0) $Seller = mysql_fetch_array($result); else $Seller = array(); $atype = intval($Data[auction_type]); // calculate: increment and mimimum bid value // determine max bid for this auction // höchstes momentanes Gebot für diese Auktion holen $result = mysql_query("SELECT MAX(bid) AS maxbid FROM bids WHERE auction='$id' GROUP BY auction"); $high_bid = 0; if ($result) if (mysql_num_rows($result)>0) $high_bid = mysql_result($result,0,"maxbid"); // Erhöhungsschritt aus der Datenbank holen $query = "SELECT increment FROM increments WHERE". "((low<=$high_bid AND high>=$high_bid) OR". "(low<$high_bid AND high<$high_bid)) ORDER BY increment DESC"; $result_incr = mysql_query ( $query ); if(mysql_num_rows($result_incr) != 0) { $increment = mysql_result ( $result_incr, 0, "increment" ); } $minimum_bid = $Data["minimum_bid"]; // wenn noch kein Gebot vorliegt, dann das erste Gebot setzen, ... if ($high_bid==0) $next_bid = $minimum_bid; // wenn doch, dann Gebot _PLUS_ Erhöhungsschritt else $next_bid = $high_bid + $increment; /* else: such auction does exist. if called from item.php - then transfer passed data if called - check data/username/password and then execute autobid */ unset($display_bid_form); if (empty($action) ) { // no "action" specified $display_bid_form = true; } else { // an action specified: check for data and perform corresponding actions unset($flr); /* BM 31.10.2001 1. In $high_bid steht jetzt der höchste Wert aus dem Feld "bid" der Tabelle "bids" 2. In $minimum_bid steht jetzt der Wert des Feldes "minimum_bid" der Tabelle "auctions" (Startpreis) 3. In $next_bid steht jetzt der Betrag des aktuellen Mindesgebotes */ // Kommas gegen Punkt austauschen $newbid = $bid; $bid = str_replace(",",".",$newbid); if ($bid<$next_bid) { $flr = "607"; } // check if number of items is OK if ( ($atype==2) && (!isset($flr)) ) { if ( (intval($qty)==0) || (intval($qty)>intval($Data["quantity"])) ) { $flr = "608"; } } // check if nickname and password entered if ( !isset($flr) ) { if ( strlen($nick)==0 || strlen($password)==0 ) $flr = "610"; } // Schwarze Liste des Verkäufers prüfen if ( !isset($flr) ) { $query = "SELECT * FROM blacklist WHERE user='".$Seller["id"]."' AND dis_user='".$nick."'"; $result = mysql_query($query); if ($result) { $n = mysql_num_rows($result); if ($n > 0) $flr = "621"; } else $flr = "001"; } // check if nick is valid if ( !isset($flr) ) { $query = "SELECT * FROM users WHERE nick='".addslashes($nick)."'"; $result = mysql_query($query); $n = 0; if ($result) $n = mysql_num_rows($result); else $flr = "001"; if ( !isset($flr) ) { if ($n==0) $flr = "609"; } if($n > 0) $bidder_id = mysql_result($result,0,"id"); } // check if password is correct if ( !isset($flr) ) { $pwd = mysql_result($result,0,"password"); if ($pwd != md5($MD5_PREFIX.$password)) { $flr = "611"; } else { if(mysql_result($result,0,"suspended") > 0) { $flr = "618"; } } } // Check if Auction is suspended if ( !isset($flr) ) { $query2 = "SELECT suspended FROM auctions WHERE id='$id'"; $result2 = mysql_query($query2); if (mysql_result($result2, 0, "suspended") > 0) { $flr = "619"; } } // check if bidder is not the seller if ( !isset($flr) ) { $bidderID = mysql_result($result,0,"id"); if ( $bidderID == $Seller["id"] ) $flr = "612"; } // check if this user isn't winning now if ( !isset($flr) ) { $result = mysql_query("SELECT * FROM bids WHERE auction='$id' ORDER BY bid DESC"); $auctionBIDS = $result; $n = 0; if ($result) { $n = mysql_num_rows($result); if ($n>0) { $bidder = mysql_result($result,0,"bidder"); $moment_bid = mysql_result($result,0,"bid"); if (($bidder == $bidderID) AND ($next_bid <= $moment_bid)) $flr = "613"; } } else $flr = "001"; } // perform final actions if ( isset($flr) ) { $display_bid_form = true; $TPL_errmsg = ${"ERR_".$flr}; } else { unset($flr); $send_email = 0; // Send e-mail to the old winner if necessary // Check if there's a previous winner and get his/her data $query = "select bidder,bid,maxbid from bids where auction=\"$id\" order by maxbid desc"; $result = mysql_query($query); if(!$query) { print $flr_001."
$query
".mysql_error(); exit; } if(mysql_num_rows($result) > 0) { $send_email = 1; $OldWinner_id = mysql_result($result,0,"bidder"); $OldWinner_bid = mysql_result($result,0,"bid"); // BEG BM 31.10.2001 $OldWinner_maxbid = mysql_result($result,0,"maxbid"); // END BM 31.10.2001 $query = "select * from users where id=\"$OldWinner_id\""; $result_old_winner = mysql_query($query); if(!$result_old_winner){ print $flr_001."
$query
".mysql_error(); exit; } $OldWinner_nick = mysql_result($result_old_winner,0,"nick"); $OldWinner_name = mysql_result($result_old_winner,0,"name"); $OldWinner_email = mysql_result($result_old_winner,0,"email"); } // BEG BM 31.10.2001 // schauen, ob ein Agentgebot höher ist als das eigene Gebot... if ($bid <= $OldWinner_maxbid) { include "header.php"; $send_email = 0; print "
"; print "

Das Gebot eines anderen Bieters war höher als Ihres!


"; print ""; print "Zurück zur Auktion"; print ""; print "

"; // Tabellen updaten... if ($bid < $OldWinner_maxbid) { // Das eigene Gebot $bid = doubleval($bid); $maxbid = $bid; $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } } // Das des Bietagenten des OldWinners if (($bid + $increment) <= $OldWinner_maxbid) { $newbid = doubleval($bid + $increment); // einen Erhöhungsschritt weiter } else { $newbid = doubleval($OldWinner_maxbid); } $maxbid = $OldWinner_maxbid; $query = "update auctions set current_bid=$newbid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } $query = "insert into bids values(\"$id\",\"$OldWinner_id\",$newbid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } //Print "OldWinner: ".$OldWinner_maxbid."
"; //Print "Bid: ".$bid; if ($bid >= $OldWinner_maxbid) { $send_email = 1; // Das eigene Gebot if ($bid > $OldWinner_maxbid && ($OldWinner_maxbid + $increment) <= $bid) $bid = $OldWinner_maxbid + $increment; //$bid = doubleval($bid); $maxbid = $bid; $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } } include "footer.php"; exit; } else { $maxbid = $bid; // BM 9.3.2002 - Bug beim autom. Überbieten behoben if ($next_bid < $OldWinner_maxbid) $bid = $OldWinner_maxbid + $increment; else $bid = $next_bid; } // END BM 31.10.2001 // Update auctions table with the new bid $bid = doubleval($bid); $query = "update auctions set current_bid=$bid,starts=$auctiondate,ends=$auctionends where id=\"$id\""; //$query = "update auctions set current_bid=$bid where id=\"$id\""; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } // Update bids table with the new bid $query = "insert into bids values(\"$id\",\"$bidder_id\",$bid,$maxbid,NULL,".intval($qty).")"; if(!mysql_query($query)){ print $flr_001."
$query
".mysql_error(); exit; } if($send_email){ //Print "Email wird gesendet an: ".$OldWinner_email; $year = substr($auctionends,0,4); $month = substr($auctionends,5,2); $day = substr($auctionends,8,2); $hours = substr($auctionends,11,2); $minutes = substr($auctionends,14,2); $ends_string = $day . "." . $month . "." . $year . " " . $hours . ":" . $minutes; $new_bid = print_money($bid); //-- Send e-mail message include('./includes/no_longer_winner.inc.php'); } // 3) perform output if ( isset($flr) ) { $flr = ${"ERR_".$flr}; include "header.php"; print "
$std_font $flr
"; print mysql_error(); include "footer.php"; exit; } else { $TPL_id = $id; include "header.php"; include "templates/template_bid_result_php.html"; include "footer.php"; exit; } } } if($display_bid_form) { // prepare some data for displaying in the form $nickH = htmlspecialchars($nick); $bidH = htmlspecialchars($bid); $qtyH = htmlspecialchars($qty); $TPL_title = htmlspecialchars($Data[title]); $TPL_next_bid = print_money($next_bid); $TPL_proposed_bid = print_money($bid); $TPL_cancel_bid_link = '' . $text_332 . ''; // output the form include("header.php"); // Kommas gegen Punkt austauschen $newbid = $bidH; $bidH = str_replace(",",".",$newbid); include("templates/template_bid_php.html"); include("footer.php"); exit; }