Jump to content

Recommended Posts

So i have this store which links to sql values and there is a admin control panel (php)where u can edit all ur listen items, categories etc..

 

The problem here is that i can only see this in-game and i want it to be displayed in browser aswell.. i see there is a note "// Keep people out except for those in-game!" but i tried to mess with it i can't do it.

How?

 

here's the store code.

<?php
# store
	if (!defined('KODEVS') || KODEVS != 1)
		die();

	include(CLASS_DIR . 'PaymentGateway.class.php');
	include(CLASS_DIR . 'ShoppingCart.class.php');

	define('ACCOUNT_TABLE', 'TB_USER');
	define('ACCOUNT', 'strAccountID');

	define('KNIGHT_CASH', 		'nKnightCash');
	define('CPD_ID', 		'mgid'); // mgid
	define('CPD_PW', 		'mgmc'); // mgmc
	define('CPD_CH', 		'strCharID');
	define('CPD_PM', 		'param');
	define('CPD_MI', 		'nMaxItems');
	define('CPD_SI',		'nServerID');

	class Page extends BasePage
	{
		private $m_currentTab = 0;
		private $m_categories = array();
		private $m_shoppingCart;
		private $m_settings = array();

		function doRun()
		{
			$db = $this->getADB();

			$isIPN = (isset($_POST['payment_status']) && @$_GET['act'] == 'recharge' && @$_GET['subact'] == 'ipn');

			// Keep people out except for those in-game!
			if (isset($_POST[CPD_ID]) && isset($_POST[CPD_PW]) && isset($_POST[CPD_PM]))
			{
				$params = explode(',', $_POST[CPD_PM]);
				if (sizeof($params) != 4)
				{
					header('Location: /');
					return;
				}

				$db->doQuery('SELECT strAccountID, strCharID, strClientIP, nServerNo FROM CURRENTUSER WHERE strAccountID = ? AND strClientIP = ?', $_POST[CPD_ID], $this->getRemoteIP());
				if ($db->hasError() || !$db->hasRows())
				{
					header('Location: /');
					return;
				}

				$row = $db->doRead();
				if (strcmp($_POST[CPD_ID], $row['strAccountID']) !== 0)
				{
					header('Location: /');
					return;
				}

				$_SESSION[CPD_ID] = $_POST[CPD_ID];
				$_SESSION[CPD_CH] = $row['strCharID'];
				$_SESSION[CPD_PW] = $_POST[CPD_PW];
				$_SESSION[CPD_PM] = $_POST[CPD_PM];
				$_SESSION[CPD_MI] = intval($params[2]);
				$_SESSION[CPD_SI] = $row['nServerNo'];
				$_SESSION['bStoreLoggedIn'] = true;

			}
			else if (!isset($_SESSION[CPD_ID]) && !$isIPN)
			{
				header('Location: /');
				return;
			}

			if (!$isIPN)
			{
				if ($_SESSION['bStoreLoggedIn'] == true)
				{
					$db->doQuery('SELECT nKnightCash, strAuthority FROM ' . ACCOUNT_TABLE . ' WHERE ' . ACCOUNT . ' = ?', $_SESSION[CPD_ID]);
					$row = $db->doRead();
					$_SESSION[KNIGHT_CASH] = $row[KNIGHT_CASH];
					$_SESSION['strAuthority'] = $row['strAuthority'];
				}

				$this->m_shoppingCart = new ShoppingCart();

				$defaultTab = $this->doLoadCategories();
				if (!isset($_SESSION['nStoreActiveTab']))
				{
					$this->m_currentTab = $defaultTab;
					$_SESSION['nStoreActiveTab'] = $defaultTab;
				}
				else
				{
					$this->m_currentTab = $_SESSION['nStoreActiveTab'];
				}
			}

			$this->doLoadSettings();

			$this->setTitle('PAGE_STORE_TITLE');
			Template::SetVar('SERVER-URL', $this->config['SITE']['HOST']);
			Template::SetVar('PAYPAL-ADDRESS', $this->m_settings['bPaypalSandbox'] == 0 ? $this->m_settings['szPaypalEmail'] : $this->m_settings['szPaypalSandboxEmail']);
			Template::SetVar('PAYPAL-SANDBOX', $this->m_settings['bPaypalSandbox'] == 0 ? NULL : '.sandbox');
			Template::SetVar('CURRENCY', $this->m_settings['szCurrency']);
			Template::SetVar('CURRENCY-SIGN', $this->m_settings['szCurrencySymbol']);
			Template::SetVar('error', NULL);
			Template::SetPage('pus-main');

			if (!$isIPN)
			{
				if (isset($_GET['tab']))
				{
					$tabID = intval($_GET['tab']);
					if (array_key_exists($tabID, $this->m_categories))
					{
						$this->m_currentTab = $tabID;
						$_SESSION['nStoreActiveTab'] = $tabID;
					}
				}

				if ($this->m_settings['bStoreEnabled'] == 0 && !$this->isAdministrator())
				{
					if (@$_GET['act'] == 'right')
						Template::SetPage('pus-right');

					$this->doError('PUS_CLOSED');
					return;
				}

			}
			else
			{
					$this->doHandlePaymentNotification();
				return;
			}

			switch (@$_GET['act'])
			{
				case 'buy':
				{
					$this->doShoppingCartBuy();
				} break;

				case 'recharge':
				{
					if (@$_GET['subact'] == 'ipn')
					{
						$this->doHandlePaymentNotification();
					}
					else
					{
						if (@$_GET['subact'] == 'success' && @$_GET['type'] == 'daopay')
						{
							$this->doHandlePaymentNotificationDaoPay();
						}
						else
						{
							$this->doHandleRecharge();
						}
					}
				} break;

				case 'purchases':
				{
					$this->doHandlePurchaseHistory();
				} break;

				case 'right':
				{
					Template::SetPage('pus-right');

					switch ($_GET['type'])
					{
						case 'cart':
						{
							$this->doHandleShoppingCart();
						} break;

						case 'detail':
						{
							$this->doShowSideDetails();
						} break;

						default:
						{
							$this->doHandleShoppingCart();
						}
					}
				} break;

				default:
				{
					$this->doShowCategory();
				}
 			}
			Template::SetVar('STORE_CATEGORIES', $this->doShowCategories());
			Template::SetVar('KNIGHT_CASH', number_format(intval(@$_SESSION[KNIGHT_CASH])));
		}

		function doLoadSettings()
		{
			$db = $this->getADB();
			$num_rows = $db->doQuery('SELECT szKey, szValue FROM STORE_SETTINGS');
			while ($row = $db->doRead())
				$this->m_settings[$row['szKey']] = $row['szValue'];
		}

		function doLoadCategories()
		{
			$db = $this->getADB();
			$num_rows = $db->doQuery('SELECT id, nPos, szName FROM STORE_CATEGORIES ORDER BY nPos ASC');

			$lPos = -1;
			$l = -1;
			while ($row = $db->doRead())
			{
				if ($lPos == -1 || $row['nPos'] < $lPos)
				{
					$l = $row['id'];
					$lPos = $row['nPos'];
				}

				$row['szTabImage'] = 'tab_blank.gif';
				$this->m_categories[$row['id']] = $row;
			}
			return $l;
		}

		function doShowCategories()
		{
			$cats = '';
			foreach ($this->m_categories as $tabID => $row)
			{
				$selectedTab = NULL;

				if ($this->m_currentTab == $tabID)
				{
					$ext = explode('.', $row['szTabImage']);
					$ext = '.' . $ext[sizeof($ext) - 1];
					$row['szTabImage'] = str_replace($ext, 'b' . $ext, $row['szTabImage']);
					$selectedTab = 'selected-tab';
				}

				$tabWidth = strlen($row['szName']) * 9;
				if ($tabWidth < 90) $tabWidth = 90;

				$cats .= Template::Load('pus-category-1', array('category_id' => $tabID, 'category_name' => $row['szName'], 'selected_tab' => $selectedTab, 'tab-width' => $tabWidth, 'category_image' => $row['szTabImage']));
			}

			return $cats;
		}


		private function doLog($error)
		{
			$fh = fopen('./cache/errors.txt', 'a');
			fwrite($fh, $error . "\r\n");
			fclose($fh);
		}

		function doHandlePaymentNotification()
		{
			$db = $this->getADB();

			$id = intval(@$_GET['txid']) == 0 ? intval(@$_POST['custom']) : intval(@$_GET['txid']);
			if ($id == 0)
				return;
			if (!isset($_POST['custom']))
				$_POST = $_GET;

			$db->doQuery
			('
				SELECT 
					id, strAccountID, nKCAmount, nPrice, strProvider 
				FROM 
					STORE_TRANSACTIONS 
				WHERE
					id = ?
				AND
					bStatus NOT IN(3, 252, 253, 254, 255)', $id);
			if ($db->hasError() || !$db->hasRows())
				return;

			$row = $db->doRead();

			$result = false;
			switch ($row['strProvider'])
			{
				case 'PayPal':
				{
					$result = $this->doHandleNotification_PP($row);
				} break;				

				case 'DaoPay':
				{
					$result = $this->doHandleNotification_DP($row);
				} break;			
			}

			if ($result)
			{
				$user_row = $row;
				$db->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' + ' . $user_row['nKCAmount'] . ' WHERE ' . ACCOUNT . ' = ?', $user_row['strAccountID']);
			}
		}

		function doHandleNotification_PP($row)
		{
			$db = $this->getADB();

			if (!isset($_POST['txn_id']))
				return false;

			$db->doQuery('SELECT strAccountID, txn_id, bStatus, nKCAmount FROM STORE_TRANSACTIONS WHERE txn_id = ? AND bStatus IN(252, 253, 254, 255)', $_POST['txn_id']);
			if ($db->hasError() || $db->hasRows())
				return false;

			$r = $db->doRead();

			$pIPN = new PayPal($this->m_settings['szPaypalEmail'], $this->getADB(), $this->m_settings['bPaypalSandbox']);
			$result = NULL;
			if (($result = $pIPN->doAuthenticate()) === false)
			{
				unset($pIPN);
				return false;
			}
			$pIPN->doDisconnect();

			if ($result == 'INVALID')
			{
				unset($pIPN);
				return false;
			}

			$validPrice = ($_POST['payment_gross'] == $row['nPrice']);
			$pIPN->doUpdateTable($validPrice);
			unset($pIPN);

			if ($result == 'VERIFIED' && $_POST['payment_status'] == 'Completed')
				return true;	
		//	else if ($result == 'VERIFIED' && $_POST['payment_status'] == 'Refunded')
		//		$db->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' - ? WHERE ' . ACCOUNT . ' = ?',  $r['nKCAmount'], $r['strAccountID']);

			return false;
		}

		function doHandleNotication_DP($row)
		{
			$db = $this->getADB();
			//if (!isset($_GET['some ID']))
			//	return false;

		
		}

		function doHandlePurchaseHistory()
		{
			$db = $this->getADB();
			$db->doQuery('SELECT TOP 64 id, purchaseTime, strClientIP, strAccountID, strCharID, strItems, strQuantities, nCost FROM STORE_PURCHASES WHERE strAccountID = ? ORDER BY id DESC', $_SESSION[CPD_ID]);
			$purchases = '';

			$i = 0;
			$purchaseRows = array();
			while ($row = $db->doRead())
				$purchaseRows[] = $row;

			$content = '';				
			foreach ($purchaseRows as $row)
			{
				$strPackages = explode(',', $row['strItems']);
				$strQuantities = explode(',', $row['strQuantities']);
				$content = '';
				$price = 0;
				$n = 0;

				foreach ($strPackages as $id)
				{
					$info = $this->getPackageInfo($id);
					if ($info == -1) continue;
					$quantity = $strQuantities[$n++];
					if (sizeof($info[1]) > 1) // multiple items
					{
						$items_tmp = '';
						foreach ($info[1] as $item)
						{
							$item = $this->getItemInfo($item);
							if ($item == -1) continue;

							$items_tmp .= Template::Load('pus-purchases-item-package-item', array
							(
								'ITEM-NAME'	=> $item['nQuantity'] . ' x ' . @$item['strName'] . (@$item['Countable'] == 1 ? '(' . $item['Duration'] . ')' : NULL),
								'ITEM-ICON'	=> $this->GetIconID($item['Num']),
								'ITEM-PRICE'	=> number_format($info[0]['nCost']),
							));
						}
						$price += $info[0]['nCost'];

						$content .= Template::Load('pus-purchases-item-package', array
						(
							'PACKAGE-QUANTITY'	=> $quantity,
							'PACKAGE-NAME'		=> @$info[0]['strName'],
							'PACKAGE-ID'		=> ($i + 1),
							'PACKAGE-ITEMS'		=> $items_tmp,
							'PACKAGE-PRICE'		=> number_format($info[0]['nCost'])
						));
					}
					else
					{
						$item = $this->getItemInfo($info[1][0]);
						$price += $info[0]['nCost'];
						$content .= Template::Load('pus-purchases-item-item', array
						(
							'ITEM-ICON'		=>	$this->GetIconID($item['Num']),
							'ITEM-QUANTITY'		=>	$quantity,
							'ITEM-NAME'		=>	@$info[0]['strName'],
							'ITEM-ID'		=>	($i + 1),
							'ITEM-PRICE'		=>	number_format($info[0]['nCost']),
						));
					}
					
				}

				$row['i'] = ($i += 4);
				$purchases .= Template::Load('pus-purchases-row', array_merge($row, array('content' => $content, 'price' => number_format($price))));	
			}

			$this->loadTPL('pus-purchases-main', array('purchases' => $purchases, 'total' => sizeof($purchaseRows)));
		}

		function doHandleRecharge()
		{
			$db = $this->getADB();

			switch (@$_GET['subact'])
			{
				case 'process':
				{
					$id = intval(@$_POST['item']);
					if ($id > 0)
					{
						$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS WHERE id = ?', $id);
						if ($db->hasError())
						{
							$this->doError('DB_ERROR');
							return;
						}
						else if (!$db->hasRows())
						{
							$this->doError('PUS_NO_KC_OPTIONS'); // Not quite but we'll live with hackers getting a bad message
							return;
						}
						$optionData = $db->doRead();
						if (@$_POST['paypal'] == 1) // gotta re-do this
						{
							$provider = 'PayPal';
						}	
						else
						{
							$this->doError('PUS_NO_KC_OPTIONS');
							return;
						}
				
						$db->doQuery('INSERT INTO STORE_TRANSACTIONS (strAccountID, strClientIP, strCharID, nKCPackage, nKCAmount, nPrice, strProvider, bStatus) VALUES (?, ?, ?, ?, ?, ?, ?, ?)', $_SESSION[CPD_ID], $this->getRemoteIP(), $_SESSION[CPD_CH], $id, $optionData['nKCAmount'], $optionData['nPrice'], $provider, TS_PREPURCHASE);
						if ($db->hasError())
						{
							$this->doError('DB_ERROR');
							return;
						}

						$num_rows = $db->doQuery('SELECT TOP 1 id FROM STORE_TRANSACTIONS WHERE strAccountID = ? ORDER BY id DESC', $_SESSION[CPD_ID]);
						$row = $db->doRead();
						if ($this->m_settings['bUseForumUsername'] == TRUE)
						{
							$this->loadTPL('pus-recharge-forum', array('id' => $row['id'], 'id2' => $id, 'provider' => $provider));
							return;
						}

						$optionData['transaction-id'] = $row['id'];
						$optionData['strName'] .= ' (non-refundable virtual item)';
						switch ($provider)
						{
							case 'PayPal':
								$this->loadTPL('pus-recharge-ppredirect', $optionData);
								break;
						}
						return;
					}
				} break;

				case 'forum':
				{
					$id = @$_POST['id'];
					$id2 = @$_POST['id2'];
					$provider = @$_POST['provider'];
					$forum_name = @$_POST['account'];

					if ($forum_name == NULL || $id == NULL || $id2 == NULL || $provider == NULL || $provider != 'PayPal') // limit it to paypal for now anyway 
					{
						$this->doError('DB_ERROR');
						return;
					}

					$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS WHERE id = ?', $id2);
					if ($db->hasError())
					{
						$this->doError('DB_ERROR');
						return;
					}
					else if (!$db->hasRows())
					{
						$this->doError('PUS_NO_KC_OPTIONS'); // Not quite but we'll live with hackers getting a bad message
						return;
					}
					$optionData = $db->doRead();

					$db->doQuery('SELECT TOP 1 id FROM STORE_TRANSACTIONS WHERE strAccountID = ? AND id = ?', $_SESSION[CPD_ID], $id);
					if ($db->hasError() || !$db->hasRows())
					{
						$this->doError('DB_ERROR');
						return;
					}
					$row = $db->doRead();
					$optionData['transaction-id'] = $row['id'];
					$optionData['strName'] .= ' (non-refundable virtual item)';
					$db->doQuery('UPDATE STORE_TRANSACTIONS SET forum_username = ? WHERE strAccountID = ? AND id = ?', $forum_name, $_SESSION[CPD_ID], $id);

					switch ($provider)
					{
						case 'PayPal':
							$this->loadTPL('pus-recharge-ppredirect', $optionData);
							break;
					}
					return;
				} break;

				case 'success':
				{
					$id = intval(@$_GET['id']);
					if ($id > 0)
					{
						if (isset($_SESSION[CPD_ID]) && isset($_POST['payment_status'])) // Cut to the chase before IPN!
							$this->doHandlePaymentNotification();

						$db->doQuery('SELECT id, bStatus FROM STORE_TRANSACTIONS WHERE id = ? AND strAccountID = ?', $id, $_SESSION[CPD_ID]);
						if ($db->hasError())
						{
							$this->doError('DB_ERROR');
							return;
						}
						else if ($db->hasRows())
						{
							$row = $db->doRead();
							if ($row['bStatus'] == 3)
								$this->doError('PUS_PAYMENT_COMPLETED', NULL);
							else
								$this->doError('PUS_PAYMENT_BEING_PROCESSED', NULL);
							return;

						}
					}
				} break;

				case 'cancel':
				{
					$id = intval(@$_GET['id']);
					if ($id > 0)
					{
						$db->doQuery('SELECT id FROM STORE_TRANSACTIONS WHERE id = ? AND strAccountID = ? AND bStatus <> 3', $id, $_SESSION[CPD_ID]);
						if ($db->hasError())
						{
							$this->doError('DB_ERROR');
							return;
						}
						else if ($db->hasRows())
						{
							$db->doQuery('DELETE FROM STORE_TRANSACTIONS WHERE id = ?', $id);
						}
					}
				} break;
			}

			$transactions = $this->doLoadRecentTransactions();

			$db->doQuery('SELECT id, strName, nKCAmount, nPrice FROM STORE_KC_OPTIONS ORDER BY nKCAmount DESC');
			if ($db->hasError())
			{
				$this->doError('DB_ERROR');
				return;
			}
			else if (!$db->hasRows())
			{
				$this->doError('PUS_NO_KC_OPTIONS');
				return;
			}
			$content = '';
			while ($row = $db->doRead())
			{
				$row['nPrice'] = number_format($row['nPrice'], 2);
				$content .= Template::Load('pus-recharge-option', $row);
			}
			$this->loadTPL('pus-recharge-main', array('transactions' => $transactions, 'options' => $content));
		}

		function doLoadRecentTransactions()
		{
			$db = $this->getADB();
			$db->doQuery('SELECT TOP 18 dDate, strName, STORE_KC_OPTIONS.nPrice, strProvider, bStatus, payment_processed, payment_status, txn_id, payer_email, pending_reason, payment_type FROM STORE_TRANSACTIONS INNER JOIN STORE_KC_OPTIONS ON nKCPackage = STORE_KC_OPTIONS.id WHERE strAccountID = ? AND payment_status IS NOT NULL ORDER BY STORE_TRANSACTIONS.id DESC', $_SESSION[CPD_ID]);
			if ($db->hasError() || !$db->hasRows())
				return NULL;

			$transactions = '';
			while ($row = $db->doRead())
			{
				$date = explode(' ', $row['dDate']);
				$row['dDate'] = $date[0];

				$date = explode(' ', $row['payment_processed']);
				if (sizeof($date) > 1) $row['payment_processed'] = $date[0];
				if ($row['payment_status'] != 'Completed') $row['payment_processed'] = 'N/A';
				$transactions .= Template::Load('pus-transactions-row', $row);
			}

			return Template::Load('pus-transactions-table', array('transactions' => $transactions));
		}

		function doShowCategory()
		{
			$db = $this->getADB();
			$gdb = $this->getGDB();
			$num_rows = $db->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nSpecialType, nQuantity, nValue, nMaxQty, (SELECT COUNT(*) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id) as nPackageItems FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE nCategory = ? ORDER BY nCost DESC', $this->m_currentTab);
			if ($db->hasError())
			{
				$this->doError('DB_ERROR');
				return;
			}
			else if (!$db->hasRows())
			{
				$this->doError('PUS_NO_ITEMS');
				return;
			}

			$data = array();
			$itemCount = $num_rows;
			$pageCount = ceil($num_rows / 9);

			$page = intval(@$_GET['p']) == 0 ? 1 : (intval($_GET['p']) > $pageCount ? 1 : intval($_GET['p']));
			$pageStart = ((9 * $page) - 9);
			if ($pageStart > $itemCount)
				$pageStart = 0;

			$rows = array();
			while ($row = $db->doRead()) 
				$rows[] = $row;	

			$itemCount = sizeof($rows) - $pageStart;

			$pages = '';
			for ($i = 1; $i <= $pageCount; $i++)
			{
				if ($i == $page) $pages .= Template::Load('pus-pageno-link-none', array('id' => $i));
				else $pages .= Template::Load('pus-pageno-link', array('id' => $i));
			}
	
			Template::SetVar('page-no', $pages); // $page . ' / ' . $pageCount

			$n = 0;
			for ($i = $pageStart; $i < ($pageStart + 10); $i++)
			{
				$id = 'store-item-' . $n;
				if (($n+1) > $itemCount)
				{
					$data[$id] = NULL;
					$n++;
					continue;
				}

				$row = $rows[$i];
				if ($row['nSpecialType'] == 0)
				{
					$gdb->doQuery('SELECT Num, strName, Countable, Duration FROM ITEM WHERE Num = ?', $row['nValue']);
					if ($gdb->hasError())
					{
						$this->doError('DB_ERROR');
						return;
					}
					else if (!$gdb->hasRows())
					{
						$itemCount--;
						continue;

						$row['Num'] = $row['nValue'];
						$row['strName'] = $row['szPackageName'];
						$row['Num'] = $row['nValue'];
					}
					else
					{
						$row2 = $gdb->doRead();
						$row['Num'] = $row2['Num'];
						$row['strName'] = $row['szPackageName'] != ' '  ? $row['szPackageName'] : @$row2['strName'];
						$row['Num'] = $row2['Num'];
						if ($row2['Countable'] == 1)
						{
							$row['nQuantity'] = $row2['Duration'];
						}
					}
				}
				else if ($row['nSpecialType'] == 3) // Premium
				{
					$row['Num'] = $row['nListedItemID'];
					$row['strName'] = $row['szPackageName'];
					$row['Num'] = $row['nValue'];
				}
				else
				{
					$itemCount--;
					continue;
				}

				$data[$id] = Template::Load('pus-item', 
					array
					(
						'ITEM-ID'	=> $row['id'],
						'ITEM-NAME'	=> @$row['strName'],
						'ITEM-TYPE'	=> $this->getSpecialType($row['nSpecialType']),
						'ITEM-PRICE'	=> number_format(intval($row['nCost'])),
						'ITEM-QTY'	=> ($row['nPackageItems'] > 1 ? 1 : number_format($row['nQuantity'])),
						'ITEM-MAXQTY'	=> $row['nMaxQty'],
						'ITEM-ICON'	=> $this->GetIconID($row['Num'])
					)
				);
				$n++;
			}

			if ($itemCount == 0)
			{
				$this->doError('PUS_NO_ITEMS');
				return;
			}


			$this->loadTPL('pus-item-category', $data);
		}

		function doShowSideDetails()
		{
			$adb = $this->getADB();
			$gdb = $this->getGDB();
			$id = intval($_GET['id']);
			if ($id == 0)
			{
				$this->doError('PUS_ITEM_NOT_FOUND');
				return;
			}

			$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, szPackageDescription, szItemDuration, nStoreItemID, nCost, nSpecialType, nMaxQty, nQuantity, nValue FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
			if ($adb->hasError())
			{
				$this->doError('DB_ERROR');
				return;
			}
			else if (!$adb->hasRows())
			{
				$this->doShowSidePopular();
				return;
			}
			$row = $adb->doRead();
			$package = $row;

			$adb->doQuery('SELECT id, nListedItemID, nSpecialType, nQuantity, nValue, nPremiumDays FROM STORE_ITEM_DATA WHERE nListedItemID = ?', $id);
			if ($adb->hasError())
			{
				$this->doError('DB_ERROR');
				return;
			}
			else if (!$adb->hasRows())
			{
				$this->doError('PUS_INVALID_PACKAGE');
				return;
			}

			$items = array();
			while ($row = $adb->doRead())
				$items[] = $row;

			if ($package['nSpecialType'] == 0)
			{
				$gdb->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $package['nValue']);
				if ($gdb->hasError())
				{
					$this->doError('DB_ERROR');
					return;
				}
				else if (!$gdb->hasRows())
				{
					$this->doError('PUS_ITEM_NOT_FOUND');
					return;
				}
				$row = $gdb->doRead();
				$package = array_merge($package, $row);
				$package['strName'] = ($package['szPackageName'] != ' ' ? $package['szPackageName'] : @$package['strName']);
			}
			else
			{
				$package['Num'] = $package['nValue'];
				$package['strName'] = $package['szPackageName'];
				$package['Num'] = $package['nValue'];
			}

			$this->loadTPL('pus-right-item', 
			array
			(
				'item-id'	=> @$package['Num'],
				'item-name'	=> @$package['strName'],
				'item-price'	=> number_format(intval($package['nCost'])),
				'item-qty'	=> @$package['Countable'] == 1 ? number_format($package['Duration']) : $package['nQuantity'],
				'item-duration' => $package['szItemDuration'] == ' ' ? 'N/A' : $package['szItemDuration'],
				'item-description' => $package['szPackageDescription'] == ' ' ? 'N/A' : $package['szPackageDescription'],
				'item-icon'	=> $this->GetIconID($package['Num'])

			));
		}

		function doShowSidePopular()
		{
			$this->loadTPL('pus-right-popular');
		}

		function doHandleShoppingCart()
		{
			switch (@$_GET['subact'])
			{
				case 'add':
				{
					$this->doShoppingCartAdd();
				} break;				

				case 'del':
				{
					$this->doShoppingCartDel();
				} break;

				default:
				{
					$this->doShoppingCartView();
				}
			}
		}

		function doShoppingCartView()
		{
			$content = '';
			for ($i = 0; $i < $this->m_shoppingCart->getCount(); $i++)
			{
				$info = $this->getPackageInfo($this->m_shoppingCart->getItemID($i));
				if ($info == -1) continue;

				if (sizeof($info[1]) > 1) // multiple items
				{
					$items_tmp = '';
					foreach ($info[1] as $item)
					{
						$item = $this->getItemInfo($item);
						if ($item == -1) continue;

						$items_tmp .= Template::Load('pus-cart-item-package-item', array
						(
							'ITEM-NAME'	=> $item['nQuantity'] . ' x ' . @$item['strName'] . (@$item['Countable'] == 1 ? '(' . $item['Duration'] . ')' : NULL),
							'ITEM-ICON'	=> $this->GetIconID($item['Num']),
							'ITEM-PRICE'	=> number_format($this->m_shoppingCart->getItemPrice($i)),
						));
					}

					$content .= Template::Load('pus-cart-item-package', array
					(
						'PACKAGE-QUANTITY'	=> $this->m_shoppingCart->getItemQuantity($i),
						'PACKAGE-NAME'		=> @$info[0]['strName'],
						'PACKAGE-ID'		=> ($i + 1),
						'PACKAGE-ITEMS'		=> $items_tmp,
						'PACKAGE-PRICE'		=> number_format($this->m_shoppingCart->getItemPrice($i))
					));
				}
				else
				{
					$item = $this->getItemInfo($info[1][0]);
					$content .= Template::Load('pus-cart-item-item', array
					(
						'ITEM-ICON'		=>	$this->GetIconID($item['Num']),
						'ITEM-QUANTITY'		=>	$this->m_shoppingCart->getItemQuantity($i),
						'ITEM-NAME'		=>	@$info[0]['strName'],
						'ITEM-ID'		=>	($i + 1),
						'ITEM-PRICE'		=>	number_format($this->m_shoppingCart->getItemPrice($i)),
					));
				}
			}

			if ($this->m_shoppingCart->getCount() > 0)
				$content .= Template::Load('pus-cart-footer', array
				(
					'CART-TOTAL'	=> number_format($this->m_shoppingCart->getTotalCost()),
					'KNIGHT-CASH'	=> number_format(intval(@$_SESSION[KNIGHT_CASH])),
					'CART-AFTERKC'	=> number_format($_SESSION[KNIGHT_CASH] - $this->m_shoppingCart->getTotalCost()),
				));
			else
				$content .= Template::Load('pus-cart-footer-none');				

			$this->loadTPL('pus-cart-main', array
			(
				'ITEM-COUNT'	=> $this->m_shoppingCart->getTotalItems(),
				'SLOTS-FREE'	=> $_SESSION[CPD_MI],
				'CART-CONTENT'	=> $content

			));
		}

		function getPackageInfo($id)
		{
			$adb = $this->getADB();
			$gdb = $this->getGDB();

			$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nSpecialType, nQuantity, nValue, (SELECT SUM(nQuantity) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id AND nSpecialType = 0) as nTotalItems FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
			if ($adb->hasError() || !$adb->hasRows())
			{
				$this->doError('DB_ERROR');
				return -1;
			}
			$row = $adb->doRead();
			$package = $row;

			$adb->doQuery('SELECT id, nListedItemID, nSpecialType, nQuantity, nValue, nPremiumDays FROM STORE_ITEM_DATA WHERE nListedItemID = ?', $id);
			if ($adb->hasError())
			{
				$this->doError('DB_ERROR');
				return;
			}
			else if (!$adb->hasRows())
			{
				$this->doError('PUS_INVALID_PACKAGE');
				return;
			}

			$items = array();
			while ($row = $adb->doRead())
				$items[] = $row;

			if ($package['nSpecialType'] == 0)
			{
				$gdb->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $package['nValue']);
				if ($gdb->hasError())
				{
					$this->doError('DB_ERROR');
					return;
				}
				else if (!$gdb->hasRows())
				{
					$this->doError('PUS_INVALID_PACKAGE');
					return;
				}
				$row = $gdb->doRead();
				$package = array_merge($package, $row);
				$package['strName'] = ($package['szPackageName'] != ' ' ? $package['szPackageName'] : @$package['strName']);
			}
			else
			{
				$package['Num'] = $package['nValue'];
				$package['strName'] = $package['szPackageName'];
				$package['Num'] = $package['nValue'];
			}

			return array($package, $items);
		}

		function getItemInfo($row)
		{
			$db = $this->getGDB();
			$nSpecialType = $row['nSpecialType'];			

			if ($nSpecialType == 0)
			{
				$db->doQuery('SELECT Num, strName, Duration, Countable FROM ITEM WHERE Num = ?', $row['nValue']);
				if ($db->hasError())
				{
					$this->doError('DB_ERROR');
					return -1;
				}
				else if ($db->hasRows())
				{
					$newRow = $db->doRead();
					return array_merge($newRow, $row);
				}
			}
			else if ($nSpecialType == 3)
			{

				return array('strName' => $row['nPremiumDays'] . Template::GetLangVar('PUS_DAYS_OF_PREMIUM_SERVICE'), 'Num' => $row['nValue'], 'Num' => $row['nValue']);
			} 

			return -1;
		}

		function GetIconID($id)
		{
			if ($id == '0')
				$id = str_pad($id, 8, '0');

			$result = @substr($id, 0, 1) . '_' . @substr($id, 1, 4) . '_' . @substr($id, 5, 2) . '_' . @substr($id, 7, 1);
			$test = './themes/default/images/itemicons/itemicon_' . $result . '.jpg';
			if (file_exists($test))
				return $result;

			return $this->GetIconID('0');
		}
	

		function doShoppingCartAdd()
		{
			$adb = $this->getADB();
			$gdb = $this->getGDB();

			$id = intval(@$_GET['id']);
			$qty = intval(@$_GET['qty']) == 0 ? 1 : $_GET['qty'];

			if ($id == 0)
			{
				Template::SetVar('error', Template::GetLangVar('PUS_ITEM_NOT_FOUND'));
			}
			else
			{
				$adb->doQuery('SELECT STORE_LISTED_ITEMS.id, nListedItemID, szPackageName, nStoreItemID, nCost, nValue, nQuantity, nMaxQty, nPremiumDays, (SELECT COUNT(*) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id) as nPackageItems, (SELECT SUM(nQuantity) FROM STORE_ITEM_DATA WHERE nListedItemID = STORE_LISTED_ITEMS.id AND nSpecialType = 0) as nTotalQuantity, nSpecialType FROM STORE_LISTED_ITEMS INNER JOIN STORE_ITEM_DATA ON nStoreItemID = STORE_ITEM_DATA.id WHERE STORE_LISTED_ITEMS.id = ?', $id);
				if ($adb->hasError())
				{
					$this->doError('DB_ERROR');
					return;
				}
				else if (!$adb->hasRows())
				{
					Template::SetVar('error', Template::GetLangVar('PUS_ITEM_NOT_FOUND'));
					return;
				}

				$row = $adb->doRead();

				$nQuantity = $row['nQuantity']; 
				$bStackable = false;
				$nStack = 1;
				if ($row['nSpecialType'] == 0)
				{
					$gdb->doQuery('SELECT Countable, Duration FROM ITEM WHERE Num = ?', $row['nValue']);
					if ($gdb->hasError())
					{
						$this->doError('DB_ERROR');
						return;
					}
					$row2 = $gdb->doRead();
					if ($row2['Countable'] == 1)
					{
						$bStackable = true;
						$nStack = $row2['Duration'];
					}
				}

				$total_items = $this->m_shoppingCart->getTotalItems();
				$nPackageItems = $row['nPackageItems'];
				$nAvailableSlots = $_SESSION[CPD_MI];
				$overboard = false;

				if (($total_items + ($nPackageItems * $qty)) > $nAvailableSlots)
					$overboard = true;

				if ($nPackageItems == 1 && $row['nSpecialType'] == 3) // exception to the rule
					$overboard = false;
			
				if ($overboard == true)
				{
					Template::SetVar('error', Template::GetLangVar('PUS_ADD_MORE_THAN_AVAILABLE'));
				}
				else
				{
					$nMaxQty = $row['nMaxQty'];
					$item = $this->m_shoppingCart->findItem($id);
					$curQty = ($item != -1 ? $this->m_shoppingCart->getItemQuantity($item) : 0);
					if (($qty + $curQty) > $nMaxQty)
						Template::SetVar('error', Template::GetLangVar('PUS_ADD_TOO_MANY', array('arg0' => $nMaxQty)));
					else if (($this->m_shoppingCart->getTotalCost() + ($row['nCost'] * $qty)) > $_SESSION[KNIGHT_CASH] && $qty > 1)
					{
						$oldQty = $qty;
						$qty = floor(($_SESSION[KNIGHT_CASH] - $this->m_shoppingCart->getTotalCost()) / $row['nCost']);
						if ($qty > 0)
						{
							Template::SetVar('error', Template::GetLangVar('PUS_ADD_TOO_MANY_SUBSTITUTE', array('arg0' => $oldQty, 'arg1' => $qty)));
							$this->m_shoppingCart->addItem($row['nListedItemID'], $row['nCost'], $this->getSpecialType($row['nSpecialType']), $row['nPackageItems'], $qty, $row['nTotalQuantity'], $bStackable, $nStack);
						}
						else
						{
							Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC'));
						}
					}
					else if ($qty == 0 || ($this->m_shoppingCart->getTotalCost() + ($row['nCost'] * $qty)) > $_SESSION[KNIGHT_CASH])
					{
						if ($this->m_shoppingCart->getTotalCost() > 0)
							Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC_CART'));
						else
							Template::SetVar('error', Template::GetLangVar('PUS_NEED_KC'));
					}
					else
					{
						$this->m_shoppingCart->addItem($row['nListedItemID'], $row['nCost'], $this->getSpecialType($row['nSpecialType']), $row['nPackageItems'], $qty, $row['nTotalQuantity'], $bStackable, $nStack);
					}
				}
			}
			$this->doShoppingCartView();
		}

		function doShoppingCartDel()
		{
			$id = intval(@$_GET['id']) - 1;
			$qty = intval(@$_GET['qty']) == 0 ? 1 : @$_GET['qty'];
			$item = $this->m_shoppingCart->getItemID($id);
			if ($id < 0 || $item == -1)
			{
				$this->doError('PUS_ITEM_NOT_FOUND');
				return;
			}
			$this->m_shoppingCart->delItem($id, $qty);
			$this->doShoppingCartView();
		}

		function doShoppingCartBuy()
		{
			$adb = $this->getADB();
			$gdb = $this->getGDB();

			if ($this->m_shoppingCart->getCount() == 0)	
			{
				$this->doError('PUS_BUY_NO_ITEMS');
				return;
			}
			else if ($_SESSION[KNIGHT_CASH] < $this->m_shoppingCart->getTotalCost())
			{
				$this->doError('PUS_BUY_NEED_KC');
				return;
			}

			$cart = $this->m_shoppingCart;
			$packages = '';
			$quantities = '';
			for ($i = 0; $i < $this->m_shoppingCart->getCount(); $i++)
			{
				$pInfo = $this->getPackageInfo($cart->getItemID($i));
				if ($pInfo == -1) continue;
				$packages .= $pInfo[0]['id'] . ',';
				$quantity = $this->m_shoppingCart->getItemQuantity($i);
				$quantities .= $quantity . ',';
				for ($n = 0; $n < $quantity; $n++)
				{
					foreach ($pInfo[1] as $info)
					{
						if ($this->getSpecialTypeToChar($info['nSpecialType']) == 'P')
						{
							if ($this->m_settings['nPremiumType'] == 0)
							{
								$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumExpire = (PremiumExpire + ' . intval($info['nPremiumDays']) . ') WHERE ' . ACCOUNT . ' = ? AND PremiumExpire IS NOT NULL AND DateDiff(dd, GetDate(), PremiumExpire) > 0 ', $_SESSION[CPD_ID]);
								$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumExpire = (GetDate() + ' . intval($info['nPremiumDays']) . ') WHERE ' . ACCOUNT . ' = ? AND (PremiumExpire IS NULL OR DateDiff(dd, GetDate(), PremiumExpire) <= 0)', $_SESSION[CPD_ID]);
							}
							else if ($this->m_settings['nPremiumType'] == 1)
							{
								$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET PremiumType = 1, PremiumDays = ? WHERE ' . ACCOUNT . ' = ?', $cart->GetItemPDays($i), $_SESSION[CPD_ID]);
							}
							else if ($this->m_settings['nPremiumType'] == 2)
							{
								$adb->doQuery('SELECT strAccountID FROM PREMIUM_SERVICE WHERE strAccountID = ?', $_SESSION[CPD_ID]);
								if ($adb->hasError())
								{
									continue;
								}
								else if (!$adb->hasRows())
								{
									$adb->doQuery('INSERT INTO PREMIUM_SERVICE (strAccountID, strType, nDays) VALUES (?, ?, ?)', $_SESSION[CPD_ID], 1, $cart->GetItemPDays($i));
								}
								else
								{
									$adb->doQuery('UPDATE PREMIUM_SERVICE SET strType = 1, nDays = nDays + ? WHERE strAccountID = ?', $cart->GetItemPDays($i), $_SESSION[CPD_ID]);
								}
							}
						}
						else
						{
							for ($x = 0; $x < $info['nQuantity']; $x++)
							{
								$gdb->doQuery('INSERT INTO WEB_ITEMMALL 
										(strAccountID, strCharID, ServerNo, ItemID, ItemCount, BuyTime, img_file_name, strItemName, price, pay_type)
										VALUES(?, ?, ?, ?, ?, GetDate(), ?, ?, ?, ?)', $_SESSION[CPD_ID], $_SESSION[CPD_CH], intval($_SESSION[CPD_SI]), $info['nValue'], $cart->getItemQuantity($i), 'na', 'na', $cart->getItemPrice($i), 0);
								if ($gdb->hasError())
								{
									$this->doError('DB_ERROR');
									return;
								}
								$gdb->doQuery('INSERT INTO WEB_ITEMMALL_LOG 
										(strAccountID, strCharID, ServerNo, ItemID, ItemCount, BuyTime, img_file_name, strItemName, price, pay_type)
										VALUES(?, ?, ?, ?, ?, GetDate(), ?, ?, ?, ?)', $_SESSION[CPD_ID], $_SESSION[CPD_CH], intval($_SESSION[CPD_SI]), $info['nValue'], $cart->getItemQuantity($i), 'na', 'na', $cart->getItemPrice($i), 0);
							}
						}
					}
				}
			}

			$packages = substr($packages, 0, strlen($packages) - 1);
			$quantities = substr($quantities, 0, strlen($quantities) - 1);
			$adb->doQuery('INSERT INTO STORE_PURCHASES (purchaseTime, strClientIP, strAccountID, strCharID, strItems, strQuantities, nCost) VALUES (GetDate(), ?, ?, ?, ?, ?, ?)', $this->getRemoteIP(), $_SESSION[CPD_ID], $_SESSION[CPD_CH], $packages, $quantities, $cart->getTotalCost());
			
			$_SESSION[CPD_MI] -= $cart->getTotalItems();
			if ($_SESSION[CPD_MI] < 0)
				$_SESSION[CPD_MI] = 0;

			$_SESSION[KNIGHT_CASH] -= $cart->getTotalCost();
			$adb->doQuery('UPDATE ' . ACCOUNT_TABLE . ' SET ' . KNIGHT_CASH . ' = ' . KNIGHT_CASH . ' - ? WHERE ' . ACCOUNT . ' = ?', $cart->getTotalCost(), $_SESSION[CPD_ID]);
			$cart->emptyCart();
			$this->doError('PUS_BUY_SUCCESS', NULL);
		}

		function getSpecialType($nSpecialType)
		{
			return $this->getSpecialTypeToChar($nSpecialType);
		}

		function doError($error, $title = 'ERROR')
		{
			$this->loadTPL('pus-right-error', array('errmsg' => Template::GetLangVar($error), 'errtitle' => $title));
		}

		function getSpecialTypeToChar($type)
		{
			switch ($type)
			{
				case 3: // Premium
					return 'P';
				break;
				default: // Item
					return 'I';
				break;
			}
		}

	}
	
?>
Edited by iChaos
Link to comment
https://forums.phpfreaks.com/topic/285342-store-php/
Share on other sites

You really expect somebody to volunteer to read thru 200+ lines of your code of which we know nothing and try to 1) figure out what it's supposed to do and 2) what it is you want it to do when 3) you don't even know?

 

Usually when people ask for help on a forum they have done their homework and tried to isolate a small are where the problem may be and then clearly stated what is is doing wrong.  Can you do that?

Link to comment
https://forums.phpfreaks.com/topic/285342-store-php/#findComment-1465188
Share on other sites

It shows the store in game press the store button and everything is fine.

It just doesn't open on browser.. So the page should be http://blablabla/?page=store  !  what happens is it redirects you to homepage and store doesn't show.

class Page extends BasePage
	{
		private $m_currentTab = 0;
		private $m_categories = array();
		private $m_shoppingCart;
		private $m_settings = array();

		function doRun()
		{
			$db = $this->getADB();

			$isIPN = (isset($_POST['payment_status']) && @$_GET['act'] == 'recharge' && @$_GET['subact'] == 'ipn');

			// Keep people out except for those in-game!
			if (isset($_POST[CPD_ID]) && isset($_POST[CPD_PW]) && isset($_POST[CPD_PM]))
			{
				$params = explode(',', $_POST[CPD_PM]);
				if (sizeof($params) != 4)
				{
					header('Location: /');
					return;
				}
Link to comment
https://forums.phpfreaks.com/topic/285342-store-php/#findComment-1465197
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.