Файл: system/balanse.php
Строк: 41
<?php
include 'connect.php';
if(!$u['id']){
header ("Location: registration.php?err=1");
exit;
}
switch($_GET['act'])
{
case 'money_100':
include 'head.php';
include 'sms.php';
$smsbill = new SMSBill_getpassword();
$smsbill->setServiceId(4431); //изменить на свое ID доступное в Личном кабинете
$smsbill->useEncoding('utf8');
$smsbill->useHeader('yes');
$smsbill->useLang('ru');
$smsbill->useCss('http://lovs.ws/themes/Default/style.css');
if (isset($_REQUEST['smsbill_password'])) {
if (!$smsbill->checkPassword($_REQUEST['smsbill_password'])) {
echo '<div class="cred"><img src="ico/error.gif" alt="Ошибка" /> Введенный пароль неверен !</div>';
}else{
echo '<div class="nav"><img src="ico/apply.png"> Успех !
Зачислено 100 Монет .</div>';
mysql_query("UPDATE `users` SET `money` = `money`+100 WHERE `id` = '".$u['id']."'");
if($u['sex'] == 'm'){
$action[0] = 'Купил';
} else {
$action[0] = 'Купила';
}
$text = $action[0].' 100 монет</a>.';
mysql_query("INSERT INTO `admin_jurnal_money` SET
`user` = '".$u['id']."',
`text` = '$text',
`code` = '$_REQUEST[smsbill_password]',
`time` = '".time()."',
`new` = '1'
");
}
}else{
echo '<div class="div">';
echo $smsbill->getForm();
echo '</div>';
}
include 'foot.php';
break;
case 'vip':
include 'head.php';
include 'sms.php';
if($u['vip'] == 1) {
error(' Отказано в доступе !');
include 'foot.php';
exit;
}
$smsbill = new SMSBill_getpassword();
$smsbill->setServiceId(4724); //изменить на свое ID доступное в Личном кабинете
$smsbill->useEncoding('utf8');
$smsbill->useHeader('yes');
$smsbill->useLang('ru');
$smsbill->useCss('http://lovs.ws/themes/Default/style.css');
if (isset($_REQUEST['smsbill_password'])) {
if (!$smsbill->checkPassword($_REQUEST['smsbill_password'])) {
error(' Введенный пароль неверен !');
}else{
ok(' Успех !Vip статус активирован на 25 дней .');
mysql_query("UPDATE `users` SET `vip` = `vip`+1 WHERE `id` = '".$u['id']."'");
mysql_query("UPDATE `users` SET `evip` = '".(time()+(60))."' WHERE `id` = '".$u['id']."'");
if($u['sex'] == 'm'){
$action[0] = 'Купил';
} else {
$action[0] = 'Купила';
}
$text = $action[0].' Vip статус</a>.';
mysql_query("INSERT INTO `admin_jurnal_money` SET
`user` = '".$u['id']."',
`text` = '$text',
`code` = '$_REQUEST[smsbill_password]',
`time` = '".time()."',
`new` = '1'
");
}
}else{
echo '<div class="div">';
echo $smsbill->getForm();
echo '</div>';
}
include 'foot.php';
break;
default:
header ("Location: office.php");
break;
}
?>