dean7 Posted May 1, 2010 Share Posted May 1, 2010 Hi all, on my website ive got an upgrade shop which allows users to upgrade there car to a certain level or performance. Allthough on my script it allows them to upgrade there car to any level.. <?php session_start(); include_once "includes/config.php"; include_once "includes/functions.php"; if(!isset($_SESSION['username']) || !isset($_SESSION['password'])){ header("Location: index.php"); }else{ $fetch_users_data = mysql_fetch_object(mysql_query("SELECT * FROM `users` WHERE username='".$_SESSION['username']."'")); } $username=$_SESSION['username']; $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'")); if (strip_tags($_GET['car'])){ $car=strip_tags($_GET['car']); $check=mysql_query("SELECT * FROM garage WHERE id='$car' AND owner='$username'"); $true=mysql_num_rows($check); $stuff=mysql_fetch_object($check); if ($true != "0"){ $upgrades=explode("-", $stuff->upgrades); $next_1=$upgrades[0]+1; $next_2=$upgrades[1]+1; $next_3=$upgrades[2]+1; $next_4=$upgrades[3]+1; $next_5=$upgrades[4]+1; $next_6=$upgrades[5]+1; $next_7=$upgrades[6]+1; $next_8=$upgrades[7]+1; if (strip_tags($_POST['up1'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$next_1-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up2'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$next_2-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up3'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$next_3-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up4'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$next_4-$upgrades[4]-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up5'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$next_5-$upgrades[5]-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up6'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$next_6-$upgrades[6]-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up7'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$next_7-$upgrades[7]"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; } }elseif (strip_tags($_POST['up8'])){ $price= $next_1*1000; if ($fetch->money < $price){ echo "You dont have enough money to upgrade your car!"; }elseif ($fetch->money >= $price){ $new_money=$fetch->money-$price; $new_up="$upgrades[0]-$upgrades[1]-$upgrades[2]-$upgrades[3]-$upgrades[4]-$upgrades[5]-$upgrades[6]-$next_8"; mysql_query("UPDATE garage SET upgrades='$new_up' WHERE id='$car' AND owner='$username'"); mysql_query("UPDATE users SET money='$new_money' WHERE username='$username'"); echo "Car upgraded!"; }} } } ?> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_jumpMenu(targ,selObj,restore){ //v3.0 eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'"); if (restore) selObj.selectedIndex=0; } //--> </script> <body class="body"> <link rel="stylesheet" href="regstyle.css" type="text/css"> <form name="form2" method="post" action=""> <table width="67%" border="1" class="table" class="table" align="center" cellpadding="0" cellspacing="0"> <tr> <td class="header" colspan="2"><center>Part Shop</center></td> </tr> <tr> <td width="55%"><div align="center" class="forum">Car:</div></td> <td width="45%"> <select name="choose" id="choose" onChange="MM_jumpMenu('this',this,0)"> <option selected>Choose car</option> <?php $get=mysql_query("SELECT * FROM garage WHERE owner='$username'"); while($it=mysql_fetch_object($get)){ echo "<option value=?car=$it->id>$it->car, $it->damage%</option>"; } ?> </select> </td> </tr><?php if (strip_tags($_GET['car'])){ ?> <tr> <td><div align="center" class="forum">Tyres</div></td> <td width="45%"><div align="center" class="forum">Engine</div></td> </tr> <tr> <td><div align="center"> <input name="up1" type="submit" id="up1" value="Upgrade to level <?php echo "$next_1"; ?>"> </div></td> <td><div align="center"> <input name="up2" type="submit" id="up2" value="Upgrade to level <?php echo "$next_2"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">Interior</div></td> <td><div align="center" class="forum">Exhaust</div></td> </tr> <tr> <td><div align="center"> <input name="up3" type="submit" id="up3" value="Upgrade to level <?php echo "$next_3"; ?>"> </div></td> <td><div align="center"> <input name="up4" type="submit" id="up4" value="Upgrade to level <?php echo "$next_4"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">NOS</div></td> <td><div align="center" class="forum">Rims</div></td> </tr> <tr> <td><div align="center"> <input name="up5" type="submit" id="up5" value="Upgrade to level <?php echo "$next_5"; ?>"> </div></td> <td><div align="center"> <input name="up6" type="submit" id="up6" value="Upgrade to level <?php echo "$next_6"; ?>"> </div></td> </tr> <tr> <td><div align="center" class="forum">Brakes</div></td> <td><div align="center" class="forum">Body kit</div></td> </tr> <tr> <td><div align="center"> <input name="up7" type="submit" id="up7" value="Upgrade to level <?php echo "$next_7"; ?>"> </div></td> <td><div align="center"> <input name="up8" type="submit" id="up8" value="Upgrade to level <?php echo "$next_8"; ?>"> </div></td> </tr> <? } ?> </table> </form> <p align="center"> <?php include_once"includes/footer.php"; ?> Anyone know how I can make it so only allows you to upgrade your car to level 40? Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.