<?phpnamespace Controllers\User\Payments;use Controllers\Controller;use

1. <?php
2. namespace Controllers\User\Payments;
3.  
4. use Controllers\Controller;
5. use Models\UserModel;
6. use Service\CoinsCalculator;
7. use Respect\Validation\Validator as v;
8.  
9. class HotPayController extends Controller
10. {
11. public function pscListAction($request, $response)
12. {
13. return $this->view->render($response, 'paysafecard.html.twig');
14. }
15.  
16. public function pscReceiveAction($request, $response)
17. {
18. if (!empty($_POST["KWOTA"]) &&
19. !empty($_POST["ID_PLATNOSCI"]) &&
20. !empty($_POST["ID_ZAMOWIENIA"]) &&
21. !empty($_POST["STATUS"]) &&
22. !empty($_POST["SEKRET"]) &&
23. !empty($_POST["HASH"])
24. ) {
25. if (hash("sha256", $this->settings['payments']['hotpay']['paysafecardPassword'] . ";" . $_POST["KWOTA"] . ";" . $_POST["ID_PLATNOSCI"] . ";" . $_POST["ID_ZAMOWIENIA"] . ";" . $_POST["STATUS"] . ";" . $_POST["SEKRET"]) == $_POST["HASH"]) {
26. if ($_POST["STATUS"] == "SUCCESS") {
27. $amount = $_POST['KWOTA'];
28. $userId = $_POST['ID_ZAMOWIENIA'];
29.  
30. UserModel::grantCoins($userId, CoinsCalculator::calculate($amount));
31.  
32. return json_encode([
33. 'success' => true
34. ]);
35. } else if ($_POST["STATUS"] == "FAILURE") {
36. return json_encode([
37. 'success' => false
38. ]);
39. }
40. }
41.  
42. }
43. return json_encode([
44. 'success' => false
45. ]);
46. }
47.  
48. public function transferListAction($request, $response)
49. {
50. return $this->view->render($response, 'transfer.html.twig');
51. }
52.  
53. public function transferReceiveAction($request, $response)
54. {
55. if (!empty($_POST["KWOTA"]) &&
56. !empty($_POST["ID_PLATNOSCI"]) &&
57. !empty($_POST["ID_ZAMOWIENIA"]) &&
58. !empty($_POST["STATUS"]) &&
59. !empty($_POST["SEKRET"]) &&
60. !empty($_POST["HASH"])
61. ) {
62. if (hash("sha256", $this->settings['payments']['hotpay']['transferPassword'] . ";" . $_POST["KWOTA"] . ";" . $_POST["ID_PLATNOSCI"] . ";" . $_POST["ID_ZAMOWIENIA"] . ";" . $_POST["STATUS"] . ";" . $_POST["SEKRET"]) == $_POST["HASH"]) {
63. if ($_POST["STATUS"] == "SUCCESS") {
64. $amount = $_POST['KWOTA'];
65. $userId = $_POST['ID_ZAMOWIENIA'];
66.  
67. UserModel::grantCoins($userId, CoinsCalculator::calculate($amount));
68.  
69. return json_encode([
70. 'success' => true
71. ]);
72. } else if ($_POST["STATUS"] == "FAILURE") {
73.  
74. return json_encode([
75. 'success' => false
76. ]);
77. }
78. }
79. }
80.  
81. return json_encode([
82. 'success' => false
83. ]);
84. }
85.  
86. public function smsListAction($request, $response)
87. {
88. if ($request->isPost()) {
89. $_sms = $request->getParsedBody()['sms'];
90.  
91. $validation = $this->validator->validate($request, [
92. 'sms' => v::notEmpty(),
93. ]);
94.  
95. if (!$validation->isValid()) {
96. return $response->withRedirect($this->router->pathFor('payments.hotpay.sms'));
97. }
98.  
99.  
100. foreach ($this->settings['payments']['hotpay']['sms'] as $sms) {
101. $hotPayresponse = json_decode(file_get_contents('https://api.hotpay.pl/check_sms.php?sekret=' . $sms[4] . '&kod_sms=' . $_sms));
102.  
103. if ($hotPayresponse->status === 'ERROR') continue;
104.  
105. if ($hotPayresponse->status === 'SUKCESS') {
106. if (intval($hotPayresponse->aktywacja) === 1) {
107. UserModel::grantCoins($_SESSION['user']['id'], $sms[3]);
108.  
109. $this->flash->addMessage('success', 'Kod został użyty pomyślnie. Doładowano: ' . $sms[3] . ' SM.');
110. } else {
111. $this->flash->addMessage('alert', 'Podany przez Ciebie kod zostal juz wykorzystany.');
112. }
113.  
114. return $response->withRedirect($this->router->pathFor('payments.hotpay.sms'));
115. }
116. }
117.  
118. $this->flash->addMessage('alert', 'Podano nieprawidlowy kod.');
119. return $response->withRedirect($this->router->pathFor('payments.hotpay.sms'));
120. }
121.  
122. return $this->view->render($response, 'sms.html.twig');
123. }
124. }