f7wjqDfp

· 7 years ago · Mar 17, 2018, 04:14 PM
1<?php
2
3$config = require "../config.php";
4require "../database.php";
5require "../rcon.php";
6
7$database = new DataBase(
8  $config["mysql"]["host"],
9  $config["mysql"]["user"],
10  $config["mysql"]["password"],
11  $config["mysql"]["database"]
12);
13
14function upSign($method, $params, $secretKey) {
15  ksort($params);
16  unset($params['sign']);
17  unset($params['signature']);
18  array_push($params, $secretKey);
19  array_unshift($params, $method);
20
21  return hash('sha256', join('{up}', $params));
22}
23
24$method = $_GET['method'];
25$params = $_GET['params'];
26
27$id = explode("_", $params['account']);
28$id = $id[0];
29
30if($params['signature'] != upSign($method, $params, $config["unitpay"]["secret_key"])) {
31  exit('{"error": {"message": "ÐÐµÐºÐ¾Ñ€Ñ€ÐµÐºÑ‚Ð½Ð°Ñ Ñ†Ð¸Ñ„Ñ€Ð¾Ð²Ð°Ñ Ð¿Ð¾Ð´Ð¿Ð¸ÑÑŒ"}}');
32} elseif($method != 'pay') {
33  exit('{"result": {"message":"Ð—Ð°Ð¿Ñ€Ð¾Ñ ÑƒÑÐ¿ÐµÑˆÐ½Ð¾ Ð¾Ð±Ñ€Ð°Ð±Ð¾Ñ‚Ð°Ð½"}}');
34}
35
36$payment = $database->select("SELECT * FROM `cd_payments` WHERE `id` = {?}", [$id]);
37
38if(empty($payment)) {
39  exit('{"error": {"message": "ÐŸÐ»Ð°Ñ‚ÐµÐ¶ Ñ Ñ‚Ð°ÐºÐ¸Ð¼ Ð½Ð¾Ð¼ÐµÑ€Ð¾Ð¼ Ð·Ð°ÐºÐ°Ð·Ð° Ð½Ðµ Ð±Ñ‹Ð» Ð½Ð°Ð¹Ð´ÐµÐ½"}}');
40} elseif($payment[0]['sum'] != $params['orderSum']) {
41  exit('{"result": {"message": "Ð¡ÑƒÐ¼Ð¼Ð° Ð¿Ð»Ð°Ñ‚ÐµÐ¶Ð° Ð½Ðµ ÑÐ¾Ð²Ð¿Ð°Ð´Ð°ÐµÑ‚ Ñ Ð¸ÑÑ…Ð¾Ð´Ð½Ð¾Ð¹"}}');
42} elseif($payment[0]['status'] == 1) {
43  exit('{"error": {"message": "Ð”Ð°Ð½Ð½Ñ‹Ð¹ Ð¿Ð»Ð°Ñ‚ÐµÐ¶ ÑƒÐ¶Ðµ Ð¾Ð¿Ð»Ð°Ñ‡ÐµÐ½"}}');
44} else {
45  $database->query("UPDATE `cd_payments` SET `status` = 1 WHERE `id` = {?}", [$id]);
46
47  $rcon = new Rcon(
48    $config["rcon"]["host"],
49    $config["rcon"]["port"],
50    $config["rcon"]["password"],
51    $config["rcon"]["timeout"]
52  );
53
54  if($rcon->connect()) {
55    $array = exlode("," $payment[0]["values"]);
56    foreach($array as $value) {
57      $ex = explode("-", $value);
58
59      $permission = $config["capabilities"][$ex[1]]["permission"];
60      $command = str_replace("{username}", $payment[0]["username"], $config["give_command"]);
61      $command = str_replace("{perm}", $permission, $command);
62
63      $rcon->sendCommand($command);
64    }
65  }
66
67  exit('{"result": {"message": "Ð—Ð°ÐºÐ°Ð· Ð±Ñ‹Ð» ÑƒÑÐ¿ÐµÑˆÐ½Ð¾ Ð¾Ð¿Ð»Ð°Ñ‡ÐµÐ½. Ð’Ñ‹ Ð¼Ð¾Ð¶ÐµÑ‚Ðµ Ð²ÐµÑ€Ð½ÑƒÑ‚ÑŒÑÑ Ð½Ð° Ð³Ð»Ð°Ð²Ð½ÑƒÑŽ"}}');
68}
69
70?>