diff options
author | Dominique Martinet <asmadeus@codewreck.org> | 2014-02-18 07:17:34 +0100 |
---|---|---|
committer | Dominique Martinet <asmadeus@codewreck.org> | 2015-11-08 14:27:59 +0100 |
commit | ac6a52503fcbfaefcb97fd3d913015abe9666b7f (patch) | |
tree | f6968725b9edf38be88192d862b920aefbc8a7b8 | |
parent | 8cb5cc771372ddde2affe5eb23f74492b82cb72f (diff) |
additem: account dkp as many time as someone is listed...
-rw-r--r-- | admin/additem.php | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/admin/additem.php b/admin/additem.php index 11380ff..f889330 100644 --- a/admin/additem.php +++ b/admin/additem.php @@ -317,10 +317,16 @@ class Add_Item extends EQdkp_Admin //
// Remove the purchase value from members
//
- $sql = 'UPDATE ' . MEMBERS_TABLE . '
+ foreach( $this->old_item['item_buyers'] as $member_name )
+ {
+ $sql = 'UPDATE ' . MEMBERS_TABLE . '
SET member_spent = member_spent - ' . stripslashes($this->old_item['item_value']) . '
- WHERE member_name IN (\'' . implode("', '", $this->old_item['item_buyers']) . '\')';
- $db->query($sql);
+ WHERE member_name = \'' . $member_name . '\'';
+ $db->query($sql);
+ /* $result = mysql_affected_rows();
+ if ($result != 1)
+ print "hmm $member_name not matched?"; */
+ }
}
function add_new_item($group_key)
@@ -345,10 +351,16 @@ class Add_Item extends EQdkp_Admin //
// Add charge to members
//
- $sql = 'UPDATE ' . MEMBERS_TABLE . '
+ foreach( $_POST['item_buyers'] as $member_name )
+ {
+ $sql = 'UPDATE ' . MEMBERS_TABLE . '
SET member_spent = member_spent + ' . $_POST['item_value'] . '
- WHERE member_name IN (\'' . implode("', '", $_POST['item_buyers']) . '\')';
- $db->query($sql);
+ WHERE member_name = \'' . mysql_escape_string($member_name) . '\'';
+ $db->query($sql);
+ /* $result = mysql_affected_rows();
+ if ($result != 1)
+ print "hmm $member_name not matched?"; */
+ }
//
// Add purchase(s) to items table
|