Bot Shop
= $botPrice)
{
?>
";
$id = "Er kan maar 1 bot in je kamer!";
}
$userRoomID = mysql_query('SELECT id FROM rooms WHERE owner = "'.$_SESSION['user']['username'].'"');
if(is_numeric ("$_POST[room_id]") && "$_POST[room_id]" == $userRoomID)
{
$room_id = mysql_real_escape_string($_POST[room_id]);
}
else
{
echo "Er kan maar 1 bot in je kamer.
(room_id)
"; $room_id = "Oeps!"; } if("$_POST[name]" != "") { $room_id = mysql_real_escape_string($_POST[name]); } else { echo "Geef je je bot een naam?
"; $name = "Geef je bot een naam!"; } if("$_POST[motto]" != "") { $room_id = mysql_real_escape_string($_POST[motto]); } else { echo "Geef je je bot een motto?.
"; $motto = "Oeps!"; } if(is_numeric ("$_POST[x]")) { $x = mysql_real_escape_string($_POST[x]); } else { echo "Oeps! (x)
"; $x = "Oeps!"; } if(is_numeric ("$_POST[y]")) { $y = mysql_real_escape_string($_POST[y]); } else { echo "Oeps! (y)
"; $y = "Oeps!"; } if(is_numeric ("$_POST[z]")) { $z = mysql_real_escape_string($_POST[z]); } else { echo "Oeps! (z)
"; $z = "Oeps!"; } if(is_numeric ("$_POST[rotation]")) { $rotation = mysql_real_escape_string($_POST[rotation]); } else { echo "Oeps! (rotation)
"; $rotation = "Oeps!"; } //Insert filtered values into database if ($id=="Oeps!" || $room_id=="Oeps!" || $name=="Oeps!" || $motto=="Oeps!" || $x=="Oeps!" || $y=="Oeps!" || $z=="Oeps!" || $rotation=="Oeps!") { if ($name=="Oeps!" || $motto=="Oeps!") { echo ""; } else { echo "Oeps!"; } } else { //Just to play safe $id = mysql_real_escape_string($_POST[id]); $owner = mysql_real_escape_string($_POST[owner]); $room_id = mysql_real_escape_string($_POST[room_id]); $name = mysql_real_escape_string($_POST[name]); $motto = mysql_real_escape_string($_POST[motto]); $look = mysql_real_escape_string($_POST[look]); $x = mysql_real_escape_string($_POST[x]); $y = mysql_real_escape_string($_POST[y]); $z = mysql_real_escape_string($_POST[z]); $rotation = mysql_real_escape_string($_POST[rotation]); $walk_mode = mysql_real_escape_string($_POST[walk_mode]); //Get and update user Credits $userID = mysql_fetch_array(mysql_query('SELECT id FROM users WHERE username = "'.$_SESSION['user']['username'].'"')); MUS("updatecredits", $userID['id']); MUS("update_bots"); $updateCredits = (mysql_query("UPDATE users SET credits=credits-$botPrice WHERE username= '".$owner."'")) or die(mysql_error()); $makeBot = mysql_query("INSERT INTO bots (id, room_id, owner, name, motto, look , x , y , z , rotation , walk_mode) VALUES ('".$id."','".$room_id."','".$owner."','".$name."','".$motto."','".$look."','".$x."','".$y."','".$z."','".$rotation."','".$walk_mode."')") or die(mysql_error()); echo "
"; } } else { echo 'Maximum bot limit reached. Please delete one of yours bots to continue.'; ?> Bot deleted"; echo 'Buy another bot'; unset($GLOBALS['delete']); unset($_post['delete']); $reload = $_SERVER['REQUEST_URI']; } else { ?>
Your bots:
(room_id)
"; $room_id = "Oeps!"; } if("$_POST[name]" != "") { $room_id = mysql_real_escape_string($_POST[name]); } else { echo "Geef je je bot een naam?
"; $name = "Geef je bot een naam!"; } if("$_POST[motto]" != "") { $room_id = mysql_real_escape_string($_POST[motto]); } else { echo "Geef je je bot een motto?.
"; $motto = "Oeps!"; } if(is_numeric ("$_POST[x]")) { $x = mysql_real_escape_string($_POST[x]); } else { echo "Oeps! (x)
"; $x = "Oeps!"; } if(is_numeric ("$_POST[y]")) { $y = mysql_real_escape_string($_POST[y]); } else { echo "Oeps! (y)
"; $y = "Oeps!"; } if(is_numeric ("$_POST[z]")) { $z = mysql_real_escape_string($_POST[z]); } else { echo "Oeps! (z)
"; $z = "Oeps!"; } if(is_numeric ("$_POST[rotation]")) { $rotation = mysql_real_escape_string($_POST[rotation]); } else { echo "Oeps! (rotation)
"; $rotation = "Oeps!"; } //Insert filtered values into database if ($id=="Oeps!" || $room_id=="Oeps!" || $name=="Oeps!" || $motto=="Oeps!" || $x=="Oeps!" || $y=="Oeps!" || $z=="Oeps!" || $rotation=="Oeps!") { if ($name=="Oeps!" || $motto=="Oeps!") { echo ""; } else { echo "Oeps!"; } } else { //Just to play safe $id = mysql_real_escape_string($_POST[id]); $owner = mysql_real_escape_string($_POST[owner]); $room_id = mysql_real_escape_string($_POST[room_id]); $name = mysql_real_escape_string($_POST[name]); $motto = mysql_real_escape_string($_POST[motto]); $look = mysql_real_escape_string($_POST[look]); $x = mysql_real_escape_string($_POST[x]); $y = mysql_real_escape_string($_POST[y]); $z = mysql_real_escape_string($_POST[z]); $rotation = mysql_real_escape_string($_POST[rotation]); $walk_mode = mysql_real_escape_string($_POST[walk_mode]); //Get and update user Credits $userID = mysql_fetch_array(mysql_query('SELECT id FROM users WHERE username = "'.$_SESSION['user']['username'].'"')); MUS("updatecredits", $userID['id']); MUS("update_bots"); $updateCredits = (mysql_query("UPDATE users SET credits=credits-$botPrice WHERE username= '".$owner."'")) or die(mysql_error()); $makeBot = mysql_query("INSERT INTO bots (id, room_id, owner, name, motto, look , x , y , z , rotation , walk_mode) VALUES ('".$id."','".$room_id."','".$owner."','".$name."','".$motto."','".$look."','".$x."','".$y."','".$z."','".$rotation."','".$walk_mode."')") or die(mysql_error()); echo "
Bot succesfully added! ("; echo $userID['id']; echo ")
"; unset($GLOBALS['submit']); unset($_post['submit']); $reload = $_SERVER['REQUEST_URI']; } } { ?> Not enough Credits"; echo "You don't have enough Credits for this."; } } else { echo 'Maximum bot limit reached. Please delete one of yours bots to continue.'; ?> Bot deleted"; echo 'Buy another bot'; unset($GLOBALS['delete']); unset($_post['delete']); $reload = $_SERVER['REQUEST_URI']; } else { ?>
Your bots:
Wat zijn bots?
Bot zijn robots!, ze kunnen geen cola of popcorn geven ze kunnen alleen lopen, en ze geven ook een goeie sfeer, als je eenzaam bent :(
Bots kosten 25000000 Credits en je kan er maar 4 kopen!
Bots kosten 25000000 Credits en je kan er maar 4 kopen!