· 9 years ago · Jan 23, 2017, 10:48 AM
1
2require_once('classes/Database.php');
3
4$method = $_GET['method'];
5$params = $_GET['params'];
6
7function getSignature($method, $params, $secretKey)
8{
9 ksort($params);
10 unset($params['sign']);
11 unset($params['signature']);
12 array_push($params, $secretKey);
13 array_unshift($params, $method);
14
15 return hash('sha256', join('{up}', $params));
16}
17
18function responseError($message) {
19 $error = array(
20 "jsonrpc" => "2.0",
21 "error" => array(
22 "code" => -32000,
23 "message" => $message
24 ),
25 'id' => 1
26 );
27 echo json_encode($error);
28 exit();
29}
30
31function responseSuccess($message) {
32 $success = array(
33 "jsonrpc" => "2.0",
34 "result" => array(
35 "message" => $message
36 ),
37 'id' => 1
38 );
39 echo json_encode($success);
40 exit();
41}
42
43function getSha256SignatureByMethodAndParams($method, array $params, $secretKey)
44 {
45 $delimiter = '{up}';
46 ksort($params);
47 unset($params['sign']);
48 unset($params['signature']);
49
50 return hash('sha256', $method.$delimiter.join($delimiter, $params).$delimiter.$secretKey);
51 }
52
53if ($params['signature'] != getSha256SignatureByMethodAndParams($method, $params, $secretKey)){
54 responseError('Fail');
55#if($params['sign'] != md5sign($params, $secretKey))
56}
57
58if($method == 'check'){
59 $trs = DB::select('transactions', 'id', $params['unitpayId']);
60 $pl = explode('|', $params['account']);
61 $group = intval($pl[0]);
62 $account = $pl[1];
63 switch($params['sum']){
64 case 10: $group = 'vip'; $case = false; $protect = false;
65 break;
66 case 30: $group = 'premium'; $case = false; $protect = false;
67 break;
68 case 40: $group = 'creative'; $case = false; $protect = false;
69 break;
70 case 60: $group = 'moderator'; $case = false; $protect = false;
71 break;
72 case 100: $group = 'admin'; $case = false; $protect = false;
73 break;
74 case 200: $group = 'sozdatel'; $case = false; $protect = false;
75 break;
76 case 300: $group = 'yt'; $case = false; $protect = false;
77 break;
78 case 400: $group = 'deluxe'; $case = false; $protect = false;
79 break;
80 case 500: $group = 'imperator'; $case = false; $protect = false;
81 break;
82 case 600: $group = 'vlad'; $case = false; $protect = false;
83 break;
84 case 1500: $group = 'zam'; $case = false; $protect = false;
85 break;
86 case 1000: $group = 'vlad'; $case = false; $protect = false;
87 break;
88 case 5000: $group = 'zam'; $case = false; $protect = false;
89 break;
90 case 2000: $group = 'zam'; $case = false; $protect = false;
91 break;
92 case 2300: $group = 'zam'; $case = false; $protect = false;
93 break;
94 case 3000: $group = 'zam'; $case = false; $protect = false;
95 break;
96 case 4500: $group = 'zam'; $case = false; $protect = false;
97 break;
98 case 35: $case = 1; $group = false; $protect = false;
99 break;
100 case 130: $case = 10; $group = false; $protect = false;
101 break;
102 case 510: $case = 50; $group = false; $protect = false;
103 break;
104 case 1100: $case = 175; $group = false; $protect = false;
105 break;
106 case 1150: $group = 'zam'; $case = false; $protect = false;
107 break;
108 case 49: $group = false; $case = false; $protect = true;
109 break;
110 default: $group = false; $case = false; $protect = false;
111 }
112
113 if($case) {$buy = true;}
114 if($group) {$buy = true;}
115 if($protect) {$protect = true;}
116
117 if(($buy)&&($group)){responseSuccess('Ok');}
118 elseif (($buy)&&($case)){responseSuccess('Ok');}
119 elseif (($buy)&&($protect)){responseSuccess('Ok');}
120 else{
121 responseError('[Ответ]: Скорее вÑего вы не из РоÑÑии и пытаетеÑÑŒ оплатить через телефон но ...оплата Ñ Ð¼Ð¾Ð±Ð¸Ð»ÑŒÐ½Ð¾Ð³Ð¾ доÑтупна только РоÑÑийÑким клиентам. РеÑли же вы хотели взломать ÑиÑтему.. то у Ð²Ð°Ñ Ñто не получитÑÑ, удачи.');
122 }
123
124}
125if($method == 'pay'){
126 $trs = DB::select('transactions', 'id', $params['unitpayId']);
127 if($trs['id'] == ''){
128 $pl = explode('|', $params['account']);
129 $group = intval($pl[0]);
130 $account = $pl[1];
131 switch($params['sum']){
132 case 10: $group = 'vip'; $case = false;
133 break;
134 case 30: $group = 'premium'; $case = false;
135 break;
136 case 40: $group = 'creative'; $case = false;
137 break;
138 case 60: $group = 'moderator'; $case = false;
139 break;
140 case 100: $group = 'admin'; $case = false;
141 break;
142 case 200: $group = 'sozdatel'; $case = false;
143 break;
144 case 300: $group = 'yt'; $case = false;
145 break;
146 case 400: $group = 'deluxe'; $case = false;
147 break;
148 case 500: $group = 'imperator'; $case = false;
149 break;
150 case 600: $group = 'vlad'; $case = false;
151 break;
152 case 1500: $group = 'zam'; $case = false;
153 break;
154 case 1000: $group = 'vlad'; $case = false;
155 break;
156 case 5000: $group = 'zam'; $case = false;
157 break;
158 case 2000: $group = 'zam'; $case = false;
159 break;
160 case 2300: $group = 'zam'; $case = false;
161 break;
162 case 3000: $group = 'zam'; $case = false;
163 break;
164 case 4500: $group = 'zam'; $case = false;
165 break;
166 case 35: $case = 1; $group = false;
167 break;
168 case 130: $case = 10; $group = false;
169 break;
170 case 510: $case = 50; $group = false;
171 break;
172 case 1100: $case = 175; $group = false;
173 break;
174 case 1150: $group = 'zam'; $case = false;
175 break;
176 case 49: $group = false; $case = false; $protect = true;
177 break;
178 default: $group = false; $case = false;
179 }
180 if($case) {$buy = true;}
181 if($group) {$buy = true;}
182 if($protect) {$buy = true;}
183 $h = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxhosting.ru";
184 $u = "db1";
185 $p = "чччxxxxxxxxxxxxxxxxxxxчч";
186 $b = "db1";
187 $q= mysql_connect($h,$u,$p);
188 $qq =mysql_select_db($b,$q);
189 mysql_set_charset('utf-8',$qq);
190 if( ($buy) && ($group)&& (!$protect) ) {
191 ###---------LAST BUYS
192 switch($group) {case 'vip': $grpp = 'Вип'; break;case 'premium': $grpp = 'Премиум'; break;
193 case 'creative': $grpp = 'Креатив'; break;case 'moderator': $grpp = 'Модератор'; break;
194 case 'admin': $grpp = 'Ðдмин'; break;case 'sozdatel': $grpp = 'Создатель'; break;
195 case 'yt': $grpp = 'YouTube'; break;case 'deluxe': $grpp = 'Deluxe'; break;
196 case 'imperator': $grpp = 'Император'; break;case 'vlad': $grpp = 'Владелец'; break;
197 case 'zam': $grpp = 'ЗамеÑтитель'; break;default: $grpp = false; break;
198 }
199 $ses=mysql_query("INSERT INTO `lastbuy` (`id`,`nick`,`group`,`time`) VALUES ('0','$account', '$grpp', '".date("d.m в H:i:s")."')");
200 ###---------LAST BUYS
201 ###---------Добавление данных в бд о покупки в будущем иÑпользуем Ð´Ð»Ñ Ð¾Ð¿Ð»Ð°Ñ‚Ñ‹.
202 $who=mysql_query("SELECT * FROM `WebSurcharge` WHERE `name` = '$account' LIMIT 1");
203 if(mysql_num_rows($who)<1) {
204 $xs = mysql_query("INSERT INTO `WebSurcharge` (`id`,`name`,`group`) VALUES ('0','$account','$group')");
205 } else {
206 $xs = mysql_query("UPDATE `WebSurcharge` SET `group` = `$group` WHERE `name` = '$account'");
207 }
208 ###---------Добавление данных в бд о покупки в будущем иÑпользуем Ð´Ð»Ñ Ð¾Ð¿Ð»Ð°Ñ‚Ñ‹.
209 $bind2 = array('player'=>$account, 'type'=>'permgroup', 'item'=>$group, 'amount'=> 1);
210 $row = DB::insert('shop_cart', $bind2);
211 $d3 = mysql_query("SELECT * FROM `megacase` WHERE `name` = '$account'");
212 if(mysql_num_rows($d3) < 1) {
213 $bindf = array('id'=>'0', 'name'=>$account, 'count'=>$case);
214 $rowf = DB::insert('megacase', $bindf);
215 } else {
216 $upd = mysql_query("UPDATE `megacase` SET `count` = `count`+$case WHERE `name`='$account'");
217 }
218 if($row != 0){ responseSuccess('УÑлуга оказана абоненту'); } else {responseError('СиÑÑ‚ÐµÐ¼Ð½Ð°Ñ Ð¾ÑˆÐ¸Ð±ÐºÐ°');}
219 } elseif( ($buy) && ($case) && (!$group)&& (!$protect)) {
220 ###---------LAST BUYS
221 switch($case) {
222 case 1: $ccs = '1 Донат кейÑ'; break;
223 case 10: $ccs = '10 Донат кейÑов'; break;
224 default: $ccs = false; break;
225 }
226 $sess=mysql_query("INSERT INTO `lastbuy` (`id`,`nick`,`group`,`time`) VALUES ('0','$account', '$ccs', '".date("d.m в H:i:s")."')");
227 ###---------LAST BUYS
228 $s=mysql_query("INSERT INTO `qqq` (`id`,`name`) VALUES ('0','$account|$case')");
229 $d = mysql_query("SELECT * FROM `megacase` WHERE `name` = '$account'");
230 if(mysql_num_rows($d) < 1) {
231 $bindf = array('id'=>'0', 'name'=>$account, 'count'=>$case);
232 $rowf = DB::insert('megacase', $bindf);
233 } else {
234 $upd = mysql_query("UPDATE `megacase` SET `count` = `count`+$case WHERE `name`='$account'");
235 }
236 $fe= mysql_query("SELECT `id`,`user`,`count` FROM `megacase` WHERE `count`='0'");
237 while($fe = mysql_num_rows($fe)) {
238 for($i=0;$i<=mysql_num_rows($fe);$i++) {
239 mysql_query("DELETE FROM `megacase` WHERE `count`=0");
240 }
241 }
242 responseSuccess('УÑлуга оказана абоненту'); }
243
244 ################################PROTECT
245 elseif( ($buy) && (!$case) && (!$group) && ($protect) ) {
246
247 responseSuccess('Купил защиту');
248
249 }else{
250 responseError('Fail');
251 } } else {
252 responseError('Данный платеж уже был Ñовершен');
253 }
254}
255if($method == 'error'){
256 responseError($params['errorMessage']);
257}
258responseSuccess('Up');
259?>