0) { $exchange_id = (int)$_SESSION['transaction_id']; } else { header ("Location: index.php"); exit(); } if (RESERVE_MINUTES > 0) $a_sql = " DATE_ADD(created, INTERVAL ".(int)RESERVE_MINUTES." MINUTE) AS countdate, "; else $a_sql = ""; $query = "SELECT *, TIMESTAMPDIFF(MINUTE, created, now()) as time_ago, $a_sql DATE_FORMAT(created, '".DATE_FORMAT." %h:%i %p') AS payment_date FROM exchangerix_exchanges WHERE exchange_id='$exchange_id' AND (status='waiting' OR status='pending') LIMIT 1"; $result = smart_mysql_query($query); $total = mysqli_num_rows($result); if ($total > 0) { $row = mysqli_fetch_array($result); if (RESERVE_MINUTES > 0 && $row['time_ago'] >= RESERVE_MINUTES) { smart_mysql_query("UPDATE exchangerix_exchanges SET status='timeout', updated=NOW() WHERE exchange_id='$exchange_id' LIMIT 1"); header("Location: payment_declined.php?reason=timeout"); exit(); } $send_row = mysqli_fetch_array(smart_mysql_query("SELECT * FROM exchangerix_currencies WHERE currency_id='".(int)$row['from_currency_id']."' LIMIT 1")); $receive_row = mysqli_fetch_array(smart_mysql_query("SELECT * FROM exchangerix_currencies WHERE currency_id='".(int)$row['to_currency_id']."' LIMIT 1")); $direction_row = mysqli_fetch_array(smart_mysql_query("SELECT *, date(last_exchange_date) AS last_update FROM exchangerix_exdirections WHERE from_currency='".(int)$row['from_currency_id']."' AND to_currency='".(int)$row['to_currency_id']."' AND from_currency IN (SELECT currency_id FROM exchangerix_currencies WHERE allow_send='1' AND (reserve>0 || reserve='') AND status='active') AND to_currency IN (SELECT currency_id FROM exchangerix_currencies WHERE allow_receive='1' AND (reserve>0 || reserve='') AND status='active') AND status='active' LIMIT 1")); $ip = mysqli_real_escape_string($conn, getenv("REMOTE_ADDR")); if (filter_var($ip, FILTER_VALIDATE_IP)) $user_ip = $ip; $ptitle = "Exchange ".$send_row['currency_name']." ".$send_row['currency_code']." to ".$receive_row['currency_name']." ".$receive_row['currency_code']; // cancel exchange if (isset($_GET['action']) && $_GET['action'] == "cancel") { smart_mysql_query("UPDATE exchangerix_exchanges SET status='cancelled', updated=NOW() WHERE exchange_id='$exchange_id' LIMIT 1"); unset($_SESSION['transaction_id']); header ("Location: index.php"); exit(); } // confirm exchange if (isset($_POST['action']) && $_POST['action'] == "confirm") { unset($errs); $errs = array(); $payment_details = mysqli_real_escape_string($conn, nl2br(getPostParameter('payment_details'))); if (!($payment_details)) $errs[] = CBE1_SIGNUP_ERR; if (count($errs) == 0) { if (NEW_EXCHANGE_ALERT == 1) { SendEmail(SITE_ALERTS_MAIL, "New Exchange Completed - ".SITE_TITLE, "Hi,
New currency exchange completed."); } //update reserve smart_mysql_query("UPDATE exchangerix_currencies SET reserve=reserve-'".floatval($row['receive_amount'])."' WHERE currency_id='".(int)$row['to_currency_id']."' LIMIT 1"); if ($direction_row['last_update'] = date("Y-m-d")) $today_ex_sql = "today_exchanges='1', "; else "today_exchanges=today_exchanges+1, "; smart_mysql_query("UPDATE exchangerix_exdirections SET ".$today_ex_sql." total_exchanges=total_exchanges+1, last_exchange_date=NOW() WHERE exdirection_id='".(int)$row['exdirection_id']."' LIMIT 1"); //smart_mysql_query("UPDATE exchangerix_currencies SET reserve=reserve+'".floatval($row['exchange_amount'])."' WHERE currency_id='".(int)$row['from_currency_id']."' LIMIT 1"); //dev email //smart_mysql_query("UPDATE exchangerix_currencies SET total_exchanges=total_exchanges+1 WHERE currency_id='".(int)$row['from_currency']."' LIMIT 1"); //smart_mysql_query("UPDATE exchangerix_currencies SET total_exchanges=total_exchanges+1 WHERE currency_id='".(int)$row['to_currency']."' LIMIT 1"); //smart_mysql_query("UPDATE exchangerix_settings SET setting_value=setting_value+$exchange_amount, WHERE setting_key='total_exchanges_usd' LIMIT 1"); smart_mysql_query("UPDATE exchangerix_exchanges SET from_account='$payment_details', status='pending' WHERE exchange_id='$exchange_id' LIMIT 1"); //is_view = 0 // update proof /////////////////////// if ($_FILES['upfile']['tmp_name']) { if (FILES_MAX_SIZE != "" && is_numeric(FILES_MAX_SIZE)) $files_size = FILES_MAX_SIZE; else $files_size = 2097152; // 2MB $files_size_kb = round($files_size/1024); if (is_uploaded_file($_FILES['upfile']['tmp_name'])) { list($width, $height, $type) = getimagesize($_FILES['upfile']['tmp_name']); $check = getimagesize($_FILES["upfile"]["tmp_name"]); if ($check === false) $errs[] = "File is not an image"; if ($_FILES['upfile']['size'] > $files_size) { $errs[] = "The image file size is too big. It exceeds $files_size_kb Kb"; } elseif (preg_match('/\\.(png|jpg|jpeg|gif)$/i', $_FILES['upfile']['name']) != 1) { $errs[] = "Please upload image file only"; unlink($_FILES['upfile']['tmp_name']); } else { $ext = substr(strrchr($_FILES['upfile']['name'], "."), 1); $save_as = time().rand(10000,1000000).".".$ext; $save_as = mysqli_real_escape_string($conn, $save_as); $upload_path = PUBLIC_HTML_PATH."/uploads/".$save_as; $resized_path = $upload_path; // upload file move_uploaded_file($_FILES['upfile']['tmp_name'], $upload_path); smart_mysql_query("UPDATE exchangerix_exchanges SET proof='$save_as' WHERE exchange_id='$exchange_id' LIMIT 1"); } } } /////////////// // ex_from_rate ex_to_rate //client_details // status $recipient = $row['client_details']. "<".$row['client_email'].">"; SendEmail($recipient, "Thank for your exchange - ".SITE_TITLE, "Hi,

Thank you for your exchange.

ID: ".$row['reference_id']."
Send Amount: ".floatval($row['exchange_amount'])." ".$row['from_currency']."
Receive Amount: ".floatval($row['receive_amount'])." ".$row['to_currency']."
To account: ".$row['to_account']."
Date: ".$row['payment_date']."

You can track your exchange: track exchange

Thank you for working with us!"); header ("Location: payment_success.php?manual=1"); exit(); } else { $allerrors = ""; foreach ($errs as $errorname) $allerrors .= $errorname."
"; } } } else { $ptitle = "Exchange"; } /////////////// Page config /////////////// $PAGE_TITLE = $ptitle; $bg_dark = 1; require_once ("inc/header.inc.php"); ?> 0) { ?>

STEP 1
STEP 2
STEP 3

Exchange Confirmation

Manual Exchange

This is manual exchange. Operator will need some time to review your payment.
Working hours:

Account Receive Details


= 0) { ?>

Our Account Details

Please make payment to our account and insert your payment details in the field below.

0) { $irow = mysqli_fetch_array($iresult); } ?>

Instructions

=0 && strtolower($send_row['currency_name']) == "bitcoin") { //DEV == 0 ?>

Scan QR-code to make payment or send manually to our wallet.

waiting for payment


enctype="multipart/form-data">

 

Your Exchange

0) { ?>
Exchange ID:
Amount Send:
Amount Receive:
Exchange Rate: =
Exchange Fee:
Discount: (%)
Exchange Date:

Total for pay:

Secure Exchange
Your exchange is always safe and secure. 0) { ?>

Exchange amount is reserved for minutes.
Please complete your exchange during this time.

Note: for security reasons, your IP () was recorded by our system.

Exchange

Sorry, no transaction found.