<? error_reporting(E_ERROR | E_PARSE); define("STOP_STATISTICS", true); define("NOT_CHECK_PERMISSIONS", true); if($_GET["admin_section"]=="Y") define("ADMIN_SECTION", true); else define("BX_PUBLIC_TOOLS", true); if(!require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_before.php")) die('prolog_before.php not found!'); if(CModule::IncludeModule("onpay.sale")) { if($_REQUEST['type']=='check') { COnpayPayment::CheckAction($_REQUEST); } elseif($_REQUEST['type']=='pay') { COnpayPayment::PayAction($_POST); } } require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php"); ?>
$form_id = $form_id ? $form_id : COnpayPayment::$_df_form_id; $pay_mode = COnpayPayment::$_df_pay_mode; $md5check = md5("{$pay_mode};{$sum_for_md5};{$curr};{$order_id};{$convert};{$key}"); //Создаем проверочную строку, которая защищает платежную ссылку от изменений $url = COnpayPayment::$pay_url."{$login}?f={$form_id}&pay_mode={$pay_mode}&pay_for={$order_id}&price={$sum}&ticker={$curr}&convert={$convert}&md5={$md5check}&user_email=".urlencode($user_email)."&url_success=".urlencode($path); //Формируем платежную ссылку if(COnpayPayment::GetPriceFinal() == "Y") { $url .= "&price_final=true"; } if($lang = COnpayPayment::GetLang()) { $url .= "&ln={$lang}"; } if($ext_params = COnpayPayment::GetExtParams()) { $url .= "&{$ext_params}"; } if(!COnpayPayment::CheckOrderPayed($order_id)) { ?> <p><b><?php echo GetMessage("ONPAY.SALE_PAYMENT_ONPAY__ORDER_CAPTION", array("#SUM#" => $sum, "#CURRENCY#" => $currency, "#ORDER_ID#" => $order_id)); ?> </b><p> <form action="<?php echo $url; ?> " method="post" target="_blank"> <table><tr><td><img src="<?php echo COnpayPayment::$logo_url; ?> " style="float:left;margin-right:10px;" /><input type="submit" name="submit" value="<?php
function PayAction($request) { COnpayPayment::SaveLog($request); $_request = $request; $pay = $payOut = array( 'type' => 'pay', 'pay_for' => intval($request['pay_for']), 'onpay_id' => intval($request['onpay_id']), 'order_id' => intval($request['pay_for']), 'amount' => COnpayPayment::toFloat($request['order_amount']), 'currency' => trim($request['order_currency']), 'code' => 3, 'key' => COnpayPayment::GetApiInKey(), ); unset($pay['code']); unset($pay['order_id']); $pay['md5_string'] = implode(";", $pay); $pay['md5'] = strtoupper(md5($pay['md5_string'])); $order_amount = floatval($request['order_amount']); $text = "Error in parameters data"; if(COnpayPayment::_Validate($request) && CModule::IncludeModule("sale")) { $text = "Cannot find any pay rows acording to this parameters: wrong payment"; if($arOrder = CSaleOrder::GetByID($request['ORDER_ID'])) { COnpayPayment::SaveLog($arOrder); $needSum = floatval($arOrder['PRICE']) - floatval($arOrder['SUM_PAID']); $currency = COnpayPayment::GetWMCurrency($arOrder['CURRENCY']); if($arOrder['PAYED'] == 'N' && $needSum <= $order_amount && $currency == $pay['currency']) { if($pay['md5'] != $request['md5']) { $text = "Md5 signature is wrong"; $payOut['code'] = 7; } else { $arFields = array( 'PS_STATUS' => 'Y', 'PS_STATUS_CODE' => 0, 'PS_STATUS_DESCRIPTION' => 'OK', 'PS_STATUS_MESSAGE' => '', 'PS_SUM' => floatval($arOrder['PS_SUM']) + $order_amount, 'PS_CURRENCY' => $pay['currency'], 'PS_RESPONSE_DATE' => Date(CDatabase::DateFormatToPHP(CLang::GetDateFormat("FULL", LANG))), ); foreach($_request as $key=>$val) $arFields['PS_STATUS_MESSAGE'] .= "{$key}:{$val};\n"; COnpayPayment::SaveLog($arFields); if(CSaleOrder::Update($arOrder["ID"], $arFields) && CSaleOrder::PayOrder($arOrder["ID"], "Y")) { $payOut['code'] = 0; $text = "OK"; } else { $text = "Error in mechant database queries: operation or balance tables error"; } } } } } $payOut['md5_string'] = implode(";", $payOut); $payOut['md5'] = strtoupper(md5($payOut['md5_string'])); COnpayPayment::SaveLog($pay); COnpayPayment::SaveLog($payOut); $out = "<?xml version=\"1.0\" encoding=\"UTF-8\"?> <result> <code>{$payOut['code']}</code> <comment>{$text}</comment> <onpay_id>{$payOut['onpay_id']}</onpay_id> <pay_for>{$payOut['pay_for']}</pay_for> <order_id>{$payOut['order_id']}</order_id> <md5>{$payOut['md5']}</md5> </result>"; echo $out; COnpayPayment::SaveLog($out."\n\n"); }