Файл: магазин/e-proger/modules/payment/offline.php
Строк: 138
<div class="big_topics bor_top round3 FFF hr">
<div class="infotext">Ниже представлены способы оплаты товара. Для оплаты вам необходимо выбрать один из способов и оплатить, после оплаты на указанный вами Email поступит ссылка на скачивание архива, которая будет действительна в течении 24 часов.</div>
<center>
<?php
session_start();
set_time_limit( 0 );
define( 'ROOT', 'http://'.$_SERVER['HTTP_HOST'] );
define( 'ROOT_DIR', $_SERVER['DOCUMENT_ROOT'] );
include_once ROOT_DIR . '/engine/config.php';
$summ = $_GET["summa"];
$user_mail = $_GET["user_mail"];
$tovar = $_GET["tovar"];
$key = $_GET["key"];
$config_pos = $pdo->Query("SELECT * from php_tovar WHERE id = '" . $tovar. "' and cena = '" . $summ. "' LIMIT 1")->fetch(PDO::FETCH_BOTH);
$key_tovar = sha1($config_pos['cena'].$config_pos['id']);
$key1 = sha1($summ.$tovar);
if($user_mail == ''){
echo '<div class="error" style="width: 90%; margin: 10px auto; text-align: center;font-weight:bold">Укажите ваш Email</div>';
exit();
}
if($key == $key1 && $key_tovar)
{
if($_GET["ok"] == "Купить"){
$config_upload = $pdo->Query("SELECT * from php_upload WHERE tovar = '" . $tovar. "' LIMIT 1")->fetch(PDO::FETCH_BOTH);
$pdo->Query("INSERT INTO `php_offline` VALUES('', '$user_mail', '$tovar', '$summ', '" . real_IP() . "', '" . $key . "', '0', '', '', '0')");
$yandex_sch = $config_pay['yandex_sch'];
echo('
<form method="POST" name="payform" action="https://money.yandex.ru/quickpay/confirm.xml" >
<input type="hidden" name="receiver" value="'.$yandex_sch.'" >
<input type="hidden" name="label" value="'.$key.'" >
<input type="hidden" name="sum" value="'.round( $summ + $summ * 0.005, 2 ).'" >
<input type="hidden" name="quickpay-form" value="shop" >
<input type="hidden" name="targets" value="Покупка товара '.$config_pos['title'].'" >
<input type="hidden" name="paymentType" value="PC" >
<input type="hidden" name="successURL" value="'.ROOT.'/" >
<input type="hidden" name="failURL" value="'.ROOT.'/" >
<input type="submit" value="5" class="yandex" />
</form>
');
$payeer_id = $config_pay['payeer_id'];
$payeer_key = $config_pay['payeer_key'];
$m_shop = $payeer_id;
$m_orderid = $key;
$m_amount = number_format($summ, 2, '.', '');
$m_curr = 'RUB';
$m_desc = base64_encode('Покупка товара '.$config_pos['title'].'');
$m_key = $payeer_key;
$arHash = array(
$m_shop,
$m_orderid,
$m_amount,
$m_curr,
$m_desc,
$m_key
);
$sign = strtoupper(hash('sha256', implode(':', $arHash)));
echo('
<form method="GET" name="payform" action="//payeer.com/api/merchant/m.php">
<input type="hidden" name="m_shop" value="'.$m_shop.'">
<input type="hidden" name="m_orderid" value="'.$m_orderid.'">
<input type="hidden" name="m_amount" value="'.$m_amount.'">
<input type="hidden" name="m_curr" value="'.$m_curr.'">
<input type="hidden" name="m_desc" value="'.$m_desc.'">
<input type="hidden" name="m_sign" value="'.$sign.'">
<input type="submit" value="6" class="payeer" />
</form>
');
/*
$interkassa_id = $config_pay['interkassa_id'];
$interkassa_key = $config_pay['interkassa_key'];
$m_shop1 = $interkassa_id;
$m_orderid1 = $tovar;
$m_amount1 = number_format($summ, 2, '.', '');
$m_desc1 = 'Покупка товара '.$config_pos['title'].'';
$m_key1 = $interkassa_key;
$data = array(
'ik_am' => $m_amount1,
'ik_co_id' => $m_shop1,
'ik_desc' => $m_desc1,
'ik_pm_no' => $m_orderid1,
'secret_key' => $m_key1
);
$ik_sign_str = implode(':', $data);
$ik_sign= base64_encode(md5($ik_sign_str, true));
echo('
<form method="post" name="payform" action="https://sci.interkassa.com/" accept-charset="UTF-8">
<input type="hidden" name="ik_co_id" value="'.$m_shop1.'" />
<input type="hidden" name="ik_pm_no" value="'.$m_orderid1.'" />
<input type="hidden" name="ik_am" value="'.$m_amount1.'" />
<input type="hidden" name="ik_desc" value="'.$m_desc1.'" />
<input type="hidden" name="ik_sign" value="'.$ik_sign.'" />
<input type="submit" value="7" class="interkassa" />
</form>
');
*/
}
}else{
echo $key_tovar;
echo "ERROR";
exit();
}
?>
</center>
</div>