Файл: payment/hash.php
Строк: 5
<?php
require ('../core/sys.php');
if(!isset($_GET['platform']) || !isset($_GET['summa']) || !isset($_GET['key'])){
header('Location: /');
exit;
}
/*Мини защита от замена key и замены суммы*/
$pl = $db->prepare('SELECT * FROM `platform` WHERE `id` = ?');
$pl -> execute([intval($_GET['platform'])]);
$pl = $pl -> fetch(PDO :: FETCH_ASSOC);
$pal = $db->prepare('SELECT * FROM `pay` WHERE `id` = ?');
$pal -> execute([intval($_GET['id'])]);
$pal = $pal -> fetch(PDO :: FETCH_ASSOC);
if($pl['hash_md'] != $_GET['key']) exit('1');
elseif($pal['summa'] != $_GET['summa']) exit('2');
elseif($pal['status'] == 'no') exit('3');
else exit('4');
/*END*/
?>