/
smscoin.php
174 lines (165 loc) · 7.51 KB
/
smscoin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
<?
include('key.php');
ob_start("ob_gzhandler");
include ("conf.php");
$login=$_SESSION['login'];
header("Content-Type: text/html; charset=windows-1251");
Header("Cache-Control: no-cache, must-revalidate"); // ãîâîðèì áðàóçåðó ÷òî-áû îí íå êåøèðîâàë ýòó ñòðàíèöó
Header("Pragma: no-cache");
$data = mysql_connect($base_name, $base_user, $base_pass) or die('Íå ïîëó÷àåòñÿ ïîäêëþ÷èòüñÿ. Ïðîâåðüòå èìÿ ñåðâåðà, èìÿ ïîëüçîâàòåëÿ è ïàðîëü!');
mysql_select_db($db_name) or die('Îøèáêà âõîäà â áàçó äàííûõ');
##==========================================================================================
function ref_sign()
{
$params = func_get_args();
$prehash = implode("::", $params);
return md5($prehash);
}
// the function prints a request form
// ôóíêöèÿ ïå÷àòàåò ôîðìó çàïðîñà
function print_form($purse, $order_id, $amount, $clear_amount, $description, $secret_code, $submit)
{
// making signature
// ñîçäàåì ïîäïèñü
$sign = ref_sign($purse, $order_id, $amount, $clear_amount, $description, $secret_code);
echo '<form action="http://service.smscoin.com/bank/" method="post">
<input name="s_purse" type="hidden" value="'.$purse.'" />
<input name="s_order_id" type="hidden" value="'.$order_id.'" />
<input name="s_amount" type="hidden" value="'.$amount.'" />
<input name="s_clear_amount" type="hidden" value="'.$clear_amount.'" />
<input name="s_description" type="hidden" value="'.$description.'" />
<input name="s_sign" type="hidden" value="'.$sign.'" />
<input type="submit" style="background-color:#AA0000; color: white;" value="'.$submit.'" />
</form>';
}
##==========================================================================================
?>
<html>
<head>
<title>WWW.MEYDAN.AZ - Îòëè÷íàÿ RPG îíëàéí èãðà ïîñâÿùåííàÿ áîÿì è ìàãèè</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<meta http-equiv="Content-Language" content="ru">
<meta http-equiv="cache-control" Content="no-cache, max-age=0, must-revalidate, no-store">
<meta http-equiv="pragma" content=no-cache>
<meta http-equiv="expires" content=0>
<link rel=stylesheet href='main.css' type='text/css'>
<style>
.bgrright {background: url("img/design/brg-top-right-1-blank.gif") repeat-x top left}
.bgrleft {background: url("img/design/brg-top-left-1-blank.gif") repeat-x top right}
.bgrdown {background: url("img/design/down-bgr-blank.gif") repeat-x top right}
</style>
</head>
<body bgcolor="#392F2D" background="img/design/bgr.gif" link="#FFD175" vlink="#FFD175" alink="white" leftmargin=0 topmargin=0 rightmargin=0 bottommargin=0 marginwidth=0 marginheight=0>
<table cellspacing=0 cellpadding=0 border=0 width=100% align=center>
<tr>
<td>
<table cellspacing=0 cellpadding=0 border=0 width="100%">
<tr valign=top>
<td class="bgrleft" width=50%><img src="img/design/top-left-blank.gif" hspace=0 vspace=0 border=0></td>
<td width=302><img src="img/design/top-balls_inf.gif" hspace=0 vspace=0 border=0></td>
<td class="bgrright" width="100%" align="right"><img src="img/design/top-right-blank.gif" hspace=0 vspace=0 border=0></td>
</tr>
</table>
<table cellspacing=0 cellpadding=0 border=0 width="100%">
<tr>
<td background="img/design/left-bgr-blank.gif"><img src="img/design/dot.gif" width=10 height=1 hspace=0 vspace=0 border=0></td>
<td width=100% background="img/design/bgr.jpg">
<?
$db = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE login='".$login."'"));
if ($db)
{
echo "
<br/><br/><br/>
<h3>Ïîêóïêà Ïëàòèíû (Ïë.) Îïëàòà ñî ñ÷åòà ìîáèëüíîãî òåëåôîíà.</h3>
<center>Îïëàòà çà ïîêóïêó áóäåò ñïèñàíà ñ áàëàíñà ñ÷åòà Âàøåãî ìîáèëüíîãî òåëåôîíà.<br>";
if ($bonus)echo "<font color=red>Âíèìàíèå! Àêöèÿ! Ïðè ïîêóïêå Ïëàòèíû - â ïîäàðîê äîïîëíèòåëüíî <b>".$bonus."%</b> îò ñóììû ïîêóïêè!</font><br><br>";
echo "<br><br>";
##===========================================================
if ($_POST["bankid"])
{
$bank_id=(int)$_POST["bankid"];
$have_bank_id=mysql_fetch_Array(mysql_query("SELECT number FROM bank WHERE login='".$login."' and number=".$bank_id));
if ($have_bank_id)
{
$_SESSION["bank_id"]=$bank_id;
switch ($_POST["amount"])
{
case 1:$_SESSION["amount"]=0.1;break;
case 2:$_SESSION["amount"]=2;break;
case 5:$_SESSION["amount"]=5;break;
default :$_SESSION["amount"]=2;break;
}
}
else echo "<font color=red>Ñ÷åò <b>".$bank_id."</b> íå ñóùåñòâóåò èëè Âû íå ìîæåòå èì ïîëüçîâàòüñÿ!</font>";
}
##===========================================================
if ($_GET["destroy"])$_SESSION["bank_id"]="";
##===========================================================
if ($_SESSION["bank_id"])
{
echo "<b>Ñ÷¸ò ¹:</b> ".$_SESSION["bank_id"]." <a href='?destroy=1'>Ñìåíèòü ñ÷¸ò</a><br>
Ñóììà òðàíçàêöèè: <b>".$_SESSION["amount"].".00AZN</b><br>";
echo "<b>Âû ïîëó÷èòå: ".$_SESSION["amount"].".00 AZN = ".($_SESSION["amount"]*10).".00Ïë.".($bonus?" [ + ".($_SESSION["amount"]*10*$bonus/100).".00Ïë. Áîíóñ] =<font color=red>".($_SESSION["amount"]*10*(1+$bonus/100)).".00Ïë.</font>":"")."</b><br>";
##===========================================================
// service secret code
// ñåêðåòíûé êîä ñåðâèñà
$secret_code = "meydan_secret";
// initializing variables
// èíèöèàëèçèðóåì ïåðåìåííûå
$purse = 12946; // sms:bank id èäåíòèôèêàòîð ñìñ:áàíêà
$order_id = $_SESSION["bank_id"]; // operation id èäåíòèôèêàòîð îïåðàöèè
$amount = $_SESSION["amount"]; // transaction sum ñóììà òðàíçàêöèè
$clear_amount = 0; // billing algorithm àëãîðèòì ïîäñ÷åòà ñòîèìîñòè
$description = "SMS PAYMENT SYSTEM"; // operation desc îïèñàíèå îïåðàöèè
$submit = "Ïîêóïêà Ïëàòèíû"; // submit label íàäïèñü íà êíîïêå submit
// printing the form
// ïå÷àòàåì ôîðìó
print_form($purse, $order_id, $amount, $clear_amount, $description, $secret_code, $submit);
##===========================================================
}
else
{
$nomer = mysql_query("SELECT number FROM bank WHERE login='".$login."'");
if (mysql_num_rows($nomer))
{
echo "<FORM ACTION='smscoin.php' METHOD='POST'>
<fieldset style='width:500px;'>
<legend><b>Óïðàâëåíèå ñ÷åòîì ¹</b></legend>
<table border=0 cellpadding=1 cellspacing=3 align=center>
<tr>
<td>Íîìåð ñ÷åòà: </td>
<td>
<select name='bankid' style='width:100'>";
for ($i=0; $i<mysql_num_rows($nomer);$i++)
{
$num=mysql_fetch_array($nomer);
echo "<option value=".$num['number'].">".$num['number'];
}
echo "</select>
<select name='amount'>
<option value=2>2 AZN</option>
<option value=5>5 AZN</option>
</select>
</td>
<td><INPUT TYPE='submit' VALUE='Âûáðàòü Ñ÷åò'></td>
</tr>
</table>
</FIELDSET></FORM>";
}
}
}
mysql_close();
?>
</td>
<td background="img/design/right-bgr-blank.gif"><img src="img/design/dot.gif" width=10 height=1 hspace=0 vspace=0 border=0></td>
</tr>
</table>
<table cellspacing=0 cellpadding=0 border=0 width="100%" height=55 class="bgrdown">
<tr valign=top>
<td><img src="img/design/down-left-blank.gif" width=34 height=25 hspace=0 vspace=0 border=0></td>
<td width=100%></td>
<td><img src="img/design/down-right-blank.gif" width=34 height=25 hspace=0 vspace=0 border=0></td>
</tr>
</table>
</body>
</HTML>