Файл: api/cod_ot.txt
Строк: 14
<?php
define('WP_ID', 1); //id площадки
define('WP_HASH',
'12345678'); //секретный код
if
(isset($_POST['WP_PAYMENT_AMOUNT']) &&
isset($_POST['WP_PAYMENT_DATE']) &&
isset($_POST['WP_PAYMENT_HASH']))
{
$wp = array(
'platform' =>
trim(filter_input(INPUT_POST, 'WP_PAYMENT_SITE', FILTER_UNSAFE_RAW)), //ID
PLATFORM
'money' => trim(filter_input(INPUT_POST, 'WP_PAYMENT_AMOUNT',
FILTER_UNSAFE_RAW)), //MONEY
'var' => trim(filter_input(INPUT_POST,
'WP_PAYMENT_VAR', FILTER_UNSAFE_RAW)), //ID USER or NUMBER PAY
'time' =>
trim(filter_input(INPUT_POST, 'WP_PAYMENT_DATE', FILTER_UNSAFE_RAW)),
//DATE 2020-03-30 10:44:15
'id' => trim(filter_input(INPUT_POST,
'WP_PAYMENT_ID', FILTER_UNSAFE_RAW)), //ID Pay
'com' =>
trim(htmlspecialchars(base64_decode($_POST['WP_PAYMENT_COMM']), ENT_QUOTES,
'UTF-8')), // Commetnts
'hash' => trim(filter_input(INPUT_POST,
'WP_PAYMENT_HASH', FILTER_UNSAFE_RAW)), //Hash
);
$hash =
strtoupper(hash('sha256', implode(":", WP_HASH.WP_ID)));
if($hash
!= $wp['hash']) exit('NO | Не верный хэш');
elseif(WP_ID !=
$wp['platform']) exit('NO | Не верный ID
платформы');
$update = $db->prepare("UPDATE `users` SET
`money` = `money` + ? WHERE `id` = ?");
$update ->
execute([$wp['money'],$wp['var']]);
exit('YES|'.$wp['id']);
}
?>