Файл: public_html/adv.php
Строк: 223
<?
require_once('zsecurity.php');
session_start();
require('config.php');
$res=mysql_query("select count(id) as kolvo from tb_ads where vip='1'");
$res=mysql_fetch_array($res);
$vipmest1=$res["kolvo"];
$res=mysql_query("select count(id) as kolvo from tb_advertisers where vip='1'");
$res=mysql_fetch_array($res);
$vipmest2=$res["kolvo"];
$vipmest=$vipmest1+$vipmest2;
$res=mysql_query("select price from tb_config where item='vipcount'");
$res=mysql_Fetch_array($res);
$vipcount=$res["price"];
require('config.php');
$sql="select price from tb_config where item='hits'";
$res=mysql_query($sql);
$dyn=mysql_result($res,0,0);
$sql="select price from tb_config where item='hldyn'";
$res=mysql_query($sql);
$hldyn=mysql_result($res,0,0);
$sql="select price from tb_config where item='timer5'";
$res=mysql_query($sql);
$timer5=mysql_result($res,0,0);
$sql="select price from tb_config where item='dopsec'";
$res=mysql_query($sql);
$ds=mysql_result($res,0,0);
$sql="select price from tb_config where item='vipblock'";
$res=mysql_query($sql);
$vipprice=mysql_result($res,0,0);
$sql="select price from tb_config where item='captcha'";
$res=mysql_query($sql);
$captcha=mysql_result($res,0,0);
$res=mysql_query("select purse, valutaname from tb_site where id='1'");
$pv=mysql_fetch_array($res);
$p=$pv["purse"];
$vn=$pv["valutaname"];
mysql_close($con);
if (isset($_POST["wmid"]))
{
if (strtolower($_POST['code'])!= strtolower($_SESSION['texto']))
{
echo "<img src="images/error.png" align="middle"> Неверно введен код с картинки... <br>";
include('footer.php');
exit();
}
function limpiarez($mess)
{
$mess=str_replace(";"," ",$mess);
$mess=str_replace("$"," ",$mess);
$mess=str_replace("'"," ",$mess);
$mess=strip_tags($mess);
return $mess;
}
$wmid=$_POST["wmid"];
if (is_numeric($wmid)!="true")
{
echo "<img src="images/error.png" align="middle"> Введено неверное значение в поле WMID";
include('footer.php');
exit();
}
$plan=limpiarez($_POST["plan"]);
if (is_numeric($plan)!="true" or $plan<=0)
{
echo "<img src="images/error.png" align="middle"> Введено неверное значение в поле 'Количество посещений', оно должно быть числовым!!!";
include('footer.php');
exit();
}
$url1=limpiarez($_POST["url"]);
$description=limpiarez($_POST["description"]);
$highlight=$_POST["highlight"];
if ($highlight!=0 and $highlight!=1)
{
echo "<img src="images/error.png" align="middle"> Ошибка ввода!!!";
include('footer.php');
exit();
}
$timer=$_POST["timer"];
if ($timer<0 or $timer>4)
{
echo "<img src="images/error.png" align="middle"> Ошибка ввода!!!";
include('footer.php');
exit();
}
$timer1=20+$timer*5;
$dopsec=$_POST["dopsec"];
if ($dopsec!=0 and $dopsec!=1 and $dopsec!=2)
{
echo "<img src="images/error.png" align="middle"> Ошибка ввода!!!";
include('footer.php');
exit();
}
$vip=$_POST["vip"];
if ($vip!=0 and $vip!=1)
{
echo "<img src="images/error.png" align="middle"> Ошибка ввода!!!";
include('footer.php');
exit();
}
$url1=htmlspecialchars($url1);
$description=htmlspecialchars($description);
if ($wmid==""){echo "<img src="images/error.png" align="middle"> Указаны не все параметры"; include('footer.php'); exit();}
if ($plan==""){echo "<img src="images/error.png" align="middle"> Указаны не все параметры"; include('footer.php'); exit();}
if ($url1==""){echo "<img src="images/error.png" align="middle"> Указаны не все параметры"; include('footer.php'); exit();}
if ($description==""){echo "<img src="images/error.png" align="middle"> Указаны не все параметры"; include('footer.php'); exit();}
if($vipmest>=$vipcount) $vip='0';
require('config.php');
$sql = "INSERT INTO tb_advertisers (pemail, plan, url, description, highlight, timer, dopsec, vip) VALUES('$wmid','$plan','$url1','$description','$highlight', '$timer1','$dopsec', '$vip')";
mysql_query($sql) or die(mysql_error());
mysql_close($con);
$precio=$dyn*$plan+$timer*$timer5+$vipprice*$vip;
if ($highlight==1) { $precio=$precio+$hldyn; }
if ($dopsec==1) { $precio=$precio+$ds; }
if ($dopsec==2) { $precio=$precio+$captcha; }
echo "<img src="images/ok.png" align="middle"> Ваш заказ принят! Тем не менее, прежде, чем мы одобрим ваш заказ, Вы должны оплатить $precio $vn<br>";
echo "<a href='wmk:payto?Purse=$p&Amount=$precio&Desc=Оплата рекламы c WMID $wmid&BringToFront=Y'>Оплатить через WebMoney</a>";
include('footer.php');
exit();
}
?>
<script language=javascript>
var dyn=<?=$dyn?>;
var hldyn=<?=$hldyn?>;
var timer5=<?=$timer5?>;
var ds=<?=$ds?>;
var vipprice=<?=$vipprice?>;
var captcha=<?=$captcha?>;
var celoe;
var drob;
var res;
function okrugl(nums)
{
celoe=Math.floor(nums);
drob=(nums-celoe)*100;
drob=Math.floor(drob);
if(drob>=10)
{
res=celoe+'.'+drob;
}else{
res=celoe+'.0'+drob;
}
return res;
}
function getZakaz(frm)
{
frm.summa.value=frm.plan.value*dyn+frm.timer.value*timer5+vipprice*frm.vip.value+frm.highlight.value*hldyn;
if(frm.dopsec.value==1) frm.summa.value=frm.summa.value*1+ds*1;
if(frm.dopsec.value==2) frm.summa.value=frm.summa.value*1+captcha*1;
frm.summa.value=okrugl(frm.summa.value);
}
</script>
<div align="center"><div id="form">
<form name="formzakaz" method="post" action="advertise.php?adv=dyn">
<fieldset style="width: 100%; background: #fff;">
<table width="400" border="0" align="center">
<tr>
<td width="150" align="left"><p><label>WMID</label></p></td>
<td width="250" align="left"><input type="text" name="wmid" size="25" maxlength="12" autocomplete="off" class="field" value="" tabindex="1" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Текст ссылки:</label></p></td>
<td width="250" align="left"><input type="text" name="description" size="25" maxlength="100" autocomplete="off" class="field" value="" tabindex="2" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>URL:</label></p></td>
<td width="250" align="left"><input type="text" name="url" size="25" maxlength="150" autocomplete="off" class="field" value="http://" tabindex="3" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Кол-во визитов:</label></p></td>
<td width="250" align="left"><input name="plan" type="text" onChange="getZakaz(this.form)" value="0" size="6" maxlength="150" tabindex="4"/></td>
</tr>
<tr>
<th width="150" align="left"><b>Таймер:</b> </th>
<td>
<select name="timer" autocomplete="off" onChange="getZakaz(this.form)" tabindex="5">
<option value="0">20 секунд</option>
<option value="1">25 секунд</option>
<option value="2">30 секунд</option>
<option value="3">35 секунд</option>
<option value="4">40 секунд</option>
</select></td></tr>
<tr>
<th width="150" align="left"><b>Выделение цветом</b> </th>
<td>
<select name="highlight" autocomplete="off" onChange="getZakaz(this.form)" tabindex="6">
<option value="0">Не выделять</option>
<option value="1">Выделить</option>
</select></td></tr>
<tr>
<th width="150" align="left"><b>Доп. защита от автокликеров:</b> </th>
<td>
<select name="dopsec" autocomplete="off" onChange="getZakaz(this.form)" tabindex="7">
<option value="0">Нет</option>
<option value="1">Подтверждение просмотра</option>
<option value="2">Ввод каптчи</option>
</select></td></tr>
<tr>
<th width="150" align="left"><b>Разместить в VIP блоке:</b> </th>
<td>
<select name="vip" autocomplete="off" onChange="getZakaz(this.form)" tabindex="8">
<option value="0">Нет</option>
<option value="1">Да</option>
</select><? if($vipmest>=$vipcount) echo "<b>Свободных VIP-мест нет</b>"; ?></td></tr>
<tr>
<td width="150" align="left"><p><label>Введите код: </label></p></td>
<td width="250" align="left"><input type='text' size='3' maxlength='3' name='code' autocomplete="off" class="securitycode" value="" tabindex="9" /></td>
</tr>
<tr>
<td width="150" align="left"> </td>
<td width="250" align="left"><img src="image.php?<?php echo $res; ?>" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Стоимость заказа: </label></p></td>
<td width="250" align="left"><input type='text' size='10' maxlength='20' readonly='readonly' name='summa' autocomplete="off" value=""/></td>
</tr>
<tr>
<td width="150" align="left"> </td>
<td width="250" align="right"><input type="submit" value="Оплатить" class="submit" tabindex="10" /></td>
</tr>
</table>
</form>
</fieldset>
</div></div>