Файл: vk/server.php
Строк: 89
<?php
$sing = md5($_POST['uid'].":".$_POST['access_token'].":secretcode");
if($sing != $_POST['hash']){
die("Wrong signature");
}
include 'inc/db.class.php';
include 'inc/vk_site.class.php';
include 'inc/vkpr.class.php';
$vk = new VK($_POST['access_token'],$_POST['uid']);
$vkpr = new VKPR ($_POST['uid'],$db,$vk,'',$recently_auth);
switch($_POST['act']){
case "pJoinGroup":
$id = str_replace("gbtn", "", $_POST['id']);
$q = $db->mysql_qw("SELECT link,id FROM groups WHERE id = ?;",$id);
$link = mysql_result($q,0,0);
$id = mysql_result($q,0,1);
$gid = $vkpr->pGroupLink($link);
$pay = $vkpr->paysConf['g2'];
$pay_ref = $pay / 100 * $vkpr->paysConf['ref'];
$q = $db->mysql_qw("SELECT * FROM groups_joins WHERE group_id = ? AND user_id = ?;",$id,$_POST['uid']);
if(mysql_num_rows($q) == 0){
if($vkpr->isGroupMember($_POST['uid'], $gid)){
echo "true";
$db->mysql_qw("UPDATE groups SET joined = joined + 1 WHERE id = ?;",$id);
$db->mysql_qw("INSERT INTO groups_joins(group_id,user_id,date) VALUES(?,?,?);",$id,$_POST['uid'],time());
$db->mysql_qw("UPDATE users SET bals = bals + ? WHERE uid = ?;",$pay,$_POST['uid']);
$db->mysql_qw("UPDATE users SET ref_earn = ref_earn + ? WHERE uid = ?;",$pay_ref,$_POST['uid']);
}else{
echo "false";
}
}
break;
case "pJoinFrend":
$id = str_replace("gbtn", "", $_POST['id']);
$q = $db->mysql_qw("SELECT link,id FROM frends WHERE id = ?;",$id);
$link = mysql_result($q,0,0);
$id = mysql_result($q,0,1);
$gid = $vkpr->pFrendLink($link);
$pay = $vkpr->paysConf['g2'];
$pay_ref = $pay / 100 * $vkpr->paysConf['ref'];
$q = $db->mysql_qw("SELECT * FROM frends_joins WHERE frend_id = ? AND user_id = ?;",$id,$_POST['uid']);
if(mysql_num_rows($q) == 0){
if($vkpr->isFrendMember($gid)){
echo "true";
$db->mysql_qw("UPDATE frends SET joined = joined + 1 WHERE id = ?;",$id);
$db->mysql_qw("INSERT INTO frends_joins(frend_id,user_id,date) VALUES(?,?,?);",$id,$_POST['uid'],time());
$db->mysql_qw("UPDATE users SET bals = bals + ? WHERE uid = ?;",$pay,$_POST['uid']);
$db->mysql_qw("UPDATE users SET ref_earn = ref_earn + ? WHERE uid = ?;",$pay_ref,$_POST['uid']);
}else{
echo "false";
}
}
break;
case "pJoinNote":
$id = str_replace("nbtn", "", $_POST['id']);
$q = $db->mysql_qw("SELECT link,id FROM notes WHERE id = ?;",$id);
$link = mysql_result($q,0,0);
$id = mysql_result($q,0,1);
$pay = $vkpr->paysConf['s2'];
$pay_ref = $pay / 100 * $vkpr->paysConf['ref'];
$q = $db->mysql_qw("SELECT * FROM notes_joins WHERE group_id = ? AND user_id = ?;",$id,$_POST['uid']);
if(mysql_num_rows($q) == 0){
if($vkpr->isLiked($_POST['uid'], $link)){
echo "true";
$db->mysql_qw("UPDATE notes SET joined = joined + 1 WHERE id = ?;",$id);
$db->mysql_qw("INSERT INTO notes_joins(group_id,user_id,date) VALUES(?,?,?);",$id,$_POST['uid'],time());
$db->mysql_qw("UPDATE users SET bals = bals + ? WHERE uid = ?;",$pay,$_POST['uid']);
$db->mysql_qw("UPDATE users SET ref_earn = ref_earn + ? WHERE uid = ?;",$pay_ref,$_POST['uid']);
}else{
echo "false";
}
}
break;
case "pJoinLike":
$id = str_replace("nbtn", "", $_POST['id']);
$q = $db->mysql_qw("SELECT link,id FROM likes WHERE id = ?;",$id);
$link = mysql_result($q,0,0);
$id = mysql_result($q,0,1);
$pay = $vkpr->paysConf['s2'];
$pay_ref = $pay / 100 * $vkpr->paysConf['ref'];
$q = $db->mysql_qw("SELECT * FROM like_joins WHERE group_id = ? AND user_id = ?;",$id,$_POST['uid']);
if(mysql_num_rows($q) == 0){
if($vkpr->Likes($_POST['uid'], $link)){
echo "true";
$db->mysql_qw("UPDATE likes SET joined = joined + 1 WHERE id = ?;",$id);
$db->mysql_qw("INSERT INTO like_joins(group_id,user_id,date) VALUES(?,?,?);",$id,$_POST['uid'],time());
$db->mysql_qw("UPDATE users SET bals = bals + ? WHERE uid = ?;",$pay,$_POST['uid']);
$db->mysql_qw("UPDATE users SET ref_earn = ref_earn + ? WHERE uid = ?;",$pay_ref,$_POST['uid']);
}else{
echo "false";
}
}
break;
}
?>