Файл: Update 2.1.1/sources/ipn_deposit/payeer.php
Строк: 65
<?php
if ($_SERVER['REMOTE_ADDR'] != '37.59.221.230') return;
if (isset($_POST['m_operation_id']) && isset($_POST['m_sign']))
{
$m_operation_id = $_POST['m_operation_id'];
$m_operation_date = $_POST['m_operation_date'];
$m_orderid = $_POST['m_orderid'];
$m_amount = $_POST['m_amount'];
$m_currency = $_POST['m_curr'];
$accountQuery = $db->query("SELECT * FROM companies WHERE name='Payeer'");
$acc = $accountQuery->fetch_assoc();
if(checkSession()) { $uid = $_SESSION['suid']; } else { $uid = 0; }
$check_trans = $db->query("SELECT * FROM transactions WHERE tid='$m_operation_id' and date='$m_operation_date' and uid='$uid'");
$m_key = $acc['a_field_2'];
$arHash = array($_POST['m_operation_id'],
$_POST['m_operation_ps'],
$_POST['m_operation_date'],
$_POST['m_operation_pay_date'],
$_POST['m_shop'],
$_POST['m_orderid'],
$_POST['m_amount'],
$_POST['m_curr'],
$_POST['m_desc'],
$_POST['m_status'],
$m_key);
$sign_hash = strtoupper(hash('sha256', implode(':', $arHash)));
if ($_POST['m_sign'] == $sign_hash && $_POST['m_status'] == 'success')
{
if($check_trans->num_rows>0) {
echo error($lang['error_15']);
} else {
$insert = $db->query("INSERT transactions (tid,from,uid,in,amount,currency,date) VALUES ('$m_operation_id','','$uid','Payeer','$m_amount','$m_currency','$m_operation_date')");
$check_wallet = $db->query("SELECT * FROM wallets WHERE uid='$_SESSION[suid]' and currency='$payment_currency'");
if($check_wallet->num_rows>0) {
$update_wallet = $db->query("UPDATE wallets SET amount=amount+$m_amount WHERE uid='$_SESSION[suid]' and currency='$m_currency'");
echo success("Your deposit was successfully. You added $m_amount $m_currency to your wallet.");
} else {
$insert = $db->query("INSERT wallets (uid,amount,currency) VALUES ('$_SESSION[suid]','$m_amount','$m_currency')");
echo success("Your deposit was successfully. You added $m_amount $m_currency to your wallet.");
}
}
} else {
echo error($lang['error_18']);
}
}
?>