API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 6th, 2017
393
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 11.62 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require("mainconfig.php");
  3. header("Content-Type: application/json");
  4.  
  5. if (isset($_POST['key']) AND isset($_POST['action'])) {
  6.  $post_key = mysqli_real_escape_string($db, trim($_POST['key']));
  7.  $post_action = $_POST['action'];
  8.  if (empty($post_key) || empty($post_action)) {
  9.   $array = array("error" => "Incorrect request");
  10.  } else {
  11.   $check_user = mysqli_query($db, "SELECT * FROM users WHERE api_key = '$post_key'");
  12.   $data_user = mysqli_fetch_assoc($check_user);
  13.   if (mysqli_num_rows($check_user) == 1) {
  14.    $username = $data_user['username'];
  15.    if ($post_action == "add") {
  16.     if (isset($_POST['service']) AND isset($_POST['link']) AND isset($_POST['quantity'])) {
  17.      $post_service = $_POST['service'];
  18.      $post_link = $_POST['link'];
  19.      $post_quantity = $_POST['quantity'];
  20.      if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
  21.       $array = array("error" => "Incorrect request");
  22.      } else {
  23.       $check_service = mysqli_query($db, "SELECT * FROM services WHERE sid = '$post_service' AND status = 'Active'");
  24.       $data_service = mysqli_fetch_assoc($check_service);
  25.       if (mysqli_num_rows($check_service) == 0) {
  26.        $array = array("error" => "Service not found");
  27.       } else {
  28.        $oid = random_number(7);
  29.        $rate = $data_service['price'] / 1000;
  30.        $price = $rate*$post_quantity;
  31.        $service = $data_service['service'];
  32.        $provider = $data_service['provider'];
  33.        $pid = $data_service['pid'];
  34.        $wujudjnd=number_format($post_quantity,0,',','.');
  35.        if ($post_quantity < $data_service['min']) {
  36.         $array = array("error" => "Quantity inccorect");
  37.        } else if ($post_quantity > $data_service['max']) {
  38.         $array = array("error" => "Quantity inccorect");
  39.        } else if ($data_user['balance'] < $price) {
  40.         $array = array("error" => "Low balance");
  41.        } else {
  42.         $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
  43.         $data_provider = mysqli_fetch_assoc($check_provider);
  44.         $provider_key = $data_provider['api_key'];
  45.         $provider_link = $data_provider['link'];
  46.    if ($provider == "MANUAL") {
  47.        $provider_key="your key";
  48.     $provider_link="";
  49.    $api_postdata = "";
  50.    $to ="mhmdsyalsa@gmail.com";
  51. $subject = "Orderan Manual";
  52. $messages ="Hallo kak Andre nih data Orderanya
  53. Pemesan :$sess_username
  54. Service : $service
  55. Quantity: $wujudjnd
  56. Harga   : $price
  57. Link : $post_link";
  58. $headers .= 'From: support@andremedia.co' . ""; //bagian ini diganti sesuai dengan email dari pengirim
  59. $send_mail=@mail($to, $subject, $messages, $headers);
  60. $to ="noveranitaamelia@gmail.com⁠⁠⁠⁠";
  61. $subject = "Orderan Manual nih gblg";
  62. $messages ="Hallo kak Andre nih data Orderanya
  63. Pemesan :$sess_username
  64. Service : $service
  65. Quantity: $wujudjnd
  66. Harga   : $price
  67. Link : $post_link";
  68. $headers .= 'From: support@andremedia.co' . ""; //bagian ini diganti sesuai dengan email dari pengirim
  69. $send_mail=@mail($to, $subject, $messages, $headers);
  70.    } else if ($provider == "") {
  71.        $provider_key="";
  72.     $provider_link="";
  73.    $provider_postdata="key=$provider_key&action=add_order&service=$pid&link=$post_link&quantity=$post_quantity";
  74.    } else if ($provider == "") {
  75.        $provider_key="";
  76.     $provider_link="http:///api.php";
  77.    $provider_postdata="key=$provider_key&action=add&service=$pid&link=$post_link&quantity=$post_quantity";
  78.    }else{
  79.        die("System Error!");
  80.    }
  81.  
  82.  
  83.    $ch = curl_init();
  84.    curl_setopt($ch, CURLOPT_URL, "$provider_link");
  85.    curl_setopt($ch, CURLOPT_POST, 1);
  86.    curl_setopt($ch, CURLOPT_POSTFIELDS, $provider_postdata);
  87.    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  88.    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  89.    $chresult = curl_exec($ch);
  90.    curl_close($ch);
  91.  
  92.    $json_result = json_decode($chresult, true);
  93.  
  94.  
  95.    if ($provider == "TL" AND $json_result['error'] == TRUE) {
  96.     $msg_type = "error";
  97.     $msg_content = "<b>Gagal:</b> Server Maintenance (1).";
  98.   } else if ($provider == "ST" AND $json_result['error'] == TRUE) {
  99.     $msg_type = "error";
  100.     $msg_content = "<b>Gagal:</b> Server Maintenance (2).";
  101.    } else {
  102.     if ($provider == "TL") {
  103.      $poid = $json_result['order_id'];
  104.     } else if ($provider == "ST") {
  105.      $poid = $json_result['order_id'];
  106.     }else if ($provider == "MANUAL") {
  107.         $poid= $oid;
  108.     }
  109.          $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$username'");
  110.          if ($update_user == TRUE) {
  111.           $insert_order = mysqli_query($db, "INSERT INTO orders (oid, poid, user, service, link, quantity, price, status, date, provider, place_from) VALUES ('$oid', '$poid', '$username', '$service', '$post_link', '$post_quantity', '$price', 'Pending', '$date', '$provider', 'API')");
  112.           if ($insert_order == TRUE) {
  113.            $array = array("order_id" => "$oid");
  114.           } else {
  115.            $array = array("error" => "System error");
  116.           }
  117.          } else {
  118.           $array = array("error" => "System error");
  119.          }
  120.         }
  121.        }
  122.       }
  123.      }
  124.     } else {
  125.      $array = array("error" => "Incorrect request");
  126.     }
  127.    } else if ($post_action == "add_premium") {
  128.     if (isset($_POST['service']) AND isset($_POST['link']) AND isset($_POST['quantity'])) {
  129.      $post_service = $_POST['service'];
  130.      $post_link = $_POST['link'];
  131.      $post_quantity = $_POST['quantity'];
  132.       $leve_user = $data_user['level'];
  133.       if($leve_user == 'Premium'){
  134.      if (empty($post_service) || empty($post_link) || empty($post_quantity)) {
  135.       $array = array("error" => "Incorrect request");
  136.      } else {
  137.       $check_service = mysqli_query($db, "SELECT * FROM services1 WHERE sid = '$post_service' AND status = 'Active'");
  138.       $data_service = mysqli_fetch_assoc($check_service);
  139.       if (mysqli_num_rows($check_service) == 0) {
  140.        $array = array("error" => "Service not found");
  141.       } else {
  142.        $oid1 = random_number(7);
  143.        $rate = $data_service['price'] / 1000;
  144.        $price = $rate*$post_quantity;
  145.        $service = $data_service['service'];
  146.        $provider = $data_service['provider'];
  147.        $pid = $data_service['pid'];
  148.        $wujudjnd=number_format($post_quantity,0,',','.');
  149.        if ($post_quantity < $data_service['min']) {
  150.         $array = array("error" => "Quantity inccorect");
  151.        } else if ($post_quantity > $data_service['max']) {
  152.         $array = array("error" => "Quantity inccorect");
  153.        } else if ($data_user['balance'] < $price) {
  154.         $array = array("error" => "Low balance");
  155.        } else {
  156.         $check_provider = mysqli_query($db, "SELECT * FROM provider WHERE code = '$provider'");
  157.         $data_provider = mysqli_fetch_assoc($check_provider);
  158.         $provider_key = $data_provider['api_key'];
  159.         $provider_link = $data_provider['link'];
  160.    if ($provider == "MANUAL") {
  161.        $provider_key="your key";
  162.     $provider_link="";
  163.    $api_postdata = "";
  164.    $to ="mhmdsyalsa@gmail.com";
  165. $subject = "Orderan Manual";
  166. $messages ="Hallo kak Andre nih data Orderanya
  167. Pemesan :$sess_username
  168. Service : $service
  169. Quantity: $wujudjnd
  170. Harga   : $price
  171. Link : $post_link";
  172. $headers .= 'From: support@andremedia.co' . ""; //bagian ini diganti sesuai dengan email dari pengirim
  173. $send_mail=@mail($to, $subject, $messages, $headers);
  174. $to ="noveranitaamelia@gmail.com⁠⁠⁠⁠";
  175. $subject = "Orderan Manual nih gblg";
  176. $messages ="Hallo kak Andre nih data Orderanya
  177. Pemesan :$sess_username
  178. Service : $service
  179. Quantity: $wujudjnd
  180. Harga   : $price
  181. Link : $post_link";
  182. $headers .= 'From: support@andremedia.co' . ""; //bagian ini diganti sesuai dengan email dari pengirim
  183. $send_mail=@mail($to, $subject, $messages, $headers);
  184.    } else if ($provider == "") {
  185.        $provider_key="";
  186.     $provider_link="";
  187.    $provider_postdata="key=$provider_key&action=add_order&service=$pid&link=$post_link&quantity=$post_quantity";
  188.    } else if ($provider == "") {
  189.        $provider_key="";
  190.     $provider_link="";
  191.    $provider_postdata="key=$provider_key&action=add&service=$pid&link=$post_link&quantity=$post_quantity";
  192.    }else{
  193.        die("System Error!");
  194.    }
  195.  
  196.  
  197.    $ch = curl_init();
  198.    curl_setopt($ch, CURLOPT_URL, "$provider_link");
  199.    curl_setopt($ch, CURLOPT_POST, 1);
  200.    curl_setopt($ch, CURLOPT_POSTFIELDS, $provider_postdata);
  201.    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  202.    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  203.    $chresult = curl_exec($ch);
  204.    curl_close($ch);
  205.  
  206.    $json_result = json_decode($chresult, true);
  207.  
  208.  
  209.    if ($provider == "TL" AND $json_result['error'] == TRUE) {
  210.     $msg_type = "error";
  211.     $msg_content = "<b>Gagal:</b> Server Maintenance (1).";
  212.   } else if ($provider == "ST" AND $json_result['error'] == TRUE) {
  213.     $msg_type = "error";
  214.     $msg_content = "<b>Gagal:</b> Server Maintenance (2).";
  215.    } else {
  216.     if ($provider == "TL") {
  217.      $poid = $json_result['order_id'];
  218.     } else if ($provider == "ST") {
  219.      $poid = $json_result['order_id'];
  220.     }else if ($provider == "MANUAL") {
  221.         $poid= $oid1;
  222.     }
  223.          $update_user = mysqli_query($db, "UPDATE users SET balance = balance-$price WHERE username = '$username'");
  224.          if ($update_user == TRUE) {
  225.           $insert_order = mysqli_query($db, "INSERT INTO orders (oid, poid, user, service, link, quantity, price, status, date, provider, place_from) VALUES ('$oid1', '$poid', '$username', '$service', '$post_link', '$post_quantity', '$price', 'Pending', '$date', '$provider', 'API')");
  226.           if ($insert_order == TRUE) {
  227.            $array = array("order_id" => "$oid1");
  228.           } else {
  229.            $array = array("error" => "System error");
  230.           }
  231.          } else {
  232.           $array = array("error" => "System error");
  233.          }
  234.         }
  235.        }
  236.       }
  237.      }
  238.       } else {
  239.      $array = array("error" => "Your Not Premium User");
  240.     }
  241.     } else {
  242.      $array = array("error" => "Incorrect request");
  243.     }
  244.    } else if ($post_action == "status") {
  245.     if (isset($_POST['order_id'])) {
  246.      $post_oid = $_POST['order_id'];
  247.      $post_oid = $_POST['order_id'];
  248.      $check_order = mysqli_query($db, "SELECT * FROM orders WHERE oid = '$post_oid' AND user = '$username'");
  249.      $data_order = mysqli_fetch_array($check_order);
  250.      if (mysqli_num_rows($check_order) == 0) {
  251.       $array = array("error" => "Order not found");
  252.      } else {
  253.       $array = array("charge" => $data_order['price'], "start_count" => $data_order['start_count'], "status" => $data_order['status'], "remains" => $data_order['remains']);
  254.      }
  255.     } else {
  256.      $array = array("error" => "Incorrect request");
  257.     }
  258.    } else if($post_action == "services") {
  259.                         $check_service = mysqli_query($db, "SELECT * FROM services");
  260.                 while ($data_service = mysqli_fetch_assoc($check_service)) {
  261.                                 $array[] = array(
  262.                                 "provider_id" => $data_service['sid'],
  263.                                 "category" => $data_service['category'],
  264.                                 "service" => $data_service['service'],
  265.                                 "min_order" => $data_service['min'],
  266.                                 "max_order" => $data_service['max'],
  267.                                 "note" => $data_service['note'],
  268.                                 "price" => $data_service['price']
  269.                                  );
  270.                                  }
  271.             } else{
  272.     $array = array("error" => "Wrong action");
  273.    }
  274.   } else {
  275.    $array = array("error" => "Invalid API key");
  276.   }
  277.  }
  278. } else {
  279.  $array = array("error" => "Incorrect request");
  280. }
  281.  
  282. $print = json_encode($array);
  283. print_r($print);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!