Code Giao Dịch

1. <?php
2.  
3. header('Content-Type: text/html; charset=utf-8');
4. define('CORE_API_HTTP_USR', 'merchant_19002');
5. define('CORE_API_HTTP_PWD', '19002mQ2L8ifR11axUuCN9PMqJrlAHFS04o');
6.  
7. $bk = 'https://www.baokim.vn/the-cao/restFul/send';
8. $seri = isset($_POST['txtseri']) ? $_POST['txtseri'] : '';
9. $sopin = isset($_POST['txtpin']) ? $_POST['txtpin'] : '';
10. //Loai the cao (VINA, MOBI, VIETEL, VTC, GATE)
11. $mang = isset($_POST['chonmang']) ? $_POST['chonmang'] : '';
12. $user = isset($_POST['txtuser']) ? $_POST['txtuser'] : '';
13.  
14.  
15.  
16. if($mang=='MOBI'){
17. $ten = "Mobifone";
18. }
19. else if($mang=='VIETEL'){
20. $ten = "Viettel";
21. }
22. else if($mang=='GATE'){
23. $ten = "Gate";
24. }
25. else if($mang=='VTC'){
26. $ten = "VTC";
27. }
28. else $ten ="Vinaphone";
29.  
30. //Mã MerchantID dang kí trên Bảo Kim
31. $merchant_id = '23828';
32. //Api username
33. $api_username = 'go-rporg';
34. //Api Pwd d
35. $api_password = '7roo5H3xecZPeomB7qUE';
36. //Mã TransactionId
37. $transaction_id = time();
38. //mat khau di kem ma website dang kí trên B?o Kim
39. $secure_code = 'da43e17e39d414b9g';
40.  
41. $arrayPost = array(
42. 'merchant_id'=>$merchant_id,
43. 'api_username'=>$api_username,
44. 'api_password'=>$api_password,
45. 'transaction_id'=>$transaction_id,
46. 'card_id'=>$mang,
47. 'pin_field'=>$sopin,
48. 'seri_field'=>$seri,
49. 'algo_mode'=>'hmac'
50. );
51.  
52. ksort($arrayPost);
53.  
54. $data_sign = hash_hmac('SHA1',implode('',$arrayPost),$secure_code);
55.  
56. $arrayPost['data_sign'] = $data_sign;
57.  
58. $curl = curl_init($bk);
59.  
60. curl_setopt_array($curl, array(
61. CURLOPT_POST=>true,
62. CURLOPT_HEADER=>false,
63. CURLINFO_HEADER_OUT=>true,
64. CURLOPT_TIMEOUT=>30,
65. CURLOPT_RETURNTRANSFER=>true,
66. CURLOPT_SSL_VERIFYPEER => false,
67. CURLOPT_HTTPAUTH=>CURLAUTH_DIGEST|CURLAUTH_BASIC,
68. CURLOPT_USERPWD=>CORE_API_HTTP_USR.':'.CORE_API_HTTP_PWD,
69. CURLOPT_POSTFIELDS=>http_build_query($arrayPost)
70. ));
71.  
72. $data = curl_exec($curl);
73.  
74. $status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
75.  
76. $result = json_decode($data,true);
77. date_default_timezone_set('Asia/Ho_Chi_Minh');
78. $time = time();
79. //$time = time();
80. if($status==200){
81. $amount = $result['amount'];
82. switch($amount) {
83. case 10000: $xu = 1000; break;
84. case 20000: $xu = 2000; break;
85. case 30000: $xu = 3000; break;
86. case 50000: $xu= 5000; break;
87. case 100000: $xu = 10000; break;
88. case 200000: $xu = 20000; break;
89. case 300000: $xu = 30000; break;
90. case 500000: $xu = 50000; break;
91. case 1000000: $xu = 100000; break;
92. }
93. $dbhost="localhost";
94. $dbuser ="root";
95. $dbpass = "";
96. $dbname = "gorp";
97. $db = mysql_connect($dbhost,$dbuser,$dbpass) or die("cant connect db");
98. mysql_select_db($dbname,$db) or die("cant select db");
99.  
100.  
101. mysql_query("UPDATE accounts SET Credits = Credits + $xu, Money = Money + ($xu*100) WHERE Username ='$user';");
102.  
103. //Xu ly thong tin tai day
104. $file = "carddung.log";
105. $fh = fopen($file,'a') or die("cant open file");
106. fwrite($fh,"Tai khoan: ".$user.", Loai the: ".$ten.", Menh gia: ".$amount.", Thoi gian: ".$time);
107. fwrite($fh,"\r\n");
108. fclose($fh);
109. echo '<script>alert("Bạn đã thanh toán thành công thẻ '.$ten.' mệnh giá '.$amount.' ");
110.  
111. window.location = "http://gorp.cf/napthe"
112. </script>';
113.  
114. }
115. else{
116.  
117. echo 'Status Code:' . $status . '<hr >';
118. $error = $result['errorMessage'];
119. echo $error;
120. $file = "cardsai.log";
121. $fh = fopen($file,'a') or die("cant open file");
122. fwrite($fh,"Tai khoan: ".$user.", Ma the: ".$sopin.", Seri: ".$seri.", Noi dung loi: ".$error.", Thoi gian: ".$time);
123. fwrite($fh,"\r\n");
124. fclose($fh);
125. echo '<script>alert("Thong tin the cao khong hop le!");
126.  
127.  
128. window.location = "http://gorp.cf/napthe/"
129. </script>';
130. }