private function viewWebmoney() { if (!extension::getInstance()->getConfig('balance_use_webmoney', 'user', extension::TYPE_COMPONENT, 'boolean')) { exit("Webmoney API disabled"); } $wm_cfg_purse = extension::getInstance()->getConfig('balance_wm_purse', 'user', extension::TYPE_COMPONENT, 'str'); $wm_cfg_mul = extension::getInstance()->getConfig('balance_wm_mul', 'user', extension::TYPE_COMPONENT, 'float'); $wm_cfg_secret = extension::getInstance()->getConfig('balance_wm_secretkey', 'user', extension::TYPE_COMPONENT, 'str'); $real_ip = system::getInstance()->getRealIp(); $ip_array_routes = system::getInstance()->altexplode('.', $real_ip); array_pop($ip_array_routes); $ip_masc = system::getInstance()->altimplode('.', $ip_array_routes); $wm_ips = array('212.118.48', '212.158.173', '91.200.28', '91.227.52'); if (!in_array($ip_masc, $wm_ips)) { logger::getInstance()->log(logger::LEVEL_WARN, 'Call to Webmoney REST_API from wrong ip: ' . $real_ip . ' masc: ' . $ip_masc); return null; } $pre_request = system::getInstance()->post('LMI_PREREQUEST'); $wm_seller_purse = system::getInstance()->post('LMI_PAYEE_PURSE'); // seller purse (must be our) $wm_payment_amount = system::getInstance()->post('LMI_PAYMENT_AMOUNT'); // payment price amount $wm_item_id = (int) system::getInstance()->post('LMI_PAYMENT_NO'); // user id $wm_test_mode = system::getInstance()->post('LMI_MODE'); // is test? $wm_paym_id = system::getInstance()->post('LMI_SYS_INVS_NO'); // webmoney payment id $wm_trans_id = system::getInstance()->post('LMI_SYS_TRANS_NO'); // webmoney transaction id $wm_trans_date = system::getInstance()->post('LMI_SYS_TRANS_DATE'); // date in strange format $wm_hash_trans = system::getInstance()->post('LMI_HASH'); // hash sum, can be null before 200OK response is checked $wm_buyer_wmpurse = system::getInstance()->post('LMI_PAYER_PURSE'); // client wm purse $wm_buyer_wmid = system::getInstance()->post('LMI_PAYER_WM'); // client WMID if ($pre_request == 1) { // its a pre-request, validation before pay if ($wm_seller_purse != $wm_cfg_purse) { exit("Seller purse is invalid"); } if (!user::getInstance()->exists($wm_item_id)) { exit("User id: " . $wm_item_id . " not exist"); } echo "YES"; } else { // its a result request after payment if ($wm_hash_trans == null) { // didnt know why, but webmoney make 2 requests if PREREQUEST is disabled. exit("Hash sum is null"); } $totaldata = $wm_seller_purse . $wm_payment_amount . $wm_item_id . $wm_test_mode . $wm_paym_id . $wm_trans_id . $wm_trans_date . $wm_cfg_secret . $wm_buyer_wmpurse . $wm_buyer_wmid; $calchash = strtoupper(hash('sha256', $totaldata)); if ($calchash != $wm_hash_trans || $wm_seller_purse != $wm_cfg_purse) { logger::getInstance()->log(logger::LEVEL_NOTIFY, 'Wrong balance recharge webmoney from ip: ' . $real_ip . '. Hash gen: ' . $calchash . ' get: ' . $wm_hash_trans . '. All data json: ' . json_encode(system::getInstance()->post())); return null; } $money_to_balance = $wm_payment_amount * $wm_cfg_mul; if ($money_to_balance <= 0) { return null; } user::getInstance()->addBalance($wm_item_id, $money_to_balance); $payparam = array('from_wm_purse' => $wm_buyer_wmpurse, 'from_wm_id' => $wm_buyer_wmid, 'date' => $wm_trans_date, 'sys_invs_id' => $wm_paym_id, 'sys_trans_id' => $wm_trans_id, 'amount' => $money_to_balance); user::getInstance()->putLog($wm_item_id, 'balance.wmadd', $payparam, 'Recharge balance via webmoney'); } }
/** * Get file mime type based on finfo function or gd lib (only for images) * @param string $file * @return null|string */ public function getMime($file) { if (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_NONE | FILEINFO_MIME); $mime = strstr(finfo_file($finfo, $file), ';', true); // ex: image/jpeg; charset=binary to image/jpeg finfo_close($finfo); return $mime; } elseif (function_exists('mime_content_type')) { return mime_content_type($file); } elseif (function_exists('getimagesize')) { // no other way, only gd func $info = getimagesize($file); return $info['mime']; } else { logger::getInstance()->log(logger::LEVEL_ERR, 'Not founded system function to get Mime info. Please install finfo extension.'); return null; } }