/
enginegp
/
EngineGP
GigaCode
beta
ОбзорЦентр заботыВойти

EngineGP

Форк
0
Ветки: 3Коммиты: 388Теги: 4
EngineGP
/system
/engine
/
webmoney.php 
117 строк · 3.9 Кб
1
<?php
2
/*
3
 * EngineGP   (https://enginegp.ru or https://enginegp.com)
4
 *
5
 * @copyright Copyright (c) 2018-present Solovev Sergei <inbox@seansolovev.ru>
6
 *
7
 * @link      https://github.com/EngineGPDev/EngineGP for the canonical source repository
8
 *
9
 * @license   https://github.com/EngineGPDev/EngineGP/blob/main/LICENSE MIT License
10
 */
11


12
if (!defined('EGP')) {
13
    exit(header('Refresh: 0; URL=http://' . $_SERVER['HTTP_HOST'] . '/404'));
14
}
15


16
$check = strtoupper(hash('sha256', $_POST['LMI_PAYEE_PURSE']
17
    . $_POST['LMI_PAYMENT_AMOUNT']
18
    . $_POST['LMI_PAYMENT_NO']
19
    . $_POST['LMI_MODE']
20
    . $_POST['LMI_SYS_INVS_NO']
21
    . $_POST['LMI_SYS_TRANS_NO']
22
    . $_POST['LMI_SYS_TRANS_DATE']
23
    . $cfg['webmoney_key']
24
    . $_POST['LMI_PAYER_PURSE']
25
    . $_POST['LMI_PAYER_WM']));
26


27
if ($_POST['LMI_HASH'] != $check) {
28
    sys::out('bad hash');
29
}
30


31
if (!isset($_POST['LMI_PAYMENT_AMOUNT'])) {
32
    sys::out('bad amount');
33
}
34


35
$sum = round($_POST['LMI_PAYMENT_AMOUNT'], 2);
36


37
// Оплата по ключу
38
if (!sys::valid($_POST['us_user'], 'md5')) {
39
    $sql->query('SELECT `id`, `server`, `price` FROM `privileges_buy` WHERE `key`="' . $_POST['us_user'] . '" LIMIT 1');
40
    if (!$sql->num()) {
41
        sys::out('bad key');
42
    }
43


44
    $privilege = $sql->get();
45


46
    $money = round($sum * $cfg['curinrub'], 2);
47


48
    if ($money < $privilege['price']) {
49
        sys::out('bad sum');
50
    }
51


52
    $sql->query('SELECT `user` FROM `servers` WHERE `id`="' . $privilege['server'] . '" LIMIT 1');
53
    if (!$sql->num()) {
54
        sys::out('bad server');
55
    }
56


57
    $server = $sql->get();
58


59
    $sql->query('SELECT `id`, `balance`, `part_money` FROM `users` WHERE `id`="' . $server['user'] . '" LIMIT 1');
60
    if (!$sql->num()) {
61
        sys::out('bad owner');
62
    }
63


64
    $user = $sql->get();
65


66
    if ($cfg['part_money']) {
67
        $sql->query('UPDATE `users` set `part_money`="' . ($user['part_money'] + $money) . '" WHERE `id`="' . $user['id'] . '" LIMIT 1');
68
    } else {
69
        $sql->query('UPDATE `users` set `balance`="' . ($user['balance'] + $money) . '" WHERE `id`="' . $user['id'] . '" LIMIT 1');
70
    }
71


72
    $sql->query('INSERT INTO `logs` set `user`="' . $user['id'] . '", `text`="' . sys::updtext(
73
        sys::text('logs', 'profit'),
74
        ['server' => $privilege['server'], 'money' => $money]
75
    ) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $money . '"');
76


77
    $sql->query('UPDATE `privileges_buy` set `status`="1" WHERE `id`="' . $privilege['id'] . '" LIMIT 1');
78


79
    sys::out('success');
80
}
81


82
$user = intval($_POST['us_user']);
83


84
$sql->query('SELECT `id`, `balance`, `part` FROM `users` WHERE `id`="' . $user . '" LIMIT 1');
85
if (!$sql->num()) {
86
    sys::out('bad user');
87
}
88


89
$user = $sql->get();
90


91
$money = round($user['balance'] + $sum * $cfg['curinrub'], 2);
92


93
if ($cfg['part']) {
94
    $part_sum = round($sum / 100 * $cfg['part_proc'], 2);
95


96
    $sql->query('SELECT `balance`, `part_money` FROM `users` WHERE `id`="' . $user['part'] . '" LIMIT 1');
97
    if ($sql->num()) {
98
        $part = $sql->get();
99


100
        if ($cfg['part_money']) {
101
            $sql->query('UPDATE `users` set `part_money`="' . ($part['part_money'] + $part_sum) . '" WHERE `id`="' . $user['part'] . '" LIMIT 1');
102
        } else {
103
            $sql->query('UPDATE `users` set `balance`="' . ($part['balance'] + $part_sum) . '" WHERE `id`="' . $user['part'] . '" LIMIT 1');
104
        }
105


106
        $sql->query('INSERT INTO `logs` set `user`="' . $user['part'] . '", `text`="' . sys::updtext(
107
            sys::text('logs', 'part'),
108
            ['part' => $uid, 'money' => $part_sum]
109
        ) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $part_sum . '"');
110
    }
111
}
112


113
$sql->query('UPDATE `users` set `balance`="' . $money . '" WHERE `id`="' . $user['id'] . '" LIMIT 1');
114


115
$sql->query('INSERT INTO `logs` set `user`="' . $user['id'] . '", `text`="Пополнение баланса на сумму: ' . $sum . ' ' . $cfg['currency'] . '", `date`="' . $start_point . '", `type`="replenish", `money`="' . $sum . '"');
116


117
sys::out('success');
118

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.