Файл: waphero.ru/Adm_panel/vvod.php
Строк: 11
<?
include_once '../core/system.php';
echo admin();
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gold_zapros` WHERE `id` = '".intval($_GET['id'])."'"),0) == true){
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `gold_zapros` WHERE `id` = '".intval($_GET['id'])."'"));
}else{
$_SESSION['err'] = "Запрос не найден!";
header('Location: gold_zapros.php');
exit();
}
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$post[id_user]."'"));
mysql_query("update `user` set `gold` = '".($user['gold']+$post[sum])."' where (`id` = '".$ank['id']."')");
mysql_query("DELETE FROM `gold_zapros` WHERE `id` = '".intval($_GET['id'])."'");
$_SESSION['message'] = "Золото зачисленно!";
header('Location: gold_zapros.php');
exit();
?>