<?php
include('../inc/conf.php');
ini_set('session.use_cookies', 'On');
ini_set('session.use_trans_sid', 'Off');
session_set_cookie_params(604800000, "/", SITE, false, false);
session_start();
if (!isset($_SESSION["uid"])){
echo "5";
exit;
}
if(isset($_POST['sum'])){
if(!empty($_POST['sum'])){
$uid = intval($_SESSION["uid"]);
$sum = preg_replace("#[^\.\-0-9]+#i",'',mysqli_real_escape_string($connect_db, $_POST["sum"]));
$nb = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT bal,ps,nu FROM t_users WHERE uid='$uid'"));
$nbal = $nb['bal'];
$ps = $nb['ps'];
$nu = $nb['nu'];
if (empty($ps) || empty($nu)) { echo '7'; exit; }
if ($nbal < 50) { echo '4'; exit; }
if ($nbal < $sum) { echo '3'; exit; }
if ($sum < 50) { echo '2'; exit; }
$dt = time();
mysqli_query($connect_db, "INSERT INTO `t_out` (usr,sum,ps,nu,dt) VALUES ('$uid','$sum','$ps','$nu','$dt')");
mysqli_query($connect_db, "UPDATE `t_users` SET `bal` = `bal`-'$sum' WHERE uid = '$uid'");
echo '1';
} else { echo '0'; }
} else { echo '6'; }
?>