p/v/shop/admin/add/3">
516 <input type="hidden" name="category" value="'.$_POST['category'].'"/>
517 Select Type: <select name="type">';
518 foreach($types[$_POST['category']] as $key=>$value) {
519 echo '<option value="'.$key.'">'.$types[$_POST['category']][$key].'</option>';
520 }
521 echo '</select> <button type="submit" class="ide_button">Select Type</form>';
522 }
523 elseif ($step == '3' && $_POST['category'] && $_POST['type']) {
524 echo '<form method="post" action="'.WEBSITE.'/index.php/p/v/shop/admin/add/4">
525 <input type="hidden" name="category" value="'.$_POST['category'].'"/>
526 <input type="hidden" name="type" value="'.$_POST['type'].'"/>
527 <table border="0" cellspacing="1" cellpadding="4" width="100%">
528 <tr>
529 <td width="25%">Product Name:</td>
530 <td width="25%"><input name="name" type="text" size="18" maxlength="256" /></td>
531 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">The name of the product</td>
532 </tr>
533 <tr>
534 <td width="25%">Point Cost:</td>
535 <td width="25%"><input name="points" type="text" value="0" size="10" maxlength="11" /></td>
536 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">Cost of the Product (Points)</td>
537 </tr>';
538 if ($_POST['type'] == '1') {
539 echo '<tr>
540 <td width="25%">Premium Days:</td>
541 <td width="25%"><input name="count" type="text" value="0" size="1" maxlength="3" /></td>
542 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">Days of Premium Account</td>
543 </tr>';
544 }
545 elseif ($_POST['type'] == '5' || $_POST['type'] == '6' || $_POST['type'] == '7' || $_POST['type'] == '8') {
546 echo '<tr>
547 <td width="25%">Item ID:</td>
548 <td width="25%"><input name="item" type="text" value="0" size="3" maxlength="5" /></td>
549 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">ID of item to give</td>
550 </tr>
551 <tr>
552 <td width="25%">Count:</td>
553 <td width="25%"><input name="count" type="text" value="0" size="1" maxlength="3" /></td>
554 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">Count of item (max. 100) (When selecting \'Backpack of Items\' or \'Bag of Items\' type, the ITEM with that count will fill the container!)</td>
555 </tr>';
556 }
557 echo '<tr>
558 <td width="25%">Product Description:</td>
559 <td width="25%"><textarea style="width: 120px; height: 80px;" name="description"></textarea></td>
560 <td width="50%" style="font-size: 9px; color: red; font-weight: bold;">Description (Shown of \'Gifts\' Page)</td>
561 </tr>
562 </table>
563 <br><center><button type="submit" name="done" value="true" class="ide_button">Add Product</form></center>';
564 }
565 elseif ($step == '4' && $_POST['done'] == 'true') {
566 $errors = '';
567 if ($_POST['points'] || $_POST['item'] || $_POST['count']) {
568 if($_POST['points']) {
569 if (!(!preg_match('/[^0-9]/', $_POST['points'])))
570 $errors .= '1';
571 }
572 elseif($_POST['item']) {
573 if (!(!preg_match('/[^0-9]/', $_POST['item'])))
574 $errors .= '2';
575 }
576 elseif($_POST['count']) {
577 if (!(!preg_match('/[^0-9]/', $_POST['count'])))
578 $errors .= '3';
579 }
580 }
581 if ($errors == '') {
582 echo '<div style="text-align: center; font-size: 15px; color: #4EBF37; font-weight: bold;">Product Added!</div><br>
583 <table border="0" cellspacing="1" cellpadding="4" width="100%">
584 <tr class="highlight">
585 <td style="font-weight: bold;" width="50%">Product Name:</td>
586 <td width="50%">'.$_POST['name'].'</td>
587 </tr>
588 <tr class="highlight">
589 <td style="font-weight: bold;" width="50%">Category:</td>
590 <td width="50%">'.$categories[$_POST['category']].'</td>
591 </tr>
592 <tr class="highlight">
593 <td style="font-weight: bold;" width="50%">Type:</td>
594 <td width="50%">'.$types[$_POST['category']][$_POST['type']].'</td>
595 </tr>
596 <tr class="highlight">
597 <td style="font-weight: bold;" width="50%">Point Cost:</td>
598 <td width="50%">'.$_POST['points'].'</td>
599 </tr>';
600 if($_POST['type'] == '1') {
601 echo '<tr class="highlight"><td style="font-weight: bold;" width="50%">Premium Days:</td>
602 <td width="50%">'.$_POST['count'].'</td>
603 </tr>';
604 }
605 elseif ($_POST['type'] == '5' || $_POST['type'] == '6' || $_POST['type'] == '7' || $_POST['type'] == '8') {
606 echo '<tr class="highlight"><td style="font-weight: bold;" width="50%">Item ID:</td>
607 <td width="50%">'.$_POST['item'].'</td>
608 </tr>
609 <tr class="highlight"><td style="font-weight: bold;" width="50%">Count:</td>
610 <td width="50%">'.$_POST['count'].'</td>
611 </tr>';
612 }
613 echo '<tr class="highlight"><td style="font-weight: bold;" width="50%">Description:</td>
614 <td width="50%">'.$_POST['description'].'</td>
615 </tr></table>';
616 $PostItem = (!isset($_POST['item']))?'0':$_POST['item'];
617 $PostCount = (!isset($_POST['count']))?'0':$_POST['count'];
618 $SQL->query("INSERT INTO shop_offer (`id`, `points`, `category`, `type`, `item`, `count`, `description`, `name`) VALUES (NULL, '".$_POST['points']."', '".$_POST['category']."', '".$_POST['type']."', '".$PostItem."', '".$PostCount."', '".$_POST['description']."', '".$_POST['name']."')");
619 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/admin">Go Back to Shop Admin</a></div>';
620 }
621 else {
622 alert('Sorry but 1 or more spaces contains invalid characters.');
623 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/admin">Go Back to Shop Admin</a></div>';
624 }
625 }
626 else {
627 header("Location: ".WEBSITE."/index.php/p/v/shop/admin/add/1");
628 }
629 }
630 elseif ($manage == 'delete') {
631 $product = $this->uri->segment(6);
632 if (!$product) {
633 echo '<div id="accordion">';
634 $i = 0;
635 foreach($categories as $key=>$value) {
636 echo '<h3><a href="#">'.$categories[$key].'</a></h3>
637 <div>';
638 if($SQL->query('SELECT * FROM shop_offer WHERE category = '.$key.'')->fetch()) {
639 echo '<table border="0" cellspacing="1" cellpadding="4" width="100%">
640 <tr>
641 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Picture</td>
642 <td width="40%" class="white" style="text-align: center; font-weight: bold;">Product</td>
643 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Points</td>
644 <td width="20%" class="white" style="text-align: center; font-weight: bold;">Action</td>
645 </tr>';
646 foreach($SQL->query('SELECT * FROM shop_offer WHERE category = '.$key.'') as $item) {
647 if (is_int($i / 2))
648 $bgcolor = "#ececec";
649 else
650 $bgcolor = "#ffffff";
651 $i++;
652 echo '<tr class="highlight" bgcolor="'.$bgcolor.'" style="text-align: center;">
653 <td>';
654 if($item['category'] == '1')
655 $image = 'public/images/'.$item['type'].'.gif';
656 else
657 $image = 'public/images/items/'.$item['item'].'.gif';
658 if(!file_exists($image))
659 echo 'NO IMAGE';
660 else
661 echo '<img height="32px" width="32px" src="'.WEBSITE.'/'.$image.'"/>';
662 echo '</td>
663 <td><b>'.$item['name'].'</b><br>'.$item['description'].'</td>
664 <td>'.$item['points'].'</td>
665 <td><button type="submit" onClick="window.location.href=\''.WEBSITE.'/index.php/p/v/shop/admin/delete/'.$item['id'].'\';" class="ide_button">Delete Offer</button></td>
666 </tr>';
667 }
668 echo '</table></div>';
669 }
670 else {
671 alert("This category doesn't have products.");
672 echo '</div>';
673 }
674 }
675 echo '</div>';
676 }
677 else {
678 if($SQL->query('SELECT * FROM shop_offer WHERE id = '.$product.'')->fetch()) {
679 $SQL->query('DELETE FROM shop_offer WHERE id = '.$product.'');
680 $SQL->query('DELETE FROM shop_history WHERE product = '.$product.'');
681 echo '<div style="text-align: center; font-size: 15px; color: #4EBF37; font-weight: bold;">Product Deleted!</div><br>
682 <center>The product ID <b>'.$product.'</b> has been deleted from DataBase.</center>';
683 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/admin">Go Back to Shop Admin</a></div>';
684 }
685 else {
686 header("Location: ".WEBSITE."/index.php/p/v/shop/admin/delete");
687 }
688 }
689 }
690 elseif ($manage == 'points') {
691 if (!isset($_POST['submit'])) {
692 echo '<div id="accordion">
693 <h3><a href="#">Add Points</a></h3>
694 <div>
695 <table border="0" cellspacing="1" cellpadding="4" width="100%">
696 <tr>
697 <form method="post" action="'.$_SERVER['PHP_SELF'].'">
698 <td>Select Player:</td>
699 <td><select name="player">';
700 foreach($SQL->query('SELECT * FROM players ORDER BY name DESC') as $player) {
701 echo '<option value="'.$player['id'].'">'.$player['name'].'</option>';
702 }
703 echo '</select></td>
704 </tr><tr>
705 <td>Or Type a Name:</td>
706 <td><input type="text" name="other_char" size="10"/></td>
707 </tr><tr>
708 <td>Points to Add:</td>
709 <td><input type="text" name="points" size="10"/></td>
710 </tr><tr>
711 <td></td>
712 <td><button type="submit" name="submit" value="add" class="ide_button"><button class="ide_button">Add Points</button></td>
713 </tr>
714 </table></form>
715 </div>
716 <h3><a href="#">Remove Points</a></h3>
717 <div>
718 <table border="0" cellspacing="1" cellpadding="4" width="100%">
719 <tr>
720 <form method="post" action="'.$_SERVER['PHP_SELF'].'">
721 <td>Select Player:</td>
722 <td><select name="player">';
723 foreach($SQL->query('SELECT * FROM players ORDER BY name DESC') as $player) {
724 echo '<option value="'.$player['id'].'">'.$player['name'].'</option>';
725 }
726 echo '</select></td>
727 </tr><tr>
728 <td>Or Type a Name:</td>
729 <td><input type="text" name="other_char" size="10"/></td>
730 </tr><tr>
731 <td>Points to Remove:</td>
732 <td><input type="text" name="points" size="10"/></td>
733 </tr><tr>
734 <td></td>
735 <td><button type="submit" name="submit" value="remove" class="ide_button"><button class="ide_button">Remove Points</button></td>
736 </tr>
737 </table></form>
738 </div>
739 </div>';
740 }
741 else {
742 $errors = "";
743 if(!isset($_POST['other_char']) || $_POST['other_char'] == '') {
744 $destination = $_POST['player'];
745 }
746 else {
747 $ID = $SQL->query('SELECT id FROM players WHERE name = "'.$_POST['other_char'].'"')->fetch();
748 if($ID)
749 $destination = $ID['id'];
750 else
751 $errors .= "Player <b>".$_POST['other_char']."</b> doesn't exists.<br>";
752 }
753 if($_POST['points'] == '0' || $_POST['points'] < '0')
754 $errors .= "Points quantity must be higher than 0!<br>";
755 elseif (!(!preg_match('/[^0-9]/', $_POST['points'])))
756 $errors .= "Point quantity must be a <b>numeric value</b>!";
757
758 if(isset($destination)) {
759 $player = $SQL->query('SELECT name FROM players WHERE id = "'.$destination.'"')->fetch();
760 $account = $SHOP->getPlayerAccount($player['name'])->fetch();
761 if ($_POST['submit'] == 'remove') {
762 if ($SHOP->points($account['name']) == '0' || $SHOP->points($account['name']) < '0')
763 $errors .= "Player <b>".$player['name']."</b> doesn't have any points.<br>";
764 }
765 }
766
767 if ($errors == '') {
768 $player = $SQL->query('SELECT name FROM players WHERE id = "'.$destination.'"')->fetch();
769 $account = $SHOP->getPlayerAccount($player['name'])->fetch();
770 echo '<div style="text-align: center; font-size: 15px; color: #4EBF37; font-weight: bold;">Points '; echo ($_POST['submit'] == 'add')?'added':'removed'; echo '!</div><br>
771 <center>You have '; echo ($_POST['submit'] == 'add')?'added':'removed'; echo ' <b>'.$_POST['points'].'</b> points to <b>'.$player['name'].'</b>\'s Account.</center>';
772 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/admin/points">Go Back to Points Manage</a></div>';
773 if($_POST['submit'] == 'add')
774 $SQL->query('UPDATE accounts SET premium_points = '.($SHOP->points($account['name']) + $_POST['points']).' WHERE name = "'.$account['name'].'"');
775 elseif($_POST['submit'] == 'remove')
776 $SQL->query('UPDATE accounts SET premium_points = '.($SHOP->points($account['name']) - $_POST['points']).' WHERE name = "'.$account['name'].'"');
777 }
778 else {
779 alert($errors);
780 echo '<div align="right"><a href="'.WEBSITE.'/index.php/p/v/shop/admin/points">Go Back to Points Manage</a></div>';
781 }
782 }
783 }
784 else {
785 header("Location: ".WEBSITE."/index.php/p/v/shop/admin");
786 }
787 }
788 else {
789 header("Location: ".WEBSITE."/index.php");
790 }
791 }
792 else {
793 header("Location: ".WEBSITE."/index.php/p/v/shop");
794 }
795 }
796 elseif(!$SHOP->isInstalled()) {
797 if($ide->isAdmin()) {
798 $SHOP->install();
799 echo '<div style="text-align: center; font-size: 15px; color: #4EBF37; font-weight: bold;">Shop System Succesfully Installed!</div><br>
800 <center>Your shop system has been installed succesfully!! click <a href="'.WEBSITE.'/index.php/p/v/shop">HERE</a> to see your shop</center>';
801 }
802 else {
803 header("Location: ".WEBSITE."/index.php");
804 }
805
806 }
807}
808else {
809 header("Location: ".WEBSITE."/index.php");
810}
811?>