<?
if(!defined('ROOT_DIR')) die('Что за черт?');
require ROOT_DIR.'/pm.cfg.php';
$summ=$_POST['PAYMENT_AMOUNT'];
$passphrase=strtoupper(md5($pm['in_phrase']));
$hash=$_POST['PAYMENT_ID'].':'.$_POST['PAYEE_ACCOUNT'].':'.
$_POST['PAYMENT_AMOUNT'].':'.$_POST['PAYMENT_UNITS'].':'.
$_POST['PAYMENT_BATCH_NUM'].':'.
$_POST['PAYER_ACCOUNT'].':'.$passphrase.':'.
$_POST['TIMESTAMPGMT'];
$id=(int)$_POST['ID_USER'];
$hash=strtoupper(md5($hash));
$ident=$id;
$timestampgt=$_POST['TIMESTAMPGMT'];//$a
$payment_batch_num=$_POST['PAYMENT_BATCH_NUM'];//$b
$payment_id=$_POST['PAYMENT_ID'];//$c
$payee_account=$_POST['PAYEE_ACCOUNT'];//$d
$payment_amount=$_POST['PAYMENT_AMOUNT'];//$e
$payment_units=$_POST['PAYMENT_UNITS'];//$f
$payer_account=$_POST['PAYER_ACCOUNT'];//$g
function additionlPaymentCheckingUsingAPI($a,$b,$c,$d,$e,$ft,$g){
require ROOT_DIR.'/pm.cfg.php';
$ld=date("d", $a-86400*2);
$nd=date("d", $a+86400*2);
$pathf='https://perfectmoney.is/acct/historycsv.asp?AccountID='.$pm['out_id'].'&PassPhrase='.$pm['out_pass'].'&startmonth='.date("m", $a-86400*2).'&startday='.$ld.'&startyear='.date("Y", $a-86400*2).'&endmonth='.date("m",$a+86400*2).'&endday='.$nd.'&endyear='.date("Y",$a+86400*2).'&paymentsreceived=1&batchfilter='.$b.'&counterfilter='.$g;
$f=fopen($pathf, 'rb');
if($f===false) return 'error openning url';
$lines=array();
while(!feof($f)) array_push($lines, trim(fgets($f)));
fclose($f);
if($lines[0]!='Time,Type,Batch,Currency,Amount,Fee,Payer Account,Payee Account,Payment ID,Memo'){
$str=$lines[0]."|".date('d.m.y',$a-86400*2)."|".date('d.m.y',$a+86400*2);
return $str;
#return '0000000';
}else{
$ar=array();
$n=count($lines);
if ($n<2) return 'payment not found '.$lines[0].'-0 | '.$lines[1].'-1| '.$n.'-количество строк';
$item=explode(",", $lines[1], 10);
if(count($item)!=10) return $lines[1];
$item_named['Time']=$item[0];
$item_named['Type']=$item[1];
$item_named['Batch']=$item[2];
$item_named['Currency']=$item[3];
$item_named['Amount']=$item[4];
$item_named['Fee']=$item[5];
$item_named['Payer Account']=$item[6];
$item_named['Payee Account']=$item[7];
$item_named['Payment ID']=$item[8];
$item_named['Memo']=$item[9];
// if($item_named['Batch']==$b && $c==$item_named['Payment ID'] && $item_named['Type']=='Income' && $g==$item_named['Payee Account'] && $e==$item_named['Amount'] && $f==$item_named['Currency'] && $d==$item_named['Payer Account']){
if($item_named['Batch']==$b && $c==$item_named['Payment ID'] && $item_named['Type']=='Income' && $g==$item_named['Payee Account'] && $e==$item_named['Amount'] && $d==$item_named['Payer Account'] && $ft==$item_named['Currency']){
return 'OK';
}else{
return 'HOOY';
}
}
}
#$mysqli->query("UPDATE `insys` SET `debug`='1' where `id`='1'");
$apcua=additionlPaymentCheckingUsingAPI($timestampgt,$payment_batch_num,$payment_id,$payee_account,$payment_amount,$payment_units,$payer_account);
#$mysqli->query("UPDATE `insys` SET `debug`='1' where `id`='2'");
$mysqli->query("UPDATE `insys` SET `seedy`='".$apcua."'");
$summ=floatval($_POST['PAYMENT_AMOUNT']);
$summ=abs($summ);
if($hash==$_POST['V2_HASH'] && isset($_POST['PAYMENT_ID']) && isset($_POST['PAYEE_ACCOUNT']) && strlen($_POST['V2_HASH'])==32 && $apcua=='OK'){
if(!is_numeric($_POST['PAYMENT_BATCH_NUM'])){ exit; }
$ch_in=$mysqli->query("SELECT * FROM `insys` where `order_id`='".$_POST['PAYMENT_BATCH_NUM']."' and `ps`='perfect'");
if($ch_in->num_rows>0){ exit; }
$ous=$mysqli->query("SELECT `id`,`email`,`partner_id` FROM `users` where `id`='".$ident."'");
if($ous->num_rows==0){ exit; }
$row=$ous->fetch_assoc();
$ps='perfect';
$summ_m=$_POST['PAYMENT_AMOUNT'];
$summ_m=floatval($summ_m);
$v='руб.';
if($ps=='perfect') $summ_m=$summ_m*$course;
if($ps=='perfect') $v="$";
$summ_c=intval($summ_m*1000);
$log=array(
'type' =>1,
'ident' =>$ident,
'val1' =>number_format($_POST['PAYMENT_AMOUNT'],2,'.',' ')." ".$v,
'val2' =>number_format($summ_c,0,'',' '),
'val3' =>$ps,
'val4' =>0
);
$SEED->in_log($log);
$SEED->insys($ident,$summ_c,$summ_m,$_POST['PAYMENT_BATCH_NUM'],$ps);
#$SEED->pushme('Ввод PERFECT',$tex);
}
exit('end');
?>