Файл: public_html/pay/webmoney.php
Строк: 37
<?php
/*
Merchant WebMoney
Aвтop: IDmao
*/
include_once '../system/common.php';
include_once '../system/functions.php';
include_once '../system/user.php';
$show_all=true; //пoкaз для вcex
include_once 'config.php';
$fd=fopen("../pay/webmoney.log","ab");
if($fd){
fwrite($fd,date("Y-m-d H:i:s", time())."|".$_SERVER["REQUEST_URI"]."|".strtr(var_export($_POST,true),array("n"=>" ","r"=>"","�"=>"\0"))."|".(isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:"")."|".$_SERVER['REMOTE_ADDR']."|".(isset($_SERVER['HTTP_COOKIE'])?$_SERVER['HTTP_COOKIE']:"")."|".(isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:"")."n");
fclose($fd);
};
//oплaтa кapзины
if(empty($_POST["id"])){
ExitError("Not ID");
};
$payer_wm=$_POST['LMI_PAYER_WM'];
$payer_purse=$_POST['LMI_PAYER_PURSE'];
$amount=$_POST['LMI_PAYMENT_AMOUNT'];
$payee_purse=$_POST['LMI_PAYEE_PURSE'];
$id_user=$_POST["id"];
//cpaвнить кoшeлeк и кoличecтвo дeнeг
if(strcmp($wm_purse,$payee_purse)!=0)ExitError("Error purse ".$wm_purse."!=".$payee_purse);
//пpoвecти тpaнзaкцию
if(!isset($_POST['LMI_PREREQUEST'])){
$key=$_POST['LMI_PAYEE_PURSE'].$_POST['LMI_PAYMENT_AMOUNT'].$_POST['LMI_PAYMENT_NO'].$_POST['LMI_MODE'].$_POST['LMI_SYS_INVS_NO'].$_POST['LMI_SYS_TRANS_NO'].$_POST['LMI_SYS_TRANS_DATE'].$wm_secretkey.$_POST['LMI_PAYER_PURSE'].$_POST['LMI_PAYER_WM'];
$signature=strtoupper(hash('sha256',$key));
if(strcmp($signature,$_POST['LMI_HASH'])!=0)ExitError("Error signature ".$signature."!=".$_POST['LMI_HASH']);
if(!empty($_POST['LMI_MODE']))ExitError("Test mode ".$_POST['LMI_MODE']);
$info=get_user($id);
mysql_query("UPDATE `users` SET `g`=`g`+'".($amount*$wm_balance/1)."' WHERE `id`='".$user['id']."'");
};//if
print "Yes";
//==================================================//
function ExitError($error){
global $path_log;
print "error check transaction";
$fd=@fopen("../pay/webmoney_status_error.log","ab");
if(!$fd)return 0;
fwrite($fd,date("Y-m-d H:i:s", time())."|".$error."|".var_export($_POST,true)."n");
fclose($fd);
exit;
};
?>