View file www/order_info.php

File size: 6.63Kb
<?
session_start();
include("../includes/common.php");






$info =  "Здесь Вы можете узнать детали совершенного ранее обмена";
$order_id = $_GET['order_id'];
$hash = trim($_GET['hash']);

$query = "select * from hashes where hash='$hash' and type=1";
$row = @mysql_fetch_object(@mysql_query($query));


if(!is_numeric($order_id)||($row->id=="")||($row->hash!=""&&($row->owner_id!=$order_id))){
	$error = base64_encode("Операция обмена не найдена!");
	header("Location: $SITE_URL/error.php?error=$error");
	exit;
}

//$order_id = 60;

$query = "select * from orders where id=$order_id and status=0";
$order_row = @mysql_fetch_object(@mysql_query($query));

if($order_row->id=""){
	$error = base64_encode("Операция обмена не найдена!");
	header("Location: $SITE_URL/error.php?error=$error");
	exit;
}

$date = getdate($order_row->regdate);
$day = $date['mday'];
$month = $date['mon'];
$year = $date['year'];
$h = $date['hours'];
$m = $date['minutes'];
$s = $date['seconds'];
$year = $date['year'];

	$date = ($h>9?$h:"0$h").":".($m>9?$m:"0$m").":".($s>9?$s:"0$s")."&nbsp;&nbsp;".$day." ".$MONTH_RUS[$month-1]." ".$year;


$query = "select * from ex_currencies where id=$order_row->ex_currency_from_id";
$from_row = @mysql_fetch_object(@mysql_query($query));

$query = "select * from ex_currencies where id=$order_row->ex_currency_to_id";
$to_row = @mysql_fetch_object(@mysql_query($query));

echo MainTop($SETTINGS['site_name'],$info);
?>
<span class="header1">Операция обмена # <?=$order_id?></span><br><br>
<table width="400" border="0" cellpadding="0" cellspacing="0" >
  <tr> 
    <td class="header2">Дата операции:&nbsp;&nbsp;&nbsp;<?=$date?>
	<br>
	<br>
	</td>
  </tr>
  <tr> 
    <td class="header2">Вы отдали:</td>
  </tr>
  <tr> 
    <td class="datasum"><?=$order_row->amount_from+0?> <?=$from_row->name?> <?=$from_row->metal_id > 0 ? "<br><small>или ".round($order_row->metal_amount_from,6)." гр.</small>":""?><br> <hr size="1" noshade> </td>
  </tr>
<?
if($from_row->code == "WMR"||$from_row->code == "WMZ"||$from_row->code == "WME"||$from_row->code == "WMU"){
	if($from_row->code == "WMR"){
		$purse = "R";
	}
	elseif($from_row->code == "WMZ"){
		$purse = "Z";
	}
	elseif($from_row->code == "WME"){
		$purse = "E";
	}
	elseif($from_row->code == "WMU"){
		$purse = "U";
	}

	$query = "select * from wm_orders where id=$order_row->from_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$in_content = '<tr> 
          <td width="120" class="celpad2">Кошелек '.$purse.' типа:</td>
          <td class="celpad2">'.$tmp_row->payer_purse.'</td>
        </tr>
		<tr> 
          <td width="120" class="celpad2">WM идентификатор:</td>
          <td class="celpad2">'.($tmp_row->payer_wm==""?"<small>не указан</small>":$tmp_row->payer_wm).'</td>
        </tr>';
}
elseif($from_row->code == "YMR"||$from_row->code == "PCD"||$from_row->code == "PCE"||$from_row->code == "PCH"||$from_row->code == "PCL"){
	$query = "select * from yandex_orders where id=$order_row->from_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$in_content = '<tr> 
          <td width="120" class="celpad2">Номер счета:</td>
          <td class="celpad2">'.$tmp_row->payer_account.'</td>
        </tr>';
}
elseif($from_row->code == "EPD"){
}
elseif($from_row->code == "EGOLD"||$from_row->code == "ESILVER"||$from_row->code == "EPLATINUM"||$row_from->code == "EPALLADIUM"){
	$query = "select * from egold_orders where id=$order_row->from_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$in_content = '<tr> 
          <td width="120" class="celpad2"><nobr>Номер счета в E-Gold:</nobr></td>
          <td class="celpad2">'.$tmp_row->payer_account.'</td>
        </tr>';
}

if($to_row->code == "WMR"||$to_row->code == "WMZ"||$to_row->code == "WME"||$to_row->code == "WMU"){
	if($to_row->code == "WMR"){
		$purse = "R";
	}
	elseif($to_row->code == "WMZ"){
		$purse = "Z";
	}
	elseif($to_row->code == "WME"){
		$purse = "E";
	}
	elseif($to_row->code == "WMU"){
		$purse = "U";
	}

	$query = "select * from wm_orders where id=$order_row->to_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$out_content = '<tr> 
          <td width="120" class="celpad2">Кошелек '.$purse.' типа:</td>
          <td class="celpad2">'.$tmp_row->payer_purse.'</td>
        </tr>
		<tr> 
          <td width="120" class="celpad2">WM идентификатор:</td>
          <td class="celpad2">'.($tmp_row->payer_wm==""?"<small>не указан</small>":$tmp_row->payer_wm).'</td>
        </tr>';
}
elseif($to_row->code == "YMR"||$to_row->code == "PCE"||$to_row->code == "PCD"||$to_row->code == "PCH"||$to_row->code == "PCL"){
	$query = "select * from yandex_orders where id=$order_row->to_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$out_content = '<tr> 
          <td width="120" class="celpad2">Номер счета:</td>
          <td class="celpad2">'.$tmp_row->payee_account.'</td>
        </tr>';
}
elseif($to_row->code == "EPD"){
}
elseif($to_row->code == "EGOLD"||$to_row->code == "ESILVER"||$to_row->code == "EPLATINUM"||$row_from->code == "EPALLADIUM"){
	$query = "select * from egold_orders where id=$order_row->from_order_id";
	$tmp_row = @mysql_fetch_object(@mysql_query($query));

	$out_content = '<tr> 
          <td width="120" class="celpad2"><nobr>Номер счета в E-Gold:</nobr></td>
          <td class="celpad2">'.$tmp_row->payer_account.'</td>
        </tr>';
}

?>
  <tr> 
    <td class="celpad2"><strong>Реквизиты плательщика</strong></td>
  </tr>
  <tr> 
    <td>
		<table width="100%" border="0" cellspacing="0" cellpadding="0">
		<?=$in_content?>
		</table>
  </td>
  </tr>
  <tr> 
    <td class="celpad2"><!-- <strong>Реквизиты счета для снятия суммы</strong> --></td>
  </tr>

  <tr> 
    <td class="celpad2"><hr size="1" noshade></td>
  </tr>


  <tr> 
    <td class="header2">Вы получили:</td>
  </tr>
  <tr> 
    <td class="datasum"><?=$order_row->amount_to+0?> <?=$to_row->name?> <?=$to_row->metal_id > 0 ? "<br><small>или ".round($order_row->metal_amount_to,6)." гр.</small>":""?><br> <hr size="1" noshade>	
  </td>
  </tr>

  <tr> 
    <td class="celpad2"><strong>Реквизиты получателя</strong></td>
  </tr>


  <tr> 
    <td>
		<table width="100%" border="0" cellspacing="0" cellpadding="0">
		<?=$out_content?>
		</table>
  </td>
  </tr>


</table>
<br>
<small><font color="red">Внимание! Просмотр данной выписки доступен только лицу, совершившему обмен. Данные защищены случайным хэшем, для подбора которого необходимо количество комбинаций, превышающее число атомов в земном шаре!</font></small>
<?
echo MainBottom();
?>