2023-03-04 23:45:46 +00:00
< ? php
if ( ! DEFINED ( 'EGP' ))
2023-03-05 13:59:34 +00:00
exit ( header ( 'Refresh: 0; URL=http://' . $_SERVER [ 'SERVER_NAME' ] . '/404' ));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
function getSha256SignatureByMethodAndParams ( $method , array $params , $secretKey ){
$delimiter = '{up}' ;
ksort ( $params );
unset ( $params [ 'sign' ]);
unset ( $params [ 'signature' ]);
return hash ( 'sha256' , $method . $delimiter . join ( $delimiter , $params ) . $delimiter . $secretKey );
}
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$unitpayIp = array ( '31.186.100.49' , '178.132.203.105' , '52.29.152.23' , '52.19.56.234' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( ! in_array ( $uip , $unitpayIp ))
sys :: outjs ( array ( 'error' => array ( 'message' => 'Некорректный адрес сервера' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$secretKey = $cfg [ 'unitpay_key' ];
$params = $_GET [ 'params' ];
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $params [ 'signature' ] != getSha256SignatureByMethodAndParams (
2023-03-04 23:45:46 +00:00
$_REQUEST [ " method " ], $params , $GATEWAY [ 'SecretKey' ]
));
2023-03-05 13:59:34 +00:00
if ( ! in_array ( $_GET [ 'method' ], array ( 'pay' , 'check' , 'error' )))
sys :: outjs ( array ( 'error' => array ( 'message' => 'Некорректный метод' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
// Оплата по ключу
if ( ! sys :: valid ( $params [ 'account' ], 'md5' ))
{
$sql -> query ( 'SELECT `id`, `server`, `price` FROM `privileges_buy` WHERE `key`="' . $params [ 'account' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: outjs ( array ( 'error' => array ( 'message' => 'bad key: ' . $params [ 'account' ])));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$privilege = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$money = round ( $params [ 'sum' ] * $cfg [ 'curinrub' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $money < $privilege [ 'price' ])
sys :: outjs ( array ( 'error' => array ( 'message' => 'bad sum' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `user` FROM `servers` WHERE `id`="' . $privilege [ 'server' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: outjs ( array ( 'error' => array ( 'message' => 'bad server' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$server = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `id`, `balance`, `part_money` FROM `users` WHERE `id`="' . $server [ 'user' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: outjs ( array ( 'error' => array ( 'message' => 'bad owner' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( isset ( $_GET [ 'method' ]) AND $_GET [ 'method' ] == 'check' )
sys :: outjs ( array ( 'result' => array ( 'message' => 'Запрос успешно обработан' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part_money' ])
$sql -> query ( 'UPDATE `users` set `part_money`="' . ( $user [ 'part_money' ] + $money ) . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
else
$sql -> query ( 'UPDATE `users` set `balance`="' . ( $user [ 'balance' ] + $money ) . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'id' ] . '", `text`="' . sys :: updtext ( sys :: text ( 'logs' , 'profit' ),
array ( 'server' => $privilege [ 'server' ], 'money' => $money )) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $money . '"' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'UPDATE `privileges_buy` set `status`="1" WHERE `id`="' . $privilege [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
sys :: outjs ( array ( 'result' => array ( 'message' => 'Запрос успешно обработан' )));
}
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
switch ( $_GET [ 'method' ])
{
case 'pay' :
$sum = round ( $params [ 'sum' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = intval ( $params [ 'account' ]);
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `id`, `balance`, `part` FROM `users` WHERE `id`="' . $user . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: outjs ( array ( 'result' => array ( 'message' => 'Пользователь c ID: ' . $user . ' не найден' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$money = round ( $user [ 'balance' ] + $sum * $cfg [ 'curinrub' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part' ])
{
$part_sum = round ( $sum / 100 * $cfg [ 'part_proc' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `balance`, `part_money` FROM `users` WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
if ( $sql -> num ())
{
$part = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part_money' ])
$sql -> query ( 'UPDATE `users` set `part_money`="' . ( $part [ 'part_money' ] + $part_sum ) . '" WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
else
$sql -> query ( 'UPDATE `users` set `balance`="' . ( $part [ 'balance' ] + $part_sum ) . '" WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'part' ] . '", `text`="' . sys :: updtext ( sys :: text ( 'logs' , 'part' ),
array ( 'part' => $uid , 'money' => $part_sum )) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $part_sum . '"' );
}
}
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'UPDATE `users` set `balance`="' . $money . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'id' ] . '", `text`="Пополнение баланса на сумму: ' . $sum . ' ' . $cfg [ 'currency' ] . '", `date`="' . $start_point . '", `type`="replenish", `money`="' . $sum . '"' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
sys :: outjs ( array ( 'result' => array ( 'message' => 'Запрос успешно обработан' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
case 'check' :
$sql -> query ( 'SELECT `id` FROM `users` WHERE `id`="' . intval ( $params [ 'account' ]) . '" LIMIT 1' );
if ( $sql -> num ())
sys :: outjs ( array ( 'result' => array ( 'message' => 'Запрос успешно обработан' )));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
sys :: outjs ( array ( 'jsonrpc' => " 2.0 " , 'error' => array ( 'code' => - 32000 , 'message' => 'Пользователь не найден' ), 'id' => 1 ));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
case 'error' :
sys :: outjs ( array ( 'result' => array ( 'message' => 'Запрос успешно обработан' )));
}
2023-03-04 23:45:46 +00:00
?>