Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "includes/db_connect.php";
- include "includes/functions.php";
- logincheck();
- $username = $_SESSION['username'];
- $date = gmdate('Y-m-d H:i:s');
- $query=mysql_query("SELECT * FROM users WHERE username='$username' LIMIT 1");
- $info = mysql_fetch_object($query);
- if (strip_tags($_POST['give']) && strip_tags($_POST['giveto']) && strip_tags($_POST['giveamount'])){
- $giveto = strip_tags($_POST['giveto']);
- $giveamount = strip_tags($_POST['giveamount']);
- $query2=mysql_query("SELECT * FROM users WHERE username='$giveto' LIMIT 1");
- $info2 = mysql_fetch_object($query2);
- if($giveto == $username){
- echo "<center><b><font color=red>You cannot send money to yourself!</b></font></center>";
- }elseif($giveamount < "0"){
- echo "<center><b><font color=red>You cannot send that amount of money!</b></font></center>";
- }elseif($info->l_ip == $info2->l_ip){
- echo "<center><b><font color=red>You cannot send money to another account on the same IP Address!</b></font></center>";
- }elseif($info->money <= $giveamount){
- echo "<center><b><font color=red>You havent got that much money!</b></font></center>";
- }elseif($info->money >= $giveamount || $giveto != $username || $info->l_ip != $info2->l_ip){
- ///////////////////////////////////////////////////////////////
- $newmoney=$info->money-$giveamount;
- mysql_query("UPDATE users SET money='$newmoney' WHERE username='$username'");
- ///////////////////////////////////////////////////////////////
- $givetouser=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$giveto'"));
- $newmoney2=$givetouser->money + $giveamount;
- mysql_query("UPDATE users SET money='$newmoney2' WHERE username='$giveto'");
- ///////////////////////////////////////////////////////////////
- mysql_query("INSERT INTO `transfers` ( `id` , `to` , `from` , `amount` , `date` )
- VALUES ('', '$giveto', '$username', '$giveamount', '$date')");
- echo "<center><font color=green><b>You have sent $giveto £".number_format($giveamount)."!</b></font></center>";
- $text = "$username sent you £".number_format($giveamount)."!";
- mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read`)
- VALUES ('', '$giveto', '$username', '$text', '<b>Bank Transfer</b>', '$date', '0');") or die (mysql_error());
- }}
- ?>
- <script type="text/javascript" src="moneyinput.js"></script>
- <html>
- <head>
- <title> Send Money</title></head>
- <link REL="stylesheet" TYPE="text/css" HREF="style.css">
- <br>
- <form method="post" action="" name="f">
- <table width='400' border='0' cellpadding='0' cellspacing='0' bordercolor=black class='table' align='center'>
- <tr class='header'><td colspan='4'><center>Send Money</td>
- </tr>
- <tr>
- <td align="center" border="0">Send To: <input class="textbox" type=text name=giveto></td>
- </tr>
- <tr>
- <td align="center" border="0">Amount: <input class="textbox" type=text name=giveamount></td>
- </tr>
- <tr>
- <td align="center" colspan="3" border="0"><input type=submit name="give" class="button" value="Send"></td>
- </tr>
- </table>
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement