-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathbonus_cash.php
51 lines (50 loc) · 2.5 KB
/
bonus_cash.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
<?php
session_start();
//session_register("sess_data");
include("vars.php");
include("headfoot.php");
include("auth.php");
mysql_connect($db_host, $db_user, $db_pwd);
mysql_select_db($db_name);
$res = checkauth();
$usrid = mysql_result($res, 0, "id");
if ($_SESSION['sess_data']['ccwon'] != 'ccreallycc' || $_GET['next'] != md5($_SESSION['sess_data']['surf_encoder_vals'])) {
header("Location: $self_url" . "surf.php?next=" . $_GET['next']);
mysql_close;
exit;
}
unset($_SESSION['sess_data']['ccwon']);
$res = mysql_query("select value from adminprops where field='contcx'");
if (mysql_result($res, 0, "value") != 0) {
$contcx = mysql_result($res, 0, "value");
$res = mysql_query("select value from adminprops where field='contcy'");
$contcy = mysql_result($res, 0, "value");
} else {
header("Location: $self_url" . "surf.php?next=" . $_GET['next']);
mysql_close;
exit;
}
if ($contcy != $_SESSION['sess_data']['contcy']) {
$_SESSION['sess_data']['contcy'] = $contcy;
}
if ($contcx != $_SESSION['sess_data']['contcx']) {
header("Location: $self_url" . "surf.php?next=" . $_GET['next']);
mysql_close;
exit;
}
$get_stats = mysql_query("SELECT * FROM monthly_stats WHERE usrid=$usrid && yearis=" . date("Y") . " && monthis=" . date("m"));
if (mysql_num_rows($get_stats) == 0) {
$ins_upd = mysql_query("INSERT INTO monthly_stats (usrid, sbcash_earned, tot_owed, monthis, yearis) VALUES ($usrid, " . $_SESSION['sess_data']['contcy'] . ", " . $_SESSION['sess_data']['contcy'] . ", " . date("m") . ", " . date("Y") . ")") or die (mysql_error());
} else {
$ins_upd = mysql_query("UPDATE monthly_stats SET sbcash_earned=sbcash_earned+" . $_SESSION['sess_data']['contcy'] . ", tot_owed=tot_owed+" . $_SESSION['sess_data']['contcy'] . " WHERE usrid=$usrid && yearis=" . date("Y") . " && monthis=" . date("m")) or die (mysql_error());
}
$res = mysql_query("update user set roi_cash=roi_cash+" . $_SESSION['sess_data']['contcy'] . ", lifetime_cash=lifetime_cash+" . $_SESSION['sess_data']['contcy'] . ", sb_cash=sb_cash+" . $_SESSION['sess_data']['contcy'] . " where id=$usrid") or die (mysql_error());
$surpres = mysql_query("update adminprops set value=value-" . $_SESSION['sess_data']['contcy'] . " where field='csurpl'");
secheader();
echo("<h4>Bonus Cash Won!</h4>
<p>Congratulations! <b>\$" . $_SESSION['sess_data']['contcy'] . " Cash</b> was just added to your account!</p>\n<p><a href=$self_url" . "surf.php?next=" . $_GET['next'] . ">Continue back To Surf</a><br>
<a href=$self_url" . "members/>Go To Member Area</a></p>\n");
secfooter();
mysql_close;
exit;
?>