<?
include('../admin/db.php');
//echo crypt('test', base64_encode('test'));
if(!$verotelPostbackEnabled) { 
	exit("Please enable Verotel postback in script configuration"); 
}
$SUCCESS = 'APPROVED';
$FAILURE = 'ERROR';
$log = print_r($_REQUEST,true);


file_put_contents($basepath.'/cache/verotel.txt',date('Y-m-d H:i:s').$log."\n\n\r\r",FILE_APPEND);
$_REQUEST = mysql_real_escape_array($_REQUEST); 

if($_REQUEST['trn'] == 'add' || $_REQUEST['trn'] == 'modify') {
	$result = mysqli_query($dblink,"SELECT * FROM users WHERE username = '$_REQUEST[usercode]'");
	if(mysqli_num_rows($result) > 0) {
		if(mysqli_query($dblink,"UPDATE users SET premium = 1, password = md5('$_POST[passcode]'), salt = '' WHERE username = '$_REQUEST[usercode]'")) {
			echo $SUCCESS;
		}
		else {
			echo $FAILURE;
		}
	}
	else {
		if(mysqli_query($dblink,"INSERT INTO users (username, password, premium) VALUES ('$_REQUEST[usercode]', md5('$_REQUEST[passcode]'),1)")) {
			echo $SUCCESS;		
		}
		else {
			echo $FAILURE;
		}
	}
} elseif($_REQUEST['trn'] == 'REMOVE') {
	if(mysqli_query($dblink,"DELETE FROM users username = '$_REQUEST[usercode]'")) {
		echo $SUCCESS;
	}
	else {
		echo $FAILURE;
	}
} else { 
	echo $SUCCESS; //default to success message so we don't throw errors on other functions we aren't using here.
}
?>