<?php
include('../inc/conf.php');
ini_set('session.use_cookies', 'On');
ini_set('session.use_trans_sid', 'Off');
session_set_cookie_params(604800000, "/", SITE, false, false);
session_start();
if (!isset($_SESSION["uid"])){
echo "2";
exit;
}
if(isset($_POST['id']) && isset($_POST['lvl']) && isset($_POST['addr']) && isset($_POST['anc'])){
if(!empty($_POST['id']) && !empty($_POST['lvl']) && !empty($_POST['addr']) && !empty($_POST['anc'])){
$id = intval($_POST['id']);
$lvl = intval($_POST['lvl']);
$addr = mysqli_real_escape_string($connect_db, $_POST["addr"]);
$lr = stripos($addr , "http");
if ($lr === false) { echo '4'; exit; }
$anc = mysqli_real_escape_string($connect_db, $_POST["anc"]);
if ($lvl < 1 || $lvl > 4) { echo '3'; exit; }
$dt = time();
$uid = intval($_SESSION["uid"]);
$elvl = 'lvl'.$lvl;
$bal = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT uid,bal FROM t_users WHERE uid='$uid'"));
$site = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id,usr,$elvl FROM t_site WHERE id='$id'"));
$sum = $site[$elvl];
$usum = $site[$elvl]*0.80;
if ($bal['bal'] < $sum) { echo '5'; exit; }
mysqli_query($connect_db, "UPDATE `t_users` SET `bal` = bal-$sum WHERE uid='$uid' LIMIT 1");
mysqli_query($connect_db, "INSERT INTO `t_ad` (usr,si,url,anc,lvl,sum,usum,dt) VALUES ('$uid','$id','$addr','$anc','$lvl','$sum','$usum','$dt')");
echo '1';
} else { echo '0'; }
} else { echo '0'; }
?>