tradeaura.php

   1 <?
   2 include "con.inc";
   3 function auth($userid, $password) {
   4 $sql="SELECT username FROM users WHERE username='$userid' AND userpass='$password'";
   5 $result=mysql_query($sql);
   6 if(!mysql_num_rows($result)) return 0;
   7 else {
   8 $query_data=mysql_fetch_row($result);
   9 return $query_data[0];
  10 }
  11 }
  12 $username=auth($uname,$pword);
  13 if (!$username)
  14 {
  15 echo "You are not <a href=login.php>logged in</a>.";
  16 exit;
  17 }
  18 if (!$submit)
  19 {
  20 ?>
  21 <form method=post action=tradeaura.php>
  22 Aura you want to trade in: <input type=text name=aura><br>
  23 <br><input type=submit name=submit value="Trade!">
  24 </form>
  25 <?
  26 }
  27 if ($submit)
  28 {
  29 if (!$aura)
  30 {
  31 $aura=0;
  32 }
  33 if ($aura<0)
  34 {
  35 $aura=0;
  36 }
  37 $aura=round($aura);
  38 $aura2=$aura*2;
  39 $sql="SELECT * FROM users WHERE username='$uname'";
  40 $result=mysql_query($sql);
  41 $myrow=mysql_fetch_array($result);
  42 if (($myrow["cookies"]-$aura)<0)
  43 {
  44 echo "You do not have this much aura.";
  45 exit;
  46 }
  47 $sql="UPDATE users SET money=money+'$aura2' WHERE username='$uname'";
  48 $result=mysql_query($sql);
  49 $sql="UPDATE users SET cookies=cookies-'$aura' WHERE username='$uname'";
  50 $result=mysql_query($sql);
  51 echo "You have traded in ".$aura." aura for ".$aura2." dollars.";
  52 }
  53 ?>