cot_block($pinfo['pay_status'] == 'new' || $pinfo['pay_status'] == 'process');
$url = $cfg['plugin']['roboxbilling']['testmode'] ? 'http://test.robokassa.ru/Index.aspx' : 'https://merchant.roboxchange.com/Index.aspx';
$mrh_login = $cfg['plugin']['roboxbilling']['mrh_login'];
$mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1'];
$inv_id = $pid;
$shp_item = !empty($pinfo['pay_code']) ? $pinfo['pay_area'] . '_' . $pinfo['pay_code'] : $pinfo['pay_area'];
$inv_desc = $pinfo['pay_desc'];
$in_curr = '';
$culture = "ru";
$out_summ = $pinfo['pay_summ'] * $cfg['plugin']['roboxbilling']['rate'];
if ($cfg['plugin']['roboxbilling']['testmode']) {
$test_string = "&IsTest=1";
}
$crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$mrh_pass1}:Shp_item={$shp_item}");
$post_opt = "MrchLogin="******"&OutSum=" . $out_summ . "&InvId=" . $inv_id . "&Desc=" . $inv_desc . "&SignatureValue=" . $crc . "&Shp_item=" . $shp_item . "&IncCurrLabel=" . $in_curr . "&Culture=" . $culture . $test_string;
cot_payments_updatestatus($pid, 'process');
// Изменяем статус "в процессе оплаты"
header('Location: ' . $url . '?' . $post_opt);
exit;
} else {
cot_die();
}
} elseif ($m == 'success') {
// регистрационная информация (пароль #1)
// registration info (password #1)
$mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1'];
// чтение параметров
// read parameters
$out_summ = $_REQUEST["OutSum"];
$inv_id = $_REQUEST["InvId"];
$shp_item = $_REQUEST["Shp_item"];
* Robox billing Plugin
*
* @package roboxbilling
* @version 1.0
* @author CMSWorks Team
* @copyright Copyright (c) CMSWorks.ru
* @license BSD
*/
defined('COT_CODE') or die('Wrong URL');
require_once cot_incfile('payments', 'module');
// регистрационная информация (пароль #2)
$mrh_pass2 = $cfg['plugin']['roboxbilling']['mrh_pass2'];
// чтение параметров
$out_summ = $_REQUEST["OutSum"];
$inv_id = $_REQUEST["InvId"];
$shp_item = $_REQUEST["Shp_item"];
$crc = $_REQUEST["SignatureValue"];
$crc = strtoupper($crc);
$my_crc = strtoupper(md5("{$out_summ}:{$inv_id}:{$mrh_pass2}:Shp_item={$shp_item}"));
// проверка корректности подписи
if ($my_crc != $crc) {
echo "bad sign\n";
exit;
} else {
// Обновляем статус платежа на "оплачен"
if (cot_payments_updatestatus($inv_id, 'paid')) {
echo "OK{$inv_id}\n";
} else {
echo "Error of update order status!";
}
}
<?php
/**
* [BEGIN_COT_EXT]
* Hooks=global
* [END_COT_EXT]
*/
defined('COT_CODE') or die('Wrong URL.');
require_once cot_incfile('paypro', 'plug');
require_once cot_incfile('payments', 'module');
// Проверяем платежки на оплату услуги PRO. Если есть то включаем услугу или продлеваем ее.
if ($propays = cot_payments_getallpays('pro', 'paid')) {
foreach ($propays as $pay) {
$userid = !empty($pay['pay_code']) ? $pay['pay_code'] : $pay['pay_userid'];
$upro = cot_getuserpro($userid);
$initialtime = $upro > $sys['now'] ? $upro : $sys['now'];
$rproexpire = $initialtime + $pay['pay_time'];
if (cot_payments_updatestatus($pay['pay_id'], 'done')) {
$db->update($db_users, array('user_pro' => (int) $rproexpire), "user_id=" . (int) $userid);
/* === Hook === */
foreach (cot_getextplugins('paypro.done') as $pl) {
include $pl;
}
/* ===== */
}
}
}
include $pl;
}
/* ===== */
// Проверяем платежки на оплату пополнение счета.
if ($balancepays = cot_payments_getallpays('balance', 'paid')) {
foreach ($balancepays as $pay) {
if (cot_payments_updatestatus($pay['pay_id'], 'done')) {
$urr = $db->query("SELECT * FROM {$db_users} WHERE user_id=" . $pay['pay_userid'])->fetch();
$subject = $L['payments_balance_billing_admin_subject'];
$body = sprintf($L['payments_balance_billing_admin_body'], $urr['user_name'], $pay['pay_summ'] . ' ' . $cfg['payments']['valuta'], $pay['pay_id'], cot_date('d.m.Y в H:i', $pay['pay_pdate']));
cot_mail($cfg['adminemail'], $subject, $body);
if (!empty($pay['pay_code'])) {
$dpay = cot_payments_payinfo($pay['pay_code']);
if (!empty($dpay)) {
$ubalance = cot_payments_getuserbalance($dpay['pay_userid']);
if ($ubalance >= $dpay['pay_summ'] && cot_payments_updatestatus($dpay['pay_id'], 'paid')) {
cot_payments_updateuserbalance($dpay['pay_userid'], -$dpay['pay_summ'], $dpay['pay_id']);
}
}
}
/* === Hook === */
foreach (cot_getextplugins('payments.balance.billing.done') as $pl) {
include $pl;
}
/* ===== */
}
}
}
if ($cfg['payments']['clearpaymentsdays'] > 0) {
$clearpaymentsdate = $sys['now'] - $cfg['payments']['clearpaymentsdays'] * 24 * 60 * 60;
$db->delete($db_payments, "pay_status!='done' AND pay_cdate<" . $clearpaymentsdate);
if (isset($_POST['LMI_PAYMENT_NO']) && preg_match('/^\\d+$/', $_POST['LMI_PAYMENT_NO']) == 1 && isset($_POST['RND']) && preg_match('/^[A-Z0-9]{8}$/', $_POST['RND'], $match) == 1) {
$pinfo = $db->query("SELECT * FROM {$db_payments}\n\t\t\tWHERE pay_id='" . $_POST['LMI_PAYMENT_NO'] . "' \n\t\t\t\tAND pay_wmrnd='" . $_POST['RND'] . "' \n\t\t\t\t\tAND pay_status='process'")->fetch();
if (empty($pinfo)) {
echo "ERR: Payment not found";
} else {
$chkstring = $cfg['plugin']['wmbilling']['webmoney_purse'] . $pinfo['pay_summ'] . $pinfo['pay_id'] . $_POST['LMI_MODE'] . $_POST['LMI_SYS_INVS_NO'] . $_POST['LMI_SYS_TRANS_NO'] . $_POST['LMI_SYS_TRANS_DATE'] . $cfg['plugin']['wmbilling']['webmoney_skey'] . $_POST['LMI_PAYER_PURSE'] . $_POST['LMI_PAYER_WM'];
if ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'MD5') {
$md5sum = strtoupper(md5($chkstring));
$hash_check = $_POST['LMI_HASH'] == $md5sum;
} elseif ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'SHA256') {
$sha256sum = strtoupper(hash('sha256', $chkstring));
$hash_check = $_POST['LMI_HASH'] == $sha256sum;
} elseif ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'SIGN') {
// not done yet!!!
} else {
echo "ERR: Config parameter LMI_HASH_METHOD incorrect!";
}
if ($_POST['LMI_PAYMENT_NO'] == $pinfo['pay_id'] && $_POST['LMI_PAYEE_PURSE'] == $cfg['plugin']['wmbilling']['webmoney_purse'] && $_POST['LMI_PAYMENT_AMOUNT'] == $pinfo['pay_summ'] * $cfg['plugin']['wmbilling']['webmoney_rate'] && $_POST['LMI_MODE'] == $cfg['plugin']['wmbilling']['webmoney_mode'] && $hash_check) {
if (cot_payments_updatestatus($pinfo['pay_id'], 'paid')) {
echo "YES";
} else {
echo "ERR: Payment failed";
}
} else {
echo "ERR: Inconsistent parameters";
}
}
} else {
echo "ERR: Inconsistent parameters";
}
}
}
$dataSet = array();
foreach ($status_data as $key => $value) {
if (!preg_match('/ik_/', $key)) {
continue;
}
$dataSet[$key] = $value;
}
$ik_sign = $dataSet['ik_sign'];
unset($dataSet['ik_sign']);
if ($dataSet['ik_pw_via'] == 'test_interkassa_test_xts') {
$key = $cfg['plugin']['ikassabilling']['test_key'];
} else {
$key = $cfg['plugin']['ikassabilling']['secret_key'];
}
ksort($dataSet, SORT_STRING);
array_push($dataSet, $key);
$signString = implode(':', $dataSet);
$sign = base64_encode(md5($signString, true));
if (!empty($dataSet['ik_pm_no'])) {
$payinfo = cot_payments_payinfo($dataSet['ik_pm_no']);
}
if ($ik_sign === $sign && $dataSet['ik_inv_st'] == 'success' && $dataSet['ik_co_id'] == $cfg['plugin']['ikassabilling']['shop_id']) {
if (cot_payments_updatestatus($dataSet['ik_pm_no'], 'paid')) {
header('HTTP/1.1 200');
} else {
header('HTTP/1.1 302');
}
} else {
header('HTTP/1.1 302');
}
