<?php
include_once ('../core/base.php');
include_once ('../core/func.php');
$db = DB::getInstance();
// ответ для xsolla
function response($id = 400, $code = '', $message = '') {
header("HTTP/1.1 $id");
$json = array("error" => array("code" => $code, "message" => $message));
echo json_encode($json);
exit;
}
// проверка существования игрока
function check_user($id) {
global $db;
$id = abs(intval($id));
if ($id == 0) {
return false;
}
$sql = $db->prepare('SELECT `id` FROM `users` WHERE `id` = ? LIMIT 1');
$sql->execute([$id]);
if ($sql->rowCount() > 0) {
return true;
}
return false;
}
// проверка подписи
function check_sign($req, $xsolla, $sign) {
$sign_my = 'Signature ' . sha1($req . $xsolla);
if ($sign_my != $sign) {
return false;
}
return true;
}
// успешный платеж
function payment($t_id, $p_date, $p_curr, $p_amount, $id_user, $v_name, $v_count) {
global $db;
$sql = $db->prepare('SELECT `id` FROM `xsolla_payment` WHERE `transaction_id` = ? LIMIT 1');
$sql->execute([$t_id]);
if ($sql->rowCount() > 0) {
return true;
}
$sql = $db->prepare("INSERT INTO `xsolla_payment` (`transaction_id`,
`payment_date`,
`payment_currency`,
`payment_amount`,
`id_user`,
`currency_name`,
`currency_count`) VALUES (?, ?, ?, ?, ?, ?, ?)");
$sql->execute([$t_id, $p_date, $p_curr, $p_amount, $id_user, $v_name, $v_count]);
$sql = $db->prepare('SELECT `id` FROM `users` WHERE `id` = ? LIMIT 1');
$sql->execute([$id_user]);
if ($sql->rowCount() > 0) {
$text = 'Поступил платёж на сумму: ' . $v_count . ' <img src="/images/icons/gold.png" width="20" />';
// Бонус от покупки
$getSale = $db->query("SELECT * FROM `avenax_admin` WHERE `id` = '1'")->fetch();
if (!empty($getSale) && $getSale['sale_xsolla_time'] > time()) {
$bonus = ($v_count / 100) * $getSale['sale_xsolla'];
$v_count += $bonus;
$text .= ' + бонус, на сумму: ' . $bonus . ' <img src="/images/icons/gold.png" width="20" />. Удачной игры!';
}
$sql = $db->prepare('UPDATE `users` SET `gold` = `gold` + ? WHERE `id` = ? LIMIT 1');
$sql->execute(array($v_count, $id_user));
$task= $db->query("SELECT * FROM `task_user` WHERE `id_user` = '$id_user' AND `location` = 'pay'")->fetch();
$gold=$task['need_implement']-$task['progress'];
$get=$v_count; if($get>$gold)$get=$gold;
if($get>0){
$db->exec("INSERT INTO `mail` SET `sent_id` = '2', `received_id` = '" . intval($id_user) . "', `text` = '$text' , `time` = '" . time() . "'");
$db->query("UPDATE `task_user` SET `progress` = `progress` + $get WHERE `id_user` = $id_user AND `id` = '$task[id]'");
}
if ($db->query("SELECT COUNT(*) FROM `kont` WHERE `id_user` = '" . intval($id_user) . "' && `id_kont` = '2' LIMIT 1")->fetchColumn() == false) {
$db->exec("INSERT INTO `kont` SET `id_user` = '" . intval($id_user) . "', `id_kont` = '2', `time` = '" . time() . "'");
}
$db->exec("INSERT INTO `mail` SET `sent_id` = '2', `received_id` = '" . intval($id_user) . "', `text` = '$text' , `time` = '" . time() . "'");
return true;
} else {
return false;
}
}
// отмена платежа
function refund($p_curr, $p_amount, $id_user, $v_name, $v_count) {
global $db;
$sql = $db->prepare("INSERT INTO `xsolla_payment` (`transaction_id`,
`payment_date`,
`payment_currency`,
`payment_amount`,
`id_user`,
`currency_name`,
`currency_count`) VALUES (?, ?, ?, ?, ?, ?, ?)");
$sql->execute([0, 'REFUSAL_TO_PAY', $p_curr, $p_amount, $id_user, $v_name, $v_count]);
return true;
}
// входящие заголовки
$header = getallheaders();
$post = file_get_contents("php://input");
// проверка подписи
if (!check_sign($post, XSOLLA_CODE, $header['Authorization'])) {
response(400, 'INVALID_SIGNATURE');
}
// входящие данные
$req = json_decode($post);
// тип запроса
$type = $req->notification_type;
// ид пользователя
$id = $req->user->id;
if ($type == 'user_validation') {
if (check_user($id)) {
response(204);
} else {
response(400, 'INVALID_USER');
}
} elseif ($type == 'payment') {
// Название валюты
$valuta_name = $req->purchase->virtual_currency->name;
// Количество валюты
$valuta_count = $req->purchase->virtual_currency->quantity;
// Ид платежа в xsolla
$transaction_id = $req->transaction->id;
// Дата платежа в xsolla
$payment_date = $req->transaction->payment_date;
// Валюта платежа
$payment_currency = $req->payment_details->payment->currency;
// Сумма платежа в валюте
$payment_amount = $req->payment_details->payment->amount;
// Зачисляем валюту пользователю
if (payment($transaction_id, $payment_date, $payment_currency, $payment_amount, $id, $valuta_name, $valuta_count)) {
### ВЫПОЛНЕНИЕ ЗАДАНИЯ ###
$task = $db->query("SELECT * FROM `task_user` WHERE `id_user` = '$id_user' AND `location` = 'pay'")->fetch();
$vip_user = $db->query("SELECT * FROM `vip_user` WHERE `id_user` = '$id_user'")->fetch();
if ($task['status'] != 'complete'){
$sql = $db->prepare('UPDATE `users` SET `gold` = `gold` + ? AND `silver` = `silver` + ? WHERE `id` = ? LIMIT 1');
$sql->execute(array($task['reward_one'],$task['reward_two'], $id_user));
$sql = $db->prepare('UPDATE `task_user` SET `status` = ? WHERE `id` = ? AND `location` = ? LIMIT 1');
$sql->execute(array('complete', $id_user, 'pay'));
}
### ВЫПОЛНЕНИЕ ЗАДАНИЯ ###
if ($vip_user['status'] != 'on'){
$activeTime = time() + 86400;
$sql = $db->prepare('UPDATE `vip_user` SET `activeTime` = ? AND `status` = ? WHERE `id_user` = ? LIMIT 1');
$sql->execute(array($activeTime,'on', $id_user));
}
response(204);
} else {
response(400, 'INVALID_PARAMETER');
}
} elseif ($type == 'refund') {
// Название валюты
$valuta_name = $req->purchase->virtual_currency->name;
// Количество валюты
$valuta_count = $req->purchase->virtual_currency->quantity;
// Валюта платежа
$payment_currency = $req->purchase->virtual_currency->currency;
// Сумма платежа в валюте
$payment_amount = $req->purchase->virtual_currency->amount;
// Вносим отмененный платеж в статистику
if (refund($payment_currency, $payment_amount, $id, $valuta_name, $valuta_count)) {
response(204);
} else {
response(400, 'INVALID_PARAMETER');
}
} else {
response(400, 'INCORRECT_INVOICE');
}
?>