<?php
class GameDealerClass {
	//Êîíôèãóðàöèè
	public $c = array(
		/* MySQL Áàçà äàííûõ */
			'db_name'		=>	'pay_operations', //Òàáëèöà â êîòîðóþ çàíîñÿòñÿ äàííûå
			'db_host'		=>	'localhost',
			'db_user'		=>	'newcom1_abk',
			'db_pass'		=>	'4nWYsIM[c?}P',
			'db_base'		=>	'newcom1_abk',
		/* Íàñòðîéêè ïëàòåæåé */
			'ip_list'		=>	array('127,0,0,1,188.166.34.68,136.243.38.147,136.243.38.149,136.243.38.150,136.243.38.151,136.243.38.189,88.198.88.98'), //Óêàçûâàòü ÷åðåç çàïÿòóþ (Ðàçðåøåííûå IP)
			'key'			=>	'qtzl0igb', //gamedealer key 
			'id'			=>	'65643' //ID ïðîåêòà
	),
	$ip = '',
	$BACK = array(); //Ðåçóëüòàò êîòîðûé âîçâðàùàåì â êîíöå
	
	//Êîäèðóåì èç ÞÒÔ-8 â Êèðèëèöó
	public function in($text) {
		return iconv("UTF-8","cp1251",$text);
	}
	
	//Êîäèðóåì èç Êèðèëèöó â ÞÒÔ-8
	public function out($text) {
		return iconv("cp1251","UTF-8",$text);
	}
	
	//Äîáàâëÿåì äàííûå â áàçó äàííûõ
	public function add($type,$value,$money) {
		mysql_query('INSERT INTO `'.$this->c['db_name'].'` (`time`,`type`,`ip`,`value`,`money`,`project`) VALUES ("'.time().'","'.mysql_real_escape_string($type).'","'.$_SERVER['HTTP_X_REAL_IP'].'","'.mysql_real_escape_string($value).'","'.mysql_real_escape_string($money).'","'.mysql_real_escape_string($this->id).'")');
	}
	
	//Ïîäêëþ÷àåìñÿ ê áàçå äàííûõ
	public function connect_db() {
		$db = mysql_connect($this->c['db_host'],$this->c['db_user'],$this->c['db_pass']) or die('Îøèáêà ïîäêëþ÷åíèÿ ê MySQL ñåðâåðó!');
		mysql_select_db($this->c['db_base'],$db) or die('Îøèáêà ïîäêëþ÷åíèÿ ê áàçå äàííûõ!');
		mysql_query('SET NAMES cp1251');
	}
	
	public function output($a,$v = NULL) {
		$r = '';		
		$i = 0;
		while($i < count($a)) {
			$rn = '';
			$tb = '';
			if($v != NULL) {
				$rn = "\r\n";
				$tb = "	";
			}
			$r .= $rn.'<'.$a[$i][0].'>';
			if(!is_array($a[$i][1])) {
				$rn = '';
				$tb = '';
				$r .= $rn.$tb.($this->out($a[$i][1]));
			}else{
				if($i > 0) {
					$r .= $rn;
				}
				$r .= $tb.($this->output($a[$i][1],1));
			}
			$r .= $rn.'</'.$a[$i][0].'>';
			$i++;
		}
		return $r;
	}
	
	//Ãåíåðèðóåì XML-ôàéë
	public function backInformation() {
		header('Content-Type: text/html/force-download');
		echo '<?xml version="1.0" encoding="UTF-8"?>';
		echo $this->output($this->BACK,1);
	}
	
	//Ïðîâåðêà ñóùåñòâîâàíèÿ ïåðñîíàæà
	public function test_accaunt($nick) {
		$r = false;
		$nick = mysql_fetch_array(mysql_query('SELECT `id` FROM `bank` WHERE `id` = "'.mysql_real_escape_string($nick).'" LIMIT 1'));
		if(isset($nick['id'])) {
			$r = true;
		}
		return $r;
	}
	
	//Ïîëó÷àåò ñ÷åò â áàíêå ïî ëîãèíó
	public function getBank($nick) {
		$nick = mysql_fetch_array(mysql_query('SELECT `id` FROM `users` WHERE `login` = "'.mysql_real_escape_string($nick).'" LIMIT 1'));
		$nick = mysql_fetch_array(mysql_query('SELECT `id` FROM `bank` WHERE `uid` = "'.mysql_real_escape_string($nick['id']).'" LIMIT 1'));
		return $nick['id'];
	}
	
	//Ïîèñê ëîãèíà
	public function bank_user($nick) {
		$nick = mysql_fetch_array(mysql_query('SELECT `id`,`uid FROM `bank` WHERE `id` = "'.mysql_real_escape_string($nick).'" LIMIT 1'));
		$nick = mysql_fetch_array(mysql_query('SELECT `id`,`login` FROM `users` WHERE `login` = "'.mysql_real_escape_string($nick['uid']).'" LIMIT 1'));
		return $nick['login'];
	}
	
	//Íà÷èíàåì îáðàáîòêó çàïðîñîâ
	public function start_session() {
		
		$this->ip = $_SERVER['HTTP_X_REAL_IP'];		
		
		//Ïîäêëþ÷àåìñÿ ê ÁÄ
		$this->connect_db();
		
		//Ïîëó÷àåì äàííûå çàïðîñà
		//$xml = file_get_contents('php://input');		
		
		//Ïàðñèíã XML çàïðîñà
		if(function_exists('simplexml_load_string')) {
			$xml = simplexml_load_string($xml);
		}else{			
			$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Íå óäàëîñü ïðîèçâåñòè îáðàáîòêó çàïðîñà'))));
			die($this->backInformation());
		}
		
		$this->id = $xml->projectid;
		
		if(!in_array($this->ip,$this->c['ip_list'])) {
			$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Íåò äîñòóïà ñ äàííîãî IP'))));
			die($this->backInformation());
		}		
		
		//Îáðàáîòêà çàïðîñîâ
		if($xml->method == 'check_balance') {
			//<sign>MD5(method+MD5(gdKey))</sign>
			
			$sign = md5($xml->method.md5($this->c['key']));
			
			if($sign == $xml->sign) {
				//Áàëàíñ äèëåðà
				$balance = 1000000;
				$this->BACK = array(array('gdanswer',array(array('status','1'),array('desc','Áàëàíñ äèëåðà: '.$balance),array('balance',$balance))));
				$this->add('4','check:'.$xml->nick.':1'.$r,0);
			}
			
		}elseif($xml->method	== 'check') {
			/*
			nick - ëîãèí ïåðñîíàæà	<sign>MD5(nick+method+MD5(gdKey))</sign>	*/
			
			$sign = md5($xml->nick.$xml->method.md5($this->c['key']));
			
			if($sign == $xml->sign) {
				$xml->nick = $this->in($xml->nick);
				if($this->test_accaunt($xml->nick) == true) {
					//Ïåðñîíàæ íàéäåí è çà÷èñëÿåì åìó èãðîâóþ âàëþòó
					$this->BACK = array(array('gdanswer',array(array('status','1'),array('desc','Áàíêîâñêèé ñ÷åò íàéäåí'))));
					$this->add('3','check:'.$xml->nick.':1'.$r,0);
				}else{
					//Ïåðñîíàæ íå íàéäåí
					$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Ïëàòåæ íå îáðàáîòàí. Áàíêîâñêèé ñ÷åò íå íàéäåí.'))));
					$this->add('-1','Ïåðñîíàæ íå íàéäåí:pay:'.$xml->nick.':0',0);
				}
			}
		}elseif($xml->method == 'pay') {
			/* Ïðîâîäèì ïëàòåæ 
			nick - ëîãèí àêêàóíòà , projectid - id ïðîåêòà , sign , amount - äåíüãè , payid - id ïëàòåæà	*/
			
			$sign = md5($xml->nick.$xml->projectid.$xml->amount.$xml->payid.$xml->method.md5($this->c['key']));
			
			if($sign == $xml->sign) {
				$xml->nick = $this->in($xml->nick);
				if($this->test_accaunt($xml->nick) == true) {
					//Ïåðñîíàæ íàéäåí è çà÷èñëÿåì åìó èãðîâóþ âàëþòó
					$bank = $this->test_accaunt($xml->nick);
					if($bank > 0) {
						mysql_query('UPDATE `bank` SET `money2` = `money2` + '.mysql_real_escape_string($xml->amount).' WHERE `id` = "'.mysql_real_escape_string($xml->nick).'" LIMIT 1');
						$this->BACK = array(array('gdanswer',array(array('status','1'),array('desc','Ïëàòåæ ïðîøåë óñïåøíî'),array('id',$this->c['id']))));
						$this->add('2','pay:'.$xml->nick.':'.$xml->projectid.':'.$xml->sign.':'.$xml->amount.':'.$xml->payid.':'.$bank['id'],$xml->amount);
						
						$user = mysql_fetch_array(mysql_query('SELECT `id`,`uid` FROM `bank` WHERE `id` = "'.mysql_real_escape_string($xml->nick).'" LIMIT 1'));
						$user = mysql_fetch_array(mysql_query('SELECT `id`,`login`,`city`,`sex`,`room` FROM `users` WHERE `id` = "'.mysql_real_escape_string($user['uid']).'" LIMIT 1'));
						
						mysql_query('UPDATE `users` SET `catch` = `catch` + '.mysql_real_escape_string(floor($xml->amount)).' WHERE `id` = "'.mysql_real_escape_string($xml->nick).'" LIMIT 1');
						
						$r = '<span class=date>'.date('d.m.Y H:i').'</span> Àëõèìèê <img src=https://img.new-combats.com/i/align/align50.gif width=12 height=15 /><u><b>Enchanter</b> / Àâòîìàòè÷åñêàÿ îïëàòà</u> ñîîáùàåò: ';
						
						if($user['sex'] == 1) {
							$r .= 'Óâàæàåìàÿ';
						}else{
							$r .= 'Óâàæàåìûé';
						}
						
						$r .= ' <b>'.$user['login'].'</b>, íà Âàø áàíêîâñêèé ñ÷åò ¹'.$bank.' çà÷èñëåíî '.$xml->amount.' Ekr. Áëàãîäàðèì Âàñ çà ïîêóïêó!';
						
						mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','".$user['city']."','".$user['room']."','','".$user['login']."','".$r."','-1','5','0')");
						
					}else{
						$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Ó ïîëüçîâàòåëÿ îòñóòñòâóåò áàíê'),array('id',$this->c['id']))));
						$this->add('-1','Ó ïåðñîíàæà îòñóòñòâóåò áàíê:pay:'.$xml->nick.':'.$xml->projectid.':'.$xml->sign.':'.$xml->amount.':'.$xml->payid.':'.$bank['id'],$xml->amount);
					}
				}else{
					//Ïåðñîíàæ íå íàéäåí
					$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Ïëàòåæ íå îáðàáîòàí. Ïåðñîíàæ íå íàéäåí.'))));
					$this->add('-1','Ïåðñîíàæ íå íàéäåí:pay:'.$xml->nick.':0',0);
				}	
			}else{
				//Îøèáêà ñèãíàòóðû
				$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Îøèáêà ñèãíàòóðû'))));
				$this->add('-1','Îøèáêà ñèãíàòóðû:pay:'.$xml->nick.':0',0);
			}
		}elseif($xml->method == 'check_login') {
			/* Ïðîâåðêà àêêàóíòà
			nick - ëîãèí àêêàóíòà , projectid - id ïðîåêòà , sign	*/
			$sign = md5($xml->nick.$xml->method.md5($this->c['key']));
			
			if($sign == $xml->sign) {
				$xml->nick = $this->in($xml->nick);
				if($this->test_accaunt($xml->nick) == true) {
					//Ïåðñîíàæ íàéäåí
					$this->BACK = array(array('gdanswer',array(array('status','1'),array('desc','Ñ÷åò íàéäåí'),array('addinfo',$this->bank_user($xml->nick)))));
					$this->add('1','check_login:'.$xml->nick.':1'.$r,0);
				}else{
					//Ïåðñîíàæ íå íàéäåí
					$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Ñ÷åò íå íàéäåí'))));
					$this->add('-1','Ïåðñîíàæ íå íàéäåí:check_login:'.$xml->nick.':0',0);
				}
			}else{
				//Îøèáêà ñèãíàòóðû
				$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Îøèáêà ñèãíàòóðû'))));
				$this->add('-1','Îøèáêà ñèãíàòóðû:pay:'.$xml->nick.':0',0);
			}
		}else{
			$this->BACK = array(array('gdanswer',array(array('status','-1'),array('desc','Íåèçâåñòíûé òèï çàïðîñà'))));
			$this->add('-1','Íåèçâåñòíûé òèï çàïðîñà:error_method:gamedealer',0);
		}
		
		//Çàíîñèì èíôîðìàöèþ
		/* Ïðèìåð ðåçóëüòàòà çàïðîñà
			$this->BACK = array(
				array('gdanswer',array(array('status',-100),array('desc','Îïèñàíèå çàïðîñà')))
			);
		*/
		
		//Âîçâðàùàåì ðåçóëüòàò
		$this->backInformation();
	}
}

$pay = new GameDealerClass;
$pay->start_session();
?>