Файл: payment/pay/freekassa/result.php
Строк: 27
<?php
require ($_SERVER['DOCUMENT_ROOT'].'/core/sys.php');
define ('fk_id', '190288'); # fk_id - ID мазагина в free-kassa.ru http://free-kassa.ru/merchant/cabinet/help/
define ('fk_key', 'tr8z72h9'); # fk_key - Секретное слово http://free-kassa.ru/merchant/cabinet/profile/tech.php
$sign = md5(fk_id.':'.$_REQUEST['AMOUNT'].':'.fk_key.':'.$_REQUEST['MERCHANT_ORDER_ID']); # check
if ($sign == $_REQUEST['SIGN']):
$pay = $db->prepare('SELECT * FROM `pay` WHERE `id` = ?');
$pay -> execute([$_REQUEST['MERCHANT_ORDER_ID']]);
$pay = $pay -> fetch(PDO :: FETCH_ASSOC);
$client = $db->prepare('SELECT * FROM `platform` WHERE `id` = ?');
$client -> execute([$pay['platform']]);
$client = $client -> fetch(PDO :: FETCH_ASSOC);
if( $curl = curl_init() ) {
curl_setopt($curl, CURLOPT_URL, $client['success']);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, "MNM_PAY_ID=$id&MNM_PRICE={$_REQUEST['AMOUNT']}&MNM_VAR={$pay['var']}&MNM_DATE_PAY={$time}&MNM_PLATFORM={$client['id']}&MNM_COM={$pay['com']}");
$out = curl_exec($curl);
curl_close($curl);
}
if($out == 'NO'){
header('location :'.$client['error']);
$sql = $db->prepare('UPDATE `pay` SET `status` = ?,`ot` = ? WHERE `id` = ?');
$sql -> execute(['bad',$out,$id]);
exit();
}else{
$sql = $db->prepare('UPDATE `pay` SET `ot` = ? WHERE `id` = ?');
$sql -> execute([$out,$id]);
}
$time = vremja($pay['value']);
$money = $db->prepare('UPDATE `platform` SET `money` = ? WHERE `id` = ?');
$money -> execute([$client['money']+$pay['summa'],$client['id']]);
$us = $db->prepare('UPDATE `users` SET `money` = ? WHERE `id` = ?');
$us -> execute([$user['money']-($pay['summa']+$pay['summa']*0.05),$user['id']]);
die('YES');
else:
die('ERROR');
endif;