Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $config = require "../config.php";
- require "../database.php";
- require "../rcon.php";
- $database = new DataBase(
- $config["mysql"]["host"],
- $config["mysql"]["user"],
- $config["mysql"]["password"],
- $config["mysql"]["database"]
- );
- function upSign($method, $params, $secretKey) {
- ksort($params);
- unset($params['sign']);
- unset($params['signature']);
- array_push($params, $secretKey);
- array_unshift($params, $method);
- return hash('sha256', join('{up}', $params));
- }
- $method = $_GET['method'];
- $params = $_GET['params'];
- $id = explode("_", $params['account']);
- $id = $id[0];
- if($params['signature'] != upSign($method, $params, $config["unitpay"]["secret_key"])) {
- exit('{"error": {"message": "Некорректная цифровая подпись"}}');
- } elseif($method != 'pay') {
- exit('{"result": {"message":"Запрос успешно обработан"}}');
- }
- $payment = $database->select("SELECT * FROM `cd_payments` WHERE `id` = {?}", [$id]);
- if(empty($payment)) {
- exit('{"error": {"message": "Платеж с таким номером заказа не был найден"}}');
- } elseif($payment[0]['sum'] != $params['orderSum']) {
- exit('{"result": {"message": "Сумма платежа не совпадает с исходной"}}');
- } elseif($payment[0]['status'] == 1) {
- exit('{"error": {"message": "Данный платеж уже оплачен"}}');
- } else {
- $database->query("UPDATE `cd_payments` SET `status` = 1 WHERE `id` = {?}", [$id]);
- $rcon = new Rcon(
- $config["rcon"]["host"],
- $config["rcon"]["port"],
- $config["rcon"]["password"],
- $config["rcon"]["timeout"]
- );
- if($rcon->connect()) {
- $array = exlode("," $payment[0]["values"]);
- foreach($array as $value) {
- $ex = explode("-", $value);
- $permission = $config["capabilities"][$ex[1]]["permission"];
- $command = str_replace("{username}", $payment[0]["username"], $config["give_command"]);
- $command = str_replace("{perm}", $permission, $command);
- $rcon->sendCommand($command);
- }
- }
- exit('{"result": {"message": "Заказ был успешно оплачен. Вы можете вернуться на главную"}}');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement