📄 toolcenter.php
字号:
<?php
!function_exists('readover') && exit('Forbidden');
require_once(D_P.'data/bbscache/level.php');
require_once(R_P.'require/updateforum.php');
require_once(R_P.'require/tool.php');
!$db_toolifopen && Showmsg('toolcenter_close');
!$windid && Showmsg('not_login');
include_once(D_P.'data/bbscache/creditdb.php');
list($db_moneyname,$db_moneyunit,$db_rvrcname,$db_rvrcunit,$db_creditname,$db_creditunit)=explode("\t",$db_credits);
$userdb = $db->get_one("SELECT postnum,digests,rvrc,money,credit,currency FROM pw_memberdata WHERE uid='$winduid'");
if(!$action){
$query = $db->query("SELECT * FROM pw_tools WHERE state=1 ORDER BY vieworder");
while($rt = $db->fetch_array($query)){
$rt['descrip'] = substrs($rt['descrip'],30);
$tooldb[] = $rt;
}
require_once PrintEot('toolcenter');footer();
} elseif($action == 'mytool'){
$query = $db->query("SELECT u.*,t.name,t.price,t.stock FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid='$winduid'");
while($rt = $db->fetch_array($query)){
$tooldb[] = $rt;
}
require_once PrintEot('toolcenter');footer();
} elseif($action == 'user'){
!$db_allowtrade && Showmsg('trade_close');
if(is_numeric($uid)){
$rt = $db->get_one("SELECT username FROM pw_members WHERE uid='$uid'");
if(!$rt){
Showmsg('user_not_exists');
}
$sqladd = "AND u.uid='$uid'";
$owner = $rt['username'];
}else{
$sqladd = $owner = '';
}
$query = $db->query("SELECT u.*,t.name,t.descrip,t.logo,m.username FROM pw_usertool u LEFT JOIN pw_members m USING(uid) LEFT JOIN pw_tools t ON t.id=u.toolid WHERE sellnums!=0 $sqladd");
while($rt = $db->fetch_array($query)){
$rt['descrip'] = substrs($rt['descrip'],45);
$tooldb[] = $rt;
}
require_once PrintEot('toolcenter');footer();
} elseif($action == 'sell'){
!$db_allowtrade && Showmsg('trade_close');
if(!$step){
$rt = $db->get_one("SELECT u.*,t.name,t.price,t.logo FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE uid='$winduid' AND toolid='$id'");
!$rt && Showmsg('undefined_action');
$rt['nums'] == 0 && Showmsg('unenough_toolnum');
require_once PrintEot('toolcenter');footer();
} else{
$rt = $db->get_one("SELECT u.*,t.name FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE uid='$winduid' AND toolid='$id'");
if($rt){
$nums = (int)$nums;
$price <= 0 && Showmsg('illegal_nums');
$nums <= 0 && Showmsg('illegal_nums');
$rt['nums'] < $nums && Showmsg('unenough_nums');
$db->update("UPDATE pw_usertool SET nums=nums-'$nums',sellnums=sellnums+'$nums',sellprice='$price' WHERE uid='$winduid' AND toolid='$id'");
$logdata = array(
'type' => 'sell',
'nums' => $nums,
'money' => $price,
'descrip' => 'sell_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'toolname' => $rt['name'],
'from' => '',
);
writetoollog($logdata);
refreshto("hack.php?H_name=toolcenter&action=mytool",'operate_success');
} else{
Showmsg('undefined_action');
}
}
} elseif($action == 'buyuser'){
if(!$step){
$rt = $db->get_one("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.toolid='$id' && u.uid='$uid'");
if($rt){
$condition = unserialize($rt['conditions']);
$groupids = $condition['group'];
$fids = $condition['forum'];
foreach($condition[credit] as $key => $value){
$key == 'rvrc' && $value /= 10;
$condition['credit'][$key] = (int)$value;
}
include_once(D_P."data/bbscache/creditdb.php");
$usergroup="";
$num = 0;
foreach($ltitle as $key=>$value){
if($key != 1 && $key != 2){
if(strpos($groupids,','.$key.',') !== false){
$num++;
$htm_tr = $num%5 == 0 ? '</tr><tr>' : '';
$usergroup .=" <td width='20%'>$value</td>$htm_tr";
}
}
}
$num = 0;
$forumcheck = "";
$sqladd = " AND f_type!='hidden' AND cms='0'";
$query = $db->query("SELECT fid,name FROM pw_forums WHERE type<>'category' AND cms='0'");
while($fm = $db->fetch_array($query)){
if(strpos($fids,','.$fm['fid'].',') !== false){
$num ++;
$htm_tr = $num % 5 == 0 ? '</tr><tr>' : '';
$forumcheck .= "<td width='20%'>$fm[name]</td>$htm_tr";
}
}
require_once PrintEot('toolcenter');footer();
} else{
Showmsg('undefined_action');
}
} else{
$toolinfo = $db->get_one("SELECT u.*,t.name,m.username FROM pw_usertool u LEFT JOIN pw_members m USING(uid) LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.toolid='$id' && u.uid='$uid'");
$userinfo = $db->get_one("SELECT currency FROM pw_memberdata WHERE uid='$winduid'");
$nums = (int)$nums;
$nums <= 0 && Showmsg('illegal_nums');
$price = $toolinfo['sellprice'] * $nums;
$toolinfo['sellnums'] < $nums && Showmsg('unenough_sellnum');
if ($winduid == $toolinfo['uid']){
$logdata=array(
'type' => 'buy',
'nums' => $nums,
'money' => $price,
'descrip' => 'buyself_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'toolname' => $toolinfo['name'],
'from' => '',
);
writetoollog($logdata);
$db->update("UPDATE pw_usertool SET nums=nums+'$nums',sellnums=sellnums-'$nums' WHERE uid='$toolinfo[uid]' AND toolid='$id'");
} else {
if($userinfo['currency'] < $price){
Showmsg('unenough_money');
}
$db->update("UPDATE pw_memberdata SET currency=currency-'$price' WHERE uid='$winduid'");
$db->update("UPDATE pw_memberdata SET currency=currency+'$price' WHERE uid='$toolinfo[uid]'");
$db->pw_update(
"SELECT uid FROM pw_usertool WHERE uid='$winduid' AND toolid='$id'",
"UPDATE pw_usertool SET nums=nums+'$nums' WHERE uid='$winduid' AND toolid='$id'",
"INSERT INTO pw_usertool SET nums='$nums',uid='$winduid',toolid='$id'"
);
$db->update("UPDATE pw_usertool SET sellnums=sellnums-'$nums' WHERE uid='$toolinfo[uid]' AND toolid='$id'");
$logdata=array(
'type' => 'buy',
'nums' => $nums,
'money' => $price,
'descrip' => 'buyuser_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'toolname' => $toolinfo['name'],
'from' => $toolinfo['username'],
);
writetoollog($logdata);
}
refreshto("hack.php?H_name=toolcenter&action=user",'operate_success');
}
} elseif($action == 'buy'){
if(!$step){
$rt = $db->get_one("SELECT * FROM pw_tools WHERE id='$id'");
if($rt){
$rt['stock'] == 0 && Showmsg('no_stock');
$condition = unserialize($rt['conditions']);
$groupids = $condition['group'];
$fids = $condition['forum'];
foreach($condition[credit] as $key => $value){
$key == 'rvrc' && $value /= 10;
$condition['credit'][$key] = (int)$value;
}
include_once(D_P."data/bbscache/creditdb.php");
$usergroup="";
$num = 0;
foreach($ltitle as $key=>$value){
if($key != 1 && $key != 2){
if(strpos($groupids,','.$key.',') !== false){
$num ++;
$htm_tr = $num%5 == 0 ? '</tr><tr>' : '';
$usergroup .=" <td width='20%'>$value</td>$htm_tr";
}
}
}
$num = 0;
$forumcheck = "<table cellspacing='0' cellpadding='0' border='0' width='100%' align='center'><tr>";
$sqladd = " AND f_type!='hidden' AND cms='0'";
$query = $db->query("SELECT fid,name FROM pw_forums WHERE type<>'category' AND cms='0'");
while($fm = $db->fetch_array($query)){
if(strpos($fids,','.$fm['fid'].',') !== false){
$num ++;
$htm_tr = $num % 5 == 0 ? '</tr><tr>' : '';
$forumcheck .= "<td width='20%'>$fm[name]</td>$htm_tr";
}
}
$forumcheck.="</tr></table>";
require_once PrintEot('toolcenter');footer();
} else{
Showmsg('undefined_action');
}
} else{
$toolinfo = $db->get_one("SELECT * FROM pw_tools WHERE id='$id'");
$userinfo = $db->get_one("SELECT currency FROM pw_memberdata WHERE uid='$winduid'");
$nums = (int)$nums;
$nums <= 0 && Showmsg('illegal_nums');
$price = $toolinfo['price'] * $nums;
$toolinfo['stock'] < $nums && Showmsg('unenough_stock');
if($userinfo['currency'] < $price){
Showmsg('unenough_money');
}
$db->update("UPDATE pw_memberdata SET currency=currency-'$price' WHERE uid='$winduid'");
$db->update("UPDATE pw_tools SET stock=stock-'$nums' WHERE id='$id'");
$db->pw_update(
"SELECT uid FROM pw_usertool WHERE uid='$winduid' AND toolid='$id'",
"UPDATE pw_usertool SET nums=nums+'$nums' WHERE uid='$winduid' AND toolid='$id'",
"INSERT INTO pw_usertool SET nums='$nums',uid='$winduid',toolid='$id'"
);
$logdata=array(
'type' => 'buy',
'nums' => $nums,
'money' => $price,
'descrip' => 'buy_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'toolname' => $toolinfo['name'],
'from' => '',
);
writetoollog($logdata);
refreshto("hack.php?H_name=toolcenter",'operate_success');
}
} elseif($action == 'use'){
$tid = (int) $tid;
$toolid = (int) $toolid;
if (!$toolid){
$tooldb = array();
$query = $db->query("SELECT * FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid='$winduid' ORDER BY vieworder");
while($rt = $db->fetch_array($query)){
$rt['descrip'] = substrs($rt['descrip'],45);
$tooldb[] = $rt;
}
if (!$tooldb){
Showmsg('no_tool');
}
require_once PrintEot('toolcenter');footer();
}
$tooldb = $db->get_one("SELECT u.nums,t.name,t.state,t.conditions FROM pw_usertool u LEFT JOIN pw_tools t ON t.id=u.toolid WHERE u.uid='$winduid' AND u.toolid='$toolid'");
!$db_toolifopen && Showmsg('toolcenter_close');
if (!$tooldb || $tooldb['nums'] <= 0){
Showmsg('nothistool');
}
CheckUserTool($winduid,$tooldb);
if ($tid){
$condition = unserialize($tooldb['conditions']);
$tpcdb = $db->get_one("SELECT fid,subject,authorid,topped FROM pw_threads WHERE tid='$tid'");
if(!$tpcdb){
Showmsg('illegal_tid');
}
if($tpcdb['authorid'] != $winduid){
Showmsg('tool_authorlimit');
}elseif ($condition['forum'] && strpos($condition['forum'],",$tpcdb[fid],") === false){
Showmsg('tool_forumlimit');
}
}
if ($toolid == 1){
$rt = $db->get_one("SELECT rvrc FROM pw_memberdata WHERE uid='$winduid'");
if($rt['rvrc'] < 0){
$db->update("UPDATE pw_memberdata SET rvrc=0 WHERE uid='$winduid'");
$db->update("UPDATE pw_usertool SET nums=nums-1 WHERE uid='$winduid' AND toolid='$toolid'");
$logdata=array(
'type' => 'use',
'nums' => '',
'money' => '',
'descrip' => 'tool_1_descrip',
'uid' => $winduid,
'username' => $windid,
'ip' => $onlineip,
'time' => $timestamp,
'toolname' => $tooldb['name'],
'from' => '',
);
writetoollog($logdata);
list(,,$db_rvrcname,)=explode("\t",$db_credits);
Showmsg('toolmsg_1_success');
} else{
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -