Untitled

<?php
session_start();
ini_set('display_errors', 0);

  if (!isset($_SESSION['username'])) {
  	$_SESSION['msg'] = "You must log in first";
  	header('location: ..\login');
  	die();
  }

define("SELLY_EMAIL", "nex@weebware.net");
define("SELLY_API_KEY", "");


    // connect to the database
	include secret_directory('config.php'); // SQL Server stuff
	$server_server = $config['server'];
	$server_username = $config['username'];
	$server_password = $config['password'];
	$server_dbname = $config['dbname'];
	$server_status = $config['status'];
	$conn = new PDO('mysql:host=' . $server_server . ';dbname=' . $server_dbname, $server_username, $server_password,[PDO::ATTR_DEFAULT_FETCH_MODE=>PDO::FETCH_ASSOC]);


    $username = $_SESSION['username'];
    $email = $_POST['email'];

    if (isset($_POST['submit_purchase'])) {
    $secret = generateRandomString(16);
    $webhook_url = 'https://syzy.us/buy/webhook.php?secret=' . $secret;
    $request = selly_pay('syzy.us 1 month', 'PayPal', $email, '20', 'USD', 'https://syzy.us/home', $webhook_url);
    $createOrder = $conn->prepare("INSERT INTO orders (id, secret, order_id, user, status) VALUES ('', :secret, :order_id, :user, :status);");
    $createOrder->bindValue(':secret', $secret);
    $createOrder->bindValue(':order_id', $request['id']);
    $createOrder->bindValue(':user', $username);
    $createOrder->bindValue(':status', $request['status']);
    $createOrder->execute();

    $redirect = $request['url'];
    header('location:' . $redirect);
    }

    // thank justin for help ;3
    function selly_pay($title, $gateway, $email, $value, $currency, $return_url, $webhook_url) {
        $params = array ('title' => $title, 'gateway' => $gateway, 'email' => $email, 'value' => $value, 'currency' => $currency, 'return_url' => $return_url, 'webhook_url' => $webhook_url, 'white_label' => true);
        $query = http_build_query ($params);
        $auth = base64_encode(SELLY_EMAIL.':'.SELLY_API_KEY);
        $opts = array(
            'http'=>array(
                'method'=>"POST",
                'header'=>
                "User-agent: {$email} - {$_SERVER['SERVER_NAME']}\r\n" .
                "Authorization: Basic {$auth}\r\n" .
                "Content-Type: application/x-www-form-urlencoded",
                'content' => $query
            )
        );
        $context = stream_context_create($opts);
        $result = file_get_contents('https://selly.gg/api/v2/pay', false, $context);
        $data = json_decode($result, true);
        return $data;
    }

    function generateRandomString($length) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, $charactersLength - 1)];
    }
    return $randomString;
}

	function secret_directory($fileName) {
		return 'RmNy5KApCY/' . $fileName;
	}

?>