function payment_config($id)
{
global $tpl, $template, $twig, $mysql, $SYSTEM_FLAGS, $config, $userROW, $lang, $CurrentHandler;
$row = $mysql->record('SELECT * FROM ' . prefix . '_eshop_payment WHERE name = ' . db_squote($id) . ' LIMIT 1');
if (isset($_REQUEST['submit'])) {
$PARAMS['name'] = $id;
$PARAMS['merchantid'] = $_REQUEST['merchantid'];
$PARAMS['merchantpass'] = $_REQUEST['merchantpass'];
$SQL['name'] = $id;
$SQL['options'] = json_encode($PARAMS);
if (empty($error_text)) {
$vnames = array();
foreach ($SQL as $k => $v) {
$vnames[] = $k . ' = ' . db_squote($v);
}
$mysql->query("REPLACE INTO " . prefix . "_eshop_payment SET " . implode(', ', $vnames) . " ");
redirect_eshop('?mod=extra-config&plugin=eshop&action=list_payment');
}
}
/*
foreach ($row as $k => $v) {
$tEntry[$k] = $v;
}
*/
$tEntry = array();
$tEntry['name'] = $row['name'];
$tEntry['options'] = json_decode($row['options'], true);
$payment_config_tpl = dirname(__FILE__) . '/tpl/config.tpl';
$xt = $twig->loadTemplate($payment_config_tpl);
$tVars = array('entries' => isset($tEntry) ? $tEntry : '');
$tpath = locatePluginTemplates(array('config/main'), 'eshop', 1);
$xg = $twig->loadTemplate($tpath['config/main'] . 'config/' . 'main.tpl');
$tVars = array('entries' => $xt->render($tVars), 'php_self' => $PHP_SELF, 'plugin_url' => admin_url . '/admin.php?mod=extra-config&plugin=eshop', 'skins_url' => skins_url, 'admin_url' => admin_url, 'home' => home, 'current_title' => '—истемы оплаты [' . $id . ']');
print $xg->render($tVars);
}
function plugin_ebasket_list()
{
global $mysql, $twig, $userROW, $template, $ip, $SYSTEM_FLAGS, $lang;
// Определяем условия выборки
$filter = array();
if (is_array($userROW)) {
$filter[] = '(user_id = ' . db_squote($userROW['id']) . ')';
}
if (isset($_COOKIE['ngTrackID']) && $_COOKIE['ngTrackID'] != '') {
$filter[] = '(cookie = ' . db_squote($_COOKIE['ngTrackID']) . ')';
}
// Выполняем выборку
$recs = array();
$total = 0;
if (count($filter)) {
foreach ($SYSTEM_FLAGS["eshop"]["basket"]["entries"] as $rec) {
$total += round($rec['price'] * $rec['count'], 2);
$rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2));
$rec['xfields'] = unserialize($rec['linked_fld']);
unset($rec['linked_fld']);
$recs[] = $rec;
}
}
if (!empty($_POST)) {
$SQL['name'] = filter_var($_REQUEST['userInfo']['fullName'], FILTER_SANITIZE_STRING);
if (empty($SQL['name'])) {
$error_text[] = 'Имя не задано';
}
$SQL['email'] = filter_var($_REQUEST['userInfo']['email'], FILTER_SANITIZE_STRING);
if (empty($SQL['email'])) {
$error_text[] = 'Email не задан';
}
$SQL['phone'] = filter_var($_REQUEST['userInfo']['phone'], FILTER_SANITIZE_STRING);
if (empty($SQL['phone'])) {
$error_text[] = 'Телефон не задан';
}
$SQL['address'] = filter_var($_REQUEST['userInfo']['deliverTo'], FILTER_SANITIZE_STRING);
if (empty($SQL['address'])) {
$error_text[] = 'Адрес доставки не задан';
}
$SQL['comment'] = filter_var($_REQUEST['userInfo']['commentText'], FILTER_SANITIZE_STRING);
$SQL['dt'] = time() + $config['date_adjust'] * 60;
$SQL['ip'] = $ip;
$SQL['type'] = "1";
$SQL['paid'] = 0;
$SQL['total_price'] = $total;
if (isset($userROW)) {
$SQL['author_id'] = $userROW['id'];
}
$SQL['uniqid'] = substr(str_shuffle(MD5(microtime())), 0, 10);
foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) {
$r_count = $rec['count'];
$linked_id = $rec['linked_id'];
$linked_fld = unserialize($rec['linked_fld']);
$variant_id = $linked_fld['item']['v_id'];
$conditions = array();
if ($linked_id) {
array_push($conditions, "p.id = " . db_squote($linked_id));
}
if ($variant_id != 0) {
array_push($conditions, "v.id = " . db_squote($variant_id));
}
$fSort = " GROUP BY p.id ORDER BY p.id DESC";
$sqlQPart = "FROM " . prefix . "_eshop_products p LEFT JOIN " . prefix . "_eshop_products_categories pc ON p.id = pc.product_id LEFT JOIN " . prefix . "_eshop_categories c ON pc.category_id = c.id LEFT JOIN (SELECT * FROM " . prefix . "_eshop_images ORDER BY position, id) i ON i.product_id = p.id LEFT JOIN " . prefix . "_eshop_variants v ON p.id = v.product_id " . (count($conditions) ? "WHERE " . implode(" AND ", $conditions) : '') . $fSort;
$sqlQ = "SELECT p.id AS id, p.url as url, p.code AS code, p.name AS name, p.active AS active, p.featured AS featured, p.position AS position, c.url as curl, c.name AS category, i.filepath AS image_filepath, v.id AS v_id, v.sku AS v_sku, v.name AS v_name, v.amount AS v_amount, v.price AS price, v.compare_price AS compare_price, v.stock AS stock " . $sqlQPart;
// Retrieve news record
$item_rec = $mysql->record($sqlQ);
if ($item_rec['v_amount'] != NULL) {
if ($r_count > $item_rec['v_amount']) {
$error_text[] = 'Невозможно купить продукт: ' . $item_rec["name"] . '. Максимальное количество доступное для заказа: ' . $item_rec['v_amount'];
}
}
}
if (empty($error_text)) {
$vnames = array();
foreach ($SQL as $k => $v) {
$vnames[] = $k . ' = ' . db_squote($v);
}
$mysql->query('INSERT INTO ' . prefix . '_eshop_orders SET ' . implode(', ', $vnames) . ' ');
$qid = $mysql->lastid('eshop_orders');
if ($qid != NULL) {
foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) {
$r_linked_id = $rec['linked_id'];
$r_title = $rec['title'];
$r_count = $rec['count'];
$r_price = $rec['price'];
$r_linked_fld = $rec['linked_fld'];
$mysql->query("INSERT INTO " . prefix . "_eshop_order_basket (`order_id`, `linked_id`, `title`, `count`, `price`, `linked_fld`) VALUES ('{$qid}','{$r_linked_id}','{$r_title}','{$r_count}','{$r_price}','{$r_linked_fld}')");
}
if (count($filter)) {
$mysql->query("delete from " . prefix . "_eshop_ebasket where " . join(" or ", $filter));
foreach ($recs as $rec) {
$v_id = $rec['xfields']['item']['v_id'];
$variant = $mysql->record("SELECT amount FROM " . prefix . "_eshop_variants where id = '" . intval($v_id) . "'");
$current_amount = $variant['amount'];
$r_count = $rec['count'];
if ($current_amount != NULL) {
if ($current_amount - $r_count > 0) {
$mysql->query("update " . prefix . "_eshop_variants set amount = amount - " . intval($r_count) . " where id = " . intval($v_id));
} else {
$mysql->query("update " . prefix . "_eshop_variants set amount = 0 where id = " . intval($v_id));
}
}
}
}
// Определяем условия выборки
$filter = array();
if ($qid) {
$filter[] = '(order_id = ' . db_squote($qid) . ')';
}
$total = 0;
foreach ($mysql->select("select * from " . prefix . "_eshop_order_basket where " . join(" or ", $filter), 1) as $rec) {
$total += round($rec['price'] * $rec['count'], 2);
$rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2));
$rec['xfields'] = unserialize($rec['linked_fld']);
unset($rec['linked_fld']);
$basket[] = $rec;
}
$notify_tpath = locatePluginTemplates(array('mail/lfeedback'), 'eshop', pluginGetVariable('eshop', 'localsource'));
$notify_xt = $twig->loadTemplate($notify_tpath['mail/lfeedback'] . 'mail/' . 'lfeedback.tpl');
$pVars = array('recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'vnames' => $SQL);
$mailBody = $notify_xt->render($pVars);
$mailSubject = "Новый заказ с сайта";
$mailTo = pluginGetVariable('eshop', 'email_notify_orders');
$mail_from = pluginGetVariable('eshop', 'email_notify_back');
if ($mail_from == "") {
$mail_from = false;
}
if ($mailTo != "") {
sendEmailMessage($mailTo, $mailSubject, $mailBody, $filename = false, $mail_from, $ctype = 'text/html');
}
$notify_text[] = 'Заказ добавлен.';
$order_link = checkLinkAvailable('eshop', 'order') ? generateLink('eshop', 'order', array(), array('id' => $qid, 'uniqid' => $SQL['uniqid'])) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'order'), array(), array('id' => $qid, 'uniqid' => $SQL['uniqid']));
return redirect_eshop($order_link);
}
}
}
if (!empty($error_text)) {
foreach ($error_text as $error) {
//$error_input .= msg(array("type" => "error", "text" => $error));
$error_input .= "<p>" . $error . "</p>";
}
} else {
$error_input = '';
}
if (!empty($notify_text)) {
foreach ($notify_text as $notify) {
$notify_input .= msg(array("type" => "info", "text" => $notify));
}
} else {
$notify_input = '';
}
foreach ($SQL as $k => $v) {
$tFormEntry[$k] = $v;
}
$tFormEntry['error'] = $error_text;
$tFormEntry['notify'] = $notify_text;
$tFormEntry['id'] = $qid;
$basket_link = checkLinkAvailable('eshop', 'ebasket_list') ? generateLink('eshop', 'ebasket_list', array()) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'ebasket_list'), array());
$tVars = array('formEntry' => $tFormEntry, 'recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'basket_link' => $basket_link);
$tpath = locatePluginTemplates(array('ebasket/list'), 'eshop', pluginGetVariable('eshop', 'localsource'));
$xt = $twig->loadTemplate($tpath['ebasket/list'] . 'ebasket/' . 'list.tpl');
$template['vars']['mainblock'] = $xt->render($tVars);
$SYSTEM_FLAGS['info']['title']['others'] = "";
$SYSTEM_FLAGS['info']['title']['group'] = $lang['eshop']['name_basket'];
$SYSTEM_FLAGS['meta']['description'] = "";
$SYSTEM_FLAGS['meta']['keywords'] = "";
}
function options()
{
global $tpl, $mysql, $cron, $twig;
$tpath = locatePluginTemplates(array('config/main', 'config/general.from'), 'eshop', 1);
$tVars = array();
if (isset($_REQUEST['submit'])) {
pluginSetVariable('eshop', 'count', intval($_REQUEST['count']));
pluginSetVariable('eshop', 'count_search', secure_html($_REQUEST['count_search']));
pluginSetVariable('eshop', 'count_stocks', secure_html($_REQUEST['count_stocks']));
pluginSetVariable('eshop', 'views_count', $_REQUEST['views_count']);
pluginSetVariable('eshop', 'bidirect_linked_products', $_REQUEST['bidirect_linked_products']);
pluginSetVariable('eshop', 'approve_comments', $_REQUEST['approve_comments']);
pluginSetVariable('eshop', 'sort_comments', $_REQUEST['sort_comments']);
pluginSetVariable('eshop', 'integrate_gsmg', $_REQUEST['integrate_gsmg']);
pluginSetVariable('eshop', 'max_image_size', intval($_REQUEST['max_image_size']));
pluginSetVariable('eshop', 'width_thumb', intval($_REQUEST['width_thumb']));
pluginSetVariable('eshop', 'width', intval($_REQUEST['width']));
pluginSetVariable('eshop', 'height', intval($_REQUEST['height']));
pluginSetVariable('eshop', 'ext_image', check_php_str($_REQUEST['ext_image']));
pluginSetVariable('eshop', 'pre_width', intval($_REQUEST['pre_width']));
pluginSetVariable('eshop', 'catz_max_image_size', intval($_REQUEST['catz_max_image_size']));
pluginSetVariable('eshop', 'catz_width_thumb', intval($_REQUEST['catz_width_thumb']));
pluginSetVariable('eshop', 'catz_width', intval($_REQUEST['catz_width']));
pluginSetVariable('eshop', 'catz_height', intval($_REQUEST['catz_height']));
pluginSetVariable('eshop', 'catz_ext_image', check_php_str($_REQUEST['catz_ext_image']));
pluginSetVariable('eshop', 'email_notify_orders', $_REQUEST['email_notify_orders']);
pluginSetVariable('eshop', 'email_notify_comments', $_REQUEST['email_notify_comments']);
pluginSetVariable('eshop', 'email_notify_back', $_REQUEST['email_notify_back']);
pluginSetVariable('eshop', 'description_delivery', $_REQUEST['description_delivery']);
pluginSetVariable('eshop', 'description_order', $_REQUEST['description_order']);
pluginSetVariable('eshop', 'description_phones', $_REQUEST['description_phones']);
pluginsSaveConfig();
redirect_eshop('?mod=extra-config&plugin=eshop&action=options');
}
$views_cnt = intval(pluginGetVariable('eshop', 'views_count'));
if ($views_cnt == 2) {
$cron_row = $cron->getConfig();
foreach ($cron_row as $key => $value) {
if ($value['plugin'] == 'eshop' && $value['handler'] == 'eshop_views') {
$cron_min = $value['min'];
$cron_hour = $value['hour'];
$cron_day = $value['day'];
$cron_month = $value['month'];
}
}
if (!isset($cron_min)) {
$cron_min = '0,15,30,45';
}
if (!isset($cron_hour)) {
$cron_hour = '*';
}
if (!isset($cron_day)) {
$cron_day = '*';
}
if (!isset($cron_month)) {
$cron_month = '*';
}
$cron->unregisterTask('eshop', 'eshop_views');
$cron->registerTask('eshop', 'eshop_views', $cron_min, $cron_hour, $cron_day, $cron_month, '*');
} else {
$cron->unregisterTask('eshop', 'eshop_views');
}
$count = pluginGetVariable('eshop', 'count');
$count_search = pluginGetVariable('eshop', 'count_search');
$count_stocks = pluginGetVariable('eshop', 'count_stocks');
$views_count = pluginGetVariable('eshop', 'views_count');
$views_count = '<option value="0" ' . ($views_count == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($views_count == 1 ? 'selected' : '') . '>Да</option><option value="2" ' . ($views_count == 2 ? 'selected' : '') . '>Отложенное</option>';
$bidirect_linked_products = pluginGetVariable('eshop', 'bidirect_linked_products');
$bidirect_linked_products = '<option value="0" ' . ($bidirect_linked_products == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($bidirect_linked_products == 1 ? 'selected' : '') . '>Да</option>';
$approve_comments = pluginGetVariable('eshop', 'approve_comments');
$approve_comments = '<option value="0" ' . ($approve_comments == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($approve_comments == 1 ? 'selected' : '') . '>Да</option>';
$sort_comments = pluginGetVariable('eshop', 'sort_comments');
$sort_comments = '<option value="0" ' . ($sort_comments == 0 ? 'selected' : '') . '>Новые снизу</option><option value="1" ' . ($sort_comments == 1 ? 'selected' : '') . '>Новые сверху</option>';
$integrate_gsmg = pluginGetVariable('eshop', 'integrate_gsmg');
$integrate_gsmg = '<option value="0" ' . ($integrate_gsmg == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($integrate_gsmg == 1 ? 'selected' : '') . '>Да</option>';
$max_image_size = pluginGetVariable('eshop', 'max_image_size');
$width_thumb = pluginGetVariable('eshop', 'width_thumb');
$width = pluginGetVariable('eshop', 'width');
$height = pluginGetVariable('eshop', 'height');
$ext_image = pluginGetVariable('eshop', 'ext_image');
$pre_width = pluginGetVariable('eshop', 'pre_width');
$catz_max_image_size = pluginGetVariable('eshop', 'catz_max_image_size');
$catz_width_thumb = pluginGetVariable('eshop', 'catz_width_thumb');
$catz_width = pluginGetVariable('eshop', 'catz_width');
$catz_height = pluginGetVariable('eshop', 'catz_height');
$catz_ext_image = pluginGetVariable('eshop', 'catz_ext_image');
$email_notify_orders = pluginGetVariable('eshop', 'email_notify_orders');
$email_notify_comments = pluginGetVariable('eshop', 'email_notify_comments');
$email_notify_back = pluginGetVariable('eshop', 'email_notify_back');
$description_delivery = pluginGetVariable('eshop', 'description_delivery');
$description_order = pluginGetVariable('eshop', 'description_order');
$description_phones = pluginGetVariable('eshop', 'description_phones');
$tEntry = array('count' => $count, 'count_search' => $count_search, 'count_stocks' => $count_stocks, 'views_count' => $views_count, 'bidirect_linked_products' => $bidirect_linked_products, 'approve_comments' => $approve_comments, 'sort_comments' => $sort_comments, 'integrate_gsmg' => $integrate_gsmg, 'max_image_size' => $max_image_size, 'width_thumb' => $width_thumb, 'width' => $width, 'height' => $height, 'ext_image' => $ext_image, 'pre_width' => $pre_width, 'catz_max_image_size' => $catz_max_image_size, 'catz_width_thumb' => $catz_width_thumb, 'catz_width' => $catz_width, 'catz_height' => $catz_height, 'catz_ext_image' => $catz_ext_image, 'email_notify_orders' => $email_notify_orders, 'email_notify_comments' => $email_notify_comments, 'email_notify_back' => $email_notify_back, 'description_delivery' => $description_delivery, 'description_order' => $description_order, 'description_phones' => $description_phones);
$xt = $twig->loadTemplate($tpath['config/general.from'] . 'config/' . 'general.from.tpl');
$tVars = array('entries' => isset($tEntry) ? $tEntry : '');
$xg = $twig->loadTemplate($tpath['config/main'] . 'config/' . 'main.tpl');
$tVars = array('entries' => $xt->render($tVars), 'php_self' => $PHP_SELF, 'plugin_url' => admin_url . '/admin.php?mod=extra-config&plugin=eshop', 'skins_url' => skins_url, 'admin_url' => admin_url, 'home' => home, 'current_title' => 'Настройки');
print $xg->render($tVars);
}
function payment_action($payment_name, $payment_options, $rData)
{
global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS;
$SUPRESS_TEMPLATE_SHOW = 1;
$SUPRESS_MAINBLOCK_SHOW = 1;
$current_time = time() + $config['date_adjust'] * 60;
$result = intval($rData['result']);
if (!empty($result)) {
switch ($result) {
case '1':
// fail_url
redirect_eshop(link_eshop());
break;
case '2':
$rData['sign'] = str_replace(' ', '+', $rData['sign']);
$rData['xml'] = str_replace(' ', '+', $rData['xml']);
// result_url
if (!empty($rData['xml']) and !empty($rData['sign'])) {
// Инициализация переменной для хранения сообщения об ошибке
$error = '';
// Декодируем входные параметры
$xml_encoded = str_replace(' ', '+', $rData['xml']);
$xml = base64_decode($xml_encoded);
// преобразуем входной xml в удобный для использования формат
$xml_vars = simplexml_load_string($xml);
//$file = '/home/s/stdex/air.tw1.ru/public_html/engine/plugins/eshop/eeeeee.txt';
//file_put_contents($file, strval($xml_vars), FILE_APPEND | LOCK_EX);
if ($xml_vars->order_id) {
$hidden_key = $payment_options['hidden_key'];
$sign = md5($hidden_key . $xml . $hidden_key);
$sign_encode = base64_encode($sign);
$a_or_id = explode("_", $xml_vars->order_id);
$zid = $a_or_id[1];
$merchant_id = (string) $xml_vars->merchant_id;
$order_id = (string) $xml_vars->order_id;
$amount = (string) $xml_vars->amount;
$currency = (string) $xml_vars->currency;
$description = (string) $xml_vars->description;
$description = iconv("utf-8", "windows-1251", $description);
$paymode = (string) $xml_vars->paymode;
$trans_id = (string) $xml_vars->trans_id;
$status = (string) $xml_vars->status;
$error_msg = (string) $xml_vars->error_msg;
$test_mode = (string) $xml_vars->test_mode;
$info = array('payment_name' => $payment_name, 'merchant_id' => $merchant_id, 'amount' => $amount, 'currency' => $currency, 'description' => $description, 'paymode' => $paymode, 'trans_id' => $trans_id, 'status' => $status, 'error_msg' => $error_msg, 'test_mode' => $test_mode);
if ($sign_encode == $rData['sign']) {
if ($status == 'success') {
$mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info)
VALUES
(' . db_squote($current_time) . ',
' . db_squote($zid) . ',
' . db_squote(json_encode($info)) . '
)
');
$mysql->query('UPDATE ' . prefix . '_eshop_orders SET
paid = 1
WHERE id = ' . $zid . '
');
}
} else {
$error = 'Incorrect sign';
//redirect_eshop(link_eshop());
}
} else {
$error = 'Unknown order_id';
//redirect_eshop(link_eshop());
}
// Отвечаем серверу Pay2Pay
if ($error == '') {
$ret = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <result>\n <status>yes</status>\n <err_msg></err_msg>\n </result>";
} else {
$ret = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <result>\n <status>no</status>\n <err_msg>{$error}</err_msg>\n </result>";
}
die($ret);
}
break;
case '3':
// success_url
redirect_eshop(link_eshop());
break;
default:
break;
}
} else {
$filter = array();
$SQL = array();
$order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING);
$uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING);
if (empty($order_id) || empty($uniqid)) {
redirect_eshop(link_eshop());
} else {
$filter[] = '(id = ' . db_squote($order_id) . ')';
$filter[] = '(uniqid = ' . db_squote($uniqid) . ')';
$sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1";
$row = $mysql->record($sqlQ);
if ($row['paid'] == 1) {
redirect_eshop(link_eshop());
} elseif (!empty($row)) {
$merchant_id = $payment_options['merchant_id'];
// Идентификатор магазина в Pay2Pay
$secret_key = $payment_options['secret_key'];
// Секретный ключ
$hash_order_id = $current_time . "_" . $order_id;
// Номер заказа
$amount = $row['total_price'];
// Сумма заказа
$currency = $SYSTEM_FLAGS['eshop']['currency'][0]['code'];
// Валюта заказа
$desc = 'Оплата по заказу ID: ' . $order_id;
// Описание заказа
$desc = iconv("windows-1251", "utf-8", $desc);
$test_mode = $payment_options['test_mode'];
// Тестовый режим
// Формируем xml
$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <request>\n <version>1.2</version>\n <merchant_id>{$merchant_id}</merchant_id>\n <language>ru</language>\n <order_id>{$hash_order_id}</order_id>\n <amount>{$amount}</amount>\n <currency>{$currency}</currency>\n <description>{$desc}</description>\n <test_mode>{$test_mode}</test_mode>\n <other><![CDATA[{$order_id}]]></other>\n </request>";
// Вычисляем подпись
$sign = md5($secret_key . $xml . $secret_key);
// Кодируем данные в BASE64
$xml_encode = base64_encode($xml);
$sign_encode = base64_encode($sign);
echo '
<!DOCTYPE html><html><body>
<form id="b-site" action="https://merchant.pay2pay.com/?page=init" method="post">
<input type="hidden" name="xml" value="' . $xml_encode . '">
<input type="hidden" name="sign" value="' . $sign_encode . '">
</form>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js"></script>
<script>$("document").ready(function() {$("#b-site").submit();});</script>
</body></html>';
exit;
} else {
redirect_eshop(link_eshop());
}
}
}
}
function payment_action($payment_name, $payment_options, $rData)
{
global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS;
$SUPRESS_TEMPLATE_SHOW = 1;
$SUPRESS_MAINBLOCK_SHOW = 1;
$current_time = time() + $config['date_adjust'] * 60;
$result = intval($rData['result']);
if (!empty($result)) {
switch ($result) {
case '1':
// fail_url
redirect_eshop(link_eshop());
break;
case '2':
// result_url
$method = $rData['method'];
$params = $rData['params'];
$secretKey = $payment_options['secretKey'];
if ($method == 'check') {
$message = 'CHECK is successful';
return json_encode(array("jsonrpc" => "2.0", "result" => array("message" => $message)));
} elseif ($method == 'pay') {
if ($params['sign'] == getMd5Sign($params, $secretKey)) {
$merchant_purse = $params;
$amount = $rData['OutSum'];
$order_id = intval($rData['InvId']);
$info = array('payment_name' => $payment_name, 'merchant_purse' => $merchant_purse, 'amount' => $amount, 'order_id' => $order_id);
$mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info)
VALUES
(' . db_squote($current_time) . ',
' . db_squote($order_id) . ',
' . db_squote(json_encode($info)) . '
)
');
$mysql->query('UPDATE ' . prefix . '_eshop_orders SET
paid = 1
WHERE id = ' . $order_id . '
');
$message = 'PAY is successful';
return json_encode(array("jsonrpc" => "2.0", "result" => array("message" => $message)));
} else {
$message = 'Incorrect digital signature';
return json_encode(array("jsonrpc" => "2.0", "error" => array("code" => -32000, "message" => $message)));
}
} else {
$message = $method . ' not supported';
return json_encode(array("jsonrpc" => "2.0", "error" => array("code" => -32000, "message" => $message)));
}
break;
case '3':
// success_url
redirect_eshop(link_eshop());
break;
default:
break;
}
} else {
$filter = array();
$SQL = array();
$order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING);
$uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING);
if (empty($order_id) || empty($uniqid)) {
redirect_eshop(link_eshop());
} else {
$filter[] = '(id = ' . db_squote($order_id) . ')';
$filter[] = '(uniqid = ' . db_squote($uniqid) . ')';
$sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1";
$row = $mysql->record($sqlQ);
if ($row['paid'] == 1) {
redirect_eshop(link_eshop());
} elseif (!empty($row)) {
if (!empty($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
$paymentType = "card";
$sum = $row['total_price'];
$account = $order_id;
$projectId = $payment_options['projectId'];
$secretKey = $payment_options['secretKey'];
$desc = 'Оплата по заказу ID: ' . $order_id;
$account = $order_id;
$fail_url = home . '/eshop/payment/?result=1&payment_id=unitpay';
$result_url = home . '/eshop/payment/?result=2&payment_id=unitpay';
$success_url = home . '/eshop/payment/?result=3&payment_id=unitpay';
$currency = $SYSTEM_FLAGS['eshop']['currency'][0]['code'];
// build URL
$url = "https://unitpay.ru/api?method=initPayment&" . "params[paymentType]={$paymentType}¶ms[sum]={$sum}¶ms[account]={$account}¶ms[projectId]={$projectId}¶ms[secretKey]={$secretKey}¶ms[ip]={$ip}¶ms[resultUrl]={$success_url}¶ms[currency]={$currency}";
header('Location: ' . $url . '');
exit;
} else {
redirect_eshop(link_eshop());
}
}
}
}
function payment_action($payment_name, $payment_options, $rData)
{
global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS;
$SUPRESS_TEMPLATE_SHOW = 1;
$SUPRESS_MAINBLOCK_SHOW = 1;
$current_time = time() + $config['date_adjust'] * 60;
$result = intval($rData['result']);
if (!empty($result)) {
switch ($result) {
case '1':
// fail_url
redirect_eshop(link_eshop());
break;
case '2':
// result_url
// Кошелек продавца, на который покупатель совершил платеж. Формат - буква и 12 цифр.
$merchant_purse = $rData['LMI_PAYEE_PURSE'];
// Сумма, которую заплатил покупатель. Дробная часть отделяется точкой.
$amount = $rData['OutSum'];
// Внутренний номер покупки продавца
// В этом поле передается id заказа в нашем магазине.
$order_id = intval($rData['InvId']);
// Контрольная подпись
$crc = strtoupper($rData['SignatureValue']);
$mrh_pass2 = $payment_options['mrh_pass2'];
// Проверяем контрольную подпись
$my_crc = strtoupper(md5("{$amount}:{$order_id}:{$mrh_pass2}"));
if ($my_crc !== $crc) {
die("bad sign\n");
}
$info = array('payment_name' => $payment_name, 'merchant_purse' => $merchant_purse, 'amount' => $amount, 'order_id' => $order_id);
$mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info)
VALUES
(' . db_squote($current_time) . ',
' . db_squote($order_id) . ',
' . db_squote(json_encode($info)) . '
)
');
$mysql->query('UPDATE ' . prefix . '_eshop_orders SET
paid = 1
WHERE id = ' . $order_id . '
');
die("OK" . $order_id . "\n");
break;
case '3':
// success_url
redirect_eshop(link_eshop());
break;
default:
break;
}
} else {
$filter = array();
$SQL = array();
$order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING);
$uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING);
if (empty($order_id) || empty($uniqid)) {
redirect_eshop(link_eshop());
} else {
$filter[] = '(id = ' . db_squote($order_id) . ')';
$filter[] = '(uniqid = ' . db_squote($uniqid) . ')';
$sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1";
$row = $mysql->record($sqlQ);
if ($row['paid'] == 1) {
redirect_eshop(link_eshop());
} elseif (!empty($row)) {
$mrh_login = $payment_options['mrh_login'];
$mrh_pass1 = $payment_options['mrh_pass1'];
$test_mode = $payment_options['test_mode'];
$inv_id = $order_id;
$inv_desc = 'Оплата по заказу ID: ' . $order_id;
$out_summ = $row['total_price'];
$OutSumCurrency = $SYSTEM_FLAGS['eshop']['currency'][0]['code'];
$shp_item = 1;
$in_curr = "";
$culture = "ru";
$IsTest = $test_mode;
$crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$OutSumCurrency}:{$mrh_pass1}:Shp_item={$shp_item}");
// build URL
$url = "https://auth.robokassa.ru/Merchant/Index.aspx?MrchLogin={$mrh_login}&" . "OutSum={$out_summ}&InvId={$inv_id}&Desc={$inv_desc}&OutSumCurrency={$OutSumCurrency}&SignatureValue={$crc}&IsTest={$IsTest}";
header('Location: ' . $url . '');
exit;
} else {
redirect_eshop(link_eshop());
}
}
}
}
