Skip to content
Snippets Groups Projects
Commit 9de71248 authored by Henoch Einbier's avatar Henoch Einbier
Browse files

Update topframe_paidmail.php

-query -> prepare
-fixed spelling
parent 9e5caba2
2 merge requests!46Release 3.0,!34Update topframe_paidmail.php
......@@ -6,10 +6,8 @@ if (!isset($headmsg)) $headmsg = "";
if (!isset($wait)) $wait = "";
if (!isset($_GET['auszahlen'])) $_GET['auszahlen'] = "false";
//Tan / UID Sichern
//UID Sichern
$_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']);
$sql = sql::$db->prepare ("SELECT `e`.`start`,`e`.`aufendhalt`,`e`.`status`,`e`.`uid`,`v`.`verdienst` FROM `"._VMS_."_paidmails_empfaenger` AS `e`
LEFT JOIN `"._VMS_."_paidmails_versendet` AS `v` ON `v`.`tan` = `e`.`tan`
......@@ -21,7 +19,7 @@ $mail = $sql-> fetch();
if (!isset($_GET['auszahlen']) OR $_GET['auszahlen'] != 'true' ) {
if ($sql -> rowCount()) {
if ($mail['status'] != 0) {
if ($mail['status'] == 1) $headmsg = 'Mail schon bestädigt!';
if ($mail['status'] == 1) $headmsg = 'Mail schon bestätigt!';
if ($mail['status'] == 2) $headmsg = 'Fakeversuch!';
} else {
$headmsg = 'Bitte warte '.$mail['aufendhalt'].' Sek.!';
......@@ -36,15 +34,15 @@ if (!isset($_GET['auszahlen']) OR $_GET['auszahlen'] != 'true' ) {
buchungsliste (create_code(14),$mail['verdienst'],'Paidmailverdienst',$mail['uid']);
refumsatz ($mail['verdienst'],$mail['uid']);
rallysystem ($mail['uid'],'2',$mail['verdienst']);
bilanz(0,$mail['verdienst']);
$sql = sql::$db->query ("UPDATE `"._VMS_."_paidmails_empfaenger` SET `status` = 1 WHERE `tan` = ? and `uid` = ? LIMIT 1");
bilanz(0,$mail['verdienst']);
$sql = sql::$db->prepare ("UPDATE `"._VMS_."_paidmails_empfaenger` SET `status` = 1 WHERE `tan` = ? and `uid` = ? LIMIT 1");
$sql -> execute(array($_GET['tan'], $_GET['uid']));
$sql = sql::$db->query ("UPDATE `"._VMS_."_paidmails_versendet` SET `bestaedigt` = `bestaedigt` + 1 WHERE `tan` = ? LIMIT 1");
$sql = sql::$db->prepare ("UPDATE `"._VMS_."_paidmails_versendet` SET `bestaedigt` = `bestaedigt` + 1 WHERE `tan` = ? LIMIT 1");
$sql -> execute(array($_GET['tan']));
$headmsg = $mail['verdienst'].' '.$system['waehrung'].' gutgeschrieben!';
} else {
$headmsg = 'Wartezeit umgangen! Paidmail ungültig!';
$sql = sql::$db->query ("UPDATE `"._VMS_."_paidmails_empfaenger` SET `status` = 2 WHERE `tan` = ? and `uid` = ? LIMIT 1");
$sql = sql::$db->prepare ("UPDATE `"._VMS_."_paidmails_empfaenger` SET `status` = 2 WHERE `tan` = ? and `uid` = ? LIMIT 1");
$sql -> execute(array($_GET['tan'], $_GET['uid']));
}
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment