Файл: ubiznes.mobi/inc/location/business/work.php
Строк: 20
<?
if(isset($_GET['work_all']) && $user['sirena']>0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `business_user` WHERE `id_user` = '$user[id]' AND `id_bus` != '0' AND `time` < '$time' AND `work` = '0' AND `works` >0 "),0)>0){
$q=mysql_query("SELECT * FROM `business_user` WHERE `id_user` = '$user[id]' AND `id_bus` != '0' AND `time` < '$time' AND `work` = '0' AND `works` >0 ");
while($post=mysql_fetch_assoc($q)){
$bus=mysql_fetch_assoc(mysql_query("SELECT * FROM `business` WHERE `id` = '$post[id_bus]' LIMIT 1"));
$timess=$bus['time'];if($user['sirena']>0)$timess=$timess-($timess/100*($user['sirena']*2));
mysql_query("UPDATE `business_user` SET `work` = '1', `time` = '".($time+$timess)."' WHERE `id` = '$post[id]'");
}
header("location:/?business"); exit;
}
if(isset($_GET['work']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `business_user` WHERE `id` = '".intval($_GET['work'])."' AND `id_user` = '$user[id]' AND `id_bus` != '0' AND `time` < '$time' AND `work` = '0'"),0)>0){
$work=mysql_fetch_assoc(mysql_query("SELECT * FROM `business_user` WHERE `id` = '".intval($_GET['work'])."' LIMIT 1"));
$bus=mysql_fetch_assoc(mysql_query("SELECT * FROM `business` WHERE `id` = '$work[id_bus]' LIMIT 1"));
$timess=$bus['time'];if($user['sirena']>0)$timess=$timess-($timess/100*($user['sirena']*2));
mysql_query("UPDATE `business_user` SET `work` = '1', `time` = '".($time+$timess)."' WHERE `id` = '$work[id]'");
$_SESSION['msg']="Работники приняли заказ";
header("location:/?business"); exit;
}