File size: 1.52Kb
<?php
include_once($_SERVER["DOCUMENT_ROOT"]."/inc/function.php");
$stmt_num_ref = $connect->prepare("SELECT count(*) FROM `users` WHERE `id` = ?");
$strow_ref = $connect->prepare("SELECT * FROM `users` WHERE `id` = ?");
$strow = $connect->prepare("SELECT * FROM `plus` WHERE `num` = ?");
$pay = $connect->prepare("UPDATE `users` SET `money` = `money` + ? WHERE `id` = ?");
// worldkassa
if (isset($_POST['id_shop']) && is_numeric($_POST['id_shop']) && isset($_POST['id_bill']) && is_numeric($_POST['id_bill']) && isset($_POST['summa']) && is_numeric($_POST['summa']) && isset($_POST['hash'])) {
$num = $_POST['id_bill'];
$hash = md5($wk_hash.$id_shop.$num.$_POST['summa']);
if ($hash == $_POST['hash']) {
$strow->execute(array($num));
$row = $strow->fetch(PDO::FETCH_LAZY);
if ($_POST['summa'] < $row['sum'])
exit;
$strow_ref->execute(array($row['uid']));
$u_row = $strow_ref->fetch(PDO::FETCH_LAZY);
$stmt_num_ref->execute(array($u_row['ref']));
$num_ref = $stmt_num_ref->fetchColumn();
if ($num_ref > 0) {
$strow_ref->execute(array($u_row['ref']));
$ref_row = $strow_ref->fetch(PDO::FETCH_LAZY);
$ref_money = $row['sum'] / 100 * $ref_cash;
$pay->execute(array($ref_money, $ref_row['id']));
}
ratingUser($plus_r, $row['uid']);
$pay->execute(array($row['sum'], $row['uid']));
$stmt = $connect->prepare("DELETE FROM `plus` WHERE `num` = ?");
$stmt->execute(array($num));
}
}
?>