<?php
session_start();
if (empty($_SESSION['user_id'])) {
die('!user_id');
}
define('DC', TRUE);
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
set_time_limit(0);
//require_once( ABSPATH . 'includes/errors.php' );
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
require_once ABSPATH . 'lang/' . get_lang() . '.php';
$project_currency_name = $db->escape($_REQUEST['project_currency_name']);
if (!check_input_data($project_currency_name, 'cf_currency_name')) {
die(json_encode(array('error' => $lng['incorrect_currency_name'])));
}
// проверим, не занято ли имя валюты
$currency = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\t\tSELECT `id`\n\t\t\t\tFROM `" . DB_PREFIX . "cf_projects`\n\t\t\t\tWHERE `project_currency_name` = '{$project_currency_name}' AND\n\t\t\t\t\t\t\t `close_block_id` = 0 AND\n\t\t\t\t\t\t\t `del_block_id` = 0\n\t\t\t\tLIMIT 1\n\t\t\t\t", 'fetch_one');
if ($currency) {
die(json_encode(array('error' => $lng['currency_name_busy'])));
}
// проверим, не занято ли имя валюты
$currency = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\t\tSELECT `id`\n\t\t\t\tFROM `" . DB_PREFIX . "cf_currency`\n\t\t\t\tWHERE `name` = '{$project_currency_name}'\n\t\t\t\tLIMIT 1\n\t\t\t\t", 'fetch_one');
if ($currency) {
die(json_encode(array('error' => $lng['currency_name_busy'])));
}
print json_encode(array('success' => $lng['name_is_not_occupied']));
session_start();
if (empty($_SESSION['user_id'])) {
die('!user_id');
}
define('DC', TRUE);
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
set_time_limit(0);
//require_once( ABSPATH . 'includes/errors.php' );
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
if (!empty($_SESSION['restricted'])) {
die('Permission denied');
}
$my_user_id = $_SESSION['user_id'];
$min_amount = $db->escape($_REQUEST['min_amount']);
$currency_id = $db->escape($_REQUEST['currency_id']);
$ps_id = $db->escape($_REQUEST['payment_system_id']);
if (!check_input_data($min_amount, 'amount')) {
die('error min_amount');
}
if (!check_input_data($currency_id, 'int')) {
die('error currency_id');
}
if (!check_input_data($ps_id, 'int')) {
die('error payment_system_id');
}
$max_promised_amounts = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `amount`\n\t\tFROM `" . DB_PREFIX . "max_promised_amounts`\n\t\tWHERE `currency_id` = {$currency_id}\n\t\tORDER BY `time` DESC\n\t\tLIMIT 1\n\t\t", 'fetch_one');
if ($ps_id) {
$add_sql = " (`ps1` = {$ps_id} OR `ps2` = {$ps_id} OR `ps3` = {$ps_id} OR `ps4` = {$ps_id} OR `ps5` = {$ps_id}) AND";
} else {
session_start();
if (empty($_SESSION['user_id'])) {
die('!user_id');
}
define('DC', TRUE);
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
//require_once( ABSPATH . 'includes/errors.php' );
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
if (!empty($_SESSION['restricted'])) {
die('Permission denied');
}
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
if (!check_input_data($_REQUEST['parent_id'], 'int')) {
die('error parent_id');
}
if (!check_input_data($_REQUEST['message_type'], 'int')) {
die('error type');
}
if (!check_input_data($_REQUEST['message_subtype'], 'int')) {
die('error subtype');
}
$parent_id = intval($_REQUEST['parent_id']);
$message_type = intval($_REQUEST['message_type']);
$message_subtype = intval($_REQUEST['message_subtype']);
$subject = $db->escape($_REQUEST['subject']);
$message = $db->escape($_REQUEST['message']);
define('MY_PREFIX', get_my_prefix($db));
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "SET NAMES UTF8");
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tINSERT INTO `" . DB_PREFIX . MY_PREFIX . "my_admin_messages` (\n\t\t\t\t`parent_id`,\n\t\t\t\t`subject`,\n\t\t\t\t`message`,\n\t\t\t\t`message_type`,\n\t\t\t\t`message_subtype`,\n\t\t\t\t`decrypted`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t{$parent_id},\n\t\t\t\t'{$subject}',\n\t\t\t\t'{$message}',\n\t\t\t\t{$message_type},\n\t\t\t\t'{$message_subtype}',\n\t\t\t\t1\n\t\t\t)");
print $db->getInsertId();
<?php
session_start();
define('DC', TRUE);
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
//require_once( ABSPATH . 'includes/errors.php' );
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
$lang = get_lang();
require_once ABSPATH . 'lang/' . $lang . '.php';
$dc_currency_id = intval($_REQUEST['dc_currency_id']);
$currency_id = intval($_REQUEST['currency_id']);
$amount = $db->escape($_REQUEST['amount']);
if (!preg_match('/^[0-9]{0,6}(\\.[0-9]{0,8})?$/D', $amount) || $amount == 0) {
die(json_encode(array('error' => 'amount_error')));
}
$currency_list = get_currency_list($db);
$config = get_node_config();
if ($config['cf_available_coins_url']) {
$url = "{$config['cf_available_coins_url']}?dc_currency_id={$dc_currency_id}¤cy_id={$currency_id}&amount={$amount}";
$answer = file_get_contents($url);
$answer_array = json_decode($answer, true);
if (!isset($answer_array['success'])) {
echo json_encode(array('error' => str_ireplace(array('[url]', '[amount]', '[currency_name]'), array('<a href="' . $config['cf_exchange_url'] . '">' . $config['cf_exchange_url'] . '</a>', $answer_array['error'], 'D' . $currency_list[$dc_currency_id]), $lng['no_DC'])));
} else {
echo $answer;
}
}
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
set_time_limit(0);
//require_once( ABSPATH . 'includes/errors.php' );
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
if (!empty($_SESSION['restricted'])) {
die('Permission denied');
}
$_REQUEST['data'] = str_ireplace("\n", "<br>", $_REQUEST['data']);
$data = json_decode($_REQUEST['data'], true);
$id = intval($_REQUEST['id']);
if (!check_input_data($data['parent_id'], 'int')) {
die('error parent_id');
}
if (!check_input_data($data['type'], 'int')) {
die('error type');
}
if (!check_input_data($data['subtype'], 'int')) {
die('error subtype');
}
$data['subject'] = filter_var($data['subject'], FILTER_SANITIZE_STRING);
$data['subject'] = str_ireplace(array('\'', '"'), '', $data['subject']);
$data['subject'] = $db->escape($data['subject']);
$data['message'] = filter_var($data['message'], FILTER_SANITIZE_STRING);
$data['message'] = str_ireplace(array('\'', '"'), '', $data['message']);
$data['message'] = $db->escape($data['message']);
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "SET NAMES UTF8");
$sql = "\n\t\tUPDATE `" . DB_PREFIX . MY_PREFIX . "my_admin_messages`\n\t\tSET `parent_id` = " . intval($data['parent_id']) . ",\n\t\t\t `subject` = '{$data['subject']}',\n\t\t\t `message` = '{$data['message']}',\n\t\t\t `message_type` = '{$data['type']}',\n\t\t\t `message_subtype` = '{$data['subtype']}',\n\t\t\t `decrypted` = 1\n\t\tWHERE `id` = {$id}\n\t\t";
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, $sql);
print json_encode(array('parent_id' => $data['parent_id']));
die('browser');
}
define('DC', true);
define('ABSPATH', dirname(dirname(__FILE__)) . '/');
set_time_limit(0);
require_once ABSPATH . 'db_config.php';
require_once ABSPATH . 'includes/autoload.php';
require_once ABSPATH . 'includes/errors.php';
$db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT);
// гео-декодирование
$res = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `id`,\n\t\t\t\t\t `latitude`,\n\t\t\t\t\t `longitude`\n\t\tFROM `" . DB_PREFIX . "cf_projects`\n\t\tWHERE `geo_checked`= 0\n\t\t");
while ($row = $db->fetchArray($res)) {
$tpl['projects'][$row['id']] = $row;
$data = json_decode(file_get_contents("http://maps.googleapis.com/maps/api/geocode/json?latlng={$row['latitude']},{$row['longitude']}&sensor=true_or_false"), true);
$data = $data['results'][sizeof($data['results']) - 2];
$country = $db->escape($data['address_components'][1]['short_name']);
$city = $db->escape($data['address_components'][0]['long_name']);
print $country . ' / ' . $city . "\n";
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_projects`\n\t\t\tSET `country` = '{$country}',\n\t\t\t\t\t`city` = '{$city}',\n\t\t\t\t\t`geo_checked`= 1\n\t\t\tWHERE `id` = {$row['id']}\n\t\t");
}
// финансирование проектов
$res = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `id`,\n\t\t\t\t\t `project_id`,\n\t\t\t\t\t `amount`\n\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\tWHERE `checked`= 0\n\t\t");
while ($row = $db->fetchArray($res)) {
// отмечаем, чтобы больше не брать
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_funding`\n\t\t\tSET `checked` = 1\n\t\t\tWHERE `id` = {$row['id']}\n\t\t");
// сколько собрано средств
$funding = (int) $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tSELECT sum(`amount`)\n\t\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\t\tWHERE `project_id` = {$row['project_id']} AND\n\t\t\t\t\t\t`del_block_id` = 0\n\t\t\t", 'fetch_one');
// сколько всего фундеров
$count_funders = (int) $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tSELECT `id`\n\t\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\t\tWHERE `project_id` = {$row['project_id']} AND\n\t\t\t\t\t\t`del_block_id` = 0\n\t\t\tGROUP BY `user_id`\n\t\t\t", 'num_rows');
// обновляем кол-во фундеров и собранные средства
$db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_projects`\n\t\t\tSET `funding` = {$funding},\n\t\t\t\t\t`funders` = {$count_funders}\n\t\t\tWHERE `id` = {$row['project_id']}\n\t\t\t");
