<?php
/*
* This file is part of 'Crown of Evanion'.
*
* 'Crown of Evanion' is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* 'Crown of Evanion' is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with 'Crown of Evanion'; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
$title = "My Items";
include("include.php");
$page = $_REQUEST['page'];
$errors = array(
'1' => "<h5>You do not own this item.</h5>",
'2' => "<h5>Your dragon already has full health, so you really don't want to waste a healing item.</h5>",
'3' => "<h5>You need to fill in the name of a Dragon to attack.</h5>",
'4' => "<h5>There is no such dragon.</h5>",
'5' => "<h5>You can't attack $Dragon!</h5>",
'6' => "<h5>You already have a piece of Dragon Armor equiped.</h2>",
'7' => "<h5>You cannot attack an enemy with 0 health.</h5>",
'8' => "<h5>$Dragon is not hungry.</h5>",
'9' => "<h5>$Dragon doesn't want to play right now.</h5>",
'10' => "<h5>No such user.</h5>",
'11' => "<h5>You already have that spell in your spellbook.</h5>",
'12' => "<h5>Your already using this quill.</h5>",
'13' => "<h5>You can't give that item away.</h5>",
);
$actiontext = array(
'food' => "<li><a href=$PHP_SELF?page=eat&id=$id>Feed $Dragon<a></li>",
'heal' => "<li><a href=$PHP_SELF?page=heal&id=$id>Heal $Dragon<a></li>",
'toy' => "<li><a href=$PHP_SELF?page=play&id=$id>Play with $Dragon<a></li>",
'armor' => "<li><a href=$PHP_SELF?page=equip&id=$id>Equip Armor<a></li>",
'weapon' => "<li><a href=$PHP_SELF?page=attack&id=$id>Attack<a></li>",
'scroll' => "<li><a href=$PHP_SELF?page=write&id=$id>Write into Spellbook</a></li>",
'quill' => "<li><a href=$PHP_SELF?page=quill&id=$id>Switch Quills</a></li>",
'mana' => "<li><a href=$PHP_SELF?page=mana&id=$id>Recover Mana</a></li>",
);
if($Username == "") {
header("location: login.php");
}
if(!$page) {
$select = mysql_query("SELECT * FROM useritems WHERE owner = '$UserID' ORDER BY id ASC");
$num = mysql_num_rows($select);
echo "<div align=\"center\"><p>This is your inventory. All of your loose items are displayed here.</p>
$errors[$error]
</div>";
if($num > 0) {
while ($items = mysql_fetch_array($select)) {
$sel = mysql_query("SELECT * FROM items WHERE id = '$items[itemid]'");
$item = mysql_fetch_array($sel);
echo "<div class=\"item\">
<a href=\"$PHP_SELF?page=desc&id=$items[id]\">
<img src=\"$item[image]\" alt=\"$item[name]\" width=\"90\" height=\"90\" border=\"0\">
</a>
<p class=\"name\">
<a href=\"$PHP_SELF?page=desc&id=$items[id]\">
$item[name]
</a>
</p>
</div>";
}
}
else {
echo "<h5>You have no items!</h5>";
}
}
if($page == "desc" && $id != "") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$type = $item[type];
echo "<div align=\"center\">
<div class=\"itemdesc\">
<div align=\"center\">
<img src=\"$item[image]\" alt=\"$item[name]\" width=\"90\" height=\"90\" border=\"0\">
</div>
<p class=\"name\">$item[name]</p>
<p>$item[desc]</p>
<UL>
$actiontext[$type]
<li><a href=$PHP_SELF?page=discard&id=$id>Discard</a></li>
<li><a href=$PHP_SELF?page=give&id=$id>Give Item<a></li>
<li><a href=$PHP_SELF?page=stock&id=$id>Stock Item</a></li>
</UL>
</div>
</div>
";
}
if($page == "heal" && $id != "") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if($HP == $MaxHP) {
header("location: $PHP_SELF?error=2");
include("footer.php");
die;
}
$new = $HP + $item[heal];
if($new > $MaxHP) {
$new = $MaxHP;
}
mysql_query("UPDATE dragons SET health = '$new' WHERE name = '$Dragon'");
if($item[delete] == "Y") {
mysql_query("DELETE FROM useritems WHERE id = '$id'");
}
echo "$Dragon's health is now $new.";
}
if($page == "attack") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
echo "<div align=\"center\">
What dragon would you like to attack with your $item[name]?
<form action=\"$PHP_SELF\" method=\"POST\">
<input type=\"hidden\" name=\"page\" value=\"assult\">
<input type=\"hidden\" name=\"id\" value=\"$id\">
<input type=\"text\" name=\"who\">
<input type=\"submit\" value=\"Attack!\">
</div>";
}
if($page == "assult") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
if(!$who) {
header("location: $PHP_SELF?error=3");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$select = mysql_query("SELECT * FROM dragons WHERE name LIKE '$who'");
$num = mysql_num_rows($select);
$enemy = mysql_fetch_array($select);
if($num == 0) {
header("location: $PHP_SELF?error=4");
include("footer.php");
die;
}
if($who == $Dragon) {
header("location: $PHP_SELF?error=5");
include("footer.php");
die;
}
if($enemy[health] <= 0) {
header("location: $PHP_SELF?error=7");
include("footer.php");
die;
}
$select = mysql_query("SELECT defense FROM items WHERE id = '$enemy[armor]'");
$enarm = mysql_fetch_array($select);
$AS = $item[hurt];
$DS = round($Stren / 3.5);
$ET = round($enemy[tough] / 1.5);
$EA = $enarm[defense];
$dam1 = $AS+$DS;
$dam2 = $ET+$EA;
$dam = $dam1-$dam2;
if($dam < 0) {
$dam = 0;
}
$select = mysql_query("SELECT id,dragon FROM users WHERE dragon = '$who'");
$wtf = mysql_fetch_array($select);
mysql_query("UPDATE dragons SET health = health-$dam WHERE name = '$enemy[name]'");
mysql_query("INSERT INTO event (foruser,text) VALUES ('$wtf[id]','$wtf[dragon] has been attacked by $Username with a $item[name], doing $dam damage.')");
$select = mysql_query("SELECT health FROM dragons WHERE name = '$who'");
$final = mysql_fetch_array($select);
if($final[health] < 0) {
mysql_query("UPDATE dragons SET health = '0' WHERE name = '$who'");
}
echo "You have done $dam damage to $who.";
if($item[delete] == "Y") {
mysql_query("DELETE FROM useritems WHERE id = '$id'");
}
}
if($page == "equip") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if(!$DragArmor) {
mysql_query("UPDATE dragons SET armor = '$item[id]' WHERE name = '$Dragon'");
mysql_query("DELETE FROM useritems WHERE id = '$id'");
echo "The $item[name] has been equipped!";
} else {
header("location: $PHP_SELF?error=6");
include("footer.php");
die;
}
}
if($page == "play") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if($fun == 10) {
header("location: $PHP_SELF?error=9");
include("footer.php");
die;
}
$newf = $fun + $item[entertain];
if($newf > 10) {
$newf = 10;
}
if($newf < 0) {
$newf = 1;
}
mysql_query("UPDATE dragons SET fun = '$newf' WHERE name = '$Dragon'");
mysql_query("DELETE FROM useritems WHERE id = '$id'");
$reply = rand(1,5);
$replys = array(
'1' => "Wow, that was fun!",
'2' => "$Username, play with me more!",
'3' => "This is so awesome!",
'4' => "Go away.",
'5' => "I love you!",
);
echo "<div align=\"center\">$Dragon says '$replys[$reply]'</div>";
}
if($page == "eat") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if($hunger == 10) {
header("location: $PHP_SELF?error=8");
include("footer.php");
die;
}
$newh = $hunger + $item[feed];
if($newh > 10) {
$newh = 10;
}
if($newh < 0) {
$newh = 1;
}
mysql_query("UPDATE dragons SET hunger = '$newh' WHERE name = '$Dragon'");
mysql_query("DELETE FROM useritems WHERE id = '$id'");
$reply = rand(1,5);
$replys = array(
'1' => "Wow, thanks, $Username!",
'2' => "Ahh, I needed that.",
'3' => "Mmm, that was great!",
'4' => "That tasted like poo.",
'5' => "I love you.",
);
echo "<div align=\"center\">$Dragon says '$replys[$reply]'</div>";
}
if($page == "discard") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if(!$yes) {
echo "<div align=\"center\">
<p><strong>Are you sure you wish to discard $item[name]?</strong></p>
<p class=\"itemdesc\"><a href=$PHP_SELF?page=discard&id=$id&yes=ya>Yes</a> | <a href=$PHP_SELF>No</a></p>
</div>";
}
if($yes == "ya") {
mysql_query("DELETE FROM useritems WHERE id = '$id'");
echo "Your $item[name] has been thrown into a bush.";
}
}
if($page == "give") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
echo "<div align=\"center\">
<p>Who do you wish to give your $item[name] to?</p>
<form action=\"$PHP_SELF\" method=\"POST\">
<input type=\"hidden\" name=\"page\" value=\"givepro\">
<input type=\"hidden\" name=\"id\" value=\"$id\">
<input type=\"text\" name=\"who\">
<input type=\"submit\" value=\"Give\">
</form>
</div>";
}
if($page == "givepro" && $who != "") {
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT id FROM users WHERE username LIKE '$who'");
$num = mysql_num_rows($select);
$array = mysql_fetch_array($select);
if($num == 0) {
header("location: $PHP_SELF?error=10");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
if(!$yes) {
echo "<div align=\"center\">
<p><strong>Are you sure you wish to give $who your $item[name]?</strong></p>
<p class=\"itemdesc\"><a href=$PHP_SELF?page=givepro&id=$id&yes=ya&who=$who>Yes</a> | <a href=$PHP_SELF>No</a></p>
</div>";
}
if($yes == "ya") {
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
die;
}
if($start[nodrop] == "Y") {
header("location: $PHP_SELF?error=13");
die;
}
mysql_query("DELETE FROM useritems WHERE id = '$id'");
mysql_query("INSERT INTO useritems (itemid,owner) VALUES ('$item[id]','$array[id]')");
mysql_query("INSERT INTO event (foruser,text) VALUES ('$array[id]','$Username has given you a $item[name]!')");
mysql_query("INSERT INTO transfers (thetime,thetype,thething,thesender,thereciver) VALUES ('$date','Item Transfer','$item[name]','$Username','$who')");
echo "Your $item[name] has been given to $who.";
}
}
if($page == "write") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$select = mysql_query("SELECT * FROM spellbooks WHERE owner = '$UserID' AND spell = '$item[spell]'");
$num = mysql_num_rows($select);
if($num > 0) {
header("location: $PHP_SELF?error=11");
include("footer.php");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$Quill'");
$curq = mysql_fetch_array($select);
$mana = $item[mana];
if($curq[manamod]) {
$mana = $item[mana]-$curq[manamod];
if($mana <= 0) {
$mana = 1;
}
}
mysql_query("DELETE FROM useritems WHERE id = '$id'");
mysql_query("INSERT INTO spellbooks (owner,mana,spell) VALUES ('$UserID','$mana','$item[spell]')");
echo "<div align=\"center\">The scroll $item[name] has been scribbed into your spellbook.</div>";
}
if($page == "quill") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$select = mysql_query("SELECT * FROM items WHERE id = '$Quill'");
$curq = mysql_fetch_array($select);
if($item[id] == $curq[id]) {
header("location: $PHP_SELF?error=12");
die;
}
mysql_query("INSERT INTO useritems (owner,itemid) VALUES ('$UserID','$user_data[quill]')");
mysql_query("DELETE FROM useritems WHERE id = '$id'");
mysql_query("UPDATE users SET quill = '$item[id]' WHERE id = '$UserID'");
echo "You will use this new quill to scribe spells now.";
}
if($page == "mana") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$nmana = $Mana+$item[manarestore];
if($nmana > $MaxMana) {
$nmana = $MaxMana;
}
if($mana < 0) {
$nmana = 1;
}
mysql_query("DELETE FROM useritems WHERE id = '$id'");
mysql_query("UPDATE users SET mana = '$nmana' WHERE id = '$UserID'");
echo "You now have $nmana mana.";
}
if($page == "stock") {
$id = $_REQUEST['id'];
$select = mysql_query("SELECT * FROM useritems WHERE id = '$id'");
$start = mysql_fetch_array($select);
if($start[owner] != $UserID) {
header("location: $PHP_SELF?error=1");
die;
}
$select = mysql_query("SELECT * FROM items WHERE id = '$start[itemid]'");
$item = mysql_fetch_array($select);
$select = mysql_query("SELECT id FROM usershop WHERE owner = '$UserID' AND itemid = '$item[id]'");
$num = mysql_num_rows($select);
if(!$num) {
mysql_query("INSERT INTO usershop (owner,itemid) VALUES ('$UserID','$item[id]')");
} else {
mysql_query("UPDATE usershop SET quan = quan+1 WHERE owner = '$UserID' AND itemid = '$item[id]'");
}
mysql_query("DELETE FROM useritems WHERE id = '$id'");
}
include("footer.php");
?>