TutorialNinja Logo
Forgot PasswordRegister
PHP - User System 79 PHP 57 Visual Basic 15 Javascript 13
Adobe Fireworks 1 Adobe Photoshop 10 Adobe Illustrator 0 Adobe InDesign 0 Gimp 0
C/C++ 3 Python 0 Visual Basic 15 Visual C# 1
Adobe Dreamweaver 0 Adobe Muse 0 ASP.net 0 .htaccess 6 CSS 5 Perl 0 PHP 57 PHP - User System 79 HTML 11 Java 0 Javascript 13 Ruby on Rails 0 General Web Development 4
CentOS 3 Debian 0 Ubuntu 0 Macintosh 0 Windows 7 Unraid 1
Adobe After Effect 0 Adobe Audition 0 Adobe Premiere 0 Final Cut 0 FruityLoops 0 iMovie 0 Windows Movie Maker 0
Apple Swift 0
Arduino 0 Raspberry Pi 1
ChatGPT 1
Site Statistics
Total Members
523
Total Tutorials
235
Newest User
jonyoyo
Todays Guests
115
1 Users 15 Guests Online

Shop Makeover


First off to get this kicking you will want to run the following SQL Queries in your phpMyAdmin Database.
PHP Code 
  1. ALTER TABLE `shop_items` ADD `desc` TEXT NOT NULL ,
  2. ADD `quantity` INT( 11 ) NOT NULL ,
  3. ADD `staffonly` VARCHAR( 255 ) NOT NULL DEFAULT 'false';
  4.  
  5. ALTER TABLE `user_shop_items` ADD `quantity` INT( 11 ) NOT NULL DEFAULT '0';


Next Replace your shop.php with the new shop.php
PHP Code 
  1. <?php
  2. session_start(); //allow sessions
  3. require("config.php"); //get configuration
  4. if($logged['username']){ //if the user is logged in
  5. 	switch($_GET['page']){ //start page grabbing
  6. 		default: //default
  7. 			print "Welcome to the shop $logged[username]."; //welcome ^^
  8. 			$get_items = mysql_query("SELECT * FROM `shop_items`"); //get all items
  9. 			if(mysql_num_rows($get_items) == 0){ //check if any in db
  10. 				print "Sorry, No Shop Items Available.";
  11. 			}else{
  12. 				while($items = mysql_fetch_array($get_items)){
  13. 					if($items['staffonly'] == "True" && $logged['userlevel'] >= '4'){ //staff items :D
  14. 						print "<h2>Staff Items</h2>";
  15. 						print "<img src=\"$items[image]\" alt=\"$items[name]\" />
  16. 						<table width=\"400\">
  17. 						<tr>
  18. 						<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
  19. 						<b>$items[name]</b>
  20. 						</td>
  21. 						</tr>
  22. 						<tr>
  23. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  24. 						<b>Description</b>
  25. 						</td>
  26. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  27. 						$items[desc]
  28. 						</td>
  29. 						</tr>
  30. 						<tr>
  31. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  32. 						<b>Price</b>
  33. 						</td>
  34. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  35. 						$items[price] Point(s)
  36. 						</td>
  37. 						</tr>
  38. 						<tr>
  39. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  40. 						<b>Quantity</b>
  41. 						</td>
  42. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  43. 						$items[quantity]
  44. 						</td>
  45. 						</tr>
  46. 						<tr>
  47. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  48. 						&nbsp;&nbsp;
  49. 						</td>
  50. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  51. 						<a href=\"shop.php?page=verify&item=$items[id]\">Buy</a>
  52. 						</td>
  53. 						</table>"; //print item data
  54. 					}elseif($items['staffonly'] == "True" && $logged['userlevel'] < '4'){
  55. 						//nothing here cause admins wont be able to see it ;(
  56. 					}else{ //not an admin and item aint staff only
  57. 						print "<img src=\"$items[image]\" alt=\"$items[name]\" />
  58. 						<table width=\"400\">
  59. 						<tr>
  60. 						<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
  61. 						<b>$items[name]</b>
  62. 						</td>
  63. 						</tr>
  64. 						<tr>
  65. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  66. 						<b>Description</b>
  67. 						</td>
  68. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  69. 						$items[desc]
  70. 						</td>
  71. 						</tr>
  72. 						<tr>
  73. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  74. 						<b>Price</b>
  75. 						</td>
  76. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  77. 						$items[price] Point(s)
  78. 						</td>
  79. 						</tr>
  80. 						<tr>
  81. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  82. 						<b>Quantity</b>
  83. 						</td>
  84. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  85. 						$items[quantity]
  86. 						</td>
  87. 						</tr>
  88. 						<tr>
  89. 						<td width=\"100\" align=\"left\" valign=\"middle\">
  90. 						&nbsp;&nbsp;
  91. 						</td>
  92. 						<td width=\"300\" align=\"center\" valign=\"middle\">
  93. 						<a href=\"shop.php?page=verify&item=$items[id]\">Buy</a>
  94. 						</td>
  95. 						</table>"; //print item data
  96. 					} //end level check >]
  97. 				} //end loop for items >/
  98. 			} //end item check
  99. 			break; //end page
  100. 		case 'verify': //verify page
  101. 			$itemid = (int) addslashes($_GET['item']); //get item id
  102. 			if(!$itemid){ //not set
  103. 				print "<b>Error</b>: No Item Selected.";
  104. 			}else{ //is set
  105. 				$check = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$itemid';"); //check with db
  106. 				if(mysql_num_rows($check) == 0){ //invalid
  107. 					print "<b>Error</b>: Invalid ID Selected.";
  108. 				}else{ //not invalid
  109. 					$item = mysql_fetch_array($check); //array data
  110. 					print "Are you sure you want to purchase $item[name]?<br> <a href='shop.php?page=purchase&item=$itemid'>Yes</a> - <a href='shop.php'>No</a>"; //ask if they reall want to buy it.
  111. 				} //end invalid check
  112. 			} //end general check
  113. 			break;
  114. 		case 'purchase': //purchase the item ;)
  115. 			$itemid = (int) addslashes($_GET['item']); //item id
  116. 			if(!$itemid){ //no id found
  117. 				print "<b>Error</b>: No Item Selected.";
  118. 			}else{ //was found
  119. 				$check = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$itemid';"); //check with db
  120. 				if(mysql_num_rows($check) == 0){ //not found
  121. 					print "<b>Error</b>: Invalid ID Selected.";
  122. 				}else{ //found
  123. 					$item = mysql_fetch_array($check); //array data
  124. 					$users_items = mysql_query("SELECT * FROM `user_shop_items` WHERE `name` = '$item[name]' AND `owner` = '$logged[username]';"); //get current users items
  125. 					$array_items = mysql_fetch_array($users_items); //array those items
  126. 					if(mysql_num_rows($users_items) == 1){ //if its there :O
  127. 						if($logged['points'] < $item['price']){ //check points
  128. 							print "<b>Error</b>: You Don't Have Enough Points!"; //not enough
  129. 						}else{
  130. 						//has enough
  131. 						$new_quantity = ($array_items['quantity'] + 1); //new quantity
  132. 						$update = mysql_query("UPDATE `user_shop_items` SET `quantity` = '$new_quantity' WHERE `owner` = '$logged[username]' AND `name` = '$item[name]'"); //update it ;)
  133. 						$new_points = ($logged['points'] - $item['price']); //new points
  134. 						$update2 = mysql_query("UPDATE `members` SET `points` = '$new_points' WHERE `username` = '$logged[username]';"); //update them
  135. 						print "You Have Bought 1 $item[name]."; //give them what they wanted ;)
  136. 						} //end point check
  137. 					}else{
  138. 						if($logged['points'] < $item['price']){
  139. 							print "<b>Error</b>: You Don't Have Enough Points!";
  140. 						}else{
  141. 							$insert = mysql_query("INSERT INTO `user_shop_items` (`name`,`image`,`owner`,`quantity`) VALUES ('$item[name]','$item[image]','$logged[username]','1');"); //insert item into table
  142. 							$new_points = ($logged['points'] - $item['price']);
  143. 							$update2 = mysql_query("UPDATE `members` SET `points` = '$new_points' WHERE `username` = '$logged[username]';"); //update points
  144. 							print "You Have Bought 1 $item[name].";
  145. 						}
  146. 					}
  147. 				}
  148. 			}
  149. 			break;
  150. 	}
  151. }else{
  152. 	print "<b>Error</b> You Are Not Logged In."; //not logged in
  153. }
  154. ?>


Next part is the shop admin replace your file with the following:
PHP Code 
  1. <?php
  2. session_start(); //allow sessions
  3. include "config.php"; //get config
  4. if($logged[username] && $logged[userlevel] == 6){ //check if admin
  5. 	switch($_GET[page]){ //allow page var to be used
  6. 	default: //default.
  7. 		echo ("Welcome to the shop admin. <a href='?page=add'>Add a shop item</a><br><br>"); //welcome :D
  8. 		$fetch = mysql_query("SELECT * FROM `shop_items`"); //get items
  9. 		$rows = mysql_num_rows($fetch); //total them up
  10. 		if ($rows == 0){ //none :(
  11. 			echo ("No shop items. Sorry. <a href='?page=add'>Add a shop item</a>");
  12. 		}else{ //some :)
  13. 			while ($shop = mysql_fetch_array($fetch)){ //make loop to echo items
  14. 				echo ("<img src='$shop[image]'> | $shop[name] | $shop[price] - <a href='?page=edit&id=$shop[id]'>Edit</a> // <a href='?page=verifydelete&id=$shop[id]'>Delete</a><br>"); //give things to do and item info
  15. 			} //end loop
  16. 		} //end check
  17. 	break; //end page
  18.  
  19. case 'add': //add new item :)
  20. 	echo ("<form method='post' action='?page=additem'>
  21. 	Name: <input type='text' name='name'><br>
  22. 	Price: <input type='text' name='price'><br>
  23. 	Image: <input type='text' name='image'><br>
  24. 	Quantity: <input type='text' name='quantity'><br>
  25. 	Staff Only: <select name=\"staff\">
  26. 	<option value=\"True\">Yes</option>
  27. 	<option value=\"False\">No</option>
  28. 	</select><br>
  29. 	<input type='submit' value='Add' name='submit'>
  30. 	</form>"); //item data and such to be entered to the DB
  31. 	break;
  32.  
  33. case 'additem':
  34. 	//variables ^^
  35. 	$image = strip_tags(htmlspecialchars($_POST[image]));
  36. 	$name = strip_tags(htmlspecialchars($_POST[name]));
  37. 	$price = strip_tags(htmlspecialchars($_POST[price]));
  38. 	$quantity = (int) $_POST[quantity];
  39. 	$staffonly = htmlspecialchars(addslashes($_POST[staff]));
  40. 	$add = mysql_query("INSERT INTO `shop_items` (`price`, `image`, `name`,`quantity`,`staffonly`) VALUES ('$price', '$image', '$name','$quantity','$staffonly');"); //add to the database
  41. 	echo ("$name has been added to the shop. thank you. <a href='shop_admin.php'>Back</a>"); //thanks ^^
  42. 	break; //end page
  43.  
  44. case 'edit': //edit an item
  45. 	$id = strip_tags(htmlspecialchars($_GET[id])); //get id
  46. 	$fetch = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$id'"); //check
  47. 	$shop = mysql_fetch_array($fetch); //array data
  48. 	echo ("<form method='post' action='?page=edititem&id=$id'>
  49. 	Name: <input type='text' value='$shop[name]' name='name'><br>
  50. 	Price: <input type='text' value='$shop[price]' name='price'><br>
  51. 	Image: <input type='text' value='$shop[image]' name='image'><br>
  52. 	Quantity: <input type='text' name='quantity' value='$shop[quantity]'><br>
  53. 	Staff Only: <select name=\"staff\">
  54. 	<option value=\"True\">Yes</option>
  55. 	<option value=\"False\">No</option>
  56. 	</select><br>
  57. 	<input type='submit' value='Edit' name='submit'>
  58. 	</form>");//allow user to edit data
  59. 	break;  //end page
  60.  
  61. case 'edititem':
  62.     //vars to be used
  63. 	$id = strip_tags(htmlspecialchars($_GET[id]));
  64. 	$image = strip_tags(htmlspecialchars($_POST[image]));
  65. 	$name = strip_tags(htmlspecialchars($_POST[name]));
  66. 	$price = strip_tags(htmlspecialchars($_POST[price]));
  67. 	$quantity = (int) $_POST[quantity];
  68. 	$staffonly = htmlspecialchars(addslashes($_POST[staff]));
  69. 	$edit = mysql_query("UPDATE `shop_items` SET `image` = '$image', `name` = '$name', `price` = '$price', `quantity` = '$quantity', `staffonly` = '$staffonly' WHERE `id` = '$id'"); //set the new data :)
  70. 	echo ("$shop[name] has been edited thank you. <a href='shop_admin.php'>Back</a>"); //item edited ;)
  71. 	break; //end page
  72.  
  73. case 'verifydelete':
  74. 	$id = strip_tags(htmlspecialchars($_GET[id]));
  75. 	$fetch = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$id'");
  76. 	$shop = mysql_fetch_array($fetch);
  77. 	echo ("Are you sure you want to delete $shop[name]?<br> <a href='?page=delete&id=$id'>Yes</a> - <a href='shop.php'>No</a>"); //verify the delete
  78. 	break;
  79.  
  80. case 'delete':
  81. 	$id = strip_tags(htmlspecialchars($_GET[id]));
  82. 	$delete = mysql_query("DELETE FROM `shop_items` WHERE `id` = '$id'"); //Adios Amigos!
  83. 	echo ("$shop[name] has been deleted thank you. <a href='shop_admin.php'>Back</a>"); //tel them they deleted it ;(
  84. 	break; //end page
  85. }
  86. } 
  87. ?>


Thats about it other then the inventory ;)
So, name this file inventory.php and add the following lines of code.
PHP Code 
  1. <?php
  2. session_start(); //allow sessio ns
  3. include("config.php"); //get config
  4. if(!$logged['username']){ //check username is online
  5. 	print "<b>Error</b>: You Are Not Logged In!"; //not
  6. }else{
  7. 	switch($_GET['page']){ //is so allow the page var to be used
  8. 		default: //default page
  9. 			$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';"); //get users items
  10. 			print "<h2>Your Items</h2>"; //yours items Duh
  11. 			while($items = mysql_fetch_array($get_users_items)){ //loop to show items
  12. 				print "<img src=\"$items[image]\" alt=\"$items[name]\" />
  13. 				<table width=\"400\">
  14. 				<tr>
  15. 				<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
  16. 				<b>$items[name]</b>
  17. 				</td>
  18. 				</tr>
  19. 				<tr>
  20. 				<td width=\"100\" align=\"left\" valign=\"middle\">
  21. 				<b>Description</b>
  22. 				</td>
  23. 				<td width=\"300\" align=\"center\" valign=\"middle\">
  24. 				$items[desc]
  25. 				</td>
  26. 				</tr>
  27. 				<tr>
  28. 				<td width=\"100\" align=\"left\" valign=\"middle\">
  29. 				<b>Price</b>
  30. 				</td>
  31. 				<td width=\"300\" align=\"center\" valign=\"middle\">
  32. 				$items[price] Point(s)
  33. 				</td>
  34. 				</tr>
  35. 				<tr>
  36. 				<td width=\"100\" align=\"left\" valign=\"middle\">
  37. 				<b>Quantity</b>
  38. 				</td>
  39. 				<td width=\"300\" align=\"center\" valign=\"middle\">
  40. 				$items[quantity]
  41. 				</td>
  42. 				</tr>
  43. 				<tr>
  44. 				<td width=\"100\" align=\"left\" valign=\"middle\">
  45. 				&nbsp;&nbsp;
  46. 				</td>
  47. 				<td width=\"300\" align=\"center\" valign=\"middle\">
  48. 				<a href=\"inventory.php?page=verify&id=$items[id]\">Buy</a>
  49. 				</td>
  50. 				</table>"; //display item details
  51. 			}
  52. 			break; //Muah! end page O_o'
  53. 		case 'verify': //verify that you want to sell the item.
  54. 			$id = (int) addslashes($_GET['id']); //id :D
  55. 			if(!$id){ //check if it is there
  56. 				print "<b>Error</b>: No ID Selected."; //it aint D:
  57. 			}else{ //it is :D
  58. 				$check = mysql_query("SELECT * FROM `user_shop_items` WHERE `id` = '$id';"); //check with database
  59. 				$array = mysql_fetch_array($check); //array info
  60. 				if(mysql_num_rows($check) == 0){ //not there :O
  61. 					print "<b>Error</b>: Invalid ID Selected."; //tell em it aint there
  62. 				}else{ //or is it?!?!?!?!
  63. 					if($array['owner'] != $logged['username']){ //not yours!!!!
  64. 						print "<b>Error</b>: This is not Your Item."; //your bad!
  65. 					}else{ //its theres ^^
  66. 						print "Are you sure you wish to sell A(n) $array[name]?
  67. 						<a href=\"inventory.php?page=sell&id=$id\">Yes</a>&nbsp;||&nbsp;
  68. 						<a href=\"inventory.php\">No</a>"; //are your sure?
  69. 					}
  70. 				}
  71. 			}
  72. 			break; //end page
  73. 		case 'sell': //sell the item
  74. 			$id = (int) addslashes($_GET['id']);
  75. 			if(!$id){
  76. 				print "<b>Error</b>: No ID Selected.";
  77. 			}else{
  78. 				$check = mysql_query("SELECT * FROM `user_shop_items` WHERE `id` = '$id';"); //check item
  79. 				$array = mysql_fetch_array($check);
  80. 				if(mysql_num_rows($check) == 0){
  81. 					print "<b>Error</b>: Invalid ID Selected.";
  82. 				}else{
  83. 					if($array['owner'] != $logged['username']){ //aint theres
  84. 						print "<b>Error</b>: This is not Your Item.";
  85. 					}else{
  86. 						if($array['quantity'] == 1){ //its there and thers only 1?
  87. 							$orig_item_data = mysql_fetch_array(mysql_query("SELECT * FROM `shop_items` WHERE `name` = '$array[name]';")); //get original data and array it
  88. 							$new_points = ($logged['points'] + $orig_item_data['price']);
  89. 							$update_user_points = mysql_query("UPDATE `members` SERT `points` = '$new_points' WHERE `username` = '$logged[username]';"); //you can have your points back
  90. 							$del_item_from_table = mysql_query("DELETE FROM `user_shop_items` WHERE `id` = '$id';"); //adios!
  91. 							print "Item Sold!";
  92. 						}else{ //more then one!!!
  93. 							$orig_item_data = mysql_fetch_array(mysql_query("SELECT * FROM `shop_items` WHERE `name` = '$array[name]';"));
  94. 							$new_points = ($logged['points'] + $orig_item_data[price]);
  95. 							$update_user_points = mysql_query("UPDATE `members` SERT `points` = '$new_points' WHERE `username` = '$logged[username]';");
  96. 							$new_quantity = ($array['quantity'] - 1);
  97. 							$update_item_info = mysql_query("UPDATE `user_shop_items` SET `quantity` = '$new_quantity' WHERE `id` = '$id';"); //update quantity
  98. 							print "Item Sold!";
  99. 						}
  100. 					}
  101. 				}
  102. 			}
  103. 			break;
  104. 	}
  105. }
  106. ?>
ShadowMage's Avatar
Author:
Views:
4,883
Rating:
Posted on Thursday 17th July 2008 at 06:25 PM
UrbanTwitch
UrbanTwitch's Avatar
Whats the difference betwen this one and the old one? Where do I get points?
Posted on Saturday 31st May 2008 at 08:11 PM
ShadowMage
ShadowMage's Avatar
works? Weird. it should have showed an error :P if there was one.
Posted on Saturday 31st May 2008 at 02:02 PM
jambomb
jambomb's Avatar
thanks mate! that works fine now :)
Posted on Saturday 31st May 2008 at 01:11 PM
ShadowMage
ShadowMage's Avatar
Find:
Code
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';"); //get users items

Replace with:
Code
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';") or die(mysql_error()); //get users items
Posted on Saturday 31st May 2008 at 12:29 PM
jambomb
jambomb's Avatar
when i buy stuff of the shop it works fine but then i go to inventory.php and just says your items and nothing else no errors or anything :S
Posted on Wednesday 26th March 2008 at 06:15 PM
ShadowMage
ShadowMage's Avatar
PM Me the line real quick and the line before it.

but did you run the SQL?
Posted on Wednesday 26th March 2008 at 05:50 PM
Dalez
Dalez's Avatar
I still get that same error in inventory
Posted on Monday 24th March 2008 at 01:46 PM
Dalez
Dalez's Avatar
I get an error in inventory.

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/dalez/public_html/site/user/shop/inventory.php on line 11

Any answers for this?
Posted on Tuesday 5th February 2008 at 08:19 PM
MrArmstrong
MrArmstrong's Avatar
Sorry :3
Posted on Sunday 3rd February 2008 at 07:55 PM
Diablosblizz
Diablosblizz's Avatar
https://rmb-scripting.com/forum.php?topic&id=301

Fixes to this are on the link above.