battles/comission.php

<?php
session_start();
if ($_SESSION['uid'] == null) header("Location: index.php");
require_once 'functions.php';

if ($user['level'] < 1) {
    header("Location: main.php");
    die();
}
if ($user['room'] != 25) {
    header("Location: main.php");
    die();
}
if ($user['battle'] != 0) {
    header('location: fbattle.php');
    die();
}

$get = urldecode(filter_input(INPUT_SERVER, 'QUERY_STRING'));

$itemCost = (int)filter_input(INPUT_POST, 'cost', FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]);
$itemId = (int)filter_input(INPUT_POST, 'putId', FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]);
$returningItemId = (int)filter_input(INPUT_GET, 'back', FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]);
$byingItemId = (int)filter_input(INPUT_GET, 'set', FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]);

if ($itemCost && $itemId) {
    $commission = ceil($itemCost / 10); # 10% от суммы с округлением вверх.
    if ($user['money'] > $commission) {
        $dress = db::c()->query('SELECT `name`,`duration`,`maxdur` FROM `inventory` WHERE `dressed` = 0 AND `id` = ?i AND `owner` = ?i', $itemId, $_SESSION['uid'])->fetch_assoc();
        if (db::c()->getAffectedRows()) {
            $deloText = "{$user['login']} выставил товар: «{$dress['name']}» id:({$itemId}) [{$dress['duration']}/{$dress['maxdur']}] на продажу в комиссионку за {$itemCost} кр. ";
            addToDelo($deloText);
            db::c()->query('UPDATE `inventory` SET `setsale` = ?i WHERE `id` = ?i', $itemCost, $itemId);
            db::c()->query('UPDATE `users` SET `money` = `money` - ?i WHERE `id` = ?i', $commission, $_SESSION['uid']);
            $status = "Вы сдали в магазин «{$dress['name']}» за {$itemCost} кр. Вычтено за услуги магазина: {$commission} кр.";
        } else $status = "Предмет не найден в инвентаре!";
    } else $status = "У вас не хватает " . $commission - $user['money'] . " кр. чтобы оплатить комиссию!";
}

if ($returningItemId) {
    $dress = db::c()->query('SELECT `name`,`duration`,`maxdur` FROM `inventory` WHERE `dressed` = 0 AND `setsale` > 0 AND `id` = ?i AND `owner` = ?i', $returningItemId, $_SESSION['uid'])->fetch_assoc();
    if (db::c()->getAffectedRows()) {
        $deloText = "{$user['login']} забрал свой товар: «{$dress['name']}» id:({$returningItemId}) [{$dress['duration']}/{$dress['maxdur']}] из комиссионки.";
        addToDelo($deloText);
        db::c()->query('UPDATE `inventory` SET `setsale` = 0 WHERE `id` = ?i', $returningItemId);
        $status = "Вы забрали из магазина ваш «{$dress['name']}».";
    } else $status = "Предмет не найден на полках магазина!";
}

if ($byingItemId) {
    $dress = mysql_fetch_array(mysql_query("SELECT * FROM `inventory` WHERE `dressed`=0 AND `id` = '{$set}' and `owner`!='" . $user['id'] . "' AND `setsale` > 0"));
    $userfrom = mysql_fetch_array(mysql_query("SELECT `login`,`id` FROM `users` WHERE  `id` = '" . $dress['owner'] . "' LIMIT 1;"));
    $d = mysql_fetch_array(mysql_query("SELECT sum(`massa`) FROM `inventory` WHERE `owner` = '{$_SESSION['uid']}' AND `dressed` = 0 AND `setsale` = 0 ; "));
    if ($userfrom['id'] && $dress['id']) {
        if (($dress['massa'] + $d[0]) > (get_meshok())) {
            echo "<font color=red><b>Недостаточно места в рюкзаке.</b></font>";
        } elseif ($user['money'] >= $dress['setsale']) {
            if (mysql_query("UPDATE `inventory` SET `owner` = '{$user['id']}', `setsale` = 0 WHERE `id` = '{$set}' AND `setsale` > '0' LIMIT 1;")) {
                $good = 1;
            } else {
                $good = 0;
            }

            if ($good) {
                //mysql_query("UPDATE `shop` SET `count`=`count`-{$_POST['count']} WHERE `id` = '{$set}' LIMIT 1;");
                echo "<font color=red><b>Вы купили \"" . $dress['name'] . "\".</b></font>";
                $moneyto = round($dress['setsale'] * 0.90, 2);
                $komiss = round($dress['setsale'] * 0.10, 2);
                mysql_query("UPDATE `users` set `money` = `money`- '" . $dress['setsale'] . "' WHERE id = {$_SESSION['uid']}");
                mysql_query("UPDATE `users` set `money` = `money`+ '" . $moneyto . "' WHERE id = {$userfrom['id']}");
                mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$_SESSION['uid']}','\"" . $user['login'] . "\" купил товар: \"" . $dress['name'] . "\" id:(cap" . $dress['id'] . ") [" . $dress['duration'] . "/" . $dress['maxdur'] . "] от \"" . $userfrom['login'] . "\" за " . $dress['setsale'] . " кр. в комиссионке ',5,'" . time() . "');");
                mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$userfrom['id']}','\"" . $user['login'] . "\" купил товар: \"" . $dress['name'] . "\" id:(cap" . $dress['id'] . ") [" . $dress['duration'] . "/" . $dress['maxdur'] . "] от \"" . $userfrom['login'] . "\" за " . $dress['setsale'] . " кр. в комиссионке ',5,'" . time() . "');");
                mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$_SESSION['uid']}','\"" . $user['login'] . "\" купил товар: \"" . $dress['name'] . "\" id:(cap" . $dress['id'] . ") [" . $dress['duration'] . "/" . $dress['maxdur'] . "] за " . $dress['setsale'] . " кр. в комиссионке ',1,'" . time() . "');");
                mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$userfrom['id']}','\"" . $userfrom['login'] . "\" получил " . $moneyto . " кр. за продажу товара: \"" . $dress['name'] . "\" id:(cap" . $dress['id'] . ") [" . $dress['duration'] . "/" . $dress['maxdur'] . "] через комиссионку ',1,'" . time() . "');");
                $user['money'] = $user['money'] - $dress['setsale'];
                $us = mysql_fetch_array(mysql_query("select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = '{$userfrom['id']}' LIMIT 1;"));
                if ($us[0]) {
                    addchp('<font color=red>Внимание!</font> Успешно продан предмет "' . $dress['name'] . '" за ' . $dress['setsale'] . ' кр.  Комиссия составила ' . $komiss . ' кр. Вам перечислено от комиссионного магазина ' . $moneyto . ' кр. ', '{[]}' . $userfrom['login'] . '{[]}');
                } else {
                    // если в офе
                    mysql_query("INSERT INTO `telegraph` (`receiver`,`date`,`text`) values ('" . $userfrom['id'] . "','','" . '<font color=red>Внимание!</font> Успешно продан предмет "' . $dress['name'] . '" за ' . $dress['setsale'] . ' кр.  Комиссия составила ' . $komiss . ' кр. Вам перечислено от комиссионного магазина ' . $moneyto . ' кр. ' . "');");
                }
            }
        } else {
            echo "<font color=red><b>Недостаточно денег или нет вещей в наличии.</b></font>";
        }
    } else {
        echo "<font color=red><b>Вещь не найдена в магазине</b></font>";
    }
}

$classPrintControlName = "marketbuy";

if ($get === 'sale') {
    $data = db::c()->query('SELECT `inventory`.*,
       `magic`.`name` AS `magic_name`,
       `magic`.`chanse` AS `magic_chanse`,
       `magic`.`time` AS `magic_time`,
       `magic`.`file` AS `magic_file`,
       `magic`.`targeted` AS `magic_targeted`,
       `magic`.`needcharge` AS `magic_needcharge`,
       `magic`.`img` AS `magic_img`,
       0 AS `maxdur` 
       
FROM `inventory` LEFT JOIN `magic` ON `magic` = `magic`.`id` WHERE `setsale` = 0 AND `dressed` = 0 AND `present` = "?s" AND `owner` = ?i ORDER BY `update` DESC ', '', $_SESSION['uid']);
    $classPrintControlName = "marketput";
} elseif ($get === 'unsale') {
    $data = db::c()->query('SELECT `inventory`.*,
       `magic`.`name` AS `magic_name`,
       `magic`.`chanse` AS `magic_chanse`,
       `magic`.`time` AS `magic_time`,
       `magic`.`file` AS `magic_file`,
       `magic`.`targeted` AS `magic_targeted`,
       `magic`.`needcharge` AS `magic_needcharge`,
       `magic`.`img` AS `magic_img`,
       0 AS `maxdur` 
       
FROM `inventory` LEFT JOIN `magic` ON `magic` = `magic`.`id` WHERE `setsale` > 0 AND `dressed` = 0 AND `owner` = ?i ORDER BY `update` DESC', $_SESSION['uid']);
    $classPrintControlName = "marketgetback";
} else if (!empty($_POST['search'])) {
    $data = db::c()->query('SELECT `inventory`.*,
       `magic`.`name` AS `magic_name`,
       `magic`.`chanse` AS `magic_chanse`,
       `magic`.`time` AS `magic_time`,
       `magic`.`file` AS `magic_file`,
       `magic`.`targeted` AS `magic_targeted`,
       `magic`.`needcharge` AS `magic_needcharge`,
       `magic`.`img` AS `magic_img`,
       0 AS `maxdur` 
       
FROM `inventory` LEFT JOIN `magic` ON `magic` = `magic`.`id` WHERE `dressed` = 0 AND `inventory`.`name` LIKE "%?S%" AND `setsale` > 0 ORDER BY `setsale` ASC', $_POST['search']);
} else {
    $data = db::c()->query('SELECT `inventory`.*,
       `magic`.`name` AS `magic_name`,
       `magic`.`chanse` AS `magic_chanse`,
       `magic`.`time` AS `magic_time`,
       `magic`.`file` AS `magic_file`,
       `magic`.`targeted` AS `magic_targeted`,
       `magic`.`needcharge` AS `magic_needcharge`,
       `magic`.`img` AS `magic_img`,
       0 AS `maxdur` 
       
FROM `inventory` LEFT JOIN `magic` ON `magic` = `magic`.`id` WHERE `dressed` = 0 AND `setsale` > 0 ORDER BY `setsale` ASC');
}

$iteminfo = [];
while ($row = $data->fetch_assoc()) {
    $iteminfo[] = new ShopItem($row);
}

?>
<HTML>
<HEAD>
    <link rel=stylesheet href="css/main.css">
    <script src="js/main.js"></script>
    <meta charset="utf-8">
    <title>Рынок</title>
</HEAD>
<body>
<h1>Рынок</h1>
<a href=# onclick=hrefToFrame('city.php?cp')> ← выйти на Центральную площадь</a>
<div><?php if (!empty($status)) err($status); ?></div>
<TABLE width=100% cellspacing="0" cellpadding="4">
    <TR>
        <TD valign=top align=left>
            <!--Комиссионный Магазин-->
            <TABLE class="zebra" width=100% >
                <TR>
                    <TH>
                        <?php
                        if ($get === 'sale') {
                            echo "Выставить товар на продажу.<br>Комиссия за услуги магазина составляет 10% от цены, по которой вы предлагаете предмет.";
                        } elseif ($get === 'unsale') echo "Забрать свой товар.";
                        else {
                            echo <<<MARKET
Список товаров.<br>
<form method="post">
<input name="search"> <input type="submit" value="Искать товар">
</form>
MARKET;
                        } ?>
                    </TH>
                </TR>
                <TR>
                    <TD><!--Рюкзак-->
                        <TABLE WIDTH=100% style="border: 1px solid #000; border-collapse: collapse;">
                            <?php
                            foreach ($iteminfo as $ii) {
                                echo "<tr><td style='width: 150px; text-align: center;'>";
                                $ii->printImage();
                                $ii->printControls($classPrintControlName);
                                echo "</td>";
                                echo "<td style='vertical-align: top;'>";
                                $ii->printInfo();
                                echo "</td></tr>";
                            }
                            ?>
                        </TABLE>
                    </TD>
                </TR>
            </TABLE>
        </TD>
        <TD valign=top width=280>
            <div style="margin-left:15px; margin-top: 10px;">
                <b>Масса всех ваших вещей: <?= getItemsMassaInfo() ?>
                    <br>У вас в наличии: <span style="color: darkgreen;"><?= $user['money'] ?></span> кр.</b>
                <hr>
                <br>
                <button onclick="hrefToFrame('?show')">Осмотреть товары</button>
                <br>
                <button onclick="hrefToFrame('?sale')">Сдать вещи в магазин</button>
                <br>
                <button onclick="hrefToFrame('?unsale')">Забрать вещи из магазина</button>
                <br>
                <button onclick="hrefToFrame('city.php?cp=1')">Вернуться</button>
            </div>
        </TD>
    </TR>
</TABLE>
</BODY>
</HTML>