Shop Makeover
First off to get this kicking you will want to run the following SQL Queries in your phpMyAdmin Database.Code
ALTER TABLE `shop_items` ADD `desc` TEXT NOT NULL ,
ADD `quantity` INT( 11 ) NOT NULL ,
ADD `staffonly` VARCHAR( 255 ) NOT NULL DEFAULT 'false';
ALTER TABLE `user_shop_items` ADD `quantity` INT( 11 ) NOT NULL DEFAULT '0';
Next Replace your shop.php with the new shop.php
PHP Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155
<?php
session_start(); //allow sessions
require("config.php"); //get configuration
if($logged['username']){ //if the user is logged in
switch($_GET['page']){ //start page grabbing
default: //default
print "Welcome to the shop $logged[username]."; //welcome ^^
$get_items = mysql_query("SELECT * FROM `shop_items`"); //get all items
if(mysql_num_rows($get_items) == 0){ //check if any in db
print "Sorry, No Shop Items Available.";
}else{
while($items = mysql_fetch_array($get_items)){
if($items['staffonly'] == "True" && $logged['userlevel'] >= '4'){ //staff items :D
print "<h2>Staff Items</h2>";
print "<img src=\"$items[image]\" alt=\"$items[name]\" />
<table width=\"400\">
<tr>
<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
<b>$items[name]</b>
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Description</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[desc]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Price</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[price] Point(s)
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Quantity</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[quantity]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
<a href=\"shop.php?page=verify&item=$items[id]\">Buy</a>
</td>
</table>"; //print item data
}elseif($items['staffonly'] == "True" && $logged['userlevel'] < '4'){
//nothing here cause admins wont be able to see it ;(
}else{ //not an admin and item aint staff only
print "<img src=\"$items[image]\" alt=\"$items[name]\" />
<table width=\"400\">
<tr>
<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
<b>$items[name]</b>
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Description</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[desc]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Price</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[price] Point(s)
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Quantity</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[quantity]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
<a href=\"shop.php?page=verify&item=$items[id]\">Buy</a>
</td>
</table>"; //print item data
} //end level check >]
} //end loop for items >/
} //end item check
break; //end page
case 'verify': //verify page
$itemid = (int) addslashes($_GET['item']); //get item id
if(!$itemid){ //not set
print "<b>Error</b>: No Item Selected.";
}else{ //is set
$check = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$itemid';"); //check with db
if(mysql_num_rows($check) == 0){ //invalid
print "<b>Error</b>: Invalid ID Selected.";
}else{ //not invalid
$item = mysql_fetch_array($check); //array data
print "Are you sure you want to purchase $item[name]?<br> <a href='shop.php?page=purchase&item=$itemid'>Yes</a> - <a href='shop.php'>No</a>"; //ask if they reall want to buy it.
} //end invalid check
} //end general check
break;
case 'purchase': //purchase the item ;)
$itemid = (int) addslashes($_GET['item']); //item id
if(!$itemid){ //no id found
print "<b>Error</b>: No Item Selected.";
}else{ //was found
$check = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$itemid';"); //check with db
if(mysql_num_rows($check) == 0){ //not found
print "<b>Error</b>: Invalid ID Selected.";
}else{ //found
$item = mysql_fetch_array($check); //array data
$users_items = mysql_query("SELECT * FROM `user_shop_items` WHERE `name` = '$item[name]' AND `owner` = '$logged[username]';"); //get current users items
$array_items = mysql_fetch_array($users_items); //array those items
if(mysql_num_rows($users_items) == 1){ //if its there :O
if($logged['points'] < $item['price']){ //check points
print "<b>Error</b>: You Don't Have Enough Points!"; //not enough
}else{
//has enough
$new_quantity = ($array_items['quantity'] + 1); //new quantity
$update = mysql_query("UPDATE `user_shop_items` SET `quantity` = '$new_quantity' WHERE `owner` = '$logged[username]' AND `name` = '$item[name]'"); //update it ;)
$new_points = ($logged['points'] - $item['price']); //new points
$update2 = mysql_query("UPDATE `members` SET `points` = '$new_points' WHERE `username` = '$logged[username]';"); //update them
print "You Have Bought 1 $item[name]."; //give them what they wanted ;)
} //end point check
}else{
if($logged['points'] < $item['price']){
print "<b>Error</b>: You Don't Have Enough Points!";
}else{
$insert = mysql_query("INSERT INTO `user_shop_items` (`name`,`image`,`owner`,`quantity`) VALUES ('$item[name]','$item[image]','$logged[username]','1');"); //insert item into table
$new_points = ($logged['points'] - $item['price']);
$update2 = mysql_query("UPDATE `members` SET `points` = '$new_points' WHERE `username` = '$logged[username]';"); //update points
print "You Have Bought 1 $item[name].";
}
}
}
}
break;
}
}else{
print "<b>Error</b> You Are Not Logged In."; //not logged in
}
?>
Next part is the shop admin replace your file with the following:
PHP Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
<?php
session_start(); //allow sessions
include "config.php"; //get config
if($logged[username] && $logged[userlevel] == 6){ //check if admin
switch($_GET[page]){ //allow page var to be used
default: //default.
echo ("Welcome to the shop admin. <a href='?page=add'>Add a shop item</a><br><br>"); //welcome :D
$fetch = mysql_query("SELECT * FROM `shop_items`"); //get items
$rows = mysql_num_rows($fetch); //total them up
if ($rows == 0){ //none :(
echo ("No shop items. Sorry. <a href='?page=add'>Add a shop item</a>");
}else{ //some :)
while ($shop = mysql_fetch_array($fetch)){ //make loop to echo items
echo ("<img src='$shop[image]'> | $shop[name] | $shop[price] - <a href='?page=edit&id=$shop[id]'>Edit</a> // <a href='?page=verifydelete&id=$shop[id]'>Delete</a><br>"); //give things to do and item info
} //end loop
} //end check
break; //end page
case 'add': //add new item :)
echo ("<form method='post' action='?page=additem'>
Name: <input type='text' name='name'><br>
Price: <input type='text' name='price'><br>
Image: <input type='text' name='image'><br>
Quantity: <input type='text' name='quantity'><br>
Staff Only: <select name=\"staff\">
<option value=\"True\">Yes</option>
<option value=\"False\">No</option>
</select><br>
<input type='submit' value='Add' name='submit'>
</form>"); //item data and such to be entered to the DB
break;
case 'additem':
//variables ^^
$image = strip_tags(htmlspecialchars($_POST[image]));
$name = strip_tags(htmlspecialchars($_POST[name]));
$price = strip_tags(htmlspecialchars($_POST[price]));
$quantity = (int) $_POST[quantity];
$staffonly = htmlspecialchars(addslashes($_POST[staff]));
$add = mysql_query("INSERT INTO `shop_items` (`price`, `image`, `name`,`quantity`,`staffonly`) VALUES ('$price', '$image', '$name','$quantity','$staffonly');"); //add to the database
echo ("$name has been added to the shop. thank you. <a href='shop_admin.php'>Back</a>"); //thanks ^^
break; //end page
case 'edit': //edit an item
$id = strip_tags(htmlspecialchars($_GET[id])); //get id
$fetch = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$id'"); //check
$shop = mysql_fetch_array($fetch); //array data
echo ("<form method='post' action='?page=edititem&id=$id'>
Name: <input type='text' value='$shop[name]' name='name'><br>
Price: <input type='text' value='$shop[price]' name='price'><br>
Image: <input type='text' value='$shop[image]' name='image'><br>
Quantity: <input type='text' name='quantity' value='$shop[quantity]'><br>
Staff Only: <select name=\"staff\">
<option value=\"True\">Yes</option>
<option value=\"False\">No</option>
</select><br>
<input type='submit' value='Edit' name='submit'>
</form>");//allow user to edit data
break; //end page
case 'edititem':
//vars to be used
$id = strip_tags(htmlspecialchars($_GET[id]));
$image = strip_tags(htmlspecialchars($_POST[image]));
$name = strip_tags(htmlspecialchars($_POST[name]));
$price = strip_tags(htmlspecialchars($_POST[price]));
$quantity = (int) $_POST[quantity];
$staffonly = htmlspecialchars(addslashes($_POST[staff]));
$edit = mysql_query("UPDATE `shop_items` SET `image` = '$image', `name` = '$name', `price` = '$price', `quantity` = '$quantity', `staffonly` = '$staffonly' WHERE `id` = '$id'"); //set the new data :)
echo ("$shop[name] has been edited thank you. <a href='shop_admin.php'>Back</a>"); //item edited ;)
break; //end page
case 'verifydelete':
$id = strip_tags(htmlspecialchars($_GET[id]));
$fetch = mysql_query("SELECT * FROM `shop_items` WHERE `id` = '$id'");
$shop = mysql_fetch_array($fetch);
echo ("Are you sure you want to delete $shop[name]?<br> <a href='?page=delete&id=$id'>Yes</a> - <a href='shop.php'>No</a>"); //verify the delete
break;
case 'delete':
$id = strip_tags(htmlspecialchars($_GET[id]));
$delete = mysql_query("DELETE FROM `shop_items` WHERE `id` = '$id'"); //Adios Amigos!
echo ("$shop[name] has been deleted thank you. <a href='shop_admin.php'>Back</a>"); //tel them they deleted it ;(
break; //end page
}
}
?>
Thats about it other then the inventory ;)
So, name this file inventory.php and add the following lines of code.
PHP Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
<?php
session_start(); //allow sessio ns
include("config.php"); //get config
if(!$logged['username']){ //check username is online
print "<b>Error</b>: You Are Not Logged In!"; //not
}else{
switch($_GET['page']){ //is so allow the page var to be used
default: //default page
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';"); //get users items
print "<h2>Your Items</h2>"; //yours items Duh
while($items = mysql_fetch_array($get_users_items)){ //loop to show items
print "<img src=\"$items[image]\" alt=\"$items[name]\" />
<table width=\"400\">
<tr>
<td width=\"400\" colspan=\"4\" align=\"left\" valign=\"middle\">
<b>$items[name]</b>
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Description</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[desc]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Price</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[price] Point(s)
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
<b>Quantity</b>
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
$items[quantity]
</td>
</tr>
<tr>
<td width=\"100\" align=\"left\" valign=\"middle\">
</td>
<td width=\"300\" align=\"center\" valign=\"middle\">
<a href=\"inventory.php?page=verify&id=$items[id]\">Buy</a>
</td>
</table>"; //display item details
}
break; //Muah! end page O_o'
case 'verify': //verify that you want to sell the item.
$id = (int) addslashes($_GET['id']); //id :D
if(!$id){ //check if it is there
print "<b>Error</b>: No ID Selected."; //it aint D:
}else{ //it is :D
$check = mysql_query("SELECT * FROM `user_shop_items` WHERE `id` = '$id';"); //check with database
$array = mysql_fetch_array($check); //array info
if(mysql_num_rows($check) == 0){ //not there :O
print "<b>Error</b>: Invalid ID Selected."; //tell em it aint there
}else{ //or is it?!?!?!?!
if($array['owner'] != $logged['username']){ //not yours!!!!
print "<b>Error</b>: This is not Your Item."; //your bad!
}else{ //its theres ^^
print "Are you sure you wish to sell A(n) $array[name]?
<a href=\"inventory.php?page=sell&id=$id\">Yes</a> ||
<a href=\"inventory.php\">No</a>"; //are your sure?
}
}
}
break; //end page
case 'sell': //sell the item
$id = (int) addslashes($_GET['id']);
if(!$id){
print "<b>Error</b>: No ID Selected.";
}else{
$check = mysql_query("SELECT * FROM `user_shop_items` WHERE `id` = '$id';"); //check item
$array = mysql_fetch_array($check);
if(mysql_num_rows($check) == 0){
print "<b>Error</b>: Invalid ID Selected.";
}else{
if($array['owner'] != $logged['username']){ //aint theres
print "<b>Error</b>: This is not Your Item.";
}else{
if($array['quantity'] == 1){ //its there and thers only 1?
$orig_item_data = mysql_fetch_array(mysql_query("SELECT * FROM `shop_items` WHERE `name` = '$array[name]';")); //get original data and array it
$new_points = ($logged['points'] + $orig_item_data['price']);
$update_user_points = mysql_query("UPDATE `members` SERT `points` = '$new_points' WHERE `username` = '$logged[username]';"); //you can have your points back
$del_item_from_table = mysql_query("DELETE FROM `user_shop_items` WHERE `id` = '$id';"); //adios!
print "Item Sold!";
}else{ //more then one!!!
$orig_item_data = mysql_fetch_array(mysql_query("SELECT * FROM `shop_items` WHERE `name` = '$array[name]';"));
$new_points = ($logged['points'] + $orig_item_data[price]);
$update_user_points = mysql_query("UPDATE `members` SERT `points` = '$new_points' WHERE `username` = '$logged[username]';");
$new_quantity = ($array['quantity'] - 1);
$update_item_info = mysql_query("UPDATE `user_shop_items` SET `quantity` = '$new_quantity' WHERE `id` = '$id';"); //update quantity
print "Item Sold!";
}
}
}
}
break;
}
}
?>
Posted on Thursday 17th July 2008 at 06:25 PM
Whats the difference betwen this one and the old one? Where do I get points?
Posted on Saturday 31st May 2008 at 08:11 PM
works? Weird. it should have showed an error :P if there was one.
Posted on Saturday 31st May 2008 at 02:02 PM
thanks mate! that works fine now :)
Posted on Saturday 31st May 2008 at 01:11 PM
Find:
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';"); //get users items
Replace with:
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';") or die(mysql_error()); //get users items
Code
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';"); //get users items
Replace with:
Code
$get_users_items = mysql_query("SELECT * FROM `users_shop_items` WHERE `owner` = '$logged[username]';") or die(mysql_error()); //get users items
Posted on Saturday 31st May 2008 at 12:29 PM
when i buy stuff of the shop it works fine but then i go to inventory.php and just says your items and nothing else no errors or anything :S
Posted on Wednesday 26th March 2008 at 06:15 PM
PM Me the line real quick and the line before it.
but did you run the SQL?
but did you run the SQL?
Posted on Wednesday 26th March 2008 at 05:50 PM
I still get that same error in inventory
Posted on Monday 24th March 2008 at 01:46 PM
I get an error in inventory.
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/dalez/public_html/site/user/shop/inventory.php on line 11
Any answers for this?
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/dalez/public_html/site/user/shop/inventory.php on line 11
Any answers for this?
Posted on Tuesday 5th February 2008 at 08:19 PM
Sorry :3
Posted on Sunday 3rd February 2008 at 07:55 PM
http://rmb-scripting.com/forum.php?topic&id=301
Fixes to this are on the link above.
Fixes to this are on the link above.