*
* @author Malacma <*****@*****.**>
*
* LOGIN LOL
*
* @data 11/03/2014
* http://nosnaldeia.com.br/babel_json_services/?login=super@gmail.com&passwd=123456&proficiency=FR
* */
include_once 'db_vars.config.php';
//Recupera parametros
$email = $_GET['login'];
$passwd = $_GET['passwd'];
$proficiency = $_GET['proficiency'];
$mensagem = "Login";
//Atualiza o perfil para o status online e disponivel quando loga no sistema atualiza a lingua nativa tb
$ip = getRemoteIp();
$query = " SELECT `fn_login`('{$ip}', '{$email}','{$proficiency}') AS `fn_login`";
//echo $query;
$result = mysqli_query($con, $query);
$row = mysqli_fetch_array($result);
$nature = $row['fn_login'];
//Cria a session do ususario
if ($result) {
session_start();
$_SESSION["BABELON"] = true;
$_SESSION["NATURE"] = $nature;
$_SESSION["EMAIL"] = $email;
$_SESSION["PASSWD"] = md5($passwd);
}
//
//Atualiza conta sip
function perform()
{
// Get the resources we need to do this update
$db = $_REQUEST['db'];
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$questionFinder = new QuestionFinder($db);
// Grok all the relevant data from the form
$qHash = array();
$qHash['library_id'] = $user['library_id'];
$qHash['location_id'] = gpwd('location', null);
$qHash['question_type_id'] = gpwd('questionType', null);
$qHash['question_type_other'] = gpwd('questionTypeOther');
$qHash['time_spent_id'] = gpwd('timeSpent', null);
$qHash['patron_type_id'] = gpwd('patronType', null);
$qHash['question_format_id'] = gpwd('questionFormat', null);
$qHash['initials'] = gpwd('initials');
$qHash['client_ip'] = getRemoteIp();
$qHash['user_id'] = $_SESSION['userId'];
$qHash['question'] = gpwd('question');
$qHash['answer'] = gpwd('answer');
$qHash['question'] = trim($qHash['question']);
$qHash['answer'] = trim($qHash['answer']);
$qHash['hide'] = 0;
if ($qHash['question'] == '' && $qHash['answer'] == '') {
$qHash['hide'] = 1;
}
// Do the date
$qHash['question_date'] = trim(gpwd('mydate', 'now'));
if ($qHash['question_date'] == '') {
$qHash['question_date'] = 'now';
}
$stamp = strtotime($qHash['question_date']);
if ($stamp != -1) {
$qHash['question_date'] = date('Y-m-d H:i:s', $stamp);
} else {
$qHash['question_date'] = null;
}
$qHash['date_added'] = date('Y-m-d H:i:s');
// Clean up qHash; make numbers really numeric. The dirty little
// trick: add 0 to non-null values names .*_id
foreach ($qHash as $key => $val) {
if (strpos($key, '_id')) {
if ($val != null) {
$qHash[$key] = $val + 0;
}
}
}
$target = "questionAddForm.do";
$res = $questionFinder->addQuestion($qHash);
if (!DB::isError($res)) {
// Use a Location: header to fly back; we don't want to
// be able to double-enter by mistake.... I think.
$url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
$url = substr($url, 0, -strrchr($url, '/')) . $target;
header("Location: {$url}");
exit;
} else {
// A page error occurred!
$_REQUEST['dbResult'] = $res;
$act = new PageErrorAction();
return $act->perform();
}
}
<h2>Тестовая оплата Яндекс.Касса</h2>
<p>
Оплата услуг аккаунт <strong>#<?php
echo intval($paypost['customerNumber']);
?>
</strong><br />
Cумма оплаты <strong><?php
echo to_money($paypost['Sum'], 2);
?>
рублей</strong><br />
Cпособ оплаты <strong><?php
echo $payway[$paypost['paymentType']];
?>
</strong><br />
IP cервера Яндекса <strong><?php
echo getRemoteIp();
?>
</strong><br />
ShopID <strong><?php
echo $paypost['ShopID'];
?>
</strong><br />
Bill reserve ID: <strong><?php
echo @$paypost['orderId'];
?>
</strong>
</p>
<form method="GET" action="ykassa.php" >
<input type="submit" name="success" value="Успешно оплатить" />
<input type="submit" name="cancel" value="Вернуться в магазин" />
private function isErrorIP()
{
$ip = getRemoteIp();
$allowedIPs = $this->is_test ? $this->ip_test : $this->ip_real;
return !in_array($ip, $allowedIPs);
}
/**
* Проверка и подтверждение платежа, внесение депозита
*
* @global DB $DB
* @param type $request Массив с данными запроса (можно весь $_POST)
* @return type Строка, если ошибка, иначе NULL
*/
function process_payment($request)
{
global $DB;
$action = $request['action'];
$ip = getRemoteIp();
if (!in_array($ip, $this->_allowed_ips)) {
return "Неразрешенный IP: {$ip}";
}
if (!in_array($action, array('Check', 'PaymentSuccess'))) {
return 'Некорректный запрос';
}
$shopid = $request['shopId'];
$ammount = $request['orderSumAmount'];
$orderIsPaid = $request['orderIsPaid'];
$orderNumber = $request['invoiceId'];
$billing_no = $request['customerNumber'];
$hash = $request['md5'];
$fromcode = $request['paymentPayerCode'];
$paymentDateTime = $request['paymentDateTime'];
$orderCreatedDatetime = $request['orderCreatedDatetime'];
$operation_type = $request['OPERATION_TYPE'];
$operation_id = $request['OPERATION_ID'];
if (floatval($ammount) <= 0) {
return 'Неверная сумма!';
}
$hash_str = $orderIsPaid . ';' . $ammount . ';' . $this->curid . ';' . $this->bank . ';' . $shopid . ';' . $orderNumber . ';' . $billing_no . ';' . $this->key;
var_dump(strtoupper(md5($hash_str)));
if (strtoupper(md5($hash_str)) != $hash) {
return 'Неверный хэш!';
}
$op_id = 0;
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/sbr.php";
if ($operation_type == sbr::OP_RESERVE) {
// убрать проверку после тестирования.
$shopid = ydpay::SHOP_SBR_RESERVE;
}
$op_descr = '';
switch ($shopid) {
case ydpay::SHOP_SBR_RESERVE:
// Резерв денег по СбР (новая)
$op_code = sbr::OP_RESERVE;
$amm = 0;
$op_descr = " СбР #" . $operation_id;
break;
case ydpay::SHOP_DEPOSIT:
// Перевод денег на личный счет
$op_code = 12;
$amm = $ammount;
break;
default:
return 'Неверный магазин!';
}
if ($action == 'Check') {
$descr = "ЯД с кошелька {$fromcode} сумма - {$ammount}, номер покупки - {$orderNumber}";
$descr .= $op_descr;
$dups = $DB->val('SELECT id FROM account_operations_yd WHERE descr = ?', $descr);
if (!$dups) {
$op_id = $DB->insert('account_operations_yd', array('billing_id' => $billing_no, 'op_date' => $orderCreatedDatetime, 'op_code' => $op_code, 'ammount' => $amm, 'trs_sum' => $ammount, 'descr' => $descr, 'invoice_id' => $orderNumber), 'id');
$error = $DB->error;
}
} elseif ($action == 'PaymentSuccess') {
$descr = "ЯД с кошелька {$fromcode} сумма - {$ammount}, обработан {$paymentDateTime}, номер покупки - {$orderNumber}";
$descr .= $op_descr;
$tmp_payment = $DB->row('SELECT * FROM account_operations_yd WHERE invoice_id = ?', $orderNumber);
if (!$tmp_payment) {
return 'Платеж не найден';
}
$dups = $this->checkDups($descr);
if ($dups) {
return;
}
$error = $this->deposit($op_id, $billing_no, $amm, $descr, 3, $ammount, $op_code, $operation_id);
if (!$error) {
$DB->query('DELETE FROM account_operations_yd WHERE invoice_id = ?', $orderNumber);
}
} else {
$error = 'Некорректный запрос';
}
return $error;
}
function perform()
{
$times = array();
$start = 0;
$end = 0;
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Add Question', 'content' => 'content/questionAddForm.php');
// The number of questions and page offset we want
$count = grwd('count', 50);
$page = grwd('page', 1);
$result['count'] = $count;
$result['page'] = $page;
// Learn what kind of menus we need
$layout = grwd('layout', 'menus');
$optionFunction = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox');
$result['optionFunction'] = $optionFunction[$layout];
$db = $_REQUEST['db'];
$tsf = new TimeSpentFinder($db);
$ptf = new PatronTypeFinder($db);
$qff = new QuestionFormatFinder($db);
$qtf = new QuestionTypeFinder($db);
$if = new InitialsFinder($db);
$lf = new LocationFinder($db);
$userFinder = new UserFinder($db);
$start = mTimeFloat();
$user = $userFinder->findById($_SESSION['userId']);
$end = mTimeFloat();
$times['userfind'] = $end - $start;
$clientIp = getRemoteIp();
$libId = $user['library_id'];
$start = mTimeFloat();
$result['timeSpentOpts'] = $tsf->findByLibrary($libId);
$result['patronTypeOpts'] = $ptf->findByLibrary($libId);
$result['questionTypeOpts'] = $qtf->findByLibrary($libId);
$result['questionFormatOpts'] = $qff->findByLibrary($libId);
$result['locationOpts'] = $lf->findByLibrary($libId);
$times['menus'] = mTimeFloat() - $start;
$start = mTimeFloat();
// Load the default (last used) values for this client
$result['locationId'] = $lf->getLastLocationId($clientIp, $libId);
if ($result['locationId'] == null) {
$result['locationId'] = $result['locationOpts'][0]['location_id'];
}
$start = mTimeFloat();
$result['lastInitials'] = $if->getLastInitials($clientIp);
$times['lastInitials'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastTimeSpent'] = $tsf->getLast($clientIp);
$times['lastTimeSpent'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastPatronType'] = $ptf->getLast($clientIp);
$times['lastPatronType'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastQuestionType'] = $qtf->getLast($clientIp);
$times['lastQuestionType'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastQuestionFormat'] = $qff->getLast($clientIp);
$times['lastQuestionFormat'] = mTimeFloat() - $start;
$result['user'] = $user;
$questionFinder = new QuestionFinder($db);
$start = mTimeFloat();
$result['lastAdded'] = $questionFinder->getLastQuestionTime($clientIp, $libId);
if ($result['lastAdded'] != null) {
$result['lastAdded'] = date('n/d g:i A', strtotime($result['lastAdded']));
}
$times['lastAdded'] = mTimeFloat() - $start;
$start = mTimeFloat();
$qResult = $questionFinder->getPagedList($count, $page, 'questions.library_id = ?', array((int) $libId));
$result['questionList'] =& $qResult['list'];
$result['list_meta'] = $qResult['meta'];
$result['questionCount'] = $qResult['meta']['totalQuestions'];
$result['nonemptyQuestionCount'] = $qResult['meta']['nonemptyQuestions'];
$times['getQuestions'] = mTimeFloat() - $start;
$origin = "questionAddForm.do?page=" . $result['page'] . "&count=" . $result['count'];
$result['origin'] = $origin;
$result['target'] = 'questionAddForm.do';
// Disabled debugging output
// echo "<!-- ";
// var_dump($times);
// echo " -->";
return $result;
}
/**
* Method getRemoteIP
* @access public
* @return mixed
* @since 1.0.89
*/
public function getRemoteIP()
{
return getRemoteIp();
}
<?php
header("content-type:text/html;charset=utf-8");
file_put_contents('./log/api2.log', "api2.php start:" . date('Y-m-d H:i:s') . "\r\n", FILE_APPEND);
define('ROOT_DIR', realpath(dirname(__FILE__)) . '/');
define('LOG_DIR', ROOT_DIR . 'log/');
//获取客户端IP
function getRemoteIp()
{
$user_IP = isset($_SERVER["HTTP_VIA"]) ? $_SERVER["HTTP_X_FORWARDED_FOR"] : $_SERVER["REMOTE_ADDR"];
$user_IP = $user_IP ? $user_IP : $_SERVER["REMOTE_ADDR"];
return $user_IP;
}
$info['ip'] = getRemoteIp();
//ip
$info['m'] = isset($_GET['m']) ? $_GET['m'] : "0";
//mac
//参数 h (hips 检测):
switch ($_GET['h']) {
case 'n':
$info['hips'] = '正常';
break;
case 'v':
$info['hips'] = 'VKD-WINDBG';
break;
case 'o':
$info['hips'] = 'OD 插件';
break;
case 'm':
$info['hips'] = 'Malware Defender';
break;
require_once "ControllerFunctions.php";
// We do includes based on rInfo; ensure that the only way to set it
// is internally.
$rInfo['renderer'] = '';
$rInfo['content'] = '';
// This will be used to find out our intended action
$opMap = buildOpMap();
$operation = getOperation($_SERVER['REQUEST_URI']);
// Get the Action for this operation, or a PageNotFoundAction if there's
// no match.
$action = new PageErrorAction();
if (isset($opMap[$operation])) {
$action = $opMap[$operation];
}
// Defined in Init.php
if (SITE_MAINTANENCE && getRemoteIp() != DEBUG_IP) {
$action = new SiteMaintanenceAction();
}
// There's one special case to worry about: the action requires
// authentication, and we're not logged in. Handle that and perform the
// Action.
if ($action->isAuthenticationRequired() && !isLoggedIn()) {
$action = new LoginFormAction();
}
if ($action->isAdminRequired() && !isAdmin()) {
$action = new PageErrorAction();
}
$rInfo = $action->perform();
$rInfo = fixRenderDefaults($rInfo);
// And dispatch the request to the view...
include $rInfo['renderer'];
function isLocalDebug()
{
return getRemoteIp() == "127.0.0.1" || DEBUG ? true : false;
}
function visitor_country()
{
$ip = getRemoteIp();
$ws = new WebService();
return $ws->geGeoLocationInfoJSON($ip);
}
//reg
$returnFlag = InsertWapDeviceInfo($getData, $config['redis']['host'], $config['redis']['wapappdb']);
//如果用户资料已存在,则认为是登录操作
if ($returnFlag != 0) {
$ptype = 2;
}
}
$fields = array($getData['idfa'], $getData['bid'], $getData['ver'], $deviceType, $time, $ptype, $getData['broken'], $getData['qd'], $ip);
break;
case 'ad':
//ios.iosyy.me/act=ad&idfa=23411&ver=1.30&deviceType=iphone&time=122222221&bid=1&broken=1&qd=1
if (empty($getData['idfa']) || empty($getData['bid'])) {
$message = array('status' => 1, 'message' => 'idfa or bid empty');
exit(json_encode($message));
}
$ip = ip2long(getRemoteIp());
$deviceType = isset($getData['deviceType']) ? strtolower($getData['deviceType']) : 'ipad';
$ptype = intval($getData['ptype']);
if ($ptype == 1) {
//reg
$returnFlag = InsertWapDeviceInfo($getData, $config['redis']['host'], $config['redis']['wapappdb']);
//如果用户资料已存在,则认为是登录操作
if ($returnFlag != 0) {
$ptype = 2;
}
}
$fields = array($getData['idfa'], $getData['bid'], $getData['ver'], $deviceType, $time, $ptype, $getData['broken'], $getData['qd'], $ip);
break;
case 'test':
exit(json_encode($_GET));
break;
