Файл: confirm_order.php
Строк: 201
<?include("header.php");
$urlpage='Подтверждение заказов';
require("inc/connect.inc.php");
if (isset($_COOKIE['id']) and isset($_COOKIE['hash']))
{
$query = mysql_query("SELECT *,INET_NTOA(login_ip) as login_ip FROM ".$db_pref."users WHERE id = '".intval($_COOKIE['id'])."' LIMIT 1");
$userdata = mysql_fetch_assoc($query);
if(($userdata['hash'] !== $_COOKIE['hash']) or ($userdata['id'] !== $_COOKIE['id'])
or (($userdata['login_ip'] !== $_SERVER['REMOTE_ADDR']) and ($userdata['login_ip'] !== "0.0.0.0")))
{
echo "<div align='center'><font color='red'><br><b>".$lang['error16']."</b></font><br><br></div>";
}
else
{
$submit=$_POST["submit"];
$id=mysql_escape_string($_POST["id"]);
if(!isset($id)):
include("inc/usermenu.inc.php");
?>
<br><div align="center">
<TABLE class="form" width="100%" border="0" align=center cellpadding="2" cellspacing="2">
<tr>
<td align="center" class="form_title"><i><h2><?=$lang['error6'];?></h2></i></td>
</tr>
<tr>
<td align="center"><font color="red"><?=$lang['confirm_order'];?></font></td>
</tr></table></div>
<?
echo "<script language='Javascript'>function reload() {location = "account.php"}; setTimeout('reload()', 3000);</script>";
else:
$sql=mysql_query("select*from ".$db_pref."neworders where id='$id' and sname='$user'");
$num=mysql_num_rows($sql);
if($num==0):
include("inc/usermenu.inc.php");
?>
<br><div align="center">
<TABLE class="form" width="95%" border="0" align=center cellpadding="2" cellspacing="2">
<tr>
<td align="center" class="form_title"><i><h2><?=$lang['error6'];?></i></h2></td>
</tr>
<tr>
<td align="center"><font color="red"><?=$lang['confirm_order1'];?></font></td>
</tr>
</table></div>
<?
echo "<script language='Javascript'>function reload() {location = "account.php"}; setTimeout('reload()', 3000);</script>";
else:
$row=mysql_fetch_array($sql);
$protect=$row['protect'];
$name=$row['name'];
$rang=$row['rang'];
$old_date=date("d.m.Y H:i");
$sqlnew=mysql_query("select*from ".$db_pref."neworders where id='$id' and sname='$user'");
$rownew=mysql_fetch_array($sqlnew);
$new_date=$rownew['date'];
$obxod=$rownew['obxod'];
$sistem_p=$rownew['sistem_p'];
mysql_query("insert into ".$db_pref."oldorders values(null, '$name', '$user', '$rang', '$protect', '$new_date', '$old_date','$obxod','$sistem_p')");
mysql_query("delete from ".$db_pref."neworders where id='$id'");
mysql_query("update ".$db_pref."users set rang='$rang' where user='$name'");
$fem=mysql_query("select*from ".$db_pref."users where user='$name'");
$roq=mysql_fetch_array($fem);
$remail=$roq['email'];
$sql=mysql_query("select*from ".$db_pref."sysvals");
$row=mysql_fetch_array($sql);
$site_url=$row['site_url'];
$name_title=$row['name_title'];
$sqlad=mysql_query("select*from ".$db_pref."users where id='1'");
$rowad=mysql_fetch_array($sqlad);
$admin_email=$rowad['email'];
$sql_user_mail=mysql_query("select*from ".$db_pref."users where user='$name'");
$row_user_mail=mysql_fetch_array($sql_user_mail);
$lang_mail=$row_user_mail["lang"];
if($lang_mail=='lv'){
include('language/mail-lv.php');
}
elseif($lang_mail=='ru'){
include('language/mail-ru.php');
}
elseif($lang_mail=='en'){
include('language/mail-en.php');
}
else{
include('language/mail-'.$deflangu.'.php');
}
$confirm_order2=$lang['confirm_order_m2'];
$lang['confirm_order_mail']=str_replace("{name}",$name,$lang['confirm_order_mail']);
$lang['confirm_order_mail']=str_replace("{user}",$user,$lang['confirm_order_mail']);
$lang['confirm_order_mail']=str_replace("{rang}",$rang,$lang['confirm_order_mail']);
$lang['confirm_order_mail']=str_replace("{name_title}",$name_title,$lang['confirm_order_mail']);
$lang['confirm_order_mail']=str_replace("{site_url}",$site_url,$lang['confirm_order_mail']);
$message=$lang['confirm_order_mail'];
mail("$remail","$confirm_order2","$message","From: $admin_emailn"."Content-type: text/plain; charset=utf-8");
include("inc/usermenu.inc.php");
$lang['confirm_order3']=str_replace("{name}",$name,$lang['confirm_order3']);
$lang['confirm_order3']=str_replace("{user}",$user,$lang['confirm_order3']);
?>
<br><div align="center">
<TABLE class="form" width="95%" border="0" align=center cellpadding="2" cellspacing="2">
<tr>
<td colspan="2" align="center"><i><h2><?=$lang['confirm_order2'];?></i></h2><br></td>
</tr>
<tr>
<td colspan="2" align="center" class="<?=$form;?>"><?=$lang['confirm_order3'];?></td>
</tr>
<?if($sistem==webmoney){?>
<tr>
<td colspan="2" align="center" class="form">
<?=$lang['confirm_order4'];?> <font color="blue"><B><?=$protect;?></B></font></td>
</tr>
<?}?>
</TABLE></div>
<?
endif;endif;
}
}
else
{
echo "<div align='center'><font color='red'><br><b>".$lang['error']."</b></font><br><br></div>";
}
include("footer.php");
?>