<?php function getIP() { if(isset($_SERVER['HTTP_X_REAL_IP'])) return $_SERVER['HTTP_X_REAL_IP']; return $_SERVER['REMOTE_ADDR']; } if(getIP() != '31.186.100.49' && getIP() != '178.132.203.105' && getIP() != '52.29.152.23' && getIP() != '52.19.56.234') { die('..|.,'); } function getResponseError($message) { return json_encode( array( 'error' => array( 'message' => $message ) ) ); } function getResponseSuccess($message) { return json_encode( array( 'result' => array( 'message' => $message ) ) ); } date_default_timezone_set('Europe/Moscow'); $c = array( /* MySQL Áàçà äàííûõ */ 'db_name' => 'pay_operations', //Òàáëèöà â êîòîðóþ çàíîñÿòñÿ äàííûå 'db_host' => 'localhost', 'db_user' => 'newcom1_abk', 'db_pass' => '4nWYsIM[c?}P', 'db_base' => 'newcom1_abk', /* Íàñòðîéêè ïëàòåæåé 'ip_list' => array('127,0,0,1,188.166.34.68,136.243.38.147,136.243.38.149,136.243.38.150,136.243.38.151,136.243.38.189,88.198.88.98'), //Óêàçûâàòü ÷åðåç çàïÿòóþ (Ðàçðåøåííûå IP) 'key' => 'qtzl0igb', //gamedealer key 'id' => '65643' //ID ïðîåêòà*/ ); function connect_db($c) { $db = mysql_connect($c['db_host'],$c['db_user'],$c['db_pass']) or die('Îøèáêà ïîäêëþ÷åíèÿ ê MySQL ñåðâåðó!'); mysql_select_db($c['db_base'],$db) or die('Îøèáêà ïîäêëþ÷åíèÿ ê áàçå äàííûõ!'); mysql_query('SET NAMES cp1251'); } function getFormSignature($account, $currency, $sum, $secretKey) { $hashStr = $account.'{up}'.$currency.'{up}'.$sum.'{up}'.$secretKey; return hash('sha256', $hashStr); } $request=$_GET; if (empty($request['method']) || empty($request['params']) || !is_array($request['params']) ) { echo getResponseError('Invalid request'); die(); } $method = $request['method']; $params = $request['params']; if ($_GET['method']=="check") { echo getResponseSuccess('CHECK is successful'); die(); //echo "Çàïðîñ óñïåøíî îáðàáîòàí".$pays['account']; //echo getFormSignature($_GET['params[account]'],"RUB",$_GET['params[payerSum]'],"392bb04608af9aa823a277173c83f633");; } //MERCHANT_ORDER_ID=142&P_PHONE=380688028300&P_EMAIL=evhenii_kula%40mail.ru&CUR_ID=94&AMOUNT=90&MERCHANT_ID=65643&SIGN=c0fc70d5446614597d44ff13f2c7a6a5&intid=29728441 /* MERCHANT_ORDER_ID P_PHONE P_EMAIL CUR_ID AMOUNT MERCHANT_ID SIGN intid https://àäðåñ_âàøåãî_îáðàáîò÷èêà? method=check params[account]=userId params[date]=2012-10-01 12:32:00 params[operator]=beeline params[paymentType]=mc params[projectId]=1 params[phone]=9XXXXXXXXX params[payerSum]=10.00 params[payerCurrency]=RUB params[signature]=9bdf52a4830779a1383ac24f1b3ed054 params[orderSum]=10.00 params[orderCurrency]=RUB params[unitpayId]=1234567 params[test]=0 */ if ($_GET['method']=="pay") { connect_db($c); $nick = mysql_fetch_array(mysql_query('SELECT * FROM `pay_operation` WHERE `id` = "'.$params['account'].'" LIMIT 1')); if (!isset($nick['good'])) { echo getResponseError('Bad order'); die(); } $user = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.$nick['uid'].'" LIMIT 1')); if (isset ($params['account'])) { if ($nick['good']!=0) { echo getResponseError('Already Used'); die(); } else { mysql_query('UPDATE `users` SET `money2` = `money2` + '.$nick['ekr'].' WHERE `id` = "'.$nick['uid'].'" LIMIT 1'); mysql_query('UPDATE `pay_operation` SET `good` = "'.time().'" WHERE `id` = "'.$params['account'].'" LIMIT 1'); mysql_query('UPDATE `users` SET `catch` = `catch` + '.$nick['ekr'].' WHERE `id` = "'.$nick['uid'].'" LIMIT 1'); //mysql_query('INSERT INTO `'.$c['db_name'].'` (`time`,`type`,`ip`,`value`,`money`,`project`) VALUES ("'.time().'","'.mysql_real_escape_string($type).'","'.$_SERVER['HTTP_X_REAL_IP'].'","'.mysql_real_escape_string($value).'","'.mysql_real_escape_string($money).'","'.mysql_real_escape_string($this->id).'")'); $r = '<span class=date>'.date('d.m.Y H:i').'</span> Àëõèìèê <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Àäìèíèñòðàòîð</b> / Àâòîìàòè÷åñêàÿ îïëàòà</u> ñîîáùàåò: '; if($user['sex'] == 1) { $r .= 'Óâàæàåìàÿ'; } else { $r .= 'Óâàæàåìûé'; } $r .= ' <b>'.$user['login'].'</b>, íà Âàø èãðîâîé ñ÷åò çà÷èñëåíî '.$nick['ekr'].' Åâðîêðåäèòîâ. Áëàãîäàðèì Âàñ çà ïîêóïêó!'; //$str1 = iconv("cp1251","UTF-8",$r); mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$user['city']."','".$user['room']."','','".$user['login']."','".$r."','-1','5','0')"); //echo $r."r<br>"; if ($nick['ref'] !=0) { $refecr=round(($nick['ekr']/10)); mysql_query('UPDATE `users` SET `money2` = `money2` + '.$refecr.' WHERE `id` = "'.$nick['ref'].'" LIMIT 1'); $referal = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.$nick['ref'].'" LIMIT 1')); $r = '<span class=date>'.date('d.m.Y H:i').'</span> Àëõèìèê <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Àäìèíèñòðàòîð</b> / Ðåôåðàëüíûé çàðàáîòîê</u> ñîîáùàåò: '; if($referal['sex'] == 1) { $r .= 'Óâàæàåìàÿ'; } else { $r .= 'Óâàæàåìûé'; } $r .= ' <b>'.$referal['login'].'</b>, íà Âàø èãðîâîé ñ÷åò çà÷èñëåíî '.$refecr.' Åâðîêðåäèòîâ. Áëàãîäîðÿ âàøåìó ðåôåðàëó!'.$user['login'].''; //$str1 = iconv("cp1251","UTF-8",$r); mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$referal['city']."','".$referal['room']."','','".$referal['login']."','".$r."','-1','5','0')"); } //echo "Ïîêóïàòåë: ".$user['login']." | ID: ".$nick['uid']." | Ñóììà: ".$nick['ekr']." | ID îïåðàöèè: ".$params['account']."<br>"; if (isset ($referal['id'])) { //echo "Ðåôåðàë(òîò êòî ïðèâåë): ".$referal['login']." | ID: ".$referal['id']." | Ñóììà: ".$refecr."<br>"; } else { //echo "Ïîëüçîâàòåëü ðåôåðàë íå íàéäåí!!"; } echo getResponseSuccess('PAY is successful'); die(); } } else { echo getResponseError('No order'); die(); } } ?>