0)) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=wrong_amount"); exit(); } if (!(isset($_POST['action']) && $_POST['action'] == "proceed")) { $to_amount = sprintf('%f', $_POST['to_amount']); if (!(isset($to_amount) && is_numeric($to_amount) && $to_amount > 0)) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=wrong_amount"); exit(); } } } else { header ("Location: index.php"); exit(); } $query = "SELECT *, TIMESTAMPDIFF(MINUTE,updated,NOW()) AS last_update_mins FROM exchangerix_exdirections WHERE from_currency='$from_id' AND to_currency='$to_id' AND from_currency IN (SELECT currency_id FROM exchangerix_currencies WHERE allow_send='1' AND (reserve>0 || reserve='') AND status='active') AND to_currency IN (SELECT currency_id FROM exchangerix_currencies WHERE allow_receive='1' AND (reserve>0 || reserve='') AND status='active') AND status='active' LIMIT 1"; $result = smart_mysql_query($query); $total = mysqli_num_rows($result); if ($total > 0) { $row = mysqli_fetch_array($result); $send_row = mysqli_fetch_array(smart_mysql_query("SELECT * FROM exchangerix_currencies WHERE currency_id='$from_id' LIMIT 1")); $receive_row = mysqli_fetch_array(smart_mysql_query("SELECT * FROM exchangerix_currencies WHERE currency_id='$to_id' LIMIT 1")); $gateway = strtolower($receive_row['currency_name']); $ip = mysqli_real_escape_string($conn, getenv("REMOTE_ADDR")); if (filter_var($ip, FILTER_VALIDATE_IP)) $user_ip = $ip; //////////////////////// update rate /////////////////////// if ($row['auto_rate'] == 1 && $row['last_update_mins'] > UPDATE_RATES_MINUTES) { $from = GetCurrencyCode($row['from_currency']); $to = GetCurrencyCode($row['to_currency']); exchagerix_update_rate($from, $to, $row['fee'], $row['exdirection_id']); } //////////////////////////////////////////////////////////// $from_amount = substr(floatval($_POST['from_amount']), 0, 20); $to_amount = $from_amount*$row['exchange_rate']; //fee //dev $to_amount = dtruncate($to_amount, 4); //$to_amount = floatval($from_amount*$row['exchange_rate']); //if (strstr($to_amount, ".")) $to_amount = number_format($to_amount, 4, '.', ''); //$to_amount = round($to_amount, 4); if (!($from_amount > 0 && $to_amount > 0)) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id"); exit(); } if ($row['min_amount'] != "" && $from_amount < $row['min_amount']) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=min_amount"); exit(); } if ($row['max_amount'] != "" && $from_amount > $row['max_amount']) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=max_amount"); exit(); } if ($receive_row['reserve'] > 0 && $to_amount > $receive_row['reserve']) { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=max_amount"); exit(); } if (GetCurrencyReserve($to_id) < $to_amount && GetCurrencyReserve($to_id) != "unlimited") { header("Location: exchange.php?currency_send=$from_id¤cy_receive=$to_id&err=low_reserve"); exit(); } // load user info if (isLoggedIn() && $_POST['action'] != "proceed") { $uquery = "SELECT * FROM exchangerix_users WHERE user_id='".(int)$_SESSION['userid']."' AND status='active' LIMIT 1"; $uresult = smart_mysql_query($uquery); if (mysqli_num_rows($uresult) > 0) { $urow = mysqli_fetch_array($uresult); $fullname = $urow['fname']." ".$urow['lname']; $email = $urow['email']; } else { header("Location: logout.php"); exit(); } } // setup exchange amounts $_SESSION['from_amount'] = $from_amount; $_SESSION['to_amount'] = $to_amount; $ptitle = "Exchange ".GetCurrencyFName($row['from_currency'])." to ".GetCurrencyFName($row['to_currency']); if (isset($_POST['action']) && $_POST['action'] == "proceed") { unset($errs); $errs = array(); if (isLoggedIn()) $user_id = (int)$_SESSION['userid']; else $user_id = 0; $fullname = mysqli_real_escape_string($conn, getPostParameter('fullname')); $email = mysqli_real_escape_string($conn, strtolower(getPostParameter('email'))); $phone = mysqli_real_escape_string($conn, getPostParameter('phone')); //check format //dev $account = mysqli_real_escape_string($conn, getPostParameter('a_field_1')); $tos = (int)getPostParameter('tos'); $new_account = (int)getPostParameter('new_account'); //dev if (isset($_COOKIE['referer_id']) && is_numeric($_COOKIE['referer_id'])) $ref_id = (int)$_COOKIE['referer_id']; $ip = mysqli_real_escape_string($conn, getenv("REMOTE_ADDR")); //$captcha = mysqli_real_escape_string($conn, getPostParameter('captcha')); if (!($fullname && $email && $account)) { $errs[] = CBE1_SIGNUP_ERR; } if (!$account) { if ($gateway == "paypal") { $errs[] = "Please enter a valid Paypal Account (ex: example@domain.com)"; }elseif ($gateway == "payeer") { $errs[] = "Please enter a valid Payeer Account (ex: P1000000)"; }elseif ($gateway == "perfect_money") { $errs[] = "Please enter a valid PerfectMoney Account (ex: Uxxxxxx)"; }elseif ($gateway == "advcash") { $errs[] = "Please enter a valid AdvCash Account (ex: example@gmail.com)"; }elseif ($gateway == "bitcoin") { $errs[] = "Please enter a valid Bitcoin Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "litecoin") { $errs[] = "Please enter a valid Litecoin Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "dogecoin") { $errs[] = "Please enter a valid Dogecoin Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "dash") { $errs[] = "Please enter a valid Dash Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "peercoin") { $errs[] = "Please enter a valid Peercoin Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "ethereum") { $errs[] = "Please enter a valid Ethereum Address (ex: 0xaax00110aax00110aax00110aax00110aax00110)"; }elseif ($gateway == "bitcoincash") { $errs[] = "Please enter a valid Bitcoin Cash Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "monero") { $errs[] = "Please enter a valid Monero Address (ex: 4XXXXxxXXx1XXx2xxX3XX456xXx...)"; }elseif ($gateway == "ripple") { $errs[] = "Please enter a valid Ripple Address (ex: rXxxXxxXX15xXxXXxXx3XxxX1XxxXXxX6X)"; }elseif ($gateway == "zcash") { $errs[] = "Please enter a valid Zcash Address (ex: t1XXXXxxXXx1XXx2xxX3XX456xXx)"; }elseif ($gateway == "ethereumclassic") { $errs[] = "Please enter a valid Ethereum Address (ex: 0xaax00110aax00110aax00110aax00110aax00110)"; }elseif ($gateway == "augur") { $errs[] = "Please enter a valid Augur Address (ex: 0xaax00110aax00110aax00110aax00110aax00110)"; }elseif ($gateway == "golem") { $errs[] = "Please enter a valid Golem Address (ex: 0xaax00110aax00110aax00110aax00110aax00110)"; }elseif ($gateway == "gnosis") { $errs[] = "Please enter a valid Gnosis Address (ex: 0xaax00110aax00110aax00110aax00110aax00110)"; }elseif ($gateway == "lisk") { $errs[] = "Please enter a valid Lisk Address (ex: AABBCCDDEEFF0011A)"; }elseif ($gateway == "clams") { $errs[] = "Please enter a valid Clams Address (ex: xXxXX1xxXxxXx1xX1xXxx1xXXxXxXXxXxx)"; }elseif ($gateway == "namecoin") { $errs[] = "Please enter a valid Namecoin Address (ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; }else { //$errs[] = "Please enter a valid account for receiving"; } } if ($gateway == "bitcoin" && $account != "" && !checkBitcoinAddress($account)) { $errs[] = "Please enter a valid Bitcoin Address
(ex: 1XXXXxxXXx1XXx2xxX3XX456xXx)"; } if (isset($email) && $email != "" && !preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $email)) { $errs[] = CBE1_SIGNUP_ERR4; } if (!(isset($tos) && $tos == 1)) { $errs[] = CBE1_SIGNUP_ERR9; } /* if (count($errs) == 0) $check_query = "SELECT * FROM exchangerix_transactions WHERE amount='$amount' OR email='$email' AND ip='' AND created IN 10 minutes LIMIT 1"; $check_result = smart_mysql_query($check_query); if (mysqli_num_rows($check_result) != 0) { $errs[] = "Transaction is exists". You can make transaction in next 5 minutes."; } } */ if (count($errs) == 0) { $exdirection_id = (int)$row['exdirection_id']; $reference_id = GenerateReferenceID(); $country = @country_ip($ip); $country = mysqli_real_escape_string($conn, $country); $exchange_amount = floatval($_SESSION['from_amount']); $receive_amount = floatval($_SESSION['to_amount']); $from_currency = mysqli_real_escape_string($conn, $send_row['currency_name']." ".$send_row['currency_code']); $to_currency = mysqli_real_escape_string($conn, $receive_row['currency_name']." ".$receive_row['currency_code']); $ex_from_rate = floatval($row['from_rate']); $ex_to_rate = floatval($row['to_rate']); /////////////// create new account /////////////// if ($new_account == 1) { $pwd = mysqli_real_escape_string($conn, generatePassword(10)); $fullname_arr = explode(" ", $fullname); $fname = ucfirst(trim($fullname_arr[0])); $lname = ucfirst(trim($fullname_arr[1])); //$activation_key = GenerateKey($email); $unsubscribe_key = GenerateKey($email); $ucheck_result = smart_mysql_query("SELECT username FROM exchangerix_users WHERE username='$email' OR email='$email' LIMIT 1"); if (mysqli_num_rows($ucheck_result) == 0) { smart_mysql_query("INSERT INTO exchangerix_users SET username='$email', password='".PasswordEncryption($pwd)."', email='$email', fname='$fname', lname='$lname', country='$country', phone='$phone', ref_id='$ref_id', newsletter='1', ip='$ip', status='active', activation_key='$activation_key', unsubscribe_key='$unsubscribe_key', created=NOW()"); $user_id = mysqli_insert_id($conn); ////// Send welcome message ///// $etemplate = GetEmailTemplate('signup'); $esubject = $etemplate['email_subject']; $emessage = $etemplate['email_message']; $emessage = str_replace("{first_name}", $fname, $emessage); $emessage = str_replace("{username}", $email, $emessage); $emessage = str_replace("{password}", $pwd, $emessage); $emessage = str_replace("{login_url}", SITE_URL."login.php", $emessage); $to_email = $fname.' '.$lname.' <'.$email.'>'; SendEmail($to_email, $esubject, $emessage, $noreply_mail = 1); /////////////////////////////////// } } /////////////////////////////////////////////////// /* if ($row['fee'] != "") { if (strstr($row['fee'],"%")) $exchange_fee = CalculatePercentage($exchange_amount, str_replace("%","",$row['fee'])); else $exchange_fee = $row['fee']; } $exchange_fee = floatval($exchange_fee); */ $client_details = $fullname; if ($phone != "") $client_details .= "
".$phone; if (isset($_SESSION['transaction_id']) && $_SESSION['transaction_id'] > 0) { smart_mysql_query("UPDATE exchangerix_exchanges SET exdirection_id='$exdirection_id', user_id='$user_id', reference_id='$reference_id', to_currency_id='$to_id', from_currency_id='$from_id', from_currency='$from_currency', to_currency='$to_currency', ex_from_rate='$ex_from_rate', ex_to_rate='$ex_to_rate', exchange_rate='', exchange_amount='$exchange_amount', receive_amount='$receive_amount', exchange_fee='$exchange_fee', from_account='$from_account', to_account='$account', client_email='$email', country_code='$country', client_details='$client_details', ref_id='$ref_id', status='waiting', notification_sent='0' WHERE exchange_id='".(int)$_SESSION['transaction_id']."' LIMIT 1"); } else { smart_mysql_query("INSERT INTO exchangerix_exchanges SET exdirection_id='$exdirection_id', user_id='$user_id', reference_id='$reference_id', to_currency_id='$to_id', from_currency_id='$from_id', from_currency='$from_currency', to_currency='$to_currency', ex_from_rate='$ex_from_rate', ex_to_rate='$ex_to_rate', exchange_rate='', exchange_amount='$exchange_amount', receive_amount='$receive_amount', exchange_fee='$exchange_fee', from_account='', to_account='$account', client_email='$email', country_code='$country', client_details='$client_details', ref_id='$ref_id', status='waiting', notification_sent='0', created=NOW()"); //$ip $new_id = mysqli_insert_id($conn); $_SESSION['transaction_id'] = $new_id; } header("Location: exchange_step3.php"); exit(); } else { $allerrors = ""; foreach ($errs as $errorname) $allerrors .= $errorname."
"; } } } else { $ptitle = "Exchange"; } /////////////// Page config /////////////// $PAGE_TITLE = $ptitle; $bg_dark = 1; require_once ("inc/header.inc.php"); ?> 0) { ?>

STEP 1
STEP 2
STEP 3

Your Details


Go Back


change

Your Exchange

Amount Send

 

Amount Receive

 

Exchange Rate

  =

   last updated:
Secure Exchange
Your exchange is always safe and secure. 0) { ?>

Exchange amount ( ) will be reserved for minutes.

Note: for security reasons, your IP () was recorded by our system.

Exchange