<?PHP
require 'classes/_pconf.class.php';
if (!in_array($_SERVER['REMOTE_ADDR'], array('185.71.65.92', '185.71.65.189', '149.202.17.210'))) return;
$payeer_conf = new pconf();
if (isset($_POST["m_operation_id"]) && isset($_POST["m_sign"])){
$m_key = $payeer_conf->shop_key;
$arHash = array($_POST['m_operation_id'],
$_POST['m_operation_ps'],
$_POST['m_operation_date'],
$_POST['m_operation_pay_date'],
$_POST['m_shop'],
$_POST['m_orderid'],
$_POST['m_amount'],
$_POST['m_curr'],
$_POST['m_desc'],
$_POST['m_status'],
$m_key);
$sign_hash = strtoupper(hash('sha256', implode(":", $arHash)));
if ($_POST["m_sign"] == $sign_hash && $_POST['m_status'] == "success"){
$id_insert = intval($_POST['m_orderid']);
$db->Query("SELECT * FROM inserts_ops WHERE id = '{$id_insert}'");
if($db->NumRows() == 0){ echo htmlspecialchars($_POST['m_orderid'])."|error"; exit;}
$insert_row = $db->FetchArray();
if($insert_row["status"] > 1){ echo htmlspecialchars($_POST['m_orderid'])."|success"; exit;}
$arr_types = array('insert'=>true,'temporary_buy'=>true);
if(array_key_exists($insert_row['type_op'], $arr_types)){
if($insert_row['type_op'] == 'insert'){
$db->Query("UPDATE inserts_ops SET status = '2' WHERE id = '{$id_insert}'");
$db->Query("UPDATE inserts SET status = '2' WHERE op_id = '{$id_insert}'");
$money = $insert_row["money"];
$user_id = intval($insert_row["user_id"]);
$time = time();
// Обновляем баланс
$db->Query("SELECT * FROM users_ref WHERE user_id = '{$user_id}'");
$user_data = $db->FetchArray();
$ref_1 = ($money * 0.05);
$db->Query("UPDATE users_conf SET b_out = b_out + '$ref_1' WHERE user_id = '".$user_data['ref_1']."'");
$db->Query("UPDATE users_conf SET b_pur = b_pur + '{$money}' WHERE id = '{$user_id}'");
$db->Query("UPDATE users_ref SET to_ref_1 = to_ref_1 + '{$ref_1}' WHERE id = '{$user_id}'");
$db->Query("SELECT * FROM competition WHERE id = '1'");
$comp_dat = $db->FetchArray();
if ($comp_dat['active'] == '2') {
$active_id = intval($comp_dat['active_id']);
$referer = intval($user_data['ref_1']);
$db->Query("SELECT * FROM competitions WHERE id = '{$active_id}'");
if ($db->NumRows() > 0) {
$db->Query("SELECT * FROM competition_users WHERE competition_id = '{$active_id}' AND user_id = '{$referer}'");
if ($db->NumRows() <= 0) {
$db->Query("SELECT login FROM users WHERE id = '{$referer}'");
$login = $db->FetchRow();
$db->Query("INSERT INTO competition_users (user_id,login,money,competition_id) VALUES ('{$referer}','{$login}','{$ref_1}','{$active_id}')");
}else {
$db->Query("UPDATE competition_users SET money = money + $ref_1 WHERE user_id = '{$referer}' AND competition_id = '{$active_id}'");
}
}
}
echo htmlspecialchars($_POST['m_orderid'])."|success";
exit;
}elseif ($insert_row['type_op'] == 'temporary_buy') {
$db->Query("UPDATE inserts_ops SET status = '2' WHERE id = '{$id_insert}'");
$db->Query("SELECT * FROM temporary_buy WHERE op_id = '{$id_insert}'");
$buy_data = $db->FetchArray();
$db->Query("UPDATE temporary_buy SET status = '2' WHERE op_id = '{$id_insert}'");
$money = $insert_row["money"];
$ref_1 = ($money * 0.05);
$db->Query("UPDATE users_conf SET b_out = b_out + '{$ref_1}' WHERE user_id = '".$buy_data['ref']."'");
$type = $buy_data['type'];
$item_id = $buy_data['item_id'];
$time = time();
// Обновляем баланс
$db->Query("UPDATE {$type} SET balance = balance + '{$money}', active = '1' WHERE id = '{$item_id}'");
echo htmlspecialchars($_POST['m_orderid'])."|success";
exit;
}
}
}
echo htmlspecialchars($_POST['m_orderid'])."|error";
exit;
}
echo htmlspecialchars("|error");
exit;
?>