<?php

function getResponseError($message)
{
	return json_encode(
		[
			'error' => [
				'message' => $message,
			],
		]
	);
}

function getResponseSuccess($message)
{
	return json_encode(
		[
			'result' => [
				'message' => $message,
			],
		]
	);
}

date_default_timezone_set('Europe/Moscow');
$c = [
	/* MySQL База данных */
	'db_name' => 'pay_operations', //Таблица в которую заносятся данные
	'db_host' => 'localhost',
	'db_user' => 'newcom1_abk',
	'db_pass' => '4nWYsIM[c?}P',
	'db_base' => 'newcom1_abk',
	/* Настройки платежей
        'ip_list'		=>	array('127,0,0,1,188.166.34.68,136.243.38.147,136.243.38.149,136.243.38.150,136.243.38.151,136.243.38.189,88.198.88.98'), //Указывать через запятую (Разрешенные IP)
        'key'			=>	'qtzl0igb', //gamedealer key
        'id'			=>	'65643' //ID проекта*/
];


function connect_db($c)
{
	$db = mysql_connect($c['db_host'], $c['db_user'], $c['db_pass']) or die('Ошибка подключения к MySQL серверу!');
	mysql_select_db($c['db_base'], $db) or die('Ошибка подключения к базе данных!');
	mysql_query('SET NAMES utf8mb4');
}

function getFormSignature($account, $currency, $sum, $secretKey)
{
	$hashStr = $account . '{up}' . $currency . '{up}' . $sum . '{up}' . $secretKey;
	return hash('sha256', $hashStr);
}


$request = $_GET;
if (empty($request['method'])
	|| empty($request['params'])
	|| !is_array($request['params'])
) {
	echo getResponseError('Invalid request');
	die();
}
$method = $request['method'];
$params = $request['params'];
if ($_GET['method'] == "check") {

	echo getResponseSuccess('CHECK is successful');
	die();

}
//MERCHANT_ORDER_ID=142&P_PHONE=380688028300&P_EMAIL=evhenii_kula%40mail.ru&CUR_ID=94&AMOUNT=90&MERCHANT_ID=65643&SIGN=c0fc70d5446614597d44ff13f2c7a6a5&intid=29728441
/*
MERCHANT_ORDER_ID
P_PHONE
P_EMAIL
CUR_ID
AMOUNT
MERCHANT_ID
SIGN
intid

https://адрес_вашего_обработчика?
 method=check
 params[account]=userId
 params[date]=2012-10-01 12:32:00
 params[operator]=beeline
 params[paymentType]=mc
 params[projectId]=1
 params[phone]=9XXXXXXXXX
 params[payerSum]=10.00
 params[payerCurrency]=RUB
 params[signature]=9bdf52a4830779a1383ac24f1b3ed054
 params[orderSum]=10.00
 params[orderCurrency]=RUB
 params[unitpayId]=1234567
 params[test]=0
*/
if ($_GET['method'] == "pay") {
	connect_db($c);
	$nick = mysql_fetch_array(
		mysql_query('SELECT * FROM `pay_operation` WHERE `id` = "' . $params['account'] . '" LIMIT 1')
	);
	if (!isset($nick['good'])) {
		echo getResponseError('Bad order');
		die();
	}
	$user = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "' . $nick['uid'] . '" LIMIT 1'));
	if (isset ($params['account'])) {
		if ($nick['good'] != 0) {
			echo getResponseError('Already Used');
			die();
		} else {

			mysql_query(
				'UPDATE `users` SET `money2` = `money2` + ' . $nick['ekr'] . ' WHERE `id` = "' . $nick['uid'] . '" LIMIT 1'
			);
			mysql_query(
				'UPDATE `pay_operation` SET `good` = "' . time() . '" WHERE `id` = "' . $params['account'] . '" LIMIT 1'
			);
			mysql_query(
				'UPDATE `users` SET `catch` = `catch` + ' . $nick['ekr'] . ' WHERE `id` = "' . $nick['uid'] . '" LIMIT 1'
			);

			$r = '<span class=date>' . date(
					'd.m.Y H:i'
				) . '</span> Алхимик <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Администратор</b> / Автоматическая оплата</u> сообщает: ';
			if ($user['sex'] == 1) {
				$r .= 'Уважаемая';
			} else {
				$r .= 'Уважаемый';
			}
			$r .= ' <b>' . $user['login'] . '</b>, на Ваш игровой счет зачислено ' . $nick['ekr'] . ' Еврокредитов. Благодарим Вас за покупку!';

			mysql_query(
				"INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','" . $user['city'] . "','" . $user['room'] . "','','" . $user['login'] . "','" . $r . "','-1','5','0')"
			);

			if ($nick['ref'] != 0) {
				$refecr = round(($nick['ekr'] / 10));
				mysql_query(
					'UPDATE `users` SET `money2` = `money2` + ' . $refecr . ' WHERE `id` = "' . $nick['ref'] . '" LIMIT 1'
				);
				$referal = mysql_fetch_array(
					mysql_query('SELECT * FROM `users` WHERE `id` = "' . $nick['ref'] . '" LIMIT 1')
				);
				$r = '<span class=date>' . date(
						'd.m.Y H:i'
					) . '</span> Алхимик <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Администратор</b> / Реферальный заработок</u> сообщает: ';
				if ($referal['sex'] == 1) {
					$r .= 'Уважаемая';
				} else {
					$r .= 'Уважаемый';
				}
				$r .= ' <b>' . $referal['login'] . '</b>, на Ваш игровой счет зачислено ' . $refecr . ' Еврокредитов. Благодоря вашему рефералу!' . $user['login'] . '';
				mysql_query(
					"INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','" . $referal['city'] . "','" . $referal['room'] . "','','" . $referal['login'] . "','" . $r . "','-1','5','0')"
				);
			}

			echo getResponseSuccess('PAY is successful');
			die();
		}

	} else {
		echo getResponseError('No order');
		die();
	}
}