Файл: new_order.php
Строк: 217
<?
include("header.php");
$urlpage='Подтверждение заказов';
require("inc/connect.inc.php");
if (isset($_COOKIE['id']) and isset($_COOKIE['hash']))
{
$query = mysql_query("SELECT *,INET_NTOA(login_ip) as login_ip FROM ".$db_pref."users WHERE id = '".intval($_COOKIE['id'])."' LIMIT 1");
$userdata = mysql_fetch_assoc($query);
if(($userdata['hash'] !== $_COOKIE['hash']) or ($userdata['id'] !== $_COOKIE['id'])
or (($userdata['login_ip'] !== $_SERVER['REMOTE_ADDR']) and ($userdata['login_ip'] !== "0.0.0.0")))
{
echo "<div align='center'><font color='red'><br><b>".$lang['error16']."</b></font><br><br></div>";
}
else
{
include("inc/usermenu.inc.php");
$to=$_GET["to"];
$zapros=$_POST["zapros"];
$lang['new_order']=str_replace("{to}",$to,$lang['new_order']);
$lang['new_order1']=str_replace("{to}",$to,$lang['new_order1']);
?>
<br><div align="center">
<table class="form" width="95%" border="0" align="center" cellpadding="3" cellspacing="3">
<?
$uid=$_POST['uid'];
if(!isset($to)):
$to="1";
elseif(($to==0) || ($to>10)):
$to="1";
endif;
$sql=mysql_query("select*from ".$db_pref."neworders where sname='$user' and rang='".intval($to)."'");
$num=mysql_num_rows($sql);
if(($num==0) || ($to>$mat)):
?>
<tr>
<td align="center"class="<?=$moduletable;?>" ><i><h3><?=$lang['error6'];?></h3></i></td>
</tr>
<tr>
<td align="center"><font color="red"><?=$lang['new_order'];?></font></td>
</tr>
<?
echo "<script language='Javascript'>function reload() {location = "account.php"}; setTimeout('reload()', 3000);</script>";
else:
?>
<tr>
<td colspan="<?if($sistem==webmoney){
echo'5';
}
else{
echo'4';
}?>" align="center" ><i><h3><?=$lang['new_order1'];?><br><br></h3></i></td>
</tr>
<tr class="form_title">
<td align="left"><?=$lang['new_order2'];?></td>
<?if($sistem==webmoney){?>
<td align="center"><?=$lang['new_order3'];?></td>
<?}?>
<td align="center"><?=$lang['new_order4'];?></td>
<td align="center"><?=$lang['new_order7'];?></td>
<td align="center"><?=$lang['mail23'];?></td>
</tr>
<?
while($row=mysql_fetch_array($sql)) {
$id=$row['id'];
$zaprosik=$row['zapros_kur'];
$name=$row['name'];
$protect=$row['protect'];
$date=$row['date'];
$sistem_pay=$row['sistem_p'];
$sqlwm=mysql_query("select*from ".$db_pref."users where user='$name'");
$rowwm=mysql_fetch_array($sqlwm);
$wm=$rowwm['wm'];
$alertpay_multi_p=$rowwm['alertpay'];
$perfektmoney_multi_p=$rowwm['perfektmoney'];
$str=Array("1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z");
$class="";
for ($i=0;$i<rand(3,6);$i++) $class.=$str[rand(0,count($str))];
?>
<form METHOD=POST ACTION="confirm_order.php">
<tr onMouseOver="this.style.background='#000000';" onMouseOut="this.style.background='';" >
<td align="left"><?=$name?></td>
<?if($sistem==webmoney){?>
<td align="center"><?=$protect?></td>
<?}?>
<td align="center"><?=$date?></td>
<td align="center"><?
if(($sistem==multi) and ($sistem_pay==1)){
echo"<img src='images/l.ico' alt='' width='13' height='13' border='0' align='middle'> ";
if($wm!==''){
echo"$wm";
}else{
echo"".$lang['stats28']."";
}}
elseif(($sistem==multi) and ($sistem_pay==2)){
echo"<img src='images/a.ico' alt='' width='13' height='13' border='0' align='middle'> ";
if($alertpay_multi_p!==''){
echo"$alertpay_multi_p";
}else{
echo"".$lang['stats28']."";
}}
elseif(($sistem==multi) and ($sistem_pay==3)){
echo"<img src='images/p.ico' alt='' width='13' height='13' border='0' align='middle'> ";
if($perfektmoney_multi_p!==''){
}else{
echo"$perfektmoney_multi_p";
}
echo"".$lang['stats28']."";
}
else{
echo"$wm";
}
?></td>
<td align="center">
<div align="center" class="hideWrap">
<input TYPE="hidden" name="id" value="<?=$id?>"><input class="button" TYPE="submit" value=".:: <?=$lang['new_order6'];?> ::.">
<a class="hideBtn_v<?=$class;?> button" href="javascript://" onclick="jQuery('#hideCont1_v<?=$class;?>').slideToggle('normal');return false;" ="" title="<?=$lang['new_order9'];?>">..:: <?=$lang['new_order8'];?> ::..</a>
</div>
</td>
</tr>
</form>
<tr>
<td colspan="<?if($sistem==webmoney){
echo'5';
}
else{
echo'4';
}?>" >
<div class="hideWrap">
<div style="display: none;" id="hideCont1_v<?=$class;?>" class="hideCont">
<?
$ulength_zap=strlen($zaprosik);
if($ulength_zap==0){
?>
<br><h3 align="center">
<?=$lang['zap_del'];?>
</h3><br>
<form name="zapros" METHOD=POST ACTION="new_order.php?to=<?=$to;?>">
<textarea class='form2 resizable' name="zapros" style="width:100%;"/></textarea>
<input TYPE="hidden" name="uid" value="<?=$id?>"><input class="button" TYPE="submit" value=".:: <?=$lang['zap_del1'];?> ::.">
</form>
<br>
<?}else{
echo "<div align='center'><font color='green'><br><b>".$lang['zap_del3']."</b></font><br>
<BR>
<div class='form'>
$zaprosik
</div>
<br></div>";
}?>
</div>
</div>
</td>
</tr>
<?
}
endif;
if(isset($zapros)):
$ulength=strlen($zapros);
if($ulength==0){
echo "<script language='Javascript'>function reload() {location = "new_order.php?to=$to"}; setTimeout('reload()', 3000);</script>";
echo "<div align='center'><font color='red'><b>".$lang['zap_del2']."</b></font><br><br></div>";
}else{
echo "<div align='center'><font color='green'><br><b>".$lang['zap_del3']."</b></font><br><br></div>";
mysql_query("update ".$db_pref."neworders set zapros_kur='".mysql_real_escape_string($zapros)."' where id='".intval($uid)."'");
echo "<script language='Javascript'>function reload() {location = "new_order.php?to=$to"}; setTimeout('reload()', 3000);</script>";
}
endif;
if($sistem==multi){?>
<tr>
<td colspan="4"align="center" height="30" valign="bottom" >
<div class="accent"><div class="accent-left"></div><div class="accent-right"></div></div></div>
<img src="images/a.ico" alt="Удалить" width="18" height="18" border="0" align="middle"> = AlertPay
<img src="images/p.ico" alt="Удалить" width="18" height="18" border="0" align="middle"> = PerfektMoney
<img src="images/l.ico" alt="Удалить" width="18" height="18" border="0" align="middle"> = LibertyReserve
</TD>
</TR>
<?}?>
</table></div>
<?
}
}
else
{
echo "<div align='center'><font color='red'><br><b>".$lang['error']."</b></font><br><br></div>";
}
include("footer.php");
?>