<?php session_start(); if (empty($_SESSION['user_id'])) { die('!user_id'); } define('DC', TRUE); define('ABSPATH', dirname(dirname(__FILE__)) . '/'); set_time_limit(0); //require_once( ABSPATH . 'includes/errors.php' ); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); require_once ABSPATH . 'lang/' . get_lang() . '.php'; $project_currency_name = $db->escape($_REQUEST['project_currency_name']); if (!check_input_data($project_currency_name, 'cf_currency_name')) { die(json_encode(array('error' => $lng['incorrect_currency_name']))); } // проверим, не занято ли имя валюты $currency = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\t\tSELECT `id`\n\t\t\t\tFROM `" . DB_PREFIX . "cf_projects`\n\t\t\t\tWHERE `project_currency_name` = '{$project_currency_name}' AND\n\t\t\t\t\t\t\t `close_block_id` = 0 AND\n\t\t\t\t\t\t\t `del_block_id` = 0\n\t\t\t\tLIMIT 1\n\t\t\t\t", 'fetch_one'); if ($currency) { die(json_encode(array('error' => $lng['currency_name_busy']))); } // проверим, не занято ли имя валюты $currency = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\t\tSELECT `id`\n\t\t\t\tFROM `" . DB_PREFIX . "cf_currency`\n\t\t\t\tWHERE `name` = '{$project_currency_name}'\n\t\t\t\tLIMIT 1\n\t\t\t\t", 'fetch_one'); if ($currency) { die(json_encode(array('error' => $lng['currency_name_busy']))); } print json_encode(array('success' => $lng['name_is_not_occupied']));
session_start(); if (empty($_SESSION['user_id'])) { die('!user_id'); } define('DC', TRUE); define('ABSPATH', dirname(dirname(__FILE__)) . '/'); set_time_limit(0); //require_once( ABSPATH . 'includes/errors.php' ); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); if (!empty($_SESSION['restricted'])) { die('Permission denied'); } $my_user_id = $_SESSION['user_id']; $min_amount = $db->escape($_REQUEST['min_amount']); $currency_id = $db->escape($_REQUEST['currency_id']); $ps_id = $db->escape($_REQUEST['payment_system_id']); if (!check_input_data($min_amount, 'amount')) { die('error min_amount'); } if (!check_input_data($currency_id, 'int')) { die('error currency_id'); } if (!check_input_data($ps_id, 'int')) { die('error payment_system_id'); } $max_promised_amounts = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `amount`\n\t\tFROM `" . DB_PREFIX . "max_promised_amounts`\n\t\tWHERE `currency_id` = {$currency_id}\n\t\tORDER BY `time` DESC\n\t\tLIMIT 1\n\t\t", 'fetch_one'); if ($ps_id) { $add_sql = " (`ps1` = {$ps_id} OR `ps2` = {$ps_id} OR `ps3` = {$ps_id} OR `ps4` = {$ps_id} OR `ps5` = {$ps_id}) AND"; } else {
session_start(); if (empty($_SESSION['user_id'])) { die('!user_id'); } define('DC', TRUE); define('ABSPATH', dirname(dirname(__FILE__)) . '/'); //require_once( ABSPATH . 'includes/errors.php' ); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; if (!empty($_SESSION['restricted'])) { die('Permission denied'); } $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); if (!check_input_data($_REQUEST['parent_id'], 'int')) { die('error parent_id'); } if (!check_input_data($_REQUEST['message_type'], 'int')) { die('error type'); } if (!check_input_data($_REQUEST['message_subtype'], 'int')) { die('error subtype'); } $parent_id = intval($_REQUEST['parent_id']); $message_type = intval($_REQUEST['message_type']); $message_subtype = intval($_REQUEST['message_subtype']); $subject = $db->escape($_REQUEST['subject']); $message = $db->escape($_REQUEST['message']); define('MY_PREFIX', get_my_prefix($db)); $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "SET NAMES UTF8"); $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tINSERT INTO `" . DB_PREFIX . MY_PREFIX . "my_admin_messages` (\n\t\t\t\t`parent_id`,\n\t\t\t\t`subject`,\n\t\t\t\t`message`,\n\t\t\t\t`message_type`,\n\t\t\t\t`message_subtype`,\n\t\t\t\t`decrypted`\n\t\t\t)\n\t\t\tVALUES (\n\t\t\t\t{$parent_id},\n\t\t\t\t'{$subject}',\n\t\t\t\t'{$message}',\n\t\t\t\t{$message_type},\n\t\t\t\t'{$message_subtype}',\n\t\t\t\t1\n\t\t\t)"); print $db->getInsertId();
<?php session_start(); define('DC', TRUE); define('ABSPATH', dirname(dirname(__FILE__)) . '/'); //require_once( ABSPATH . 'includes/errors.php' ); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); $lang = get_lang(); require_once ABSPATH . 'lang/' . $lang . '.php'; $dc_currency_id = intval($_REQUEST['dc_currency_id']); $currency_id = intval($_REQUEST['currency_id']); $amount = $db->escape($_REQUEST['amount']); if (!preg_match('/^[0-9]{0,6}(\\.[0-9]{0,8})?$/D', $amount) || $amount == 0) { die(json_encode(array('error' => 'amount_error'))); } $currency_list = get_currency_list($db); $config = get_node_config(); if ($config['cf_available_coins_url']) { $url = "{$config['cf_available_coins_url']}?dc_currency_id={$dc_currency_id}¤cy_id={$currency_id}&amount={$amount}"; $answer = file_get_contents($url); $answer_array = json_decode($answer, true); if (!isset($answer_array['success'])) { echo json_encode(array('error' => str_ireplace(array('[url]', '[amount]', '[currency_name]'), array('<a href="' . $config['cf_exchange_url'] . '">' . $config['cf_exchange_url'] . '</a>', $answer_array['error'], 'D' . $currency_list[$dc_currency_id]), $lng['no_DC']))); } else { echo $answer; } }
define('ABSPATH', dirname(dirname(__FILE__)) . '/'); set_time_limit(0); //require_once( ABSPATH . 'includes/errors.php' ); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); if (!empty($_SESSION['restricted'])) { die('Permission denied'); } $_REQUEST['data'] = str_ireplace("\n", "<br>", $_REQUEST['data']); $data = json_decode($_REQUEST['data'], true); $id = intval($_REQUEST['id']); if (!check_input_data($data['parent_id'], 'int')) { die('error parent_id'); } if (!check_input_data($data['type'], 'int')) { die('error type'); } if (!check_input_data($data['subtype'], 'int')) { die('error subtype'); } $data['subject'] = filter_var($data['subject'], FILTER_SANITIZE_STRING); $data['subject'] = str_ireplace(array('\'', '"'), '', $data['subject']); $data['subject'] = $db->escape($data['subject']); $data['message'] = filter_var($data['message'], FILTER_SANITIZE_STRING); $data['message'] = str_ireplace(array('\'', '"'), '', $data['message']); $data['message'] = $db->escape($data['message']); $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "SET NAMES UTF8"); $sql = "\n\t\tUPDATE `" . DB_PREFIX . MY_PREFIX . "my_admin_messages`\n\t\tSET `parent_id` = " . intval($data['parent_id']) . ",\n\t\t\t `subject` = '{$data['subject']}',\n\t\t\t `message` = '{$data['message']}',\n\t\t\t `message_type` = '{$data['type']}',\n\t\t\t `message_subtype` = '{$data['subtype']}',\n\t\t\t `decrypted` = 1\n\t\tWHERE `id` = {$id}\n\t\t"; $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, $sql); print json_encode(array('parent_id' => $data['parent_id']));
die('browser'); } define('DC', true); define('ABSPATH', dirname(dirname(__FILE__)) . '/'); set_time_limit(0); require_once ABSPATH . 'db_config.php'; require_once ABSPATH . 'includes/autoload.php'; require_once ABSPATH . 'includes/errors.php'; $db = new MySQLidb(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME, DB_PORT); // гео-декодирование $res = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `id`,\n\t\t\t\t\t `latitude`,\n\t\t\t\t\t `longitude`\n\t\tFROM `" . DB_PREFIX . "cf_projects`\n\t\tWHERE `geo_checked`= 0\n\t\t"); while ($row = $db->fetchArray($res)) { $tpl['projects'][$row['id']] = $row; $data = json_decode(file_get_contents("http://maps.googleapis.com/maps/api/geocode/json?latlng={$row['latitude']},{$row['longitude']}&sensor=true_or_false"), true); $data = $data['results'][sizeof($data['results']) - 2]; $country = $db->escape($data['address_components'][1]['short_name']); $city = $db->escape($data['address_components'][0]['long_name']); print $country . ' / ' . $city . "\n"; $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_projects`\n\t\t\tSET `country` = '{$country}',\n\t\t\t\t\t`city` = '{$city}',\n\t\t\t\t\t`geo_checked`= 1\n\t\t\tWHERE `id` = {$row['id']}\n\t\t"); } // финансирование проектов $res = $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\tSELECT `id`,\n\t\t\t\t\t `project_id`,\n\t\t\t\t\t `amount`\n\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\tWHERE `checked`= 0\n\t\t"); while ($row = $db->fetchArray($res)) { // отмечаем, чтобы больше не брать $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_funding`\n\t\t\tSET `checked` = 1\n\t\t\tWHERE `id` = {$row['id']}\n\t\t"); // сколько собрано средств $funding = (int) $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tSELECT sum(`amount`)\n\t\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\t\tWHERE `project_id` = {$row['project_id']} AND\n\t\t\t\t\t\t`del_block_id` = 0\n\t\t\t", 'fetch_one'); // сколько всего фундеров $count_funders = (int) $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tSELECT `id`\n\t\t\tFROM `" . DB_PREFIX . "cf_funding`\n\t\t\tWHERE `project_id` = {$row['project_id']} AND\n\t\t\t\t\t\t`del_block_id` = 0\n\t\t\tGROUP BY `user_id`\n\t\t\t", 'num_rows'); // обновляем кол-во фундеров и собранные средства $db->query(__FILE__, __LINE__, __FUNCTION__, __CLASS__, __METHOD__, "\n\t\t\tUPDATE `" . DB_PREFIX . "cf_projects`\n\t\t\tSET `funding` = {$funding},\n\t\t\t\t\t`funders` = {$count_funders}\n\t\t\tWHERE `id` = {$row['project_id']}\n\t\t\t");