#24 TFS 1.0: Fixed bug allowing a player to auction and buy unlimited houses.

- Added player level restriction, configure in config.php - Configure if houses require premium - Configure allowed houses each player - Players can upgrade their house pledge on a house without increasing last_bid.
2025-04-30 11:19:22 +02:00 · 2014-03-19 21:33:48 +01:00 · 2014-03-19 21:33:48 +01:00 · 5e0170a264
commit 5e0170a264
parent e240992845
2 changed files with 69 additions and 41 deletions
--- a/config.php
+++ b/config.php
@ -71,7 +71,10 @@
 		'HouseListDefaultTown' => 1, // Default town id to display when visting house list page page.
 		'minimumBidSQM' => 200, // minimum bid cost on auction (per SQM)
 		'auctionPeriod' => 24 * 60 * 60, // 24 hours auction time.
-		);
+		'housesPerPlayer' => 1,
 		'requirePremium' => false,
 		'levelToBuyHouse' => 8,
 	);
 	// Leave on black square in map and player should get teleported to their selected town.
 	// If chars get buggy set this position to a beginner location to force players there.
@ -128,12 +131,12 @@
 	$config['nvForceTown'] = 0; // Force a town to no vocation even though he selected something else? 0 = no, 1 = yes.
 	$config['nvTown'] = 0; // Town id to force no vocations to get to, if nvForceTown is 1.
-	// Minimum allowed character name letters. Etc 4 letters: "Kåre".
+	// Minimum allowed character name letters. Etc 4 letters: "Kåre".
 	$config['minL'] = 4;
-	// Maximum allowed character name letters. Etc 20 letters: "Bobkåreolesofiesberg"
+	// Maximum allowed character name letters. Etc 20 letters: "Bobkåreolesofiesberg"
 	$config['maxL'] = 20;
-	// Maximum allowed character name words. Etc 2 words = "Bob Kåre", 3 words: "Bob Arne Kåre" as max char name words.
+	// Maximum allowed character name words. Etc 2 words = "Bob Kåre", 3 words: "Bob Arne Kåre" as max char name words.
 	$config['maxW'] = 2;
 	// -------------- \\
@ -226,7 +229,7 @@
 	// IMPORTANT! Write a character name(that exist) that will represent website bans!
 	// Or remember to create character "God Website" character exist.
 	// If you don't do this, bann from admin panel won't work properly.
-	$config['website_char'] = 'God Website';
+	$config['website_char'] = 'Luxitur';
 	//----------------\\
 	// ADVANCED STUFF \\
@ -418,7 +421,7 @@
 		'enableShopConfirmation' => true, // Verify that user wants to buy with popup
 		'useDB' => false, // Fetch offers from database, or the below config array
 		'showImage' => true,
-		'imageServer' => 'items.halfaway.net',
+		'imageServer' => 'items.znote.eu',
 		'imageType' => 'gif',
 	);
--- a/house.php
+++ b/house.php
@ -19,42 +19,67 @@ if ($house !== false && $config['TFSVersion'] === 'TFS_10') {
 	if ($bid_amount !== false && $bid_char !== false) {
 		$bid_char = (int)$bid_char;
 		$bid_amount = (int)$bid_amount;
-
+		$player = mysql_select_single("SELECT `id`, `account_id`, `name`, `level`, `balance` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
-		$player = mysql_select_single("SELECT `id`, `name`, `balance` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
+		// Does player have or need premium?
-		// Can player afford this bid?
+		$premstatus = $config['houseConfig']['requirePremium'];
-		if ($player['balance'] > $bid_amount) {
+		if ($premstatus) {
-			// Is bid higher than previous bid?
+			$premstatus = mysql_select_single("SELECT `premdays` FROM `accounts` WHERE `id`='".$player['account_id']."' LIMIT 1;");
-			if ($bid_amount > $house['bid']) {
+			$premstatus = ($premstatus['premdays'] > 0) ? true : false;
-				// Is bid higher than lowest bid?
+		} else $premstatus = true;
-				if ($bid_amount > $minbid) {
+		if ($premstatus) {
-					$lastbid = $house['bid'] + 1;
+			// Can player have or bid on more houses?
-
+			$pHouseCount = mysql_select_single("SELECT COUNT('id') AS `value` FROM `houses` WHERE ((`highest_bidder`='$bid_char' AND `owner`='$bid_char') OR (`highest_bidder`='$bid_char') OR (`owner`='$bid_char')) AND `id`!='".$house['id']."' LIMIT 1;");
-					// Has bid already started?
+			if ($pHouseCount['value'] < $config['houseConfig']['housesPerPlayer']) {
-					if ($house['bid_end'] > 0) {
+				// Is character level high enough?
-						if ($house['bid_end'] > time()) {
+				if ($player['level'] >= $config['houseConfig']['levelToBuyHouse']) {
-							mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
+					// Can player afford this bid?
-							$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
+					if ($player['balance'] > $bid_amount) {
 						// Is bid higher than previous bid?
 						if ($bid_amount > $house['bid']) {
 							// Is bid higher than lowest bid?
 							if ($bid_amount > $minbid) {
 								// Should only apply to external players, allowing a player to up his pledge without
 								// being forced to pay his full previous bid. 
 								if ($house['highest_bidder'] != $player['id']) $lastbid = $house['bid'] + 1;
 								else {
 									$lastbid = $house['last_bid'];
 									echo "<b><font color='green'>You have raised the house pledge to ".$bid_amount."gp!</font></b><br>";
 								}
 								// Has bid already started?
 								if ($house['bid_end'] > 0) {
 									if ($house['bid_end'] > time()) {
 										mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
 										$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
 									}
 								} else {
 									$lastbid = $minbid + 1;
 									$bidend = time() + $config['houseConfig']['auctionPeriod'];
 									mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid', `bid_end`='$bidend' WHERE `id`='". $house['id'] ."' LIMIT 1;");
 									$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
 								}
 								echo "<b><font color='green'>You have the highest bid on this house!</font></b>";
 							} else echo "<b><font color='red'>You need to place a bid that is higher or equal to {$minbid}gp.</font></b>";
 						} else {
 							// Check if current bid is higher than last_bid
 							if ($bid_amount > $house['last_bid']) {
 								// Should only apply to external players, allowing a player to up his pledge without
 								// being forced to pay his full previous bid.
 								if ($house['highest_bidder'] != $player['id']) {
 									$lastbid = $bid_amount + 1;
 									mysql_update("UPDATE `houses` SET `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
 									$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
 									echo "<b><font color='orange'>Unfortunately your bid was not higher than previous bidder.</font></b>";
 								} else {
 									echo "<b><font color='orange'>You already have a higher pledge on this house.</font></b>";
 								}
 							} else {
 								echo "<b><font color='red'>Too low bid amount, someone else has a higher bid active.</font></b>";
 							}
 						}
-					} else {
+					} else echo "<b><font color='red'>You don't have enough money to bid this high.</font></b>";
-						$lastbid = $minbid + 1;
+				} else echo "<b><font color='red'>Your character is to low level, must be higher level than ", $config['houseConfig']['levelToBuyHouse']-1 ," to buy a house.</font></b>";
-						$bidend = time() + $config['houseConfig']['auctionPeriod'];
+			} else echo "<b><font color='red'>You cannot have more houses.</font></b>";
-						mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid', `bid_end`='$bidend' WHERE `id`='". $house['id'] ."' LIMIT 1;");
+		} else echo "<b><font color='red'>You need premium account to purchase houses.</font></b>";
 						$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
 					}
 					echo "<b><font color='green'>You have the highest bid on this house!</font></b>";
 				} else echo "<b><font color='red'>You need to place a bid that is higher or equal to {$minbid}gp.</font></b>";
 			} else {
 				// Check if current bid is higher than last_bid
 				if ($bid_amount > $house['last_bid']) {
 					$lastbid = $bid_amount + 1;
 					mysql_update("UPDATE `houses` SET `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
 					$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
 					echo "<b><font color='orange'>Unfortunately your bid was not higher than previous bidder.</font></b>";
 				} else {
 					echo "<b><font color='red'>Too low bid amount, someone else has a higher bid active.</font></b>";
 				}
 			}
 		} else echo "<b><font color='red'>You don't have enough money to bid this high.</font></b>";
 	}
 	// HTML structure and logic