-
Notifications
You must be signed in to change notification settings - Fork 1
/
smscoin_result.php
48 lines (45 loc) · 2.48 KB
/
smscoin_result.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?
include ("conf.php");
header("Content-Type: text/html; charset=windows-1251");
Header("Cache-Control: no-cache, must-revalidate"); // ãîâîðèì áðàóçåðó ÷òî-áû îí íå êåøèðîâàë ýòó ñòðàíèöó
Header("Pragma: no-cache");
$data = mysql_connect($base_name, $base_user, $base_pass) or die('Íå ïîëó÷àåòñÿ ïîäêëþ÷èòüñÿ. Ïðîâåðüòå èìÿ ñåðâåðà, èìÿ ïîëüçîâàòåëÿ è ïàðîëü!');
mysql_select_db($db_name) or die('Îøèáêà âõîäà â áàçó äàííûõ');
##==========================================================================================
function ref_sign()
{
$params = func_get_args();
$prehash = implode("::", $params);
return md5($prehash);
}
foreach($_REQUEST as $request_key => $request_value)
{
$_REQUEST[$request_key] = substr(strip_tags(trim($request_value)), 0, 250);
}
$secret_code = "meydan_secret";
$purse = $_REQUEST["s_purse"]; // sms:bank id èäåíòèôèêàòîð ñìñ:áàíêà
$order_id = $_REQUEST["s_order_id"]; // operation id èäåíòèôèêàòîð îïåðàöèè
$amount = $_REQUEST["s_amount"]; // transaction sum ñóììà òðàíçàêöèè
$clear_amount = $_REQUEST["s_clear_amount"]; // billing algorithm àëãîðèòì ïîäñ÷åòà ñòîèìîñòè
$inv = $_REQUEST["s_inv"]; // operation number íîìåð îïåðàöèè
$phone = $_REQUEST["s_phone"]; // phone number íîìåð òåëåôîíà
$sign = $_REQUEST["s_sign_v2"]; // signature ïîäïèñü
$reference = ref_sign($secret_code, $purse, $order_id, $amount, $clear_amount, $inv, $phone);
$have_bank=mysql_fetch_Array(mysql_Query("SELECT users.id, users.login FROM bank LEFT JOIN users on users.login=bank.login WHERE number=".(int)$order_id));
if ($have_bank)
{
if($sign == $reference)
{
$add_platin=$amount*10*(1+$bonus/100);
$txt="Óäà÷íî ïåðåâåäåíû <b>$add_platin Ïë.</b>".($bonus?" (Áîíóñ:".$bonus."%)":"")." íà ñ÷åò íîìåð ".$order_id.". Óäà÷íîé èãðû, ìû ðàáîòàåì äëÿ Âàñ!";
mysql_query("UPDATE bank SET emoney=emoney+$add_platin WHERE number=".$order_id);
mysql_query("INSERT INTO smscoin(user_id, bank_id, platina, bonus, s_inv, s_phone, amount) VALUES ('".$have_bank["id"]."', '$order_id', '$add_platin', '$bonus', '$inv', '$phone','$amount')");
mysql_query("INSERT INTO pochta(user, whom, text, subject) VALUES ('Ïóòåøåñòâåííèê','".$have_bank["login"]."','".$txt."','Ïîêóïêà Ïëàòèíû')");
}
else
{
mysql_query("INSERT INTO smscoin(user_id, bank_id, platina, bonus, s_inv, s_phone, amount) VALUES ('".$have_bank["id"]."', '$order_id', '0', '$bonus', '$inv', '$phone', '$amount')");
}
}
mysql_close();
?>