G78dzjwD

· 8 years ago · Sep 20, 2017, 03:00 AM
1<?php
2
3//	
4//   Merchant 2pay
5//   Popkov I. Sergey
6//   ICQ: 14296442                       
7//                                  
8
9	header( 'Content-type: text/xml' );
10//Ð˜Ð¿ Ð°Ð´Ñ€ÐµÑÐ°, Ñ ÐºÐ¾Ñ‚Ð¾Ñ€Ñ‹Ñ… Ð±ÑƒÐ´ÐµÑ‚ Ð¿Ñ€Ð¸Ñ…Ð¾Ð´Ð¸Ñ‚ÑŒ Ð·Ð°Ð¿Ñ€Ð¾Ñ. Ð”Ð»Ñ Ð·Ð°Ñ‰Ð¸Ñ‚Ñ‹.	
11	$check_ip[]="82.146.40.60";
12	$check_ip[]="188.120.245.101";
13	$check_ip[]="188.120.245.102";
14    $date=date("d.m.y");
15//======================================Ð½Ð°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ¸============================================
16// Ð¡ÐµÐºÑ€ÐµÑ‚Ð½Ñ‹Ð¹ ÐºÐ»ÑŽÑ‡
17	$secret_key = "";
18// ÐŸÐµÑ€ÐµÐ¼ÐµÐ½Ð½Ñ‹Ðµ Ð´Ð»Ñ Ð¿Ð¾Ð´ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ñ Ðº Ð±Ð°Ð·Ðµ Ð´Ð°Ð½Ð½Ñ‹Ñ…, Ð²Ð¿Ð¸ÑˆÐ¸Ñ‚Ðµ Ñ‚Ðµ, ÐºÐ¾Ñ‚Ð¾Ñ€Ñ‹Ðµ Ð¸ÑÐ¿Ð¾Ð»ÑŒÐ·Ð¾Ð²Ð°Ð»Ð¸ Ð¿Ñ€Ð¸ ÑƒÑÑ‚Ð°Ð½Ð¾Ð²ÐºÐµ Ð±Ð°Ð·Ñ‹ Ð´Ð°Ð½Ð½Ñ‹Ñ…
19	$server='';
20	$user='';
21	$pass='';
22	$db='';
23//===========================================================================================
24    $flag = $_REQUEST['command'];
25    $md5 = $_REQUEST['md5'];
26   
27// Ð˜Ð´ÐµÐ½Ñ‚Ð¸Ñ„Ð¸ÐºÐ°Ñ‚Ð¾Ñ€ Ð¿Ð»Ð°Ñ‚ÐµÐ¶Ð°
28	$v1 = $_REQUEST['v1'];
29	
30// Ð”Ð¾Ð¿Ð¾Ð»Ð½Ð¸Ñ‚ÐµÐ»ÑŒÐ½Ñ‹Ðµ Ð¿Ð°Ñ€Ð°Ð¼ÐµÑ‚Ñ€Ñ‹	
31	$v2 = $_REQUEST['v2'];
32	$v3 = $_REQUEST['v3'];
33
34	if( isset($_REQUEST['id']) ) $id=$_REQUEST['id']; else $id=0;
35	$kod=1;
36	
37// ÐŸÑ€Ð¾Ð²ÐµÑ€ÐºÐ° Ð¸Ð¿	
38	if (in_array($_SERVER['REMOTE_ADDR'], $check_ip)) {
39	
40// ÐŸÐ¾Ð´ÐºÐ»ÑŽÑ‡ÐµÐ½Ð¸Ðµ Ðº Ð±Ð°Ð·Ðµ Ð´Ð°Ð½Ð½Ñ‹Ñ…
41	mysql_connect($server, $user, $pass) or die("Can't connect to database");
42	mysql_select_db($db) or die("Can't select database ".$db);
43
44		// Ð•ÑÐ»Ð¸ ÑÑ‚Ð°Ñ‚ÑƒÑ Ð·Ð°Ð¿Ñ€Ð¾Ñ
45		if( ($flag == 'status') && ($md5 == md5($flag.$v1.$secret_key)) ) 
46		{	// Ð˜Ñ‰ÐµÐ¼ Ð¿Ð»Ð°Ñ‚ÐµÐ¶
47			$sql = mysql_query("SELECT * FROM `payments` WHERE `order_id`='".$v1."'");
48			$rows = mysql_num_rows($sql);
49			$idpay = mysql_fetch_array($sql);
50			if ($rows > 0) {
51				$desc = $idpay['amount'];
52			} else {
53				$desc = '0';
54			}
55		} else 
56		{   // Ð•ÑÐ»Ð¸ ÐºÐ¾Ð¼Ð°Ð½Ð´Ð° Ð½Ð° Ð¿Ð»Ð°Ñ‚ÐµÐ¶
57			if( ($flag == 'pay') && ($md5 == md5($flag.$v1.$id.$secret_key)) ) 
58			{
59				$sql=mysql_query("SELECT * FROM `2pay_payment` WHERE `id`='".$id."'");
60				$rows = mysql_num_rows($sql);
61                // Ð•ÑÐ»Ð¸ Ð¿Ð»Ð°Ñ‚ÐµÐ¶ Ð±Ñ‹Ð» Ð¿Ñ€Ð¾Ð²ÐµÐ´ÐµÐ½ Ñ€Ð°Ð½ÐµÐµ
62				if ($rows > 0) 
63				{
64					$kod=0;
65					$desc='Payment was send earlier';
66				} else 
67				{   // ÐŸÑ‹Ñ‚Ð°ÐµÐ¼ÑÑ Ð·Ð°Ð²ÐµÑ€ÑˆÐ¸Ñ‚ÑŒ Ð¿Ñ€Ð¾Ñ†ÐµÐ´ÑƒÑ€Ñƒ
68					$sql=mysql_query("UPDATE `payment` SET status='done' WHERE `order_id`='".$v1."' AND sum='".$_REQUEST['sum']."'");
69					$sql2=mysql_query("INSERT INTO `2pay_payment` (`count`,`date`,`id`) VALUES ('".$_REQUEST['sum']."','".$date."','".$id."')");
70					if( $sql==true && $sql2 == true)
71					{
72						$kod=0;
73					    $desc="ok";
74					} else
75					{
76						$kod=2;
77					    $desc="Error during query";
78					}					
79				}
80			} else 
81			{   // Ð•ÑÐ»Ð¸ Ð½ÐµÐ¸Ð·Ð²ÐµÑÑ‚Ð½Ñ‹Ð¹ Ð·Ð°Ð¿Ñ€Ð¾Ñ
82				$kod=2;
83				$desc="Unknown request or account not found";
84			}
85		}
86	} else {		$desc="Parametrs or IP is not correct";	}
87// ÐžÑ‚Ð²ÐµÑ‚
88    if ($flag == 'status') {$html="<?xml version=\"1.0\" encoding=\"windows-1251\"?><response><amount>".$desc."</amount></response>"; } else
89    {$html="<?xml version=\"1.0\" encoding=\"windows-1251\"?><response><id>".$id."</id><sum>".$_REQUEST['sum']."</sum><result>".$kod."</result><comment>".$desc."</comment></response>"; }
90	echo $html;
91?>