if (isset($_GET['id']) && is_numeric($_GET['id_shop']) && isset($_GET['summ']) && is_numeric($_GET['summ']) && isset($_GET['hash']))
	{
	$sql=mysql_query("SELECT * FROM `table` WHERE `id` = '".$_GET['id']."'");
	if (mysql_num_rows($sql)>0)
		{
		$data=mysql_fetch_assoc($sql);
		$act = 1;
		if ($_GET['summ']<=0)
			{
echo "Bad summ";			}
			elseif($_GET['hash']!=$data['hash'])
			{
echo "Bad hash";			}
			else
			{
			mysql_query("INSERT INTO `table2` (`shop`, `time`, `summ`) values('".$_GET['id']."', '".time()."', '".$_GET['summ']."')");
			$id_pay=mysql_insert_id();
			echo intval($id_pay);
			}
		}else 	echo "Bad id_shop";
	}