Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add verification page for badge purchases

spaghetti 8 years ago
parent
f8aa409a87
commit
7e05c1f715
1 changed files with 48 additions and 26 deletions
Split View Show Diff Stats
  1. 48
    26
      sections/store/badge.php

+ 48
- 26
sections/store/badge.php View File 

@@ -13,38 +13,41 @@ if (!$BadgeID) {
13 13 
   $Err = 'You already have this badge.';
14 14 
 } elseif ($BadgeID != $ShopBadgeIDs[0] && !Badges::has_badge($UserID, ['BadgeID' => $ShopBadgeIDs[array_search($BadgeID, $ShopBadgeIDs)-1]])) {
15 15 
   $Err = 'You haven\'t purchased the badges before this one!';
16 
-} else {
17 
-  $DB->query("
18 
-    SELECT BonusPoints
19 
-    FROM users_main
20 
-    WHERE ID = $UserID");
21 
-  if ($DB->has_results()) {
22 
-    list($BP) =  $DB->next_record();
23 
-    $BP = (int)$BP;
16 
+}
24 17
25 
-    if ($BP >= $Prices[$BadgeID]) {
26 
-      if (!Badges::award_badge($UserID, $BadgeID)) {
27 
-        $Err = 'Could not award badge, unknown error occurred.';
28 
-      } else {
29 
-        $DB->query("
30 
-          UPDATE users_main
31 
-          SET BonusPoints = BonusPoints - " . $Prices[$BadgeID] ."
32 
-          WHERE ID = $UserID");
18 
+if (isset($_GET['confirm']) && $_GET['confirm'] == 1) {
19 
+  if (!isset($Err)) {
20 
+    $DB->query("
21 
+      SELECT BonusPoints
22 
+      FROM users_main
23 
+      WHERE ID = $UserID");
24 
+    if ($DB->has_results()) {
25 
+      list($BP) =  $DB->next_record();
26 
+      $BP = (int)$BP;
27 
+
28 
+      if ($BP >= $Prices[$BadgeID]) {
29 
+        if (!Badges::award_badge($UserID, $BadgeID)) {
30 
+          $Err = 'Could not award badge, unknown error occurred.';
31 
+        } else {
32 
+          $DB->query("
33 
+            UPDATE users_main
34 
+            SET BonusPoints = BonusPoints - " . $Prices[$BadgeID] ."
35 
+            WHERE ID = $UserID");
33 36
34 
-        $DB->query("
35 
-          UPDATE users_info
36 
-          SET AdminComment = CONCAT('".sqltime()." - Purchased badge $BadgeID from store\n\n', AdminComment)
37 
-          WHERE UserID = $UserID");
37 
+          $DB->query("
38 
+            UPDATE users_info
39 
+            SET AdminComment = CONCAT('".sqltime()." - Purchased badge $BadgeID from store\n\n', AdminComment)
40 
+            WHERE UserID = $UserID");
38 41
39 
-        $Cache->delete_value("user_info_heavy_$UserID");
42 
+          $Cache->delete_value("user_info_heavy_$UserID");
43 
+        }
44 
+      } else {
45 
+        $Err = 'Not enough '.BONUS_POINTS.'.';
40 46 
       }
41 
-    } else {
42 
-      $Err = 'Not enough '.BONUS_POINTS.'.';
43 47 
     }
44 48 
   }
45 
-}
46 49
47 
-View::show_header('Store'); ?>
50 
+  View::show_header('Store'); ?>
48 51 
 <div class='thin'>
49 52 
   <h2 id='general'>Purchase <?=isset($Err)?'Failed':'Successful'?></h2>
50 53 
   <div class='box pad' style='padding: 10px 10px 10px 20px;'>
 
@@ -52,4 +55,23 @@ View::show_header('Store'); ?>
52 55 
     <p><a href='/store.php'>Back to Store</a></p>
53 56 
   </div>
54 57 
 </div>
55 
-<? View::show_footer(); ?>
58 
+<? } else {
59 
+  View::show_header('Store'); ?>
60 
+<div class='thin'>
61 
+  <h2 id='general'>Purchase Badge?</h2>
62 
+  <div class='box pad' style='padding: 10px 10px 10px 20px;'>
63 
+    <p>Badge cost: <?=number_format($Prices[$BadgeID])?> <?=BONUS_POINTS?></p>
64 
+    <? if (isset($Err)) { ?>
65 
+    <p>Error: <?=$Err?></p>
66 
+    <? } else { ?>
67 
+    <form action="store.php">
68 
+      <input type="hidden" name="item" value="badge">
69 
+      <input type="hidden" name="badge" value="<?=$BadgeID?>">
70 
+      <input type="hidden" name="confirm" value="1">
71 
+      <input type="submit" value="Purchase">
72 
+    <? } ?>
73 
+    <p><a href='/store.php'>Back to Store</a></p>
74 
+  </div>
75 
+</div>
76 
+<? }
77 
+View::show_footer(); ?>

Write Preview
Loading…
Cancel
Save