Untitled

<?PHP
$user_premium_points = $logged ? $account_logged->getPremiumPoints() : 0;

function getItemByID($id) {
    global $SQL;
    if(!$data = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.quote($id))->fetch())
        return 0;
    $a = array();
    if ($data['offer_type'] == 'pacc')
    {
        $a['id'] = $data['id'];
        $a['type'] = $data['offer_type'];
        $a['days'] = $data['count1'];
        $a['points'] = $data['points'];
        $a['description'] = $data['offer_description'];
        $a['name'] = $data['offer_name'];
    }
    elseif ($data['offer_type'] == 'item' || $data['offer_type'] == 'package')
    {
        $a['id'] = $data['id'];
        $a['type'] = $data['offer_type'];
        $a['item_id'] = $data['itemid1'];
        $a['item_count'] = $data['count1'];
        $a['points'] = $data['points'];
        $a['description'] = $data['offer_description'];
        $a['name'] = $data['offer_name'];
    }
    elseif ($data['offer_type'] == 'container')
    {
        $a['id'] = $data['id'];
        $a['type'] = $data['offer_type'];
        $a['container_id'] = $data['itemid2'];
        $a['container_count'] = $data['count2'];
        $a['item_id'] = $data['itemid1'];
        $a['item_count'] = $data['count1'];
        $a['points'] = $data['points'];
        $a['description'] = $data['offer_description'];
        $a['name'] = $data['offer_name'];
    }
    elseif ( in_array($data['offer_type'], array('unban','redskull','changename')) ) {
        $a['id'] = $data['id'];
        $a['type'] = $data['offer_type'];
        $a['points'] = $data['points'];
        $a['description'] = $data['offer_description'];
        $a['name'] = $data['offer_name'];
    }
    return $a;
}

if($action == '')
{
    unset($_SESSION['viewed_confirmation_page']);
    $main_content .= '<h2><center>Welcome to '.$config['server']['serverName'].' shop</center></h2>';
    $offer_list = array();
    foreach($SQL->query('SELECT * FROM z_shop_offer')->fetchAll() as $q) {
        if ($q['offer_type'] == 'pacc') {
            $offer_list['pacc'][] = array(
                'id' => $q['id'],
                'days' => $q['count1'],
                'points' => $q['points'],
                'description' => $q['offer_description'],
                'name' => $q['offer_name']
            );
        }
        elseif ($q['offer_type'] == 'item' || $q['offer_type'] == 'package') {
            $a = array(
                'id' => $q['id'],
                'item_id' => $q['itemid1'],
                'item_count' => $q['count1'],
                'points' => $q['points'],
                'description' => $q['offer_description'],
                'name' => $q['offer_name']
            );
            if($q['offer_type'] == 'item')
                $offer_list[$q['offer_type']][(int)$q['group']][] = $a;
            else
                $offer_list[$q['offer_type']][] = $a;
        }
        elseif ($q['offer_type'] == 'container') {
            $offer_list['container'][] = array(
                'id' => $q['id'],
                'item_id' => $q['itemid1'],
                'item_count' => $q['count1'],
                'container_id' => $q['itemid2'],
                'container_count' => $q['count2'],
                'points' => $q['points'],
                'description' => $q['offer_description'],
                'name' => $q['offer_name']
            );
        }
        elseif ( in_array($q['offer_type'], array('unban','redskull','changename')) ) {
            $offer_list[$q['offer_type']][] = array(
                'id' => $q['id'],
                'points' => $q['points'],
                'description' => $q['offer_description'],
                'name' => $q['offer_name']
            );
        }
    }

$tabs = array("all","packages","weapons","equipment","tools","others");
    $main_content .= '
<style type="text/css">
#tabs tr td {
    border: 1px solid rgb(216, 175, 106);
    background-color: rgb(248, 220, 155);
    padding: 5px;
    cursor: pointer;
    font-size: 8pt;
    font-weight: 700;
}
#tabs tr td:hover {
    background-color: rgb(255, 255, 255);
}
#tabs tr td.active {
    background-color: rgb(255, 255, 255);
}
.tabStyle, .tabStyleActive {
    float:left;
    margin-left:5px;
    padding:5px;
    border-top-right-radius:5px;
    border-top-left-radius:5px;
    border:1px black solid;
    border-bottom:none;
    position:relative;
    top:1px;
    z-index:8;
}
.tabStyleActive {
    z-index:10;
    background-color: #A78520;
}
.tabBox {
    background-color: #A78520;
    padding:5px;
    clear:left;
    position:relative;
    border-radius:5px;
    box-shadow:0 0 10px #222;
    border:1px black solid;
    z-index:9;
}
</style>
<script type="text/javascript">
var a = [';
foreach($tabs as $i => $v)
    $main_content .= ($i === 0 ? '' : ',').'"'.$v.'"';
$main_content .= '];
var active = \'all\';

function tab(e){
    if(active===e) {
        return;
    }
    active = e;
    for(var i in a) {
        var v = a[i];
        document.getElementById(\'t_\'+v).style.display = (v == e ? \'block\' : \'none\');
        document.getElementById(\'tab_\'+v).className = (v == e ? \'tabStyleActive\' : \'tabStyle\');
    }
}
</script>
';
foreach($tabs as $v)
    $main_content .= '<div id="tab_'.$v.'"'.($v === 'all' ? ' class="tabStyleActive"' : ' class="tabStyle"').'><a href="javascript:tab(\''.$v.'\');">'.strtoupper($v).'</a></div>';
$main_content .= '
<div class="tabBox">';

$all = array();
$main_content .= '<table border="0" cellpadding="4" cellspacing="1" width="100%" id="t_all" style="display:block;"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>&nbsp;ALL OFFERS</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="50" align="center"><font color=red><b>Picture</b></font></td><td width="350" align="left"><font color=red><b>Description</b></font></td><td width="250" align="center"><font color=red><b>Select product</b></font></td></tr>';

function displayArray($e, $type) {
    ob_start();
    global $i, $config, $logged;
    foreach($e as $item) {
        ++$i;
        if($type === 'package') {
            $s = explode(',', $item['item_id']);
            $item['item_id'] = end($s);
        }
        echo '<tr bgcolor="'.($type === 'unban' ? 'gold' : $config['site'][$i & 1  ? 'lightborder' : 'darkborder']).'"><td align="center">';
        if(in_array($type, array('package', 'item', 'container')))
            echo '<img src="'.($type == 'package' ? 'images/items/'.$item['item_id'].'.gif' : 'item_images/'.$item['id'].'.jpg').'">';
        elseif($type === 'unban')
            echo 'Unban';
        elseif($type === 'changename')
            echo 'Change<br/>Name';
        elseif($type === 'pacc')
            echo $item['days'];

        echo '</td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
        if(!$logged)
            echo '<b>Login to buy</b>';
        else
            echo '<form action="?subtopic=shopsystem&action=select_player" method="post"><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br/><b>for '.$item['points'].' points</b></form>';
        echo '</td></tr>';
    }
    $GLOBALS['main_content'] .= ob_get_clean();
}

$i = 0;
foreach($offer_list as $type => $v) {
    if($type == 'item') {
        foreach($v as $item)
            displayArray($item, 'item');
    }
    else
        displayArray($v, $type);
}
$main_content .= '</table>';

    if(!empty($offer_list['package'])) {
        $main_content .= '<table border="0" cellpadding="4" cellspacing="1" width="100%" id="t_packages" style="display:none;"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>&nbsp;PACKAGES</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="50" align="center"><font color=red><b>Picture</b></font></td><td width="350" align="left"><font color=red><b>Description</b></font></td><td width="250" align="center"><font color=red><b>Select product</b></font></td></tr>';
        foreach($offer_list['package'] as $i => $item) {
            $item['item_id'] = explode(',', $item['item_id']);
            $main_content .= '<tr bgcolor="'.$config['site'][$i & 1  ? 'darkborder' : 'lightborder'].'"><td align="center"><img src="images/items/'.end($item['item_id']).'.gif"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
            if(!$logged) {
                $main_content .= '<b>Login to buy</b>';
            }
            else {
                $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
            }
            $main_content .= '</td></tr>';
        }
        $main_content .= '</table>';
    }

    if(!empty($offer_list['item'])) {
        $tab = array(0 => 'weapons', 1 => 'equipment', 2 => 'tools');
        foreach($offer_list['item'] as $group => $k) {
            $main_content .= '<table border="0" cellpadding="4" cellspacing="1" width="100%" id="t_'.$tab[$group].'" style="display:none"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>&nbsp;'.strtoupper($tab[$group]).'</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="50" align="center"><font color=red><b>Picture</b></font></td><td width="350" align="left"><font color=red><b>Description</b></font></td><td width="250" align="center"><font color=red><b>Select product</b></font></td></tr>';
            foreach($k as $i => $item) {
                $main_content .= '<tr bgcolor="'.$config['site'][$i & 1  ? 'darkborder' : 'lightborder'].'"><td align="center"><img src="item_images/'.$item['id'].'.jpg"></td><td><b>'.$item['name'].'</b> ('.$item['points'].' points)<br />'.$item['description'].'</td><td align="center">';
                if(!$logged) {
                    $main_content .= '<b>Login to buy</b>';
                }
                else {
                    $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$item['id'].'"><input type="submit" value="Buy '.$item['name'].'"><br><b>for '.$item['points'].' points</b></form>';
                }
                $main_content .= '</td></tr>';
            }
            $main_content .= '</table>';
        }
    }

    $main_content .= '<table border="0" cellpadding="4" cellspacing="1" width="100%" id="t_others" style="display:none;"><tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>&nbsp;OTHERS</b></font></td></tr><tr bgcolor="'.$config['site']['darkborder'].'"><td width="50" align="center"><font color=red><b></b></font></td><td width="350" align="left"><font color=red><b>Description</b></font></td><td width="250" align="center"><font color=red><b>Select product</b></font></td></tr>';
    if(!empty($offer_list['pacc']))
    $i = 0;
    foreach($offer_list['pacc'] as $pacc)
    {
        $main_content .= '<tr bgcolor="'.$config['site'][(is_int($i/2))  ? 'lightborder' : 'darkborder'].'"><td align="center"><font color="black">'.$pacc['days'].'</td><td><font color="black"<b>'.$pacc['name'].'</b> ('.$pacc['points'].' points)<br />'.$pacc['description'].'</td><td align="center">';
        $i++;
        if(!$logged)
        {
        $main_content .= '<b>Login to buy</b>';
        }
        else
        {
        $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$pacc['id'].'"><input type="submit" value="Buy '.$pacc['name'].'"><br><font color="black"<b>for '.$pacc['points'].' points</b></form>';
        }
    }
    if(!empty($offer_list['changename']))
    foreach($offer_list['changename'] as $changename)
    {
        $main_content .= '<tr bgcolor="'.$config['site'][$i & 1  ? 'darkborder' : 'lightborder'].'"><td align="center"><font color="black">Change Name</td><td><font color="black"<b>'.$changename['name'].'</b> ('.$changename['points'].' points)<br />'.$changename['description'].'</td><td align="center">';
        if(!$logged)
        {
        $main_content .= '<b>Login to buy</b>';
        }
        else
        {
        $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$changename['id'].'"><input type="submit" value="Buy '.$changename['name'].'"><br><font color="black"<b>for '.$changename['points'].' points</b></form>';
        }
    }
    if(!empty($offer_list['redskull']))
    //Remove Red Skull
    foreach($offer_list['redskull'] as $redskull)
    {
        $main_content .= '<tr bgcolor="gold"><td align="center"><img src="item_images/'.$redskull['id'].'.jpg"></td><td><font color="black"<b>'.$redskull['name'].'</b> ('.$redskull['points'].' points)<br />'.$redskull['description'].'</td><td align="center">';
        if(!$logged)
        {
        $main_content .= '<b>Login to buy</b>';
        }
        else
        {
        $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$redskull['id'].'"><input type="submit" value="Buy '.$redskull['name'].'"><br><font color="black"<b>for '.$redskull['points'].' points</b></form>';
        }
        $main_content .= '</td></tr>';
    }
    if(!empty($offer_list['unban']))
    //Unban
    foreach($offer_list['unban'] as $unban)
    {
        $main_content .= '<tr bgcolor="gold"><td align="center"><font color="black">Unban</td><td><font color="black"<b>'.$unban['name'].'</b> ('.$unban['points'].' points)<br />'.$unban['description'].'</td><td align="center">';
        if(!$logged)
        {
        $main_content .= '<b>Login to buy</b>';
        }
        else
        {
        $main_content .= '<form action="?subtopic=shopsystem&action=select_player" method=POST><input type="hidden" name="buy_id" value="'.$unban['id'].'"><input type="submit" value="Buy '.$unban['name'].'"><br><font color="black"<b>for '.$unban['points'].' points</b></form>';
        }
        $main_content .= '</td></tr>';
    }
    $main_content .= '</table></div>'; // sec
}

elseif($action == 'select_player')
{
    unset($_SESSION['viewed_confirmation_page']);
    if(!$logged) {
    $main_content .= 'Please login first.';
    }
    else
    {
    $buy_id = (int) $_REQUEST['buy_id'];
    if(empty($buy_id))
    {
        $main_content .= 'Please <a href="?subtopic=shopsystem">select item</a> first.';
    }
    else
    {
        if($buy_offer = getItemByID($buy_id)) //item exist in database
        {
        if($buy_offer['type'] != 'changename') {
        if($user_premium_points >= $buy_offer['points'])
        {
            $main_content .= '<h2>Select player</h2>
            <table border="0" cellpadding="1" cellspacing="1" width="100%">
            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="gold" size="4"><b>Selected offer</b></font></td></tr>
            <tr bgcolor="gold"><td width="100"><b>Name:</b></td><td width="550">'.$buy_offer['name'].'</td></tr>
            <tr bgcolor="gold"><td width="100"><b>Description:</b></td><td width="550">'.$buy_offer['description'].'</td></tr>
            </table><br />
            <form action="?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
            <table border="0" cellpadding="1" cellspacing="1" width="100%">
            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="gold" size="4"><b>Give item/pacc* to player from your account</b></font></td></tr>
            <tr bgcolor="gold"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
            $players_from_logged_acc = $account_logged->getPlayersList();
            if(count($players_from_logged_acc) > 0)
            {
            $players_from_logged_acc->orderBy('name');
            foreach($players_from_logged_acc as $player)
            {
                $main_content .= '<option>'.$player->getName().'</option>';
            }
            }
            else
            {
            $main_content .= 'You don\'t have any character on your account.';
            }
            $main_content .= '</select>&nbsp;<input type="submit" value="Give"></td></tr>
            </table>
            </form><br /><form action="?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
            <table border="0" cellpadding="1" cellspacing="1" width="100%">
            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="gold" size="4"><b>Give item/pacc* to other player</b></font></td></tr>
            <tr bgcolor="gold"><td width="110"><b>To player:</b></td><td width="550"><input type="text" name="buy_name"> - name of player on</td></tr>
            <tr bgcolor="gold"><td width="110"><b>From:</b></td><td width="550"><input type="text" name="buy_from">&nbsp;<input type="submit" value="Give"> - your nick, \'empty\' = Anonymous</td></tr>
            </table><br />
            </form>';

            $main_content .= '*PACC is for all characters from account of selected player name';
        }
        else
        {
            $main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points. You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="?subtopic=shopsystem">select other item</a> or buy premium points.';
        }
        }
        else
        {
            $main_content .= '<form action="?subtopic=shopsystem&action=confirm_transaction" method=POST><input type="hidden" name="buy_id" value="'.$buy_id.'">
            <table border="0" cellpadding="1" cellspacing="1" width="100%">
            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="2"><font color="gold" size="4"><b>Change Name:</b></font></td></tr>
            <tr bgcolor="gold"><td width="110"><b>Name:</b></td><td width="550"><select name="buy_name">';
            $players_from_logged_acc = $account_logged->getPlayersList();
            if(count($players_from_logged_acc) > 0)
            {
            $players_from_logged_acc->orderBy('name');
            foreach($players_from_logged_acc as $player)
            {
                $main_content .= '<option>'.$player->getName().'</option>';
            }
            }
            else
            {
            $main_content .= 'You don\'t have any character on your account.';
            }
            $main_content .= '</select></td></tr>
            <tr bgcolor="gold"><td width="110"><b>New name:</b></td><td width="550"><input type="text" name="buy_from">&nbsp;<input type="submit" value="Change Name"></td></tr>
            </table><br />
            </form>';
            }
        }
        else
        {
        $main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="?subtopic=shopsystem">select item</a> again.';
        }
    }
    }
}
elseif($action == 'confirm_transaction')
{
    if(!$logged) {
        $main_content = 'Please login first.';
        return;
    }

    if(($buy_id = (int) $_POST['buy_id']) < 1) {
        $main_content = 'Please <a href="?subtopic=shopsystem">select item</a> first.';
        return;
    }

    if($buy_offer = getItemByID($buy_id)) {
        if($user_premium_points >= $buy_offer['points']) {
            $buy_name = stripslashes(urldecode($_POST['buy_name']));
            if(check_name($buy_name)) {
                $buy_player = new OTS_Player();
                $buy_player->find($buy_name);
                if($buy_player->isLoaded()) {
                    $buy_player_account = $buy_player->getAccount();
                    $buy_from = stripslashes(urldecode($_POST['buy_from']));
                    if($_SESSION['viewed_confirmation_page'] == 'yes' && $_POST['buy_confirmed'] == 'yes') {
                        if($buy_offer['type'] == 'pacc') {
                            $player_premdays = $buy_player_account->getCustomField('premdays');
                            $player_lastlogin = $buy_player_account->getCustomField('lastday');
                            $save_transaction = 'INSERT INTO z_shop_history_pacc (id, to_name, to_account, from_nick, from_account, price, pacc_days, trans_state, trans_start, trans_real) VALUES (NULL, '.quote($buy_player->getName()).', '.quote($buy_player_account->getId()).', '.quote($buy_from).',  '.quote($account_logged->getId()).', '.quote($buy_offer['points']).', '.quote($buy_offer['days']).', \'realized\', '.quote(time()).', '.quote(time()).');';
                            $SQL->query($save_transaction);
                            $buy_player_account->setCustomField('premdays', $player_premdays+$buy_offer['days']);
                            $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                            $user_premium_points = $user_premium_points - $buy_offer['points'];
                            if($player_premdays == 0)
                            {
                                $buy_player_account->setCustomField('lastday', time());
                            }
                            $main_content .= '<h2>PACC added!</h2><b>'.$buy_offer['days'].' days</b> of Premium Account added to account of player <b>'.$buy_player->getName().'</b> for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />You now have <b>'.$user_premium_points.' premium points</b>.<br /><a href="?subtopic=shopsystem">GO TO MAIN SHOP SITE</a>';
                        }
                        elseif($buy_offer['type'] == 'unban') {
                            if($SQL->query('DELETE FROM bans WHERE value= '.$account_logged->getId().' LIMIT 1')) {
                                $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                                $user_premium_points = $user_premium_points - $buy_offer['points'];
                                $main_content .= '
                                <h2>
                                    Ban Deleted!
                                </h2>
                                <b>
                                    Your account has been unbanned for '.$buy_offer['points'].' premium points
                                </b>
                                from your account.
                                <br>
                                You now have
                                    <b>
                                    '.$user_premium_points.' premium points
                                    </b>.
                                <br>
                                <a href="?subtopic=shopsystem">
                                    GO TO MAIN SHOP SITE
                                </a>';
                            }
                            else {
                                $main_content .= '
                                <b>
                                You don\'t have any bans in your account!
                                </b>
                                <br>
                                <a href="?subtopic=shopsystem">
                                GO BACK
                                </a>';
                            }
                        }
////////////////////////////////
//////////////////////////
                        elseif($buy_offer['type'] == 'changename') {
                            if(strlen($buy_from) > 2 && strlen($buy_from) < 26 && strspn("$buy_from", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM ") === strlen($buy_from) && check_name_new_char($buy_from)) {
                                $id = $buy_player->getId();
                                if($SQL->query('SELECT 1 FROM players WHERE id = '.$id.' AND online=0')->rowCount()) {
                                    $buy_from = quote(ucwords(strtolower($buy_from)));
                                    if(!$SQL->query('SELECT 1 FROM players WHERE name = '. $buy_from)->rowCount()) {
                                        $SQL->query('UPDATE `players` SET `name` = '. $buy_from .' WHERE `id` = '. $id);

                                        $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                                        $user_premium_points = $user_premium_points - $buy_offer['points'];
                                        $main_content .= '
                            <h2>Your name has changed to '.$buy_from.'</h2>
                            You have <b>'.$user_premium_points.'</b> premium points left.<br/>
                            <a href="?subtopic=shopsystem">GO TO MAIN SHOP SITE</a>';
                                    } else
                                        $main_content .= '<b>The name <b>'.$buy_from.'</b> is already used.</b>';
                                } else
                                    $main_content .= '<b>'.$buy_name.' has to be offline to complete transaction.</b>';
                            } else
                                $main_content .= '<b>Invalid name.</b>';
                            $main_content .= '<br/><a href="?subtopic=shopsystem">GO BACK</a>';
                        }
//////////////////////////
    ////////////////////////////////
                        elseif($buy_offer['type'] == 'redskull') {
                            //Obtener id ed la cuenta
                            $my_acc_id = $buy_player->getId();;
                            $dataget = $SQL->query('SELECT * FROM players WHERE id = '.$my_acc_id.';')->fetch();
                            if($dataget['redskull'] == '1' AND $dataget['online'] >= '0' AND $dataget['redskulltime'] > '0') {

                                    $SQL->query('UPDATE players SET redskull=0, redskulltime=0 WHERE id='. $my_acc_id .';');
                                $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                                $user_premium_points = $user_premium_points - $buy_offer['points'];
                                $main_content .= '
                                <h2>
                                    RedSkull Removed!
                                </h2>
                                <b>
                                    Your redskull has been removed to the player '.$buy_player->getName().',
                                <br>
                                You now have
                                    <b>
                                    '.$user_premium_points.' premium points
                                    </b>.
                                <br>
                                <a href="?subtopic=shopsystem">
                                    GO TO MAIN SHOP SITE
                                </a>';
                            } else
                            {
                                $main_content .= '
                                <b>
                                '.$buy_player->getName().' has to be offline and have redskull to complete transaction!.
                                </b>
                                <br>
                                <a href="?subtopic=shopsystem">
                                GO BACK
                                </a>';
                            }
                        }
//////////////////////////
                        elseif($buy_offer['type'] == 'item' || $buy_offer['type'] == 'package') {
                            $SQL->query('INSERT INTO z_ots_comunication (id, guid, type, action, param1, param2, param3, param4, param5, param6) VALUES (NULL, '.quote($buy_player->getId()).', \'login\', \'give_item\', '.quote($buy_offer['item_id']).', '.quote($buy_offer['item_count']).', \'\', \'\', \''.$buy_offer['type'].'\', '.quote($buy_offer['name']).');');
                            $SQL->query('INSERT INTO z_shop_history_item (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.quote($buy_player->getName()).', '.$buy_player_account->getId().', '.quote($buy_from).',  '.$account_logged->getId().', '.$buy_offer['points'].', '.quote($buy_offer['name']).', \'wait\', '.time().', \'0\');');
                            $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                            $user_premium_points = $user_premium_points - $buy_offer['points'];
                            $main_content .= '<h2>Item added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> items for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />You now have <b>'.$user_premium_points.' premium points</b>.<br /><a href="?subtopic=shopsystem">GO TO MAIN SHOP SITE</a>';
                        }
                        elseif($buy_offer['type'] == 'container') {
                            $SQL->query('INSERT INTO z_ots_comunication (id, guid, type, action, param1, param2, param3, param4, param5, param6) VALUES (NULL, '.quote($buy_player->getId()).', \'login\', \'give_item\', '.quote($buy_offer['item_id']).', '.quote($buy_offer['item_count']).', '.quote($buy_offer['container_id']).', '.quote($buy_offer['container_count']).', \'container\', '.quote($buy_offer['name']).');');
                            $SQL->query('INSERT INTO z_shop_history_item (id, to_name, to_account, from_nick, from_account, price, offer_id, trans_state, trans_start, trans_real) VALUES ('.$SQL->lastInsertId().', '.quote($buy_player->getName()).', '.quote($buy_player_account->getId()).', '.quote($buy_from).',  '.quote($account_logged->getId()).', '.quote($buy_offer['points']).', '.quote($buy_offer['name']).', \'wait\', '.quote(time()).', \'0\');');
                            $account_logged->setCustomField('premium_points', $user_premium_points-$buy_offer['points']);
                            $user_premium_points = $user_premium_points - $buy_offer['points'];
                            $main_content .= '<h2>Container of items added!</h2><b>'.$buy_offer['name'].'</b> added to player <b>'.$buy_player->getName().'</b> items (he will get this container with items after relog) for <b>'.$buy_offer['points'].' premium points</b> from your account.<br />You now have <b>'.$user_premium_points.' premium points</b>.<br /><a href="?subtopic=shopsystem">GO TO MAIN SHOP SITE</a>';
                        }
                    }
                    else {
                        $set_session = TRUE;
                        $_SESSION['viewed_confirmation_page'] = 'yes';
                        if($buy_offer['type'] != 'changename') {
                            $main_content .= '<h2>Confirm transaction</h2>
                            <table border="0" cellpadding="1" cellspacing="1" width="100%">
                            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>Confirm transaction</b></font></td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>For Player:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
                            <tr bgcolor="gold"><td width="100"><b>From:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
                            <tr bgcolor="red"><td width="100"><b>Transaction?</b></td><td width="275" align="left">
                            <form action="?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($new_name).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
                            <td align="right"><form action="?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
                            </table>
                            ';
                        }
                        else {
                            $main_content .= '<h2>Confirm change name</h2>
                            <table border="0" cellpadding="1" cellspacing="1" width="100%">
                            <tr bgcolor="'.$config['site']['vdarkborder'].'"><td colspan="3"><font color="gold" size="4"><b>Confirm transaction</b></font></td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Name:</b></td><td width="550" colspan="2">'.$buy_offer['name'].'</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Description:</b></td><td width="550" colspan="2">'.$buy_offer['description'].'</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Cost:</b></td><td width="550" colspan="2"><b>'.$buy_offer['points'].' premium points</b> from your account</td></tr>
                            <tr bgcolor="gold"><td width="100"><b>Current Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_player->getName().'</font></td></tr>
                            <tr bgcolor="gold"><td width="100"><b>New Name:</b></td><td width="550" colspan="2"><font color="red">'.$buy_from.'</font></td></tr>
                            <tr bgcolor="red"><td width="100"><b>Change Name?</b></td><td width="275" align="left">
                            <form action="?subtopic=shopsystem&action=confirm_transaction" method="POST"><input type="hidden" name="buy_confirmed" value="yes"><input type="hidden" name="buy_id" value="'.$buy_id.'"><input type="hidden" name="buy_from" value="'.urlencode($buy_from).'"><input type="hidden" name="buy_name" value="'.urlencode($buy_name).'"><input type="submit" value="Accept"></form></td>
                            <td align="right"><form action="?subtopic=shopsystem" method="POST"><input type="submit" value="Cancel"></form></td></tr>
                            </table>
                            ';
                        }
                    }
                }
                else {
                    $main_content .= 'Player with name <b>'.$buy_name.'</b> doesn\'t exist. Please <a href="?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a>.';
                }
            }
            else {
                $main_content .= 'Invalid name format. Please <a href="?subtopic=shopsystem&action=select_player&buy_id='.$buy_id.'">select other name</a> or contact with administrator.';
            }
        }
        else {
            $main_content .= 'For this item you need <b>'.$buy_offer['points'].'</b> points. You have only <b>'.$user_premium_points.'</b> premium points. Please <a href="?subtopic=shopsystem">select other item</a> or buy premium points.';
        }
    }
    else {
        $main_content .= 'Offer with ID <b>'.$buy_id.'</b> doesn\'t exist. Please <a href="?subtopic=shopsystem">select item</a> again.';
    }

    if(!isset($set_session)) {
        unset($_SESSION['viewed_confirmation_page']);
    }
}
elseif($action == 'show_history')
{
    if(!$logged) {
    $main_content .= 'Please login first.';
    }
    else
    {
    $items_history_received = $SQL->query('SELECT * FROM z_shop_history_item WHERE to_account = '.quote($account_logged->getId()).' OR from_account = '.quote($account_logged->getId()).';');
    if(is_object($items_history_received)) {
        foreach($items_history_received as $item_received)
        {
        if($account_logged->getId() == $item_received['to_account'])
            $char_color = 'green';
        else
            $char_color = 'red';
        $items_received_text .= '<tr bgcolor="gold"><td><font color="'.$char_color.'">'.$item_received['to_name'].'</font></td><td>';
        if($account_logged->getId() == $item_received['from_account'])
            $items_received_text .= '<i>Your account</i>';
        else
            $items_received_text .= $item_received['from_nick'];
        $items_received_text .= '</td><td>'.$item_received['offer_id'].'</td><td>'.date("j F Y, H:i:s", $item_received['trans_start']).'</td>';
        if($item_received['trans_real'] > 0)
            $items_received_text .= '<td>'.date("j F Y, H:i:s", $item_received['trans_real']).'</td>';
        else
            $items_received_text .= '<td><b><font color="red">Not realized yet.</font></b></td>';
        $items_received_text .= '</tr>';
        }
    }
    $paccs_history_received = $SQL->query('SELECT * FROM z_shop_history_pacc WHERE to_account = '.quote($account_logged->getId()).' OR from_account = '.quote($account_logged->getId()).';');
    if(is_object($paccs_history_received)) {
        foreach($paccs_history_received as $pacc_received)
        {
        if($account_logged->getId() == $pacc_received['to_account'])
            $char_color = 'green';
        else
            $char_color = 'red';
        $paccs_received_text .= '<tr bgcolor="gold"><td><font color="'.$char_color.'">'.$pacc_received['to_name'].'</font></td><td>';
        if($account_logged->getId() == $pacc_received['from_account'])
            $paccs_received_text .= '<i>Your account</i>';
        else
            $paccs_received_text .= $pacc_received['from_nick'];
        $paccs_received_text .= '</td><td>'.$pacc_received['pacc_days'].' days</td><td>'.$pacc_received['price'].' Points</td><td>'.date("j F Y, H:i:s", $pacc_received['trans_real']).'</td></tr>';
        }
    }
    $main_content .= '<center><h1>Transactions History</h1></center>';
    if(!empty($items_received_text))
    {
        $main_content .= '<h2>Item transactions</h2><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=100%><tr bgcolor="gold"><td><b>To:</b></td><td><b>From:</b></td><td><b>Offer name</b></td><td><b>Bought on page</b></td><td><b>Received on OTS</b></td></tr>'.$items_received_text.'</table><br />';
    }
    if(!empty($paccs_received_text))
    {
        $main_content .= '<h2>PACC transactions</h2><table BORDER=0 CELLPADDING=1 CELLSPACING=1 WIDTH=100%><tr bgcolor="gold"><td><b>To:</b></td><td><b>From:</b></td><td><b>Duration</b></td><td><b>Cost</b></td><td><b>Added:</b></td></tr>'.$paccs_received_text.'</table><br />';
    }
    if(empty($paccs_received_text) && empty($items_received_text))
        $main_content .= 'You did not buy/receive any item or PACC.';
    }
}
if($logged)
    $main_content .= '<br/><br/>
    <div style="width: 100%">
        <div style="width: 350px; margin: 0px auto; background-color:white; text-align: center; border-radius: 5px; padding-top: 5px; padding-bottom:5px; box-shadow:0 0 10px #222; border:1px black solid;">
            <span style="color:green;font-weight:bold">Premium Points: </span></b>'.$user_premium_points.' (<a href="?subtopic=buypoints">Get points!</a>)
        </div>
    </div>';
if($logged && $group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
    $pl2 = $SQL->query('SELECT COUNT(*) FROM z_shop_points_bought WHERE amount')->fetch();
    $ppx = explode('\' \'',file_get_contents('ipn/paypal.log'));
    $ppe = 0;
    $i = 0;
    foreach ($ppx as $p) {
        if ($i % 4 == 3)
            $ppe += (int)$p;
        $i += 1;
    }
    setlocale(LC_MONETARY, 'en_US');
    $main_content .= '
    <div><br><br><b>Payment Stats</b>
    <br>ContenidoPago Earnings: '.number_format( ($pl2[0]*4.40)*0.6, 2, ',', ' ').'
    <br>Paypal Earnings: '.number_format( ($ppe)*0.95, 2, ',', ' ').'
    </div>
    ';
    }
?>