<?php
function getIP() {
if(isset($_SERVER['HTTP_X_REAL_IP'])) return $_SERVER['HTTP_X_REAL_IP'];
return $_SERVER['REMOTE_ADDR'];
}
if(getIP() != '31.186.100.49' && getIP() != '178.132.203.105' && getIP() != '52.29.152.23' && getIP() != '52.19.56.234')
{
die('..|.,');
}
function getResponseError($message)
{
return json_encode(
array(
'error' => array(
'message' => $message
)
)
);
}
function getResponseSuccess($message)
{
return json_encode(
array(
'result' => array(
'message' => $message
)
)
);
}
date_default_timezone_set('Europe/Moscow');
$c = array(
/* MySQL Áàçà äàííûõ */
'db_name' => 'pay_operations', //Òàáëèöà â êîòîðóþ çàíîñÿòñÿ äàííûå
'db_host' => 'localhost',
'db_user' => 'newcom1_abk',
'db_pass' => '4nWYsIM[c?}P',
'db_base' => 'newcom1_abk',
/* Íàñòðîéêè ïëàòåæåé
'ip_list' => array('127,0,0,1,188.166.34.68,136.243.38.147,136.243.38.149,136.243.38.150,136.243.38.151,136.243.38.189,88.198.88.98'), //Óêàçûâàòü ÷åðåç çàïÿòóþ (Ðàçðåøåííûå IP)
'key' => 'qtzl0igb', //gamedealer key
'id' => '65643' //ID ïðîåêòà*/
);
function connect_db($c) {
$db = mysql_connect($c['db_host'],$c['db_user'],$c['db_pass']) or die('Îøèáêà ïîäêëþ÷åíèÿ ê MySQL ñåðâåðó!');
mysql_select_db($c['db_base'],$db) or die('Îøèáêà ïîäêëþ÷åíèÿ ê áàçå äàííûõ!');
mysql_query('SET NAMES cp1251');
}
function getFormSignature($account, $currency, $sum, $secretKey)
{
$hashStr = $account.'{up}'.$currency.'{up}'.$sum.'{up}'.$secretKey;
return hash('sha256', $hashStr);
}
$request=$_GET;
if (empty($request['method'])
|| empty($request['params'])
|| !is_array($request['params'])
)
{
echo getResponseError('Invalid request');
die();
}
$method = $request['method'];
$params = $request['params'];
if ($_GET['method']=="check")
{
echo getResponseSuccess('CHECK is successful');
die();
//echo "Çàïðîñ óñïåøíî îáðàáîòàí".$pays['account'];
//echo getFormSignature($_GET['params[account]'],"RUB",$_GET['params[payerSum]'],"392bb04608af9aa823a277173c83f633");;
}
//MERCHANT_ORDER_ID=142&P_PHONE=380688028300&P_EMAIL=evhenii_kula%40mail.ru&CUR_ID=94&AMOUNT=90&MERCHANT_ID=65643&SIGN=c0fc70d5446614597d44ff13f2c7a6a5&intid=29728441
/*
MERCHANT_ORDER_ID
P_PHONE
P_EMAIL
CUR_ID
AMOUNT
MERCHANT_ID
SIGN
intid
https://àäðåñ_âàøåãî_îáðàáîò÷èêà?
method=check
params[account]=userId
params[date]=2012-10-01 12:32:00
params[operator]=beeline
params[paymentType]=mc
params[projectId]=1
params[phone]=9XXXXXXXXX
params[payerSum]=10.00
params[payerCurrency]=RUB
params[signature]=9bdf52a4830779a1383ac24f1b3ed054
params[orderSum]=10.00
params[orderCurrency]=RUB
params[unitpayId]=1234567
params[test]=0
*/
if ($_GET['method']=="pay")
{
connect_db($c);
$nick = mysql_fetch_array(mysql_query('SELECT * FROM `pay_operation` WHERE `id` = "'.$params['account'].'" LIMIT 1'));
if (!isset($nick['good']))
{
echo getResponseError('Bad order');
die();
}
$user = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.$nick['uid'].'" LIMIT 1'));
if (isset ($params['account']))
{
if ($nick['good']!=0)
{
echo getResponseError('Already Used');
die();
}
else
{
mysql_query('UPDATE `users` SET `money2` = `money2` + '.$nick['ekr'].' WHERE `id` = "'.$nick['uid'].'" LIMIT 1');
mysql_query('UPDATE `pay_operation` SET `good` = "'.time().'" WHERE `id` = "'.$params['account'].'" LIMIT 1');
mysql_query('UPDATE `users` SET `catch` = `catch` + '.$nick['ekr'].' WHERE `id` = "'.$nick['uid'].'" LIMIT 1');
//mysql_query('INSERT INTO `'.$c['db_name'].'` (`time`,`type`,`ip`,`value`,`money`,`project`) VALUES ("'.time().'","'.mysql_real_escape_string($type).'","'.$_SERVER['HTTP_X_REAL_IP'].'","'.mysql_real_escape_string($value).'","'.mysql_real_escape_string($money).'","'.mysql_real_escape_string($this->id).'")');
$r = '<span class=date>'.date('d.m.Y H:i').'</span> Àëõèìèê <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Àäìèíèñòðàòîð</b> / Àâòîìàòè÷åñêàÿ îïëàòà</u> ñîîáùàåò: ';
if($user['sex'] == 1)
{
$r .= 'Óâàæàåìàÿ';
}
else
{
$r .= 'Óâàæàåìûé';
}
$r .= ' <b>'.$user['login'].'</b>, íà Âàø èãðîâîé ñ÷åò çà÷èñëåíî '.$nick['ekr'].' Åâðîêðåäèòîâ. Áëàãîäàðèì Âàñ çà ïîêóïêó!';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$user['city']."','".$user['room']."','','".$user['login']."','".$r."','-1','5','0')");
//echo $r."r<br>";
if ($nick['ref'] !=0)
{
$refecr=round(($nick['ekr']/10));
mysql_query('UPDATE `users` SET `money2` = `money2` + '.$refecr.' WHERE `id` = "'.$nick['ref'].'" LIMIT 1');
$referal = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `id` = "'.$nick['ref'].'" LIMIT 1'));
$r = '<span class=date>'.date('d.m.Y H:i').'</span> Àëõèìèê <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Àäìèíèñòðàòîð</b> / Ðåôåðàëüíûé çàðàáîòîê</u> ñîîáùàåò: ';
if($referal['sex'] == 1)
{
$r .= 'Óâàæàåìàÿ';
}
else
{
$r .= 'Óâàæàåìûé';
}
$r .= ' <b>'.$referal['login'].'</b>, íà Âàø èãðîâîé ñ÷åò çà÷èñëåíî '.$refecr.' Åâðîêðåäèòîâ. Áëàãîäîðÿ âàøåìó ðåôåðàëó!'.$user['login'].'';
//$str1 = iconv("cp1251","UTF-8",$r);
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$referal['city']."','".$referal['room']."','','".$referal['login']."','".$r."','-1','5','0')");
}
//echo "Ïîêóïàòåë: ".$user['login']." | ID: ".$nick['uid']." | Ñóììà: ".$nick['ekr']." | ID îïåðàöèè: ".$params['account']."<br>";
if (isset ($referal['id']))
{
//echo "Ðåôåðàë(òîò êòî ïðèâåë): ".$referal['login']." | ID: ".$referal['id']." | Ñóììà: ".$refecr."<br>";
}
else
{
//echo "Ïîëüçîâàòåëü ðåôåðàë íå íàéäåí!!";
}
echo getResponseSuccess('PAY is successful');
die();
}
}
else
{
echo getResponseError('No order');
die();
}
}
?>