Файл: vkolhoze.com/xsolla/test.php
Строк: 87
<?php
error_reporting(E_ERROR);
include_once("lib.php");
$isAllowed = checkIP($_SERVER['REMOTE_ADDR']);
$db = mysql_connect ("localhost","bestkolhozbase","zx78op00998877");
mysql_select_db ("bestkolhoz",$db);
$secret = "9GQrY4rH4sLUWpPG";
$v1 = $_GET['v1'];
$command = $_GET['command'];
$md5 = $_GET['md5'];
$sum = $_GET['sum'];
$id = $_GET['id'];
$date = $_GET['date'];
if ($command == "check" && $isAllowed)
{
$check = check_nickname($v1);
if ($check && $md5 == md5($command.$v1.$secret))
{
$code = '0';
$comment = 'success';
echo '<?xml version="1.0" encoding="utf-8"?><response><result>'.$code.'</result></response>';
}
else
{
$code = '7';
$comment = 'Account is disabled or not present';
echo '<?xml version="1.0" encoding="utf-8"?><response><result>'.$code.'</result><comment>'.$comment.'</comment></response>';
}
}
if ($command == "pay")
{
$check = check_nickname($v1);
$paymentId = pay($v1,$sum,$id);
if ($paymentId)
{
$code = '0';
}
else
{
$code = '4';
$comment = 'Invalid format of request';
echo '<?xml version="1.0" encoding="windows-1251"?><response><id>'.$id.'</id><id_shop>'.$paymentId.'</id_shop><sum>'.$sum.'</sum><result>'.$code.'</result><comment>'.$comment.'</comment></response>';
exit();
}
if ($check && $paymentId && $md5 == md5($command.$v1.$id.$secret) && $isAllowed)
{
echo '<?xml version="1.0" encoding="windows-1251"?><response><id>'.$id.'</id><id_shop>'.$paymentId.'</id_shop><sum>'.$sum.'</sum><result>0</result></response>';
}
else
{
echo '<?xml version="1.0" encoding="windows-1251"?><response><id>'.$id.'</id><id_shop>'.$paymentId.'</id_shop><sum>'.$sum.'</sum><result>5</result><comment>Other error</comment></response>';
}
}
if ($command == "cancel")
{
$cancelResult = cancel($id);
if ($cancelResult && $md5 == md5($command.$id.$secret) && $isAllowed)
{
echo '<xml version="1.0" encoding="windows-1251"><response><result>0</result></response>';
}
else
{
echo '<xml version="1.0" encoding="windows-1251"><response><result>2</result><comment>this payment ID does not exist</comment></response>';
}
}
?>