[Req] Send Credits To another account

kontris21

Member
Joined
Sep 4, 2016
Messages
41
Reaction score
4
Hello. Maybe somebody can share script Send Credits To another person. Thanks ;)
 
May not work, I wrote it here and has not been tested but I do not see a reason why it should not :D. SQL injection is not possible since we compare the given string with an array and do not execute query directly so no additional filters are necessary. Probably not the best solution but good for MuOnline.

HTML:
<form method="post">
   <input type= " text" name="character">
    <input type= " number" name="credits">
   <input type= " submit" value="send">
</form>
PHP:
<?php

function check_char($char){
                $array = array()
                 $all_chars  = mssql_query("Select * from Character");
                 while($result = mssql_fetch_array($all_chars)){     
                      $array[] = $result['Name'];
                }
               if(in_array($char, $array)){
                 $check_acc = mssql_fetch_array(mssql_query("Select * from Character where Name='".$char."'"));
                 return($check_acc['AccountID']);
             }
              else{
                 return false;
            }
}



    if (isset($_POST['credits']) && isset($_POST['character']) ){

           $credits = int($_POST['credits']);
           $my_credits = mssql_fetch_array(mssql_query("Select * from memb_credits where memb___id = '".$_SESSION['mysession']."'"));

           if($my_credits['credits'] > 0 && $mycredits['credits'] >= $credits && $credits > 0 && check_char($_POST['character']) && check_char($_POST['character']) !=$_SESSION['mysession'] ){
                   mssql_query("Update Memb_Credits set credits = credits + $credits where memb___id='".check_char($_POST['character'])."'");
                   mssql_query("Update Memb_Credits set credits = credits - $credits where memb___id='".$_SESSION['mysession'].."'");
               echo"Well done ";
          }
           else{
           echo "Fill the fields properly";
}

}
 
Last edited:
  • Like
Reactions: kontris21
May not work, I wrote it here and has not been tested but I do not see a reason why it should not :D. SQL injection is not possible since we compare the given string with an array and do not execute query directly so no additional filters are necessary. Probably not the best solution but good for MuOnline.

HTML:
<form method="post">
   <input type= " text" name="character">
    <input type= " number" name="credits">
   <input type= " submit" value="send">
</form>
PHP:
<?php

function check_char($char){
                 $all_chars  = mssql_query("Select * from Character");
                 while($result = mssql_fetch_array($all_chars)){
                      $array = array()
                      $array[] = $result['Name'];
                }
               if(in_array($char, $array)){
                 return($result['AccountID']);
             }
              else{
                 return false;
            }
}



    if (isset($_POST['credits']) && isset($_POST['character']) ){

           $credits = int($_POST['credits']);
           $my_credits = mssql_fetch_array(mssql_query("Select * from memb_credits where memb___id = '".$_SESSION['mysession']."'"));

           if($my_credits['credits'] > 0 && $mycredits['credits'] <= $credits && $credits > 0 && check_char($_POST['character'])){
                   mssql_query("Update Memb_Credits set credits = credits + $credits where memb___id='".check_char($_POST['character'])."'");
               echo"Well done ";
          }
           else{
           echo "Fill the fields properly";
}

}
where is the query to delete the credits from the senders account? im blind :))
 
Thanks r00tme, you are the best ;)

I am far far far away from good and will never ever be the best, but thanks anyway.

Regarding this script, just forget about it as it does not do anything. I gave you a working one that just needs to be adjusted for your needs.
 
  • Like
Reactions: kontris21
Still confused with the script :D This works correctly with any MU Website? :)