- <?php
- if (isset($_GET['FinishTrade'])) { include("traded.php"); exit; }
- session_start();
- include('config10.php');
- if(!isset($_SESSION['user'])){
- header ("Location: login.php?LoginNeeded"); exit;
- }
- require_once 'figg.php';
- $snorretje1 = mysql_query("SELECT * FROM `users` WHERE `username`='" . $_SESSION['user'] . "'");
- $user = mysql_fetch_object($snorretje1);
- $userID = $user->id;
- if(isSet($_GET['trainerID']) && isSet($_GET['action']) && $_GET['trainerID'] > 0 && $_GET['action'] == 'Trade') {
- $trainerID = intval($_GET['trainerID']);
- if($trainerID == $userID) { header('Location: trade.php?error=2'); exit; }
- if(isSet($_POST['submit'])) {
- $lastTrade = mysql_query("SELECT `tradeid` FROM trade ORDER BY `id` DESC");
- if(mysql_num_rows($lastTrade)) {
- $tradeID = mysql_fetch_object($lastTrade);
- $tradeID = $tradeID->tradeid+1;
- } else {
- $tradeID = 1;
- }
- if(isSet($_POST['mytrade'])) { $tCount = 0;
- $myQuery1 = "INSERT INTO `trade` (`from`, `tradee`, `pokid`,`tradeid`,`owner`) VALUES";
- foreach($_POST['mytrade'] AS $pokemon) { $tCount++;
- $pokemon = intval($pokemon);
- if($pokemon > 0) {
- $queryArray[] = $pokemon;
- $myQuery1 .= " ('{$userID}','{$trainerID}','{$pokemon}','{$tradeID}','{$userID}'),";
- }
- }
- }
- if(isSet($_POST['othertrade'])) { $pCount = 0;
- $otherQuery1 = "INSERT INTO `trade` (`from`, `tradee`, `pokid`,`tradeid`,`owner`) VALUES";
- foreach($_POST['othertrade'] AS $pokemon) { $pCount++;
- $pokemon = intval($pokemon);
- if($pokemon > 0) {
- $queryArray[] = $pokemon;
- $otherQuery1 .= " ('{$userID}','{$trainerID}','{$pokemon}','{$tradeID}','{$trainerID}'),";
- }
- }
- }
- $queryArray = '\''.implode('\',\'',$queryArray).'\'';
- if($tCount > 0) {
- $myQuery1 = substr_replace($myQuery1,';',-1);
- mysql_query($myQuery1);
- }
- if($pCount > 0) {
- $otherQuery1 = substr_replace($otherQuery1,';',-1);
- mysql_query($otherQuery1);
- }
- $updatePoke = "UPDATE poke_owned SET traded=1 WHERE id IN ($queryArray)";
- mysql_query($updatePoke);
- header('Location: trade.php?FinishTrade'); exit;
- }
- $checkTrainer = mysql_query("SELECT `username` FROM users WHERE id=$trainerID LIMIT 1");
- if(mysql_num_rows($checkTrainer)) {
- $trainerInfo = mysql_fetch_object($checkTrainer);
- $myPokemon = mysql_query("SELECT `id`,`name`,`level`,`gender` FROM `poke_owned` WHERE trainer='$user->username' AND `box`='1' ORDER BY `name` ASC");
- $traderPokemon = mysql_query("SELECT `id`,`name`,`level`,`gender` FROM `poke_owned` WHERE trainer='$trainerInfo->username' AND `box`='1' ORDER BY `name` ASC");
- } else {
- header('Location: trade.php?error=1'); exit;
- }
- }
- ?>
- <?include("left_menu.php");?>
- <div class="title">Trade Pokémon</div>
- <div class="contentcontent">
- <center>
- <?/*#######################*/?>
- <? if(isSet($_GET['trainerID']) && isSet($_GET['action']) && $_GET['trainerID'] > 0 && $_GET['action'] == 'Trade') { ?>
- <form action="trade.php?trainerID=<?=$trainerID;?>&action=Trade" method="POST">
- <table class="w100">
- <tr>
- <td class="w50">
- <p class="center">Your Pokémon<br />
- <select name="mytrade[]" multiple="multiple" size="20">
- <option value="niks" selected>(No Pokémon)</option>
- <? while($myPokemon1=mysql_fetch_object($myPokemon)){ ?><option value="<?=$myPokemon1->id?>"><?=$myPokemon1->name?> <?=$myPokemon1->gender?> (Level:<?=$myPokemon1->level?>)</option>
- <? } ?>
- </select>
- </p>
- </td>
- <td class="w50">
- <p class="center"><?=$trainerInfo->username?>'s Pokémon<br />
- <select name="othertrade[]" multiple="multiple" size="20">
- <option value="niks" selected>(No Pokémon)</option>
- <? while($traderPokemon1=mysql_fetch_object($traderPokemon)){ ?><option value="<?=$traderPokemon1->id?>"><?=$traderPokemon1->name?> <?=$traderPokemon1->gender?> (Level:<?=$traderPokemon1->level?>)</option>
- <? } ?>
- </select>
- </p>
- </td>
- </tr>
- </table>
- <input type="submit" name="submit" value="Trade">
- <form>
- <? } else { ?>
- Enter a trainer name, or part of it to search for them.<br><br>
- <form name="form" action="trade.php" method="GET">
- <input type="text" name="trainer" value="<? if(isSet($_GET['trainer'])) { echo $_GET['trainer']; } ?>" />
- <input type="submit" name="Submit" value="Find Trainer" class="button" />
- </form>
- <?
- if(isSet($_GET['error'])) {
- $error = intval($_GET['error']);
- switch ($error){
- case 1:
- echo '<br> <span style="color: #990000;">You cannot trade with a user that doesn\'t exist.</span>';
- break;
- case 2:
- echo '<br> <span style="color: #990000;">You cannot trade with yourself.</span>';
- break;
- default:
- }
- }
- if(isSet($_GET['trainer']) && isSet($_GET['Submit'])) {
- $searchTerm = mysql_real_escape_string($_GET['trainer']);
- if(strlen($searchTerm) < 3) {
- echo '<br> <span style="color: #990000;">You must enter at least 3 characters to find a trainer.</span>';
- } else {
- $doQuery = mysql_query("SELECT `id`,`username` FROM users WHERE username LIKE '%$searchTerm%' ORDER BY id DESC");
- if($tCount = mysql_num_rows($doQuery)) {
- echo 'You search for "<strong>',$searchTerm,'</strong>", we found ',number_format($tCount),' trainers.<br><br>';
- echo '<table cellpadding="3" cellspacing="0" border="0">';
- while($trainer = mysql_fetch_object($doQuery)) {
- echo '<tr><td>';
- echo $trainer->username;
- echo '</td><td> - <a href="trade.php?trainerID=',$trainer->id,'&action=Trade">Trade?</a> </td></tr>';
- }
- echo '</table>';
- } else {
- echo '<br> <span style="color: #990000;">We couldn\'t find any trainers for the characters entered. Try again.<span>';
- }
- }
- } ?>
- <? } ?>
- <?/*#######################*/?>
- <p> </p>
- </div>
- <?include("right_menu.php");?>
- </html>
Don't like ads? PRO users don't see any ads ;-)
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
create a new version of this paste
RAW Paste Data