Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- header( 'Content-type: text/xml' );
- $check_ip[] = "82.146.40.60";
- $check_ip[] = "188.120.245.101";
- $check_ip[] = "188.120.245.102";
- $secret_key = "-----";
- $server = '-';//сервер с базами оплты
- $user = '-';// имя пользователя для доступа
- $pass = '-';//пароль для этого пользователя
- $db = '-';//имя базы данных с таблицами платежей
- $flag = $_REQUEST['command'];
- $md5 = $_REQUEST['md5'];
- $v1 = $_REQUEST['v1'];
- $v2 = $_REQUEST['v2'];
- $v3 = $_REQUEST['v3'];
- $v1_utf8 = iconv("windows-1251", "UTF-8", $v1);
- if( isset($_REQUEST['id']) ) $id = $_REQUEST['id']; else $id = 0;
- $kod = 1;
- if (in_array($_SERVER['REMOTE_ADDR'], $check_ip)) {
- $link = mysql_connect($server, $user, $pass) or die("Can't connect to database");
- mysql_query("SET NAMES 'utf8'", $link);
- mysql_select_db($db) or die("Can't select database ".$db);
- //проверка
- if( ($flag == 'check') && ($md5 == md5($flag.$v1.$secret_key)) )
- { // Ищем платеж
- $sql = mysql_query("SELECT charId FROM `characters` WHERE `char_name`='".$v1_utf8."'");
- $rows = mysql_num_rows($sql);
- $charid = mysql_fetch_array($sql);
- if ($rows > 0) {
- $sql2 = mysql_query("SELECT id,sum,date FROM `character_payments` WHERE `charId`='".$charid['charId']."' ORDER BY `id` DESC LIMIT 1");
- $rows2 = mysql_num_rows($sql2);
- $idpay = mysql_fetch_array($sql2);
- if ($rows2 > 0) {$desc = "Last payment : ".$idpay['sum'].", ".$idpay['date']; $kod = 0;}
- else {$desc = $v1.' not paid yet'; $kod = 0;}
- } else {
- $kod = 2;
- $desc = 'no such user: '.$v1;
- }
- } else
- { //платеж
- if( ($flag == 'pay') && ($md5 == md5($flag.$v1.$id.$secret_key)) )
- {
- $sql=mysql_query("SELECT * FROM `character_payments` WHERE `id`='".$id."'");
- $rows = mysql_num_rows($sql);
- // Если платеж был проведен ранее
- if ($rows > 0)
- {
- $kod=0;
- $desc='Payment was send earlier';
- } else
- { // Пытаемся завершить процедуру
- $sql = mysql_query("SELECT charId FROM `characters` WHERE `char_name`='".$v1_utf8."'");
- $charid = mysql_fetch_array($sql);
- $sql2 = mysql_query("INSERT INTO `character_payments` (`id`, `charId`, `sum`) VALUES (".$id.", ".$charid['charId'].", ".$_REQUEST['sum'].");");
- if( $sql == true && $sql2 == true)
- {
- $kod=0;
- $desc = 'ok';
- } else
- {
- $kod = 2;
- $desc = mysql_error();
- }
- }
- } else
- {
- if( ($flag == 'cancel') && ($md5 == md5($flag.$v1.$id.$secret_key)) )
- {
- $sql = mysql_query("SELECT * FROM `character_payments` WHERE `id`='".$id."'");
- $rows = mysql_num_rows($sql);
- if ($rows > 0)
- {
- $sql = mysql_query("DELETE FROM `character_payments` WHERE `id`='".$id."'");
- $kod = 0;
- $desc = 'Payment was successfully rolled back';
- } else
- {
- $kod = 2;
- $desc = 'Payment with given ID does not exists';
- }
- }
- else
- {
- // Если неизвестный запрос
- $kod = 2;
- $desc = 'Unknown request or account not found';
- }
- }
- }
- mysql_close($link);
- } else {$desc = 'Parametrs or IP is not correct';}
- // Ответ
- if ($flag == 'check') {
- $html = '<?xml version="1.0" encoding="windows-1251"?><response><result>'.$kod.'</result><comment>'.$desc.'</comment></response>';
- } else {
- $html = '<?xml version="1.0" encoding="windows-1251"?><response><id>'.$id.'</id><sum>'.$_REQUEST['sum'].'</sum><result>'.$kod.'</result><comment>'.$desc."</comment></response>";
- }
- echo $html;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
