Размер файла: 4.84Kb
<?php
/**********************************
* @year: 2015 *
* @author: Klubv *
* @icq: 611940693 *
* @link: http://klubv.ru *
**********************************/
include 'header/config.inc.php';
include 'header/function.inc.php';
include 'header/header.inc.php';
include 'header/connect.inc.php';
include 'header/click-club.class.php';
include 'header/enter.inc.php';
include 'ban.php';
mysql_query("UPDATE `".prefix."users` SET `mesto`='В кассе' WHERE `id` = '".$_USER['id']."'");
$bal = mysql_fetch_array(mysql_query("select money from users where nick='".$_USER['login']."'"));
$result=mysql_query("SELECT * FROM `shopkr` LIMIT 1");
$row=mysql_fetch_array($result);
$kassa=$row['kassa'];
switch($_GET['mode']){
case false:
default:
if ($kassa == 1)
{
echo '<div class="downsw"><b>Касса</b></div>';
$q = mysql_query("SELECT * FROM `shopkr`");
while($d=mysql_fetch_array($q))
echo '<div class="menuindexom">
<img src="/images/changer.png"/><br>
Привет <b>'.$_USER['login'].'</b> у нас на продаже <img src="/images/coins.png"/><b>'.$d['kr'].'</b><br>
Курс: <img src="/images/coins.png"/><b>1</b> = <img src="/images/money.png"/><b>'.$d['pr'].'</b> <br/>
----<br>
• <a href="shopkr.php'.$_zapros.'&mode=set_id_kr&id='.$d['id'].'">В кассу
</a></div>';
}
else
{
echo '<div class="downsw"><b>Касса</b></div>';
echo '<div class="menuindex"><img src="images/stop.png"/> <font color="red"><b>Касса временно закрыта!</b></font></div>';
}
break;
case 'set_id_kr':
if ($kassa == 1)
{
echo '<div class="downsw"><b>Касса</b></div>';
$id = abs(intval($id));
$q = mysql_query("SELECT * FROM `shopkr` LIMIT 1");
$d = mysql_fetch_array($q);
echo '<div class="menuindexom">
<img src="/images/calculator.png"/><br>
<img src="/images/coins.png"/><b>'.$d['kr'].'</b> на сумму <img src="/images/money.png"/><b>'.($d['kr']*$d['pr']).'</b><br/>
<form action="shopkr.php'.$_zapros.'&mode=pay_from_kr&id='.$id.'" method="post">
Сколько:<br/>
<input type="text" name="kr" size ="5" maxlength="7" value="'.$d['kr'].'"/><br/>
<input type="submit" value="Купить"/><br/></form></div>';
}
break;
case 'pay_from_kr':
if ($kassa == 1)
{
echo '<div class="downsw"><b>Покупка кредитов</b></div>';
$kr = ereg_replace('[^0-9]*','',(int)$_POST['kr']);
$kr = abs(intval($kr));
{
$q = mysql_query("SELECT * FROM `shopkr` LIMIT 1");
$d = mysql_fetch_array($q);
$m = $kr*$d['pr'];
If ($kr<=$d['kr'] and $kr>0 and $m<=$bal['money'])
{
mysql_query("UPDATE `shopkr` SET `kr`=`kr`-".$kr." WHERE `id`='1';");
mysql_query("UPDATE `users` SET `money`=`money`-".$m." WHERE `nick`='".$_USER['login']."'");
mysql_query("UPDATE `cclub_users` SET `bank`=`bank`+".$kr." WHERE `login`='".$_USER['login']."'") or die('err');
$kupil = $_USER['login'];
$prodal = 'Кассир';
$kolvo = $kr;
$data = time();
$cena = $m;
mysql_query("INSERT into `cclub_log_shopkr` VALUES('','$kupil','$prodal','$kolvo','$data','$cena')") or die('err');
echo '<div class="menuindexom"><b>Куплено:</b> <img src="/images/coins.png"/><b>'.$kr.'</b> на сумму <img src="/images/money.png"/><b>'.$m.' </b></div>';
}
else
echo '<div class="menuindexom">На балансе не достаточно средств!</div>';
}
}
break;
///////Админка////////
case 'new_kr':
If (!$_enter || !$_USER['admin']){
echo '<div class="menuindexom"><b>Хакер это опять ты?</b></div>';
break;
}
$result=mysql_query("SELECT * FROM `shopkr` LIMIT 1");
$row=mysql_fetch_array($result);
$kr=$row['kr'];
$pr=$row['pr'];
$kassa=$row['kassa'];
if ($kassa == 1) {
$status_kassa = "<font color='green'>Открыта</font>";
} else {
$status_kassa = "<font color='red'>Закрыта</font>";
}
echo '<form action="shopkr.php'.$_zapros.'&mode=add_kr" method="post">
<div class="downsw"><b>Выставить кредиты</b></div>
<div class="menuindexom">
Касса: <b>'.$status_kassa.'</b><br/>====<br/>
<select name="kassa">
<option value="0">Закрыть</option>
<option value="1">Открыть</option>
</select><br/>
----<br/>
Количество кр.:<br/>
<input type="text" name="kr" maxlength="7" value="'.$kr.'"/><br/>
Цена за 1 кр.:<br/>
<input type="text" name="pr" maxlength="10" value="'.$pr.'"/><br/>
<input type="submit" value="Выставить"/><br/></form>
</div>';
break;
case 'add_kr':
If (!$_enter || !$_USER['admin']){
echo '<div class="menuindexom"><b>Хакер это опять ты?</b></div>';
break;
}
$kassa = htmlspecialchars(trim($_POST['kassa']));
$kr = htmlspecialchars(trim($_POST['kr']));
$pr= htmlspecialchars(trim($_POST[pr]));
If ( $pr>=0.001)
{
mysql_query("UPDATE `shopkr` SET `kr` = '$kr', `pr` = '$pr' , `kassa` = '$kassa' WHERE `id` = 1;");
echo '<div class="menuindexom"><b>Выставлено!</b></div>';
}
else
echo '<div class="menuindexom">Вы допустили ошибку!</div>';
break;
//////////////////////////////////
}
include "header/end.inc.php";
?>