View file iframe/wk/result.php

World Fastest and Cheapest Hosting
Buy Cheapest Web Domains
File size: 2.33Kb 
<?php echo'<?xml version="1.0" encoding="utf-8"?>'; ?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Автоматическая покупка WorldKassa</title>
<link rel="apple-touch-icon" sizes="180x180" href="/css/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/css/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/css/favicon-16x16.png">
<link rel="manifest" href="/css/site.webmanifest">
<style type="text/css">
body{max-width:500px; margin:0 auto;background-color:#eee}
 .success{color:green;border-left:2px solid green}
 .error{color:red;;border-left:2px solid red}
.error,.success{margin:10px auto; padding:5px; max-width:300px;font-size:large }
 </style>
</head><body><div>
<?php

require_once 'connect.php';
include_once'config.php';

if(isset($_POST['id_shop']) && is_numeric($_POST['id_shop']) && isset($_POST['id_bill']) && is_numeric($_POST['id_bill']) && isset($_POST['summa']) && is_numeric($_POST['summa']) && isset($_POST['hash'])){//isset

$sql=mysql_query("SELECT * FROM `iframe` WHERE `id_bill`='{$_POST['id_bill']}'")or die('DB: '.mysql_error());

if(mysql_num_rows($sql)>0){
$data=mysql_fetch_assoc($sql);
if($_POST['summa']<$data['summa']){
echo'<div class="error">Подмена суммы пополнения '.$_POST['summa'].'</div>';

}elseif($_POST['hash']<>md5($hash.$id_shop.$_POST['id_bill'].$_POST['summa'])){
echo'<div class="error">Не совпал хеш '.$_POST['hash'].'</div>';

}else{
mysql_query("UPDATE `iframe` SET `payment`=NOW(), `expire`=NOW() + INTERVAL {$data['days']} DAY WHERE `id`={$data['id']}")or die('DB: '.mysql_error());

echo'<div class="success">Успех! ID:'.$data['id'].'</div>
Адрес: '.$data['url'].'<br/>
Название: '.$data['name'].'<br/>
Дней: '.$data['days'].'<br/> 
Цвет: '.($data['color']?$data['color']:'нет').'<br/>
Жирный: '.($data['bold']?'да':'нет'). '<br/>
Курсивный: '.($data['italic']?'да':'нет');

};
}else{
echo'<div class="error">Нет в базе id_bill '.$_POST['id_bill'].'</div>';
};
}else{
echo'<div class="error">Не все параметры</div>';
};

?></div></body></html>