title Пополнение баланса include_once sys fnc php IF _POST LMI_PREREQU

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?
$title = 'Пополнение баланса';
include_once '../../../sys/fnc.php';
IF($_POST['LMI_PREREQUEST']==1) {
if(trim($_POST['LMI_PAYEE_PURSE'])!="R400141185976") { ///Ваш кош
echo "ERR:НЕВЕРНЫЙ КОШЕЛЕК ".$_POST['LMI_PAYEE_PURSE'];
exit;
}
//////////////////////////////
//////////////////////////////
echo 'YES';
} else {
$secret_key="83-4hs_df902nsv83bsnfg_eo23dfg";
$common_string = $_POST['LMI_PAYEE_PURSE'].$_POST['LMI_PAYMENT_AMOUNT'].$_POST['LMI_PAYMENT_NO'].
$_POST['LMI_MODE'].$_POST['LMI_SYS_INVS_NO'].$_POST['LMI_SYS_TRANS_NO'].
$_POST['LMI_SYS_TRANS_DATE'].$secret_key.$_POST['LMI_PAYER_PURSE'].$_POST['LMI_PAYER_WM'];
$hash = strtoupper(md5($common_string));
if($hash!=$_POST['LMI_HASH']) exit;
$getuser = mysql_query("SELECT `id`, `balance` FROM `user` WHERE `id` = {$_POST[LMI_PAYMENT_NO]} LIMIT 1");
$users = mysql_fetch_array($getuser);
mysql_query("UPDATE `user` SET `balance` = ".($users['balance'] + $_POST['LMI_PAYER_PURSE'])." WHERE `id` = '".$users[id]."'");
mysql_query("INSERT INTO `history_money` (`user`, `money`, `mp`, `usl`, `time`) values('$users[id]', '".sprintf("%.02f",$_POST[LMI_PAYER_PURSE])."', '1', 'Пополнил баланс', '".time()."')");
/*
$payment_no = $_POST[LMI_PAYMENT_NO];
mysql_query("UPDATE `user` SET `balance` = '".($users['balance'] + $_POST[LMI_PAYER_PURSE])."' WHERE `id` = '".$payment_no."'");
*/
}
?>