cot_block($pinfo['pay_status'] == 'new' || $pinfo['pay_status'] == 'process'); $url = $cfg['plugin']['roboxbilling']['testmode'] ? 'http://test.robokassa.ru/Index.aspx' : 'https://merchant.roboxchange.com/Index.aspx'; $mrh_login = $cfg['plugin']['roboxbilling']['mrh_login']; $mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1']; $inv_id = $pid; $shp_item = !empty($pinfo['pay_code']) ? $pinfo['pay_area'] . '_' . $pinfo['pay_code'] : $pinfo['pay_area']; $inv_desc = $pinfo['pay_desc']; $in_curr = ''; $culture = "ru"; $out_summ = $pinfo['pay_summ'] * $cfg['plugin']['roboxbilling']['rate']; if ($cfg['plugin']['roboxbilling']['testmode']) { $test_string = "&IsTest=1"; } $crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$mrh_pass1}:Shp_item={$shp_item}"); $post_opt = "MrchLogin="******"&OutSum=" . $out_summ . "&InvId=" . $inv_id . "&Desc=" . $inv_desc . "&SignatureValue=" . $crc . "&Shp_item=" . $shp_item . "&IncCurrLabel=" . $in_curr . "&Culture=" . $culture . $test_string; cot_payments_updatestatus($pid, 'process'); // Изменяем статус "в процессе оплаты" header('Location: ' . $url . '?' . $post_opt); exit; } else { cot_die(); } } elseif ($m == 'success') { // регистрационная информация (пароль #1) // registration info (password #1) $mrh_pass1 = $cfg['plugin']['roboxbilling']['mrh_pass1']; // чтение параметров // read parameters $out_summ = $_REQUEST["OutSum"]; $inv_id = $_REQUEST["InvId"]; $shp_item = $_REQUEST["Shp_item"];
* Robox billing Plugin * * @package roboxbilling * @version 1.0 * @author CMSWorks Team * @copyright Copyright (c) CMSWorks.ru * @license BSD */ defined('COT_CODE') or die('Wrong URL'); require_once cot_incfile('payments', 'module'); // регистрационная информация (пароль #2) $mrh_pass2 = $cfg['plugin']['roboxbilling']['mrh_pass2']; // чтение параметров $out_summ = $_REQUEST["OutSum"]; $inv_id = $_REQUEST["InvId"]; $shp_item = $_REQUEST["Shp_item"]; $crc = $_REQUEST["SignatureValue"]; $crc = strtoupper($crc); $my_crc = strtoupper(md5("{$out_summ}:{$inv_id}:{$mrh_pass2}:Shp_item={$shp_item}")); // проверка корректности подписи if ($my_crc != $crc) { echo "bad sign\n"; exit; } else { // Обновляем статус платежа на "оплачен" if (cot_payments_updatestatus($inv_id, 'paid')) { echo "OK{$inv_id}\n"; } else { echo "Error of update order status!"; } }
<?php /** * [BEGIN_COT_EXT] * Hooks=global * [END_COT_EXT] */ defined('COT_CODE') or die('Wrong URL.'); require_once cot_incfile('paypro', 'plug'); require_once cot_incfile('payments', 'module'); // Проверяем платежки на оплату услуги PRO. Если есть то включаем услугу или продлеваем ее. if ($propays = cot_payments_getallpays('pro', 'paid')) { foreach ($propays as $pay) { $userid = !empty($pay['pay_code']) ? $pay['pay_code'] : $pay['pay_userid']; $upro = cot_getuserpro($userid); $initialtime = $upro > $sys['now'] ? $upro : $sys['now']; $rproexpire = $initialtime + $pay['pay_time']; if (cot_payments_updatestatus($pay['pay_id'], 'done')) { $db->update($db_users, array('user_pro' => (int) $rproexpire), "user_id=" . (int) $userid); /* === Hook === */ foreach (cot_getextplugins('paypro.done') as $pl) { include $pl; } /* ===== */ } } }
include $pl; } /* ===== */ // Проверяем платежки на оплату пополнение счета. if ($balancepays = cot_payments_getallpays('balance', 'paid')) { foreach ($balancepays as $pay) { if (cot_payments_updatestatus($pay['pay_id'], 'done')) { $urr = $db->query("SELECT * FROM {$db_users} WHERE user_id=" . $pay['pay_userid'])->fetch(); $subject = $L['payments_balance_billing_admin_subject']; $body = sprintf($L['payments_balance_billing_admin_body'], $urr['user_name'], $pay['pay_summ'] . ' ' . $cfg['payments']['valuta'], $pay['pay_id'], cot_date('d.m.Y в H:i', $pay['pay_pdate'])); cot_mail($cfg['adminemail'], $subject, $body); if (!empty($pay['pay_code'])) { $dpay = cot_payments_payinfo($pay['pay_code']); if (!empty($dpay)) { $ubalance = cot_payments_getuserbalance($dpay['pay_userid']); if ($ubalance >= $dpay['pay_summ'] && cot_payments_updatestatus($dpay['pay_id'], 'paid')) { cot_payments_updateuserbalance($dpay['pay_userid'], -$dpay['pay_summ'], $dpay['pay_id']); } } } /* === Hook === */ foreach (cot_getextplugins('payments.balance.billing.done') as $pl) { include $pl; } /* ===== */ } } } if ($cfg['payments']['clearpaymentsdays'] > 0) { $clearpaymentsdate = $sys['now'] - $cfg['payments']['clearpaymentsdays'] * 24 * 60 * 60; $db->delete($db_payments, "pay_status!='done' AND pay_cdate<" . $clearpaymentsdate);
if (isset($_POST['LMI_PAYMENT_NO']) && preg_match('/^\\d+$/', $_POST['LMI_PAYMENT_NO']) == 1 && isset($_POST['RND']) && preg_match('/^[A-Z0-9]{8}$/', $_POST['RND'], $match) == 1) { $pinfo = $db->query("SELECT * FROM {$db_payments}\n\t\t\tWHERE pay_id='" . $_POST['LMI_PAYMENT_NO'] . "' \n\t\t\t\tAND pay_wmrnd='" . $_POST['RND'] . "' \n\t\t\t\t\tAND pay_status='process'")->fetch(); if (empty($pinfo)) { echo "ERR: Payment not found"; } else { $chkstring = $cfg['plugin']['wmbilling']['webmoney_purse'] . $pinfo['pay_summ'] . $pinfo['pay_id'] . $_POST['LMI_MODE'] . $_POST['LMI_SYS_INVS_NO'] . $_POST['LMI_SYS_TRANS_NO'] . $_POST['LMI_SYS_TRANS_DATE'] . $cfg['plugin']['wmbilling']['webmoney_skey'] . $_POST['LMI_PAYER_PURSE'] . $_POST['LMI_PAYER_WM']; if ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'MD5') { $md5sum = strtoupper(md5($chkstring)); $hash_check = $_POST['LMI_HASH'] == $md5sum; } elseif ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'SHA256') { $sha256sum = strtoupper(hash('sha256', $chkstring)); $hash_check = $_POST['LMI_HASH'] == $sha256sum; } elseif ($cfg['plugin']['wmbilling']['webmoney_hashmethod'] == 'SIGN') { // not done yet!!! } else { echo "ERR: Config parameter LMI_HASH_METHOD incorrect!"; } if ($_POST['LMI_PAYMENT_NO'] == $pinfo['pay_id'] && $_POST['LMI_PAYEE_PURSE'] == $cfg['plugin']['wmbilling']['webmoney_purse'] && $_POST['LMI_PAYMENT_AMOUNT'] == $pinfo['pay_summ'] * $cfg['plugin']['wmbilling']['webmoney_rate'] && $_POST['LMI_MODE'] == $cfg['plugin']['wmbilling']['webmoney_mode'] && $hash_check) { if (cot_payments_updatestatus($pinfo['pay_id'], 'paid')) { echo "YES"; } else { echo "ERR: Payment failed"; } } else { echo "ERR: Inconsistent parameters"; } } } else { echo "ERR: Inconsistent parameters"; } }
} $dataSet = array(); foreach ($status_data as $key => $value) { if (!preg_match('/ik_/', $key)) { continue; } $dataSet[$key] = $value; } $ik_sign = $dataSet['ik_sign']; unset($dataSet['ik_sign']); if ($dataSet['ik_pw_via'] == 'test_interkassa_test_xts') { $key = $cfg['plugin']['ikassabilling']['test_key']; } else { $key = $cfg['plugin']['ikassabilling']['secret_key']; } ksort($dataSet, SORT_STRING); array_push($dataSet, $key); $signString = implode(':', $dataSet); $sign = base64_encode(md5($signString, true)); if (!empty($dataSet['ik_pm_no'])) { $payinfo = cot_payments_payinfo($dataSet['ik_pm_no']); } if ($ik_sign === $sign && $dataSet['ik_inv_st'] == 'success' && $dataSet['ik_co_id'] == $cfg['plugin']['ikassabilling']['shop_id']) { if (cot_payments_updatestatus($dataSet['ik_pm_no'], 'paid')) { header('HTTP/1.1 200'); } else { header('HTTP/1.1 302'); } } else { header('HTTP/1.1 302'); }