<?php
/////////////////////////////Auction wrote by scribzy
/////////////////////////////1thiefy@gmail.com
include("head.php");
////////////////////////////////////////MAIN PAGE
if($action=="main")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Auction<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$name = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
echo "<b>Welcome $name[0] To Wapirate Auction!</b><br/>";
echo "<img src=\"/images$folder/auction.gif\" alt=\"*\"/><br/>";
echo "<br/>";
echo "Your Current gold is: <b>$name[1]</b><br/>";
echo "</p>";
echo "<p align=\"left\">";
echo "<a href=\"auction.php?action=auction\">»Auction</a><br/>";
echo "<a href=\"auction.php?action=sell\">»Sell Goods</a><br/>";
echo "<a href=\"auction.php?action=rules\">»Rules</a><br/>";
echo "<a href=\"auction.php?action=sold\">»Best Auction Sellers!</a><br/>";
echo "<a href=\"auction.php?action=bought\">»Best Auction Buyers!</a><br/><br/>";
$pix = mysql_fetch_array(mysql_query("SELECT auctionpic FROM ibwf_users WHERE id='".$uid."'"));
if($pix[0]==0){
echo "<a href=\"auction.php?action=picon\">» Auction Images ON! «</a><br/>";
}else{
echo "<a href=\"auction.php?action=picoff\">» Auction Images OFF! «</a><br/>";
if(isstatus10(getuid_sid($sid))){
echo "</p>";
echo "<center>";
echo "<form action=\"auction.php?action=multidelete\" method=\"post\">";
echo "DELETE OLD AUCTION SELLS BELOW ITEM NUMBER:<br/>";
echo "Item Number: <input name=\"item\"/><br/>";
echo "<input type=\"submit\" value=\"DELETE\"/>";
echo "</form><br/><br/>";
echo "</center>";
echo "<p align=\"center\">";
}
}
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////Auction
else if($action=="auction")
{
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Auction<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "</p>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM scibz_auction"));
}else{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM scibz_auction WHERE adult='0'"));
}
if($page=="" || $page<=0)$page=1;
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($age>17){
$sql = "SELECT id, title, date, bid, who, item, dsc, pic, uid, off, min FROM scibz_auction ORDER BY id DESC LIMIT $limit_start, $items_per_page";
}else{
$sql = "SELECT id, title, date, bid, who, item, dsc, pic, uid, off, min FROM scibz_auction WHERE adult='0' ORDER BY id DESC LIMIT $limit_start, $items_per_page";
}
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$wnick = getnick_uid($item[8]);
$bnick = getnick_uid($item[4]);
$til = "<b>$item[1]</b><br/>";
$pix = mysql_fetch_array(mysql_query("SELECT auctionpic FROM ibwf_users WHERE id='".$uid."'"));
if($pix[0]==0){
if($item[7]==""){
$pic = "";
}else{
if($item[9]==1){
$pic = "<a href=\"auction.php?action=pic&aid=$item[0]&view=$view\">Preview!</a><br/>";
}else{
$pic = "";
}
}
}else{
if($item[7]==""){
$pic = "";
}else{
if($item[9]==1){
$pic = "<a href=\"auction.php?action=pic&aid=$item[0]&view=$view\"><img src=\"$item[7]\" alt=\"$wnick\" height=\"50\" length=\"50\"/></a><br/>";
}else{
$pic = "<img src=\"$item[7]\" alt=\"$wnick\" height=\"50\" length=\"50\"/><br/>";
}
}
}
if($item[10]==0){
$min = "";
}else{
$min = "Min Bid: $item[10]";
}
$dsc = parsepm($item[6],$sid);
$des = "<small>$dsc</small><br/>";
$lnk = "<small>Seller: </small><a href=\"index.php?action=viewuser&who=$item[8]\">$wnick</a> $min<br/>";
$secs = $item[2] - time();
$mins = round($secs / 60);
$hours = round($mins / 60);
$days = round($hours / 24);
if($days>0){
$left = "Time left: $days Days";
}else if($days<1&&$hours>0){
$left = "Time left: $hours Hours";
}else if($hours<1&&$mins>0){
$left = "Time left: $mins Mins";
}else if($mins<1&&$secs>0){
$left = "Time left: $secs Secs";
}else if($secs<1&&$item[3]>0){
$left = "<b>SOLD</b>";
}else if($secs<1&&$item[3]==""){
$left = "<b>Non Bought Item!</b>";
}
if($item[3]=="")
{
$hig = "No Bids<br/>$left<br/>";
}else{
$hig = "Highest Bid: $item[3] Gold ... By: <a href=\"index.php?action=viewuser&who=$item[4]\">$bnick</a><br/>$left<br/>";
}
if($secs>0){
if($item[8]==$uid)
{
$bid = "";
}else{
$bid = "<a href=\"auction.php?action=bid&aid=$item[0]\">[BID]</a>";
}
}
if(isstatus8(getuid_sid($sid)))
{
$edi = "<a href=\"auction.php?action=aedit&aid=$item[0]\">[EDIT]</a>";
}else if($days>3){
if($item[8]==$uid)
{
$edi = "<a href=\"auction.php?action=edit&aid=$item[0]\">[EDIT]</a>";
}else{
$edi ="";
}
}else{
$edi ="";
}
if(isstatus8(getuid_sid($sid)))
{
$del = "<a href=\"auction.php?action=del&aid=$item[0]\">[X]</a>";
}else{
$del = "";
}
if($secs<1&&$item[4]==$uid||$uid==$item[8]||isstatus8(getuid_sid($sid)))
{
$dnl = "<a href=\"auction.php?action=get&aid=$item[0]\">Download!</a> $del<br/>";
}else{
$dnl ="";
}
echo "$til $pic $des $lnk $hig $bid $edi $dnl $ami<br/><br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=auction&page=$ppage&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=auction&page=$npage&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////sell
else if($action=="sell")
{
addvisitor();
addonline(getuid_sid($sid),"Selling Auction Item","");
echo "<div><br/>Sell Goods<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "<a href=\"auction.php?action=selladd\">Upload Item</a><br/>";
echo "</p>";
echo "<form action=\"auction.php?action=sell2\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[SELL]\"/>";
echo "</form><br/><br/>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////sell proceed
else if($action=="sell2")
{
addvisitor();
addonline(getuid_sid($sid),"Selling Auction Item","");
echo "<div><br/>Sell Goods<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$title = $_POST["title"];
$pic = $_POST["pic"];
$off = $_POST["off"];
$dsc = $_POST["dsc"];
$item = $_POST["item"];
$min = $_POST["min"];
$adult = $_POST["adult"];
$time = time() + 7*24*60*60;
if($adult==""){
$adult==0;
}
if($title=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Title";
}else if($dsc==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Description";
}else if($item==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Item";
}else{
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='".$adult."', date='".$time."'");
}else{
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='0', date='".$time."'");
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Item added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding an item";
}
echo "<br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////Bid
else if($action=="bid")
{
addvisitor();
addonline(getuid_sid($sid),"Bidding In Auction","");
echo "<div><br/>Bid<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
$plussid = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
$auc = mysql_fetch_array(mysql_query("SELECT title, bid, date, min FROM scibz_auction WHERE id='".$aid."'"));
$secs = $auc[2] - time();
if($secs>0)
{
echo "<b>Make A Bid</b><br/><br/>";
if($auc[3]==""){
echo "";
}else{
echo "Minimum Bid: $auc[3]<br/>";
}
echo "<b>$auc[0]</b><br/><br/>";
echo "Your Have $plussid[1] Gold To Bid!<br/><br/>";
echo "</p><form action=\"auction.php?action=bid2&aid=$aid\" method=\"post\">";
echo "Name: <input name=\"gold\" maxlength=\"4\"/><br/>";
echo "<input type=\"submit\" value=\"[BID]\"/>";
echo "</form><br/>";
echo "<p align=\"center\">";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Bidding Time Is Over On This Item!";
}
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////bid proceed
else if($action=="bid2")
{
addvisitor();
addonline(getuid_sid($sid),"Bided In Auction","");
echo "<div><br/>Bid<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$gold = $_POST["gold"];
$aid=$_GET["aid"];
$plussid = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
$auc = mysql_fetch_array(mysql_query("SELECT title, bid, date, min FROM scibz_auction WHERE id='".$aid."'"));
$secs = $auc[2] - time();
if($secs>0)
{
if($gold<1)
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Must Bid A Minimum Of 1 Gold";
}else if($gold>$plussid[1]){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Currently dont have $gold Gold<br/>";
}else if($gold==$auc[1]){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Need To Bid More Than $gold Gold!";
}else if($gold<$auc[1]){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Sorry But Someone Has Bidded More Than $gold Gold<br/>";
}else if($gold<$auc[3]){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Sorry But $gold Gold Is Not More Than The Minimum Bid!<br/>";
}else{
$res = mysql_query("UPDATE scibz_auction SET bid='".$gold."', who='".$uid."' WHERE id='".$aid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Bid added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding a Bid";
}
echo "<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Bidding Time Is Over On This Item!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////Pic
else if($action=="pic")
{
addonline(getuid_sid($sid),"Viewing Auction Item","");
echo "<div><br/>View Item<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
$view = $_GET["view"];
$auc = mysql_fetch_array(mysql_query("SELECT title, pic FROM scibz_auction WHERE id='".$aid."'"));
echo "<b>$auc[0]</b><br/>";
echo "<img src=\"$auc[1]\" alt=\"$auc[0]\"/><br/>";
echo "<a href=\"auction.php?action=auction&view=$view\">«Back</a><br/>";
echo "<br/><a href=\"index.php?action=main\"><img src=\"images$folder/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////edit
else if($action=="edit")
{
addonline(getuid_sid($sid),"Editing Auction Item","");
echo "<div><br/>Edit Item<br/></div>";
$aid = $_GET["aid"];
$auc = mysql_fetch_array(mysql_query("SELECT uid, date FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[0])
{
$secs = $auc[1] - time();
$mins = round($secs / 60);
$hours = round($mins / 60);
$days = round($hours / 24);
if($days>6){
$title = mysql_fetch_array(mysql_query("SELECT title FROM scibz_auction WHERE id='".$aid."'"));
$pic = mysql_fetch_array(mysql_query("SELECT pic FROM scibz_auction WHERE id='".$aid."'"));
$off = mysql_fetch_array(mysql_query("SELECT off FROM scibz_auction WHERE id='".$aid."'"));
$dsc = mysql_fetch_array(mysql_query("SELECT dsc FROM scibz_auction WHERE id='".$aid."'"));
$item = mysql_fetch_array(mysql_query("SELECT item FROM scibz_auction WHERE id='".$aid."'"));
$min = mysql_fetch_array(mysql_query("SELECT min FROM scibz_auction WHERE id='".$aid."'"));
$adult = mysql_fetch_array(mysql_query("SELECT adult FROM scibz_auction WHERE id='".$aid."'"));
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "<b>Edit Auction Item!</b><br/></p>";
echo "<form action=\"auction.php?action=edit2&aid=$aid\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[EDIT]\"/>";
echo "</form><br/><br/>";
echo "<p>";
echo "<br/><br/>* = Required!<br/>";
echo "<br/><br/>";
}else{
echo "<p align=\"center\">";
echo "<br/><b>Sorry You Can Only Edit within the first 12 hours!</b><br/><br/>";
}
}else{
echo "<p align=\"center\">";
echo "<br/><b>This Item Does Not Belong To You!</b><br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=auction\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////admin edit
else if($action=="aedit")
{
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Edit Item<br/></div>";
$aid = $_GET["aid"];
if(isstatus8(getuid_sid($sid)))
{
$title = mysql_fetch_array(mysql_query("SELECT title FROM scibz_auction WHERE id='".$aid."'"));
$pic = mysql_fetch_array(mysql_query("SELECT pic FROM scibz_auction WHERE id='".$aid."'"));
$off = mysql_fetch_array(mysql_query("SELECT off FROM scibz_auction WHERE id='".$aid."'"));
$dsc = mysql_fetch_array(mysql_query("SELECT dsc FROM scibz_auction WHERE id='".$aid."'"));
$item = mysql_fetch_array(mysql_query("SELECT item FROM scibz_auction WHERE id='".$aid."'"));
$min = mysql_fetch_array(mysql_query("SELECT min FROM scibz_auction WHERE id='".$aid."'"));
$adult = mysql_fetch_array(mysql_query("SELECT adult FROM scibz_auction WHERE id='".$aid."'"));
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "<b>Edit Auction Item!</b><br/></p>";
echo "<form action=\"auction.php?action=edit2&aid=$aid\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[EDIT]\"/>";
echo "</form><br/><br/>";
echo "<p>";
echo "<br/><br/>* = Required!<br/>";
echo "<br/><br/>";
}else{
echo "<p align=\"center\">";
echo "<br/><br/>I don't know how you got into here, but there's nothing to show!<br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=auction\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////edit proceed
else if($action=="edit2")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Edit Item<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
$title = $_POST["title"];
$pic = $_POST["pic"];
$off = $_POST["off"];
$dsc = $_POST["dsc"];
$item = $_POST["item"];
$min = $_POST["min"];
$adult = $_POST["adult"];
if($adult==""){
$adult==0;
}
$auc = mysql_fetch_array(mysql_query("SELECT uid FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[0]||isstatus8(getuid_sid($sid)))
{
if($title=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Title";
}else if($dsc==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Description";
}else if($item==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Item";
}else{
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$res = mysql_query("UPDATE scibz_auction SET title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='".$adult."' WHERE id='".$aid."'");
}else{
$res = mysql_query("UPDATE scibz_auction SET title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='0' WHERE id='".$aid."'");
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Edited Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Editing";
}
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>This Item Does Not Belong To You!";
}
echo "<br/>";
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Rules
else if($action=="rules")
{
addonline(getuid_sid($sid),"Auction Rules","");
echo "<div><br/>Rules<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "</p>";
echo "<p>";
echo "<img src=\"images$folder/point.gif\" alt=\"!\"/>All Items will Be Up For Auction For 7 days!<br/>";
echo "<img src=\"images$folder/point.gif\" alt=\"!\"/>Items may be Edited within the first 12 Hours!<br/>";
echo "<img src=\"images$folder/point.gif\" alt=\"!\"/>To View A Bigger Picture Of The Item Simply Click on the Picture!<br/>";
echo "<img src=\"images$folder/point.gif\" alt=\"!\"/>Any Misusing Auction. May Result In Ban, Loss of Gold or A Ban From Wapirate Auction!<br/>";
echo "<img src=\"images$folder/point.gif\" alt=\"!\"/>You May Buy and Sell As Many Items As You Like!<br/>";
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Get
else if($action=="get")
{
addvisitor();
addonline(getuid_sid($sid),"Downloading Auction Item","");
echo "<div><br/>Download<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
$auc = mysql_fetch_array(mysql_query("SELECT title, pic, dsc, uid, item, who, bid, sold FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[5]||$uid==$auc[3]||isstatus8(getuid_sid($sid)))
{
if($auc[1]=="")
{
$pic = "";
}else{
$pic = "<img src=\"$auc[1]\" alt=\"$auc[0]\"/>";
}
$dnl = "<a href=\"$auc[4]\">Download</a>";
echo "<b>$auc[0]</b><br/>$pic<br/>$dnl<br/><br/>";
if($uid==$auc[5]&&$auc[7]==0)
{
$get = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$auc[5]."'"));
$rgold = $get[0] - $auc[6];
mysql_query("UPDATE ibwf_users SET gold='".$rgold."' WHERE id='".$auc[5]."'");
$set = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$auc[3]."'"));
$ngold = $set[0] + $auc[6];
mysql_query("UPDATE ibwf_users SET gold='".$ngold."' WHERE id='".$auc[3]."'");
mysql_query("UPDATE scibz_auction SET sold='1' WHERE id='".$aid."'");
$bought = mysql_fetch_array(mysql_query("SELECT bought FROM ibwf_users WHERE id='".$auc[5]."'"));
$buy = $bought[0] + 1;
mysql_query("UPDATE ibwf_users SET bought='".$buy."' WHERE id='".$auc[5]."'");
$sold = mysql_fetch_array(mysql_query("SELECT sold FROM ibwf_users WHERE id='".$auc[3]."'"));
$sell = $sold[0] + 1;
mysql_query("UPDATE ibwf_users SET sold='".$sell."' WHERE id='".$auc[3]."'");
}
}else{
echo "<b>You Did Not Pay For This Item!</b><br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=auction\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Delete
else if($action=="del")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Are You Sure?<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
if(isstatus8(getuid_sid($sid)))
{
echo "<b>Are You Sure You Want To Delete?</b><br/>";
echo "<a href=\"auction.php?action=del2&aid=$aid\">[YES]</a>";
}else{
echo "<br/><br/>I don't know how you got into here, but there's nothing to show!<br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Delete final
else if($action=="del2")
{
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Delete Item<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
if(isstatus8(getuid_sid($sid)))
{
$res = mysql_query("DELETE FROM scibz_auction WHERE id='".$aid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Item Deleted Successfully!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Deleting Item!";
}
}else{
echo "<br/><br/>I Dunno How You Got Here But Theres Nothing To Show!<br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////most sold
else if($action=="sold")
{
addonline(getuid_sid($sid),"Top Auction Sellers","");
echo "<div><br/>Top Auction Sellers<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "</p>";
if($page=="" || $page<=0)$page=1;
$num_items = regmemcount(); //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, name, sold FROM ibwf_users ORDER BY sold DESC LIMIT $limit_start, $items_per_page";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"index.php?action=viewuser&who=$item[0]\">$item[1]</a> <small>Sold: $item[2] Items!</small>";
echo "$lnk<br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=sold&page=$ppage&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=sold&page=$npage&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main\">Auction</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////most bought
else if($action=="bought")
{
addonline(getuid_sid($sid),"Top Auction Buyers","");
echo "<div><br/>Top Auction Buyers<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "</p>";
if($page=="" || $page<=0)$page=1;
$num_items = regmemcount(); //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, name, bought FROM ibwf_users ORDER BY bought DESC LIMIT $limit_start, $items_per_page";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"index.php?action=viewuser&who=$item[0]\">$item[1]</a> <small>Bought: $item[2] Items!</small>";
echo "$lnk<br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=bought&page=$ppage&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=bought&page=$npage&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main\">Auction</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Images On
else if($action=="picon")
{
addvisitor();
addonline(getuid_sid($sid),"Auction Images","");
echo "<div><br/>Images On<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$res = mysql_query("UPDATE ibwf_users SET auctionpic='1' WHERE id='".$uid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Images Turned On Successfully!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Turning Images On!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////Images Off
else if($action=="picoff")
{
addonline(getuid_sid($sid),"Auction Images","");
echo "<div><br/>Images Off<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$aid=$_GET["aid"];
$res = mysql_query("UPDATE ibwf_users SET auctionpic='0' WHERE id='".$uid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Images Turned Off Successfully!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Turning Images Off!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////sell
else if($action=="selladd")
{
addonline(getuid_sid($sid),"Selling Auction Item","");
echo "<div><br/>Sell Goods<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
echo "</p>";
echo "<form enctype=\"multipart/form-data\" action=\"auction.php?action=selladd2\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "Item: <input type=\"file\" name=\"filetoupload\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" name=\"uploadform\" value=\"Add\"/>";
echo "</form><br/><br/>";
/*
echo "<form action=\"auction.php?action=sell2\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[SELL]\"/>";
echo "</form><br/><br/>";
*/
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////sell proceed
else if($action=="selladd2")
{
addonline(getuid_sid($sid),"Uploaded Auction Item","");
echo "<div><br/>Sell Goods<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$title = $_POST["title"];
$pic = $_POST["pic"];
$off = $_POST["off"];
$dsc = $_POST["dsc"];
$item = $_POST["item"];
$min = $_POST["min"];
$adult = $_POST["adult"];
$time = time() + 7*24*60*60;
if($adult==""){
$adult==0;
}
if($title=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Title";
}else if($dsc==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please Fill In Description";
}else{
////////////here
$size_bytes=10485760;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png",".mid",".mp3",".wma",".amr",".sis",".sisx",".jar",".jad",".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".zip",".swf");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file in auction!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name in auction!', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
$test = move_uploaded_file($file_tmp, "./auction/$file_name2");
if($test){
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='/xhtml/auction/".$file_name2."', min='".$min."', adult='".$adult."', date='".$time."'");
}else{
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='/xhtml/auction/".$file_name2."', min='".$min."', adult='0', date='".$time."'");
}
}
echo "<br/>$file_name2<br/>
successfully uploaded!<br/>";
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Item added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding an item";
}
echo "<br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////
else if($action=="multidelete"){
if(isstatus10(getuid_sid($sid))){
addonline(getuid_sid($sid),"Auction","");
echo "<div><br/>Clear Old Items<br/></div>";
echo "<p align=\"center\">";
echo getinbox($sid,"auction*main","Auction");
$item = $_POST["item"];
$res = mysql_query("DELETE FROM scibz_auction WHERE id<'".$item."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Items Deleted Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Deleting Items";
}
echo "<br/><br/><a href=\"auction.php?action=main\">«Back</a><br/>";
echo getfoot($sid,$folder);
exit();
}
}
///////////////////////////////end
else{
addonline(getuid_sid($sid),"Lost in Auction","");
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got into here, but there's nothing to show<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
?>