[HELP] MySQL code to add an item to a player

G-hamsteR · January 21, 2009

Hello!

I want to make an automatic donation system. How can i add an item using mysql code?

eg let's say that i want to add a +25 Draconic Bow to the player with ID: 268477076

Afto tha eine to owner_id. To provlhma eine me to object_id. Ap'oti exo katalavei, afto eine ksexwristo gia kathe item. To tha valo loipon ekei sto code m?

INSERT INTO items

(owner_id, object_id, item_id, count, enchant_level, loc, loc_data, price_sell, price_buy, time_of_use, custom_type1, custom_type2, mana_left) VALUES('268477076', 'XXXX', '7575', '1', '25', 'INVENTORY', '0', '0', '0', "", '0', '0', '-1' )

The problem is the XXXX. What do i put there?

Thanks a lot for your time reading this.

G-hamsteR · January 22, 2009

After i solve this problem, i'm gonna share my automatic donation system.

shoko · July 28, 2010

[code]if($sacao == 'addi') {
$id_char    = intval($_GET['id_char']);
$id_item    = intval($_GET['id_item']);
$t          = addslashes(htmlentities($_GET['t']));
$enchant    = intval($_GET['enchant']);
$qtd        = intval($_GET['qtd']);
$caracteres = '0123456789';
$numch      = 9;
$oid   = '';
for($i=0;$i<$numch;$i++) {
	$oid.=$caracteres[rand(0,strlen($caracteres)-1)];
}
for($i = 1; $i <= $qtd; $i++) {
$aux=$oid+$i;
$qt = $qtd > 1 ? '1' : $qtd;
	mysql_query("INSERT INTO items (owner_id, object_id, item_id, count, enchant_level, loc)
				 VALUES
				('".$id_char."', '".$aux."', '".$id_item."', '".$qt."', '".$enchant."', 'INVENTORY')") or die(mysql_error());
      

}

This is Full Code credit to Ordenador , Unknow Source , I try to make web shop to buy someting item from web but it don't work and low security

<?php
// Fix by Ordenador v2009.07.26
?>

<?php
$username = "admin"; // username 
$password = "12345"; // password 


?>
<?

include("config.php");
$acao = addslashes(htmlentities($_GET['acao']));
$sacao = addslashes(htmlentities($_GET['sacao']));

function GetImage( $item_id )
{
$query_result_foto = mysql_query("SELECT pic FROM orde_iconos WHERE id = '".$item_id."'") or die(mysql_error());
if (mysql_num_rows($query_result_foto)==1)
{
	$lnk = mysql_fetch_row($query_result_foto);
	$img = "<img class='icon' src='icons/". $lnk[0] . ".png' alt='' />";
	return $img;
}
else {
  $img = "<img src=\"icons/sem_img.gif\" alt=\"Sin imagen.\">";
  return $img;
  }
}

function GetDesc( $item_id )
{
$query_result_desc = mysql_query("SELECT blabla FROM orde_iconos WHERE id = '".$item_id."'") or die(mysql_error());
if (mysql_num_rows($query_result_desc)==1)
{
	$desc = mysql_fetch_row($query_result_desc);
	$descripcion = $desc[0];
	return $descripcion;
}
else return "";
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Donation System</title>
<style type="text/css">
<!--
.style1 {
font-size: 11px;
font-family: Arial, Helvetica, sans-serif;
}
.style2 {
font-size: 11px;
color: #FFFFFF;
font-family: Arial, Helvetica, sans-serif;
}
.style5 {color: #FFFFFF; font-weight: bold; }
-->
</style>
</head>

<body>
<form id="form1" name="form1" method="get">
 <div>
   <div align="center"><img src="http://i40.tinypic.com/2bbehi.jpg" border="0" alt="Photobucket"></div>
 </div>
 <p>
   <input type="hidden" name="acao" value="buscar" />
   <?
if($_GET['t'] == "weapon") {
$w = " selected";
}elseif($_GET['t'] == "armor") {
$a = " selected";
}else{
$i = " selected";
}
?>
 </p>
 <table width="100%" border="0" class="style1">
   <tr>
     <td width="40%">Donating for:</td>
     <td width="60%">
    <select name="t" class="style1" id="t">
         <option value="etcitem"<?php echo $i; ?>>Item</option>
         <option value="weapon"<?php echo $w; ?>>Weapon</option>
         <option value="armor"<?php echo $a; ?>>Armor</option>
       </select>
     </td>
   </tr>
   <tr>
     <td>Item Name: </td>
     <td><input name="item" type="text" class="style1" id="item" value="<?php echo $_GET['item']; ?>" size="30" /></td>
   </tr>
   <tr>
     <td> </td>
     <td><input type="submit" class="style1" value="Check" /></td>
   </tr>
 </table>
</form>
<p>
<hr />
</p>
<?


//BUSCANDO ITEM

if($acao == "buscar") {

$tabela = addslashes(htmlentities($_GET['t']));
$item   = addslashes(htmlentities($_GET['item']));
if ($_GET['item']<>""){
$sql    = mysql_query("SELECT * FROM ".$tabela." WHERE name LIKE '%".$item."%' ORDER BY name") or die(mysql_error());
$contar = mysql_num_rows($sql);
$cor    = 0;
}else{
$contar = 0;
}

if($contar < 1) {
?>
<table width="100%" border="0" class="style1">
 <tr>
   <td align="center">No se encontraron items con nombre: <strong><?php echo $item; ?></strong></td>
 </tr>
</table>

<?
}else{
?>
<table width="100%" border="0">
 <tr bgcolor="#666666" class="style2">
   <td> </td>
   <td width="6%" align="center"><strong>Item ID</strong></td>
   <td width="25%" align="center"><strong>Nombre: </strong></td>
<td width="29%" align="center"><strong>Descripcion: </strong></td>
   <td width="6%" align="center"><strong>Grado # :</strong></td>
   <td width="15%" align="center"><strong>Tipo: </strong></td>
   <td width="19%" align="center"><strong>Accion:</strong></td>
 </tr>
<?
while($c = mysql_fetch_array($sql)) {
$cor = $cor + 1;
if ($cor % 2 == 0) { 
$bg = '#F7F7F7'; 
} else { 
$bg = '#E7E7E7';
} 
$c['name'] = str_replace("_", " ", $c['name']);
$img = GetImage($c['item_id']);
$descripcion = GetDesc($c['item_id']);
?>

 <tr class="style1" bgcolor="<?php echo $bg; ?>">
   <td><?php echo $img; ?></td>
   <td align="center"><?php echo $c['item_id']; ?></td>
   <td><?php echo ucwords(strtolower($c['name'])); ?></td>
<td><?php echo $descripcion; ?></td>
   <td align="center"><?php echo ucwords($c['crystal_type']); ?></td>
   <td><?php echo $c['bodypart']; ?></td>
   <td><a href="?acao=doar&t=<?php echo $tabela; ?>&id=<?php echo $c['item_id']; ?>">ADD donated Item</a> </td>
 </tr>
<?
}
}
?>
</table>
<?
}

if($acao == "doar") {

$t  = addslashes(htmlentities($_GET['t']));
$id = intval($_GET['id']);

?>
<form method="get">
<input type="hidden" name="sacao" value="conta" />
<input type="hidden" name="acao" value="doar" />
<input type="hidden" name="t" value="<?php echo $t; ?>" />
<input type="hidden" name="id_item" value="<?php echo $id; ?>" />
<table width="100%" border="0" class="style1">
 <tr>
   <td width="32%" align="right">Login of the Player: </td>
   <td width="68%"><input name="conta" type="text" class="style1" id="conta" /></td>
 </tr>
 <tr>
   <td> </td>
   <td><input type="submit" class="style1" value="Do It!" /></td>
 </tr>
</table>
</form>
<?
//lol where is the charID...? :P so the script has error.. and we find that lol
if($sacao == 'conta') {
$t = addslashes(htmlentities($_GET['t']));
$id_item = intval($_GET['id_item']);

$conta = addslashes(htmlentities($_GET['conta']));
$co = mysql_query("SELECT * FROM characters WHERE account_name = '".$conta."'") or die(mysql_error());
$contar = mysql_num_rows($co);

if($contar < 1) {
	echo "No Chars found !";
	}else{
?>
<table width="100%" border="0" class="style1">
 <tr>
   <td colspan="3" align="center" bgcolor="#FFFFFF" class="style1"><hr /></td>
 </tr>
 <tr>
   <td colspan="3" align="center" bgcolor="#FFFFFF" class="style1">List of the chars: <strong><?php echo $conta; ?></strong></td>
 </tr>
 <tr bgcolor="#666666">
   <td width="35%" class="style2"><span class="style5">Name of char:</span></td>
   <td width="45%" class="style2"><span class="style5">Level of char:</span></td>
   <td width="20%" class="style2"><strong>Action:</strong></td>
 </tr>
 <?
 $cor = 0;
 while($c = mysql_fetch_object($co)) {
 $cor = $cor + 1;
 $bg = $cor % 2 == 0 ? '#F7F7F7' : '#E7E7E7';

 ?>
 <tr bgcolor="<?php echo $bg; ?>">
   <td><?php echo $c->char_name; ?></td>
   <td><?php echo $c->level; ?></td>
   <td>
  <a href="?acao=add&id_char=<?php echo $c->charId; ?>&t=<?php echo $t; ?>&id_item=<?php echo $id_item; ?>">
  ADD Item 
  </a>
</td>
 </tr>
 <?
 }
 ?>
</table>
<?
}
}
}

if($acao == 'add') {
$id_char = intval($_GET['id_char']);
$id_item = intval($_GET['id_item']);
$t       = addslashes(htmlentities($_GET['t']));
?>
<form method="get">
<input type="hidden" name="sacao" value="addi" />
<input type="hidden" name="acao" value="add" />
<input type="hidden" name="id_char" value="<?php echo $id_char; ?>" />
<input type="hidden" name="id_item" value="<?php echo $id_item; ?>" />
<input type="hidden" name="t" value="<?php echo $t; ?>" />

<table width="100%" border="0" class="style1">
 <tr>
   <td width="36%">Enchant of the Item: </td>
   <td width="64%"><input name="enchant" type="text" class="style1" id="enchant" /></td>
 </tr>
 <tr>
   <td>Quantity:</td>
   <td><input name="qtd" type="text" class="style1" id="qtd" /></td>
 </tr>
 <tr>
   <td> </td>
   <td><input type="submit" class="style1" value="Do It!" /></td>
 </tr>
 <tr>
   <td> </td>
   <td> </td>
 </tr>
 <tr>
   <td> </td>
   <td> </td>
 </tr>
</table>
</form>
<?

if($sacao == 'addi') {
$id_char    = intval($_GET['id_char']);
$id_item    = intval($_GET['id_item']);
$t          = addslashes(htmlentities($_GET['t']));
$enchant    = intval($_GET['enchant']);
$qtd        = intval($_GET['qtd']);
$caracteres = '0123456789';
$numch      = 9;
$oid   = '';
for($i=0;$i<$numch;$i++) {
	$oid.=$caracteres[rand(0,strlen($caracteres)-1)];
}
for($i = 1; $i <= $qtd; $i++) {
$aux=$oid+$i;
$qt = $qtd > 1 ? '1' : $qtd;
	mysql_query("INSERT INTO items (owner_id, object_id, item_id, count, enchant_level, loc)
				 VALUES
				('".$id_char."', '".$aux."', '".$id_item."', '".$qt."', '".$enchant."', 'INVENTORY')") or die(mysql_error());
      mysql_query("INSERT INTO items_log (owner_id, object_id, item_id, count, enchant_level, loc)
				 VALUES
				('".$id_char."', '".$aux."', '".$id_item."', '".$qt."', '".$enchant."', 'INVENTORY')") or die(mysql_error());

}

echo "Item Added!";

}	
}
?>
</body>
</html>

echo "Item Added!";

[/code]

[HELP] MySQL code to add an item to a player

Recommended Posts

G-hamsteR

G-hamsteR

shoko

Posts

Topics

Browse

Activity

Store

Important Information