<?php
/////////////////////////////Auction wrote by scribzy
/////////////////////////////1thiefy@gmail.com
include("core.php");
include("config.php");
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
$addy = "wapirate.net";
$bcon = connectdb();
if (!$bcon)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/error.gif\" alt=\"*\"/><br/>";
echo "ERROR! cannot connect to database<br/><br/>";
echo "This error usually happens when backing up the database, please be patient, The site will be up as soon as possible<br/><br/>";
echo "<b>THANK YOU VERY MUCH</b>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$brws = $_SERVER['HTTP_USER_AGENT'];
$ubr = $brws;
$uip = getip();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$wnick = getnick_uid($who);
$uid = getuid_sid($sid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
$page = $_GET["page"];
$view = $_GET["view"];
cleardata();
if(isipbanned($uip,$ubr))
{
if(!isshield(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Ip Block!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "This IP address is blocked<br/>";
echo "<br/>";
echo "However we grant a shield against IP-Ban for our best users, you can try to see if you are shielded by trying to login, if you keep coming to this page that means you are not shielded, so come back when the ip-ban period is over<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));
//echo mysql_error();
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo " IP: $rmsg<br/><br/>";
echo "</p>";
// echo "<p>";
echo "<form action=\"login.php\" method=\"get\">";
echo "username:<br/> <input name=\"loguid\" format=\"*x\" size=\"8\" maxlength=\"30\"/><br/>";
echo "password:<br/> <input type=\"password\" name=\"logpwd\" size=\"8\" maxlength=\"30\"/><br/>";
echo "<input type=\"submit\" value=\"login »\"/>";
echo "</form>";
// echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
}
if(($action != "") && ($action!="terms"))
{
$uid = getuid_sid($sid);
if((islogged($sid)==false)||($uid==0))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
}
//echo isbanned($uid);
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "Ban Reason: $banres[0]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$res = mysql_query("UPDATE ibwf_users SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");
////////////////////////////////////////MAIN PAGE
if($action=="main")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Auction<br/></div>";
echo "<p align=\"center\">";
$name = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
echo "<b>Welcome $name[0] To Wapirate Auction!</b><br/>";
echo "<img src=\"/images/auction.gif\" alt=\"*\"/><br/>";
echo "<br/>";
echo "Your Current gold is: <b>$name[1]</b><br/>";
echo "</p>";
echo "<p align=\"left\">";
echo "<a href=\"auction.php?action=auction&sid=$sid\">»Auction</a><br/>";
echo "<a href=\"auction.php?action=sell&sid=$sid\">»Sell Goods</a><br/>";
echo "<a href=\"auction.php?action=rules&sid=$sid\">»Rules</a><br/>";
echo "<a href=\"auction.php?action=sold&sid=$sid\">»Best Auction Sellers!</a><br/>";
echo "<a href=\"auction.php?action=bought&sid=$sid\">»Best Auction Buyers!</a><br/><br/>";
$pix = mysql_fetch_array(mysql_query("SELECT auctionpic FROM ibwf_users WHERE id='".$uid."'"));
if($pix[0]==0){
echo "<a href=\"auction.php?action=picon&sid=$sid\">» Auction Images ON! «</a><br/>";
}else{
echo "<a href=\"auction.php?action=picoff&sid=$sid\">» Auction Images OFF! «</a><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "<br/><br/><small>© wapirate</small>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////////Auction
else if($action=="auction")
{
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Auction<br/></div>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM scibz_auction"));
}else{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM scibz_auction WHERE adult='0'"));
}
if($page=="" || $page<=0)$page=1;
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($age>17){
$sql = "SELECT id, title, date, bid, who, item, dsc, pic, uid, off, min FROM scibz_auction ORDER BY id DESC LIMIT $limit_start, $items_per_page";
}else{
$sql = "SELECT id, title, date, bid, who, item, dsc, pic, uid, off, min FROM scibz_auction WHERE adult='0' ORDER BY id DESC LIMIT $limit_start, $items_per_page";
}
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$wnick = getnick_uid($item[8]);
$bnick = getnick_uid($item[4]);
$til = "<b>$item[1]</b><br/>";
$pix = mysql_fetch_array(mysql_query("SELECT auctionpic FROM ibwf_users WHERE id='".$uid."'"));
if($pix[0]==0){
if($item[7]==""){
$pic = "";
}else{
if($item[9]==1){
$pic = "<a href=\"auction.php?action=pic&aid=$item[0]&sid=$sid&view=$view\">Preview!</a><br/>";
}else{
$pic = "";
}
}
}else{
if($item[7]==""){
$pic = "";
}else{
if($item[9]==1){
$pic = "<a href=\"auction.php?action=pic&aid=$item[0]&sid=$sid&view=$view\"><img src=\"$item[7]\" alt=\"$wnick\" height=\"50\" length=\"50\"/></a><br/>";
}else{
$pic = "<img src=\"$item[7]\" alt=\"$wnick\" height=\"50\" length=\"50\"/><br/>";
}
}
}
if($item[10]==0){
$min = "";
}else{
$min = "Min Bid: $item[10]";
}
$dsc = parsepm($item[6],$sid);
$des = "<small>$dsc</small><br/>";
$lnk = "<small>Seller: </small><a href=\"index.php?action=viewuser&who=$item[8]&sid=$sid\">$wnick</a> $min<br/>";
$secs = $item[2] - time();
$mins = round($secs / 60);
$hours = round($mins / 60);
$days = round($hours / 24);
if($days>0){
$left = "Time left: $days Days";
}else if($days<1&&$hours>0){
$left = "Time left: $hours Hours";
}else if($hours<1&&$mins>0){
$left = "Time left: $mins Mins";
}else if($mins<1&&$secs>0){
$left = "Time left: $secs Secs";
}else if($secs<1&&$item[3]>0){
$left = "<b>SOLD</b>";
}else if($secs<1&&$item[3]==""){
$left = "<b>Non Bought Item!</b>";
}
if($item[3]=="")
{
$hig = "No Bids<br/>$left<br/>";
}else{
$hig = "Highest Bid: $item[3] Gold ... By: <a href=\"index.php?action=viewuser&who=$item[4]&sid=$sid\">$bnick</a><br/>$left<br/>";
}
if($secs>0){
if($item[8]==$uid)
{
$bid = "";
}else{
$bid = "<a href=\"auction.php?action=bid&aid=$item[0]&sid=$sid\">[BID]</a>";
}
}
if(isadmin(getuid_sid($sid)))
{
$edi = "<a href=\"auction.php?action=aedit&aid=$item[0]&sid=$sid\">[EDIT]</a>";
}else if($days>3){
if($item[8]==$uid)
{
$edi = "<a href=\"auction.php?action=edit&aid=$item[0]&sid=$sid\">[EDIT]</a>";
}else{
$edi ="";
}
}else{
$edi ="";
}
if(isadmin(getuid_sid($sid)))
{
$del = "<a href=\"auction.php?action=del&aid=$item[0]&sid=$sid\">[X]</a>";
}else{
$del = "";
}
if($secs<1&&$item[4]==$uid||$uid==$item[8]||isadmin(getuid_sid($sid)))
{
$dnl = "<a href=\"auction.php?action=get&aid=$item[0]&sid=$sid\">Download!</a> $del<br/>";
}else{
$dnl ="";
}
echo "$til $pic $des $lnk $hig $bid $edi $dnl $ami<br/><br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=auction&page=$ppage&sid=$sid&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=auction&page=$npage&sid=$sid&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////////sell
else if($action=="sell")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Sell Goods<br/></div>";
echo "<form action=\"auction.php?action=sell2&sid=$sid\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[SELL]\"/>";
echo "</form><br/><br/>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////sell proceed
else if($action=="sell2")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Sell Goods<br/></div>";
echo "<p align=\"center\">";
$title = $_POST["title"];
$pic = $_POST["pic"];
$off = $_POST["off"];
$dsc = $_POST["dsc"];
$item = $_POST["item"];
$min = $_POST["min"];
$adult = $_POST["adult"];
$time = time() + 7*24*60*60;
if($adult==""){
$adult==0;
}
if($title=="")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Title";
}else if($dsc==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Description";
}else if($item==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Item";
}else{
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='".$adult."', date='".$time."'");
}else{
$res = mysql_query("INSERT INTO scibz_auction SET uid='".$uid."', title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='0', date='".$time."'");
}
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Item added Successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error adding an item";
}
echo "<br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////////////Bid
else if($action=="bid")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Bid<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$plussid = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
$auc = mysql_fetch_array(mysql_query("SELECT title, bid, date, min FROM scibz_auction WHERE id='".$aid."'"));
$secs = $auc[2] - time();
if($secs>0)
{
echo "<b>Make A Bid</b><br/><br/>";
if($auc[3]==""){
echo "";
}else{
echo "Minimum Bid: $auc[3]<br/>";
}
echo "<b>$auc[0]</b><br/><br/>";
echo "Your Have $plussid[1] Gold To Bid!<br/><br/>";
echo "</p><form action=\"auction.php?action=bid2&sid=$sid&aid=$aid\" method=\"post\">";
echo "Name: <input name=\"gold\" maxlength=\"4\"/><br/>";
echo "<input type=\"submit\" value=\"[BID]\"/>";
echo "</form><br/>";
echo "<p align=\"center\">";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Bidding Time Is Over On This Item!";
}
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////bid proceed
else if($action=="bid2")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Bid<br/></div>";
echo "<p align=\"center\">";
$gold = $_POST["gold"];
$aid=$_GET["aid"];
$plussid = mysql_fetch_array(mysql_query("SELECT name, gold FROM ibwf_users WHERE id='".$uid."'"));
$auc = mysql_fetch_array(mysql_query("SELECT title, bid, date, min FROM scibz_auction WHERE id='".$aid."'"));
$secs = $auc[2] - time();
if($secs>0)
{
if($gold<1)
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You Must Bid A Minimum Of 1 Gold";
}else if($gold>$plussid[1]){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You Currently dont have $gold Gold<br/>";
}else if($gold==$auc[1]){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You Need To Bid More Than $gold Gold!";
}else if($gold<$auc[1]){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Sorry But Someone Has Bidded More Than $gold Gold<br/>";
}else if($gold<$auc[3]){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Sorry But $gold Gold Is Not More Than The Minimum Bid!<br/>";
}else{
$res = mysql_query("UPDATE scibz_auction SET bid='".$gold."', who='".$uid."' WHERE id='".$aid."'");
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Bid added Successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error adding a Bid";
}
echo "<br/>";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Bidding Time Is Over On This Item!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////////////Pic
else if($action=="pic")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>View Item<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$view = $_GET["view"];
$auc = mysql_fetch_array(mysql_query("SELECT title, pic FROM scibz_auction WHERE id='".$aid."'"));
echo "<b>$auc[0]</b><br/>";
echo "<img src=\"$auc[1]\" alt=\"$auc[0]\"/><br/>";
echo "<a href=\"auction.php?action=auction&sid=$sid&view=$view\">«Back</a><br/>";
echo "<br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////edit
else if($action=="edit")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Edit Item<br/></div>";
$aid = $_GET["aid"];
$auc = mysql_fetch_array(mysql_query("SELECT uid, date FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[0])
{
$secs = $auc[1] - time();
$mins = round($secs / 60);
$hours = round($mins / 60);
$days = round($hours / 24);
if($days>6){
echo "<onevent type=\"onenterforward\">";
$title = mysql_fetch_array(mysql_query("SELECT title FROM scibz_auction WHERE id='".$aid."'"));
$pic = mysql_fetch_array(mysql_query("SELECT pic FROM scibz_auction WHERE id='".$aid."'"));
$off = mysql_fetch_array(mysql_query("SELECT off FROM scibz_auction WHERE id='".$aid."'"));
$dsc = mysql_fetch_array(mysql_query("SELECT dsc FROM scibz_auction WHERE id='".$aid."'"));
$item = mysql_fetch_array(mysql_query("SELECT item FROM scibz_auction WHERE id='".$aid."'"));
$min = mysql_fetch_array(mysql_query("SELECT min FROM scibz_auction WHERE id='".$aid."'"));
$adult = mysql_fetch_array(mysql_query("SELECT adult FROM scibz_auction WHERE id='".$aid."'"));
echo "<p align=\"center\">";
echo "<b>Edit Auction Item!</b><br/></p>";
echo "<form action=\"auction.php?action=edit2&sid=$sid&aid=$aid\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[EDIT]\"/>";
echo "</form><br/><br/>";
echo "<p>";
echo "<br/><br/>* = Required!<br/>";
echo "<br/><br/>";
}else{
echo "<p align=\"center\">";
echo "<br/><b>Sorry You Can Only Edit within the first 12 hours!</b><br/><br/>";
}
}else{
echo "<p align=\"center\">";
echo "<br/><b>This Item Does Not Belong To You!</b><br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=auction&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////admin edit
else if($action=="aedit")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Edit Item<br/></div>";
$aid = $_GET["aid"];
if(isadmin(getuid_sid($sid)))
{
$title = mysql_fetch_array(mysql_query("SELECT title FROM scibz_auction WHERE id='".$aid."'"));
$pic = mysql_fetch_array(mysql_query("SELECT pic FROM scibz_auction WHERE id='".$aid."'"));
$off = mysql_fetch_array(mysql_query("SELECT off FROM scibz_auction WHERE id='".$aid."'"));
$dsc = mysql_fetch_array(mysql_query("SELECT dsc FROM scibz_auction WHERE id='".$aid."'"));
$item = mysql_fetch_array(mysql_query("SELECT item FROM scibz_auction WHERE id='".$aid."'"));
$min = mysql_fetch_array(mysql_query("SELECT min FROM scibz_auction WHERE id='".$aid."'"));
$adult = mysql_fetch_array(mysql_query("SELECT adult FROM scibz_auction WHERE id='".$aid."'"));
echo "<p align=\"center\">";
echo "<b>Edit Auction Item!</b><br/></p>";
echo "<form action=\"auction.php?action=edit2&sid=$sid&aid=$aid\" method=\"post\">";
echo "*Title: <input name=\"title\" maxlength=\"50\" value=\"$title[0]\"/><br/>";
echo "Pic: <input name=\"pic\" maxlength=\"255\" value=\"$pic[0]\"/> ";
echo "Full Size: <select name=\"off\" value=\"$off[0]\">";
echo "<option value=\"1\">On</option>";
echo "<option value=\"0\">Off</option>";
echo "</select><br/>";
echo "*Description: <input name=\"dsc\" maxlength=\"255\" value=\"$dsc[0]\"/><br/>";
echo "*Item Link: <input name=\"item\" maxlength=\"255\" value=\"$item[0]\"/><br/>";
echo "Minimum Bid: <input name=\"min\" maxlength=\"3\" value=\"$min[0]\"/><br/>";
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
echo "Adult Item: <select name=\"adult\" value=\"$adult[0]\">";
echo "<option value=\"0\">No</option>";
echo "<option value=\"1\">Yes</option>";
echo "</select><br/>";
}
echo "<input type=\"submit\" value=\"[EDIT]\"/>";
echo "</form><br/><br/>";
echo "<p>";
echo "<br/><br/>* = Required!<br/>";
echo "<br/><br/>";
}else{
echo "<p align=\"center\">";
echo "<br/><br/>I don't know how you got into here, but there's nothing to show!<br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=auction&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////edit proceed
else if($action=="edit2")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Edit Item<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$title = $_POST["title"];
$pic = $_POST["pic"];
$off = $_POST["off"];
$dsc = $_POST["dsc"];
$item = $_POST["item"];
$min = $_POST["min"];
$adult = $_POST["adult"];
if($adult==""){
$adult==0;
}
$auc = mysql_fetch_array(mysql_query("SELECT uid FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[0]||isadmin(getuid_sid($sid)))
{
if($title=="")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Title";
}else if($dsc==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Description";
}else if($item==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Please Fill In Item";
}else{
$nopl = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$uid."'"));
$age = getage($nopl[0]);
if($age>17){
$res = mysql_query("UPDATE scibz_auction SET title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='".$adult."' WHERE id='".$aid."'");
}else{
$res = mysql_query("UPDATE scibz_auction SET title='".$title."', pic='".$pic."', off='".$off."', dsc='".$dsc."', item='".$item."', min='".$min."', adult='0' WHERE id='".$aid."'");
}
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Edited Successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error Editing";
}
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This Item Does Not Belong To You!";
}
echo "<br/>";
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Rules
else if($action=="rules")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Rules<br/></div>";
echo "<p>";
echo "<img src=\"images/point.gif\" alt=\"!\"/>All Items will Be Up For Auction For 7 days!<br/>";
echo "<img src=\"images/point.gif\" alt=\"!\"/>Items may be Edited within the first 12 Hours!<br/>";
echo "<img src=\"images/point.gif\" alt=\"!\"/>To View A Bigger Picture Of The Item Simply Click on the Picture!<br/>";
echo "<img src=\"images/point.gif\" alt=\"!\"/>Any Misusing Auction. May Result In Ban, Loss of Gold or A Ban From Wapirate Auction!<br/>";
echo "<img src=\"images/point.gif\" alt=\"!\"/>You May Buy and Sell As Many Items As You Like!<br/>";
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Get
else if($action=="get")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Download<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$auc = mysql_fetch_array(mysql_query("SELECT title, pic, dsc, uid, item, who, bid, sold FROM scibz_auction WHERE id='".$aid."'"));
if($uid==$auc[5]||$uid==$auc[3]||isadmin(getuid_sid($sid)))
{
if($auc[1]=="")
{
$pic = "";
}else{
$pic = "<img src=\"$auc[1]\" alt=\"$auc[0]\"/>";
}
$dnl = "<a href=\"$auc[4]\">Download</a>";
echo "<b>$auc[0]</b><br/>$pic<br/>$dnl<br/><br/>";
if($uid==$auc[5]&&$auc[7]==0)
{
$get = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$auc[5]."'"));
$rgold = $get[0] - $auc[6];
mysql_query("UPDATE ibwf_users SET gold='".$rgold."' WHERE id='".$auc[5]."'");
$set = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$auc[3]."'"));
$ngold = $set[0] + $auc[6];
mysql_query("UPDATE ibwf_users SET gold='".$ngold."' WHERE id='".$auc[3]."'");
mysql_query("UPDATE scibz_auction SET sold='1' WHERE id='".$aid."'");
$bought = mysql_fetch_array(mysql_query("SELECT bought FROM ibwf_users WHERE id='".$auc[5]."'"));
$buy = $bought[0] + 1;
mysql_query("UPDATE ibwf_users SET bought='".$buy."' WHERE id='".$auc[5]."'");
$sold = mysql_fetch_array(mysql_query("SELECT sold FROM ibwf_users WHERE id='".$auc[3]."'"));
$sell = $sold[0] + 1;
mysql_query("UPDATE ibwf_users SET sold='".$sell."' WHERE id='".$auc[3]."'");
}
}else{
echo "<b>You Did Not Pay For This Item!</b><br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=auction&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Delete
else if($action=="del")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Are You Sure?<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
if(isadmin(getuid_sid($sid)))
{
echo "<b>Are You Sure You Want To Delete?</b><br/>";
echo "<a href=\"auction.php?action=del2&aid=$aid&sid=$sid\">[YES]</a>";
}else{
echo "<br/><br/>I don't know how you got into here, but there's nothing to show!<br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Delete final
else if($action=="del2")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Delete Item<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
if(isadmin(getuid_sid($sid)))
{
$res = mysql_query("DELETE FROM scibz_auction WHERE id='".$aid."'");
if($res){
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Item Deleted Successfully!";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error Deleting Item!";
}
}else{
echo "<br/><br/>I Dunno How You Got Here But Theres Nothing To Show!<br/><br/>";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////most sold
else if($action=="sold")
{
addonline(getuid_sid($sid),"Top Auction Seller","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Top Auction Sellers<br/></div>";
if($page=="" || $page<=0)$page=1;
$num_items = regmemcount(); //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, name, sold FROM ibwf_users ORDER BY sold DESC LIMIT $limit_start, $items_per_page";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"index.php?action=viewuser&who=$item[0]&sid=$sid\">$item[1]</a> <small>Sold: $item[2] Items!</small>";
echo "$lnk<br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=sold&page=$ppage&sid=$sid&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=sold&page=$npage&sid=$sid&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">";
echo "Auction</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////most bought
else if($action=="bought")
{
addonline(getuid_sid($sid),"Top Auction Buyers","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Top Auction Buyers<br/></div>";
if($page=="" || $page<=0)$page=1;
$num_items = regmemcount(); //changable
$items_per_page= 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, name, bought FROM ibwf_users ORDER BY bought DESC LIMIT $limit_start, $items_per_page";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
if(mysql_num_rows($items)>0)
{
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"index.php?action=viewuser&who=$item[0]&sid=$sid\">$item[1]</a> <small>Bought: $item[2] Items!</small>";
echo "$lnk<br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"auction.php?action=bought&page=$ppage&sid=$sid&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"auction.php?action=bought&page=$npage&sid=$sid&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"auction.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"submit\" value=\"Go To Page\"/>";
$rets .= "</form>";
echo $rets;
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">";
echo "Auction</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Images On
else if($action=="picon")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Images On<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$res = mysql_query("UPDATE ibwf_users SET auctionpic='1' WHERE id='".$uid."'");
if($res){
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Images Turned On Successfully!";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error Turning Images On!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////Images Off
else if($action=="picoff")
{
addvisitor();
addonline(getuid_sid($sid),"Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Images Off<br/></div>";
echo "<p align=\"center\">";
$aid=$_GET["aid"];
$res = mysql_query("UPDATE ibwf_users SET auctionpic='0' WHERE id='".$uid."'");
if($res){
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Images Turned Off Successfully!";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Error Turning Images Off!";
}
echo "</p><p align=\"center\">";
echo "<a href=\"auction.php?action=main&sid=$sid\">«Back</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
///////////////////////////////end
else{
addonline(getuid_sid($sid),"Lost in Auction","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got into here, but there's nothing to show<br/><br/>";
echo "<img src=\"/images/line.gif\" alt=\"line\"/>";
echo "<br/><a href=\"index.php?action=main&sid=$sid\">Home</a>";
echo "<br/><br/><small>© $sitename</small>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
echo "</html>";
?>