Файл: public_html/avenax.php
Строк: 211
<?php
/**
* Created by PhpStorm.
* User: Горбунов Александр
* https://vk.com/sasha_gorbunov
* Распространение и перепродажа запрещена
* Date: 10.01.2017
* Time: 12:50
*/
define('ROOT', $_SERVER['DOCUMENT_ROOT']);
# Подключение к базе данных
define('DB_HOST', 'localhost'); // Сервер
define('DB_NAME', 'cd90484_lasthero'); // Имя базы
define('DB_USER', 'cd90484_lasthero'); // Пользователь
define('DB_PASS', '112233'); // Пароль
define('XSOLLA_CODE', 'JSjp1D86XgKsnGG9'); // Секретный код проекта
# Входящие заголовки
$header = apache_request_headers();
$post = file_get_contents('php://input');
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
# Входящие данные
$json_in = json_decode($post);
# Тип запроса
$type = $json_in->notification_type;
# ID пользователя
$id = $json_in->user->id;
if (isset($header['Authorization'])) {
if (!Avenax_Pay_Xsolla::verification($post, XSOLLA_CODE, $header['Authorization'])) {
Avenax_Pay_Xsolla::status_http(400, 'INVALID_SIGNATURE');
}
}
if ($type == 'user_validation') {
if (Avenax_Pay_Xsolla::check_user($id)) {
Avenax_Pay_Xsolla::status_http(204);
} else {
Avenax_Pay_Xsolla::status_http(422, "INVALID_USER");
}
} elseif ($type == 'payment') {
# Название валюты
$valuta_name = $json_in->purchase->virtual_currency->name;
# Количество валюты
$valuta_count = $json_in->purchase->virtual_currency->quantity;
# Ид платежа в xsolla
$transaction_id = $json_in->transaction->id;
# Дата платежа в xsolla
$payment_date = $json_in->transaction->payment_date;
# Валюта платежа
$payment_currency = $json_in->payment_details->payment->currency;
# Сумма платежа в валюте
$payment_amount = $json_in->payment_details->payment->amount;
# Зачисляем валюту пользователю
if (Avenax_Pay_Xsolla::payment($transaction_id, $payment_date, $payment_currency, $payment_amount, $id, $valuta_name, $valuta_count)) {
Avenax_Pay_Xsolla::status_http(204);
} else {
Avenax_Pay_Xsolla::status_http(400, 'INVALID_PARAMETER', 'Запрос содержит невалидный параметр.');
}
} elseif ($type == 'refund') {
# Название валюты
$valuta_name = $json_in->purchase->virtual_currency->name;
# Количество валюты
$valuta_count = $json_in->purchase->virtual_currency->quantity;
# Валюта платежа
$payment_currency = $json_in->purchase->virtual_currency->currency;
# Сумма платежа в валюте
$payment_amount = $json_in->purchase->virtual_currency->amount;
# Вносим отмененный платеж в статистику
if (Avenax_Pay_Xsolla::cancel_payment($payment_currency, $payment_amount, $id, $valuta_name, $valuta_count)) {
Avenax_Pay_Xsolla::status_http(204);
} else {
Avenax_Pay_Xsolla::status_http(400, 'INVALID_PARAMETER');
}
}
class Avenax_Pay_Xsolla {
public static function status_http($id_status = 400, $code = '', $message = '') {
header("HTTP/1.1 " . $id_status);
header('Content-Type: application/json; charset=UTF-8');
$json = array("error" => array("code" => $code, "message" => $message));
echo json_encode($json);
exit();
}
public static function check_user($id) {
$db = self::connect_db();
$user = intval($id);
if ($user == false) {
return false;
}
$sql = $db->prepare('SELECT COUNT(*) FROM `users` WHERE `id` = ? LIMIT 1');
$sql->execute([$user]);
if ($sql->fetchColumn() == true) {
return true;
}
return false;
}
public static function cancel_payment($p_curr, $p_amount, $id_user, $v_name, $v_count) {
$db = self::connect_db();
$sql = $db->prepare("INSERT INTO `xsolla_payment` (`transaction_id`,
`payment_date`,
`payment_currency`,
`payment_amount`,
`id_user`,
`currency_name`,
`currency_count`) VALUES (?, ?, ?, ?, ?, ?, ?)");
$sql->execute([0, 'REFUSAL_TO_PAY', $p_curr, $p_amount, $id_user, $v_name, $v_count]);
return true;
}
public static function payment($t_id, $p_date, $p_curr, $p_amount, $id_user, $v_name, $v_count) {
$db = self::connect_db();
$sql = $db->prepare("INSERT INTO `xsolla_payment` (`transaction_id`,
`payment_date`,
`payment_currency`,
`payment_amount`,
`id_user`,
`currency_name`,
`currency_count`) VALUES (?, ?, ?, ?, ?, ?, ?)");
$sql->execute([$t_id, $p_date, $p_curr, $p_amount, $id_user, $v_name, $v_count]);
if ($v_name == 'Gems') {
$sql = $db->prepare('SELECT COUNT(*) FROM `users` WHERE `id` = ? LIMIT 1');
$sql->execute([$id_user]);
if ($sql->fetchColumn() == true) {
$setUser = $db->prepare("UPDATE users SET gold = gold + ? WHERE id = ?");
$setUser->execute([$v_count, $id_user]);
return true;
} else {
return false;
}
} else {
return false;
}
}
public static function verification($req, $xsolla, $sign) {
$signature = 'Signature ' . sha1($req . $xsolla);
if ($signature != $sign) {
return false;
}
return true;
}
private static function connect_db() {
try {
$db = new PDO("mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=UTF8", DB_USER, DB_PASS);
return $db;
} catch (PDOException $e) {
self::status_http(500, 'Ошибка подключения к БД');
return false;
}
}
}