File size: 993B
<?
if (isset($_POST['WK_PAY_AMOUNT']) && isset($_POST['WK_PAY_TIME']) && isset($_POST['WK_PAY_HASH']))
{
include_once ('../system/function.php');
include_once 'sett.php';
$common_string = wk_id.$_POST['WK_PAY_AMOUNT'].$_POST['WK_PAY_TIME'].wk_code;
$hash = strtoupper(hash("sha256",$common_string));
if($hash!=$_POST['WK_PAY_HASH']) exit('NO HACK!');
$summ = wk_summ($_POST['WK_PAY_AMOUNT']);
$id = abs(intval($_POST['WK_PAY_ID']));
$us = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$id."'"));
mysql_query("UPDATE `users` SET `money` = `money`+".$summ." WHERE `id` = '".$id."'");
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$id."', `kto` = '0', `text` = 'Баланс пополнен на [b][green]".$summ."[/green][/b] рублей'");
mysql_query("INSERT INTO `bill_hist` SET `summ` = '".$summ."', `chto` = 'Вы пополнил баланс',`us` = '".$id."', `type` = '2',`time` = '".time()."'");
exit('YES');
}
?>