battles/bank.balans.php

<?
include "config.php";
include "functions.php";// 

if ($_REQUEST['PREVIEW']) {
  $r = mysql_fetch_array(mysql_query("SELECT * FROM `ekrpayments` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;"));
  if($r) {
    echo "__YES__";
  } else {
    echo "__NO__";
  }
die();
}

$hash = strtoupper (md5($_POST['LMI_PAYEE_PURSE'].$_POST['LMI_PAYMENT_AMOUNT'].$_POST['LMI_PAYMENT_NO'].$_POST['LMI_MODE'].$_POST['LMI_SYS_INVS_NO'].
$_POST['LMI_SYS_TRANS_NO'].$_POST['LMI_SYS_TRANS_DATE'].'ctrhtn'.$_POST['LMI_PAYER_PURSE'].$_POST['LMI_PAYER_WM']));

$hash = strtolower (
  md5(
  $_POST['SYSTEM_NAME']."::".
  $_POST['PAYMENT_USERNAME']."::".
  md5('eyruyerjhmernnb2756628782dsdfd')."::".
  $_POST['PAYMENT_ORDER_ID']."::".
  $_POST['PAYMENT_STATUS']."::".
  $_POST['PAYMENT_AMOUNT']."::".
  $_POST['PAYMENT_DESCRIPTION']."::".
  $_POST['RESULT_URL']."::".
  $_POST['SUCCESS_URL']."::".
  $_POST['FAIL_URL']
));

if($_POST['SIGN'] == $hash) {
  $r = mysql_fetch_array(mysql_query("SELECT * FROM `ekrpayments` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;"));
  if($r) {
    mysql_query("UPDATE `bank` SET `ekr`=`ekr`+'".$_POST['PAYMENT_AMOUNT']."' WHERE `id`='".$r['bank']."';");
    echo "__YES__";
    mysql_query("DELETE FROM `ekrpayment` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;");
  } else {
    echo "__NO__";
  }
die();
}
?>
initial commit 2018-01-28 16:40:49 +00:00			`<?`
			`include "config.php";`
			`include "functions.php";//`

			`if ($_REQUEST['PREVIEW']) {`
			$r = mysql_fetch_array(mysql_query("SELECT * FROM `ekrpayments` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;"));
			`if($r) {`
			`echo "__YES__";`
			`} else {`
			`echo "__NO__";`
			`}`
			`die();`
			`}`

			`$hash = strtoupper (md5($_POST['LMI_PAYEE_PURSE'].$_POST['LMI_PAYMENT_AMOUNT'].$_POST['LMI_PAYMENT_NO'].$_POST['LMI_MODE'].$_POST['LMI_SYS_INVS_NO'].`
			`$_POST['LMI_SYS_TRANS_NO'].$_POST['LMI_SYS_TRANS_DATE'].'ctrhtn'.$_POST['LMI_PAYER_PURSE'].$_POST['LMI_PAYER_WM']));`

			`$hash = strtolower (`
			`md5(`
			`$_POST['SYSTEM_NAME']."::".`
			`$_POST['PAYMENT_USERNAME']."::".`
			`md5('eyruyerjhmernnb2756628782dsdfd')."::".`
			`$_POST['PAYMENT_ORDER_ID']."::".`
			`$_POST['PAYMENT_STATUS']."::".`
			`$_POST['PAYMENT_AMOUNT']."::".`
			`$_POST['PAYMENT_DESCRIPTION']."::".`
			`$_POST['RESULT_URL']."::".`
			`$_POST['SUCCESS_URL']."::".`
			`$_POST['FAIL_URL']`
			`));`

			`if($_POST['SIGN'] == $hash) {`
			$r = mysql_fetch_array(mysql_query("SELECT * FROM `ekrpayments` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;"));
			`if($r) {`
			mysql_query("UPDATE `bank` SET `ekr`=`ekr`+'".$_POST['PAYMENT_AMOUNT']."' WHERE `id`='".$r['bank']."';");
			`echo "__YES__";`
			mysql_query("DELETE FROM `ekrpayment` WHERE `id`='".$_POST['PAYMENT_ORDER_ID']."' LIMIT 1;");
			`} else {`
			`echo "__NO__";`
			`}`
			`die();`
			`}`
			`?>`