• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • If you're using Gesior 2012 or MyAAC, please review this thread for information about a serious security vulnerability and a fix.

[Gesior2012] Redeem a coupon system

raf

Active Member
Joined
Jan 10, 2011
Messages
260
Reaction score
37
Location
Warsaw, PL
This is remake of [Znote AAC] Redeem a coupon system by @Cornex

Works with Gesior2012, style it however you want.

MySQL query:
PHP:
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @[email protected]@CHARACTER_SET_CLIENT */;
/*!40101 SET @[email protected]@CHARACTER_SET_RESULTS */;
/*!40101 SET @[email protected]@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
CREATE TABLE IF NOT EXISTS `__cornex_redeem` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `points` int(11) NOT NULL,
  `used_by` int(11) NOT NULL DEFAULT '0',
  `time` int(11) NOT NULL,
  `code` varchar(100) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
/*!40101 SET [email protected]_CHARACTER_SET_CLIENT */;
/*!40101 SET [email protected]_CHARACTER_SET_RESULTS */;
/*!40101 SET [email protected]_COLLATION_CONNECTION */;

Create 2 files inside of pages/ directory:
  1. admincoupon.php
  2. redeem.php

Open admincoupon.php and paste in there this code:
PHP:
<?php
if(!defined('INITIALIZED'))
    exit;

if($group_id_of_acc_logged >= $config['site']['access_admin_panel']){
    function serialKey()
    {
        $chars = array_merge(range(0, 9), range('A', 'Z'));
        $serial = '';
        $max = count($chars)-1;
        for($i=0;$i<20;$i++){
            $serial .= (!($i % 5) && $i ? '-' : '').$chars[rand(0, $max)];
        }
        return $serial;
    }

    if (isset($_POST['points'])) {

        $error = false;
        $points = $_POST['points'];

        if (empty($points)) {
            $error[] = "<font color='red'>Field cannot be empty</font>";
        }

        if (!is_numeric($points)) {
            $error[] = "<font color='red'>Must be a number value</font>";
        }

        if (!empty($error)) {

            foreach ($error as $err) {
                $main_content .=''.$err.'<br>';
            }

        }


        if (empty($error)) {
            // Success
            $key = serialKey();
            $SQL->query('INSERT INTO `__cornex_redeem` (`code`, `points`, `used_by`, `time`, `ip`) VALUES ('.$SQL->quote($key).','.$points.', 0, 0, 0)');
            echo '<p><b>Key generated</b><font color="red">: '.$key.'</font></p>';
        }

    }

$main_content .= '
<form class="ui form" action="" method="POST">

    <div class="six wide field">
    <label>Points</label>
    <input type="text" name="points" placeholder="Amount of points for this code">
  </div>
    <input class="ui submit button" type="submit" value="Create code">

</form>';
} else {
    $main_content .= '
<div class="ui warning message">
  <div class="header">
    You dont have permission to do that!
  </div>
</div>
    ';
}
Save the file.


Open redeem.php and paste in there this code:
PHP:
<?php
if(!defined('INITIALIZED'))
    exit;
if($logged){
  if(isset($_POST['code'])) {

    $code =  $SQL->quote($_POST['code']);
    $query = $SQL->query('SELECT * FROM `__cornex_redeem` WHERE `code` = '.$code.' LIMIT 1;');



    // Key exist in database
    if ($query->rowCount() >= 1) {
      // $query = $query[0];
      $result = $query->fetchAll(PDO::FETCH_ASSOC)[0];

      if ($result['used_by'] > 0) {
        $error[] = 'Key has already been used';
      }

      if (!empty($error)) {

        foreach ($error as $err) {
          echo $err.'<br>';
        }

      }


      if (empty($error)) {
        $time = time();
        $code = $result['code'];
        $points = $result['points'];
        $querys = sprintf('UPDATE `__cornex_redeem` SET `time`='.time().', `used_by`='.$account_logged->getId().' WHERE `code`="'.$result['code'].'" ');
        $SQL->query($querys);
        $account_logged->setPremiumPoints($account_logged->getPremiumPoints() + $points);
        $account_logged->save();

        echo 'Amount of '.$points.' points has been added to your account!';
      }

    } else {
      echo 'Key is not valid';
    }

  }
$accid = $account_logged->getID();
$main_content .= '
<form action="" method="POST">

    <input type="text" name="code">
    <input type="submit" value="Redeem">

</form>';
} else {
    $main_content .= '
<div class="ui warning message">
  <div class="header">
    You dont have permission to do that!
  </div>
</div>
    ';
}
Save the file.


Open layouts/tibiarl/layout.php
And add your link as follows - this is link for admins to generate coupons.

PHP:
<?PHP if($group_id_of_acc_logged >= $config['site']['access_admin_panel']){ ?>
           <a href="?subtopic=admincoupon">
              <div id="submenu_admincoupon" class="Submenuitem" onmouseover="MouseOverSubmenuItem(this)" onmouseout="MouseOutSubmenuItem(this)">
                <div class="LeftChain" style="background-image:url(<?PHP echo $layout_name; ?>/images/general/chain.gif);"></div>
                <div id="ActiveSubmenuItemIcon_admincoupon" class="ActiveSubmenuItemIcon" style="background-image:url(<?PHP echo $layout_name; ?>/images/menu/icon-activesubmenu.gif);"></div>
                <div id="ActiveSubmenuItemLabel_admincoupon" class="SubmenuitemLabel">Coupons</div>
                <div class="RightChain" style="background-image:url(<?PHP echo $layout_name; ?>/images/general/chain.gif);"></div>
              </div>
            </a>
<?php } ?>


Redeem for players.
PHP:
           <a href="?subtopic=redeem">
              <div id="submenu_redeem" class="Submenuitem" onmouseover="MouseOverSubmenuItem(this)" onmouseout="MouseOutSubmenuItem(this)">
                <div class="LeftChain" style="background-image:url(<?PHP echo $layout_name; ?>/images/general/chain.gif);"></div>
                <div id="ActiveSubmenuItemIcon_redeem" class="ActiveSubmenuItemIcon" style="background-image:url(<?PHP echo $layout_name; ?>/images/menu/icon-activesubmenu.gif);"></div>
                <div id="ActiveSubmenuItemLabel_redeem" class="SubmenuitemLabel">Redeem a coupon</div>
                <div class="RightChain" style="background-image:url(<?PHP echo $layout_name; ?>/images/general/chain.gif);"></div>
              </div>
            </a>


Special thanks to @Cornex for help & support and of course for the original code :)


--TODO
  • Admin
    • pagination
    • showing coupons used
    • showing coupons unused
    • deleting coupons
    • <give me your ideas>
  • User
    • <give me your ideas>
 
Last edited:

StreamSide

Joseluis Gonzalez
Support Team
Joined
Aug 31, 2007
Messages
3,579
Solutions
51
Reaction score
1,189
Location
Arica - Chile
sql query should be
Code:
CREATE TABLE IF NOT EXISTS `__cornex_redeem` (
`id` int(11) NOT NULL,
  `points` int(11) NOT NULL,
  `used_by` int(11) NOT NULL DEFAULT '0',
  `time` int(11) NOT NULL,
  `ip` int(11) NOT NULL,
  `code` varchar(100) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE `__cornex_redeem`
ADD PRIMARY KEY (`id`);

ALTER TABLE `__cornex_redeem`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
also fancy way
Ky8aUIl.jpg


Code:
$main_content .= '
<form class="ui form" action="" method="POST">

    <div class="six wide field">
    <label>Points</label>
    <input type="text" name="points" placeholder="Amount of points for this code">
  </div>
    <input class="ui submit button" type="submit" value="Create code">

</form>';

to
Code:
$main_content .= '
<BR>
<FORM ACTION="" METHOD="POST">
<TABLE WIDTH=100% BORDER=0 CELLSPACING=1 CELLPADDING=4>
<TR>
<TD BGCOLOR="'.$config['site']['vdarkborder'].'" CLASS=white><B>Redeem Coupon</B></TD>
</TR>
<TR>
<TD BGCOLOR="'.$config['site']['darkborder'].'">
<TABLE BORDER=0 CELLPADDING=1>
<TR>
<TD>Code:</TD>
<TD><INPUT type="text" name="points" placeholder="Amount of points for this code"></TD>
<TD><INPUT class="" TYPE="image" NAME="Submit" value="Create code" SRC="'.$layout_name.'/images/buttons/sbutton_submit.gif" BORDER=0 WIDTH=120 HEIGHT=18></TD>
</TR>
</TABLE>
</TD></TR></TABLE></FORM>';
 
OP
OP
raf

raf

Active Member
Joined
Jan 10, 2011
Messages
260
Reaction score
37
Location
Warsaw, PL
For me it already looks fancy, i have css framework in use. But thank you tho, for people without any frameworks it might come handy.

Not sure about this sql query, its the same as mine but different - i mean literally everything inside of this query is exactly the same (except we're not using ip row)


I might do the 1 code per IP or account with interval of hours, day or a week. Right now i have to do some stuff then i can get back to work on this :)
 

bury

Member
Joined
Jul 27, 2008
Messages
421
Solutions
7
Reaction score
23
Guys I dont understand this script. When one key is generated and someone uses it, nobody cant use it again...
 
Top