Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require "./core/config.php";
- $secretKey = $UnitPay['secret_key'];
- $price = $UnitPay['price'];
- function getSignature($method, $params, $secretKey)
- {
- ksort($params);
- unset($params['sign']);
- unset($params['signature']);
- array_push($params, $secretKey);
- array_unshift($params, $method);
- return hash('sha256', join('{up}', $params));
- }
- /**
- * Ошибочный ответ партнера
- *
- * @param $message
- */
- function responseError($message) {
- $error = array(
- "jsonrpc" => "2.0",
- "error" => array(
- "code" => -32000,
- "message" => $message
- ),
- 'id' => 1
- );
- echo json_encode($error); exit();
- }
- /**
- * Успешный ответ партнера
- *
- * @param $message
- */
- function responseSuccess($message) {
- $success = array(
- "jsonrpc" => "2.0",
- "result" => array(
- "message" => $message
- ),
- 'id' => 1
- );
- echo json_encode($success); exit();
- }
- if(isset($_GET['method'])) {
- if($_GET['method']=='check') {
- $params = $_GET['params'];
- $sign = $params['sign'];
- unset($params['sign']);
- $db_json = (array)json_decode(file_get_contents('core/db/orders.db'));
- $db_json['orders'] = (array)$db_json['orders'];
- $order = false;
- foreach($db_json['orders'] as $row) {
- if($_GET['params']['account']==$row->{'id'}) {
- if($sign==md5(implode("",$params).$secretKey)) {
- $order = true;
- break;
- }
- }
- }
- if($order) {
- echo '{"result": {"message":"Запрос успешно обработан"}}';
- } else {
- echo '{"error": {"message":"Заказ не найден!"}}';
- }
- } elseif($_GET['method']=='pay') {
- $params = $_GET['params'];
- $sign = $params['signature'];
- $db_json = (array)json_decode(file_get_contents('core/db/orders.db'));
- $db_json['orders'] = (array)$db_json['orders'];
- $order = -1;
- foreach($db_json['orders'] as $k=>$row) {
- if($_GET['params']['account']==$row->{'id'}) {
- $order = $k;
- break;
- }
- }
- $unitpayIp = array(
- '31.186.100.49',
- '178.132.203.105',
- '52.29.152.23',
- '52.19.56.234'
- );
- if (!in_array($_SERVER["REMOTE_ADDR"], $unitpayIp)) {
- die('IP address Error');
- }
- if(getSignature($_GET['method'], $params, $secretKey) != $sign){
- responseError("Invalid signature.");
- }
- if($order>-1) {
- require "./core/sql.class.php";
- $coin = $db_json['orders'][$order]->{'sum'}/$price;
- $acc = $db_json['orders'][$order]->{'account'};
- $DB = selectServer($db_json['orders'][$order]->{'server'},$Sql);
- $current = $DB->FetchArray($DB->Query("SELECT VoteBonus FROM MEMB_INFO WHERE memb___id = '$acc'"));
- $current = (int)$current['VoteBonus'];
- if($current<1) { $current = (int)$coin; } else { $current += (int)$coin; }
- $DB->Query("UPDATE MEMB_INFO SET VoteBonus = $current WHERE memb___id = '$acc'");
- unset($db_json['orders'][$order]);
- $db_json['orders'] = array_values($db_json['orders']);
- file_put_contents('core/db/orders.db',json_encode($db_json));
- echo '{"result": {"message":"Запрос успешно обработан"}}';
- } else {
- echo '{"error": {"message":"Заказ не найден!"}}';
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement