File size: 1.21Kb
<?php
require_once('../wu_init.php');
require('../wu-functions/wu_functions.php');
if (!wu_token()) { exit('wu-error'); }
if (!USER_LOGGED) { exit('3'); }
if(isset($_POST['id'])){
if(!empty($_POST['id'])){
$id = intval($_POST['id']);
$nu = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id,usr,dt FROM ".DB_PREFIX."_es WHERE id='$id' LIMIT 1"));
if ($nu['usr'] != $u_id) { exit('3'); }
$last = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id FROM ".DB_PREFIX."_es WHERE st = '1' ORDER BY dt DESC LIMIT 1"));
if ($last['id'] == $id) { exit('2'); }
$nus = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT uid,bal FROM ".DB_PREFIX."_users WHERE uid='$u_id' LIMIT 1"));
if ($nus['bal'] < 49) { exit('0'); }
mysqli_query($connect_db, "UPDATE ".DB_PREFIX."_users SET bal=bal-'49', rat=rat+0.05 WHERE uid='$u_id' LIMIT 1");
mysqli_query($connect_db, "UPDATE `".DB_PREFIX."_config` SET adm_profit=adm_profit+49 WHERE id='1' LIMIT 1");
mysqli_query($connect_db, "UPDATE `".DB_PREFIX."_es` SET `dt` = '$dt' WHERE id='$id' LIMIT 1");
wu_operation($u_id, 0, 49, "Вы подняли товар #$id");
wu_log_fin($u_id, 1, "Поднял товар #$id за 49 руб.");
exit('1');
} else { exit('3'); }
} else { exit('3'); }
?>