File size: 1.04Kb
<?php
require_once('../wu_init.php');
if (!wu_token()) { exit('wu-error'); }
if (!USER_LOGGED) { exit('3'); }
if(isset($_POST['id'])){
if(!empty($_POST['id'])){
$id = intval($_POST['id']);
$nu = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id,usr,col FROM ".DB_PREFIX."_es WHERE id='$id' LIMIT 1"));
if ($nu['usr'] != $u_id) { exit('3'); }
if ($nu['col'] == 1) { exit('3'); }
$nus = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT uid,bal FROM ".DB_PREFIX."_users WHERE uid='$u_id' LIMIT 1"));
if ($nus['bal'] < 49) { exit('0'); }
mysqli_query($connect_db, "UPDATE ".DB_PREFIX."_users SET bal=bal-'49', rat=rat+0.05 WHERE uid='$u_id' LIMIT 1");
mysqli_query($connect_db, "UPDATE `".DB_PREFIX."_config` SET adm_profit=adm_profit+49 WHERE id='1' LIMIT 1");
mysqli_query($connect_db, "UPDATE `".DB_PREFIX."_es` SET `col` = '1' WHERE id='$id' LIMIT 1");
wu_operation($u_id, 0, 49, "Вы выделили товар #$id");
wu_log_fin($u_id, 1, "Выделил товар #$id за 49 руб.");
exit('1');
} else { exit('3'); }
} else { exit('3'); }
?>