Файл: ewar/pay/pay_project.php
Строк: 110
<?php
include("../includes/config.php");
$secret_key = '6o5SJT4ZMAGYedM4';
function check_request() {
global $secret_key;
$com = $_GET['command'];
$vartotojo_id = $_GET['v1'];
$md = $com.$vartotojo_id.$secret_key;
if ($_GET['md5'] == md5($md)) {
if (mysql_num_rows(mysql_query("SELECT id FROM vartotojai WHERE id='$vartotojo_id'")) != false) {
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<result>0</result>
<comment>OK</comment>
</response>';
return;
}
}
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<result>7</result>
<comment>Account is disabled or not present.</comment>
</response>';
}
function pay_request() {
global $secret_key;
global $ADMIN_ID;
$com = $_GET['command'];
$id = $_GET['id'];
$id_shop = time() + $id;
$sum = $_GET['sum'];
$date = $_GET['date'];
$v1 = $_GET['v1'];
$md = $com.$v1.$id.$secret_key;
$vartotojo_id = (int) $_GET['v1'];
if ($_GET['md5'] == md5($md)) {
if (mysql_num_rows(mysql_query("SELECT id FROM vartotojai WHERE id='$vartotojo_id'")) != false) {
$q = mysql_query("SELECT id,sum,id_shop from 2pay_data WHERE id='$id'");
if (mysql_num_rows($q) != false) {
$r = mysql_fetch_assoc($q);
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<id>'.$id.'</id>
<id_shop>'.$r['id_shop'].'</id_shop>
<sum>'.$r['sum'].'</sum>
<result>0</result>
<comment>Request alredy done</comment>
</response>';
return;
}
#Akcija:
$action = golden_action($vartotojo_id);
if ($action['golden_action'] != false) {
user_golden_bonus_update($action, $vartotojo_id, $sum);
}
mysql_query("INSERT INTO 2pay_data (id,v1,sum,dat) values ('$id','$v1','$sum','$date')");
mysql_query("UPDATE vartotojai SET g=g+$sum WHERE id='$vartotojo_id'");
mysql_query("INSERT INTO auksiniu_log (id,nick_id,txt,data) VALUES('','$vartotojo_id','+$sum (XSolla).','".date("Y-m-d H:i:s")."')");
$premija = mysql_query("SELECT * FROM premijos WHERE nick_id='$vartotojo_id'");
if (mysql_num_rows($premija) != false) {
$premija = mysql_fetch_assoc($premija);
$vartotojas = mysql_fetch_assoc(mysql_query("SELECT * FROM vartotojai WHERE id='".$premija['kieno']."'"));
$auksas = $vartotojas['g'] + round($sum * 0.2);
mysql_query("UPDATE vartotojai SET g='$auksas' WHERE id='".$premija['kieno']."'");
mysql_query("INSERT INTO `inbox` SET `kieno`='".$premija['kieno']."',`busena`='+',`nuo_ko_ar_kam`='$ADMIN_ID',`zinute`='[bonusas_uz_atv*](".$vartotojas['nick']."):<br/><img src="img/icons/gold.png" alt="*"/> ".round($sum * 0.2)."',`kada`='".time()."',`type`='1'");
}
$q = mysql_query("SELECT * FROM `user_q` WHERE `user`='$vartotojo_id' AND `complete`='0' AND `q`='3'");
if (mysql_num_rows($q) != 0) {
$user_q = mysql_fetch_assoc($q);
$quest = quests($user_q['q']);
$dm = mysql_fetch_assoc(mysql_query("SELECT * FROM vartotojai WHERE id='$vartotojo_id'"));
if ($user_q['c'] < $quest['c']) {
$sum2 = $sum;
if ($dm['g'] + $sum2 > $quest['c']) {
$sum2 = $quest['c'] - $user_q['c'];
}
mysql_query ("UPDATE `user_q` SET `c`=`c`+$sum2 WHERE `user`='$vartotojo_id' AND `q`='".$quest['id']."'");
}
}
$s = mysql_query("SELECT * FROM `strides` WHERE `user`='$vartotojo_id' AND `complete`='0' AND `s`='3'");
if (mysql_num_rows($s) != 0) {
$strides = mysql_fetch_assoc($s);
$stride = strides($strides['s']);
if ($strides['c'] < $stride['c']) {
$pridesime = $sum;
if ($strides['c'] + $pridesime > $stride['c']) {
$pridesime = $stride['c'] - $strides['c'];
}
if ($strides['c'] + $pridesime == $stride['c']) {
$complete = 1;
$force = mysql_fetch_assoc(mysql_query("SELECT `str`, `def`, `force` FROM `vartotojai` WHERE `id` = '$vartotojo_id'"));
if($force['force'] == 1) {
$force['str'] = force($force['str']);
}
else
{
$force['def'] = force($force['def']);
}
mysql_query("UPDATE `vartotojai` SET `str` = '".($force['str'] + 50)."', `vit` = `vit` + 50, `agi` = `agi` + 50, `def` = '".($force['def'] + 50)."', `force_updated` = '0' WHERE `id` = '$vartotojo_id'");
}
else
{
$complete = 0;
}
mysql_query("UPDATE `strides` SET `c`=`c`+$pridesime,`complete`='$complete' WHERE `user`='$vartotojo_id' AND `s`='".$stride['id']."'");
}
}
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<id>'.$id.'</id>
<id_shop>'.$id_shop.'</id_shop>
<sum>'.$sum.'</sum>
<result>0</result>
</response>';
return;
}
}
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<id>'.$id.'</id>
<id_shop>'.$id_shop.'</id_shop>
<sum>'.$sum.'</sum>
<result>1</result>
<comment>Temporarily error</comment>
</response>';
}
function cancel_request() {
$com = $_GET['command'];
$id = $_GET['id'];
$md = $com.$v1.$secret_key;
echo '<?xml version="1.0" encoding="windows-1251"?>
<response>
<result>7</result>
<comment>Account is disabled or not present.</comment>
</response>';
}
function execute() {
$com = $_GET['command'];
switch($com) {
case 'check': check_request();
break;
case 'pay': pay_request();
break;
case 'cancel': cancel_request();
break;
}
}
header("Content-Type: text/xml");
execute();
?>