dean7 Posted May 1, 2010 Share Posted May 1, 2010 Hi all, on my website ive got an upgrade shop which allows users to upgrade there car to a certain level or performance. Allthough on my script it allows them to upgrade there car to any level.. <?php session_start(); include_once "includes/config.php"; include_once "includes/functions.php"; if(!isset($_SESSION['username']) || !isset($_SESSION['password'])){ header("Location: index.php"); }else{ $fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `users` WHERE username='".$_SESSION['username']."'")); } $username=$_SESSION['username']; $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); if (strip_tags($_GET['car'])){ $car=strip_tags($_GET['car']); $check=mysql_query("SELECT * FROM garage WHERE id='$car' AND owner='$username'"); $true=mysql_num_rows($check); $stuff=mysql_fetch_object($check); if ($true != "0"){ $upgrades=explode("-", $stuff->upgrades); $next_1=$upgrades[0]+1; $next_2=$upgrades[1]+1; $next_3=$upgrades[2]+1; $next_4=$upgrades[3]+1; $next_5=$upgrades[4]+1; $next_6=$upgrades[5]+1; $next_7=$upgrades[6]+1; $next_8=$upgrades[7]+1; if (strip_tags($_POST['up1'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$next_1-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up2'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$next_2-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up3'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$next_3-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up4'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$next_4-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up5'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$next_5-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up6'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$next_6-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up7'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$next_7-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up8'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$next_8"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; }} } } ?> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_jumpMenu(targ,selObj,restore){ //v3.0 eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'"); if (restore) selObj.selectedIndex=0; } //--> </script> <body class="body"> <link rel="stylesheet" href="regstyle.css" type="text/css"> <form name="form2" method="post" action=""> <table width="67%" border="1" class="table" class="table" align="center" cellpadding="0" cellspacing="0"> <tr> <td class="header" colspan="2"><center>Part Shop</center></td> </tr> <tr> <td width="55%"><div align="center" class="forum">Car:</div></td> <td width="45%"> <select name="choose" id="choose" onChange="MM_jumpMenu('this',this,0)"> <option selected>Choose car</option> <?php $get=mysql_query("SELECT * FROM garage WHERE owner='$username'"); while($it=mysql_fetch_object($get)){ echo "<option value=?car=$it->id>$it->car, $it->damage%</option>"; } ?> </select> </td> </tr><?php if (strip_tags($_GET['car'])){ ?> <tr> <td><div align="center" class="forum">Tyres</div></td> <td width="45%"><div align="center" class="forum">Engine</div></td> </tr> <tr> <td><div align="center"> <input name="up1" type="submit" id="up1" value="Upgrade to level <?php echo "$next_1"; ?>"> </div></td> <td><div align="center"> <input name="up2" type="submit" id="up2" value="Upgrade to level <?php echo "$next_2"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">Interior</div></td> <td><div align="center" class="forum">Exhaust</div></td> </tr> <tr> <td><div align="center"> <input name="up3" type="submit" id="up3" value="Upgrade to level <?php echo "$next_3"; ?>"> </div></td> <td><div align="center"> <input name="up4" type="submit" id="up4" value="Upgrade to level <?php echo "$next_4"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">NOS</div></td> <td><div align="center" class="forum">Rims</div></td> </tr> <tr> <td><div align="center"> <input name="up5" type="submit" id="up5" value="Upgrade to level <?php echo "$next_5"; ?>"> </div></td> <td><div align="center"> <input name="up6" type="submit" id="up6" value="Upgrade to level <?php echo "$next_6"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">Brakes</div></td> <td><div align="center" class="forum">Body kit</div></td> </tr> <tr> <td><div align="center"> <input name="up7" type="submit" id="up7" value="Upgrade to level <?php echo "$next_7"; ?>"> </div></td> <td><div align="center"> <input name="up8" type="submit" id="up8" value="Upgrade to level <?php echo "$next_8"; ?>"> </div></td> </tr> <? } ?> </table> </form> <p align="center"> <?php include_once"includes/footer.php"; ?> Anyone know how I can make it so only allows you to upgrade your car to level 40? Thanks Link to comment https://forums.phpfreaks.com/topic/200355-upgrade-shop/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.