File size: 1.67Kb
<?php
include_once $_SERVER['DOCUMENT_ROOT'].'/sys/inc/home.php';
include_once H.'sys/inc/start.php';
include_once H.'sys/inc/compress.php';
include_once H.'sys/inc/sess.php';
include_once H.'sys/inc/settings.php';
include_once H.'sys/inc/db_connect.php';
include_once H.'sys/inc/ipua.php';
include_once H.'sys/inc/fnc.php';
include_once H.'sys/inc/user.php';
$rub = $_POST['LMI_PAYMENT_AMOUNT'];
$wmr = 'R370006780818'; // Ваш кошелек
$secretKey = 'lolka1hp22qq'; // Ваш секретный ключ в Мерчанте
$user = intval($_POST['id_user']);
$us = mysql_fetch_array(mysql_query("SELECT id, money FROM `user` WHERE `id` = '".$user."' LIMIT 1"));
if (isset($_POST['LMI_PREREQUEST'])) {
// Подпись с данными
$sign = md5($_POST['LMI_PAYMENT_AMOUNT'] .':'. $_POST['LMI_PAYEE_PURSE'] .':'. $_POST['LMI_PAYMENT_NO'] .':'. $secretKey);
if($_POST['LMI_PAYEE_PURSE'] != $wmr){
$error = TRUE;
}
elseif (!isset($us['id'])){
$error = TRUE;
}
elseif(!isset($rub) or $rub < 1 or $rub > 99999){
$error = TRUE;
}
elseif ($error == TRUE){
die(__('Ошибка(1): Проверка подписи не прошла'));
}
else{
die('YES');
}
}
$common_string = $_POST['LMI_PAYEE_PURSE'].$_POST['LMI_PAYMENT_AMOUNT'].$_POST['LMI_PAYMENT_NO'].$_POST['LMI_MODE'].$_POST['LMI_SYS_INVS_NO'].$_POST['LMI_SYS_TRANS_NO'].$_POST['LMI_SYS_TRANS_DATE'].$secretKey.$_POST['LMI_PAYER_PURSE'].$_POST['LMI_PAYER_WM'];
$hash = strtoupper(hash('sha256', $common_string));
if ($hash != $_POST['LMI_HASH']) {
die(__('Ошибка доступа'));
}
else{
mysql_query("UPDATE `user` SET `money` = `money` + '$rub' WHERE `id` = '".$us['id']."' LIMIT 1");
exit;
}
?>