Файл: магазин/e-proger/modules/payment/buy.php
Строк: 438
<?php
session_start();
set_time_limit( 0 );
define( 'ROOT', 'http://'.$_SERVER['HTTP_HOST'] );
define( 'ROOT_DIR', $_SERVER['DOCUMENT_ROOT'] );
include_once ROOT_DIR . '/engine/config.php';
$summa = $_GET["money"];
if($_GET["y"] == "1"){
$yandex_sch = $config_pay['yandex_sch'];
echo '<style>
div.epsstart {
color: #2F4F4F;
font: 14px Tahoma, Arial, sans-serif;
text-align: center;
display: block;
}
input.timer {
font-size: 24px;
color: #C65D00;
text-align: center;
margin: 20px auto;
border: none;
background-color: #ffffff;
}
</style>';
// Подключим JS таймера
echo '<script type="text/javascript" language="JavaScript">
var vtime = 1;
function startClock() {
if (vtime > 0) {
vtime = vtime-1;
document.timerform.atimer.value = vtime;
setTimeout("startClock(0)", 1000);
}else{
document.timerform.atimer.value = "→";
document.payform.submit();
}
}
</script>';
echo('
<script type="text/javascript">
var date = new Date;
date.setDate( date.getDate() + 60 );
document.cookie="visitor='.intval($_SESSION['id']).'; path=/; expires="+date.toUTCString();
</script>
<div class="big_topics bor_top round3 FFF hr">
<body onLoad="startClock()">
<div class="epsstart">Сейчас будет произведён переход на страницу оплаты заказа<br> на сумму '.$summa.' руб.
<form action="" name="timerform">
<input class="timer" value="" name="atimer">
</form>
</div></div>
<form method="POST" name="payform" action="https://money.yandex.ru/quickpay/confirm.xml" >
<input type="hidden" name="receiver" value="'.$yandex_sch.'" >
<input type="hidden" name="label" value="'.intval($_SESSION['id']).'" >
<input type="hidden" name="sum" value="'.round( $summa + $summa * 0.005, 2 ).'" >
<input type="hidden" name="quickpay-form" value="shop" >
<input type="hidden" name="targets" value="Пополнение баланса ID '.intval($_SESSION['id']).'" >
<input type="hidden" name="paymentType" value="PC" >
<input type="hidden" name="successURL" value="'.ROOT.'/" >
<input type="hidden" name="failURL" value="'.ROOT.'/" >
</form>
</body>
');
}
if($_GET["p"] == "2"){
$payeer_id = $config_pay['payeer_id'];
$payeer_key = $config_pay['payeer_key'];
echo '<style>
div.epsstart {
color: #2F4F4F;
font: 14px Tahoma, Arial, sans-serif;
text-align: center;
display: block;
}
input.timer {
font-size: 24px;
color: #C65D00;
text-align: center;
margin: 20px auto;
border: none;
background-color: #ffffff;
}
</style>';
// Подключим JS таймера
echo '<script type="text/javascript" language="JavaScript">
var vtime = 1;
function startClock() {
if (vtime > 0) {
vtime = vtime-1;
document.timerform.atimer.value = vtime;
setTimeout("startClock(0)", 1000);
}else{
document.timerform.atimer.value = "→";
document.payform.submit();
}
}
</script>';
$m_shop = $payeer_id;
$m_orderid = intval($_SESSION['id']);
$m_amount = number_format($summa, 2, '.', '');
$m_curr = 'RUB';
$m_desc = base64_encode('Пополнение баланса ID '.intval($_SESSION['id']).'');
$m_key = $payeer_key;
$arHash = array(
$m_shop,
$m_orderid,
$m_amount,
$m_curr,
$m_desc,
$m_key
);
$sign = strtoupper(hash('sha256', implode(':', $arHash)));
$pdo->Query("INSERT INTO `php_insert` VALUES('', '".$m_amount."', '" . real_IP() . "', '2', '0', '".$m_orderid."')");
echo('
<script type="text/javascript">
var date = new Date;
date.setDate( date.getDate() + 60 );
document.cookie="visitor='.intval($_SESSION['id']).'; path=/; expires="+date.toUTCString();
</script>
<div class="big_topics bor_top round3 FFF hr">
<body onLoad="startClock()">
<div class="epsstart">Сейчас будет произведён переход на страницу оплаты заказа<br> на сумму '.$m_amount.' руб.
<form action="" name="timerform">
<input class="timer" value="" name="atimer">
</form>
</div></div>
<form method="GET" name="payform" action="//payeer.com/api/merchant/m.php">
<input type="hidden" name="m_shop" value="'.$m_shop.'">
<input type="hidden" name="m_orderid" value="'.$m_orderid.'">
<input type="hidden" name="m_amount" value="'.$m_amount.'">
<input type="hidden" name="m_curr" value="'.$m_curr.'">
<input type="hidden" name="m_desc" value="'.$m_desc.'">
<input type="hidden" name="m_sign" value="'.$sign.'">
</form>
</body>
');
}
if($_GET["i"] == "3"){
$interkassa_id = $config_pay['interkassa_id'];
$interkassa_key = $config_pay['interkassa_key'];
echo '<style>
div.epsstart {
color: #2F4F4F;
font: 14px Tahoma, Arial, sans-serif;
text-align: center;
display: block;
}
input.timer {
font-size: 24px;
color: #C65D00;
text-align: center;
margin: 20px auto;
border: none;
background-color: #ffffff;
}
</style>';
// Подключим JS таймера
echo '<script type="text/javascript" language="JavaScript">
var vtime = 1;
function startClock() {
if (vtime > 0) {
vtime = vtime-1;
document.timerform.atimer.value = vtime;
setTimeout("startClock(0)", 1000);
}else{
document.timerform.atimer.value = "→";
document.payform.submit();
}
}
</script>';
$m_shop = $interkassa_id;
$m_orderid = intval($_SESSION['id']);
$m_amount = number_format($summa, 2, '.', '');
$m_desc = 'Пополнение баланса ID '.intval($_SESSION['id']).'';
$m_key = $interkassa_key;
$data = array(
'ik_am' => $m_amount,
'ik_co_id' => $m_shop,
'ik_desc' => $m_desc,
'ik_pm_no' => $m_orderid,
'secret_key' => $m_key
);
$ik_sign_str = implode(':', $data);
$ik_sign= base64_encode(md5($ik_sign_str, true));
echo('
<script type="text/javascript">
var date = new Date;
date.setDate( date.getDate() + 60 );
document.cookie="visitor='.intval($_SESSION['id']).'; path=/; expires="+date.toUTCString();
</script>
<div class="big_topics bor_top round3 FFF hr">
<body onLoad="startClock()">
<div class="epsstart">Сейчас будет произведён переход на страницу оплаты заказа<br> на сумму '.$m_amount.' руб.
<form action="" name="timerform">
<input class="timer" value="" name="atimer">
</form>
</div></div>
<form method="post" name="payform" action="https://sci.interkassa.com/" accept-charset="UTF-8">
<input type="hidden" name="ik_co_id" value="'.$m_shop.'" />
<input type="hidden" name="ik_pm_no" value="'.$m_orderid.'" />
<input type="hidden" name="ik_am" value="'.$m_amount.'" />
<input type="hidden" name="ik_desc" value="'.$m_desc.'" />
<input type="hidden" name="ik_sign" value="'.$ik_sign.'" />
</form>
</body>
');
}
if($_GET["f"] == "8"){
$free_kassa_id = $config_pay['free_kassa_id'];
$free_kassa_key = $config_pay['free_kassa_key'];
echo '<style>
div.epsstart {
color: #2F4F4F;
font: 14px Tahoma, Arial, sans-serif;
text-align: center;
display: block;
}
input.timer {
font-size: 24px;
color: #C65D00;
text-align: center;
margin: 20px auto;
border: none;
background-color: #ffffff;
}
</style>';
// Подключим JS таймера
echo '<script type="text/javascript" language="JavaScript">
var vtime = 1;
function startClock() {
if (vtime > 0) {
vtime = vtime-1;
document.timerform.atimer.value = vtime;
setTimeout("startClock(0)", 1000);
}else{
document.timerform.atimer.value = "→";
document.payform.submit();
}
}
</script>';
$merchant_id = $free_kassa_id;
$secret_word = $free_kassa_key;
$order_id = intval($_SESSION['id']);
$order_amount = number_format($summa, 2, '.', '');
$sign = md5($merchant_id.':'.$order_amount.':'.$secret_word.':'.$order_id);
echo('
<script type="text/javascript">
var date = new Date;
date.setDate( date.getDate() + 60 );
document.cookie="visitor='.intval($_SESSION['id']).'; path=/; expires="+date.toUTCString();
</script>
<div class="big_topics bor_top round3 FFF hr">
<body onLoad="startClock()">
<div class="epsstart">Сейчас будет произведён переход на страницу оплаты заказа<br> на сумму '.$order_amount.' руб.
<form action="" name="timerform">
<input class="timer" value="" name="atimer">
</form>
</div></div>
<form method="get" name="payform" action="http://www.free-kassa.ru/merchant/cash.php">
<input type="hidden" name="m" value="'.$merchant_id.'">
<input type="hidden" name="oa" value="'.$order_amount.'">
<input type="hidden" name="o" value="'.$order_id.'">
<input type="hidden" name="s" value="'.$sign.'">
<input type="hidden" name="lang" value="ru">
</form>
</body>
');
}
if($_GET["mg"] == "9"){
$megakassa_key = $config_pay['megakassa_key'];
$megakassa_id = $config_pay['megakassa_id'];
echo '<style>
div.epsstart {
color: #2F4F4F;
font: 14px Tahoma, Arial, sans-serif;
text-align: center;
display: block;
}
input.timer {
font-size: 24px;
color: #C65D00;
text-align: center;
margin: 20px auto;
border: none;
background-color: #ffffff;
}
</style>';
// Подключим JS таймера
echo '<script type="text/javascript" language="JavaScript">
var vtime = 1;
function startClock() {
if (vtime > 0) {
vtime = vtime-1;
document.timerform.atimer.value = vtime;
setTimeout("startClock(0)", 1000);
}else{
document.timerform.atimer.value = "→";
document.payform.submit();
}
}
</script>';
$shop_id = $megakassa_id;
$amount = $summa;
$currency = 'RUB';
$description = 'Пополнение баланса ID '.intval($_SESSION['id']).'';
$order_id = time();
$method_id = '';
$client_email = '';
$debug = '';
$secret_key = $megakassa_key;
$signature = md5($secret_key.md5(join(':', array($shop_id, $amount, $currency, $description, $order_id, $method_id, $client_email, $debug, $secret_key))));
$pdo->Query("INSERT INTO `php_megakassa` VALUES('', '".intval($_SESSION['id'])."', '" . $order_id . "')");
echo('
<script type="text/javascript">
var date = new Date;
date.setDate( date.getDate() + 60 );
document.cookie="visitor='.intval($_SESSION['id']).'; path=/; expires="+date.toUTCString();
</script>
<div class="big_topics bor_top round3 FFF hr">
<body onLoad="startClock()">
<div class="epsstart">Сейчас будет произведён переход на страницу оплаты заказа<br> на сумму '.$amount.' руб.
<form action="" name="timerform">
<input class="timer" value="" name="atimer">
</form>
</div></div>
<form method="post" name="payform" action="https://megakassa.ru/merchant/" accept-charset="UTF-8">
<input type="hidden" name="shop_id" value="'.$shop_id.'" />
<input type="hidden" name="amount" value="'.$amount.'" />
<input type="hidden" name="currency" value="'.$currency.'" />
<input type="hidden" name="description" value="'.$description.'" />
<input type="hidden" name="order_id" value="'.$order_id.'" />
<input type="hidden" name="signature" value="'.$signature.'" />
</form>
</body>
');
}
if($_GET["q"] == "4"){
$qiwi_phone = $config_pay['qiwi_phone'];
if(isset($_GET['money'])) {
$summ = floatval($_GET['money']);
$last_time = time() + 86400;
if($summ <= 4999)
{
$count = 5;
$percent = 30;
}
else if($summ >= 5000)
{
$count = 10;
$percent = 20;
}
$login = $user['login'];
$minins = 1;
$maxins = 15000;
if($summ >= $minins AND $summ <= $maxins) {
$pdo->Query("INSERT INTO `php_inserts` VALUES ('', '".intval($_SESSION['id'])."', '$login', '$summ', '".time()."', '', '0')");
$insertId = $pdo->LastInsertId();
$_SESSION['pay'] = $insertId;
$_SESSION['transsumm'] = $summ;
} else echo '<div class="big_topics bor_top round3 FFF hr"><font color="red">Сумма имеет неверное значение (ниже или выше допустимой нормы).</font></div><br><br>';
}
if(isset($_POST['fail'])) {
$id = (int)$_SESSION['pay'];
$pdo->Query("UPDATE `php_inserts` SET `status` = '2' WHERE `id` = '$id'");
unset($_SESSION['pay']);
unset($_SESSION['transsumm']);
?><script> setTimeout( "location='/payment';", 500 ); </script><?
}
?>
<style>
.buttop {display:inline-block;margin:12px -3px 0 3px;padding:5px 4px 4px 4px;color:#fff;background: #1aa1e1;cursor:pointer;border:none;font:14px obtext;border-radius:4px; -webkit-box-shadow: 0px 1px 5px rgba(0, 0, 0, 0.2);
-moz-box-shadow: 0px 1px 5px rgba(0, 0, 0, 0.2);
box-shadow: 0px 1px 5px rgba(0, 0, 0, 0.2);
border: 2px solid #FFFFFF;}
.buttop:hover{background: #44bffa;}
</style>
<? if(isset($_SESSION['pay'])) {
$minins = 1;
$maxins = 15000;
?>
<div class="big_topics bor_top round3 FFF hr"><div class="infotext" style="padding:15px;width: 740px;">
<b>Пополнение: № <?=$_SESSION['pay']; ?></b> <a href="https://qiwi.com/transfer/form.action?extra[%27account%27]=<?=$qiwi_phone; ?>&amountInteger=<?=$_SESSION['transsumm']; ?>&amountFraction=00&extra[%27comment%27]=<?=$user['login'];?>" target="_blank">Перейти к оплате.</a>
Переведите <b><?=$_SESSION['transsumm']; ?></b> руб. на QIWI кошелек <b>+<?=$qiwi_phone; ?></b> указав в комментарии к платежу свой логин <b><?=$user['login'];?></b>
После проведения платежа, впишите номер транкзации (номер платежа) в поле и нажмите на кнопку ПРОВЕРИТЬ ОПЛАТУ.
<b>Деньги будут зачислены автоматически.</b>
</div><br>
<? } else { ?>
<div style="padding:15px;width: 650px;margin: 0 auto;font-size: 13px;background: #EDE8E4;border: 1px solid #EDE8E4;">
Укажите в форме сумму в Российских рублях на которую Вы собираетесь пополнить счет. Сумма одноразового пополнения через QIWI не должна быть меньше <?=$minins; ?> рублей и не более <?=$maxins; ?> рублей.</div>
<? } ?>
<? if(isset($_SESSION['pay'])) { ?>
<table>
<tr>
<div align="center"><form method="POST" action="">
<input type="text" id="codeqiwi" value="" style="border: 1px solid #DDD; width:200px; height:25px; border-radius:2px; text-align:center;" placeholder="Номер платежа (транкзация)"><br />
<input class="buttop" type="button" onclick="qiwi();" id="submit" value="Проверить оплату">
</form>
<form method="POST">
<input class="buttop" type="submit" name="fail" value="Отменить платеж">
</form></div>
</tr>
</table>
<br />
<div id="dele" class=""></div>
<div id="status" class=""></div></div>
<script type="text/javascript">
function qiwi()
{
document.getElementById('submit').disabled=true;
var codeqiwi = $("#codeqiwi").val();
$("#status").html("Оплата проверяется, подождите пожалуйста!");
$.ajax({
type: "POST",
url: "/ajax/qiwia.php",
data:"codeqiwi="+codeqiwi,
beforeSend: function(){
$("#dele"); },
success: function(rezult) {
$("#dele").empty();
$('#dele').fadeIn(2000).html(rezult);
document.getElementById('submit').disabled=false;
$("#status").html("");
}
});
}
</script>
<?return; }?>
<?
}
?>