Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require_once '../dbconnect.php';
- include '../aes.php';
- $Key = "123";
- $blockSize = 256;
- // if( !isset($_SESSION['admin']) ) {
- // header("Location: index.php");
- // exit;
- // }
- if (isset($_GET['del'])) {
- $id = $_GET['del'];
- $sql = "DELETE FROM pending WHERE id = :id";
- $select = $db->prepare($sql);
- $select->bindValue(':id', $id, PDO::PARAM_INT);
- $select->execute();
- //header("Location: pending.php");
- } elseif (isset($_GET['conf'])) {
- $id = $_GET['conf'];
- //id da compra pega o nome do usuario
- $sql = "SELECT * FROM pending WHERE id = :id";
- $select = $db->prepare($sql);
- $select->bindValue(':id', $id, PDO::PARAM_INT);
- $select->execute();
- $response = $select->fetchall();
- //tratamento dos dados
- $products = trim($response[0]['purchase']);
- $products = explode(";", $products);
- $products = array_filter($products);
- $quantity = trim($response[0]['quantity']);
- $quantity = explode(";", $quantity);
- $quantity = array_filter($quantity);
- $user = $response[0]['userName'];
- $count = count($products);
- //atraves do nome pega o id do usuario
- $sql2 = "SELECT userId FROM users WHERE userName = :name";
- $select2 = $db->prepare($sql2);
- $select2->bindValue(':name', $user, PDO::PARAM_INT);
- $userid = $select2->execute();
- for ($i=0; $i<$count; $i++) {
- switch ($products[$i]) {
- case "Product1":
- $database = "lol";
- $account = ";LOL: ";
- break;
- case "Product2":
- $database = "csgo";
- $account = ";CSGO: ";
- break;
- }
- $sql = "SELECT id, email, password FROM $database";
- $statement = $db->prepare($sql);
- $statement->execute();
- $response = $statement->fetch(PDO::FETCH_ASSOC);
- $purchased = $response['id'];
- $email = $response['email'];
- $aes = new AES($email, $Key, $blockSize);
- $aes->setData($email);
- $email=$aes->decrypt();
- $password = $response['password'];
- $aes = new AES($password, $Key, $blockSize);
- $aes->setData($password);
- $password=$aes->decrypt();
- $purchases = $account . $email . " / " . $password;
- $aes = new AES($purchases, $Key, $blockSize);
- $purchases = $aes->encrypt();
- echo $purchases . "<br>";
- $sql = "UPDATE purchases SET purchases = purchases + ".$purchases." WHERE userId = :id";
- $statement = $db->prepare($sql);
- $statement->bindValue(':id', $userid, PDO::PARAM_STR);
- $res = $statement->execute();
- // $sql = "DELETE FROM $database WHERE id = :id";
- // $select = $db->prepare($sql);
- // $select->bindValue(':id', $purchased, PDO::PARAM_INT);
- // $select->execute();
- }
- // header("Location: confdel.php?del=${id}");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement