2023-03-04 23:45:46 +00:00
< ? php
if ( ! DEFINED ( 'EGP' ))
2023-03-05 13:59:34 +00:00
exit ( header ( 'Refresh: 0; URL=http://' . $_SERVER [ 'SERVER_NAME' ] . '/404' ));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$check = strtoupper ( hash ( 'sha256' , $_POST [ 'LMI_PAYEE_PURSE' ]
. $_POST [ 'LMI_PAYMENT_AMOUNT' ]
. $_POST [ 'LMI_PAYMENT_NO' ]
. $_POST [ 'LMI_MODE' ]
. $_POST [ 'LMI_SYS_INVS_NO' ]
. $_POST [ 'LMI_SYS_TRANS_NO' ]
. $_POST [ 'LMI_SYS_TRANS_DATE' ]
. $cfg [ 'webmoney_key' ]
. $_POST [ 'LMI_PAYER_PURSE' ]
. $_POST [ 'LMI_PAYER_WM' ]));
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $_POST [ 'LMI_HASH' ] != $check )
sys :: out ( 'bad hash' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( ! isset ( $_POST [ 'LMI_PAYMENT_AMOUNT' ]))
sys :: out ( 'bad amount' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sum = round ( $_POST [ 'LMI_PAYMENT_AMOUNT' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
// Оплата по ключу
if ( ! sys :: valid ( $_POST [ 'us_user' ], 'md5' ))
{
$sql -> query ( 'SELECT `id`, `server`, `price` FROM `privileges_buy` WHERE `key`="' . $_POST [ 'us_user' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: out ( 'bad key' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$privilege = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$money = round ( $sum * $cfg [ 'curinrub' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $money < $privilege [ 'price' ])
sys :: out ( 'bad sum' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `user` FROM `servers` WHERE `id`="' . $privilege [ 'server' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: out ( 'bad server' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$server = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `id`, `balance`, `part_money` FROM `users` WHERE `id`="' . $server [ 'user' ] . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: out ( 'bad owner' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part_money' ])
$sql -> query ( 'UPDATE `users` set `part_money`="' . ( $user [ 'part_money' ] + $money ) . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
else
$sql -> query ( 'UPDATE `users` set `balance`="' . ( $user [ 'balance' ] + $money ) . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'id' ] . '", `text`="' . sys :: updtext ( sys :: text ( 'logs' , 'profit' ),
array ( 'server' => $privilege [ 'server' ], 'money' => $money )) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $money . '"' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'UPDATE `privileges_buy` set `status`="1" WHERE `id`="' . $privilege [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
sys :: out ( 'success' );
}
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = intval ( $_POST [ 'us_user' ]);
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `id`, `balance`, `part` FROM `users` WHERE `id`="' . $user . '" LIMIT 1' );
if ( ! $sql -> num ())
sys :: out ( 'bad user' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$user = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$money = round ( $user [ 'balance' ] + $sum * $cfg [ 'curinrub' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part' ])
{
$part_sum = round ( $sum / 100 * $cfg [ 'part_proc' ], 2 );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'SELECT `balance`, `part_money` FROM `users` WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
if ( $sql -> num ())
{
$part = $sql -> get ();
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
if ( $cfg [ 'part_money' ])
$sql -> query ( 'UPDATE `users` set `part_money`="' . ( $part [ 'part_money' ] + $part_sum ) . '" WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
else
$sql -> query ( 'UPDATE `users` set `balance`="' . ( $part [ 'balance' ] + $part_sum ) . '" WHERE `id`="' . $user [ 'part' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'part' ] . '", `text`="' . sys :: updtext ( sys :: text ( 'logs' , 'part' ),
array ( 'part' => $uid , 'money' => $part_sum )) . '", `date`="' . $start_point . '", `type`="part", `money`="' . $part_sum . '"' );
}
}
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'UPDATE `users` set `balance`="' . $money . '" WHERE `id`="' . $user [ 'id' ] . '" LIMIT 1' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
$sql -> query ( 'INSERT INTO `logs` set `user`="' . $user [ 'id' ] . '", `text`="Пополнение баланса на сумму: ' . $sum . ' ' . $cfg [ 'currency' ] . '", `date`="' . $start_point . '", `type`="replenish", `money`="' . $sum . '"' );
2023-03-04 23:45:46 +00:00
2023-03-05 13:59:34 +00:00
sys :: out ( 'success' );
2023-03-04 23:45:46 +00:00
?>