Файл: mod/result.php
Строк: 14
<?php
include_once($_SERVER["DOCUMENT_ROOT"]."/inc/db.php");
include_once($_SERVER["DOCUMENT_ROOT"]."/inc/function.php");
if (isset($_POST['id_shop']) && is_numeric($_POST['id_shop']) && isset($_POST['id_bill']) && is_numeric($_POST['id_bill']) && isset($_POST['summa']) && is_numeric($_POST['summa']) && isset($_POST['hash']))
{
$sql=mysql_query("SELECT * FROM `rek` WHERE `num` = '".$_POST['id_bill']."'");
if (mysql_num_rows($sql)>0)
{
$data=mysql_fetch_assoc($sql);
if ($_POST['summa']<$data['sum'])
{
}
elseif($_POST['hash']!=md5($hash.$id_shop.$_POST['id_bill'].$_POST['summa']))
{
}
else
{
mysql_query("UPDATE `rek` SET `clicks` = `clicks` + `ok` WHERE `id` = '".$data['id']."'");
}
}
}
?>