$gateway_data = $db->result();
$fees = new fees();
switch ($_GET['a']) {
case 1:
// add to account balance
$pp_paytoemail = $gateway_data['paypal_address'];
$an_paytoid = $gateway_data['authnet_address'];
$an_paytopass = $gateway_data['authnet_password'];
$wp_paytoid = $gateway_data['worldpay_id'];
$tc_paytoid = $gateway_data['toocheckout_id'];
$mb_paytoemail = $gateway_data['moneybookers_address'];
$payvalue = $system->input_money($_POST['pfval']);
$custoncode = $user->user_data['id'] . 'WEBID1';
$message = sprintf($MSG['582'], $system->print_money($payvalue));
$title = $system->SETTINGS['sitename'] . ' - ' . $MSG['935'];
$fees->add_to_account($MSG['935'], 'balance', $payvalue);
break;
case 2:
// pay for an item
$query = "SELECT w.id, a.title, a.shipping_cost, a.shipping_cost_additional, a.shipping, w.bid, u.paypal_email, u.authnet_id, u.authnet_pass,\n\t\t\t\tu.id As uid, u.nick, a.payment, u.worldpay_id, u.toocheckout_id, u.moneybookers_email, w.qty\n\t\t\t\tFROM " . $DBPrefix . "winners w\n\t\t\t\tLEFT JOIN " . $DBPrefix . "auctions a ON (a.id = w.auction)\n\t\t\t\tLEFT JOIN " . $DBPrefix . "users u ON (u.id = w.seller)\n\t\t\t\tWHERE w.id = :pfval AND w.winner = :user_id";
$params = array();
$params[] = array(':pfval', $_POST['pfval'], 'int');
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
// check its real
if ($db->numrows() < 1) {
header('location: outstanding.php');
exit;
}
$data = $db->result();
$payment = explode(', ', $data['payment']);
