Размер файла: 1.11Kb
<?php
@session_start();
require_once $_SERVER['DOCUMENT_ROOT']."/includes/start.php";
if(isset($_SESSION['auth']) and $_SESSION['auth']==1){
echo $_up;
$id = $_GET['id'];
if(eregi("[^0-9]" , $_GET['id'])){
header ("Location: /shop/?1"); exit;
}
$query = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop` WHERE `id_present`='$id'"));
if(!$query){
header ("Location: /shop/?2"); exit;
}
$present = mysql_fetch_assoc(mysql_query("SELECT `id_present`,`price`,`status` FROM `shop` WHERE `id_present`='$id'"));
if($present['status']=='' or $present['status']>$usr['status']){
header ("Location: /shop/?3"); exit;
}
if($present['price']>$usr['credits']){
echo 'У вас не достаточно денег :('; exit;
}
echo '<div class="list">
<form action="toGO.php?id='.$id.'" method="post">
Введите логин кому хотите подарить подарок:
<br><input name="tologin"/><br>
Комментарий:
<br><input name="tocom"/><br>
<input type="submit" value="OK"/>
</form>
</div>';
echo $_down;
}else{
header ("Location: /?"); exit;
}
?>