function VerifyCheck($data, $sSiteID = "") { $parameters = array($data["tid"], $data["name"], $data["comment"], $data["partner_id"], $data["service_id"], $data["order_id"], $data["type"], $data["partner_income"], $data["system_income"], $data["test"], CRficbPayment::GetSecretKey($sSiteID)); $given_check = $data["check"]; $generated_check = md5(join('', $parameters)); return $given_check === $generated_check; }
$email = CUser::GetEmail(); $com = CSalePaySystemAction::GetParamValue("COMMISSION"); $cart = CSalePaySystemAction::GetParamValue("PAY_CART"); $wm = CSalePaySystemAction::GetParamValue("PAY_WM"); $ym = CSalePaySystemAction::GetParamValue("PAY_YM"); $mc = CSalePaySystemAction::GetParamValue("PAY_MC"); $qiwi = CSalePaySystemAction::GetParamValue("PAY_QIWI"); $phone = CSalePaySystemAction::GetParamValue("PHONE"); //if($cart && $wm && $ym && $mc && $qiwi && $phone) $i=2; //else $i = 3; if (!($arOrder = CSaleOrder::GetByID($order_id))) { return; } $name = GetMessage("RFICB.PAYMENT_PAYMENT_FOR_ORDER", array("#DATE#" => $date, "#ORDER_ID#" => $order_id)); $key = CRficbPayment::GetKey($arOrder["LID"]); ?> <script language="javascript" type="text/javascript"> function ptype(paytype){ document.getElementById("payment_type").value = paytype; } </script> <form method="POST" class="application" accept-charset="UTF-8" action="https://partner.rficb.ru/a1lite/input" target="_blank"> <input type="hidden" name="key" value="<?php echo $key; ?> " /> <input type="hidden" name="cost" value="<?php echo $cost; ?> " />
} IncludeModuleLangFile(__FILE__); if (!CModule::IncludeModule("rficb.payment")) { die('rficb.payment module not found'); } if ($_SERVER["REQUEST_METHOD"] == "POST") { $module_id = "rficb.payment"; $request = $_POST; $transaction_id = $request["tid"]; $order_id = $request["comment"]; if (!($arOrder = CSaleOrder::GetByID(IntVal($request["comment"])))) { AddMessage2Log(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id); SendError(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id); mail('*****@*****.**', $_SERVER["SERVER_NAME"], GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID")); } else { if (!CRficbPayment::VerifyCheck($request, $arOrder["LID"])) { $strStatus = ""; $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id)); $strStatus .= GetMessage("RFICB.PAYMENT_SIGNS_DONT_MATCH", array("#ORDER_ID#" => $order_id)); $arFields = array("PS_STATUS" => "N", "PS_STATUS_MESSAGE" => $strStatus, "PS_RESPONSE_DATE" => date("d-m-Y H:i:s"), "USER_ID" => $arOrder["USER_ID"]); CSaleOrder::Update($arOrder["ID"], $arFields); } else { $strStatus = ""; $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id)); $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_FOR_ORDER_SUCCESFUL", array("#ORDER_ID#" => $order_id)); if ($arOrder["PRICE"] <= $request["system_income"]) { $payed = "Y"; CSaleOrder::PayOrder($arOrder["ID"], "Y"); } else { $payed = "N"; $strStatus .= GetMessage("RFICB.PAYMENT_NOT_FULL_PAYMENT");