Файл: vkolhoze.com/smsbill/payment.php
Строк: 40
<?
include_once("smsbill.class.php");
include_once("settings_sms.php");
echo "<div class='event'><h1>Покупка рубинов</h1></div>";
echo "<div class='block'>";
echo "У вас <img width='16' height='16' src='images/icons/ruby.png' alt='o'><b>$ku[rubies]</b> рубинов<br/><br/>
<span class='title'><b>Оплата по смс</b></span><br /><br />";
if(isset($_GET['pay']))
{
$serv = htmlspecialchars($_GET['servid']);
if(!isset($money[$serv]))
{err_game('ОШШШиБКААА!!!');
include_once 'inc/foot.php';
}else{
$rubi = $money[$serv];
$smsbill = new SMSBill();
$smsbill->setServiceId($serv);
$smsbill->useEncoding($charset);
$smsbill->useHeader('no');
$smsbill->useLang($lang);
$smsbill->useCss('http://'.$_SERVER['HTTP_HOST']);
if (isset($_REQUEST['smsbill_password'])) {
if (!$smsbill->checkPassword($_REQUEST['smsbill_password'])) {
echo"Код указан не верно.";
include_once"inc/foot.php";
exit;
}else{
mysql_query("UPDATE `kolhoz_user` SET `rubies` =`rubies`+ '$rubi' WHERE `id` = '$ku[id]'");
echo "Вам зачислено ". $rubi ." рубинов.";
include_once"inc/foot.php";
}
}else{
echo $smsbill->getForm();
include_once"inc/foot.php";
}
}
}
foreach ($money as $serv_id => $money_val){
echo "<img width='16' height='16' src='images/icons/ruby.png' alt='o'><b>$money_val</b> рубинов <a href='?payment&pay&servid=".$serv_id."'>Купить</a><br />";
}
echo "</div>";
include_once 'inc/foot.php';
?>