Here's my code:
Function:
Code: Select all
function listoffers($cat){
$uid = $_SESSION['id'];
if($cat == "none"){
$result = mysql_query("SELECT * from offers ORDER BY `title` ASC");
}else{
$result = mysql_query("SELECT * from offers WHERE categoryID='$cat'");
}
while($list = mysql_fetch_array( $result )){
echo "<img align=\"left\" src=\"images/";
echo $list['image'];
echo "\" width=\"120px\" height=\"60px\" border=\"1px\">";
echo "<b><a href=\"";
echo $list['link'];
echo "\">";
echo $list['title'];
echo "</a> | ";
if ($list['value'] !=0)
echo "£".$list['value'];
if ($list['value'] !=0 && $list['value2'] !=0)
echo " | ";
if ($list['value2'] !=0)
echo $list['value2']."%";
echo "</b><br/>";
echo stripslashes($list['description']);
echo " <br/><b><a style=\"float: right\" href=\"completed.php?offer=";
echo $list['id'];
echo "&user=";
echo $uid;
echo "\"><img border=\"0px\" src=\"images/completed.png\"/></a></b><br/><br/>";[/b]
echo "<img border=\"0px\" src=\"images/lines5.png\"/><br/><br/>";
}} Code: Select all
if(!isset($_SESSION['status'])){
die('You need to <a href="login.php">login</a> before you can access the members area!');
}
if($_SESSION['id'] != $_GET['user']){
die ('Error');
}else{
$offer = mysql_real_escape_string($_GET['offer']);
$user = mysql_real_escape_string($_GET['user']);
$username = mysql_real_escape_string($_GET['username']);
$value1 = mysql_query("SELECT * FROM offers WHERE id='$offer'");
$url = mysql_real_escape_string($_GET['link']);
$value2 = mysql_fetch_array($value1);
$title = $value2['title'];
$value = $value2['value'];
$date = date('Y-m-d H:i:s');
$ip = $_SERVER['REMOTE_ADDR'];
$status = "0";
$result = mysql_query("SELECT * FROM users WHERE id='$user'");
$valueoffer = mysql_fetch_array($result);
$valueamount = $valueoffer['pending'];
$newpending = $valueamount + $value;
$username = $valueoffer['username']; // I'm assuming 'username' is the name of you username field. Amend if incorrect.
// table, field and value should all be replaced according to your table
mysql_query("INSERT into offersUSERS (`username`, `offerID`, `offername`, `status`, `value`, `ip`, `userID`, `datetime`) VALUES('$username', '$offer', '$title', '$status', '$value', '$ip', '$user', '$date')") or die(mysql_error());
mysql_query("UPDATE users SET pending='$newpending' WHERE id='$user'") or die(mysql_error());
echo "Done! You will be credited as soon as an administrator approves the offer! <a href=\"members.php\">return?</a>";
} Could anyone help me out with this please?