Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- header("Content-type: text/plain");
- require("../include/util.php");
- $id = intval($_GET['id']);
- $itemq = mysqli_query($connect, "SELECT * FROM assets WHERE id='$id'") or die("Purchase failed: ". mysqli_error($connect));
- if (mysqli_num_rows($itemq) == 0) {
- die("Purchase failed: Invalid item!");
- }
- $_ITEM = mysqli_fetch_assoc($itemq);
- if ($_ITEM['currency'] == "Robux") {
- if ($CURRENT_USER['robux'] < $_ITEM['price']) {
- die("Purchase failed: Insufficient funds.");
- }
- if ($_ITEM['price'] < 0) {
- die("Purchase failed: This item is not for sale!");
- }
- $own_check = mysqli_num_rows(mysqli_query($connect, "SELECT * FROM owneditems WHERE itemid='$id' AND playerid='". $CURRENT_USER['id'] ."'"));
- if ($own_check != 0) {
- die("Purchase failed: You already own this item!");
- }
- $nextrobux = $CURRENT_USER['robux'] - $_ITEM['price'];
- $creator = mysqli_fetch_assoc(mysqli_query($connect, "SELECT * FROM users WHERE id='". $_ITEM['creatorid'] ."'")) or die("Purchase failed: ". mysqli_error($connect));
- $creatornextrobux = $creator['robux'] + $_ITEM['price'];
- $lower_funds = mysqli_query($connect, "UPDATE users SET robux='$nextrobux' WHERE id='". $CURRENT_USER['id'] ."'") or die("Purchase failed: ". mysqli_error($connect));
- $raise_funds = mysqli_query($connect, "UPDATE users SET robux='$creatornextrobux' WHERE id='". $_ITEM['creatorid'] ."'") or die("Purchase failed: ". mysqli_error($connect));
- $add_to_inventory = mysqli_query($connect,
- "INSERT INTO
- `owneditems`(`id`, `itemid`, `playerid`, `itemname`, `itemcreatorid`, `itemcreatorname`, `type`)
- VALUES (NULL,'$id','". $CURRENT_USER['id'] ."','". $_ITEM['name'] ."','". $_ITEM['creatorid'] ."','". $_ITEM['creator'] ."','". $_ITEM['type'] ."')"
- ) or die("Purchase failed: ". mysqli_error($connect));
- die ("Purchase completed!");
- } else {
- if ($CURRENT_USER['tickets'] < $_ITEM['price']) {
- die("Purchase failed: Insufficient funds.");
- }
- if ($_ITEM['price'] < 0) {
- die("Purchase failed: This item is not for sale!");
- }
- $own_check = mysqli_num_rows(mysqli_query($connect, "SELECT * FROM owneditems WHERE itemid='$id' AND playerid='". $CURRENT_USER['id'] ."'"));
- if ($own_check != 0) {
- die("Purchase failed: You already own this item!");
- }
- //die ("You have $own_check copies of this item.");
- $nexttickets = $CURRENT_USER['tickets'] - $_ITEM['price'];
- $creator = mysqli_fetch_assoc(mysqli_query($connect, "SELECT * FROM users WHERE id='". $_ITEM['creatorid'] ."'")) or die("Purchase failed: ". mysqli_error($connect));
- $creatornexttickets = $creator['tickets'] + $_ITEM['price'];
- $lower_funds = mysqli_query($connect, "UPDATE users SET tickets='$nexttickets' WHERE id='". $CURRENT_USER['id'] ."'") or die("Purchase failed: ". mysqli_error($connect));
- $raise_funds = mysqli_query($connect, "UPDATE users SET tickets='$creatornexttickets' WHERE id='". $_ITEM['creatorid'] ."'") or die("Purchase failed: ". mysqli_error($connect));
- $add_to_inventory = mysqli_query($connect,
- "INSERT INTO
- `owneditems`(`id`, `itemid`, `playerid`, `itemname`, `itemcreatorid`, `itemcreatorname`, `type`)
- VALUES (NULL,'$id','". $CURRENT_USER['id'] ."','". $_ITEM['name'] ."','". $_ITEM['creatorid'] ."','". $_ITEM['creator'] ."','". $_ITEM['type'] ."')"
- ) or die("Purchase failed: ". mysqli_error($connect));
- die ("Purchase completed!");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement