Файл: public_html/addstatlink.php
Строк: 154
<?
require_once('zsecurity.php');
session_start();
require('config.php');
$sql="select price from tb_config where item='advstatlink'";
$res=mysql_query($sql);
$sl=mysql_result($res,0,0);
$sql="select price from tb_config where item='leftblock'";
$res=mysql_query($sql);
$lbp=mysql_result($res,0,0);
mysql_close($con);
if (isset($_POST["wmid"]))
{
if (strtolower($_POST['code'])!=strtolower($_SESSION['texto']))
{
echo "<img src="images/error.png" align="middle"> Неверно введен код с картинки... <br>";
include('footer.php');
exit();
}
function limpiarez($mess)
{
$mess=str_replace(";"," ",$mess);
$mess=str_replace("$"," ",$mess);
$mess=str_replace("'"," ",$mess);
$mess=strip_tags($mess);
return $mess;
}
$wmid=$_POST["wmid"];
if (is_numeric($wmid)!="true" or strlen($wmid)!=12)
{
echo "<img src="images/error.png" align="middle"> Введено неверное значение в поле WMID";
include('footer.php');
exit();
}
$plan=limpiarez($_POST["plan"]);
if (is_numeric($plan)!="true" or $plan<=0)
{
echo "<img src="images/error.png" align="middle"> Введено неверное количество дней показа";
include('footer.php');
exit();
}
$lb=$_POST["leftblock"];
if ($lb!=0 and $lb!=1)
{
echo "<img src="images/error.png" align="middle"> Ошибка ввода!!!";
include('footer.php');
exit();
}
$urlsite=limpiarez($_POST["urlsite"]);
$urlsite=htmlspecialchars($urlsite);
$description=limpiarez($_POST["description"]);
$description=htmlspecialchars($description);
if ($wmid==""){echo "<img src="images/error.png" align="middle"> Заполнены не все поля"; include('footer.php'); exit();}
if ($plan==""){echo "<img src="images/error.png" align="middle"> Заполнены не все поля"; include('footer.php'); exit();}
if ($urlsite==""){echo "<img src="images/error.png" align="middle"> Заполнены не все поля"; include('footer.php'); exit();}
if ($description==""){echo "<img src="images/error.png" align="middle"> Заполнены не все поля"; include('footer.php'); exit();}
require('config.php');
$sql = "INSERT INTO tb_statlinksreq (url, description, wmid, plan, leftblock) VALUES('$urlsite','$description','$wmid', '$plan','$lb')";
mysql_query($sql) or die(mysql_error());
$res=mysql_query("select purse, valutaname from tb_site where id='1'");
$pv=mysql_fetch_array($res);
$p=$pv["purse"];
$vn=$pv["valutaname"];
mysql_close($con);
$price=$plan*$sl;
if($lb==1) $price=$price+$lbp*$plan;
echo "<img src="images/ok.png" align="middle"> Ваш заказ принят! Тем не менее, прежде, чем мы одобрим ваш заказ, Вы должны оплатить $price $vn.<br>";
echo "<a href='wmk:payto?Purse=$p&Amount=$price&Desc=Оплата статической ссылки c WMID $wmid&BringToFront=Y'>Оплатить через WebMoney</a>";
include('footer.php');
exit();
}
?>
<script language=javascript>
var sl=<?=$sl?>;
var lbp=<?=$lbp?>;
var celoe;
var drob;
var res;
function okrugl(nums)
{
celoe=Math.floor(nums);
drob=(nums-celoe)*100;
drob=Math.floor(drob);
if(drob>=10)
{
res=celoe+'.'+drob;
}else{
res=celoe+'.0'+drob;
}
return res;
}
function getZakaz(frm)
{
frm.summa.value=frm.plan.value*sl+frm.leftblock.value*lbp*frm.plan.value;
frm.summa.value=okrugl(frm.summa.value);
}
</script>
<div align="center"><div id="form">
<fieldset style="width: 100%; background: #fff;">
<form method="post" action="advertise.php?adv=stat">
<table width="400" border="0" align="center">
<tr>
<td width="150" align="left"><p><label>WMID</label></p></td>
<td width="250" align="left"><input type="text" name="wmid" size="25" maxlength="12" autocomplete="off" class="field" value="" tabindex="1" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>URL сайта:</label></p></td>
<td width="250" align="left"><input type="text" name="urlsite" size="25" maxlength="150" autocomplete="off" class="field" value="http://" tabindex="2" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Текст ссылки:</label></p></td>
<td width="250" align="left"><input type="text" name="description" size="25" maxlength="150" autocomplete="off" class="field" value="" tabindex="3" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Кол-во дней показа:</label></p></td>
<td width="250" align="left"><input name="plan" type="text" size="6" maxlength="5" tabindex="4" onChange="getZakaz(this.form)" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Разместить в левом блоке:</label></p></td>
<td width="250" align="left"><select name="leftblock" onChange="getZakaz(this.form)" tabindex="5"><option value="0">Нет</option><option value="1">Да</option></select></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Введите код: </label></p></td>
<td width="250" align="left"><input type='text' size='3' maxlength='3' name='code' autocomplete="off" class="securitycode" value="" tabindex="6" /></td>
</tr>
<tr>
<td width="150" align="left"> </td>
<td width="250" align="left"><img src="image.php?<?php echo $res; ?>" /></td>
</tr>
<tr>
<td width="150" align="left"><p><label>Стоимость заказа: </label></p></td>
<td width="250" align="left"><input type='text' size='10' maxlength='20' readonly='readonly' name='summa' autocomplete="off" value=""/></td>
</tr>
<tr>
<td width="150" align="left"> </td>
<td width="250" align="right"><input type="submit" value="Оплатить" class="submit" tabindex="7" /></td>
</tr>
</table>
</form>
</fieldset>
</div></div>