function payment_config($id) { global $tpl, $template, $twig, $mysql, $SYSTEM_FLAGS, $config, $userROW, $lang, $CurrentHandler; $row = $mysql->record('SELECT * FROM ' . prefix . '_eshop_payment WHERE name = ' . db_squote($id) . ' LIMIT 1'); if (isset($_REQUEST['submit'])) { $PARAMS['name'] = $id; $PARAMS['merchantid'] = $_REQUEST['merchantid']; $PARAMS['merchantpass'] = $_REQUEST['merchantpass']; $SQL['name'] = $id; $SQL['options'] = json_encode($PARAMS); if (empty($error_text)) { $vnames = array(); foreach ($SQL as $k => $v) { $vnames[] = $k . ' = ' . db_squote($v); } $mysql->query("REPLACE INTO " . prefix . "_eshop_payment SET " . implode(', ', $vnames) . " "); redirect_eshop('?mod=extra-config&plugin=eshop&action=list_payment'); } } /* foreach ($row as $k => $v) { $tEntry[$k] = $v; } */ $tEntry = array(); $tEntry['name'] = $row['name']; $tEntry['options'] = json_decode($row['options'], true); $payment_config_tpl = dirname(__FILE__) . '/tpl/config.tpl'; $xt = $twig->loadTemplate($payment_config_tpl); $tVars = array('entries' => isset($tEntry) ? $tEntry : ''); $tpath = locatePluginTemplates(array('config/main'), 'eshop', 1); $xg = $twig->loadTemplate($tpath['config/main'] . 'config/' . 'main.tpl'); $tVars = array('entries' => $xt->render($tVars), 'php_self' => $PHP_SELF, 'plugin_url' => admin_url . '/admin.php?mod=extra-config&plugin=eshop', 'skins_url' => skins_url, 'admin_url' => admin_url, 'home' => home, 'current_title' => '—истемы оплаты [' . $id . ']'); print $xg->render($tVars); }
function plugin_ebasket_list() { global $mysql, $twig, $userROW, $template, $ip, $SYSTEM_FLAGS, $lang; // Определяем условия выборки $filter = array(); if (is_array($userROW)) { $filter[] = '(user_id = ' . db_squote($userROW['id']) . ')'; } if (isset($_COOKIE['ngTrackID']) && $_COOKIE['ngTrackID'] != '') { $filter[] = '(cookie = ' . db_squote($_COOKIE['ngTrackID']) . ')'; } // Выполняем выборку $recs = array(); $total = 0; if (count($filter)) { foreach ($SYSTEM_FLAGS["eshop"]["basket"]["entries"] as $rec) { $total += round($rec['price'] * $rec['count'], 2); $rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2)); $rec['xfields'] = unserialize($rec['linked_fld']); unset($rec['linked_fld']); $recs[] = $rec; } } if (!empty($_POST)) { $SQL['name'] = filter_var($_REQUEST['userInfo']['fullName'], FILTER_SANITIZE_STRING); if (empty($SQL['name'])) { $error_text[] = 'Имя не задано'; } $SQL['email'] = filter_var($_REQUEST['userInfo']['email'], FILTER_SANITIZE_STRING); if (empty($SQL['email'])) { $error_text[] = 'Email не задан'; } $SQL['phone'] = filter_var($_REQUEST['userInfo']['phone'], FILTER_SANITIZE_STRING); if (empty($SQL['phone'])) { $error_text[] = 'Телефон не задан'; } $SQL['address'] = filter_var($_REQUEST['userInfo']['deliverTo'], FILTER_SANITIZE_STRING); if (empty($SQL['address'])) { $error_text[] = 'Адрес доставки не задан'; } $SQL['comment'] = filter_var($_REQUEST['userInfo']['commentText'], FILTER_SANITIZE_STRING); $SQL['dt'] = time() + $config['date_adjust'] * 60; $SQL['ip'] = $ip; $SQL['type'] = "1"; $SQL['paid'] = 0; $SQL['total_price'] = $total; if (isset($userROW)) { $SQL['author_id'] = $userROW['id']; } $SQL['uniqid'] = substr(str_shuffle(MD5(microtime())), 0, 10); foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) { $r_count = $rec['count']; $linked_id = $rec['linked_id']; $linked_fld = unserialize($rec['linked_fld']); $variant_id = $linked_fld['item']['v_id']; $conditions = array(); if ($linked_id) { array_push($conditions, "p.id = " . db_squote($linked_id)); } if ($variant_id != 0) { array_push($conditions, "v.id = " . db_squote($variant_id)); } $fSort = " GROUP BY p.id ORDER BY p.id DESC"; $sqlQPart = "FROM " . prefix . "_eshop_products p LEFT JOIN " . prefix . "_eshop_products_categories pc ON p.id = pc.product_id LEFT JOIN " . prefix . "_eshop_categories c ON pc.category_id = c.id LEFT JOIN (SELECT * FROM " . prefix . "_eshop_images ORDER BY position, id) i ON i.product_id = p.id LEFT JOIN " . prefix . "_eshop_variants v ON p.id = v.product_id " . (count($conditions) ? "WHERE " . implode(" AND ", $conditions) : '') . $fSort; $sqlQ = "SELECT p.id AS id, p.url as url, p.code AS code, p.name AS name, p.active AS active, p.featured AS featured, p.position AS position, c.url as curl, c.name AS category, i.filepath AS image_filepath, v.id AS v_id, v.sku AS v_sku, v.name AS v_name, v.amount AS v_amount, v.price AS price, v.compare_price AS compare_price, v.stock AS stock " . $sqlQPart; // Retrieve news record $item_rec = $mysql->record($sqlQ); if ($item_rec['v_amount'] != NULL) { if ($r_count > $item_rec['v_amount']) { $error_text[] = 'Невозможно купить продукт: ' . $item_rec["name"] . '. Максимальное количество доступное для заказа: ' . $item_rec['v_amount']; } } } if (empty($error_text)) { $vnames = array(); foreach ($SQL as $k => $v) { $vnames[] = $k . ' = ' . db_squote($v); } $mysql->query('INSERT INTO ' . prefix . '_eshop_orders SET ' . implode(', ', $vnames) . ' '); $qid = $mysql->lastid('eshop_orders'); if ($qid != NULL) { foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) { $r_linked_id = $rec['linked_id']; $r_title = $rec['title']; $r_count = $rec['count']; $r_price = $rec['price']; $r_linked_fld = $rec['linked_fld']; $mysql->query("INSERT INTO " . prefix . "_eshop_order_basket (`order_id`, `linked_id`, `title`, `count`, `price`, `linked_fld`) VALUES ('{$qid}','{$r_linked_id}','{$r_title}','{$r_count}','{$r_price}','{$r_linked_fld}')"); } if (count($filter)) { $mysql->query("delete from " . prefix . "_eshop_ebasket where " . join(" or ", $filter)); foreach ($recs as $rec) { $v_id = $rec['xfields']['item']['v_id']; $variant = $mysql->record("SELECT amount FROM " . prefix . "_eshop_variants where id = '" . intval($v_id) . "'"); $current_amount = $variant['amount']; $r_count = $rec['count']; if ($current_amount != NULL) { if ($current_amount - $r_count > 0) { $mysql->query("update " . prefix . "_eshop_variants set amount = amount - " . intval($r_count) . " where id = " . intval($v_id)); } else { $mysql->query("update " . prefix . "_eshop_variants set amount = 0 where id = " . intval($v_id)); } } } } // Определяем условия выборки $filter = array(); if ($qid) { $filter[] = '(order_id = ' . db_squote($qid) . ')'; } $total = 0; foreach ($mysql->select("select * from " . prefix . "_eshop_order_basket where " . join(" or ", $filter), 1) as $rec) { $total += round($rec['price'] * $rec['count'], 2); $rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2)); $rec['xfields'] = unserialize($rec['linked_fld']); unset($rec['linked_fld']); $basket[] = $rec; } $notify_tpath = locatePluginTemplates(array('mail/lfeedback'), 'eshop', pluginGetVariable('eshop', 'localsource')); $notify_xt = $twig->loadTemplate($notify_tpath['mail/lfeedback'] . 'mail/' . 'lfeedback.tpl'); $pVars = array('recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'vnames' => $SQL); $mailBody = $notify_xt->render($pVars); $mailSubject = "Новый заказ с сайта"; $mailTo = pluginGetVariable('eshop', 'email_notify_orders'); $mail_from = pluginGetVariable('eshop', 'email_notify_back'); if ($mail_from == "") { $mail_from = false; } if ($mailTo != "") { sendEmailMessage($mailTo, $mailSubject, $mailBody, $filename = false, $mail_from, $ctype = 'text/html'); } $notify_text[] = 'Заказ добавлен.'; $order_link = checkLinkAvailable('eshop', 'order') ? generateLink('eshop', 'order', array(), array('id' => $qid, 'uniqid' => $SQL['uniqid'])) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'order'), array(), array('id' => $qid, 'uniqid' => $SQL['uniqid'])); return redirect_eshop($order_link); } } } if (!empty($error_text)) { foreach ($error_text as $error) { //$error_input .= msg(array("type" => "error", "text" => $error)); $error_input .= "<p>" . $error . "</p>"; } } else { $error_input = ''; } if (!empty($notify_text)) { foreach ($notify_text as $notify) { $notify_input .= msg(array("type" => "info", "text" => $notify)); } } else { $notify_input = ''; } foreach ($SQL as $k => $v) { $tFormEntry[$k] = $v; } $tFormEntry['error'] = $error_text; $tFormEntry['notify'] = $notify_text; $tFormEntry['id'] = $qid; $basket_link = checkLinkAvailable('eshop', 'ebasket_list') ? generateLink('eshop', 'ebasket_list', array()) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'ebasket_list'), array()); $tVars = array('formEntry' => $tFormEntry, 'recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'basket_link' => $basket_link); $tpath = locatePluginTemplates(array('ebasket/list'), 'eshop', pluginGetVariable('eshop', 'localsource')); $xt = $twig->loadTemplate($tpath['ebasket/list'] . 'ebasket/' . 'list.tpl'); $template['vars']['mainblock'] = $xt->render($tVars); $SYSTEM_FLAGS['info']['title']['others'] = ""; $SYSTEM_FLAGS['info']['title']['group'] = $lang['eshop']['name_basket']; $SYSTEM_FLAGS['meta']['description'] = ""; $SYSTEM_FLAGS['meta']['keywords'] = ""; }
function options() { global $tpl, $mysql, $cron, $twig; $tpath = locatePluginTemplates(array('config/main', 'config/general.from'), 'eshop', 1); $tVars = array(); if (isset($_REQUEST['submit'])) { pluginSetVariable('eshop', 'count', intval($_REQUEST['count'])); pluginSetVariable('eshop', 'count_search', secure_html($_REQUEST['count_search'])); pluginSetVariable('eshop', 'count_stocks', secure_html($_REQUEST['count_stocks'])); pluginSetVariable('eshop', 'views_count', $_REQUEST['views_count']); pluginSetVariable('eshop', 'bidirect_linked_products', $_REQUEST['bidirect_linked_products']); pluginSetVariable('eshop', 'approve_comments', $_REQUEST['approve_comments']); pluginSetVariable('eshop', 'sort_comments', $_REQUEST['sort_comments']); pluginSetVariable('eshop', 'integrate_gsmg', $_REQUEST['integrate_gsmg']); pluginSetVariable('eshop', 'max_image_size', intval($_REQUEST['max_image_size'])); pluginSetVariable('eshop', 'width_thumb', intval($_REQUEST['width_thumb'])); pluginSetVariable('eshop', 'width', intval($_REQUEST['width'])); pluginSetVariable('eshop', 'height', intval($_REQUEST['height'])); pluginSetVariable('eshop', 'ext_image', check_php_str($_REQUEST['ext_image'])); pluginSetVariable('eshop', 'pre_width', intval($_REQUEST['pre_width'])); pluginSetVariable('eshop', 'catz_max_image_size', intval($_REQUEST['catz_max_image_size'])); pluginSetVariable('eshop', 'catz_width_thumb', intval($_REQUEST['catz_width_thumb'])); pluginSetVariable('eshop', 'catz_width', intval($_REQUEST['catz_width'])); pluginSetVariable('eshop', 'catz_height', intval($_REQUEST['catz_height'])); pluginSetVariable('eshop', 'catz_ext_image', check_php_str($_REQUEST['catz_ext_image'])); pluginSetVariable('eshop', 'email_notify_orders', $_REQUEST['email_notify_orders']); pluginSetVariable('eshop', 'email_notify_comments', $_REQUEST['email_notify_comments']); pluginSetVariable('eshop', 'email_notify_back', $_REQUEST['email_notify_back']); pluginSetVariable('eshop', 'description_delivery', $_REQUEST['description_delivery']); pluginSetVariable('eshop', 'description_order', $_REQUEST['description_order']); pluginSetVariable('eshop', 'description_phones', $_REQUEST['description_phones']); pluginsSaveConfig(); redirect_eshop('?mod=extra-config&plugin=eshop&action=options'); } $views_cnt = intval(pluginGetVariable('eshop', 'views_count')); if ($views_cnt == 2) { $cron_row = $cron->getConfig(); foreach ($cron_row as $key => $value) { if ($value['plugin'] == 'eshop' && $value['handler'] == 'eshop_views') { $cron_min = $value['min']; $cron_hour = $value['hour']; $cron_day = $value['day']; $cron_month = $value['month']; } } if (!isset($cron_min)) { $cron_min = '0,15,30,45'; } if (!isset($cron_hour)) { $cron_hour = '*'; } if (!isset($cron_day)) { $cron_day = '*'; } if (!isset($cron_month)) { $cron_month = '*'; } $cron->unregisterTask('eshop', 'eshop_views'); $cron->registerTask('eshop', 'eshop_views', $cron_min, $cron_hour, $cron_day, $cron_month, '*'); } else { $cron->unregisterTask('eshop', 'eshop_views'); } $count = pluginGetVariable('eshop', 'count'); $count_search = pluginGetVariable('eshop', 'count_search'); $count_stocks = pluginGetVariable('eshop', 'count_stocks'); $views_count = pluginGetVariable('eshop', 'views_count'); $views_count = '<option value="0" ' . ($views_count == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($views_count == 1 ? 'selected' : '') . '>Да</option><option value="2" ' . ($views_count == 2 ? 'selected' : '') . '>Отложенное</option>'; $bidirect_linked_products = pluginGetVariable('eshop', 'bidirect_linked_products'); $bidirect_linked_products = '<option value="0" ' . ($bidirect_linked_products == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($bidirect_linked_products == 1 ? 'selected' : '') . '>Да</option>'; $approve_comments = pluginGetVariable('eshop', 'approve_comments'); $approve_comments = '<option value="0" ' . ($approve_comments == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($approve_comments == 1 ? 'selected' : '') . '>Да</option>'; $sort_comments = pluginGetVariable('eshop', 'sort_comments'); $sort_comments = '<option value="0" ' . ($sort_comments == 0 ? 'selected' : '') . '>Новые снизу</option><option value="1" ' . ($sort_comments == 1 ? 'selected' : '') . '>Новые сверху</option>'; $integrate_gsmg = pluginGetVariable('eshop', 'integrate_gsmg'); $integrate_gsmg = '<option value="0" ' . ($integrate_gsmg == 0 ? 'selected' : '') . '>Нет</option><option value="1" ' . ($integrate_gsmg == 1 ? 'selected' : '') . '>Да</option>'; $max_image_size = pluginGetVariable('eshop', 'max_image_size'); $width_thumb = pluginGetVariable('eshop', 'width_thumb'); $width = pluginGetVariable('eshop', 'width'); $height = pluginGetVariable('eshop', 'height'); $ext_image = pluginGetVariable('eshop', 'ext_image'); $pre_width = pluginGetVariable('eshop', 'pre_width'); $catz_max_image_size = pluginGetVariable('eshop', 'catz_max_image_size'); $catz_width_thumb = pluginGetVariable('eshop', 'catz_width_thumb'); $catz_width = pluginGetVariable('eshop', 'catz_width'); $catz_height = pluginGetVariable('eshop', 'catz_height'); $catz_ext_image = pluginGetVariable('eshop', 'catz_ext_image'); $email_notify_orders = pluginGetVariable('eshop', 'email_notify_orders'); $email_notify_comments = pluginGetVariable('eshop', 'email_notify_comments'); $email_notify_back = pluginGetVariable('eshop', 'email_notify_back'); $description_delivery = pluginGetVariable('eshop', 'description_delivery'); $description_order = pluginGetVariable('eshop', 'description_order'); $description_phones = pluginGetVariable('eshop', 'description_phones'); $tEntry = array('count' => $count, 'count_search' => $count_search, 'count_stocks' => $count_stocks, 'views_count' => $views_count, 'bidirect_linked_products' => $bidirect_linked_products, 'approve_comments' => $approve_comments, 'sort_comments' => $sort_comments, 'integrate_gsmg' => $integrate_gsmg, 'max_image_size' => $max_image_size, 'width_thumb' => $width_thumb, 'width' => $width, 'height' => $height, 'ext_image' => $ext_image, 'pre_width' => $pre_width, 'catz_max_image_size' => $catz_max_image_size, 'catz_width_thumb' => $catz_width_thumb, 'catz_width' => $catz_width, 'catz_height' => $catz_height, 'catz_ext_image' => $catz_ext_image, 'email_notify_orders' => $email_notify_orders, 'email_notify_comments' => $email_notify_comments, 'email_notify_back' => $email_notify_back, 'description_delivery' => $description_delivery, 'description_order' => $description_order, 'description_phones' => $description_phones); $xt = $twig->loadTemplate($tpath['config/general.from'] . 'config/' . 'general.from.tpl'); $tVars = array('entries' => isset($tEntry) ? $tEntry : ''); $xg = $twig->loadTemplate($tpath['config/main'] . 'config/' . 'main.tpl'); $tVars = array('entries' => $xt->render($tVars), 'php_self' => $PHP_SELF, 'plugin_url' => admin_url . '/admin.php?mod=extra-config&plugin=eshop', 'skins_url' => skins_url, 'admin_url' => admin_url, 'home' => home, 'current_title' => 'Настройки'); print $xg->render($tVars); }
function payment_action($payment_name, $payment_options, $rData) { global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS; $SUPRESS_TEMPLATE_SHOW = 1; $SUPRESS_MAINBLOCK_SHOW = 1; $current_time = time() + $config['date_adjust'] * 60; $result = intval($rData['result']); if (!empty($result)) { switch ($result) { case '1': // fail_url redirect_eshop(link_eshop()); break; case '2': $rData['sign'] = str_replace(' ', '+', $rData['sign']); $rData['xml'] = str_replace(' ', '+', $rData['xml']); // result_url if (!empty($rData['xml']) and !empty($rData['sign'])) { // Инициализация переменной для хранения сообщения об ошибке $error = ''; // Декодируем входные параметры $xml_encoded = str_replace(' ', '+', $rData['xml']); $xml = base64_decode($xml_encoded); // преобразуем входной xml в удобный для использования формат $xml_vars = simplexml_load_string($xml); //$file = '/home/s/stdex/air.tw1.ru/public_html/engine/plugins/eshop/eeeeee.txt'; //file_put_contents($file, strval($xml_vars), FILE_APPEND | LOCK_EX); if ($xml_vars->order_id) { $hidden_key = $payment_options['hidden_key']; $sign = md5($hidden_key . $xml . $hidden_key); $sign_encode = base64_encode($sign); $a_or_id = explode("_", $xml_vars->order_id); $zid = $a_or_id[1]; $merchant_id = (string) $xml_vars->merchant_id; $order_id = (string) $xml_vars->order_id; $amount = (string) $xml_vars->amount; $currency = (string) $xml_vars->currency; $description = (string) $xml_vars->description; $description = iconv("utf-8", "windows-1251", $description); $paymode = (string) $xml_vars->paymode; $trans_id = (string) $xml_vars->trans_id; $status = (string) $xml_vars->status; $error_msg = (string) $xml_vars->error_msg; $test_mode = (string) $xml_vars->test_mode; $info = array('payment_name' => $payment_name, 'merchant_id' => $merchant_id, 'amount' => $amount, 'currency' => $currency, 'description' => $description, 'paymode' => $paymode, 'trans_id' => $trans_id, 'status' => $status, 'error_msg' => $error_msg, 'test_mode' => $test_mode); if ($sign_encode == $rData['sign']) { if ($status == 'success') { $mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info) VALUES (' . db_squote($current_time) . ', ' . db_squote($zid) . ', ' . db_squote(json_encode($info)) . ' ) '); $mysql->query('UPDATE ' . prefix . '_eshop_orders SET paid = 1 WHERE id = ' . $zid . ' '); } } else { $error = 'Incorrect sign'; //redirect_eshop(link_eshop()); } } else { $error = 'Unknown order_id'; //redirect_eshop(link_eshop()); } // Отвечаем серверу Pay2Pay if ($error == '') { $ret = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <result>\n <status>yes</status>\n <err_msg></err_msg>\n </result>"; } else { $ret = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <result>\n <status>no</status>\n <err_msg>{$error}</err_msg>\n </result>"; } die($ret); } break; case '3': // success_url redirect_eshop(link_eshop()); break; default: break; } } else { $filter = array(); $SQL = array(); $order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING); $uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING); if (empty($order_id) || empty($uniqid)) { redirect_eshop(link_eshop()); } else { $filter[] = '(id = ' . db_squote($order_id) . ')'; $filter[] = '(uniqid = ' . db_squote($uniqid) . ')'; $sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1"; $row = $mysql->record($sqlQ); if ($row['paid'] == 1) { redirect_eshop(link_eshop()); } elseif (!empty($row)) { $merchant_id = $payment_options['merchant_id']; // Идентификатор магазина в Pay2Pay $secret_key = $payment_options['secret_key']; // Секретный ключ $hash_order_id = $current_time . "_" . $order_id; // Номер заказа $amount = $row['total_price']; // Сумма заказа $currency = $SYSTEM_FLAGS['eshop']['currency'][0]['code']; // Валюта заказа $desc = 'Оплата по заказу ID: ' . $order_id; // Описание заказа $desc = iconv("windows-1251", "utf-8", $desc); $test_mode = $payment_options['test_mode']; // Тестовый режим // Формируем xml $xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n <request>\n <version>1.2</version>\n <merchant_id>{$merchant_id}</merchant_id>\n <language>ru</language>\n <order_id>{$hash_order_id}</order_id>\n <amount>{$amount}</amount>\n <currency>{$currency}</currency>\n <description>{$desc}</description>\n <test_mode>{$test_mode}</test_mode>\n <other><![CDATA[{$order_id}]]></other>\n </request>"; // Вычисляем подпись $sign = md5($secret_key . $xml . $secret_key); // Кодируем данные в BASE64 $xml_encode = base64_encode($xml); $sign_encode = base64_encode($sign); echo ' <!DOCTYPE html><html><body> <form id="b-site" action="https://merchant.pay2pay.com/?page=init" method="post"> <input type="hidden" name="xml" value="' . $xml_encode . '"> <input type="hidden" name="sign" value="' . $sign_encode . '"> </form> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js"></script> <script>$("document").ready(function() {$("#b-site").submit();});</script> </body></html>'; exit; } else { redirect_eshop(link_eshop()); } } } }
function payment_action($payment_name, $payment_options, $rData) { global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS; $SUPRESS_TEMPLATE_SHOW = 1; $SUPRESS_MAINBLOCK_SHOW = 1; $current_time = time() + $config['date_adjust'] * 60; $result = intval($rData['result']); if (!empty($result)) { switch ($result) { case '1': // fail_url redirect_eshop(link_eshop()); break; case '2': // result_url $method = $rData['method']; $params = $rData['params']; $secretKey = $payment_options['secretKey']; if ($method == 'check') { $message = 'CHECK is successful'; return json_encode(array("jsonrpc" => "2.0", "result" => array("message" => $message))); } elseif ($method == 'pay') { if ($params['sign'] == getMd5Sign($params, $secretKey)) { $merchant_purse = $params; $amount = $rData['OutSum']; $order_id = intval($rData['InvId']); $info = array('payment_name' => $payment_name, 'merchant_purse' => $merchant_purse, 'amount' => $amount, 'order_id' => $order_id); $mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info) VALUES (' . db_squote($current_time) . ', ' . db_squote($order_id) . ', ' . db_squote(json_encode($info)) . ' ) '); $mysql->query('UPDATE ' . prefix . '_eshop_orders SET paid = 1 WHERE id = ' . $order_id . ' '); $message = 'PAY is successful'; return json_encode(array("jsonrpc" => "2.0", "result" => array("message" => $message))); } else { $message = 'Incorrect digital signature'; return json_encode(array("jsonrpc" => "2.0", "error" => array("code" => -32000, "message" => $message))); } } else { $message = $method . ' not supported'; return json_encode(array("jsonrpc" => "2.0", "error" => array("code" => -32000, "message" => $message))); } break; case '3': // success_url redirect_eshop(link_eshop()); break; default: break; } } else { $filter = array(); $SQL = array(); $order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING); $uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING); if (empty($order_id) || empty($uniqid)) { redirect_eshop(link_eshop()); } else { $filter[] = '(id = ' . db_squote($order_id) . ')'; $filter[] = '(uniqid = ' . db_squote($uniqid) . ')'; $sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1"; $row = $mysql->record($sqlQ); if ($row['paid'] == 1) { redirect_eshop(link_eshop()); } elseif (!empty($row)) { if (!empty($_SERVER['REMOTE_ADDR'])) { $ip = $_SERVER['REMOTE_ADDR']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } $paymentType = "card"; $sum = $row['total_price']; $account = $order_id; $projectId = $payment_options['projectId']; $secretKey = $payment_options['secretKey']; $desc = 'Оплата по заказу ID: ' . $order_id; $account = $order_id; $fail_url = home . '/eshop/payment/?result=1&payment_id=unitpay'; $result_url = home . '/eshop/payment/?result=2&payment_id=unitpay'; $success_url = home . '/eshop/payment/?result=3&payment_id=unitpay'; $currency = $SYSTEM_FLAGS['eshop']['currency'][0]['code']; // build URL $url = "https://unitpay.ru/api?method=initPayment&" . "params[paymentType]={$paymentType}¶ms[sum]={$sum}¶ms[account]={$account}¶ms[projectId]={$projectId}¶ms[secretKey]={$secretKey}¶ms[ip]={$ip}¶ms[resultUrl]={$success_url}¶ms[currency]={$currency}"; header('Location: ' . $url . ''); exit; } else { redirect_eshop(link_eshop()); } } } }
function payment_action($payment_name, $payment_options, $rData) { global $tpl, $template, $config, $mysql, $lang, $twig, $SUPRESS_TEMPLATE_SHOW, $SYSTEM_FLAGS; $SUPRESS_TEMPLATE_SHOW = 1; $SUPRESS_MAINBLOCK_SHOW = 1; $current_time = time() + $config['date_adjust'] * 60; $result = intval($rData['result']); if (!empty($result)) { switch ($result) { case '1': // fail_url redirect_eshop(link_eshop()); break; case '2': // result_url // Кошелек продавца, на который покупатель совершил платеж. Формат - буква и 12 цифр. $merchant_purse = $rData['LMI_PAYEE_PURSE']; // Сумма, которую заплатил покупатель. Дробная часть отделяется точкой. $amount = $rData['OutSum']; // Внутренний номер покупки продавца // В этом поле передается id заказа в нашем магазине. $order_id = intval($rData['InvId']); // Контрольная подпись $crc = strtoupper($rData['SignatureValue']); $mrh_pass2 = $payment_options['mrh_pass2']; // Проверяем контрольную подпись $my_crc = strtoupper(md5("{$amount}:{$order_id}:{$mrh_pass2}")); if ($my_crc !== $crc) { die("bad sign\n"); } $info = array('payment_name' => $payment_name, 'merchant_purse' => $merchant_purse, 'amount' => $amount, 'order_id' => $order_id); $mysql->query('INSERT INTO ' . prefix . '_eshop_purchases (dt, order_id, info) VALUES (' . db_squote($current_time) . ', ' . db_squote($order_id) . ', ' . db_squote(json_encode($info)) . ' ) '); $mysql->query('UPDATE ' . prefix . '_eshop_orders SET paid = 1 WHERE id = ' . $order_id . ' '); die("OK" . $order_id . "\n"); break; case '3': // success_url redirect_eshop(link_eshop()); break; default: break; } } else { $filter = array(); $SQL = array(); $order_id = filter_var($rData['order_id'], FILTER_SANITIZE_STRING); $uniqid = filter_var($rData['order_uniqid'], FILTER_SANITIZE_STRING); if (empty($order_id) || empty($uniqid)) { redirect_eshop(link_eshop()); } else { $filter[] = '(id = ' . db_squote($order_id) . ')'; $filter[] = '(uniqid = ' . db_squote($uniqid) . ')'; $sqlQ = "SELECT * FROM " . prefix . "_eshop_orders " . (count($filter) ? "WHERE " . implode(" AND ", $filter) : '') . " LIMIT 1"; $row = $mysql->record($sqlQ); if ($row['paid'] == 1) { redirect_eshop(link_eshop()); } elseif (!empty($row)) { $mrh_login = $payment_options['mrh_login']; $mrh_pass1 = $payment_options['mrh_pass1']; $test_mode = $payment_options['test_mode']; $inv_id = $order_id; $inv_desc = 'Оплата по заказу ID: ' . $order_id; $out_summ = $row['total_price']; $OutSumCurrency = $SYSTEM_FLAGS['eshop']['currency'][0]['code']; $shp_item = 1; $in_curr = ""; $culture = "ru"; $IsTest = $test_mode; $crc = md5("{$mrh_login}:{$out_summ}:{$inv_id}:{$OutSumCurrency}:{$mrh_pass1}:Shp_item={$shp_item}"); // build URL $url = "https://auth.robokassa.ru/Merchant/Index.aspx?MrchLogin={$mrh_login}&" . "OutSum={$out_summ}&InvId={$inv_id}&Desc={$inv_desc}&OutSumCurrency={$OutSumCurrency}&SignatureValue={$crc}&IsTest={$IsTest}"; header('Location: ' . $url . ''); exit; } else { redirect_eshop(link_eshop()); } } } }