hitlist.php

Time 4 Crime online

<?php 

  include("_include-jail.php"); 

?> 
<html>

<head>
<title>Worldcrime</title>
<link rel="stylesheet" type="text/css" href="css-v3.css">
<head>

<body>
<?php
if(isset($_POST['koopvrij'])){
$id					= $_POST['koopvrij'];
$test				= mysql_query("SELECT * FROM `hitlist` WHERE `id`='$id'");
$koop				= mysql_fetch_object($test);
$excist				= mysql_num_rows($test);
if($excist <= 0)
echo "Ongeldige id</font>";
elseif($koop->prijs > $data->cash)
echo "Je moet wel genoeg cash hebben.</font>";
else {
mysql_query("UPDATE `[users]` SET `cash`=`cash`-$koop->prijs WHERE `login`='{$data->login}'");
mysql_query("DELETE FROM `hitlist` WHERE `id`='$id'");
echo "jij hebt {$koop->naam} van de hitlist afgekocht";
}
}
?>
<?
echo "


<table border=1 bordercolor=black cellpadding=2 cellspacing=0 width=100%>";
echo "<tr>

        <td align=left background=topic.gif>
			Naam
		</td><td align=left background=topic.gif>
			Bedrag
		</td><td align=left background=topic.gif>
			Betaald door
		</td><td align=left background=topic.gif>
			Reden
		</td><td align=left background=topic.gif>
			Datum
		</td><td align=left background=topic.gif>
			Koop uit!
		</td>
      </tr>";
echo "<form method=post>";
$info			= mysql_query("SELECT * FROM `hitlist` ORDER BY 'prijs' DESC");
while ($gegeven = mysql_fetch_object($info)) {
$amount = number_format($gegeven->prijs,0);
echo "<tr>
        <td width=15% align=center class=mainTxt>
        	<a href=\"profile.php?x={$gegeven->naam}\">{$gegeven->naam}</a>
        </td><td width=13% align=center class=mainTxt>
        	\${$amount}
        </td><td width=15% align=center class=mainTxt>
        	<a href=\"profile.php?x={$gegeven->plaatser}\">{$gegeven->plaatser}</a>
        </td><td width=30% align=center class=mainTxt>
        	{$gegeven->Reason}
        </td><td width=25% align=center class=mainTxt>
        	{$gegeven->date}
        </td><td width=10% align=center class=mainTxt>
        	<input type=\"radio\" name=\"koopvrij\" value=\"{$gegeven->id}\"/>
        </td>
	  </tr>";
}

echo "</table>
<input type=\"submit\" value=\"Koop uit!\" name=\"KU\"></form>";
?><br><br>

<center>

<table width="40%" align="center" valign="top">
<td class="mainTxt">
<FORM METHOD=post ACTION=""> 

  <center>Naam:<br> 
    	<input id="name" name="name" maxlength="16" size="15"> 
    <br> 
    Prijs:<br> 
    	<input id="Reden" name="prijs" cols="25" value="1000"> 
    <br>
    Reden:<br> 
		<textarea name="reason" cols=30 rows=6></textarea>
    <br>
	<br>
    <INPUT name="submit2" type="submit" VALUE="Voeg toe!"><br>
	<INPUT name="submit1" type="submit" VALUE="Voeg anoniem toe (10% extra)"><br>
</FORM> 
</td>
</table>
</center>

</body>

</html>
<?PHP 
//anoniem
$target = $_POST['name'];
$prijs = round($_POST['prijs']);
$reason = $_POST['reason'];
$prijs1 = round(($_POST['prijs']*1.0)+5000);
$echt = $_POST['plaatser'];
$verdediger     = mysql_query("SELECT * FROM `[users]` WHERE `login`='$target' AND `health`>'0'");
$controle       = mysql_num_rows($verdediger);
$t		=  mysql_fetch_object($verdediger);
if (isset($_POST['submit1'])) { 
if($prijs < 100){
echo "De prijs moet minimaal 1000 zijn";
die();
}
if($prijs1 > $data->cash){
echo "jij hebt niet genoeg geld cash!<br>De totale prijs is namelijk: $prijs1";
die();
}
if($controle <1){
echo "Deze gebruiker bestaat niet</font>";
die();
}
$insert2 = "INSERT INTO `hitlist` ( `id` , `plaatser` , `prijs` , `naam` , `echt` , `Reason` , `date`) VALUES ('', 'Anonymus', '" . $prijs. "' , '" . $t->login. "' , '" . $echt. "', '" . $reason. "', NOW())";
mysql_query("UPDATE `[users]` SET cash = cash-$prijs1 WHERE login = '" .  $plaatser . "'") or die("banken : " . mysql_error());
$insert_now = mysql_query($insert2) or die("FOUT2 : " . mysql_error());
echo "Je hebt $t->login op de hitlist gezet.<script language='JavaScript' type='text/JavaScript'>setTimeout(\"window.location.href='hitlist.php'\",10)</script>";

exit;
} 
?> 

<?PHP 
//niet anoniem
$target = $_POST['name'];
$prijs = round($_POST['prijs']);
$prijs1 = round($_POST['prijs']+5000);
$reason = $_POST['reason'];
$plaatser = $data->login;
$echt = $_POST['plaatser'];
$verdediger     = mysql_query("SELECT * FROM `[users]` WHERE `login`='$target'");
$controle       = mysql_num_rows($verdediger);
$t				= mysql_fetch_object($verdediger);
if (isset($_POST['submit2'])) { 
if($prijs < 1000)
echo "De prijs moet minstens 1000 zijn</font>";
elseif($controle <1)
echo "Deze user bestaat niet</font>";
elseif($prijs1 > $data->cash)
echo "je hebt niet genoeg geld</font>";
elseif($prijs1 > $data->cash)
echo "Je hebt niet genoeg geld</font>";
else {
$insert2 = "INSERT INTO `hitlist` ( `id` , `plaatser` , `prijs` , `naam` , `echt` , `Reason` , `date`) VALUES ('', '" . $plaatser . "', '" . $prijs . "' , '" . $t->login . "' , '" . $echt . "', '" . $reason . "', NOW())"; 
mysql_query("UPDATE `[users]` SET cash = cash-$prijs1 WHERE login = '" .  $plaatser . "'") or die("banken : " . mysql_error());
$insert_now = mysql_query($insert2) or die("FOUT2 : " . mysql_error()); 
echo "Jij hebt $target op de hitlist gezet.<script language='JavaScript' type='text/JavaScript'>setTimeout(\"window.location.href='hitlist.php'\",10)</script>";
}
}
?> </td>
 </table></center>
 
</body>

</html>