Web item mall [Free]

05/23/2012 10:21 Riouk#1
Since some1 is selling scripts like this, i thought to give it for free.
First, index.php (to login) must contain this form:
Code:
<FORM method=post action="login.php">
<TABLE BORDER=0>
<TR>
	<TD><center>ACCOUNT NAME :</center></TD>
	<TD>
	<INPUT type=text name="account" maxlength="16">
	</TD>
</TR>

<TR>
	<TD><center>PASSWORD :</center></TD>
	<TD>
	<INPUT type=password name="pass" maxlength="16">
	</TD>
</TR>

<TR>
	<TD colspan=2>
	<center><INPUT border=0 src="../images/loginbtn.png " type=image Value=submit align="middle" ></center> 
	</TD>
</TR>
</TABLE>
</FORM>
Don't forget to make a loginbtn.png

Then for this page i used an existing script that i took here but can't remember what script (credits goes to idk who)

info.php
Code:
<?php
error_reporting(E_ALL);
//Database-related stuff
$host='127.0.0.1'; //Your gameserver's 
$user='your_db_username'; //"sa" by default.
$pass='your_db_userpassword';
$conn = @odbc_connect("Driver={SQL Server};Server=$host;", $user, $pass) or die("Database Connection Error!");
//Custom functions
function mssql_real_escape_string($data) {
        if ( !isset($data) or empty($data) ) return '';
        if ( is_numeric($data) ) return $data;

        $non_displayables = array(
            '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
            '/%1[0-9a-f]/',             // url encoded 16-31
            '/[\x00-\x08]/',            // 00-08
            '/\x0b/',                   // 11
            '/\x0c/',                   // 12
            '/[\x0e-\x1f]/'             // 14-31
        );
        foreach ( $non_displayables as $regex )
            $data = preg_replace( $regex, '', $data );
        $data = str_replace("'", "''", $data );
        return $data;
    }
	
function unsetSession ($SessionVariable) {
   unset($GLOBALS['_SESSION'][$SessionVariable]);
}

function createSession ($UserID){
	$md5 = md5($_SERVER['REMOTE_ADDR'].$UserID.$_SERVER['HTTP_USER_AGENT']);
	return $md5;
}

function checkSession ($Session,$UserID){
	$md5 = md5($_SERVER['REMOTE_ADDR'].$UserID.$_SERVER['HTTP_USER_AGENT']);
	if($Session != $md5){
	unsetSession('UserID');
	unsetSession('session_id');
	exit(header("location:index.php"));
	}else
	{
	return true;
	}
}

function checkEmail ($email) {
  if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
    return false;
  }
  $email_array = explode("@", $email);
  $local_array = explode(".", $email_array[0]);
  for ($i = 0; $i < sizeof($local_array); $i++) {
    if
(!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&
?'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
$local_array[$i])) {
      return false;
    }
  }
  if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
    $domain_array = explode(".", $email_array[1]);
    if (sizeof($domain_array) < 2) {
        return false; 
    }
    for ($i = 0; $i < sizeof($domain_array); $i++) {
      if
(!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|
?([A-Za-z0-9]+))$",
$domain_array[$i])) {
        return false;
      }
    }
  }
  return true;
}

function checkUser ($Char,$User,$conn) {
	$Check = odbc_exec($conn,"SELECT UserID FROM PS_GameData.dbo.Chars WHERE CharID='".$Char."'");
	$User2 = odbc_result($Check,'UserID');
	if(odbc_num_rows($Check) != 1){return false;}
	if($User != $User2){return false;}
	return true;
}
?>
Then the login
Code:
<?php
session_start();
include('info.php');
$UserID = mssql_real_escape_string($_POST['account']);
$Pw = mssql_real_escape_string($_POST['pass']);
$Error=0;

$res=odbc_exec($conn,"SELECT UserID FROM PS_UserData.dbo.Users_Master WHERE UserID='{$UserID}' AND Pw='{$Pw}'");
$row=odbc_num_rows($res);
if ($row == 0) {$Error++;}
if ($Error != 0){die ('Incorrect Username or Password');}
else{
header('Location: features.php');
$_SESSION['UserID']=$UserID;
$_SESSION['session_id']=createSession($UserID);
}

?>
The page features.php (or whatsoever you name it) will contain the items you make on the store, for exemple on my page it's like
Code:
...
<div class="block-content">
					<?php
					$User="SELECT * FROM PS_UserData.dbo.Users_Master U
INNER JOIN PS_GameData.dbo.UserMaxGrow UM ON UM.UserUID=U.UserUID
WHERE UserID='".$_SESSION['UserID']."'";
$res = odbc_exec($conn,$User);
$Info = odbc_fetch_array($res);
					//Welcome Message
echo "<b>Welcome, ".$_SESSION["UserID"]."</b><br>";
if (isset($_SESSION["msg"])) echo "<b>".$_SESSION["msg"]."</b><br>";
//Account info
echo "<b>";
echo "Points: ".$Info['Point']."<br>";
echo "</b>";
?>
																		<div class="clear"></div>
						<!-- begin content --><link href="./mall.css" rel="stylesheet" type="text/css"><link href="./mall2.css" rel="stylesheet" type="text/css">
<div><div id="mallHeader"></div><div id="tieredspender_mini"><div class="tieredspender_wrapper_tabs"><div class="tieredspender_tabs inline_block"></div></div><div class="tieredspender_wrapper_cntnts"><div id='tieredspender_camp_2' class='tieredspender_cntnt' onmouseover='showBarTooltip(1)' onmouseout='hideTooltip()'><div class="tracker_container"><a class="miniClick" href="/itemmall/tiered-spender/2" ><div class="element_container margin10L"><div class='tier_1 tier  inline_block' style='width:48px'></div><div class='tier_2 tier  inline_block' style='width:48px'></div><div class='tier_3 tier  inline_block' style='width:48px'></div><div class='tier_4 tier  inline_block' style='width:48px'></div><div class='tier_5 tier  inline_block' style='width:48px'></div><div class='tier_6 tier  inline_block' style='width:48px'></div><div class='tier_7 tier  inline_block' style='width:48px'></div><div class='tier_8 tier  inline_block' style='width:48px'></div></div><div class="element_container margin10L"><div class="bar_wrap"><div id="spend_level" class="spend_level 1"><div id="unlock_level" class="unlock_level 1"><div id="redeem_level" class="redeem_level 1"><div id="progress_bar" class="progress_bar 1"></div></div></div></div></div><div class="divider_wrap"><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div><div class='vbar inline_block' style='width:48px'></div></div><div><div class='tier_1 tier  inline_block' style='width:48px'></div><div class='tier_2 tier  inline_block' style='width:48px'></div><div class='tier_3 tier  inline_block' style='width:48px'></div><div class='tier_4 tier  inline_block' style='width:48px'></div><div class='tier_5 tier  inline_block' style='width:48px'></div><div class='tier_6 tier  inline_block' style='width:48px'></div><div class='tier_7 tier  inline_block' style='width:48px'></div><div class='tier_8 tier  inline_block' style='width:48px'></div></div></div>
                        <a id='unlocked' class='unlocked 1' rel='0'></a>
                        <a id='redeemed' class='redeemed 1' rel='0'></a></div><input type='hidden' value='Super Promotion W-E' name='campaign_title_1' /></div><div id='tieredspender_camp_5' class='tieredspender_cntnt' onmouseover='showBarTooltip(2)' onmouseout='hideTooltip()'><div class="tracker_container"><a class="miniClick" href="/itemmall/tiered-spender/5" ><div class="element_container margin10L"><div class='tier_1 tier  inline_block' style='width:65px'>99</div><div class='tier_2 tier  inline_block' style='width:65px'>1249</div><div class='tier_3 tier  inline_block' style='width:65px'>2499</div><div class='tier_4 tier  inline_block' style='width:65px'>4999</div><div class='tier_5 tier  inline_block' style='width:65px'>7499</div><div class='tier_6 tier  inline_block' style='width:65px'>9999</div></div><div class="element_container margin10L"><div class="bar_wrap"><div id="spend_level" class="spend_level 2"><div id="unlock_level" class="unlock_level 2"><div id="redeem_level" class="redeem_level 2"><div id="progress_bar" class="progress_bar 2"></div></div></div></div></div><div class="divider_wrap"><div class='vbar inline_block' style='width:65px'></div><div class='vbar inline_block' style='width:65px'></div><div class='vbar inline_block' style='width:65px'></div><div class='vbar inline_block' style='width:65px'></div><div class='vbar inline_block' style='width:65px'></div></div><div><div class='tier_1 tier  inline_block' style='width:65px'>1</div><div class='tier_2 tier  inline_block' style='width:65px'>2</div><div class='tier_3 tier  inline_block' style='width:65px'>3</div><div class='tier_4 tier  inline_block' style='width:65px'>4</div><div class='tier_5 tier  inline_block' style='width:65px'>5</div><div class='tier_6 tier  inline_block' style='width:65px'>6</div></div></div></a><a id='spent' class='spent 2' rel='0'></a>
                        <a id='unlocked' class='unlocked 2' rel='0'></a>
                        <a id='redeemed' class='redeemed 2' rel='0'></a></div><input type='hidden' value='Récompenses Fidélité Avril' name='campaign_title_2' /></div></div></div><div class="clear"></div><div id="pager"><span class="pager-list"><strong class="pager-current"></strong><a href="/itemmall/Featured?page=1" class="pager-last active" title="Aller à la page 2"></a></span><a href="/itemmall/Featured?page=1" class="pager-last active" title="Aller à la page suivante"></a><a href="/itemmall/Featured?page=1" class="pager-last active" title="Aller à la dernière page"></a></div><ul id="itemmall-inside" class="itemmall-inside"><li class='item_root item_root_selectable item item-count-17' id='item-0' ><div class='item-wrap'>
        <div class='col_left'>
            <div class='item-image tag-none'>
                <a rel='<div id="wysiwyg"><div class="formatedContent format"><p><img src="./icons/craft.png" /> <br> <strong>Craft Lapis Lv7 +40 str</strong><br />
</div></div>' href='./icons/craft.png' class='item-image-window tip item-tag tag-none' title='Craft Lapis Lv7' >
                    <img src='./icons/craft.png' alt='' />
                </a>
            </div>
        </div>
        <div>
...
(took it on official server credits to aeria games's webmaster xD)

Last is injecting the item on bank.
Code:
<?php
session_start();
include('../info.php');
if (!isset($_SESSION['session_id'])){header("location:../index.html");}
checkSession($_SESSION['session_id'],$_SESSION['UserID']);
$User="SELECT * FROM PS_UserData.dbo.Users_Master U
INNER JOIN PS_GameData.dbo.UserMaxGrow UM ON UM.UserUID=U.UserUID
WHERE UserID='".$_SESSION['UserID']."'";
$res = odbc_exec($conn,$User);
$info = odbc_fetch_array($res);
$user2 ="SELECT Slot FROM PS_Billing.dbo.Users_Product WHERE UserUID='".$info['UserUID']."'";
$slots = odbc_exec($conn,$user2);
if (odbc_num_rows($slots) < 40) {
if (($info['Point']) >= 5000) {
$point = odbc_exec($conn,"UPDATE PS_UserData.dbo.Users_Master SET Point=Point-5000 WHERE UserID='".$info['UserID']."'");
$check0 = odbc_exec($conn,"SELECT * FROM PS_Billing.dbo.Users_Product WHERE UserUID='".$info['UserUID']."' AND Slot=0");
if (odbc_num_rows($check0) == 0) {
$res0 = odbc_exec($conn,"INSERT INTO PS_Billing.dbo.Users_Product
			(UserUID
			,Slot
			,ItemID
			,ItemCount
			,ProductCode
			,OrderNumber
			,VerifyCode
			,BuyDate)
		VALUES
			('".$info['UserUID']."'
			,0
			,30082
			,5
			,'atk7'
			,1
			,1
			,GETDATE())");
			echo "You have successfully bought the item, <a href=\"../features.php\">click here to back on the store</a>";
			} else { 
				$check1 = odbc_exec($conn,"SELECT * FROM PS_Billing.dbo.Users_Product WHERE UserUID='".$info['UserUID']."' AND Slot=1");
				if (odbc_num_rows($check1) == 0) {
				$res1 = odbc_exec($conn,"INSERT INTO PS_Billing.dbo.Users_Product
				(UserUID
				,Slot
				,ItemID
				,ItemCount
				,ProductCode
				,OrderNumber
				,VerifyCode
				,BuyDate)
			VALUES
				('".$info['UserUID']."'
				,1
				,30082
				,5
				,'atk7'
				,1
				,1
				,GETDATE())");
				echo "You have successfully bought the item, <a href=\"../features.php\">click here to back on the store</a>";
				} else { ... //repeat the code between the { } for use more slots and don't forget to change the slot
                                 			}
		} else {
			echo "You don't have that ammount of points.<br>
			<a href=\"../features.php\">Click here to back on item mall</a>";
		}
	} else {
	echo "No slots available";
	}
	?>
Done.

Yes there's maybe some easyer ways to do it but this one work so i don't think i will change it.

I hope my english wasen't too bad for explain it.

Btw don't forget to fix bank teller's DC for it works.
GL.
05/23/2012 11:35 .Shaco.#2
Code:
session_start();
include('info.php');
Add that in Features after <?php to make it work, otherwise you will not see your login name & error with db connection. Good luck.

---------------

I don't know why you added code from Aeria Games cause those are not working + there is no CSS file... and a few other code are missing -.-'...

Regards,
LaMin
05/23/2012 13:52 Kyonhism#3
This is really works ? How to use this ?
05/23/2012 16:06 tracker62#4
Warning: odbc_exec(): supplied argument is not a valid ODBC-Link resource in C:\xampp\htdocs\teste\features.php on line 7

Warning: odbc_fetch_array(): supplied argument is not a valid ODBC result resource in C:\xampp\htdocs\teste\features.php on line 8

???????
05/23/2012 17:03 anton1312#5
dont work for me. i have blank page :(
05/23/2012 17:32 treica#6
because is not added the css, js, sql. ...well done, they can be added on a new css is good for the people that will need a webmall.
05/23/2012 17:56 tracker62#7
yes me I need an online store please
05/23/2012 17:58 Riouk#8
Later today i'll post the whole script of features.php + 1 item complete so you will have everything working completely.
05/23/2012 20:49 mirazass#9
Well seems to look not bad but its only 5 files systems abit to small dont think ? mines about 100 pages and 200 images ;) and i dont see sql file talking about PS_Donate or somfing like that wear you store your items.
05/23/2012 20:52 treica#10
A script wont need 100 pages, go on your thread and good luck selling.
05/25/2012 13:54 Svinseladden#11
thanks for this. but i get this:

this is features.php logged in:

Welcome, xxxxxx
Points: xxxxxx
99
1249
2499
4999
7499
9999
1
2
3
4
5
6
05/26/2012 14:11 carlrian#12
can you post a Video?