<?php
if ($login) {
$sql = 'SELECT `wmz`, `balance`, `ref_id` FROM `users` WHERE `id` = '.$user_id.' LIMIT 1';
$rs = mysql_query($sql);
$r = mysql_fetch_array($rs);
if ($_GET['action'] == 'save') {
$sum = sprintf ("%01.2f", str_replace(',', '.', $_POST['sum']));
$wmz = addslashes($_POST['wmz']);
$sql = 'SELECT balance FROM users WHERE login = "'.$login.'" LIMIT 1';
$rs = mysql_query($sql);
$a = mysql_fetch_array($rs);
if ($sum <= 0) {
print '<p class="er">'.$lng['enter_cor_sum'].'!</p>';
} elseif ($sum < $cfgMinOut || $sum > 1000000) {
print '<p class="er">'.$lng['er_sum_from_to'].' '.$cfgMinOut.' - 1 000 000 '.$cfgCurrency.'!</p>';
} elseif (strlen($r[wmz]) != 13) {
print '<p class="er">'.$lng['er_purse_profile'].'!</p>';
} elseif ($a['balance'] < $sum) {
print '<p class="er">'.$lng['er_no_money'].'!</p>';
} else {
$sql = 'INSERT INTO `output`(`sum`, `date`, `login`, `wmz`) VALUES("'.$sum.'", "'.time().'", "'.$login.'", "'.$r[wmz].'")';
if (mysql_query($sql)) {
$sql = 'UPDATE `users` SET balance = balance - '.$sum.' WHERE login = "'.$login.'" LIMIT 1';
$date = date("d.m.Y");
mysql_query("UPDATE `logs` SET `out` = `out` + ".$sum." WHERE `date` = '".$date."' LIMIT 1");
if (mysql_query($sql)) {
print '<p class="erok">'.$lng['er_enter_admin'].'!</p>';
} else {
print '<p class="er">'.$lng['er_bd'].'!</p>';
}
} else {
print '<p class="er">'.$lng['er_bd'].'!</p>';
}
}
}
print $body;
?>
<br/>
<br/>
<table align="right" valign="middle" width="100%" border="0" cellpadding="2" cellspacing="0" style="border-collapse: separate; padding: 10px;" class="front-signup">
<form action='?action=save' method='post'>
<tr>
<td width="188"><?php print $lng['sum']; ?>: </td>
<td><input type='text' name='sum' value='<?php print sprintf ("%01.2f", $r['balance']); ?>' size="15" maxlength="10" /></td>
</tr>
<tr>
<td colspan="2" height="30"><hr/>
</td>
</tr>
<tr><td colspan="2" style="padding: 15px 0 0 185px;"><input id="prb-distanse" class="prb-mbut" type='submit' name='submit' value=' <?php print $lng['out']; ?> ' /></td></tr>
</form>
</table>
<?php
} else {
print "<p class=\"er\">".$lng['er_no_login']."!</p>";
?><div class="login-block" id="form_login" >
<?php include "lib/auth.php";
?></div> <?php
}
?>