Файл: pay/sms_f1.php
Строк: 24
<?php
include("../includes/config.php");
$sms = $_POST['sms'];
$ex = explode("+",$sms);
$siunciamas_id = $ex[1];
$ssk = strlen($siunciamas_id) - 1;
$srv = $siunciamas_id[$ssk];
$vartotojo_id = "";
for($io = 0; $io < $ssk; $io ++) {
$vartotojo_id .= $siunciamas_id[$io];
}
if($_POST['status'] == 1) {
$sms_query = mysql_query("SELECT * FROM pirkimai WHERE sms_id='".$_POST['sms_id']."'");
if(mysql_num_rows($sms_query) != false) {
$sms_fetch = mysql_fetch_array($sms_query);
if($sms_fetch['server'] == 2) {
mysql_select_db("xwar2");
}
elseif($sms_fetch['server'] == 3) {
mysql_select_db("xwar3");
}
mysql_query("UPDATE vartotojai SET auksas=auksas+".$sms_fetch['auksas']." WHERE id='".$sms_fetch['nick_id']."'");
mysql_select_db("xwar");
mysql_query("DELETE FROM pirkimai WHERE id='".$sms_fetch['id']."'");
}
exit();
}
if($srv == 2) {
mysql_select_db("xwar2");
}
elseif($srv == 3) {
mysql_select_db("xwar3");
}
$query = mysql_query("SELECT * FROM vartotojai WHERE id='$vartotojo_id'");
if(mysql_num_rows($query) != false) {
$fetch = mysql_fetch_array($query);
if($ex[0] == "9157603") {
if($_POST['num'] == 7375) {
$auksas = 60;
}
elseif($_POST['num'] == 9395) {
$auksas = 180;
}
elseif($_POST['num'] == 2325) {
$auksas = 80;
}
else
{
$auksas = 400;
}
}
elseif($ex[0] == "3FF 9157603") {
$auksas = 200;
}
elseif($ex[0] == "2187603") {
if($_POST['num'] == 8055) {
$auksas = 80;
}
else
{
$auksas = 400;
}
}
else
{
if($_POST['num'] == 7204) {
$auksas = 80;
}
else
{
$auksas = 400;
}
}
mysql_select_db("xwar");
mysql_query("INSERT INTO pirkimai SET sms_id='".$_POST['sms_id']."',nick_id='$vartotojo_id',auksas='$auksas',server='$srv'");
echo "sms_id:".$_POST['sms_id']."n";
echo "response:Вы успешно купили $auksas золотых.n";
echo "error:0";
}
else
{
echo "sms_id:".$_POST['sms_id']."n";
echo "response:Текст написан неправильно.n";
echo "error:1";
}
?>