• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

[GESIOR ACC] Sell characters on auctions (+ 'Buy Now') [ for premium points ]

PhoOwned

^_^
Joined
Nov 11, 2010
Messages
375
Reaction score
66
As title says ^^
- sell characters on auctions (for premium points)
- 'Buy Now' option
- name lock character, when player buy it (player can select new name in namelock manager in game)
- admin panel (login on website admin account, default 1) to search good characters for sell (sort by offline time, level, you can set minimal level)

Admin panel:
as1.JPG

Auction:
as2.JPG


SQL:
PHP:
CREATE TABLE `characters_auctions` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`state` TINYINT( 1 ) NOT NULL DEFAULT '0' ,
`finish_time` INT NOT NULL ,
`char_id` INT NOT NULL ,
`buy_now` INT NOT NULL ,
`bid` INT NOT NULL ,
`bidder` INT NOT NULL ,
INDEX ( `finish_time` ));
Script:
PHP:
<?PHP
#################################################
### Scripted by PhoOwned                      ###
### All rights reserverd                      ###
### Do not use/distribute without permission! ###
### Contact: [email protected]                   ###
###          [email protected]               ###
#################################################
/*
In MySQL:
CREATE TABLE `characters_auctions` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`state` TINYINT( 1 ) NOT NULL DEFAULT '0' ,
`finish_time` INT NOT NULL ,
`char_id` INT NOT NULL ,
`buy_now` INT NOT NULL ,
`bid` INT NOT NULL ,
`bidder` INT NOT NULL ,
INDEX ( `finish_time` ));
*/
$add_character_page_access = 3;
$auctions_default_time = 3 * 24;// auction item in hours
// styles and scripts
$main_content .= ' 
	<style type="text/css">
	.tableFonts {color: #FFFFFF}
	.tableHead {background-color: #9C5566;text-align: center;vertical-align: middle;font-size: 20pt}
	.tableRow0 {background-color: #003300;text-align: left;vertical-align: middle;font-size: 12pt}
	.tableRow0:hover {background-color: #009900;}
	.tableRow1 {background-color: #551111;text-align: left;vertical-align: middle;font-size: 12pt}
	.tableRow1:hover {background-color: #AA1111;}
	.tableRowSmall0 {background-color: #003300;text-align: left;vertical-align: middle;font-size: 10pt}
	.tableRowSmall0:hover {background-color: #009900;}
	.tableRowSmall1 {background-color: #551111;text-align: left;vertical-align: middle;font-size: 10pt}
	.tableRowSmall1:hover {background-color: #AA1111;}
	.linkButton {background-color: #008800;font-size: 14pt;padding: 6px;text-shadow: 2mm 2mm 2mm #342423;letter-spacing: 2mm}
	.linkButton:hover {background-color: yellow;}
	.bigText {font-size: 24pt}
	.normalText {font-size: 12pt;}
	.showItemSquare {height: 49px;width: 39px;padding: 7px;}
	.showItemImage {height: 40px;width: 40px;padding: 0px;}
	input {text-align: right;}
	
	.er{display:block}
	.er *{
	  display:block;
	  height:1px;
	  overflow:hidden;
	  font-size:.01em;
	  background:#b20000}
	.er1{
	  margin-left:3px;
	  margin-right:3px;
	  padding-left:1px;
	  padding-right:1px;
	  border-left:1px solid #870000;
	  border-right:1px solid #870000;
	  background:#9f0000}
	.er2{
	  margin-left:1px;
	  margin-right:1px;
	  padding-right:1px;
	  padding-left:1px;
	  border-left:1px solid #6f0000;
	  border-right:1px solid #6f0000;
	  background:#a30000}
	.er3{
	  margin-left:1px;
	  margin-right:1px;
	  border-left:1px solid #a30000;
	  border-right:1px solid #a30000;}
	.er4{
	  border-left:1px solid #870000;
	  border-right:1px solid #870000}
	.er5{
	  border-left:1px solid #9f0000;
	  border-right:1px solid #9f0000}
	.erfg{
	  background:#b20000;font-size: 16pt;text-align: center}
	</style>
	<script type="text/javascript">
		function checkLogin(account_id) {
		if(account_id == 0)
		{
		alert ("You are not logged in.");
		return false
		}
		return true
		}
		
		function checkBid(account_id, bidder_id, user_points, bid_now) {
		if(!checkLogin(account_id))
		return false
		var bid = window.document.getElementById("bid").value;
		if(bid <= bid_now)
		{
			alert ("Current highest bid is " + bid_now + ". You can not bid " + bid + ".");
			return false
		}
		if(bid > user_points)
		{
			alert ("You can not bid " + bid + ". You have only " + user_points + ".");
			return false
		}
		if(account_id == bidder_id)
		{
		var answer = confirm ("You have highest bid in this auction. Are you sure you want make higher bid?")
		if (answer)
		return true
		else
		return false
		}
		return true
		}
		
		function checkBuyNow(account_id, user_points, buy_now) {
		if(!checkLogin(account_id))
		return false
		if(user_points < buy_now)
		{
			alert ("This character cost " + buy_now + ". You have only " + user_points + ".");
			return false
		}
		var answer = confirm ("This character cost " + buy_now + ". Do you want to buy it?")
		if (answer)
		return true
		else
		return false
		}
		
		var innerHTML;
		function countdown(Time_Left, target_id)
		{
		if(Time_Left <= 0)
		{
			document.getElementById(target_id).innerHTML = \'Finished\';
			return 0;
		}
		setTimeout(countdown, 1000, Time_Left-1, target_id);
		//More datailed.
		days = Math.floor(Time_Left / (60 * 60 * 24));
		Time_Left %= (60 * 60 * 24);
		hours = Math.floor(Time_Left / (60 * 60));
		Time_Left %= (60 * 60);
		minutes = Math.floor(Time_Left / 60);
		Time_Left %= 60;
		seconds = Time_Left;

		dps = \'s\'; hps = \'s\'; mps = \'s\'; sps = \'s\';
		//ps is short for plural suffix.
		if(days == 1) dps =\'\';
		if(hours == 1) hps =\'\';
		if(minutes == 1) mps =\'\';
		if(seconds == 1) sps =\'\';

		innerHTML = days + \' day\' + dps + \' \';
		innerHTML += hours + \' hour\' + hps + \' \';
		innerHTML += minutes + \' minute\' + mps + \' and \';
		innerHTML += seconds + \' second\' + sps;

		document.getElementById(target_id).innerHTML = innerHTML;
		}
	</script>';
	
$errorFormStart = '<div><b class="er"><b class="er1"><b></b></b><b class="er2"><b></b></b><b class="er3"></b><b class="er4"></b><b class="er5"></b></b><div class="erfg">';
$errorFormEnd = '</div><b class="er"><b class="er5"></b><b class="er4"></b><b class="er3"></b><b class="er2"><b></b></b><b class="er1"><b></b></b></b></div>';
function time_left($integer)
 { 
	 if($integer <= 0) return "Finished";
     $seconds=$integer;
     if ($seconds/60 >=1) 
     {
		 $minutes=floor($seconds/60);
		 if ($minutes/60 >= 1) 
		 { # Hours 
			 $hours=floor($minutes/60);
			 if ($hours/24 >= 1) 
			 { #days 
					 $days=floor($hours/24);
					 if ($days/7 >=1) 
					 { #weeks 
						 $weeks=floor($days/7);
						 if ($weeks>=2) $return="$weeks weeks";
						 else $return="$weeks week";
					 } #end of weeks 
					 $days=$days-(floor($days/7))*7;
					 if ($weeks>=1 && $days >=1) $return="$return, ";
					 if ($days >=2) $return="$return $days d";
					 if ($days ==1) $return="$return $days d";
			 } #end of days
			 $hours=$hours-(floor($hours/24))*24;
			 if ($days>=1 && $hours >=1) $return="$return, ";
			 if ($hours >=2 || $hours ==0) $return="$return $hours h";
			 if ($hours ==1) $return="$return $hours h";
		 } #end of Hours
		 $minutes=$minutes-(floor($minutes/60))*60;
		 if ($hours>=1 && $minutes >=1) $return="$return, ";
		 if ($minutes >=2 || $minutes ==0) $return="$return $minutes m";
		 if ($minutes ==1) $return="$return $minutes m";
     } #end of minutes 
     $seconds=$integer-(floor($integer/60))*60;
     if ($minutes>=1 && $seconds >=1) $return="$return, ";
     if ($seconds >=2 || $seconds ==0) $return="$return $seconds sec";
     if ($seconds ==1) $return="$return $seconds sec";
     $return="$return.";
     return $return;
 }
############ FINISH AUCTIONS AND ADD CHARACTERS ############
foreach($SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `finish_time` <= ' . time())->fetchAll() as $finishedAuction)
{
	if($finishedAuction['bidder'] > 0)
	{
		// if server show error in one of lines below it mean
		// someone delete character or account that won auction
		// admin must check it manualy (give points back to account that won auction?)
		$finishedAuctionBidder = new OTS_Account();
		$finishedAuctionBidder->load($finishedAuction['bidder']);
		$finishedAuctionChar = new OTS_Player();
		$finishedAuctionChar->load($finishedAuction['char_id']);
		$finishedAuctionChar->setAccount($finishedAuctionBidder);
		$finishedAuctionChar->setGroup(1);
		$finishedAuctionChar->save();
		$SQL->query('UPDATE `characters_auctions` SET `state` = 2 WHERE `id` = ' . $finishedAuction['id']);
		$SQL->query('INSERT INTO `bans` (`id` , `type` , `value` ,`param` ,`active` ,`expires` ,`added` ,`admin_id` ,`comment` ,`reason` ,`action` ,`statement`) VALUES (NULL , 2, ' .$auctionChar->getId() . ', 2, 1, -1, ' . time() . ', 1, \'BUY CHAR\', 0, 1, \'\');');
	}
	else
		$SQL->query('UPDATE `characters_auctions` SET `state` = 1 WHERE `id` = ' . $finishedAuction['id']);
}
############ VISIBLE THINGS ############
if($logged && $account_logged->getPageAccess() >= $add_character_page_access)
	$main_content .= '<div class="normalText"><a href="?subtopic=sellchar&action=addauction">ADMIN PANEL: >ADD AUCTION<</a></div>';
if($action == "addauction") ############ ADD AUCTION / VIEW CHARACTERS LIST ############
{
	if($logged && $account_logged->getPageAccess() >= $add_character_page_access)
	{
		$daysAgo = (int) $_REQUEST['days_ago'];
		$nameContains = $_REQUEST['name_contains'];
		$minLevel = (int) $_REQUEST['min_level'];
		$maxLastLogout = time() - $daysAgo * 24 * 3600;
		$orderBy = ($_REQUEST['order_by'] == 'lastlogout') ? $_REQUEST['order_by'] : 'level';
		$orderType = ($_REQUEST['order_type'] == 'DESC') ? $_REQUEST['order_type'] : 'ASC';
		$resultsLimit = (isset($_REQUEST['results_limit'])) ? (int) $_REQUEST['results_limit'] : 30;
		if(isset($_REQUEST['id']))
		{
			$id = (int) $_REQUEST['id'];
			$priceAuction = (int) $_REQUEST['price_auction'];
			$priceBuyNow = (int) $_REQUEST['price_buy_now'];
			$auctionTime = (int) $_REQUEST['auction_time'] * 3600;
			$SQL->query('INSERT INTO `characters_auctions` (`id` ,`finish_time` ,`char_id` ,`buy_now` ,`bid` ,`bidder`) VALUES (NULL , ' . (time() + $auctionTime) . ', ' . $id . ', ' . $priceBuyNow . ', ' . $priceAuction . ', 0);');
			$main_content .= $errorFormStart . 'Character with ID ' . $id . ' auction added.' . $errorFormEnd;
		}
		$charsAlreadyOnAuctions = array(0);
		foreach($SQL->query('SELECT `char_id` FROM `characters_auctions` WHERE `state` = 0') as $charsAlreadyOnAuction)
			$charsAlreadyOnAuctions[] = $charsAlreadyOnAuction['char_id'];
		$main_content .= '<div class="bigText" style="text-align: center">Add Auction</div>';
		$main_content .= '<div class="normalText">If you leave Buy Now field empty or set it to 0 it will be not possible to buy character by option \'Buy Now\'.</div>';
		$main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;">';
		$main_content .= '<tr class="tableHead"><td colspan="8">CHARACTERS LIST</td></tr>';
		$main_content .= '<form action="?" method="get"><input type="hidden" name="subtopic" value="sellchar" /><input type="hidden" name="action" value="addauction" />';
		$main_content .= '<tr class="tableHead" style="font-size: 10pt;"><td colspan="2">ORDER BY</td><td><select name="order_by"><option' . (($orderBy == 'lastlogout') ? ' selected="selected"' : '') . '>lastlogout</option><option' . (($orderBy == 'level') ? ' selected="selected"' : '') . '>level</option></select></td><td><select name="order_type"><option' . (($orderType == 'ASC') ? ' selected="selected"' : '') . '>ASC</option><option' . (($orderType == 'DESC') ? ' selected="selected"' : '') . '>DESC</option></select></td><td colspan="4"></td></tr>';
		$main_content .= '<tr class="tableHead" style="font-size: 10pt;"><td colspan="3">Nick contains:<br /><input type="text" name="name_contains" value="' . htmlspecialchars($nameContains) .'" size="30" /><td colspan="2">Min. <input type="text" name="min_level" value="' . $minLevel .'" size="4" /> level</td><td>Min. <input type="text" name="days_ago" value="' . $daysAgo .'" size="2" /> days</td><td>Results<br /><input type="text" name="results_limit" value="' . $resultsLimit .'" size="3" /></td><td><input type="submit" value="Search"/></td></tr>';
		$main_content .= '</form>';
		############ SEARCH FORM ############
		$main_content .= '<tr class="tableHead" style="font-size: 14pt;"><td>ID</td><td>Nick</td><td>Level & Vocation</td><td>Offline</td><td>Auction time</td><td>Auction min. offer</td><td>Buy Now</td><td>Add</td></tr>';
		foreach($SQL->query('SELECT * FROM `players` WHERE `id` NOT IN (' . implode(",", $charsAlreadyOnAuctions) . ') AND `lastlogout` > 0 AND `level` >= ' . $SQL->quote($minLevel) . ' AND `lastlogout` <= ' . $SQL->quote($maxLastLogout) . ' AND `name` LIKE ' . $SQL->quote('%'.$nameContains.'%') . ' ORDER BY `' . $orderBy . '` ' . $orderType . ', `name` ASC LIMIT ' . $resultsLimit .';') as $player)
			$main_content .= '<form action="?subtopic=sellchar&action=addauction&order_by=' . $orderBy .'&order_type=' . $orderType . '&name_contains=' . urlencode($nameContains) . '&min_level=' . $minLevel . '&days_ago=' . $daysAgo . '&results_limit=' . $resultsLimit . '" method="post"><input type="hidden" name="id" value="' . $player['id'] . '" /><tr class="tableRow' . ($row++ % 2) . '"><td>' . $player['id'] . '</td><td>' . $player['name'] . '</td><td>' . $player['level'] . ' ' . $vocation_name[$player['world_id']][$player['promotion']][$player['vocation']] . '</td><td style="float: right;">' . (floor((time() - $player['lastlogin']) / 86400)) . ' days</td><td><input type="text" name="auction_time" value="' . $auctions_default_time . '" size="3" /> hours</td><td><input type="text" name="price_auction" value="" size="5" /> pp</td><td><input type="text" name="price_buy_now" value="" size="5" /> pp</td><td><input type="submit" value="Add Auction" /></td></tr></form>';
		$main_content .= '</table>';
	}
	else
		$main_content .= $errorFormStart . 'ERROR! You do not have access to this page.' . $errorFormEnd;
}
elseif($action == "show") ############ SHOW CHARACTER INFO ############
{
	$auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `id` = ' . (int) $_REQUEST['id'])->fetch();
	$main_content .= '<div class="bigText" style="text-align: center">Auction Info</div>';
	if(isset($auctionInfo['id']))
	{
		$auctionChar = new OTS_Player();
		$auctionChar->load($auctionInfo['char_id']);
		if($auctionChar->isLoaded())
		{
			if($logged && $account_logged->getPageAccess() >= $add_character_page_access)
				$main_content .= '<div class="normalText"><a href="?subtopic=sellchar&delete=' . $auctionInfo['id'] . '">ADMIN PANEL: >DELETE AUCTION<</a></div>';
############ SHOW STATS ############
			$row = 0;
			$main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;">';
			$main_content .= '<tr class="tableHead"><td colspan="3">CHARACTER INFO</td></tr>';
			$main_content .= '<tr><td><table style="width: 360px;border-spacing: 1px">';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>AUCTION ID:</td><td>' . $auctionInfo['id'] . '</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Name:</td><td>' . $auctionChar->getName() . '<br /><div style="font-size: 8pt;">(You select new name when you win auction.)</div></td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Level:</td><td>' . $auctionChar->getLevel() . '</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Vocation:</td><td>' . $vocation_name[$auctionChar->getWorld()][$auctionChar->getPromotion()][$auctionChar->getVocation()] . '</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Health:</td><td>' . $auctionChar->getHealthMax() . '</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Mana:</td><td>' . $auctionChar->getManaMax() . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Magic Level:</td><td>' . $auctionChar->getMagLevel() . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Sword:</td><td>' . $auctionChar->getSkill(2) . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Axe:</td><td>' . $auctionChar->getSkill(3) . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Club:</td><td>' . $auctionChar->getSkill(1) . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Distance:</td><td>' . $auctionChar->getSkill(4) . '</td></tr>';
			$main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Shielding:</td><td>' . $auctionChar->getSkill(5) . '</td></tr>';
			$main_content .= '</table></td>';
############ SHOW EQ ############
			foreach($SQL->query('SELECT * FROM `player_items` WHERE `player_id` = ' . $auctionChar->getId() . ' AND `pid` >= 1 AND `pid` <= 10;') as $item)
				$player_items[$item['pid']] = $item['itemtype'];
			$row = 0;
			$main_content .= '<td><table style="border-spacing: 1px">';
			$main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/2.gif)"><img src="/images/items/' . $player_items[2] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/1.gif)"><img src="/images/items/' . $player_items[1] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/3.gif)"><img src="/images/items/' . $player_items[3] . '.gif" alt="" class="showItemImage"/></td></tr>';
			$main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/6.gif)"><img src="/images/items/' . $player_items[6] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/4.gif)"><img src="/images/items/' . $player_items[4] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/5.gif)"><img src="/images/items/'. $player_items[5] . '.gif" alt="" class="showItemImage"/></td></tr>';
			$main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/9.gif)"><img src="/images/items/'. $player_items[9] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/7.gif)"><img src="/images/items/'. $player_items[7] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/10.gif)"><img src="/images/items/'. $player_items[10] . '.gif" alt="" class="showItemImage"/></td></tr>';
			$main_content .= '<tr><td class="showItemSquare" style="background-color: #232323;text-align: center">Soul:<br />' . $auctionChar->getSoul() . '</td>';
			$main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/8.gif)"><img src="/images/items/'. $player_items[8] . '.gif" alt="" class="showItemImage"/></td>';
			$main_content .= '<td class="showItemSquare" style="background-color: #232323;text-align: center">Cap:<br />' . $auctionChar->getCap() . '</td></tr>';
            $main_content .= '</tr></table></td>';
			$main_content .= '</tr></table>';
############ SHOW DONATORS SHOP ITEMS ############
			$donators_items = $SQL->query('SELECT `player_items`.`itemtype`, SUM(`player_items`.`count`) AS count, `z_shop_offer`.`offer_name` AS name FROM `player_items`, `z_shop_offer` WHERE `player_items`.`player_id` = ' . $auctionChar->getId() . ' AND `z_shop_offer`.`offer_type` = \'item\' AND `player_items`.`itemtype` = `z_shop_offer`.`itemid1` GROUP BY `player_items`.`itemtype`;')->fetchAll();
			$donators_depotitems = $SQL->query('SELECT `player_depotitems`.`itemtype`, SUM(`player_depotitems`.`count`) AS count, `z_shop_offer`.`offer_name` AS name FROM `player_depotitems`, `z_shop_offer` WHERE `player_depotitems`.`player_id` = ' . $auctionChar->getId() . ' AND `z_shop_offer`.`offer_type` = \'item\' AND `player_depotitems`.`itemtype` = `z_shop_offer`.`itemid1` GROUP BY `player_depotitems`.`itemtype`;')->fetchAll();
			if(count($donators_items) > 0 || count($donators_depotitems) > 0)
			{
				$main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;padding-top: 30px;">';
				if(count($donators_items) > 0)
				{
					$main_content .= '<tr class="tableHead"><td colspan="3">DONATORS ITEMS</td></tr>';
					$row = 0;
					foreach($donators_items as $donator_item)
						$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td class="showItemSquare"><img src="/images/items/'. $donator_item['itemtype'] . '.gif" alt="" class="showItemImage"/></td><td>' . $donator_item['count'] .'x</td><td>' . $donator_item['name'] . '</td></tr>';
				}
				if(count($donators_depotitems) > 0)
				{
					$main_content .= '<tr class="tableHead"><td colspan="3">DONATORS IN DEPOT</td></tr>';
					$row = 0;
					foreach($donators_depotitems as $donator_depotitem)
						$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td class="showItemSquare"><img src="/images/items/'. $donator_depotitem['itemtype'] . '.gif" alt="" class="showItemImage"/></td><td>' . $donator_depotitem['count'] .'x</td><td>' . $donator_depotitem['name'] . '</td></tr>';
				}
				$main_content .= '</table>';
			}
############ SHOW AUCTION INFO ############
			$row = 0;
			$main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;padding-top: 30px;">';
			$main_content .= '<tr class="tableHead"><td colspan="2">AUCTION INFO</td></tr>';
			if($auctionInfo['buy_now'] > 0)
				$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Buy now:</td><td>' . $auctionInfo['buy_now'] . ' premium points</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Highest bid:</td><td>' . $auctionInfo['bid'] . ' premium points</td></tr>';
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Time left:</td><td><div name="timer_' . $auctionInfo['id'] . '" id="timer_' . $auctionInfo['id'] . '">' . time_left($auctionInfo['finish_time'] - time()) . '</div></td></tr>';
			$main_content .= '</table><br /><script type="text/javascript">countdown(' . ($auctionInfo['finish_time'] - time()) . ', \'timer_' . $auctionInfo['id'] . '\');</script>';
			if($auctionInfo['state'] == 0)
			{
				$main_content .= '<form action="?subtopic=sellchar&action=bid&id=' . $auctionInfo['id'] . '" method="post" onsubmit="return checkBid(' . (($logged) ? $account_logged->getId() : 0) . ', ' . $auctionInfo['bidder'] . ', ' . (($logged) ? $account_logged->getPremiumPoints() : 0) . ', ' . $auctionInfo['bid'] . ');">';
				$main_content .= '<table class="tableFonts" style="float: left;">';
				$main_content .= '<tr class="tableHead"><td colspan="2">YOUR BID</td></tr>';
				$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Bid:</td><td><input type="text" id="bid" name="bid" value="' . ($auctionInfo['bid'] + 1) . '" /> pp</td></tr>';
				$main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td colspan="2" style="text-align: center;"><input type="submit" value="BID" /></td></tr></table></form><br />';
				if($auctionInfo['buy_now'] > 0)
					$main_content .= '<a href="?subtopic=sellchar&action=buy&id=' . $auctionInfo['id'] . '" class="linkButton" style="float: right;" onclick="return checkBuyNow(' . (($logged) ? $account_logged->getId() : 0) . ', ' . (($logged) ? $account_logged->getPremiumPoints() : 0) . ', ' . $auctionInfo['buy_now'] . ');">BUY NOW!</a>';
			}
			$main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar" class="linkButton">BACK</a></div>';
		}
		else
			$main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd;
	}
	else
		$main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd;
}
elseif($action == "bid") ############ BID CHARACTER ############
{
	$main_content .= '<div class="bigText" style="text-align: center">Bid character</div>';
	if($logged)
	{
		$auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `id` = ' . (int) $_REQUEST['id'])->fetch();
		if(isset($auctionInfo['id']))
		{
			$auctionChar = new OTS_Player();
			$auctionChar->load($auctionInfo['char_id']);
			if($auctionChar->isLoaded())
			{
				if($account_logged->getPremiumPoints() > $auctionInfo['bid'] || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() > 0))
				{
					if(isset($_REQUEST['bid']) && (int) $_REQUEST['bid'] > 0)
					{
						$userBid = (int) $_REQUEST['bid'];
						if($account_logged->getPremiumPoints() >= $userBid || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() + $auctionInfo['bid'] >= $userBid))
						{
							if($userBid > $auctionInfo['bid'])
							{
								if($account_logged->getId() != $auctionInfo['bidder'])
								{
									$last_bidder = new OTS_Account();
									$last_bidder->load($auctionInfo['bidder']);
									if($last_bidder->isLoaded())
									{
										$last_bidder->setPremiumPoints($last_bidder->getPremiumPoints() + $auctionInfo['bid']);
										$last_bidder->save();
									}
									$account_logged->setPremiumPoints($account_logged->getPremiumPoints() - $userBid);
								}
								else
									$account_logged->setPremiumPoints($account_logged->getPremiumPoints() + $auctionInfo['bid'] - $userBid);
								$account_logged->save();
								$SQL->query('UPDATE `characters_auctions` SET `bid` = ' . $userBid . ', `bidder` = ' . $account_logged->getId() . ' WHERE `id` = ' . $auctionInfo['id']);
								if($auctionInfo['finish_time'] - time() < 60)
									$SQL->query('UPDATE `characters_auctions` SET `finish_time` = ' . time() + 60 . ' WHERE `id` = ' . $auctionInfo['id']);
								$main_content .= '<div class="normalText">You have bidded ' . $userBid . ' premium points on auction ID ' . $auctionInfo['id'] . '!</div>';
								$main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar&action=show&id=' . $auctionInfo['id'] . '" class="linkButton">BACK</a></div>';
							}
							else
								$main_content .= $errorFormStart . 'Sorry! Your bid is lower then current highest bid.<br />Your bid is: ' . $userBid . '<br />Highest bid: ' . $auctionInfo['bid'] . '' . $errorFormEnd;
						}
						else
							$main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />Your bid is: ' . $userBid . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd;
					}
					else
						$main_content .= $errorFormStart . 'You must bid more then 0.' . $errorFormEnd;
				}
				else
					$main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />Highest bid is: ' . $auctionInfo['bid'] . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd;
			}
			else
				$main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd;
		}
		else
			$main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd;
	}
	else
		$main_content .= $errorFormStart . 'You are not logged in.' . $errorFormEnd;
}
elseif($action == "buy") ############ BUY CHARACTER ############
{
	$main_content .= '<div class="bigText" style="text-align: center">Buy character</div>';
	if($logged)
	{
		$auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `id` = ' . (int) $_REQUEST['id'])->fetch();
		if(isset($auctionInfo['id']))
		{
			if($auctionInfo['buy_now'] > 0)
			{
				$auctionChar = new OTS_Player();
				$auctionChar->load($auctionInfo['char_id']);
				if($auctionChar->isLoaded())
				{
					if($account_logged->getPremiumPoints() >= $auctionInfo['buy_now'] || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() + $auctionInfo['bid'] >= $auctionInfo['buy_now']))
					{
						if($account_logged->getId() != $auctionInfo['bidder'])
						{
							$last_bidder = new OTS_Account();
							$last_bidder->load($auctionInfo['bidder']);
							if($last_bidder->isLoaded())
							{
								$last_bidder->setPremiumPoints($last_bidder->getPremiumPoints() + $auctionInfo['bid']);
								$last_bidder->save();
							}
							$account_logged->setPremiumPoints($account_logged->getPremiumPoints() - $auctionInfo['buy_now']);
						}
						else
							$account_logged->setPremiumPoints($account_logged->getPremiumPoints() + $auctionInfo['bid'] - $auctionInfo['buy_now']);
						$account_logged->save();
						$auctionChar->setAccount($account_logged);
						$auctionChar->setGroup(1);
						$auctionChar->save();
						$SQL->query('INSERT INTO `bans` (`id` , `type` , `value` ,`param` ,`active` ,`expires` ,`added` ,`admin_id` ,`comment` ,`reason` ,`action` ,`statement`) VALUES (NULL , 2, ' .$auctionChar->getId() . ', 2, 1, -1, ' . time() . ', 1, \'BUY CHAR\', 0, 1, \'\');');
						$SQL->query('UPDATE `characters_auctions` SET `state` = 2, `finish_time` = ' . time() . ', `bidder` = ' . $account_logged->getId() . ', `bid` = `buy_now` WHERE `id` = ' . $auctionInfo['id']);
						$main_content .= '<div class="normalText">You have bought new character! Character is now on your account. Login in game and select new name for your character.</div>';
						$main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar" class="linkButton">BACK</a></div>';
					}
					else
						$main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />It cost: ' . $auctionInfo['buy_now'] . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd;
				}
				else
					$main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd;
			}
			else
				$main_content .= $errorFormStart . 'ERROR! You can not buy this character by Buy Now option. You can only Bid on auction.' . $errorFormEnd;
		}
		else
			$main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd;
	}
	else
		$main_content .= $errorFormStart . 'You are not logged in.' . $errorFormEnd;
}
else ############ SHOW LIST OF AUCTIONS ############
{
	if(isset($_REQUEST['delete']))
		if($logged && $account_logged->getPageAccess() >= $add_character_page_access)
		{
			$SQL->query('DELETE FROM `characters_auctions` WHERE `id` = ' . (int) $_REQUEST['delete']);
			$main_content .= $errorFormStart . 'Auction ' . (int) $_REQUEST['delete'] . ' should be deleted.' . $errorFormEnd;
		}
		else
			$main_content .= $errorFormStart . 'You can not delete. You do not have access.' . $errorFormEnd;
	$main_content .= '<div class="bigText" style="text-align: center">Characters Auctions</div>';
	$main_content .= '<div class="normalText">With this system you can buy un-used (inactive) characters by auctioning for them. When you bid on a character it will automatically take premium points from your account. If someone out-bids you, you will get those premium points added back to your account. If the auction time is under 2 minutes when someone bids, 1 minute will automatically be added to the auction time to give time for a re-bid from the previous bidder. If you choose to "buy now" you will get the character within 1 minute.</div>';
	$main_content .= '<table class="tableFonts"><tr class="tableHead" style="font-size: 28px;text-align: center"><td>Time left</td><td>Char info</td><td>Buy now</td><td>Highest bid</td></tr>';
	foreach($SQL->query('SELECT * FROM `characters_auctions` WHERE `finish_time` > ' . time())->fetchAll() as $auctionInfo)
	{
		$auctionChar = new OTS_Player();
		$auctionChar->load($auctionInfo['char_id']);
		if($auctionChar->isLoaded())
			$main_content .= '<tr class="tableRow' . ($row++ % 2) . '" style="font-size: 16px;text-align: center" onclick="window.location = \'?subtopic=sellchar&action=show&id=' . $auctionInfo['id'] . '\'"><td><div id="timer_' . $auctionInfo['id'] . '">' . time_left($auctionInfo['finish_time'] - time()) . '</div></td><td>' . $auctionChar->getLevel() . ' ' . $vocation_name[$auctionChar->getWorld()][$auctionChar->getPromotion()][$auctionChar->getVocation()] . '</td><td>' . $auctionInfo['buy_now'] . ' pp</td><td>' . $auctionInfo['bid'] . ' pp</td></tr>';
		$timers['timer_' . $auctionInfo['id']] = $auctionInfo['finish_time'] - time();
	}
	$main_content .= '</table><br /><div class="normalText">Press on auction to get more informations.</div>';
	$main_content .= '<script type="text/javascript">';
	foreach($timers as $timer_id => $time_left)
		$main_content .= 'countdown(' . $time_left . ', \'' . $timer_id . '\');';
	$main_content .= '</script>';
}
$main_content .= '<br /><br />';
?>
 
Warning: Invalid argument supplied for foreach() on line 508
why?

PHP:
foreach($timers as $timer_id => $time_left) 
        $main_content .= 'countdown(' . $time_left . ', \'' . $timer_id . '\');'; 
    $main_content .= '</script>'; 
}
 
why?

PHP:
foreach($timers as $timer_id => $time_left) 
        $main_content .= 'countdown(' . $time_left . ', \'' . $timer_id . '\');'; 
    $main_content .= '</script>'; 
}
Ohhh.. I forgot :p
This error occurs when you have high error reporting level in PHP. Paste over this code line:
PHP:
if(isset($timers))
I didn't test code on newest PHP 5 (or 6) with has high error reporting level by default. :$
FIXED CODE:
PHP:
<?PHP 
################################################# 
### Scripted by PhoOwned                      ### 
### All rights reserverd                      ### 
### Do not use/distribute without permission! ### 
### Contact: [email protected]                   ### 
###          [email protected]               ### 
################################################# 
/* 
In MySQL: 
CREATE TABLE `characters_auctions` ( 
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , 
`state` TINYINT( 1 ) NOT NULL DEFAULT '0' , 
`finish_time` INT NOT NULL , 
`char_id` INT NOT NULL , 
`buy_now` INT NOT NULL , 
`bid` INT NOT NULL , 
`bidder` INT NOT NULL , 
INDEX ( `finish_time` )); 
*/ 
$add_character_page_access = 3; 
$auctions_default_time = 3 * 24;// auction item in hours 
// styles and scripts 
$main_content .= '  
    <style type="text/css"> 
    .tableFonts {color: #FFFFFF} 
    .tableHead {background-color: #9C5566;text-align: center;vertical-align: middle;font-size: 20pt} 
    .tableRow0 {background-color: #003300;text-align: left;vertical-align: middle;font-size: 12pt} 
    .tableRow0:hover {background-color: #009900;} 
    .tableRow1 {background-color: #551111;text-align: left;vertical-align: middle;font-size: 12pt} 
    .tableRow1:hover {background-color: #AA1111;} 
    .tableRowSmall0 {background-color: #003300;text-align: left;vertical-align: middle;font-size: 10pt} 
    .tableRowSmall0:hover {background-color: #009900;} 
    .tableRowSmall1 {background-color: #551111;text-align: left;vertical-align: middle;font-size: 10pt} 
    .tableRowSmall1:hover {background-color: #AA1111;} 
    .linkButton {background-color: #008800;font-size: 14pt;padding: 6px;text-shadow: 2mm 2mm 2mm #342423;letter-spacing: 2mm} 
    .linkButton:hover {background-color: yellow;} 
    .bigText {font-size: 24pt} 
    .normalText {font-size: 12pt;} 
    .showItemSquare {height: 49px;width: 39px;padding: 7px;} 
    .showItemImage {height: 40px;width: 40px;padding: 0px;} 
    input {text-align: right;} 
     
    .er{display:block} 
    .er *{ 
      display:block; 
      height:1px; 
      overflow:hidden; 
      font-size:.01em; 
      background:#b20000} 
    .er1{ 
      margin-left:3px; 
      margin-right:3px; 
      padding-left:1px; 
      padding-right:1px; 
      border-left:1px solid #870000; 
      border-right:1px solid #870000; 
      background:#9f0000} 
    .er2{ 
      margin-left:1px; 
      margin-right:1px; 
      padding-right:1px; 
      padding-left:1px; 
      border-left:1px solid #6f0000; 
      border-right:1px solid #6f0000; 
      background:#a30000} 
    .er3{ 
      margin-left:1px; 
      margin-right:1px; 
      border-left:1px solid #a30000; 
      border-right:1px solid #a30000;} 
    .er4{ 
      border-left:1px solid #870000; 
      border-right:1px solid #870000} 
    .er5{ 
      border-left:1px solid #9f0000; 
      border-right:1px solid #9f0000} 
    .erfg{ 
      background:#b20000;font-size: 16pt;text-align: center} 
    </style> 
    <script type="text/javascript"> 
        function checkLogin(account_id) { 
        if(account_id == 0) 
        { 
        alert ("You are not logged in."); 
        return false 
        } 
        return true 
        } 
         
        function checkBid(account_id, bidder_id, user_points, bid_now) { 
        if(!checkLogin(account_id)) 
        return false 
        var bid = window.document.getElementById("bid").value; 
        if(bid <= bid_now) 
        { 
            alert ("Current highest bid is " + bid_now + ". You can not bid " + bid + "."); 
            return false 
        } 
        if(bid > user_points) 
        { 
            alert ("You can not bid " + bid + ". You have only " + user_points + "."); 
            return false 
        } 
        if(account_id == bidder_id) 
        { 
        var answer = confirm ("You have highest bid in this auction. Are you sure you want make higher bid?") 
        if (answer) 
        return true 
        else 
        return false 
        } 
        return true 
        } 
         
        function checkBuyNow(account_id, user_points, buy_now) { 
        if(!checkLogin(account_id)) 
        return false 
        if(user_points < buy_now) 
        { 
            alert ("This character cost " + buy_now + ". You have only " + user_points + "."); 
            return false 
        } 
        var answer = confirm ("This character cost " + buy_now + ". Do you want to buy it?") 
        if (answer) 
        return true 
        else 
        return false 
        } 
         
        var innerHTML; 
        function countdown(Time_Left, target_id) 
        { 
        if(Time_Left <= 0) 
        { 
            document.getElementById(target_id).innerHTML = \'Finished\'; 
            return 0; 
        } 
        setTimeout(countdown, 1000, Time_Left-1, target_id); 
        //More datailed. 
        days = Math.floor(Time_Left / (60 * 60 * 24)); 
        Time_Left %= (60 * 60 * 24); 
        hours = Math.floor(Time_Left / (60 * 60)); 
        Time_Left %= (60 * 60); 
        minutes = Math.floor(Time_Left / 60); 
        Time_Left %= 60; 
        seconds = Time_Left; 

        dps = \'s\'; hps = \'s\'; mps = \'s\'; sps = \'s\'; 
        //ps is short for plural suffix. 
        if(days == 1) dps =\'\'; 
        if(hours == 1) hps =\'\'; 
        if(minutes == 1) mps =\'\'; 
        if(seconds == 1) sps =\'\'; 

        innerHTML = days + \' day\' + dps + \' \'; 
        innerHTML += hours + \' hour\' + hps + \' \'; 
        innerHTML += minutes + \' minute\' + mps + \' and \'; 
        innerHTML += seconds + \' second\' + sps; 

        document.getElementById(target_id).innerHTML = innerHTML; 
        } 
    </script>'; 
     
$errorFormStart = '<div><b class="er"><b class="er1"><b></b></b><b class="er2"><b></b></b><b class="er3"></b><b class="er4"></b><b class="er5"></b></b><div class="erfg">'; 
$errorFormEnd = '</div><b class="er"><b class="er5"></b><b class="er4"></b><b class="er3"></b><b class="er2"><b></b></b><b class="er1"><b></b></b></b></div>'; 
function time_left($integer) 
 {  
     if($integer <= 0) return "Finished"; 
     $seconds=$integer; 
     if ($seconds/60 >=1)  
     { 
         $minutes=floor($seconds/60); 
         if ($minutes/60 >= 1)  
         { # Hours  
             $hours=floor($minutes/60); 
             if ($hours/24 >= 1)  
             { #days  
                     $days=floor($hours/24); 
                     if ($days/7 >=1)  
                     { #weeks  
                         $weeks=floor($days/7); 
                         if ($weeks>=2) $return="$weeks weeks"; 
                         else $return="$weeks week"; 
                     } #end of weeks  
                     $days=$days-(floor($days/7))*7; 
                     if ($weeks>=1 && $days >=1) $return="$return, "; 
                     if ($days >=2) $return="$return $days d"; 
                     if ($days ==1) $return="$return $days d"; 
             } #end of days 
             $hours=$hours-(floor($hours/24))*24; 
             if ($days>=1 && $hours >=1) $return="$return, "; 
             if ($hours >=2 || $hours ==0) $return="$return $hours h"; 
             if ($hours ==1) $return="$return $hours h"; 
         } #end of Hours 
         $minutes=$minutes-(floor($minutes/60))*60; 
         if ($hours>=1 && $minutes >=1) $return="$return, "; 
         if ($minutes >=2 || $minutes ==0) $return="$return $minutes m"; 
         if ($minutes ==1) $return="$return $minutes m"; 
     } #end of minutes  
     $seconds=$integer-(floor($integer/60))*60; 
     if ($minutes>=1 && $seconds >=1) $return="$return, "; 
     if ($seconds >=2 || $seconds ==0) $return="$return $seconds sec"; 
     if ($seconds ==1) $return="$return $seconds sec"; 
     $return="$return."; 
     return $return; 
 } 
############ FINISH AUCTIONS AND ADD CHARACTERS ############ 
foreach($SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `finish_time` <= ' . time())->fetchAll() as $finishedAuction) 
{ 
    if($finishedAuction['bidder'] > 0) 
    { 
        // if server show error in one of lines below it mean 
        // someone delete character or account that won auction 
        // admin must check it manualy (give points back to account that won auction?) 
        $finishedAuctionBidder = new OTS_Account(); 
        $finishedAuctionBidder->load($finishedAuction['bidder']); 
        $finishedAuctionChar = new OTS_Player(); 
        $finishedAuctionChar->load($finishedAuction['char_id']); 
        $finishedAuctionChar->setAccount($finishedAuctionBidder); 
        $finishedAuctionChar->setGroup(1); 
        $finishedAuctionChar->save(); 
        $SQL->query('UPDATE `characters_auctions` SET `state` = 2 WHERE `id` = ' . $finishedAuction['id']); 
        $SQL->query('INSERT INTO `bans` (`id` , `type` , `value` ,`param` ,`active` ,`expires` ,`added` ,`admin_id` ,`comment` ,`reason` ,`action` ,`statement`) VALUES (NULL , 2, ' .$auctionChar->getId() . ', 2, 1, -1, ' . time() . ', 1, \'BUY CHAR\', 0, 1, \'\');'); 
    } 
    else 
        $SQL->query('UPDATE `characters_auctions` SET `state` = 1 WHERE `id` = ' . $finishedAuction['id']); 
} 
############ VISIBLE THINGS ############ 
if($logged && $account_logged->getPageAccess() >= $add_character_page_access) 
    $main_content .= '<div class="normalText"><a href="?subtopic=sellchar&action=addauction">ADMIN PANEL: >ADD AUCTION<</a></div>'; 
if($action == "addauction") ############ ADD AUCTION / VIEW CHARACTERS LIST ############ 
{ 
    if($logged && $account_logged->getPageAccess() >= $add_character_page_access) 
    { 
        $daysAgo = (int) $_REQUEST['days_ago']; 
        $nameContains = $_REQUEST['name_contains']; 
        $minLevel = (int) $_REQUEST['min_level']; 
        $maxLastLogout = time() - $daysAgo * 24 * 3600; 
        $orderBy = ($_REQUEST['order_by'] == 'lastlogout') ? $_REQUEST['order_by'] : 'level'; 
        $orderType = ($_REQUEST['order_type'] == 'DESC') ? $_REQUEST['order_type'] : 'ASC'; 
        $resultsLimit = (isset($_REQUEST['results_limit'])) ? (int) $_REQUEST['results_limit'] : 30; 
        if(isset($_REQUEST['id'])) 
        { 
            $id = (int) $_REQUEST['id']; 
            $priceAuction = (int) $_REQUEST['price_auction']; 
            $priceBuyNow = (int) $_REQUEST['price_buy_now']; 
            $auctionTime = (int) $_REQUEST['auction_time'] * 3600; 
            $SQL->query('INSERT INTO `characters_auctions` (`id` ,`finish_time` ,`char_id` ,`buy_now` ,`bid` ,`bidder`) VALUES (NULL , ' . (time() + $auctionTime) . ', ' . $id . ', ' . $priceBuyNow . ', ' . $priceAuction . ', 0);'); 
            $main_content .= $errorFormStart . 'Character with ID ' . $id . ' auction added.' . $errorFormEnd; 
        } 
        $charsAlreadyOnAuctions = array(0); 
        foreach($SQL->query('SELECT `char_id` FROM `characters_auctions` WHERE `state` = 0') as $charsAlreadyOnAuction) 
            $charsAlreadyOnAuctions[] = $charsAlreadyOnAuction['char_id']; 
        $main_content .= '<div class="bigText" style="text-align: center">Add Auction</div>'; 
        $main_content .= '<div class="normalText">If you leave Buy Now field empty or set it to 0 it will be not possible to buy character by option \'Buy Now\'.</div>'; 
        $main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;">'; 
        $main_content .= '<tr class="tableHead"><td colspan="8">CHARACTERS LIST</td></tr>'; 
        $main_content .= '<form action="?" method="get"><input type="hidden" name="subtopic" value="sellchar" /><input type="hidden" name="action" value="addauction" />'; 
        $main_content .= '<tr class="tableHead" style="font-size: 10pt;"><td colspan="2">ORDER BY</td><td><select name="order_by"><option' . (($orderBy == 'lastlogout') ? ' selected="selected"' : '') . '>lastlogout</option><option' . (($orderBy == 'level') ? ' selected="selected"' : '') . '>level</option></select></td><td><select name="order_type"><option' . (($orderType == 'ASC') ? ' selected="selected"' : '') . '>ASC</option><option' . (($orderType == 'DESC') ? ' selected="selected"' : '') . '>DESC</option></select></td><td colspan="4"></td></tr>'; 
        $main_content .= '<tr class="tableHead" style="font-size: 10pt;"><td colspan="3">Nick contains:<br /><input type="text" name="name_contains" value="' . htmlspecialchars($nameContains) .'" size="30" /><td colspan="2">Min. <input type="text" name="min_level" value="' . $minLevel .'" size="4" /> level</td><td>Min. <input type="text" name="days_ago" value="' . $daysAgo .'" size="2" /> days</td><td>Results<br /><input type="text" name="results_limit" value="' . $resultsLimit .'" size="3" /></td><td><input type="submit" value="Search"/></td></tr>'; 
        $main_content .= '</form>'; 
        ############ SEARCH FORM ############ 
        $main_content .= '<tr class="tableHead" style="font-size: 14pt;"><td>ID</td><td>Nick</td><td>Level & Vocation</td><td>Offline</td><td>Auction time</td><td>Auction min. offer</td><td>Buy Now</td><td>Add</td></tr>'; 
        foreach($SQL->query('SELECT * FROM `players` WHERE `id` NOT IN (' . implode(",", $charsAlreadyOnAuctions) . ') AND `lastlogout` > 0 AND `level` >= ' . $SQL->quote($minLevel) . ' AND `lastlogout` <= ' . $SQL->quote($maxLastLogout) . ' AND `name` LIKE ' . $SQL->quote('%'.$nameContains.'%') . ' ORDER BY `' . $orderBy . '` ' . $orderType . ', `name` ASC LIMIT ' . $resultsLimit .';') as $player) 
            $main_content .= '<form action="?subtopic=sellchar&action=addauction&order_by=' . $orderBy .'&order_type=' . $orderType . '&name_contains=' . urlencode($nameContains) . '&min_level=' . $minLevel . '&days_ago=' . $daysAgo . '&results_limit=' . $resultsLimit . '" method="post"><input type="hidden" name="id" value="' . $player['id'] . '" /><tr class="tableRow' . ($row++ % 2) . '"><td>' . $player['id'] . '</td><td>' . $player['name'] . '</td><td>' . $player['level'] . ' ' . $vocation_name[$player['world_id']][$player['promotion']][$player['vocation']] . '</td><td style="float: right;">' . (floor((time() - $player['lastlogin']) / 86400)) . ' days</td><td><input type="text" name="auction_time" value="' . $auctions_default_time . '" size="3" /> hours</td><td><input type="text" name="price_auction" value="" size="5" /> pp</td><td><input type="text" name="price_buy_now" value="" size="5" /> pp</td><td><input type="submit" value="Add Auction" /></td></tr></form>'; 
        $main_content .= '</table>'; 
    } 
    else 
        $main_content .= $errorFormStart . 'ERROR! You do not have access to this page.' . $errorFormEnd; 
} 
elseif($action == "show") ############ SHOW CHARACTER INFO ############ 
{ 
    $auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `id` = ' . (int) $_REQUEST['id'])->fetch(); 
    $main_content .= '<div class="bigText" style="text-align: center">Auction Info</div>'; 
    if(isset($auctionInfo['id'])) 
    { 
        $auctionChar = new OTS_Player(); 
        $auctionChar->load($auctionInfo['char_id']); 
        if($auctionChar->isLoaded()) 
        { 
            if($logged && $account_logged->getPageAccess() >= $add_character_page_access) 
                $main_content .= '<div class="normalText"><a href="?subtopic=sellchar&delete=' . $auctionInfo['id'] . '">ADMIN PANEL: >DELETE AUCTION<</a></div>'; 
############ SHOW STATS ############ 
            $row = 0; 
            $main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;">'; 
            $main_content .= '<tr class="tableHead"><td colspan="3">CHARACTER INFO</td></tr>'; 
            $main_content .= '<tr><td><table style="width: 360px;border-spacing: 1px">'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>AUCTION ID:</td><td>' . $auctionInfo['id'] . '</td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Name:</td><td>' . $auctionChar->getName() . '<br /><div style="font-size: 8pt;">(You select new name when you win auction.)</div></td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Level:</td><td>' . $auctionChar->getLevel() . '</td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Vocation:</td><td>' . $vocation_name[$auctionChar->getWorld()][$auctionChar->getPromotion()][$auctionChar->getVocation()] . '</td></tr>';
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Health:</td><td>' . $auctionChar->getHealthMax() . '</td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Mana:</td><td>' . $auctionChar->getManaMax() . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Magic Level:</td><td>' . $auctionChar->getMagLevel() . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Sword:</td><td>' . $auctionChar->getSkill(2) . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Axe:</td><td>' . $auctionChar->getSkill(3) . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Club:</td><td>' . $auctionChar->getSkill(1) . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Distance:</td><td>' . $auctionChar->getSkill(4) . '</td></tr>'; 
            $main_content .= '<tr class="tableRowSmall' . ($row++ % 2) . '"><td>Shielding:</td><td>' . $auctionChar->getSkill(5) . '</td></tr>'; 
            $main_content .= '</table></td>'; 
############ SHOW EQ ############ 
            foreach($SQL->query('SELECT * FROM `player_items` WHERE `player_id` = ' . $auctionChar->getId() . ' AND `pid` >= 1 AND `pid` <= 10;') as $item) 
                $player_items[$item['pid']] = $item['itemtype']; 
            $row = 0; 
            $main_content .= '<td><table style="border-spacing: 1px">'; 
            $main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/2.gif)"><img src="/images/items/' . $player_items[2] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/1.gif)"><img src="/images/items/' . $player_items[1] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/3.gif)"><img src="/images/items/' . $player_items[3] . '.gif" alt="" class="showItemImage"/></td></tr>'; 
            $main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/6.gif)"><img src="/images/items/' . $player_items[6] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/4.gif)"><img src="/images/items/' . $player_items[4] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/5.gif)"><img src="/images/items/'. $player_items[5] . '.gif" alt="" class="showItemImage"/></td></tr>'; 
            $main_content .= '<tr><td class="showItemSquare" style="background-image: url(/images/items/9.gif)"><img src="/images/items/'. $player_items[9] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/7.gif)"><img src="/images/items/'. $player_items[7] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/10.gif)"><img src="/images/items/'. $player_items[10] . '.gif" alt="" class="showItemImage"/></td></tr>'; 
            $main_content .= '<tr><td class="showItemSquare" style="background-color: #232323;text-align: center">Soul:<br />' . $auctionChar->getSoul() . '</td>'; 
            $main_content .= '<td class="showItemSquare" style="background-image: url(/images/items/8.gif)"><img src="/images/items/'. $player_items[8] . '.gif" alt="" class="showItemImage"/></td>'; 
            $main_content .= '<td class="showItemSquare" style="background-color: #232323;text-align: center">Cap:<br />' . $auctionChar->getCap() . '</td></tr>'; 
            $main_content .= '</tr></table></td>'; 
            $main_content .= '</tr></table>'; 
############ SHOW DONATORS SHOP ITEMS ############ 
            $donators_items = $SQL->query('SELECT `player_items`.`itemtype`, SUM(`player_items`.`count`) AS count, `z_shop_offer`.`offer_name` AS name FROM `player_items`, `z_shop_offer` WHERE `player_items`.`player_id` = ' . $auctionChar->getId() . ' AND `z_shop_offer`.`offer_type` = \'item\' AND `player_items`.`itemtype` = `z_shop_offer`.`itemid1` GROUP BY `player_items`.`itemtype`;')->fetchAll(); 
            $donators_depotitems = $SQL->query('SELECT `player_depotitems`.`itemtype`, SUM(`player_depotitems`.`count`) AS count, `z_shop_offer`.`offer_name` AS name FROM `player_depotitems`, `z_shop_offer` WHERE `player_depotitems`.`player_id` = ' . $auctionChar->getId() . ' AND `z_shop_offer`.`offer_type` = \'item\' AND `player_depotitems`.`itemtype` = `z_shop_offer`.`itemid1` GROUP BY `player_depotitems`.`itemtype`;')->fetchAll(); 
            if(count($donators_items) > 0 || count($donators_depotitems) > 0) 
            { 
                $main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;padding-top: 30px;">'; 
                if(count($donators_items) > 0) 
                { 
                    $main_content .= '<tr class="tableHead"><td colspan="3">DONATORS ITEMS</td></tr>'; 
                    $row = 0; 
                    foreach($donators_items as $donator_item) 
                        $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td class="showItemSquare"><img src="/images/items/'. $donator_item['itemtype'] . '.gif" alt="" class="showItemImage"/></td><td>' . $donator_item['count'] .'x</td><td>' . $donator_item['name'] . '</td></tr>'; 
                } 
                if(count($donators_depotitems) > 0) 
                { 
                    $main_content .= '<tr class="tableHead"><td colspan="3">DONATORS IN DEPOT</td></tr>'; 
                    $row = 0; 
                    foreach($donators_depotitems as $donator_depotitem) 
                        $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td class="showItemSquare"><img src="/images/items/'. $donator_depotitem['itemtype'] . '.gif" alt="" class="showItemImage"/></td><td>' . $donator_depotitem['count'] .'x</td><td>' . $donator_depotitem['name'] . '</td></tr>'; 
                } 
                $main_content .= '</table>'; 
            } 
############ SHOW AUCTION INFO ############ 
            $row = 0; 
            $main_content .= '<table class="tableFonts" style="margin-left: auto;margin-right: auto;padding-top: 30px;">'; 
            $main_content .= '<tr class="tableHead"><td colspan="2">AUCTION INFO</td></tr>'; 
            if($auctionInfo['buy_now'] > 0) 
                $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Buy now:</td><td>' . $auctionInfo['buy_now'] . ' premium points</td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Highest bid:</td><td>' . $auctionInfo['bid'] . ' premium points</td></tr>'; 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Time left:</td><td><div name="timer_' . $auctionInfo['id'] . '" id="timer_' . $auctionInfo['id'] . '">' . time_left($auctionInfo['finish_time'] - time()) . '</div></td></tr>'; 
            $main_content .= '</table><br /><script type="text/javascript">countdown(' . ($auctionInfo['finish_time'] - time()) . ', \'timer_' . $auctionInfo['id'] . '\');</script>'; 
            if($auctionInfo['state'] == 0) 
            { 
                $main_content .= '<form action="?subtopic=sellchar&action=bid&id=' . $auctionInfo['id'] . '" method="post" onsubmit="return checkBid(' . (($logged) ? $account_logged->getId() : 0) . ', ' . $auctionInfo['bidder'] . ', ' . (($logged) ? $account_logged->getPremiumPoints() : 0) . ', ' . $auctionInfo['bid'] . ');">'; 
                $main_content .= '<table class="tableFonts" style="float: left;">'; 
                $main_content .= '<tr class="tableHead"><td colspan="2">YOUR BID</td></tr>'; 
                $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td>Bid:</td><td><input type="text" id="bid" name="bid" value="' . ($auctionInfo['bid'] + 1) . '" /> pp</td></tr>'; 
                $main_content .= '<tr class="tableRow' . ($row++ % 2) . '"><td colspan="2" style="text-align: center;"><input type="submit" value="BID" /></td></tr></table></form><br />'; 
                if($auctionInfo['buy_now'] > 0) 
                    $main_content .= '<a href="?subtopic=sellchar&action=buy&id=' . $auctionInfo['id'] . '" class="linkButton" style="float: right;" onclick="return checkBuyNow(' . (($logged) ? $account_logged->getId() : 0) . ', ' . (($logged) ? $account_logged->getPremiumPoints() : 0) . ', ' . $auctionInfo['buy_now'] . ');">BUY NOW!</a>'; 
            } 
            $main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar" class="linkButton">BACK</a></div>'; 
        } 
        else 
            $main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd; 
    } 
    else 
        $main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd; 
} 
elseif($action == "bid") ############ BID CHARACTER ############ 
{ 
    $main_content .= '<div class="bigText" style="text-align: center">Bid character</div>'; 
    if($logged) 
    { 
        $auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `id` = ' . (int) $_REQUEST['id'])->fetch(); 
        if(isset($auctionInfo['id'])) 
        { 
            $auctionChar = new OTS_Player(); 
            $auctionChar->load($auctionInfo['char_id']); 
            if($auctionChar->isLoaded()) 
            { 
                if($account_logged->getPremiumPoints() > $auctionInfo['bid'] || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() > 0)) 
                { 
                    if(isset($_REQUEST['bid']) && (int) $_REQUEST['bid'] > 0) 
                    { 
                        $userBid = (int) $_REQUEST['bid']; 
                        if($account_logged->getPremiumPoints() >= $userBid || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() + $auctionInfo['bid'] >= $userBid)) 
                        { 
                            if($userBid > $auctionInfo['bid']) 
                            { 
                                if($account_logged->getId() != $auctionInfo['bidder']) 
                                { 
                                    $last_bidder = new OTS_Account(); 
                                    $last_bidder->load($auctionInfo['bidder']); 
                                    if($last_bidder->isLoaded()) 
                                    { 
                                        $last_bidder->setPremiumPoints($last_bidder->getPremiumPoints() + $auctionInfo['bid']); 
                                        $last_bidder->save(); 
                                    } 
                                    $account_logged->setPremiumPoints($account_logged->getPremiumPoints() - $userBid); 
                                } 
                                else 
                                    $account_logged->setPremiumPoints($account_logged->getPremiumPoints() + $auctionInfo['bid'] - $userBid); 
                                $account_logged->save(); 
                                $SQL->query('UPDATE `characters_auctions` SET `bid` = ' . $userBid . ', `bidder` = ' . $account_logged->getId() . ' WHERE `id` = ' . $auctionInfo['id']); 
                                if($auctionInfo['finish_time'] - time() < 60) 
                                    $SQL->query('UPDATE `characters_auctions` SET `finish_time` = ' . time() + 60 . ' WHERE `id` = ' . $auctionInfo['id']); 
                                $main_content .= '<div class="normalText">You have bidded ' . $userBid . ' premium points on auction ID ' . $auctionInfo['id'] . '!</div>'; 
                                $main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar&action=show&id=' . $auctionInfo['id'] . '" class="linkButton">BACK</a></div>'; 
                            } 
                            else 
                                $main_content .= $errorFormStart . 'Sorry! Your bid is lower then current highest bid.<br />Your bid is: ' . $userBid . '<br />Highest bid: ' . $auctionInfo['bid'] . '' . $errorFormEnd; 
                        } 
                        else 
                            $main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />Your bid is: ' . $userBid . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd; 
                    } 
                    else 
                        $main_content .= $errorFormStart . 'You must bid more then 0.' . $errorFormEnd; 
                } 
                else 
                    $main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />Highest bid is: ' . $auctionInfo['bid'] . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd; 
            } 
            else 
                $main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd; 
        } 
        else 
            $main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd; 
    } 
    else 
        $main_content .= $errorFormStart . 'You are not logged in.' . $errorFormEnd; 
} 
elseif($action == "buy") ############ BUY CHARACTER ############ 
{ 
    $main_content .= '<div class="bigText" style="text-align: center">Buy character</div>'; 
    if($logged) 
    { 
        $auctionInfo = $SQL->query('SELECT * FROM `characters_auctions` WHERE `state` = 0 AND `id` = ' . (int) $_REQUEST['id'])->fetch(); 
        if(isset($auctionInfo['id'])) 
        { 
            if($auctionInfo['buy_now'] > 0) 
            { 
                $auctionChar = new OTS_Player(); 
                $auctionChar->load($auctionInfo['char_id']); 
                if($auctionChar->isLoaded()) 
                { 
                    if($account_logged->getPremiumPoints() >= $auctionInfo['buy_now'] || ($account_logged->getId() == $auctionInfo['bidder'] && $account_logged->getPremiumPoints() + $auctionInfo['bid'] >= $auctionInfo['buy_now'])) 
                    { 
                        if($account_logged->getId() != $auctionInfo['bidder']) 
                        { 
                            $last_bidder = new OTS_Account(); 
                            $last_bidder->load($auctionInfo['bidder']); 
                            if($last_bidder->isLoaded()) 
                            { 
                                $last_bidder->setPremiumPoints($last_bidder->getPremiumPoints() + $auctionInfo['bid']); 
                                $last_bidder->save(); 
                            } 
                            $account_logged->setPremiumPoints($account_logged->getPremiumPoints() - $auctionInfo['buy_now']); 
                        } 
                        else 
                            $account_logged->setPremiumPoints($account_logged->getPremiumPoints() + $auctionInfo['bid'] - $auctionInfo['buy_now']); 
                        $account_logged->save(); 
                        $auctionChar->setAccount($account_logged); 
                        $auctionChar->setGroup(1); 
                        $auctionChar->save(); 
                        $SQL->query('INSERT INTO `bans` (`id` , `type` , `value` ,`param` ,`active` ,`expires` ,`added` ,`admin_id` ,`comment` ,`reason` ,`action` ,`statement`) VALUES (NULL , 2, ' .$auctionChar->getId() . ', 2, 1, -1, ' . time() . ', 1, \'BUY CHAR\', 0, 1, \'\');'); 
                        $SQL->query('UPDATE `characters_auctions` SET `state` = 2, `finish_time` = ' . time() . ', `bidder` = ' . $account_logged->getId() . ', `bid` = `buy_now` WHERE `id` = ' . $auctionInfo['id']); 
                        $main_content .= '<div class="normalText">You have bought new character! Character is now on your account. Login in game and select new name for your character.</div>'; 
                        $main_content .= '<div style="padding-top: 120px;padding-left: 45%"><a href="?subtopic=sellchar" class="linkButton">BACK</a></div>'; 
                    } 
                    else 
                        $main_content .= $errorFormStart . 'Sorry! You do not have enought premium points.<br />It cost: ' . $auctionInfo['buy_now'] . '<br />You have: ' . $account_logged->getPremiumPoints() . '' . $errorFormEnd;
                } 
                else 
                    $main_content .= $errorFormStart . 'ERROR! Character doesn\'t exist.' . $errorFormEnd; 
            } 
            else 
                $main_content .= $errorFormStart . 'ERROR! You can not buy this character by Buy Now option. You can only Bid on auction.' . $errorFormEnd; 
        } 
        else 
            $main_content .= $errorFormStart . 'ERROR! Auction with this ID doesn\'t exist.' . $errorFormEnd; 
    } 
    else 
        $main_content .= $errorFormStart . 'You are not logged in.' . $errorFormEnd; 
} 
else ############ SHOW LIST OF AUCTIONS ############ 
{ 
    if(isset($_REQUEST['delete'])) 
        if($logged && $account_logged->getPageAccess() >= $add_character_page_access) 
        { 
            $SQL->query('DELETE FROM `characters_auctions` WHERE `id` = ' . (int) $_REQUEST['delete']); 
            $main_content .= $errorFormStart . 'Auction ' . (int) $_REQUEST['delete'] . ' should be deleted.' . $errorFormEnd; 
        } 
        else 
            $main_content .= $errorFormStart . 'You can not delete. You do not have access.' . $errorFormEnd; 
    $main_content .= '<div class="bigText" style="text-align: center">Characters Auctions</div>'; 
    $main_content .= '<div class="normalText">With this system you can buy un-used (inactive) characters by auctioning for them. When you bid on a character it will automatically take premium points from your account. If someone out-bids you, you will get those premium points added back to your account. If the auction time is under 2 minutes when someone bids, 1 minute will automatically be added to the auction time to give time for a re-bid from the previous bidder. If you choose to "buy now" you will get the character within 1 minute.</div>'; 
    $main_content .= '<table class="tableFonts"><tr class="tableHead" style="font-size: 28px;text-align: center"><td>Time left</td><td>Char info</td><td>Buy now</td><td>Highest bid</td></tr>'; 
    foreach($SQL->query('SELECT * FROM `characters_auctions` WHERE `finish_time` > ' . time())->fetchAll() as $auctionInfo)
    { 
        $auctionChar = new OTS_Player(); 
        $auctionChar->load($auctionInfo['char_id']); 
        if($auctionChar->isLoaded()) 
            $main_content .= '<tr class="tableRow' . ($row++ % 2) . '" style="font-size: 16px;text-align: center" onclick="window.location = \'?subtopic=sellchar&action=show&id=' . $auctionInfo['id'] . '\'"><td><div id="timer_' . $auctionInfo['id'] . '">' . time_left($auctionInfo['finish_time'] - time()) . '</div></td><td>' . $auctionChar->getLevel() . ' ' . $vocation_name[$auctionChar->getWorld()][$auctionChar->getPromotion()][$auctionChar->getVocation()] . '</td><td>' . $auctionInfo['buy_now'] . ' pp</td><td>' . $auctionInfo['bid'] . ' pp</td></tr>'; 
        $timers['timer_' . $auctionInfo['id']] = $auctionInfo['finish_time'] - time(); 
    } 
    $main_content .= '</table><br /><div class="normalText">Press on auction to get more informations.</div>'; 
    $main_content .= '<script type="text/javascript">'; 
    if(isset($timers))
        foreach($timers as $timer_id => $time_left) 
            $main_content .= 'countdown(' . $time_left . ', \'' . $timer_id . '\');'; 
    $main_content .= '</script>'; 
} 
$main_content .= '<br /><br />'; 
?>
 
when im click "ADMIN PANEL: >ADD AUCTION<" Its comes "Invalid subtopic. Can't load page". :S
 
Fatal error: Call to undefined method OTS_Account::getPremiumPoints() in C:\xampp\htdocs\sellchar.php on line 354
 
Fatal error: Call to undefined method OTS_Account::getPremiumPoints() in C:\xampp\htdocs\sellchar.php on line 354
In your C:\xampp\htdocs\pot\OTS_Account.php file paste (it's updated version of class):
PHP:
<?php

/**#@+
 * @version 0.0.1
 */

/**
 * @package POT
 * @version 0.1.5
 * @author Wrzasq <[email protected]>
 * @copyright 2007 - 2008 (C) by Wrzasq
 * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU Lesser General Public License, Version 3
 */

/**
 * OTServ account abstraction.
 * 
 * @package POT
 * @version 0.1.5
 * @property string $name Account name.
 * @property string $password Password.
 * @property string $eMail Email address.
 * @property int $premiumEnd Timestamp of PACC end.
 * @property bool $blocked Blocked flag state.
 * @property bool $deleted Deleted flag state.
 * @property bool $warned Warned flag state.
 * @property bool $banned Ban state.
 * @property-read int $id Account number.
 * @property-read bool $loaded Loaded state.
 * @property-read OTS_Players_List $playersList Characters of this account.
 * @property-read int $access Access level.
 * @tutorial POT/Accounts.pkg
 */
class OTS_Account extends OTS_Row_DAO implements IteratorAggregate, Countable
{
/**
 * Account data.
 * 
 * @var array
 * @version 0.1.5
 */
    private $data = array('email' => '', 'key' => '', 'premium_points' => 0, 'blocked' => false, 'warned' => false, 'rlname' => '', 'location' => '', 'page_access' => 0, 'lastday' => 0, 'premdays' => 0, 'created' => 0);

/**
 * Creates new account.
 * 
 * <p>
 * This method creates new account with given name. Account number is generated automaticly and saved into {@link OTS_Account::getId() ID field}.
 * </p>
 * 
 * <p>
 * If you won't specify account name then random one will be generated.
 * </p>
 * 
 * <p>
 * If you use own account name then it will be returned after success, and exception will be generated if it will be alredy used as name will be simply used in query with account create attempt.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @param string $name Account name.
 * @return string Account name.
 * @throws PDOException On PDO operation error.
 * @example examples/create.php create.php
 * @tutorial POT/Accounts.pkg#create
 */
    public function createNamed($name = null)
    {
        // if name is not passed then it will be generated randomly
        if( !isset($name) )
        {
            $exist = array();

            // reads already existing names
            foreach( $this->db->query('SELECT ' . $this->db->fieldName('name') . ' FROM ' . $this->db->tableName('accounts') )->fetchAll() as $account)
            {
                $exist[] = $account['name'];
            }

            // initial name
            $name = uniqid();

            // repeats until name is unique
            while( in_array($name, $exist) )
            {
                $name .= '_';
            }
        }

        // saves blank account info
        $this->db->query('INSERT INTO ' . $this->db->tableName('accounts') . ' (' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('password') . ', ' . $this->db->fieldName('email') . ') VALUES (' . $this->db->quote($name) . ', \'\', \'\')');

        // reads created account's ID
        $this->data['id'] = $this->db->lastInsertId();

        // return name of newly created account
        return $name;
    }

/**
 * Creates new account.
 * 
 * <p>
 * Create new account in given range (1 - 9999999 by default).
 * </p>
 * 
 * <p>
 * Note: If account name won't be speciffied random will be created.
 * </p>
 * 
 * <p>
 * Note: Since 0.0.3 version this method doesn't require buffered queries.
 * </p>
 * 
 * <p>
 * Note: Since 0.1.5 version you should use {@link OTS_Account::createNamed() createNamed() method} since OTServ now uses account names.
 * </p>
 * 
 * <p>
 * Note: Since 0.1.1 version this method throws {@link E_OTS_Generic E_OTS_Generic} exceptions instead of general Exception class objects. Since all exception classes are child classes of Exception class so your old code will still handle all exceptions.
 * </p>
 * 
 * <p>
 * Note: Since 0.1.5 version this method no longer creates account as blocked.
 * </p>
 * 
 * @version 0.1.5
 * @param int $min Minimum number.
 * @param int $max Maximum number.
 * @param string $name Account name.
 * @return int Created account number.
 * @throws E_OTS_Generic When there are no free account numbers.
 * @throws PDOException On PDO operation error.
 * @deprecated 0.1.5 Use createNamed().
 */
    public function create($min = 1, $max = 9999999, $name = null)
    {
        // generates random account number
        $random = rand($min, $max);
        $number = $random;
        $exist = array();

        // if name is not passed then it will be generated randomly
        if( !isset($name) )
        {
            // reads already existing names
            foreach( $this->db->query('SELECT ' . $this->db->fieldName('name') . ' FROM ' . $this->db->tableName('accounts') )->fetchAll() as $account)
            {
                $exist[] = $account['name'];
            }

            // initial name
            $name = uniqid();

            // repeats until name is unique
            while( in_array($name, $exist) )
            {
                $name .= '_';
            }

            // resets array for account numbers loop
            $exist = array();
        }

        // reads already existing accounts
        foreach( $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') )->fetchAll() as $account)
        {
            $exist[] = $account['id'];
        }

        // finds unused number
        while(true)
        {
            // unused - found
            if( !in_array($number, $exist) )
            {
                break;
            }

            // used - next one
            $number++;

            // we need to re-set
            if($number > $max)
            {
                $number = $min;
            }

            // we checked all possibilities
            if($number == $random)
            {
                throw new E_OTS_Generic(E_OTS_Generic::CREATE_ACCOUNT_IMPOSSIBLE);
            }
        }

        // saves blank account info
        $this->data['id'] = $number;

        $this->db->query('INSERT INTO ' . $this->db->tableName('accounts') . ' (' . $this->db->fieldName('id') . ', ' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('password') . ', ' . $this->db->fieldName('email') . ') VALUES (' . $number . ', ' . $this->db->quote($name) . ', \'\', \'\')');

        return $number;
    }

/**
 * @version 0.0.6
 * @since 0.0.4
 * @param OTS_Group $group Group to be assigned to account.
 * @param int $min Minimum number.
 * @param int $max Maximum number.
 * @return int Created account number.
 * @deprecated 0.0.6 There is no more group_id field in database, use create().
 */
    public function createEx(OTS_Group $group, $min = 1, $max = 9999999)
    {
        return $this->create($min, $max);
    }

/**
 * Loads account with given number.
 * 
 * @version 0.0.6
 * @param int $id Account number.
 * @throws PDOException On PDO operation error.
 */
    public function load($id)
    {
        // SELECT query on database
       $this->data = $this->db->query('SELECT ' . $this->db->fieldName('id') . ', ' . $this->db->fieldName('name') . ', ' . $this->db->fieldName('password') . ', ' . $this->db->fieldName('email') . ', ' . $this->db->fieldName('blocked') . ', ' . $this->db->fieldName('rlname') . ', ' . $this->db->fieldName('location') . ', ' . $this->db->fieldName('key') . ', ' . $this->db->fieldName('premium_points') . ', ' . $this->db->fieldName('page_access') . ', ' . $this->db->fieldName('premdays') . ', ' . $this->db->fieldName('lastday') . ',  ' . $this->db->fieldName('created') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('id') . ' = ' . (int) $id)->fetch();
    }

/**
 * Loads account by it's name.
 * 
 * <p>
 * Note: Since 0.1.5 version this method loads account by it's name not by e-mail address. To find account by it's e-mail address use {@link OTS_Account::findByEMail() findByEMail() method}.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.0.2
 * @param string $name Account's name.
 * @throws PDOException On PDO operation error.
 */
    public function find($name)
    {
        // finds player's ID
        $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('name') . ' = ' . $this->db->quote($name) )->fetch();

        // if anything was found
        if( isset($id['id']) )
        {
            $this->load($id['id']);
        }
    }

/**
 * Loads account by it's e-mail address.
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @param string $email Account's e-mail address.
 * @throws PDOException On PDO operation error.
 */
    public function findByEMail($email)
    {
        // finds player's ID
        $id = $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('email') . ' = ' . $this->db->quote($email) )->fetch();

        // if anything was found
        if( isset($id['id']) )
        {
            $this->load($id['id']);
        }
    }

/**
 * Checks if object is loaded.
 * 
 * @return bool Load state.
 */
    public function isLoaded()
    {
        return isset($this->data['id']);
    }

/**
 * Updates account in database.
 * 
 * <p>
 * Unlike other DAO objects account can't be saved without ID being set. It means that you can't just save unexisting account to automaticly create it. First you have to create record by using {@link OTS_Account::createName() createNamed() method}
 * </p>
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded exception} instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.1.5
 * @throws E_OTS_NotLoaded If account doesn't have ID assigned.
 * @throws PDOException On PDO operation error.
 */
    public function save()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        // UPDATE query on database
        $this->db->query('UPDATE ' . $this->db->tableName('accounts') . ' SET ' . $this->db->fieldName('password') . ' = ' . $this->db->quote($this->data['password']) . ', ' . $this->db->fieldName('email') . ' = ' . $this->db->quote($this->data['email']) . ', ' . $this->db->fieldName('rlname') . ' = ' . $this->db->quote($this->data['rlname']) . ', ' . $this->db->fieldName('premium_points') . ' = ' . $this->db->quote($this->data['premium_points']) . ', ' . $this->db->fieldName('key') . ' = ' . $this->db->quote($this->data['key']) . ', ' . $this->db->fieldName('location') . ' = ' . $this->db->quote($this->data['location']) . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
    }

/**
 * Account number.
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded} exception instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.0.3
 * @return int Account number.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function getId()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['id'];
    }
	
/**
 * Other Account Information.
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded} exception instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.0.3
 * @return int Account Information.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
 
	public function getRLName()
    {
        if( !isset($this->data['rlname']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['rlname'];
    }
	
    public function getLocation()
    {
        if( !isset($this->data['location']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['location'];
    }
	
    public function getPageAccess()
    {
        if( !isset($this->data['page_access']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['page_access'];
    }
	
    public function getPremDays()
    {
        if( !isset($this->data['premdays']) || !isset($this->data['lastday']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday']));
    }
	
    public function getLastLogin()
    {
        if( !isset($this->data['lastday']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['lastday'];
    }
	
    public function isPremium()
    {
        return ($this->data['premdays'] - (date("z", time()) + (365 * (date("Y", time()) - date("Y", $this->data['lastday']))) - date("z", $this->data['lastday'])) > 0);
    }

    public function getCreated()
    {
        if( !isset($this->data['created']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['created'];
    }

	public function getRecoveryKey()
    {
        if( !isset($this->data['key']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['key'];
    }
	public function getPremiumPoints()
    {
        if( !isset($this->data['premium_points']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['premium_points'];
    }

    public function setRLName($rlname)
    {
        $this->data['rlname'] = (string) $rlname;
    }
	
    public function setLocation($loc)
    {
        $this->data['location'] = (string) $loc;
    }
	
    public function setRecoveryKey($rec_key)
    {
        $this->data['key'] = (string) $rec_key;
    }
	
    public function setPremiumPoints($premium_points)
    {
        $this->data['premium_points'] = (string) $premium_points;
    }

/**
 * @version 0.1.0
 * @since 0.0.4
 * @return OTS_Group Group of which current account is member (currently random group).
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @deprecated 0.0.6 There is no more group_id field in database.
 */
    public function getGroup()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        // loads default group
        $groups = new OTS_Groups_List();
        $groups->rewind();
        return $groups->current();
    }

/**
 * Name.
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @return string Name.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function getName()
    {
        if( !isset($this->data['name']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['name'];
    }

/**
 * Sets account's name.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @param string $name Account name.
 */
    public function setName($name)
    {
        $this->data['name'] = (string) $name;
    }

/**
 * Account's password.
 * 
 * <p>
 * Doesn't matter what password hashing mechanism is used by OTServ - this method will just return RAW database content. It is not possible to "decrypt" hashed strings, so it even wouldn't be possible to return real password string.
 * </p>
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded} exception instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.0.3
 * @return string Password.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function getPassword()
    {
        if( !isset($this->data['password']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['password'];
    }

/**
 * Sets account's password.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * <p>
 * Remember that this method just sets database field's content. It doesn't apply any hashing/encryption so if OTServ uses hashing for passwords you have to apply it by yourself before passing string to this method.
 * </p>
 * 
 * @param string $password Password.
 */
    public function setPassword($password)
    {
        $this->data['password'] = (string) $password;
    }

/**
 * E-mail address.
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded} exception instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.0.3
 * @return string E-mail.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function getEMail()
    {
        if( !isset($this->data['email']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['email'];
    }

/**
 * Sets account's email.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @param string $email E-mail address.
 */
    public function setEMail($email)
    {
        $this->data['email'] = (string) $email;
    }


/**
 * Checks if account is blocked.
 * 
 * <p>
 * Note: Since 0.0.3 version this method throws {@link E_OTS_NotLoaded E_OTS_NotLoaded} exception instead of triggering E_USER_WARNING.
 * </p>
 * 
 * @version 0.0.3
 * @return bool Blocked state.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function isBlocked()
    {
        if( !isset($this->data['blocked']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['blocked'];
    }

/**
 * Unblocks account.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 */
    public function unblock()
    {
        $this->data['blocked'] = false;
    }

/**
 * Blocks account.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 */
    public function block()
    {
        $this->data['blocked'] = true;
    }

/**
 * Checks if account is deleted (by flag setting).
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @return bool Flag state.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function isDeleted()
    {
        if( !isset($this->data['deleted']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['blocked'];
    }

/**
 * Unsets account's deleted flag.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 */
    public function unsetDeleted()
    {
        $this->data['deleted'] = false;
    }

/**
 * Deletes account (only by setting flag state, not physicly).
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 */
    public function setDeleted()
    {
        $this->data['deleted'] = true;
    }

/**
 * Checks if account is warned.
 * 
 * @version 0.1.5
 * @since 0.1.5
 * @return bool Flag state.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function isWarned()
    {
        if( !isset($this->data['warned']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return $this->data['warned'];
    }

/**
 * Unwarns account.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 */
    public function unwarn()
    {
        $this->data['warned'] = false;
    }

/**
 * Warns account.
 * 
 * <p>
 * This method only updates object state. To save changes in database you need to use {@link OTS_Account::save() save() method} to flush changed to database.
 * </p>
 * 
 * @version 0.1.5
 * @since 0.1.5
 */
    public function warn()
    {
        $this->data['warned'] = true;
    }

/**
 * @version 0.0.4
 * @return int PACC days.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @deprecated 0.0.3 There is no more premdays field in accounts table.
 */
    public function getPACCDays()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        return 0;
    }

/**
 * @version 0.0.4
 * @param int $pacc PACC days.
 * @deprecated 0.0.3 There is no more premdays field in accounts table.
 */
    public function setPACCDays($premdays)
    {
    }

/**
 * Reads custom field.
 * 
 * <p>
 * Reads field by it's name. Can read any field of given record that exists in database.
 * </p>
 * 
 * <p>
 * Note: You should use this method only for fields that are not provided in standard setters/getters (SVN fields). This method runs SQL query each time you call it so it highly overloads used resources.
 * </p>
 * 
 * @version 0.0.5
 * @since 0.0.3
 * @param string $field Field name.
 * @return string Field value.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws PDOException On PDO operation error.
 */
    public function getCustomField($field)
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        $value = $this->db->query('SELECT ' . $this->db->fieldName($field) . ' FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id'])->fetch();
        return $value[$field];
    }

/**
 * Writes custom field.
 * 
 * <p>
 * Write field by it's name. Can write any field of given record that exists in database.
 * </p>
 * 
 * <p>
 * Note: You should use this method only for fields that are not provided in standard setters/getters (SVN fields). This method runs SQL query each time you call it so it highly overloads used resources.
 * </p>
 * 
 * <p>
 * Note: Make sure that you pass $value argument of correct type. This method determinates whether to quote field name. It is safe - it makes you sure that no unproper queries that could lead to SQL injection will be executed, but it can make your code working wrong way. For example: $object->setCustomField('foo', '1'); will quote 1 as as string ('1') instead of passing it as a integer.
 * </p>
 * 
 * @version 0.0.5
 * @since 0.0.3
 * @param string $field Field name.
 * @param mixed $value Field value.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws PDOException On PDO operation error.
 */
    public function setCustomField($field, $value)
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        // quotes value for SQL query
        if(!( is_int($value) || is_float($value) ))
        {
            $value = $this->db->quote($value);
        }

        $this->db->query('UPDATE ' . $this->db->tableName('accounts') . ' SET ' . $this->db->fieldName($field) . ' = ' . $value . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);
    }

/**
 * @version 0.1.0
 * @return array Array of OTS_Player objects from given account.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @deprecated 0.0.5 Use getPlayersList().
 */
    public function getPlayers()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        $players = array();

        foreach( $this->db->query('SELECT ' . $this->db->fieldName('id') . ' FROM ' . $this->db->tableName('players') . ' WHERE ' . $this->db->fieldName('account_id') . ' = ' . $this->data['id'])->fetchAll() as $player)
        {
            // creates new object
            $object = new OTS_Player();
            $object->load($player['id']);
            $players[] = $object;
        }

        return $players;
    }

/**
 * List of characters on account.
 * 
 * <p>
 * In difference to {@link OTS_Account::getPlayers() getPlayers() method} this method returns filtered {@link OTS_Players_List OTS_Players_List} object instead of array of {@link OTS_Player OTS_Player} objects. It is more effective since OTS_Player_List doesn't perform all rows loading at once.
 * </p>
 * 
 * <p>
 * Note: Returned object is only prepared, but not initialised. When using as parameter in foreach loop it doesn't matter since it will return it's iterator, but if you will wan't to execute direct operation on that object you will need to call {@link OTS_Base_List::rewind() rewind() method} first.
 * </p>
 * 
 * @version 0.1.4
 * @since 0.0.5
 * @return OTS_Players_List List of players from current account.
 * @throws E_OTS_NotLoaded If account is not loaded.
 */
    public function getPlayersList()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        // creates filter
        $filter = new OTS_SQLFilter();
        $filter->compareField('account_id', (int) $this->data['id']);

        // creates list object
        $list = new OTS_Players_List();
        $list->setFilter($filter);

        return $list;
    }

/**
 * @version 0.1.5
 * @since 0.0.5
 * @param int $time Time for time until expires (0 - forever).
 * @throws PDOException On PDO operation error.
 * @deprecated 0.1.5 Use OTS_AccountBan class.
 */
    public function ban($time = 0)
    {
        // can't ban nothing
        if( !$this->isLoaded() )
        {
            throw new E_OTS_NotLoaded();
        }

        // creates ban entry
        $ban = new OTS_AccountBan();
        $ban->setValue($this->data['id']);
        $ban->setExpires($time);
        $ban->setAdded( time() );
        $ban->activate();
        $ban->save();
    }

/**
 * @version 0.1.5
 * @since 0.0.5
 * @throws PDOException On PDO operation error.
 * @deprecated 0.1.5 Use OTS_AccountBan class.
 */
    public function unban()
    {
        // can't unban nothing
        if( !$this->isLoaded() )
        {
            throw new E_OTS_NotLoaded();
        }

        // deletes ban entry
        $ban = new OTS_AccountBan();
        $ban->find($this->data['id']);
        $ban->delete();
    }

/**
 * @version 0.1.5
 * @since 0.0.5
 * @return bool True if account is banned, false otherwise.
 * @throws PDOException On PDO operation error.
 * @deprecated 0.1.5 Use OTS_AccountBan class.
 */
    public function isBanned()
    {
        // nothing can't be banned
        if( !$this->isLoaded() )
        {
            throw new E_OTS_NotLoaded();
        }

        // finds ban entry
        $ban = new OTS_AccountBan();
        $ban->find($this->data['id']);
        return $ban->isLoaded() && $ban->isActive() && ( $ban->getExpires() == 0 || $ban->getExpires() > time() );
    }

/**
 * Deletes account.
 * 
 * <p>
 * This method physicly deletes account from database! To set <i>deleted</i> flag use {@link OTS_Account::setDeleted() setDeleted() method}.
 * </p>
 * 
 * @version 0.0.5
 * @since 0.0.5
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws PDOException On PDO operation error.
 */
    public function delete()
    {
        if( !isset($this->data['id']) )
        {
            throw new E_OTS_NotLoaded();
        }

        // deletes row from database
        $this->db->query('DELETE FROM ' . $this->db->tableName('accounts') . ' WHERE ' . $this->db->fieldName('id') . ' = ' . $this->data['id']);

        // resets object handle
        unset($this->data['id']);
    }

/**
 * Checks highest access level of account.
 * 
 * @return int Access level (highest access level of all characters).
 * @throws PDOException On PDO operation error.
 */
    public function getAccess()
    {
        // by default
        $access = 0;

        // finds groups of all characters
        foreach( $this->getPlayersList() as $player)
        {
            $group = $player->getGroup();

            // checks if group's access level is higher then previouls found highest
            if( $group->getAccess() > $access)
            {
                $access = $group->getAccess();
            }
        }

        return $access;
    }

/**
 * Checks highest access level of account in given guild.
 * 
 * @param OTS_Guild $guild Guild in which access should be checked.
 * @return int Access level (highest access level of all characters).
 * @throws PDOException On PDO operation error.
 */
    public function getGuildAccess(OTS_Guild $guild)
    {
        // by default
        $access = 0;

        // finds ranks of all characters
        foreach( $this->getPlayersList() as $player)
        {
            $rank = $player->getRank();

            // checks if rank's access level is higher then previouls found highest
            if( isset($rank) && $rank->getGuild()->getId() == $guild->getId() && $rank->getLevel() > $access)
            {
                $access = $rank->getLevel();
            }
        }

        return $access;
    }

/**
 * Returns players iterator.
 * 
 * <p>
 * There is no need to implement entire Iterator interface since we have {@link OTS_Players_List players list class} for it.
 * </p>
 * 
 * @version 0.0.5
 * @since 0.0.5
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws PDOException On PDO operation error.
 * @return Iterator List of players.
 */
    public function getIterator()
    {
        return $this->getPlayersList();
    }

/**
 * Returns number of player within.
 * 
 * @version 0.0.5
 * @since 0.0.5
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws PDOException On PDO operation error.
 * @return int Count of players.
 */
    public function count()
    {
        return $this->getPlayersList()->count();
    }

/**
 * Magic PHP5 method.
 * 
 * @version 0.1.5
 * @since 0.1.0
 * @param string $name Property name.
 * @return mixed Property value.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws OutOfBoundsException For non-supported properties.
 * @throws PDOException On PDO operation error.
 */
    public function __get($name)
    {
        switch($name)
        {
            case 'id':
                return $this->getId();

            case 'name':
                return $this->getName();

            case 'password':
                return $this->getPassword();

            case 'eMail':
                return $this->getEMail();

            case 'premiumEnd':
                return $this->getPremiumEnd();

            case 'loaded':
                return $this->isLoaded();

            case 'playersList':
                return $this->getPlayersList();

            case 'blocked':
                return $this->isBlocked();

            case 'deleted':
                return $this->isDeleted();

            case 'warned':
                return $this->isWarned();

            case 'banned':
                return $this->isBanned();

            case 'access':
                return $this->getAccess();

            default:
                throw new OutOfBoundsException();
        }
    }

/**
 * Magic PHP5 method.
 * 
 * @version 0.1.5
 * @since 0.1.0
 * @param string $name Property name.
 * @param mixed $value Property value.
 * @throws E_OTS_NotLoaded If account is not loaded.
 * @throws OutOfBoundsException For non-supported properties.
 * @throws PDOException On PDO operation error.
 */
    public function __set($name, $value)
    {
        switch($name)
        {
            case 'name':
                $this->setName($name);
                break;

            case 'password':
                $this->setPassword($value);
                break;

            case 'eMail':
                $this->setEMail($value);
                break;

            case 'premiumEnd':
                $this->setPremiumEnd($value);
                break;

            case 'blocked':
                if($value)
                {
                    $this->block();
                }
                else
                {
                    $this->unblock();
                }
                break;

            case 'deleted':
                if($value)
                {
                    $this->setDeleted();
                }
                else
                {
                    $this->unsetDeleted();
                }
                break;

            case 'warned':
                if($value)
                {
                    $this->warn();
                }
                else
                {
                    $this->unwarn();
                }
                break;

            case 'banned':
                if($value)
                {
                    $this->ban();
                }
                else
                {
                    $this->unban();
                }
                break;

            default:
                throw new OutOfBoundsException();
        }
    }

/**
 * Returns string representation of object.
 * 
 * <p>
 * If any display driver is currently loaded then it uses it's method. Otherwise just returns account number.
 * </p>
 * 
 * @version 0.1.3
 * @since 0.1.0
 * @return string String representation of object.
 */
    public function __toString()
    {
        $ots = POT::getInstance();

        // checks if display driver is loaded
        if( $ots->isDisplayDriverLoaded() )
        {
            return $ots->getDisplayDriver()->displayAccount($this);
        }

        return $this->getId();
    }
}

/**#@-*/

?>
 
Cant this be abused?
I read it few times and did not find any bug that allow player to abuse script.

Only admin can make new auctions and set number of points needed.

Script check player decisions in JavaScript to make it looks nice :) and of course PHP to block modified POST/GET data ^_^
 
The script is dope, I just can not get enough, and finally I hit him on my server! Great another plus for you!
 
Fatal error: Call to a member function query() on a non-object in C:\xampp\htdocs\charauctions.php on line 209

>.<
anyone can tell me what is that?
 

Similar threads

Back
Top